Information Systems Strategy and Governance (3 cr)
Code: TX00FI92-3002
General information
- Enrollment
-
05.05.2025 - 13.08.2025
Registration for implementation has not started yet.
- Timing
-
18.08.2025 - 22.08.2025
The implementation has not yet started.
- Number of ECTS credits allocated
- 3 cr
- Mode of delivery
- On-campus
- Unit
- School of ICT and Industrial Management
- Campus
- Leiritie 1
- Teaching languages
- English
- Seats
- 0 - 25
- Teachers
- ICT Exchange Teacher
- Course
- TX00FI92
Objective
The aim of this course is to enable students to develop an understanding of information controls, their impact on the organisation, and how to manage and audit them.
Learning Outcomes/ Objectives:
Upon successful completion of this course the student should be able to:
1. Analyse the strategic, tactical, and operational roles of Business Process.
2. Evaluate how strategic decisions are made concerning acquiring IS resources and capabilities including the ability to evaluate the different sourcing options.
3. Analyse the role of IT control and service management frameworks from the perspective of managing the IS function in an organization.
4. Understanding the design and implement of assurance procedures and control measures to effectively manage risks.
5. Demonstrate an understanding of best practices, standards, and regulatory requirements governing information and controls that may vary for an organization’s locations and customers. Gain the ability to measure the degree of compliance with them; and
6. Discuss the role of auditing in systems development, including the review of the development process and participation in systems under development.
Content
Lesson 1:
- IT Governance Concepts
- Importance of IT Governance for All Enterprises .
- Fundamental Governance Concepts and Sarbanes-Oxley Rules
- Enterprise Governance and Governance, Risk & Compliance (GRC)
- Tools Enterprise Governance of IT
Lesson 2
- Frameworks to Support Effective IT Governance
- IT Governance and Committee of Sponsoring Organizations of the Treadway Commission (COSO) Internal Controls
- Control Objectives for Information and Related Technologies (COBIT) as a Framework for Enterprise Governance of Information Technology
- Information Technology Infrastructure Library (ITIL) and IT Service Management Guidance
- IT Governance Standards: ISO 9001, 27002, and 38500
- IT Governance Issues: Risk Management, COSO Enterprise Risk Management (ERM), and Open Compliance & Ethics Group (OCEG) Guidance
Lesson 3
- IT Governance Rules
- Gramm-Leach-Bliley Act IT Governance Rules
- Specific Legal Frameworks (Namibia, Finland) – Case study
Lesson 4
- Building and Monitoring Effective IT Governance Systems
- The Role of standardized Technology and Language in Informatics
Lesson 5
- IT Governance and Enterprise Objectives
- Business/IT Alignment
- IT-Enabled Value
Materials
Recommended Reading
• De Haes, S. & Van Grembergen, W. (2015). Enterprise governance of information technology:
Achieving alignment and value, featuring COBIT 5. Springer International Publishing. ISBN: 978-3-
319-14546-4
• Leignel, J., Ungaro, T & Staar, A. (2016). Digital transformation: Information system governance
(Information Systems, Web and Pervasive Computing: Advances in Information Systems Set) 1st
Edition. Wiley-ISTE. ISBN-13: 978- 1786300898
• The Open Group Standard, TOGAF Version 9.1
Evaluation scale
0-5
Assessment methods and criteria
Assessment Type
2 x Exercise Individual work
1 x Class individual work
1 x Group work
1 group presentation
Qualifications
None
Objective
The aim of this course is to enable students to develop an understanding of information controls, their impact on the organisation, and how to manage and audit them.
Learning Outcomes/ Objectives:
Upon successful completion of this course the student should be able to:
1. Analyse the strategic, tactical, and operational roles of Business Process.
2. Evaluate how strategic decisions are made concerning acquiring IS resources and capabilities including the ability to evaluate the different sourcing options.
3. Analyse the role of IT control and service management frameworks from the perspective of managing the IS function in an organization.
4. Understanding the design and implement of assurance procedures and control measures to effectively manage risks.
5. Demonstrate an understanding of best practices, standards, and regulatory requirements governing information and controls that may vary for an organization’s locations and customers. Gain the ability to measure the degree of compliance with them; and
6. Discuss the role of auditing in systems development, including the review of the development process and participation in systems under development.
Content
Lesson 1:
- IT Governance Concepts
- Importance of IT Governance for All Enterprises .
- Fundamental Governance Concepts and Sarbanes-Oxley Rules
- Enterprise Governance and Governance, Risk & Compliance (GRC)
- Tools Enterprise Governance of IT
Lesson 2
- Frameworks to Support Effective IT Governance
- IT Governance and Committee of Sponsoring Organizations of the Treadway Commission (COSO) Internal Controls
- Control Objectives for Information and Related Technologies (COBIT) as a Framework for Enterprise Governance of Information Technology
- Information Technology Infrastructure Library (ITIL) and IT Service Management Guidance
- IT Governance Standards: ISO 9001, 27002, and 38500
- IT Governance Issues: Risk Management, COSO Enterprise Risk Management (ERM), and Open Compliance & Ethics Group (OCEG) Guidance
Lesson 3
- IT Governance Rules
- Gramm-Leach-Bliley Act IT Governance Rules
- Specific Legal Frameworks (Namibia, Finland) – Case study
Lesson 4
- Building and Monitoring Effective IT Governance Systems
- The Role of standardized Technology and Language in Informatics
Lesson 5
- IT Governance and Enterprise Objectives
- Business/IT Alignment
- IT-Enabled Value
Qualifications
None