Write a Study Material Item
The following primary references can be used for CGEIT exam preparation. These represent publications that address the CGEIT domains and the use of an IT governance framework. These were used as references in the development of the CGEIT domains, tasks and knowledge statements. When reading these documents, an exam candidate should focus on the IT governance principles and practices that are presented and discussed.
The CGEIT Review Manual 2014 is a reference guide designed to assist individuals in preparing for the Certified in the Governance of Enterprise IT (CGEIT) exam and individuals wishing to understand the roles and responsibilities of someone with significant management, advisory or assurance responsibilities relating to the governance of enterprise IT.
The CGEIT Review Questions, Answers & Explanations Manual 2013 consists of 60 multiple-choice study questions designed to provide CGEIT candidates with an understanding of the type and structure of questions and content that will appear on the CGEIT exam.
The CGEIT Review Questions, Answers & Explanations Manual 2013 Supplement features 60 new sample questions, answers and explanations to help candidates effectively prepare for the 2013 CGEIT exam.
The CGEIT Review Questions, Answers & Explanations Manual 2014 Supplement consists of 60 multiple-choice study questions designed to provide CGEIT candidates with an understanding of the type and structure of questions and content that will appear on the CGEIT exam.
The following primary references can be used for CGEIT exam preparation. These represent publications that address the CGEIT domains and the use of an IT governance framework. These were used as references in the development of the CGEIT domains, tasks and knowledge statements. When reading these documents, an exam candidate should focus on the IT governance principles and practices that are presented and discussed. The following publications are available for purchase or download:
- COBIT 5—COBIT 5 is the only business framework for the governance and management of enterprise IT. This evolutionary version incorporates the latest thinking in enterprise governance and management techniques, and provides globally accepted principles, analytical tools and models to help increase the trust in, and value from, information systems. COBIT 5 builds and expands on COBIT 4.1 by integrating other major frameworks standards and resources.
- COBIT 5: Enabling Processes—A detailed reference guide to the processes defined in the COBIT 5 process reference model. This includes the COBIT 5 goals cascade, a process model explanation, governance and management practices, and the process reference model.
- COBIT 5: Enabling Information—COBIT 5: Enabling Information is a reference guide that provides a structured way of thinking about information governance and management issues in any type of organization. This structure can be applied throughout the life cycle of information, from conception and design, through building information systems, securing information, using and providing assurance over information, and to the disposal of information.
- IT Governance for CEOs and Members of the Board By Bryn TT Phillips— This book gives a concise overview of Information Technology Governance and is geared towards those who need to understand it the most, but usually have the least time to do so:-CEO's and members of the board! It provides a summary of the reasons IT Governance is required, a brief description of the elements of IT Governance, and, most importantly, gives guidance with regards to the responsibilities of the Board. This book also gives guidance as to what is required of the Board and CEO, and what should be delegated to the CIO and others.
- Frameworks for IT Management—This itSMF publication covers the most important frameworks and describes in a structured format the specific characteristics.
No representation or warranties assuring the candidate’s passage of the exam are made by ISACA in regard to these or other association publications or courses.
Other Recommended References
The following other recommended references can also be used for CGEIT exam preparation. These represent publications, articles, and links to frameworks, standards and guidance. Often these references only address an aspect or approach to IT governance.
- ITGI Roundtable Discussions—From time to time, ITGI sits down with industry experts and discusses the current state of IT governance, then shares their thoughts, concerns and suggestions on this increasingly important topic.
- Unlocking Value London, UK, December 2008
- Value Delivery Orlando, Florida, USA, October 2008
- Defining IT Governance Brisbane Australia, September 2008
- IT Staffing Challenges Las Vegas, Nevada, USA, April 2008
- IT Governance Frameworks Boston, Massachusetts, USA, November 2007
- IT Governance Trends Boston, Massachusetts, USA, November 2007
- Global Status Report on the Governance of Enterprise IT, 2011—This report features the results of an ITGI study to survey global executives relative to perceptions and use of IT governance worldwide.
- Enterprise Value: Governance of IT Investments: The Business case—Presents the eight steps of developing an effective business case and provides useful tools for each.
- IT Governance: Developing a Successful Governance Strategy: A Best Practice Guide for Decision Makers in IT—A best practice guide developed by the National Computing Centre to capture and define best practice across the key aspects of successful business.
- The Balanced Scorecard and IT Governance—This article, reprinted from the ISACA Journal, presents how the IT balanced scorecard can be linked to the business balanced scorecard.
- IT Savvy Pays Off: How Top Performers Match IT Portfolios and Organizational Practices—An article from the Massachusetts Institute of Technology (MIT) - Sloan School of Management, MIT Sloan Research Paper No. 4560-05, May 2005, by Peter Weill and Sinan Aral.
- System-of-Systems Governance: New Patterns of Thought—An article from the Software Engineering Institute/Carnegie Mellon, October 2006, by Ed Morris, Pat Place and Dennis Smith.
- Governance, Risk and Compliance Handbook—This book provides a comprehensive framework for a sustainable governance model.
Purchase the Book
- Implementing Information Technology Governance: Models, Practices, Cases—This book provides practical guidance and a detailed set of IT governance structures, processes and relational mechanisms for implementing IT governance or improving existing governance models.
Purchase the Book
- CIO Best Practices: Enabling Strategic Value with Information Technology, 2nd Edition—This book describes achieving and exercising strategic IT leadership including IT performance management using the balanced scorecard and how to measure and manage customer value.
Purchase the Book
ISACA Journal Articles
- Volume 4, 2012—Seven Myths of Information Governance: By Vasant Raval, DBA, CISA, and Greg Dyche
- Volume 3, 2012—Project Portfolio Management: By Aarni Heiskanen, LJK
- Volume 2, 2012—Changing the Mind-set: Creating a Risk-conscious and Security-aware Culture: By John P. Pironti, CISA, CISM, CGEIT, CRISC, CISSP, ISSAP, ISSMP
- Volume 2, 2012—Strengthening Information Security Governance: By Ed Gelbstein, Ph.D.
- Volume 1, 2012—Effective IT Governance Through the Three Lines of Defense, Risk IT and COBIT: By Ronke Oyemade, CISA, CRISC, PMP
- Volume 5, 2011—IT Governance and the Cloud: Principles and Practice for Governing Adoption of Cloud Computing: By Ron Speed, CISA, CRISC, CA
- Volume 5, 2011—The Impact of Governance on Identity Management Programs: By Rafael Etges, CISA, CRISC, CIPP/C, CISSP, and Anderson Ruysam, CRISC, CISSP, ITIL
- Volume 1, 2011—Information Security From a Business Perspective: A Lottery Sector Case Study: By Christos K. Dimitriadis, Ph.D., CISA, CISM
- CMMI®—Capability Maturity Model® Integration (CMMI) is a process improvement approach.
- TOGAF™—The Open Group Architecture Framework (TOGAF) is a framework for developing an enterprise architecture.
- ISO/IEC 27001—Information security management
- ISO/IEC 20000-1-2011—ISO/IEC 20000-1-2011 is a service management system (SMS) standard.
- ISO 31000 – Risk Management—SO 31000:2009, Risk management – Principles and guidelines, provides principles, framework and a process for managing risk.
- ISO/IEC 38500:2008—Guiding principles for directors of organizations on the effective, efficient, and acceptable use of information technology within their organizations.
- COSO/ERM—This framework defines essential enterprise risk management components, discusses key ERM principles and concepts, suggests a common ERM language, and provides clear direction and guidance for enterprise risk management.