The strategy archetype is a design factor that describes how an enterprise uses information and
technology to achieve its goals and objectives. There are six strategy archetypes defined in COBIT
2019: customer intimacy, product leadership, operational excellence, compliance-driven, data-
driven, and innovation-driven. Each archetype has different implications for the governance and
management of information and technology in terms of focus areas, processes, practices, roles,
structures, and metrics. The best approach when determining which strategy archetype most closely
aligns with an enterprise’s own strategy is to select the one that reflects the enterprise’s information
and technology risk profile, which is another design factor that describes how an enterprise
identifies, assesses, responds to, monitors, and reports on information and technology risks. The risk
profile helps to determine the level of risk appetite and tolerance that an enterprise has for its
information and technology activities, as well as the level of control and assurance that is required
for its governance framework. By selecting the strategy archetype that matches the risk profile, an
enterprise can ensure that its governance framework is appropriate for its context and
objectives5 Reference: 5: COBIT 2019 Design Guide, page 35-39 : COBIT 2019 Design Guide, page 41-
43
