IT Governance

Department
  • Master's Program Management, Communication & IT
Course unit code
  • MCI-M-2-ITG-ITG-ILV
Number of ECTS credits allocated
  • 5.0
Name of lecturer(s)
  • FH-Prof. Dr. Kohlegger Michael, DI (FH) Glatz Michael, MSc, Dilger Thomas, BA MA, Dipl.-Ing. Sint Rolf, Mag. Zoller Michael
Mode of delivery
  • face-to-face
Recommended or required reading
  • - Haes, S. de, van Grembergen, W., Joshi, A., & Huygh, T. (2020). Enterprise Governance of Information Technology: Achieving Alignment and Value in Digital Organizations / Steven De Haes, Win Vam Grembergen, Anant Joshi, Tim Huygh (3rd ed.). Management for Professionals Ser. Springer.
    - Beims, M. (2015). IT-Service-Management in der Praxis mit ITIL: Der Einsatz von ITIL Edition 2011, ISO/IEC 20000:2011, COBIT 5 und PRINCE2 (4., überarb. und erw. Aufl). München: Hanser.
    - Fry, M. (2012). ITIL lite: A road map to full or partial ITIL implementation (2nd ed.). London: Stationery Office.
    - Gaulke, M. (2014). Praxiswissen COBIT - Val IT - Risk IT: Grundlagen und praktische Anwendung für die IT- Governance (2., akt. u. erw. Aufl). Heidelberg, Neckar: dpunkt.
    - Harmer, G. (2013). Governance of enterprise IT based on COBIT 5: A management guide. Ely, Cambridgeshire, U.K.: IT Governance Pub.
    - Johannsen, W., & Goeken, M. (2011). Referenzmodelle für IT-Governance: Methodische Unterstützung der Unternehmens-IT mit COBIT, ITIL & Co (2., aktualisierte und erw. Aufl.). Heidelberg: dpunkt-Verl.
    - Keller, W. (2012). IT-Unternehmensarchitektur: Von der Geschäftsstrategie zur optimalen IT-Unterstützung: dpunkt.verlag.
    - Kleiner, F. (2013). IT Service Management: Aus der Praxis für die Praxis. Wiesbaden: Springer Vieweg.
    - Knoll, M., & Böhm, M. (2014). Praxisorientiertes IT- Risikomanagement: Konzeption, Implementierung und Überprüfung (1. Aufl). Heidelberg: dpunkt.verlag.
    - Moeller, R. (2014). Executive's guide to COSO internal controls: Understanding and implementing the new framework. Wiley corporate F & A. Hoboken, New Jersey: John Wiley & Sons.
Level of course unit
  • Master
Year of study
  • Spring 2026
Semester when the course unit is delivered
  • 2
Language of instruction
  • English
Learning outcomes of the course unit
  • Students gain an in-depth knowledge of different applications of enterprise governance and their necessity in external and internal communication, as well as in the management of modern large enterprises and corporations. Students will apply the different methods, tools and IT governance frameworks and establish, based on practical examples, the relationship between compliance and performance in modern enterprises. Using caselets, students are guided to demonstrate their competencies in a problem-oriented, agile and critical manner, in discussions and example assignments, in order to become competent contacts for the management or for the management of the IT department of a company. By combining the competence of continuous application of vertical integration of different frameworks such as COBIT, ITIL or COSO, as well as compliance and risk management approaches in IT, the students have the skills to assess the interrelationships between real economic and IT-relevant conditions and developments and to independently identify relevant processes, possible threats and improvement potentials and to independently draw adaptive conclusions and inferences.
Prerequisites and co-requisites
  • Please note: Prior knowledge in the field of process management and controlling required!
Course contents
  • • Terms and definitions
    • Basics of governance and management concepts with a special focus on enterprise IT
    • Critical stakeholders
    • Methods, tools and frameworks of enterprise and IT governance
    • Governance standards including COSO, COBIT, ITIL ...
    • Differentiation from IT service management
    • Vertical integration
    • Basics of risk management
    • Enterprise Risk Management
    • Risk frameworks esp. COSO II
    • ISO 31000:2018
    • Integration of a risk culture and networking with the internal control system
    • Simulation vs. analytical risk aggregation
    • Application of the learned knowledge in specific completed case studies (caselets)
Planned learning activities and teaching methods
  • The course comprises an interactive mix of lectures, discussions and individual and group work.

Back

We use cookies on our website. Some of them are essential for the operation of the site, while others help us to improve this site and the user experience (tracking cookies). You can decide for yourself whether you want to allow cookies or not. Please note that if you reject them, you may not be able to use all the functionalities of the site.

Accept Decline
Privacy Policy