Information Systems Strategy and Governance (3 ECTS)

Objective

The aim of this course is to enable students to develop an understanding of information controls, their impact on the organisation, and how to manage and audit them.

Learning Outcomes/ Objectives:
Upon successful completion of this course the student should be able to:
1. Analyse the strategic, tactical, and operational roles of Business Process.
2. Evaluate how strategic decisions are made concerning acquiring IS resources and capabilities including the ability to evaluate the different sourcing options.
3. Analyse the role of IT control and service management frameworks from the perspective of managing the IS function in an organization.
4. Understanding the design and implement of assurance procedures and control measures to effectively manage risks.
5. Demonstrate an understanding of best practices, standards, and regulatory requirements governing information and controls that may vary for an organization’s locations and customers. Gain the ability to measure the degree of compliance with them; and
6. Discuss the role of auditing in systems development, including the review of the development process and participation in systems under development.

Content

Lesson 1:
- IT Governance Concepts
- Importance of IT Governance for All Enterprises .
- Fundamental Governance Concepts and Sarbanes-Oxley Rules
- Enterprise Governance and Governance, Risk & Compliance (GRC)
- Tools Enterprise Governance of IT

Lesson 2
- Frameworks to Support Effective IT Governance
- IT Governance and Committee of Sponsoring Organizations of the Treadway Commission (COSO) Internal Controls
- Control Objectives for Information and Related Technologies (COBIT) as a Framework for Enterprise Governance of Information Technology
- Information Technology Infrastructure Library (ITIL) and IT Service Management Guidance
- IT Governance Standards: ISO 9001, 27002, and 38500
- IT Governance Issues: Risk Management, COSO Enterprise Risk Management (ERM), and Open Compliance & Ethics Group (OCEG) Guidance

Lesson 3
- IT Governance Rules
- Gramm-Leach-Bliley Act IT Governance Rules
- Specific Legal Frameworks (Namibia, Finland) – Case study

Lesson 4
- Building and Monitoring Effective IT Governance Systems
- The Role of standardized Technology and Language in Informatics

Lesson 5
- IT Governance and Enterprise Objectives
- Business/IT Alignment
- IT-Enabled Value

Materials

Recommended Reading
• De Haes, S. & Van Grembergen, W. (2015). Enterprise governance of information technology: Achieving alignment and value, featuring COBIT 5. Springer International Publishing. ISBN: 978-3-319-14546-4
• Leignel, J., Ungaro, T & Staar, A. (2016). Digital transformation: Information system governance (Information Systems, Web and Pervasive Computing: Advances in Information Systems Set) 1st Edition. Wiley-ISTE. ISBN-13: 978- 1786300898
• The Open Group Standard, TOGAF Version 9.1

Teaching methods

The course will be facilitated through lectures, tutorials/laboratories, case studies, exercises, and presentation of course content.

Assessment methods and criteria

Assessment Type
2 x Exercise Individual work
1 x Class individual work
1 x Group work
1 group presentation

Qualifications

None