De elektronische studiegids voor het academiejaar 2025 - 2026 is onder voorbehoud.





IT-governance, risk and compliance (1732)

  
Coordinating lecturer :Prof. dr. Mieke JANS 
  
Co-lecturer :Prof. dr. Maarten CORTEN 
  
Member of the teaching team :Mevrouw Gythe STANS 


Language of instruction : English


Credits: 6,0
  
Period: semester 1 (6sp)
  
2nd Chance Exam1: Yes
  
Final grade2: Numerical
 
Exam contract: not possible


 
Sequentiality
 
   No sequentiality

Prerequisites

The student needs to be familiar with the general organization of a company.

The student must have basic knowledge of information systems and the use of IT and information systems in an organization.



Content

Today's private and public organizations are increasingly dependent on information technologies for achieving their strategic and operational objectives. IT-governance will help an organization to exploit the opportunities and manage the risks related to IT.

In this course, we introduce the student to the broad field of IT-governance and provide comprehensive coverage of IT management practices: strategic alignment, risk management, audit, compliance and security.

The main goal of this course is to provide students with the necessary skills to cope with IT-governance related problems from both a high-level theoretical and a low-level practical perspective.

The following topics are covered:

- Corporate Governance

- IT Governance

- COSO

- COBIT

- ITIL

- ITGCs

- Cyber Security

- Procure-to-Pay controls (in SAP)

- NIS2 and EU AI Act



Organisational and teaching methods
Organisational methods  
Lecture  
Response lecture  
Self-study assignment  
Small group session  
Teaching methods  
Case study  
Educational learning conversation  
Group work  
Homework  


Evaluation

Semester 1 (6,00sp)

Evaluation method
Other evaluation method during teaching period15 %
Other Case studies and assignments (the cooperation, the participation, the report and/or the oral presentation will be graded). There is no alternative to this evaluation part. In case of no-show during the case study or lack of submitting the assignments, the student will obtain a zero for the relevant subpart.
Transfer of partial marks within the academic year
Written exam85 %
Open questions
Evaluation conditions (participation and/or pass)
Conditions A student passes the course if the weighted average of all evaluation parts is at least 10/20. 
Consequences If the weighted average of all evaluation parts is lower than 10 out of 20, the student needs to retake the written exam (85% of the final grade).

Second examination period

Evaluation second examination opportunity different from first examination opprt
No
 

Compulsory textbooks (bookshop)
 

Textbook 1:

The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win., Gene Kim, Kevin Behr, George Spafford

ISBN: 0988262509

 

Compulsory course material
 

Compulsory course material will be provided on BlackBoard during the semester.



Learning outcomes
Master of Business and Information Systems Engineering
  •  EC 
  • EC 01: The holder of the degree applies acquired knowledge independently. (Self-direction and entrepreneurial spirit)

  •  EC 
  • EC 10: The holder of the degree integrates the perspective of stakeholders in optimising complex business processes. (Stakeholder awareness)

  •  EC 
  • EC 11: The holder of the degree formulates proposals for operational improvements, taking account of the regional and/or (inter)national context. (Stakeholder awareness)

  •  EC 
  • EC 12: The holder of the degree reflects on the conduct of business from an ethical and sustainability perspective. (Stakeholder awareness)

  •  EC 
  • EC 14: The holder of the degree models, designs and evaluates solutions for business and IT problems to support decision-making at different levels in a complex context. (Problem-solving capacity)

  •  EC 
  • EC 15: The holder of the degree analyses, improves and monitors technological and business processes using data and IT to make a positive contribution to the functioning of an organisation. (Programme-specific competencies)

 

Master of Business Engineering
  •  EC 
  • EC 01: The holder of the degree applies acquired knowledge independently. (Self-direction and entrepreneurial spirit)

  •  EC 
  • EC 10: The holder of the degree integrates the perspective of stakeholders in optimising complex business processes. (Stakeholder awareness)

  •  EC 
  • EC 11: The holder of the degree formulates proposals for operational improvements, taking account of the regional and/or (inter)national context. (Stakeholder awareness)

  •  EC 
  • EC 12: The holder of the degree reflects on the conduct of business from an ethical and sustainability perspective. (Stakeholder awareness)

  •  EC 
  • EC 14: The holder of the degree models, designs and evaluates solutions for financial and technical business problems to support decision-making at different levels in a complex context. (Problem-solving capacity)

  •  EC 
  • EC 15: The holder of the degree can identify, optimise and manage complex technological and business processes in an organisation in light of its strategic goals. (Programme-specific competencies)

 

  EC = learning outcomes      DC = partial outcomes      BC = evaluation criteria  
Offered inTolerance3
1st Master of Business and Information Systems Engineering J
Exchange Programme Business Economics J
Master handelsingenieur in de beleidsinformatica jaar 1 verplicht J



1   Education, Examination and Legal Position Regulations art.12.2, section 2.
2   Education, Examination and Legal Position Regulations art.15.1, section 3.
3   Education, Examination and Legal Position Regulations art.16.9, section 2.