Write a Study Material Item
The following primary references can be used for CGEIT exam preparation. These represent publications that address the CGEIT domains and the use of an IT governance framework. These were used as references in the development of the CGEIT domains, tasks and knowledge statements. When reading these documents, an exam candidate should focus on the IT governance principles and practices that are presented and discussed.
The CGEIT Review Manual 2014 is a reference guide designed to assist individuals in preparing for the Certified in the Governance of Enterprise IT (CGEIT) exam and individuals wishing to understand the roles and responsibilities of someone with significant management, advisory or assurance responsibilities relating to the governance of IT.
The CGEIT Review Questions, Answers & Explanations Manual 2013 consists of 60 multiple-choice study questions designed to provide CGEIT candidates with an understanding of the type and structure of questions and content that will appear on the CGEIT exam.
The CGEIT Review Questions, Answers & Explanations Manual 2013 Supplement features 60 new sample questions, answers and explanations to help candidates effectively prepare for the 2013 CGEIT exam.
The CGEIT Review Questions, Answers & Explanations Manual 2014 Supplement consists of 60 multiple-choice study questions designed to provide CGEIT candidates with an understanding of the type and structure of questions and content that will appear on the CGEIT exam.
The following primary references can be used for CGEIT exam preparation. These represent publications that address the CGEIT domains and the use of an IT governance framework. These were used as references in the development of the CGEIT domains, tasks and knowledge statements. When reading these documents, an exam candidate should focus on the IT governance principles and practices that are presented and discussed. The following publications are available for purchase or download:
- Board Briefing on IT Governance, 2nd Edition—Briefing that explores the meaning of IT governance, its relationship to enterprise governance and the actions boards and senior management should take to affect IT governance.
- IT Governance Domains Practices and Competencies—Five-volume series published by the IT Governance Institute that addresses IT governance practices. Available only as a download:
- IT Governance Domains Practices and Competencies: IT Alignment—Who Is in Charge?—Explains why IT alignment is important and discusses various means to achieve alignment, such as the IT strategy committee, IT steering committee and IT investment committee.
- IT Governance Domains Practices and Competencies: Optimizing Value Creation from IT Investments—Focuses on a frequently raised issue in most organizations: The challenge of achieving adequate returns on IT investment.
- IT Governance Domains Practices and Competencies: Measuring and Demonstrating the Value of IT—Focuses on performance measurement issues.
- IT Governance Domains Practices and Competencies: Information Risks—Whose Business Are They?—Focuses on information risk management.
- IT Governance Domains Practices and Competencies: Governance of Outsourcing—Focuses on outsourcing IT activities.
- COBIT5—COBIT 5 is the only business framework for the governance and management of enterprise IT. This evolutionary version incorporates the latest thinking in enterprise governance and management techniques, and provides globally accepted principles, analytical tools and models to help increase the trust in,and value from, information systems. COBIT 5 builds and expands on COBIT 4.1 by integrating other major frameworks standards and resources.
- Implementing and Continually Improving IT Governance—This publication enhances, expands and improves on the content of the prior ISACA IT Governance Implementation Guide Using COBIT and Val IT™, 2nd edition publication. It incorporates valuable references to cutting edge research from ISACA publications. This guide provides an approach for implementing IT governance in such a way that the implementation team can get started in an effective and efficient manner, establishing a good practice approach for implementing and maintaining effective IT governance based on a continual improvement life cycle that should be tailored to suit the enterprise’s specific needs. A complimentary download is available to ISACA members.
- Enterprise Value: Governance of IT Investments: The Val IT Framework—A governance framework for IT-enabled investments.
- Frameworks for IT Management—This itSMF publication covers the most important frameworks and describes in a structured format the specific characteristics.
No representation or warranties assuring the candidate’s passage of the exam are made by ISACA in regard to these or other association publications or courses.
Other Recommended References
The following other recommended references can also be used for CGEIT exam preparation. These represent publications, articles, and links to frameworks, standards and guidance. Often these references only address an aspect or approach to IT governance.
- ITGI Roundtable Discussions—From time to time, ITGI sits down with industry experts and discusses the current state of IT governance, then shares their thoughts, concerns and suggestions on this increasingly important topic.
- Unlocking Value London, UK, December 2008 (176K)
- Value Delivery Orlando, Florida, USA, October 2008 (164K)
- Defining IT Governance Brisbane Australia, September 2008 (170K)
- IT Staffing Las Vegas, Nevada, USA, April 2008 (129K)
- IT Governance Frameworks Boston, Massachusetts, USA, November 2007 (103K)
- IT Governance Trends Boston, Massachusetts, USA, November 2007 (PDF, 103K)
- IT Governance Global Status Report 2008—This report features the results of an ITGI study to survey global executives relative to perceptions and use of IT governance worldwide.
- Enterprise Value: Governance of IT Investments: The Business case—Presents the eight steps of developing an effective business case and provides useful tools for each.
- Aligning COBIT® 4.1, ITIL® V3 and ISO/IEC 27002 for Business Benefit—This management briefing is the result of a joint study, initiated by the ITGI and UK government's Office of Government Commerce (OGC) that addresses best practices and the need for senior business and IT managers to better understand the value of IT best practices and how to implement them.
- COBIT Control Practices: Guidance to Achieve Control Objectives for Successful IT Governance, 2nd Edition—This guide presents control practices and approaches supporting the prevention, detection and correction of undesired events through responsible use of resources, appropriate management of risk and the delivery of value to business.
- IT Governance: Developing a Successful Governance Strategy: A Best Practice Guide for Decision Makers in IT
A best practice guide developed by the National Computing Centre to capture and define best practice across the key aspects of successful business.
- The Balanced Scorecard and IT Governance
This article, reprinted from the ISACA Journal, presents how the IT balanced scorecard can be linked to the business balanced scorecard.
- IT Savvy Pays Off: How Top Performers Match IT Portfolios and Organizational Practices—An article from the Massachusetts Institute of Technology (MIT) - Sloan School of Management, MIT Sloan Research Paper No. 4560-05, May 2005, by Peter Weill and Sinan Aral.
- System-of-Systems Governance: New Patterns of Thought—An article from the Software Engineering Institute/Carnegie Mellon, October 2006, by Ed Morris, Pat Place and Dennis Smith.
- Governance, Risk and Compliance Handbook—This book provides a comprehensive framework for a sustainable governance model.
Purchase the Book
- Implementing Information Technology Governance: Models, Practices, Cases—This book provides practical guidance and a detailed set of IT governance structures, processes and relational mechanisms for implementing IT governance or improving existing governance models.
Purchase the Book
- CIO Best Practices: Enabling Strategic Value with Information Technology, 2nd Edition—This book describes achieving and exercising strategic IT leadership including IT performance management using the balanced scorecard and how to measure and manage customer value.
Purchase the Book
- Volume 3, 2008—Recognising the Need for Val IT: Identifying Tipping Points for Value Management: By Sarah Harries and Peter Harrison, FCPA
- Volume 2, 2008— Key Elements of an Information Risk Management Program: Transforming Information Security Into Information Risk Management: By John P. Pironti, CISA, CISM, CGEIT, CISSP, ISSAP, ISSMP
Practices in IT Governance and Business/IT Alignment: By Steven De Haes, Ph.D., and Wim Van Grembergen, Ph.D.
- Volume 1, 2008— Dysfunctional Operations in IT: By Kent Anderson, CISM
- Volume 6, 2007— How Does the Business Drive IT? Identifying, Prioritising and Linking Business and IT Goals: By Wim Van Grembergen, Steven De Haes and Hilde Van Brempt
The Rule of Four of IT Governance: By Erik Guldentops, CISA, CISM
- Volume 5, 2007 The IT Balanced Scorecard Revisited: By Alec Cram, CISA, CISSP
What Is in Our IT Portfolios?: By Erik Guldentops, CISA, CISM
- Volume 4, 2007 Outsourcing IT Governance to Deliver Business Value: By Max Blecher
Portfolio Management—Unlocking the Value of IT Investments: By Georges Ataya, CISA, CISM, CISSP, and John Thorp, CMC, I.S.P.
- Volume 3, 2007 Bridging Business and IT Strategies With Enterprise Architecture: Realising the Real Value of Business-IT Alignment: By Sushil Chatterji
- Volume 1, 2007 The Many Faces of IT Governance: Crafting an IT Governance Architecture: By Nick Robinson, CISA
- CMMI®—Capability Maturity Model® Integration (CMMI) is a process improvement approach.
- TOGAF™—The Open Group Architecture Framework (TOGAF) is a framework for developing an enterprise architecture.
- ISO/IEC 17799:2005—Guidelines and general principles for initiating, implementing, maintaining, and improving an information security management system (i.e. an information security governance framework) in an organization.
- ISO/IEC 20000-1-2011—ISO/IEC 20000-1-2011 is a service management system (SMS) standard.
- ISO/IEC 38500:2008— Guiding principles for directors of organizations on the effective, efficient, and acceptable use of information technology within their organizations.
- COSO/ERM—This framework defines essential enterprise risk management components, discusses key ERM principles and concepts, suggests a common ERM language, and provides clear direction and guidance for enterprise risk management.
- AS/NZS ISO 31000-2009—This Standard provides a generic guide for managing risk.