Information Systems Strategy and Governance (3 op)

Tavoitteet

The aim of this course is to enable students to develop an understanding of information controls, their impact on the organisation, and how to manage and audit them.

Learning Outcomes/ Objectives:
Upon successful completion of this course the student should be able to:
1. Analyse the strategic, tactical, and operational roles of Business Process.
2. Evaluate how strategic decisions are made concerning acquiring IS resources and capabilities including the ability to evaluate the different sourcing options.
3. Analyse the role of IT control and service management frameworks from the perspective of managing the IS function in an organization.
4. Understanding the design and implement of assurance procedures and control measures to effectively manage risks.
5. Demonstrate an understanding of best practices, standards, and regulatory requirements governing information and controls that may vary for an organization’s locations and customers. Gain the ability to measure the degree of compliance with them; and
6. Discuss the role of auditing in systems development, including the review of the development process and participation in systems under development.

Sisältö

Lesson 1:
- IT Governance Concepts
- Importance of IT Governance for All Enterprises .
- Fundamental Governance Concepts and Sarbanes-Oxley Rules
- Enterprise Governance and Governance, Risk & Compliance (GRC)
- Tools Enterprise Governance of IT

Lesson 2
- Frameworks to Support Effective IT Governance
- IT Governance and Committee of Sponsoring Organizations of the Treadway Commission (COSO) Internal Controls
- Control Objectives for Information and Related Technologies (COBIT) as a Framework for Enterprise Governance of Information Technology
- Information Technology Infrastructure Library (ITIL) and IT Service Management Guidance
- IT Governance Standards: ISO 9001, 27002, and 38500
- IT Governance Issues: Risk Management, COSO Enterprise Risk Management (ERM), and Open Compliance & Ethics Group (OCEG) Guidance

Lesson 3
- IT Governance Rules
- Gramm-Leach-Bliley Act IT Governance Rules
- Specific Legal Frameworks (Namibia, Finland) – Case study

Lesson 4
- Building and Monitoring Effective IT Governance Systems
- The Role of standardized Technology and Language in Informatics

Lesson 5
- IT Governance and Enterprise Objectives
- Business/IT Alignment
- IT-Enabled Value

Oppimateriaalit

Recommended Reading
• De Haes, S. & Van Grembergen, W. (2015). Enterprise governance of information technology:
Achieving alignment and value, featuring COBIT 5. Springer International Publishing. ISBN: 978-3-
319-14546-4
• Leignel, J., Ungaro, T & Staar, A. (2016). Digital transformation: Information system governance
(Information Systems, Web and Pervasive Computing: Advances in Information Systems Set) 1st
Edition. Wiley-ISTE. ISBN-13: 978- 1786300898
• The Open Group Standard, TOGAF Version 9.1

Arviointiasteikko

0-5

Arviointimenetelmät ja arvioinnin perusteet

Assessment Type
2 x Exercise Individual work
1 x Class individual work
1 x Group work
1 group presentation

Esitietovaatimukset

None

Osaamistavoitteet

The aim of this course is to enable students to develop an understanding of information controls, their impact on the organisation, and how to manage and audit them.

Learning Outcomes/ Objectives:
Upon successful completion of this course the student should be able to:
1. Analyse the strategic, tactical, and operational roles of Business Process.
2. Evaluate how strategic decisions are made concerning acquiring IS resources and capabilities including the ability to evaluate the different sourcing options.
3. Analyse the role of IT control and service management frameworks from the perspective of managing the IS function in an organization.
4. Understanding the design and implement of assurance procedures and control measures to effectively manage risks.
5. Demonstrate an understanding of best practices, standards, and regulatory requirements governing information and controls that may vary for an organization’s locations and customers. Gain the ability to measure the degree of compliance with them; and
6. Discuss the role of auditing in systems development, including the review of the development process and participation in systems under development.

Sisältö

Lesson 1:
- IT Governance Concepts
- Importance of IT Governance for All Enterprises .
- Fundamental Governance Concepts and Sarbanes-Oxley Rules
- Enterprise Governance and Governance, Risk & Compliance (GRC)
- Tools Enterprise Governance of IT

Lesson 2
- Frameworks to Support Effective IT Governance
- IT Governance and Committee of Sponsoring Organizations of the Treadway Commission (COSO) Internal Controls
- Control Objectives for Information and Related Technologies (COBIT) as a Framework for Enterprise Governance of Information Technology
- Information Technology Infrastructure Library (ITIL) and IT Service Management Guidance
- IT Governance Standards: ISO 9001, 27002, and 38500
- IT Governance Issues: Risk Management, COSO Enterprise Risk Management (ERM), and Open Compliance & Ethics Group (OCEG) Guidance

Lesson 3
- IT Governance Rules
- Gramm-Leach-Bliley Act IT Governance Rules
- Specific Legal Frameworks (Namibia, Finland) – Case study

Lesson 4
- Building and Monitoring Effective IT Governance Systems
- The Role of standardized Technology and Language in Informatics

Lesson 5
- IT Governance and Enterprise Objectives
- Business/IT Alignment
- IT-Enabled Value

Esitietovaatimukset

None