In COBIT® 2019, governance system design requires a structured and objective method to translate multiple design factors—such as enterprise goals, risk profile, compliance requirements, and threat landscape—into prioritized governance and management objectives. The Design Guide explicitly describes the use of scoring models and weighted assessments when determining priorities across objectives. A matrixed scoring methodology enables enterprises to systematically evaluate and compare governance objectives against multiple criteria simultaneously.
Unlike an IT strategic plan, which provides direction but not prioritization logic, or expected performance outcomes, which are results rather than decision tools, a scoring methodology allows quantitative comparison across diverse inputs. Risk tolerance alone influences prioritization but does not provide a complete mechanism for resolving conflicts among competing objectives.
The Design Guide emphasizes that design factors should be translated into governance and management priorities, and this translation is operationalized through scoring tables and priority matrices. These matrices help enterprises visualize trade-offs, resolve conflicting demands, and ensure that the final governance system reflects enterprise context in a repeatable, auditable, and transparent manner. This makes a matrixed scoring methodology the most effective enabler for prioritization.
