Information Systems Strategy and GovernanceLaajuus (3 cr)
Course unit code: TX00FI92
General information
- Credits
- 3 cr
- Institution
- Metropolia
Objective
The aim of this course is to enable students to develop an understanding of information controls, their impact on the organisation, and how to manage and audit them.
Learning Outcomes/ Objectives:
Upon successful completion of this course the student should be able to:
1. Analyse the strategic, tactical, and operational roles of Business Process.
2. Evaluate how strategic decisions are made concerning acquiring IS resources and capabilities including the ability to evaluate the different sourcing options.
3. Analyse the role of IT control and service management frameworks from the perspective of managing the IS function in an organization.
4. Understanding the design and implement of assurance procedures and control measures to effectively manage risks.
5. Demonstrate an understanding of best practices, standards, and regulatory requirements governing information and controls that may vary for an organization’s locations and customers. Gain the ability to measure the degree of compliance with them; and
6. Discuss the role of auditing in systems development, including the review of the development process and participation in systems under development.
Content
Lesson 1:
- IT Governance Concepts
- Importance of IT Governance for All Enterprises .
- Fundamental Governance Concepts and Sarbanes-Oxley Rules
- Enterprise Governance and Governance, Risk & Compliance (GRC)
- Tools Enterprise Governance of IT
Lesson 2
- Frameworks to Support Effective IT Governance
- IT Governance and Committee of Sponsoring Organizations of the Treadway Commission (COSO) Internal Controls
- Control Objectives for Information and Related Technologies (COBIT) as a Framework for Enterprise Governance of Information Technology
- Information Technology Infrastructure Library (ITIL) and IT Service Management Guidance
- IT Governance Standards: ISO 9001, 27002, and 38500
- IT Governance Issues: Risk Management, COSO Enterprise Risk Management (ERM), and Open Compliance & Ethics Group (OCEG) Guidance
Lesson 3
- IT Governance Rules
- Gramm-Leach-Bliley Act IT Governance Rules
- Specific Legal Frameworks (Namibia, Finland) – Case study
Lesson 4
- Building and Monitoring Effective IT Governance Systems
- The Role of standardized Technology and Language in Informatics
Lesson 5
- IT Governance and Enterprise Objectives
- Business/IT Alignment
- IT-Enabled Value
Qualifications
None