Which statement best describes COBIT's purpose?

COBIT is a framework built to guide IT governance and the management of IT controls across an organization. It provides a comprehensive set of governance and management objectives, processes, and metrics that help leaders ensure IT supports business goals, manages risk, and delivers value. This broad focus on directing and measuring how IT should operate and be controlled is what makes COBIT the best description of its purpose. The other descriptions describe more specialized areas. Payment card data security standards (like PCI DSS) define how to protect cardholder data, which is a specific security requirement rather than a framework for governing IT as a whole. Certification of external vendors isn’t the role of COBIT itself, which focuses on governance and control objectives rather than certifying suppliers. Governing the software development lifecycle points to SDLC-specific practices, whereas COBIT addresses governance and control across all IT processes to ensure alignment with business needs and overall risk management.