Certified in the Governance of Enterprise IT (CGEIT)
Certified in the Governance of Enterprise IT (CGEIT) is provided by ISACA. CGEIT is designed for professionals who have management, advisory, and/or assurance responsibilities relating to the governance of IT. CGEIT is considered by many companies and governmental agencies as a prerequisite for employees involved with enterprise IT governance.
The following professionals are good candidates for CGEIT certificate:
- Chief Information Officer (CIO)
- Chief Technology Officer (CTO)
- Chief Audit Executive (CAE)/Partner/Principal
- Chief Information Risk Strategist
- Chief Information Security Officer (CISO)
- Chief Security Officer (CSO)
- IT Governance Director/Manager
- IT Director/Manager
- IT Consultant
- IT Audit Director/Manager
- IT Security Director/Manager
- IT Compliance Director/Manager
- Project Manager
- Business Manager
- General Manager
To earn the CGEIT credential, an individual must:
1. Pass the CGEIT exam
2. Adhere to the ISACA Code of Professional Ethics
3. Agree to comply with the CGEIT Continuing Education Policy
4. Provide evidence of appropriate IT governance work experience as defined by the CGEIT Job Practice.Five (5) or more years of experience managing, serving in an advisory or oversight role, and/or otherwise supporting the governance of the IT-related contribution to an enterprise is required to apply for certification.
Module 1: Framework for the Governance of Enterprise IT:Ensure the definition, establishment, and management of a framework for the governance of enterprise IT in alignment with the mission, vision and values of the enterprise.
Define, establish and maintain an IT governance framework (leadership, organizational structures and processes) to: ensure alignment with enterprise governance; control the business information and information technology environment through the implementation of good practices; and assure compliance with external requirements.
Module 2: Strategic Management:Ensure that IT enables and supports the achievement of enterprise objectives through the integration and alignment of IT strategic plans with enterprise strategic plans.
Ensure that IT enables and supports the achievement of business objectives through the integration of IT strategic plans with business strategic plans and the alignment of IT services with enterprise operations to optimize business processes.
Module 3: Benefits Realization:Ensure that IT-enabled investments are managed to deliver optimized business benefits and that benefit realization outcome and performance measures are established, evaluated and progress is reported to key stakeholders.
Ensure that IT and the business fulfill their value management responsibilities: IT-enabled business investments achieve the benefits as promised and deliver measurable business value both individually and collectively, that required capabilities (solutions and services) are delivered on-time and within budget, and that IT services and other IT assets continue to contribute to business value.
Module 4: Risk Optimization:Ensure that an IT risk management framework exists to identify, analyze, mitigate, manage, monitor, and communicate ITrelated business risk, and that the framework for IT risk management is in alignment with the enterprise risk management (ERM) framework.
Ensure that appropriate frameworks exist and are aligned with relevant standards to identify, assess, mitigate, manage, communicate and monitor IT-related business risks as an integral part of an enterprise's governance environment.
Module 5: Resource Optimization:Ensure the optimization of IT resources including information, services, infrastructure and applications, and people, to support the achievement of enterprise objectives.
Ensure that IT has sufficient, competent and capable resources to execute current and future strategic objectives and keep up with business demands by optimizing the investment, use and allocation of IT assets. Ensure that business-supporting IT goals/objectives and measures are established in collaboration with key stakeholders and that measurable targets are set, monitored and evaluated.