ISO 27001/ISO 27002 vs COBIT

I use the ISO27001 and ISO27001 the controls to build a robust framework on this subject, but there are many people who say i should use COBIT 5 instead of ISO. What are the main differences between them? What are the advantages of using one or another. In a company with xxx stores and xxx employees is important to define the way before starting to work on this issue. I was grateful if I could give your opinion, obviously non-binding.

Answer:

ISO 27001/ISO 27002 and COBIT are similar, although COBIT is focused on IT governance while ISO 27001/ISO 27002 are focused on information security, furthermore COBIT is only a framework that you cannot certify, while you can obtain a certificate of ISO 27001 after the implementation. By the way, in the implementation you can use the guideline of best practices of the ISO 27002 (it is only a best practices about information security, you cannot certify ISO 27002).
For more information about the differences between ISO 27001 and ISO 27002, you can read this article “ISO 27001 vs. ISO 27002” :  https://advisera.com/27001academy/knowledgebase/iso-27001-vs-iso-27002/
So, if you need an IT governance framework, COBIT will be more useful for you (but keep in mind that you cannot certify it). And if you need a standard focused on information security and certify it, ISO 27001 will be more useful for you (remember that you can use ISO 27002 as guideline of best practices). 
Finally, from my point of view, if your organization has stores, an international certificate like ISO can give you prestige and marketing edge, so with ISO 27001 you will obtain more benefits that with COBIT, anyway please read this article about 4 benefits of ISO 27001 “Four key benefits of ISO 27001 implementation” : https://advisera.com/27001academy/knowledgebase/four-key-benefits-of-iso-27001-implementation/