MIS 5202 IT Governance - Syllabus

Similar documents
Temple University Fox School of Business MS Information Technology And Cyber Security MIS5201 SYLLABUS

MILWAUKEE AREA TECHNICAL COLLEGE Course Syllabus Fall 2005

Child Development 382 Professional Seminar in Child Development: Current Issues Fall 2016 Tuesdays 5-7:50pm in Modoc 120

BUS 3525 Strategic Management Online

UNM TAOS-Syllabus. Textbook:

Faculty: Sabine Seymour, Office hours by

Dr. Stanny EXP 3082L Fall 2003 EXPERIMENTAL PSYCHOLOGY LABORATORY. Office Hours For Dr. Stanny: 9:00 AM - 11:30 AM Tuesday, Wednesday, & Thursday

HRM 386 HUMAN RESOURCE MANAGEMENT Spring, 2008

MINNESOTA STATE UNIVERSITY, MANKATO Department of Speech Communication Mankato, MN 56001

PROFESSIONAL WRITING WRT 307 ~ Spring, 2010

UNIVERSITY OF BRIDGEPORT School of Engineering COURSE SYLLABUS. TCMG-555-6T1 Project Management

Human Resource Management Political Science (POLS) 543 Spring 2013 Course Meets: Tuesday and Thursday 11:00-12:15 p.m. Faner 3075

Statistical Methods Online Course Syllabus

Psychological Tests and Measurements PSYC Summer 2016

CISS 492 DEA Senior Seminar in Management Information Systems

UNIVERSITY OF LA VERNE COLLEGE OF LAW NEGOTIATION DAY CLASS CRN Spring 2015 Syllabus

Advanced General Psychology (PSYC 4000) (CRN: 32452) Spring 2015 Weber State University- Ogden Campus

Psychology 103 Your ticket # Spring 2013 Cerritos Community College

Psychology Mind and Society Mondays & Wednesdays, 2:00 3:50 pm, 129 McKenzie Hall Fall 2013 (CRN # 16067)

This is a required course for all history majors. In order to graduate, history majors must earn a C or better in this course.

Reading Materials: Required Text Book: Hall, J. & Singleton, T. Information Technology Auditing and Assurance, 4th Edition.

COURSE SYLLABUS MAC1105 College Algebra

PSYCHOLOGY : INDUSTRIAL/ORGANIZATIONAL PSYCHOLOGY STEPHEN F. AUSTIN STATE UNIVERITY COURSE SYLLABUS & CALENDAR FALL 2011

Psychology 211: Social Psychology 8:30-9:45 am, USG Bldg III

MOUNT ST. MARY S UNIVERSITY MBA PROGRAM SYLLABUS. Semester Theme: Foundations

SYLLABUS Human Resource Management MGMT 3241 Section 001 Spring 2006, MW 3:00-4:20 Friday 9

MOUNT ST. MARY S UNIVERSITY MBA PROGRAM SYLLABUS. Semester 1 Theme: Setting the Stage External Global Business Environment BUS 215

Introduction to Psychology 100 On-Campus Fall 2014 Syllabus

UNIVERSITY OF DAYTON MANAGEMENT AND MARKETING DEPARTMENT MKT 315: RETAIL MARKETING Course Syllabus Winter 2008, Section 01

Entrepreneurship 490a Grand Challenges for Entrepreneurship

MOUNT ST. MARY S UNIVERSITY MBA PROGRAM SYLLABUS. MBA Foundation Course. BUS 203: Essentials of Finance

English 273 XXX Technical and Scientific Writing SAMPLE SYLLABUS Department of English, SFASU

Philadelphia University Faculty of Nursing First Semester, 2009/2010. Course Syllabus. Course code:

AGRI 2030 Technical Communications COURSE OUTLINE January - April 2013

Kent State University, College of Business Administration. Department of Accounting, Fall REVISED Aug 22, Instructor:

LIBR 535 Instructional Role of the Librarian Course Syllabus (3)

The guidelines for Major Projects in the College of Liberal Arts are brief:

MGT 4102 Spring 2014 Management Consulting Syllabus and Class Schedule

Borough of Manhattan Community College Department of Social Science. POL American Government Spring 2014

COURSE APPROVAL DOCUMENT Southeast Missouri State University. Department: Psychology Course No.: PY 564

cell or text TBD. Please make appointment. Location: TCES 204

FALL SEMESTER 2015 MGT W: CURRENT ISSUES IN HRM

LOS ANGELES MISSION COLLEGE PSY. 1- GENERAL PSYCHOLOGY 1

PSYCHOLOGY OF PERSONALITY

PSY 350 ABNORMAL PSYCHOLOGY SPRING 2011

ADVANCED COMPOSITION: AMERICAN ACADEMIC CULTURE

Florida Gulf Coast University Lutgert College of Business Marketing Department MAR3503 Consumer Behavior Spring 2015

General Business 704: Data to Decisions Fall 2013 Wisconsin School of Business, UW-Madison. All class meetings will be held in 2294 Grainger.

Midland College Syllabus ENGL 2311 Technical Writing

George Mason University Electrical and Computer Engineering Department ECE 201: Introduction to Signal Analysis Syllabus Fall 2015

English 1302 Writing Across the Curriculum Fall 2015

CONCORDIA UNIVERSITY CHICAGO ONLINE SYLLABUS TEMPLATE

Text: The Communication Age + interactive ebook + speech planner

Lincoln University COURSE SYLLABUS

UNIVERSITY OF SOUTHERN MISSISSIPPI COLLEGE OF SCIENCE & TECHNOLOGY Industrial Engineering Technology

Philadelphia University Faculty of Information Technology Department of Computer Science --- Semester, 2007/2008. Course Syllabus

MBA 5401, Management Information Systems Course Syllabus. Course Description. Prerequisites. Course Textbook. Course Learning Objectives.

CLINICAL PSYCHOLOGY PSYC (3 credit hours) Fall 2015

Public Human Resources Management PAD/NAL 630, PAD 518 Fall Christine L. Rush Office Hours: Tuesdays 4:00 5:00

CALIFORNIA STATE UNIVERSITY CHANNEL ISLANDS PSY494 POSITIVE PSYCHOLOGY RESEARCH FALL 2015 SYLLABUS DR. CHRISTY TERANISHI MARTINEZ

Psychology 396/398: Psychology Honors Research Seminar Mondays 11:10am-12:25pm

CEDAR CREST COLLEGE Psychological Assessment, PSY Spring Dr. Diane M. Moyer dmmoyer@cedarcrest.edu Office: Curtis 123

MGMT 3404 Cross-Cultural Management Second Semester

English 1302 Writing Across the Curriculum Spring 2016

COURSE OUTCOMES: Upon successful completion of CUL 1010 students will:

IS Management Information Systems


GEB Writing in Business Fall 2015

Course Syllabus HUDE 0111 Transition to College Success 8 Week Session

Imperial Valley College Course Syllabus - Elementary Differential Equations Math 220

to set up appointments at other times. SYLLABUS

Completed/Your Grade. Weekly Work 25% Discussion Board 15% Document Paper 15% Midterm Exam 1 15% Midterm Exam 2 15% Final Exam 15%

Professor: Monica Hernandez Phone: (956) Dept. Secretary Ms. Canales

Elmira Business Institute Medical Transcription I (OFF 131)

INST 300: Approaches to International Studies

PREP-009 COURSE SYLLABUS FOR WRITTEN COMMUNICATIONS

advertising research methods

Illinois Institute of Technology Stuart School of Business Course Syllabus Fall Instructor Information. Course Information

Course Description: Course Textbook:

NEW YORK CITY COLLEGE OF TECHNOLOGY City University of New York

Dr. Monika Renard, PhD, MBA, BBA, BS Associate Professor, Management Director, Institute for Conflict Resolution President, UFF-FGCU

PSYCH 3510: Introduction to Clinical Psychology Fall 2013 MWF 2:00pm-2:50pm Geology 108

COURSE WEBSITE: *This is essential for success in this class.

CISM Fundamentals of Computer Applications

H. JOHN HEINZ III COLLEGE CARNEGIE MELLON UNIVERSITY PROJECT MANAGEMENT SPRING A3 / B3 COURSE SYLLABUS

Introduction to General Psychology Spring 2014 PSY , Mon. & Wed.: 6-7:15

Secure Computer Systems

ENGL 1101NN: College Composition I Fall 2013 M pm UH 234 W pm UH 239

Transcription:

Instructor Information Rich Flanagan Richard.Flanagan@Temple.edu Office/Office Hours 209C Speakman Hall (215) 204-3077 (O) Office Hours: Tuesday/Thursday 1:00 2:00 and (267) 312-1813 (M) Monday 11:00 12:00 CRN 19834 Section 1 Location Alter 745 Time Tuesday 5:30 8:00 Course Objectives In this course you will learn how to audit an organization s use of its information technology assets. Key topics are: 1. Is the organization using IT to further its business objectives? 2. How does the organization align its IT investments to its business strategy? 3. Does the organization have a strong control environment? 4. Does the organization have an enterprise architecture and a technical direction? 5. Is the organization assessing and managing its IT risks in a controlled way? 6. Is the IT team optimized to deliver the services the organization is expecting? 7. Is the organization getting the value it expects? By examining how an organization makes IT investment decisions, implements new assets, delivers services, assesses risk and measures its own performance, the IT auditor can assure the organization is meeting its fiduciary, compliance and security responsibilities. Grading Participation Item Percent of Total Points Participation 20% Team Case/Reading/Policy 30% Exams (2) 25% Final Exam 25% Total 100% Much of your learning will occur as you prepare for and participate in discussions about the course material. The assignments, cases, and readings have has been carefully chosen to bring the real world into class discussion while also illustrating fundamental concepts. To encourage participation, 20% of the course grade is earned by preparing before class and discussing the topics between and in class. Evaluation is based on you consistently demonstrating your engagement with the material. Assessment is based on what you contribute, not simply what you know. 1) Preparation before class By Sunday midnight, you will send me a brief (1 page) summary of the readings, including the cases, assigned for the upcoming class period (see the course schedule). Bring a copy for your reference during the discussion. Your weekly summary will briefly address and summarize: a. One key point you took from each assigned reading. (Two or three sentences per reading) b. One key point you learned from the readings as a whole. (Two or three sentences maximum) c. One question that you would ask your fellow classmates that facilitates discussion. Page 1 of 10

2) Participation during class We will typically start each discussion with opening questions about the assigned readings and case study. I may ask for volunteers, or I may call on you. Students called on to answer should be able to summarize the key issues, opportunities, and challenges in the case study. All students should be prepared to answer these questions. Another important aspect of in-class participation is completion of in-class assignments and contribution to break out activities. 3) Participation between classes To facilitate ongoing learning of the course material, we will also discuss course material on the class blog in between class. Please ask any questions about the readings or cases on the blog so all can see the answers. Reading and commenting by all on these post will further the quality of our in-class discussions. Also, I will post a discussion question on the class blog every Thursday. The question will relate to the assigned reading, a topic discussed in class, or a relevant current event. Every student is expected to read and contribute to the online class discussion each week. The criteria for participation includes attendance, punctuality, level of preparation, professionalism, answering questions, discussing readings, discussing case studies, contributing to group activities, and contributing to a positive learning environment. Recognizing that students sometimes have unavoidable conflicts, the baseline for expected participation is assessed on one less week than the number of assigned weekly write-ups. Team Assignments All team assignments will be graded on a fail (70), pass (80), pass high (90) basis. You should read the description of my Grading Criteria (A,B,C) below in this document to understand what you need to achieve each grade. Case Study and Reading Analyses Each team will prepare an in-depth analysis of one case study and one reading assignment during the semester. Your team will lead the class review of that case or reading. I will provide a list assigning your team to its case and reading. Your team should focus on generating a rich discussion of the materials rather than lecturing on the materials. I expect that you will generate a Powerpoint presentation that covers the materials (with discussion) in 45-60 minutes. You will post your presentation, including notes, on the class blog immediately after class. In the notes section of your Powerpoint presentation I expect that you will document the key points that you want the discussion to cover. There is no one particular style for a good analysis. There are some common elements to excellent submissions (additional, grade-specific criteria are provided at the end of this syllabus): The opening of the analysis makes it immediately clear which material or case study you are covering. You have cited specific details regarding key concepts in the readings and key facts and issues about the case. Instead of general observations about information technology or organizations that apply to any problem, draw details from the reading or case study itself. Analyses, observations, and suggestions should be tied directly to the key concepts, key facts and issues you identified. You can also draw on the other readings in the course to inform and support your conclusions. Page 2 of 10

After analyzing the details of the reading or case study, discuss how its specific issues have broader application. In other words, use your analysis to provide some advice to managerial decision-makers that can be applied to other situations beyond this case. Provide a balanced perspective. For example, when making a recommendation explain the pros and cons, providing both the rationale (the why) as well as its feasibility (the how). Well-considered recommendations include discussion of potential issues with your solution and conditions that should be in place for your recommendation to be successful. Policy Project For our discussion of IT policies, your team will be assigned to write a specific IT policy topic. Using what you have learned from the Sisco reading, you will write an appropriate policy on the subject for a hypothetical firm that does $50MM of sales with 100 employees and 10 IT people. You will also create a short (maximum 3-5 slides) presentation explaining your policy to the class as if they were employees of the firm. Your team will post a paper copy of both the presentation and policy document that evening. Exams We will have two short exams during the semester. These will be multiple choice tests using practice CISA examination questions. Together these exams are weighted 25% of your final grade Final Exam The final exam will use all multiple-choice CISA practice examination questions. The exam will be comprehensive. Everything we cover during the semester could appear on the final. The final exam is weighted 25% of your final grade. Page 3 of 10

Class Readings ISACA Readings CISA Review Manual 2012, ISACA.org COBIT 5: Enabling Processes, ISACA.org The IT Risk Framework, ISACA.org IT GOVERNANCE USING COBIT AND VAL ITTM STUDENTBOOK, 2ND EDITION, ISACA.org COBIT Quick Start, 2 nd Edition, ISACA.org What Every IT Auditor Should Know About Proper Segregation of Incompatible IT Activities, Tommie W. Singleton, Isaca Journal System Development Life Cycle & IT Audit, Tommie W. Singleton, Isaca Journal Audit of Outsourcing, S. Anantha Sayana, Isaca Journal IT Audits of Cloud and SAAS, Tommie W. Singleton, Isaca Journal What is Your Risk Appetite?, Shirley Booker, Isaca Journal What Every IT Auditor Should Know About Cyberforensics, Tommie W. Singleton, Isaca Journal DoS Attacks A Cyberthreat and Possible Solutions, Ajay Kumar, Isaca Journal What Every IT Auditor Should Know About Backup and Recovery, Tommie W. Singleton, Isaca Journal Auditing Business Continuity, S. Anantha Sayana Isaca Journal Other Gartner Disaster Recovery and Business Continuity Planning: Testing an Organization s Plans, Yusufali F. Musaji, Isaca Journal IT Strategic Management Audit/Assurance Program, ISACA Audit Template Information Technology Management Framework Roles and Responsibilities US Department of Housing and Urban Development, portal.hud.gov/hudportal/documents/huddoc?id=34201cioh.pdf "What is Portfolio Management?, Rad & Levin, AACE International Transactions; 2008; Managing Quality for Information Technology, http://www.qualitydigest.com/mar99/html/body_itech.html Total Quality Management, Chapter 5 Reid http://www.wiley.com/college/sc/reid/chap5.pdf Practical IT Policies & Procedures, M. Sisco Available only online through the library IT Service Management & ITIL, IT Governance To get Gartner articles log onto TUPortal, select Gartner Gateway(left hand menu) and search for the article you want by name Understanding IT Controls and COBIT "Effective Communications: Policies " Effective Communications: IT Strategy Running IT Like a Business" Analyze the Five Factors That Will Shape Your IT Organization Outsourcing Contract Terms and Conditions: An Understanding of the 19 Articles in a Master Service Agreement " Four Keys to Effective Compliance The Security Processes You Must Get Right "Effective Communications: Performance Dashboards" Effective Communication: Difficult Communications Page 4 of 10

Harvard Press Six IT Decisions You IT People Shouldn t Make, Weill and Ross, Harvard Business Review IT Governance Archetypes for Allocating Decision Rights, Peter Weill, Jeanne W. Ross May 13, 2004 Product number: 8087BC-PDF-ENG Implement the Operating Model through Enterprise Architecture Taking on the Challenge of IT Management in a Global Business Context: The Alcan Case - Part A, Line Dube, Carmen Bernier, Vital Roy, May 01, 2009, Product number: HEC020-PDF-ENG MDCM, Inc. (A): Strategic IT Portfolio Management, Mark Jeffery, Joseph F. Norton, Derek Yung, Jan 01, 2006, Product number: KEL172-PDF-ENG ipremier (A): Denial of Service Attack (Graphic Novel Version), Robert D. Austin, Jeremy C. Short, Jun 25, 2009, Product number: 609092-PDF-ENG The Harvard Business School Publishing articles and cases are available from HBSP at the following https://cb.hbsp.harvard.edu/cbmp/access/20308701 Page 5 of 10

Class Schedule When Topics Readings and Cases Due CISA & COBIT 5 Week 1: Course The Stars Air Ambulance Case 8/27 Introduction Week 2: 9/3 Week 3: 9/10 The Control Environment IT Governance The Tampa Bay Office Case IT Governance Using COBIT & Val IT (Chapters 1-3) Understanding IT Controls and COBIT The Dentdel Case Six IT Decisions your IT People Shouldn t Make Archetypes for Allocating Decision Rights Team 1 pp 45-48 COBIT 5: AP01 pp 82-88 COBIT 5: AP02, AP03 Week 4: 9/17 Week 5: 9/24 Week 6: 10/1 Week 7: 10/8 Week 8: 10/15 Week 9: 10/22 Week 10: 10/29 Week 11: 11/5 IT Strategy The IT Organization IT Policies 1 The Alcan Case Implement the Operating Model through Enterprise Architecture Effective Communications: IT Strategy Exam 1 Analyze the Five Factors That Will Shape Your IT Organization Information Technology Management Framework Roles and Responsibilities What Every IT Auditor Should Know About Proper Segregation of Incompatible IT Activities Practical IT Policies & Procedures Effective Communications: IT Policies Teams 5 & 6 Exam 1 Team 2 IT policies 2 Individual Policy Project Presentations Policy Assignments The IT Project Portfolio The MDCM Case What is Portfolio Management? IT Services Total Quality Management: Chapter 5 Running IT Like a Business Managing Quality for Information Technology System Development Life Cycle & IT Audit Contracting IT Services Monitoring & the Balanced Score Card The EHR Case Outsourcing Contract Terms Audit of Outsourcing IT Audits of Cloud and SAAS Exam 2 Four Keys to Effective Compliance Effective Communications: Performance Dashboards Effective Communication: Difficult Communications Team 3 Team 4 Team 5 Exam 2 pp 90-91 COBIT 5: AP08 pp. 97-106, COBIT 5: AP07 pp. 92-94, pp. 91-92, COBIT 5: AP05, AP06 COBIT 5: AP11 COBIT 5: AP09, AP10 Page 6 of 10

Week 12: 11/12 Week 13: 11/19 Risk 1 Risk 2 The All World Airlines Case The IT Risk Framework, pp1-42 What is Your Risk Appetite? The Security Processes You Must Get Right What Every IT Auditor Should Know About Cyberforensics The ipremier Case DDoS Attacks A Cyberthreat and Possible Solutions What Every IT Auditor Should Know About Backup and Recovery Auditing Business Continuity Disaster Recovery and Business Continuity Planning: Testing an Organization s Plans Teams 3 & 4 Teams 2 & 6 pp 94-97 COBIT 5: AP12, AP1399-102, pp 113-126, No class: Thanksgiving Week Schedule Week 14: 12/3 Maturity Models The City Medical Case Self-assessment Guide: Using COBIT 5 IT Strategic Management Audit/Assurance Program Team 1 pp 61-64,91 12/5-6 No class: study period 12/10 Final exam 5:45 7:45 In our classroom Final exam Page 7 of 10

Grading Criteria The following are the criteria used for evaluating assignments. You can roughly translate a letter grade as the midpoint in the scale (for example, an A- equates to a 91.5). Grade Criteria A- or A The assignment consistently exceeds expectations. It demonstrates originality of thought and creativity throughout. Beyond completing all of the required elements, new concepts and ideas are detailed that transcend general discussions along similar topic areas. There are few mechanical, grammatical, or organization issues that detract from the ideas. B-, B, B+ C-, C, C+ Below C- The assignment consistently meets expectations. It contains all the information prescribed for the assignment and demonstrates a command of the subject matter. There is sufficient detail to cover the subject completely but not too much as to be distracting. There may be some procedural issues, such as grammar or organizational challenges, but these do not significantly detract from the intended assignment goals. The assignment fails to consistently meet expectations. That is, the assignment is complete but contains problems that detract from the intended goals. These issues may be relating to content detail, be grammatical, or be a general lack of clarity. Other problems might include not fully following assignment directions. The assignment constantly fails to meet expectations. It is incomplete or in some other way consistently fails to demonstrate a firm grasp of the assigned material. Additional Information Availability of Instructor Attendance Policy Please free to use office hours (without an appointment) to discuss any issues related to this class. While every student is encouraged to visit with me during office hours to help them gain a better understanding of material which they didn t fully understand when they were in class, office hours are NOT for helping students catch up on material they missed because they were absent. Class discussion in intended to be an integral part of the course. Accordingly, full attendance is expected by every member of the class. If you are absent from class, speak with your classmates to catch up on what you have missed. Page 8 of 10

Exams Class Etiquette Appropriate use of Technology in the classroom Please be respectful of the class environment. Class starts promptly at the start time. Please make EVERY effort to be on time, as I will communicate important information in the first few minutes of class. Cell phones must be turned off and put away during class. Refrain from personal discussions during class. Please leave the room if you need to speak to another student for more than a few words. If a student cannot refrain from engaging in private conversation and this becomes a pattern, the students will be asked to leave the classroom to allow the remainder of the students to work. There will be two examinations during the semester. The exams cannot be made up, regardless of the reason for absence. Please turn off cell phones at the start of class. If you have an urgent, personal situation and may be receiving an important phone call during class, please let me know this at the beginning of class, sit near the door, and step out of the classroom if you need to take a call. Please bring your laptop or tablet to class. We want to explore these topics and there is a wealth of materials available online. I do expect that you will use your laptop for our course only while in class. Plagiarism, Academic Dishonesty and Citation Guidelines If you use text, figures, and data in reports that was created by others you must identify the source and clearly differentiate your work from the material that you are referencing. If you fail to do so you are plagiarizing. There are many different acceptable formats that you can use to cite the work of others (see some of the resources below). The formats are not as important as the intent. You must clearly show the reader what is your work and what is a reference to somebody else s work. Plagiarism is a serious offence and could lead to reduced or failing grades and/or expulsion from the university. The Temple University Student Code of Conduct specifically prohibits plagiarism (see http://www.temple.edu/assistance/udc/coc.htm). The following excerpt defines plagiarism: Plagiarism is the unacknowledged use of another person s labor, ideas, words, or assistance. Normally, all work done for courses papers, examinations, homework exercises, laboratory reports, oral presentations is expected to be the individual effort of the student presenting the work. There are many forms of plagiarism: repeating another person s sentence as your own, adopting a particularly apt phrase as your own, paraphrasing someone else s argument as your own, or even presenting someone else s line of thinking in the development of a thesis as though it were your own. All these forms of plagiarism are prohibited both by the traditional principles of academic honesty and by the regulations of Temple University. Our education and our research encourage us to explore and use the ideas of others, and as writers we will frequently want to use the ideas and even the words of others. It is perfectly acceptable to do so; but we must never submit someone else s work as if it were our own, rather we must give appropriate credit to the originator. Source: Temple University Graduate Bulletin, 2000-2001. University Regulations, Other Policies, Academic Honesty. Available online at: http://www.temple.edu/gradbulletin/ For a more detailed description of plagiarism: o Princeton University Writing Center on Plagiarism: o http://web.princeton.edu/sites/writing/writing_center/wcwritingres.htm Page 9 of 10

How to successfully quote and reference material: o University of Wisconsin Writers Handbook o http://www.wisc.edu/writing/handbook/quotingsources.html How to cite electronic sources: o Electronic Reference Formats Recommended by the American Psychological Association o http://www.apastyle.org/elecmedia.html Page 10 of 10