Certificate Authentication

Domain 1: Framework for the Governance of Enterprise IT (25%)

Ensure the definition, establishment, and management of a framework for the governance of enterprise IT in alignment with the mission, vision and values of the enterprise.
Domain 1—Knowledge Statements:

• Knowledge of components of a framework for the governance of enterprise IT
• Knowledge of IT governance industry practices, standards and frameworks (for example, COBIT, Information Technology Infrastructure Library [ITIL], International Organization for Standardization [ISO] 20000, ISO 38500)
• Knowledge of business drivers related to IT governance (for example, legal, regulatory and contractual requirements)
• Knowledge of IT governance enablers (for example, principles, policies and frameworks; processes; organizational structures; culture, ethics and behaviour; information; services, infrastructure and applications; people, skills and competencies)
• Knowledge of techniques used to identify IT strategy (for example, SWOT, BCG Matrix)
• Knowledge of components, principles, and concepts related to enterprise architecture (EA)
• Knowledge of Organizational structures and their roles and responsibilities (for example, enterprise investment committee, program management office, IT strategy committee, IT architecture review board, IT risk management committee)
• Knowledge of methods to manage organizational, process and cultural change
• Knowledge of models and methods to establish accountability for information requirements, data and system ownership; and IT processes
• Knowledge of IT governance monitoring processes/mechanisms (for example, balanced scorecard (BSC)
• Knowledge of IT governance reporting processes/mechanisms
• Knowledge of communication and promotion techniques
• Knowledge of assurance methodologies and techniques
• Knowledge of continuous improvement techniques and processes

Domain 2: Strategic Management (20%)

Ensure that IT enables and supports the achievement of enterprise objectives through the integration and alignment of IT strategic plans with enterprise strategic plans.
Domain 2—Knowledge Statements:

• Knowledge of an enterprise’s strategic plan and how it relates to IT
• Knowledge of strategic planning processes and techniques
• Knowledge of impact of changes in business strategy on IT strategy
• Knowledge of barriers to the achievement of strategic alignment
• Knowledge of policies and procedures necessary to support IT and business strategic alignment
• Knowledge of methods to document and communicate IT strategic planning processes (for example, IT dashboard/balanced scorecard, key indicators)
• Knowledge of components, principles and frameworks of enterprise architecture (EA)
• Knowledge of current and future technologies
• Knowledge of prioritization processes related to IT initiatives
• Knowledge of scope, objectives and benefits of IT investment programs
• Knowledge of IT roles and responsibilities and methods to cascade business and IT objectives to IT personnel

Domain 3: Benefits Realization (16%)

Ensure that IT-enabled investments are managed to deliver optimized business benefits and that benefit realization outcome and performance measures are established, evaluated and progress is reported to key stakeholders.
Domain 3—Knowledge Statements:

• Knowledge of IT investment management processes, including the economic life cycle of investments
• Knowledge of basic principles of portfolio management
• Knowledge of benefit calculation techniques (for example, earned value, total cost of ownership, return on investment)
• Knowledge of process and service measurement techniques (for example, maturity models, benchmarking, key performance indicators [KPIs])
• Knowledge of processes and practices for planning, development, transition, delivery, and support of IT solutions and services
• Knowledge of continuous improvement concepts and principles
• Knowledge of outcome and performance measurement techniques (for example, service metrics, key performance indicators [KPIs])
• Knowledge of procedures to manage and report the status of IT investments&
• Knowledge of cost optimization strategies (for example, outsourcing, adoption of new technologies)
• Knowledge of models and methods to establish accountability over IT investments
• Knowledge of value delivery frameworks (for example, Val IT)
• Knowledge of business case development and evaluation techniques

Domain 4: Risk Optimization (24%)

Ensure that an IT risk management framework exists to identify, analyze, mitigate, manage, monitor, and communicate IT-related business risk, and that the framework for IT risk management is in alignment with the enterprise risk management (ERM) framework.
Domain 4—Knowledge Statements:

• Knowledge of the application of risk management at the strategic, portfolio, program, project and operations levels
• Knowledge of risk management frameworks and standards (for example, RISK IT, the Committee of Sponsoring Organizations of the Treadway Commission Enterprise Risk Management—Integrated Framework (2004) [COSO ERM], International Organization for Standardization (ISO) 31000)
• Knowledge of the relationship of the risk management approach to legal and regulatory compliance
• Knowledge of methods to align IT and enterprise risk management (ERM)
• Knowledge of the relationship of the risk management approach to business resiliency (for example, business continuity planning [BCP] and disaster recovery planning [DRP])
• Knowledge of risk, threats, vulnerabilities and opportunities inherent in the use of IT
• Knowledge of types of business risk, exposures and threats (for example, external environment, internal fraud, information security) that can be addressed using IT resources
• Knowledge of risk appetite and risk tolerance
• Knowledge of quantitative and qualitative risk assessment methods
• Knowledge of risk mitigation strategies related to IT in the enterprise
• Knowledge of methods to monitor effectiveness of mitigation strategies and/or controls
• Knowledge of stakeholder analysis and communication techniques
• Knowledge of methods to establish key risk indicators (KRIs)
• Knowledge of methods to manage and report the status of identified risk

Domain 5: Resource Optimization (15%)

Ensure the optimization of IT resources including information, services, infrastructure and applications, and people, to support the achievement of enterprise objectives.
Domain 5—Knowledge Statements:

• Knowledge of IT resource planning methods
• Knowledge of human resource procurement, assessment, training, and development methodologies
• Knowledge of processes for acquiring application, information, and infrastructure resources
• Knowledge of outsourcing and offshoring approaches that may be employed to meet the investment program and operation level agreements (OLAs) and service level agreements (SLAs)
• Knowledge of methods used to record and monitor IT resource utilization and availability
• Knowledge of methods used to evaluate and report on IT resource performance
• Knowledge of interoperability, standardization and economies of scale