Strategic IT Management Course Overview

Questions and Answers

What benefit does COBIT provide to boards?

It offers insights on achieving value from I&T. (correct)

It helps in lowering IT costs significantly.

It eliminates the need for technology evaluations.

It provides technical training for IT staff.

How does COBIT assist executive management?

By explaining how to enhance user training programs.

By offering guidance on organizing and monitoring I&T performance. (correct)

By detailing the technical aspects of IT infrastructure.

By providing performance benchmarks for IT operations.

What understanding does COBIT provide to business managers?

Best strategies for contract negotiations with IT vendors.

Techniques for reducing IT department size.

How to obtain necessary I&T solutions and exploit new technologies. (correct)

The best practices for data management.

What is a primary guidance provided to IT managers through COBIT?

Building and structuring the IT department.

Which of the following is NOT a benefit of COBIT for stakeholders?

Immediate technical support for IT issues.

What is the primary focus of IT governance according to Weill and Ross?

Specifying decision rights and accountability framework.

Who primarily determines the decision-making processes in IT governance?

Stakeholders within the organization.

Which aspect of IT governance emphasizes the alignment of business and IT?

Desirable behavior.

What do architecture decisions in IT governance primarily address?

Guidelines for system architecture and integration.

What is NOT included in the definition of IT governance provided by Weill and Ross?

Technical support strategies.

Which aspect of IT governance captures the requirements of the business units?

Business requirements.

Which of the following describes investment decisions in IT governance?

Defining scope, focus, and prioritization for IT projects.

What aspect is emphasized less in Weill and Ross's view of IT governance when compared to COBIT?

Control objectives and indicators.

What does the governance component on culture, ethics, and behavior primarily provide?

Instructions on desired cultural elements for achieving governance objectives

What type of guidance is predominantly provided by the services, infrastructure, and applications governance component?

Generic in nature

Which of the following is a focus of the services, infrastructure, and applications governance component?

Identifying third-party services to support objectives

What does COBIT primarily aim to achieve through its governance system?

Create business value from I&T-enabled investments

What is the main goal of the governance component related to culture, ethics, and behavior?

To foster desired cultural elements for governance success

The acronym COBIT originally stood for what?

Control Objectives for Information and Related Technology

What aspect does the governance component on culture, ethics, and behavior NOT emphasize?

External regulatory compliance requirements

Which of the following is NOT included as part of COBIT?

Risk Management Framework

Why is proper governance essential according to COBIT?

It minimizes errors and maximizes efficiency.

What are the structured tasks of IT management according to COBIT?

Control objectives and processes

Which component of COBIT helps tailor the governance system to the organization?

Governance System Components

How does COBIT facilitate stakeholder satisfaction?

By aligning governance with stakeholder needs.

Which of the following statements best describes the Goals Cascade in COBIT?

It aligns overall business goals with IT objectives.

What is the primary role of assurance providers in IT management?

To manage dependency on external service providers and assure effective internal controls

Which of the following is NOT a responsibility of risk management in IT?

Management of external vendor contracts

What do regulators ensure regarding an enterprise's operations?

They ensure compliance with applicable rules and have a governance system for sustainability

What is the significance of ensuring IT vendor operations are compliant?

They help ensure business continuity and security in partnerships

Which of the following is NOT one of the quality criteria for information as defined by COBIT?

Comprehensible

How does contextual quality of information benefit business objectives?

By ensuring information is relevant in a specific business situation

Which aspect of information quality refers to its protection against unauthorized access?

Secure quality

Why is ensuring secure, reliable, and compliant operations important for business partners?

It supports the integrity and steadiness of business relationships

What is included in the display of Governance and Management Objectives?

A domain name, description, and purpose of the objectives

Which of the following is NOT a component of the governance system?

Marketing and Sales Strategy Components

What does the Goals Cascade describe?

The relationship between governance objectives, alignment goals, and enterprise goals

Which element is crucial for conveying governance objectives clearly?

The focus area used to refer to the COBIT publication

Which component addresses organizational structure within the governance system?

Organizational Structure Components

What aspect is NOT covered by the governance system components?

Real-time project status updates

How are the Governance and Management Objectives defined within the COBIT Core Model?

By their domain name, description, and purpose

What component focuses on ethical behavior within the governance system?

Culture Ethics and Behaviour Components

Study Notes

Strategic IT Management

• The course is offered by the Chair of Business Information Systems at Chemnitz University of Technology.
• The professor is Dr. Barbara Dinter
• The course's website is: http://www.tu-chemnitz.de/wirtschaft/wi1
• The winter semester is 2024/2025

Job Posting

• There is a part-time position available at the Business Information Systems 1 chair.
• Required tasks include research, data analysis, website maintenance, and course revision/support.
• Necessary skills include independent work, teamwork, web development knowledge (HTML, PHP), and proficiency with MS Office software in German and English.
• The link to the position is: https://www.tu-chemnitz.de/wirtschaft/wi1/stellenangebote/hiwi.html

Literature

• ISO/IEC 38500:2015 (en) Information technology - Governance of IT for the organization
• Weill, Peter; Ross, Jeanne: IT Governance - How Top Performers Manage IT. Harvard Business School Press, Boston, 2004.
• COBIT 2019: Introduction & Methodology
• COBIT 2019: Governance & Management Objectives
• Tiemeyer, Ernst: Enterpise IT-Governance
• Yassine Maleh, Abdelkebir Sahid, Mustapha Belaissaoui: Strategic IT Governance and Performance Frameworks in Large Organizations, IGI Global, 2019

Today's Lecture: IT Governance and COBIT

• IT Governance
  • Introduction
  • Understanding according to Weill and Ross
  • IT governance & digital transformation
• COBIT
  • Overview
  • Implementation
  • Reading COBIT 2019

Corporate Governance

• Describes a system of rules, practices, and processes for balancing stakeholder interests (management and shareholders).
• Aims to gain long-term added value for the organization.
• Corporate governance is generally understood and defined.
• Goals: Transparency in internal processes, strengthening internal/organizational controls, and improving the quality of business processes/financial reports.

IT Governance (1)

• IT governance is the subset of corporate governance specifically related to IT.
• It's a core managerial task to ensure the use of IT is strategy-compliant and effective.
• Design of suitable organizational structures and IT processes for efficient IT use and handling potential risks.
• Scope of IT action is defined by goals, processes, and responsibilities, overseen by executive/senior management.

IT Governance (2)

• Decision fields:
  • Determining the role of IT in the organization.
  • Alignment of business and IT strategy.
  • Requirements and risk management.
  • IT product and service portfolio.
  • Regulation of responsibilities and guidelines.
  • Development of IT enterprise architecture.
  • Controlling and auditing IT performance.
• Best practices standards (e.g., COBIT) to support implementation of IT governance.

IT Governance Understanding according to Weill and Ross (1)

• Defining decision rights and the framework for accountability to incentivize desirable behaviors in IT use.
• It's a system of decision rights and responsibilities.
• Determining: who makes decisions on IT, who participates in those decisions, and holding participants accountable for roles.
• Organizational structural and process aspects, fundamental to IT decisions, play a role.
• Business/IT alignment as a primary driver for IT governance.
• Less focus on control mechanisms compared to COBIT.

IT Governance Understanding according to Weill and Ross (2)

• Five aspects of IT governance:
  • (Abstract) principles for IT that support business operations and define fundamental IT rules.
  • Architecture decisions for logical/technical system structure and integration.
  • Infrastructure with shared/central IT services.
  • Business requirements for IT application demands.
  • Investment decisions for structuring, focusing and prioritizing IT projects.

IT Governance and Digital Transformation

• Digital transformation involves leveraging new technologies like social media, mobile devices, etc. to streamline processes, improve customer experience, and create new business models.
• This usually requires a company-wide digital transformation strategy.
• A new area of IT governance: digital transformation governance; that aligns with corporate goals and assigns responsibilities—establishing roles like Chief Digital Officer (CDO) for central digital transformation leadership.

Overview COBIT 2019 (1)

• Motivation behind COBIT 2019: increasing business data and processes requires proper governance to avoid error-prone situations.
• COBIT 2019 is a framework for directing and monitoring Information and Technology (I&T).
• Integrates multiple standards, aims to create business value, and satisfies stakeholder needs via I&T governance systems.

Overview COBIT 2019 (2)

• Main idea is structured IT management through control objectives and processes.
• COBIT includes:
  • Goals Cascade
  • Governance and Management Objectives
  • Governance System Components
  • Stakeholders
  • Information Criteria

Goals Cascading According to COBIT 2019

• Stakeholder Drivers and Needs (balancing benefits, risks, resources to realize value creation).
• 13 Enterprise Goals (e.g., quality of management information, staff skills, motivation, and productivity).
• 13 Alignment Goals (e.g., quality of I&T management information, links between enterprise goals and governance/management objectives)
• 40 Governance and Management Objectives (e.g., managed performance and conformance monitoring).

Governance and Management Objectives

• Total number of objectives: 40.
• Breakdown into governance and management domains.
• Specific objectives relating to particular business and IT functions.
• Objectives cover evaluation, alignment, planning, implementation, and service delivery across the entire organization.

The Governance System Components (1):

• Governance systems' role is to enable meeting governance and management objectives.
• Example (MEA01-Managed Performance and Conformance Monitoring), which includes five processes.
  • Organizational structures
  • Policy recommendations
  • Input information objects
  • Cultural recommendations
  • Skill recommendations.

The Governance System (2):

• Governance system viewed as comprised of core components including culture, ethics, behavior, people/skills, processes, and information (in relation to organizational structures, M&G Objectives, and services/infrastructure/applications).

Stakeholders

• Internal stakeholders (Boards, Executives, Business Managers, IT Managers, Assurance Providers, Risk Management) and external stakeholders (Regulators, Business Partners, IT Vendors) covered.
• Understanding the benefit of COBIT and internal/external stakeholders.

Information Criteria

• Information must satisfy business objectives and conform to certain criteria (quality criteria).
• Criteria include accuracy, objectivity, believability, reputation, relevancy, completeness, currency, appropriate amount, consistent representation, interpretability, understandability, ease of manipulation, availability and accessibility restrictions.

Components of COBIT 2019

• Main books: Introduction & Methodology, Governance & Management Objectives, Implementation Guide, and Design Guide (Excursion).
• Focus areas: COBIT for small and medium enterprises, DevOps, Information and Technology Risk and Information Security.

Overview COBIT 2019

• Inputs (standards, frameworks, regulations, community contribution).
• COBIT Core Reference Model of Governance and Management Objectives.
• Design factors
• Focus areas
• Tailored Enterprise Governance System.
• Information and Technology.
• Priority governance objectives and management guidance based on focus areas for various capabilities (e.g., SME, Security, Risk, DevOps).

Governance System Implementation (1)

• COBIT 2019 consists of 40 governance and management objectives.
• Difficulty in implementing all objectives is acknowledged.
• Focus areas (e.g., SMEs, cybersecurity, digital transformation, cloud computing, DevOps) are needed to select starting points for governance system implementation.

Governance System Implementation (2)

• Design factors influence the design of governance systems impacting strategy, goals, size, risk profiles, threat landscapes, information technologies, roles/responsibilities, and regulatory compliance.

Display of Governance and Management Objectives

• The structure includes a domain name, description and purpose of the objective.
• Focus area refers to the COBIT publication for context and clarification.

Goals Cascade

• Describes the relation between governance and management objectives (and enterprise goals)
• Includes example metrics for each enterprise goal and alignment goal covered.

Processes (1) and (2)

• Each governance and management objective includes specific management practices
• Describes practices through example metrics.
• Activities in relation to capabilities of the enterprise.
• References to other process standards.

Organizational Structure

• Organizational structures are outlined through RACI charts.
• Highlights responsibilities, accountabilities, consultation and information requirements.

Information Flows and Items

• References the outputs from other processes for proper implementation.
• Does not reference every process that receives input output (more detail is provided in a separate table).

People, Skills and Competencies

• Focuses on necessary human resources and skills for attainment of governance and management objectives.
• Based on guidance from the Skills Framework for the Information Age (SFIA version 6).

Principles, Policies and Procedures

• Provides instructions on relevant policies and procedures for the governance objectives.
• Example of policy related guidelines.

Culture, Ethics and Behavior

• Governance element on culture, ethics and behavior for maintaining desired cultural aspects in the organization and achieving the governance/management objective.
• Includes referenced standards.

Services, Infrastructure and Applications

• Information on third-party services, infrastructure types and applications that support the attainment of a governance/management objective.
• Provides primarily generic advice.

Description

Explore the Strategic IT Management course offered by Dr. Barbara Dinter at Chemnitz University of Technology for the winter semester 2024/2025. This course focuses on IT governance, data analysis, and essential skills for a part-time position within the Business Information Systems chair. Ideal for students looking to enhance their knowledge and career prospects in IT management.