CGEIT – Certified in the Governance of Enterprise IT Certificate...
Domain 1: Framework for the Governance of Enterprise IT (25%)
Ensure the definition, establishment, and management of a framework for the governance of enterprise IT in alignment with the mission, vision and values of the enterprise.
Domain 1—Knowledge Statements:
- Knowledge of components of a framework for the governance of enterprise IT
- Knowledge of IT governance industry practices, standards and frameworks (for example, COBIT, Information Technology Infrastructure Library [ITIL], International Organization for Standardization [ISO] 20000, ISO 38500)
- Knowledge of business drivers related to IT governance (for example, legal, regulatory and contractual requirements)
- Knowledge of IT governance enablers (for example, principles, policies and frameworks; processes; organizational structures; culture, ethics and behaviour; information; services, infrastructure and applications; people, skills and competencies)
- Knowledge of techniques used to identify IT strategy (for example, SWOT, BCG Matrix)
- Knowledge of components, principles, and concepts related to enterprise architecture (EA)
- Knowledge of Organizational structures and their roles and responsibilities (for example, enterprise investment committee, program management office, IT strategy committee, IT architecture review board, IT risk management committee)
- Knowledge of methods to manage organizational, process and cultural change
- Knowledge of models and methods to establish accountability for information requirements, data and system ownership; and IT processes
- Knowledge of IT governance monitoring processes/mechanisms (for example, balanced scorecard (BSC)
- Knowledge of IT governance reporting processes/mechanisms
- Knowledge of communication and promotion techniques
- Knowledge of assurance methodologies and techniques
- Knowledge of continuous improvement techniques and processes
Domain 2: Strategic Management (20%)
Ensure that IT enables and supports the achievement of enterprise objectives through the integration and alignment of IT strategic plans with enterprise strategic plans.
Domain 2—Knowledge Statements:
- Knowledge of an enterprise’s strategic plan and how it relates to IT
- Knowledge of strategic planning processes and techniques
- Knowledge of impact of changes in business strategy on IT strategy
- Knowledge of barriers to the achievement of strategic alignment
- Knowledge of policies and procedures necessary to support IT and business strategic alignment
- Knowledge of methods to document and communicate IT strategic planning processes (for example, IT dashboard/balanced scorecard, key indicators)
- Knowledge of components, principles and frameworks of enterprise architecture (EA)
- Knowledge of current and future technologies
- Knowledge of prioritization processes related to IT initiatives
- Knowledge of scope, objectives and benefits of IT investment programs
- Knowledge of IT roles and responsibilities and methods to cascade business and IT objectives to IT personnel
Domain 3: Benefits Realization (16%)
Ensure that IT-enabled investments are managed to deliver optimized business benefits and that benefit realization outcome and performance measures are established, evaluated and progress is reported to key stakeholders.
Domain 3—Knowledge Statements:
- Knowledge of IT investment management processes, including the economic life cycle of investments
- Knowledge of basic principles of portfolio management
- Knowledge of benefit calculation techniques (for example, earned value, total cost of ownership, return on investment)
- Knowledge of process and service measurement techniques (for example, maturity models, benchmarking, key performance indicators [KPIs])
- Knowledge of processes and practices for planning, development, transition, delivery, and support of IT solutions and services
- Knowledge of continuous improvement concepts and principles
- Knowledge of outcome and performance measurement techniques (for example, service metrics, key performance indicators [KPIs])
- Knowledge of procedures to manage and report the status of IT investments&
- Knowledge of cost optimization strategies (for example, outsourcing, adoption of new technologies)
- Knowledge of models and methods to establish accountability over IT investments
- Knowledge of value delivery frameworks (for example, Val IT)
- Knowledge of business case development and evaluation techniques
Domain 4: Risk Optimization (24%)
Ensure that an IT risk management framework exists to identify, analyze, mitigate, manage, monitor, and communicate IT-related business risk, and that the framework for IT risk management is in alignment with the enterprise risk management (ERM) framework.
Domain 4—Knowledge Statements:
- Knowledge of the application of risk management at the strategic, portfolio, program, project and operations levels
- Knowledge of risk management frameworks and standards (for example, RISK IT, the Committee of Sponsoring Organizations of the Treadway Commission Enterprise Risk Management—Integrated Framework (2004) [COSO ERM], International Organization for Standardization (ISO) 31000)
- Knowledge of the relationship of the risk management approach to legal and regulatory compliance
- Knowledge of methods to align IT and enterprise risk management (ERM)
- Knowledge of the relationship of the risk management approach to business resiliency (for example, business continuity planning [BCP] and disaster recovery planning [DRP])
- Knowledge of risk, threats, vulnerabilities and opportunities inherent in the use of IT
- Knowledge of types of business risk, exposures and threats (for example, external environment, internal fraud, information security) that can be addressed using IT resources
- Knowledge of risk appetite and risk tolerance
- Knowledge of quantitative and qualitative risk assessment methods
- Knowledge of risk mitigation strategies related to IT in the enterprise
- Knowledge of methods to monitor effectiveness of mitigation strategies and/or controls
- Knowledge of stakeholder analysis and communication techniques
- Knowledge of methods to establish key risk indicators (KRIs)
- Knowledge of methods to manage and report the status of identified risk
Domain 5: Resource Optimization (15%)
Ensure the optimization of IT resources including information, services, infrastructure and applications, and people, to support the achievement of enterprise objectives.
Domain 5—Knowledge Statements:
- Knowledge of IT resource planning methods
- Knowledge of human resource procurement, assessment, training, and development methodologies
- Knowledge of processes for acquiring application, information, and infrastructure resources
- Knowledge of outsourcing and offshoring approaches that may be employed to meet the investment program and operation level agreements (OLAs) and service level agreements (SLAs)
- Knowledge of methods used to record and monitor IT resource utilization and availability
- Knowledge of methods used to evaluate and report on IT resource performance
- Knowledge of interoperability, standardization and economies of scale