Which framework would be best described as providing a comprehensive model for IT governance and management across the enterprise?

COBIT is designed to provide a comprehensive model for IT governance and management across the enterprise. It covers both how IT should be governed—ensuring IT decisions align with business goals, deliver value, and manage risk—and how IT processes should be managed day to day, including planning, building, running, and monitoring activities. This framework offers a complete set of governance and management objectives, with metrics and practices that span the entire organization, making it well suited to enterprise-wide governance of IT. It’s also designed to integrate with other standards and frameworks (like ITIL for service management) while maintaining its focus on IT governance at the enterprise level. Other options don’t fit as broadly. PCI-DSS is a security standard focused specifically on protecting cardholder data, not on governing IT across the enterprise. ISO/IEC 27000 family centers on information security management systems and controls, not the full governance and management of all IT processes. COSO provides general enterprise risk management and internal control guidance for the organization, but it isn’t IT-specific and doesn’t offer the complete, integrated IT governance and management model COBIT provides.