The role of Enterprise IT Governance is not always clear to organizations looking to manage risk to and in an organization. This official ISACA course provides you with in-depth coverage of the GEIT Framework and its implementation, strategic alignment, benefits realization, risk and resource optimization and Performance measurement. This course is designed specifically for Senior Managers, CIOs, Compliance and IS Professionals, and those looking for more efficient and effective practices to manage IT recourses.
YOU WILL LEARN HOW TO
CGEIT recognizes a broad range of professionals for their knowledge and application of enterprise IT governance principles and practices. As a CGEIT certified professional, you demonstrate that you are capable of bringing IT governance into an organization—that you grasp the complex subject holistically, and therefore, enhance value to the enterprise.
IMPORTANT COURSE INFORMATION
Certification Information
To earn CGEIT certification, you must pass the CGEIT exam and demonstrate five or more years of experience managing, serving in an advisory or oversight role, or otherwise supporting the governance of the IT-related contribution to an enterprise is required to apply for certification. This experience is defined precisely by the domains and task statements described in the CGEIT Job Practice.
Exam Information
Computer-Based Testing (CBT) is offered during three testing windows of eight-week durations. The windows are 1 May-30 June, 1 August-30 September and November-31 December. With ISACA CBT exams, candidates will now receive a preliminary score report at the conclusion of their exam. Official scores will be sent to candidates via email within 10 working days of their exam.
Course Outline
- Knowledge of components of a framework for the governance of enterprise IT
- Knowledge of IT governance industry practices, standards, and frameworks (for example, COBIT, Information Technology Infrastructure Library [ITIL], International Organization for Standardization [ISO] 20000, ISO 38500)
- Knowledge of business drivers related to IT governance (for example, legal, regulatory and contractual requirements)
- Knowledge of IT governance enablers (for example, principles, policies and frameworks; processes; organizational structures; culture, ethics, and behavior; information; services, infrastructure, and applications; people, skills, and competencies)
- Knowledge of techniques used to identify IT strategy (for example, SWOT, BCG Matrix)
- Knowledge of components, principles, and concepts related to enterprise architecture (EA)
- Knowledge of Organizational structures and their roles and responsibilities (for example, enterprise investment committee, program management office, IT strategy committee, IT architecture review board, IT risk management committee)
- Knowledge of methods to manage organizational, process and cultural change
- Knowledge of models and methods to establish accountability for information requirements, data and system ownership; and IT processes
- Knowledge of IT governance monitoring processes/mechanisms (for example, balanced scorecard (BSC)
- Knowledge of IT governance reporting processes/mechanisms
- Knowledge of communication and promotion techniques
- Knowledge of assurance methodologies and techniques
- Knowledge of continuous improvement techniques and processes
- Knowledge of components of a framework for the governance of enterprise IT
- Knowledge of IT governance industry practices, standards, and frameworks (for example, COBIT, Information Technology Infrastructure Library [ITIL], International Organization for Standardization [ISO] 20000, ISO 38500)
- Knowledge of business drivers related to IT governance (for example, legal, regulatory and contractual requirements)
- Knowledge of IT governance enablers (for example, principles, policies and frameworks; processes; organizational structures; culture, ethics, and behavior; information; services, infrastructure, and applications; people, skills, and competencies)
- Knowledge of techniques used to identify IT strategy (for example, SWOT, BCG Matrix)
- Knowledge of components, principles, and concepts related to enterprise architecture (EA)
- Knowledge of Organizational structures and their roles and responsibilities (for example, enterprise investment committee, program management office, IT strategy committee, IT architecture review board, IT risk management committee)
- Knowledge of methods to manage organizational, process and cultural change
- Knowledge of models and methods to establish accountability for information requirements, data and system ownership; and IT processes
- Knowledge of IT governance monitoring processes/mechanisms (for example, balanced scorecard (BSC)
- Knowledge of IT governance reporting processes/mechanisms
- Knowledge of communication and promotion techniques
- Knowledge of assurance methodologies and techniques
- Knowledge of continuous improvement techniques and processes
Module 2: Strategic Management
- Knowledge of an enterprise’s strategic plan and how it relates to IT
- Knowledge of strategic planning processes and techniques
- Knowledge of impact of changes in business strategy on IT strategy
- Knowledge of barriers to the achievement of strategic alignment
- Knowledge of policies and procedures necessary to support IT and business strategic alignment
- Knowledge of methods to document and communicate IT strategic planning processes (for example, IT dashboard/balanced scorecard, key indicators)
- Knowledge of components, principles and frameworks of enterprise architecture (EA)
- Knowledge of current and future technologies
- Knowledge of prioritization processes related to IT initiatives
- Knowledge of scope, objectives and benefits of IT investment programs
- Knowledge of IT roles and responsibilities and methods to cascade business and IT objectives to IT personnel
Module 3: Benefits Realization
- Knowledge of IT investment management processes, including the economic life cycle of investments
- Knowledge of basic principles of portfolio management
- Knowledge of benefit calculation techniques (for example, earned value, total cost of ownership, return on investment)
- Knowledge of process and service measurement techniques (for example, maturity models, benchmarking, key performance indicators [KPIs])
- Knowledge of processes and practices for planning, development, transition, delivery, and support of IT solutions and services
- Knowledge of continuous improvement concepts and principles
- Knowledge of outcome and performance measurement techniques (for example, service metrics, key performance indicators [KPIs])
- Knowledge of procedures to manage and report the status of IT investments&
- Knowledge of cost optimization strategies (for example, outsourcing, adoption of new technologies)
- Knowledge of models and methods to establish accountability over IT investments
- Knowledge of value delivery frameworks (for example, Val IT)
- Knowledge of business case development and evaluation techniques
Module 4: Risk Optimization
- Knowledge of the application of risk management at the strategic, portfolio, program, project and operations levels
- Knowledge of risk management frameworks and standards (for example, RISK IT, the Committee of Sponsoring Organizations of the Treadway Commission Enterprise Risk Management—Integrated Framework (2004) [COSO ERM], International Organization for Standardization (ISO) 31000)
- Knowledge of the relationship of the risk management approach to legal and regulatory compliance
- Knowledge of methods to align IT and enterprise risk management (ERM)
- Knowledge of the relationship of the risk management approach to business resiliency (for example, business continuity planning [BCP] and disaster recovery planning [DRP])
- Knowledge of risk, threats, vulnerabilities and opportunities inherent in the use of IT
- Knowledge of types of business risk, exposures and threats (for example, external environment, internal fraud, information security) that can be addressed using IT resources
- Knowledge of risk appetite and risk tolerance
- Knowledge of quantitative and qualitative risk assessment methods
- Knowledge of risk mitigation strategies related to IT in the enterprise
- Knowledge of methods to monitor effectiveness of mitigation strategies and/or controls
- Knowledge of stakeholder analysis and communication techniques
- Knowledge of methods to establish key risk indicators (KRIs)
- Knowledge of methods to manage and report the status of identified risk
Module 5: Resource Optimization
- Knowledge of IT resource planning methods
- Knowledge of human resource procurement, assessment, training, and development methodologies
- Knowledge of processes for acquiring application, information, and infrastructure resources
- Knowledge of outsourcing and offshoring approaches that may be employed to meet the investment program and operational level agreements (OLAs) and service level agreements (SLAs)
- Knowledge of methods used to record and monitor IT resource utilization and availability
- Knowledge of methods used to evaluate and report on IT resource performance
- Knowledge of interoperability, standardization, and economies of scale