Home > IT Management > CGEIT: Enhancing IT Governance and IT Management

CGEIT: Enhancing IT Governance and IT Management

IT Governance, IT Standards and the like are really arcane topics – even for those who are responsible for IT management. When thinking about IT Standards and Governance we get a seemingly endless list spread all over creation … and so I gave up trying. I wonder is this why non-IT guys are completely baffled by what it is that we do? Just googling about it overwhelmed me and I’m supposed to be doing this in my day job! Egads!

I made a 2009 New Year’s resolution to become more knowledgeable and educated about IT (also, have to give credit to Nicolas Carr’s provocative book, Does IT Matter?, to know more). Just as one could take the PMP or CAPM certification to start-off one’s Project Management learning journey, I decided to look into ISACA’s CGEIT Certification. Huh? If I weren’t a ISACA member, I wouldn’t have a clue about this.

The body of knowledge is daunting* … and I’m wondering whether or not this is total overkill. Academically, might be nice but practically speaking, how much of this can we really utilize?

Anyways, my expectation is that at the 20,000ft level, this knowledge can provide some framework or guidance for general IT management. In my limited experience, IT management key areas to get up and running fast operationally are:
1. Information enablers
2. Technology enablers
3. Other stuff –

  • Risk and Audit Compliance
  • Records Management
  • Business Continuity Plannning
  • Outsourcing Strategy / Vendor Management
  • People Management – Leadership and Management development

Works pretty well if following the 80-20 rule, but still there are important gaps hence…. CGEIT.

Here are some on-line IT governance resources for the curious IT manager: Standards for IT Standards, IT Governance – A One-Stop Shop for IT Governance, and IT Governance Institute.

Let me warn you though…red pill or blue pill?

* IT Governance Domains Practices and Competencies—Five volume series published by the IT Governance Institute that addresses IT governance practices. And additional 17(!!!) recommended readings.

  • IT Governance Domains Practices and Competencies: IT Alignment – Who Is in Charge?—Explains why IT alignment is important and discusses various means to achieve alignment, such as the IT strategy committee, IT steering committee and IT investment committee.
  • IT Governance Domains Practices and Competencies: Optimizing Value Creation from IT Investments—Focuses on a frequently raised issue in most organizations, the challenge of achieving adequate returns on IT investment.
  • IT Governance Domains Practices and Competencies: Measuring and Demonstrating the Value of IT—Focuses on performance measurement issues.
  • IT Governance Domains Practices and Competencies: Information Risks—Whose Business Are They?—Focuses on information risk management.
  • IT Governance Domains Practices and Competencies: Governance of Outsourcing—Focuses on outsourcing IT activities.
  • COBIT®4.1
  • IT Governance Implementation Guide: Using COBIT and Val IT, 2nd Edition
  • Enterprise Value: Governance of IT Investments: The Val IT Framework
  • Governance of the Extended Enterprise: Bridging Business & IT Strategies
  • Frameworks for IT Management
Categories: IT Management
  1. June 5, 2009 at 4:27 AM

    I agree with you that what we in IT do can be baffling to the outsider and often the insiders as well. We have a long way to go. I look forward to the day when the IT shops of the world are like today’s Finance shops with more consistent organizations and processes.

    Ultimately, the IT contribution to the enterprise is about committed people executing efficient, effective, and integrated strategy-supporting IT processes that deliver strategically-aligned, risk-informed, IT value within given resource constraints.

    The governance of IT in enterprise is about balancing all of that, which often does require the 20,000 ft view, to be sure that the information and related technology that is delivered to the enterprise meets today’s and tomorrow’s business requirements.

  2. June 5, 2009 at 9:58 AM

    Thanks Bob for your comments.

    I’ve read around the blogosphere and IT forums people who also share your hope of having common processes and consistent organizations to support IT shops. It will be like herding cats 🙂 but perhaps that’s the direction we all need to go in some form or another.

    I totally agree with you about what IT’s contribution to the company is – even though it’s a mouthful, good IT depts will achieve it. To do so IMO, it requires an ability to see 20,000ft but also 20,000 leagues under the sea so to speak. The depth and breath of IT’s portfolio is large because it is the foundation in which the company can meet it’s business requirements now and in the future.

    Thanks for reading!

  3. Joseph Braithwaite
    August 6, 2009 at 11:32 PM

    This article and Bob’s comments lead to the overall thought about how do we move toward a consistent group of processes and Methodologies. ISACA and ITIL have started to lay the ground work for this movement and companies that move is these directions will be well ahead of others who don’t. The mountain that ISACA is facing is what the finance area’s faced 100 years ago before regulations were imposed, the SOX years were an attempt to impose some regulations on IT and business and has provided a good first step, now we (as a whole) need to determine what the best approach is and we all need to leap to the second step….a few hundred more of these steps and we should be where we all know we need to be to provide true sustainable value to the business and thus the shareholders.

    PS I just passed my CGEIT exam and am working on getting fully accredited.

  4. August 9, 2009 at 6:33 PM

    Congratulations Joseph on your passing the CGEIT exam! Appreciate the comments and thoughts on the intersection of ITIL and ISACA to help us mature in this area.

    Whether or not it’s imposed from the outside like SOX, it definitely makes sense for us to self-impose some discipline and structures around our governance. It just makes for better management and definitely helps provide key business guidance and success.

    Thanks for reading,

  5. Sam
    December 2, 2009 at 4:59 AM

    Where are decent schools for the CGEIT.
    I looked everywhere.
    I found some stuff on this blog
    but mostly laments about this issue.
    It is a brand new exam.

  6. December 2, 2009 at 8:47 AM

    Thanks Sam for sharing the link. As a new exam there’s definitely some growing pains. I still need to find out about the Dec 13 exam – seems I’ve fallen through the cracks and didn’t receive a notice.


  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: