Modulbeschreibung
IT-Management, Governance and Information Security
Kürzel:
Durchführungszeitraum:
ECTS-Credits:
Arbeitsaufwand (h):
Lernziele:
One of the main tasks of business IT specialists in practice is to design and optimize the interface between the business and IT spheres. optimization of the interface between the business and IT spheres: today, IT must make its value contribution to the contribution to the company's success measurable and comprehensible. It also has to comply with an increasing number of regulatory requirements, ensure information security and data protection and play a part in establishing compliance in other areas of the company. In order to fulfill these tasks, IT Governance, IT Compliance and information security management, IT (service) management and business continuity management. management, various process-oriented frameworks have been developed in recent years. These support the permanent alignment of IT with tactical and strategic corporate goals while objectives while at the same time minimizing all IT risks (including legal risks). The modern training of business IT specialists therefore includes the teaching of knowledge of the relevant methods, concepts and standards. Business IT specialists thus also acquire important technical and methodological knowledge for the management of IT and organizational areas.
Verantwortliche Person:
Standort (angeboten):
Zusätzlich vorausgesetzte Kenntnisse:
INMA
Skriptablage:
Modultyp:
Bemerkungen:
Workload[h]
Contact hours: 56
Guided self-study: 42
Independent self-study: 82
ECTS-Credits pro Kategorie
Modulbewertung
Bewertungsart:
Leistungsbewertung
Während der Prüfungssession:
Bemerkungen zur Prüfung:
Aids: Open book: any printed documents including slides and graphics are permitted, no textbooks
Während des Semesters:
Bewertungsart:
Kurse in diesem Modul
IT-Management, Governance and Information Security
Kürzel:
Semester:
Lernziele:
Professional competencies:
The participants can:
- Understand information systems as a strategic competitive instrument;
- Selected reference models regarding the area of application (IT Governance, IT Service Management,
IT compliance management, IT risk management and information security management as well as
Business Continuity Management) and use them; - Understand and help shape interface processes between IT and business;
- Design IT (service) processes;
- Assess current threats to information security and analyze and manage corresponding risks
and manage them; - design an information security management system in accordance with ISO 27001 or BSI basic protection
- Understand, explain and support the IT audit process.
Methodological skills:
The participants can:
- Understand the possible uses and potential of reference models for managing IT;
- formulate requirements for IT compliance and information security and business continuity
and record them - understand the relevant management disciplines as continuous processes;
- understand the interplay between business strategy, organization, technical components and, above all
and, above all, human capabilities - and weaknesses where applicable; - plan and prepare simple IT audits.
Self-competencies:
Participants can:
- work on complex topics independently using the information resources available.
Social skills:
Participants can:
- understand information management as an essential instrument of corporate management and
involve the relevant stakeholders in a targeted manner; - communicate with departments such as internal audit, controlling, consultants on IT compliance, IT risk management,
information security, etc. in their own language; - demonstrate expressiveness in terms of rhetoric and presentation skills;
- Recognize conflicts in teamwork and contribute constructively to solutions.
Plan und Lerninhalt:
Topic/learning block I: Introduction and overview
- IT management, IT governance, IT compliance management, risk management, information security, Business continuity (definition, delimitation, objectives, tasks);
- Objectives and benefits of reference models in general;
- Overview of IT governance reference models (e.g. ITIL, COBIT, ISO 2700x, ...);
- Objectives, scope and benefits of specific reference models
Topic/learning block II: Information security management
- Differentiation between information security, IT security, computer security and network security;
- Basics of information security management;
- Components and structure of an information security management system (ISMS)
- IT risk analysis
- Overview of standards and frameworks: BSI basic protection, ISO/IEC 27001 and ff
Subject/learning block III: Business Continuity Management (BCM)
- Basics of business continuity management and resilience
- Roles and tasks
- Business continuity management systems (BCMS)
- BCM strategies
- Overview of standards and frameworks
Topic/learning block IV: IT compliance management
- Important laws and regulations in the IT sector
- Fundamentals of auditing and IT auditing;
- Auditing standards and procedure models for system and application audits as part of
audits of annual financial statements
Topic/learning block V: COBIT
- Overview COBIT - A Control Framework for IT
- COBIT 2019 - 6 principles
- Enabler categories
- COBIT 2019 - Process reference model
- COBIT 2019 - Process Enabler Model
- Application examples
Topic/learning block VI: ITIL and IT Service Management (ITSM)
- IT service lifecycle
- Selected IT service processes
- Service Level Management (SLM)
- Comparison of ITIL v3 and v4
- Application examples
Topic/learning block VII: Agile IT delivery
- Origin and benefits of DevOps
- Basic principles and the core concept
- Core elements of DevOps
- Processes and the link to ITSM
- Automation and continuous delivery
- Security & compliance
Ansprechspersonen:
Unterrichtssprache:
Lehr- und Lernmethoden:
Dialogue-oriented teaching with integrated case studies and exercises, guest lectures from the business world,
excursion
Bibliographie:
Compulsory literature:
- Teaching materials (slides) and case studies on Moodle and Miroboard
- Supplementary specialist articles and reference models according to the reader on Moodle
Further literature:
- Gene Kim, Kevin Behr, George Spafford, Projekt Phoenix: Der Roman über IT und DevOps –
Neue Erfolgsstrategien für Ihre Firma - Markus Gaulke, Praxiswissen COBIT, dpunkt.verlag GmbH; 3., akt. u. überarb. edition (5 Dec.
2019), ISBN-10 : 3864906997, ISBN-13 : 978-3864906992 - COBIT 2019 Framework: Governance and Management Objectives Perfect, Isaca (14 Nov.
2018), ISBN-10 : 1604207280, ISBN-13 : 978-1604207286
Kursart:
Durchführung gemäss Stundenplan