COBIT MEA01.02 - Set Performance And Conformance Targets

by Rajeshwari Kumar


COBIT MEA01.02 focuses on setting performance and conformance targets within an organization. This specific control objective within the COBIT framework is crucial for ensuring that IT processes align with business goals and meet regulatory requirements. By establishing clear targets for performance and conformance, organizations can effectively monitor and manage their IT processes to drive success and mitigate risk.

Defining Performance Targets For Your Organization In COBIT MEA01.02

Need Of Setting Performance And Conformance Targets In COBIT MEA01.02

MEA01.02 is a specific control objective within COBIT that focuses on the need for organizations to set performance and conformance targets in order to measure and monitor the effectiveness of their IT processes. By establishing clear targets, organizations can track their progress towards achieving their strategic goals and ensure that their IT systems are operating in compliance with industry standards.

Setting performance targets allows organizations to establish key performance indicators (KPIs) that are aligned with their overall business objectives. By tracking these KPIs, organizations can identify areas for improvement and make informed decisions to optimize their IT processes. Additionally, performance targets help organizations to measure the impact of their IT investments and ensure that they are delivering value to the business.

Conformance targets, on the other hand, are critical for ensuring that organizations are operating in compliance with relevant laws, regulations, and industry standards. By setting conformance targets, organizations can demonstrate their commitment to good governance practices and mitigate the risks associated with non-compliance. This is especially important in industries that are heavily regulated, such as healthcare or finance, where adherence to strict compliance standards is essential.

Defining Performance Targets For Your Organization In COBIT MEA01.02

Here are some key points to consider when defining performance targets in COBIT MEA01.02:

  1. Align with strategic objectives: The performance targets should directly support the organization's strategic objectives. These targets should be measurable and tied to specific business outcomes that the organization is trying to achieve.
  1. Be specific and measurable: Performance targets should be specific, measurable, achievable, relevant, and time-bound (SMART). This means that they should clearly outline what needs to be achieved, how success will be measured, and the timeframe within which the target needs to be met.
  1. Involve stakeholders: It is crucial to involve key stakeholders in the process of defining performance targets. This ensures that the targets are realistic, relevant, and aligned with the organization's overall goals. Stakeholder buy-in is essential for successful target implementation.
  1. Track progress: Once performance targets are defined, it is important to regularly track and monitor progress towards achieving them. This allows the organization to identify any potential issues or obstacles early on and take corrective actions as needed.
  1. Continuous improvement: Performance targets should not be set in stone. It is essential to continuously review and adjust targets based on changing business needs, market conditions, and internal capabilities. Continuous improvement is key to staying agile and competitive in today's fast-paced business environment.
  1. Use technology: Leveraging technology can help organizations more effectively track and monitor performance targets. Automated tools and systems can provide real-time data and insights, enabling organizations to make informed decisions and take proactive measures to achieve their targets.
IT Governance Framework Toolkit

Establishing Conformance Targets For Regulatory Compliance In COBIT MEA01.02

  1. Understand Regulatory Requirements: The first step in establishing conformance targets is to fully understand the regulatory requirements that apply to your organization. This involves conducting a thorough analysis of relevant regulations and identifying the specific requirements that need to be met.
  1. Identify Critical Control Points: Once regulatory requirements have been identified, the next step is to identify critical control points that must be in place to achieve compliance. These control points are essential for ensuring that regulatory requirements are being met consistently.
  1. Define Conformance Targets: With critical control points identified, the next step is to define conformance targets for each control point. Conformance targets should be specific, measurable, achievable, relevant, and time-bound (SMART) to ensure that they are effective in driving compliance.
  1. Align with Business Objectives: It is important to align conformance targets with the overall business objectives of the organization. By doing so, organizations can ensure that regulatory compliance efforts are not only effective but also support the achievement of strategic goals.
  1. Monitor and Evaluate Compliance: Once conformance targets have been established, it is crucial to monitor and evaluate compliance on an ongoing basis. This involves regular assessments of progress towards conformance targets and making adjustments as needed to ensure continuous compliance.

Continuous Improvement And Adaptation Of Targets In COBIT MEA01.02

  1. Aligning with Business Objectives: The primary goal of COBIT MEA01.02 is to ensure that the organization's enterprise architecture is aligned with its business objectives. This requires a constant evaluation of the current state of the enterprise architecture and the identification of areas where improvements can be made to better support the business.
  1. Setting Clear Targets: In order to drive continuous improvement, it is essential to set clear targets and goals for the enterprise architecture. These targets should be specific, measurable, achievable, relevant, and time-bound (SMART). By setting clear targets, organizations can track their progress and identify areas where further improvements are needed.
  1. Regular Monitoring and Evaluation: Continuous improvement requires regular monitoring and evaluation of the enterprise architecture. This involves conducting assessments to measure the effectiveness of the existing architecture, identifying areas where improvements can be made, and implementing changes to address any gaps or deficiencies.
  1. Adapting to Changes: The business environment is constantly evolving, and organizations must be able to adapt their enterprise architecture to changes in technology, regulations, market trends, and customer preferences. By continuously adapting their targets and strategies, organizations can ensure that their enterprise architecture remains relevant and effective in supporting the business.
  1. Collaboration and Communication: Continuous improvement in enterprise architecture cannot be achieved in isolation. It requires collaboration and communication between different teams and stakeholders within the organization. By fostering a culture of collaboration and open communication, organizations can drive continuous improvement and ensure that their enterprise architecture remains aligned with the business.


Setting performance and conformance targets is crucial for the success of any organization. The COBIT MEA01.02 framework provides a structured approach to defining and aligning these targets with business goals. By implementing this framework, companies can ensure that they are meeting industry best practices and achieving optimal performance. To learn more about COBIT MEA01.02 and how it can benefit your organization, consider adopting this framework and incorporating it into your strategic planning processes.

IT Governance Framework Toolkit