IT Governance

  • Master's Program Management, Communication & IT
Course unit code
Level of course unit
  • Master
Semester when the course unit is delivered
  • 2
Number of ECTS credits allocated
  • 5.0
Name of lecturer(s)
  • Dilger Thomas, BA MA
  • Dr. Schindler Dierk, M.I.L. (Lund)
  • Assoc.-Prof. Priv.-Doz. (Univ.) Dr. Mag. Göbel Georg
Learning outcomes of the course unit
  • Students gain an in-depth knowledge of different applications of enterprise governance and their necessity in external and internal communication, as well as in the management of modern large enterprises and corporations. Students will apply the different methods, tools and IT governance frameworks and establish, based on practical examples, the relationship between compliance and performance in modern enterprises. Using caselets, students are guided to demonstrate their competencies in a problem-oriented, agile and critical manner, in discussions and example assignments, in order to become competent contacts for the management or for the management of the IT department of a company. By combining the competence of continuous application of vertical integration of different frameworks such as COBIT, ITIL or COSO, as well as compliance and risk management approaches in IT, the students have the skills to assess the interrelationships between real economic and IT-relevant conditions and developments and to independently identify relevant processes, possible threats and improvement potentials and to independently draw adaptive conclusions and inferences.
Mode of delivery
  • face-to-face
Prerequisites and co-requisites
  • Please note: Prior knowledge in the field of process management and controlling required!
Course contents
  • - Terms and definitions
    - Basics of governance and management concepts with a special focus on enterprise IT
    - Critical stakeholders
    - Methods, tools and frameworks of enterprise and IT governance
    - Governance standards including COSO, COBIT, ITIL ...
    - Differentiation from IT service management
    - Vertical integration
    - Basics of risk management
    - Enterprise Risk Management
    - Risk frameworks esp. COSO II
    - ISO 31000:2018
    - Integration of a risk culture and networking with the internal control system
    - Simulation vs. analytical risk aggregation
    - Application of the learned knowledge in specific completed case studies (caselets)
Recommended or required reading
  • - Haes, S. de, van Grembergen, W., Joshi, A., & Huygh, T. (2020). Enterprise Governance of Information Technology: Achieving Alignment and Value in Digital Organizations / Steven De Haes, Win Vam Grembergen, Anant Joshi, Tim Huygh (3rd ed.). Management for Professionals Ser. Springer.
    - Beims, M. (2015). IT-Service-Management in der Praxis mit ITIL: Der Einsatz von ITIL Edition 2011, ISO/IEC 20000:2011, COBIT 5 und PRINCE2 (4., überarb. und erw. Aufl). München: Hanser.
    - Fry, M. (2012). ITIL lite: A road map to full or partial ITIL implementation (2nd ed.). London: Stationery Office.
    - Gaulke, M. (2014). Praxiswissen COBIT - Val IT - Risk IT: Grundlagen und praktische Anwendung für die IT- Governance (2., akt. u. erw. Aufl). Heidelberg, Neckar: dpunkt.
    - Harmer, G. (2013). Governance of enterprise IT based on COBIT 5: A management guide. Ely, Cambridgeshire, U.K.: IT Governance Pub.
    - Johannsen, W., & Goeken, M. (2011). Referenzmodelle für IT-Governance: Methodische Unterstützung der Unternehmens-IT mit COBIT, ITIL & Co (2., aktualisierte und erw. Aufl.). Heidelberg: dpunkt-Verl.
    - Keller, W. (2012). IT-Unternehmensarchitektur: Von der Geschäftsstrategie zur optimalen IT-Unterstützung: dpunkt.verlag.
    - Kleiner, F. (2013). IT Service Management: Aus der Praxis für die Praxis. Wiesbaden: Springer Vieweg.
    - Knoll, M., & Böhm, M. (2014). Praxisorientiertes IT- Risikomanagement: Konzeption, Implementierung und Überprüfung (1. Aufl). Heidelberg: dpunkt.verlag.
    - Moeller, R. (2014). Executive's guide to COSO internal controls: Understanding and implementing the new framework. Wiley corporate F & A. Hoboken, New Jersey: John Wiley & Sons.
Planned learning activities and teaching methods
  • The course comprises an interactive mix of lectures, discussions and individual and group work.
Assessment methods and criteria
  • To monitor the students’ learning this course will provide ongoing assignments as a basis for feedback and grading (formative assessment) and/or will evaluate the students learning at the end of the course or an instructional unit via exams, final project reports, essays or seminar papers (summative assessment).
Language of instruction
  • English