ISACA - Certified in the Governance of Enterprise IT (CGEIT) certification



Only 3 Days



Classroom / Online / Hybrid

Next date

Next date:

23/10/2023 (Monday)



This 3-day accelerated training course will provide you with skills needed to ensure that your IT systems meet the business's needs - through leadership, and organisational structures and processes.

You'll learn faster and retain information better through our unique Lecture | Lab | Review technique. Our expert instructors will take you through the roles, responsibilities and various focus areas of IT governance.

Do you have management, advisory or assurance responsibilities, relating to the governance of IT? If so, the CGEIT is critical in helping you provide excellent IT governance.

Firebrand is an ISACA ATO, which means you'll have access to official ISACA courseware. You'll prepare for the CGEIT exam and receive a CGEIT exam voucher, that can be used at your nearest test centre.

Firebrand is a premier ISACA partner for EMEA and the US. No other partner in these regions trains more students.

Seven reasons why you should sit your CGEIT course with Firebrand Training

  1. You'll be CGEIT trained in just 3 days.
  2. Our CGEIT course is all-inclusive. A one-off fee covers all course materials, exams, accommodation and meals. No hidden extras
  3. Pass CGEIT first time or train again for free. This is our guarantee. We’re confident you’ll pass your course first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
  4. You’ll learn more CGEIT. A day with a traditional training provider generally runs from 9am – 5pm, with a nice long break for lunch. With Firebrand Training you’ll get at least 12 hours/day quality learning time, with your instructor
  5. You’ll learn CGEIT faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
  6. You’ll be studying CGEIT with the best. We’ve been named in Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified 134,561 professionals, and we’re partners with all of the big names in the business
  7. You'll do more than study CGEIT courseware. We use practical exercises to make sure you can apply your new knowledge to the work environment. Our instructors use demonstrations and real-world experience to keep the day interesting and engaging


Other accelerated training providers rely heavily on lecture and independent self-testing and study.

Effective technical instruction must be highly varied and interactive to keep attention levels high, promote camaraderie and teamwork between the students and instructor, and solidify knowledge through hands-on learning.

Firebrand Training provides instruction to meet every learning need:

  • Intensive group instruction
  • One-on-one instruction attention
  • Hands-on labs
  • Lab partner and group exercises
  • Question and answer drills
  • Independent study

This information has been provided as a helpful tool for candidates considering training. Courses that include certification come with a certification guarantee. Pass first time or train again for free (just pay for accommodation and exams on your return). We do not make any guarantees about personal successes or benefits of obtaining certification. Benefits of certification determined through studies do not guarantee any particular personal successes.


During this three-day course, you'll learn the five domains of CGEIT.

Domain 1: Framework for the Governance of Enterprise IT (25%)
Domain 2: Strategic Management (20%)
Domain 3: Benefits Realization (16%)
Domain 4: Risk Optimization (24%)
Domain 5: Resource Optimization (15%)

Domain 1: Framework for the Governance of Enterprise IT (25%)

Ensure the definition, establishment, and management of a framework for the governance of enterprise IT in alignment with the mission, vision and values of the enterprise.

Domain 1—Task Statements:

  1. Ensure that a framework for the governance of enterprise IT is established and enables the achievement of enterprise goals and objectives to create stakeholder value, taking into account benefits realization, risk optimization, and resource optimization.
  2. Identify the requirements and objectives for the framework for the governance of enterprise IT incorporating input from enablers such as principles, policies and frameworks; processes; organizational structures; culture, ethics and behavior; information; services, infrastructure and applications; people, skills and competencies.
  3. Ensure that the framework for the governance of enterprise IT addresses applicable internal and external requirements (for example, principles, policies and standards, laws, regulations, service capabilities and contracts).
  4. Ensure that strategic planning processes are incorporated into the framework for the governance of enterprise IT.
  5. Ensure the incorporation of enterprise architecture (EA) into the framework for the governance of enterprise IT in order to optimize IT-enabled business solutions.
  6. Ensure that the framework for the governance of enterprise IT incorporates comprehensive and repeatable processes and activities.
  7. Ensure that the roles, responsibilities and accountabilities for information systems and IT processes are established.
  8. Ensure issues related to the framework for the governance of enterprise IT are reviewed, monitored, reported and remediated.
  9. Ensure that organizational structures are in place to enable effective planning and implementation of IT-enabled business investments.
  10. Ensure the establishment of a communication channel to reinforce the value of the governance of enterprise IT and transparency of IT costs, benefits and risk throughout the enterprise.
  11. Ensure that the framework for the governance of enterprise IT is periodically assessed, including the identification of improvement opportunities.

Domain 1—Knowledge Statements:

  1. Components of a framework for the governance of enterprise IT
  2. IT governance industry practices, standards and frameworks (for example, COBIT, Information Technology Infrastructure Library [ITIL], International Organization for Standardization [ISO] 20000, ISO 38500)
  3. business drivers related to IT governance (for example, legal, regulatory and contractual requirements)
  4. IT governance enablers (for example, principles, policies and frameworks; processes; organizational structures; culture, ethics and behavior; information; services, infrastructure and applications; people, skills and competencies)
  5. Techniques used to identify IT strategy (for example, SWOT, BCG Matrix)
  6. Components, principles, and concepts related to enterprise architecture (EA)
  7. Organizational structures and their roles and responsibilities (for example, enterprise investment committee, program management office, IT strategy committee, IT architecture review board, IT risk management committee)
  8. Methods to manage organizational, process and cultural change
  9. Models and methods to establish accountability for information requirements, data and system ownership; and IT processes
  10. IT governance monitoring processes/mechanisms (for example, balanced scorecard (BSC)
  11. IT governance reporting processes/mechanisms
  12. Communication and promotion techniques
  13. Assurance methodologies and techniques
  14. Continuous improvement techniques and processes

Domain 2: Strategic Management (20%)

Ensure that IT enables and supports the achievement of enterprise objectives through the integration and alignment of IT strategic plans with enterprise strategic plans.

Domain 2—Task Statements:

  1. Evaluate, direct and monitor IT strategic planning processes to ensure alignment with enterprise goals.
  2. Ensure that appropriate policies and procedures are in place to support IT and enterprise strategic alignment.
  3. Ensure that the IT strategic planning processes and related outputs are adequately documented and communicated.
  4. Ensure that enterprise architecture (EA) is integrated into the IT strategic planning process.
  5. Ensure prioritization of IT initiatives to achieve enterprise objectives.
  6. Ensure that IT objectives cascade into clear roles, responsibilities and actions of IT personnel.

Domain 2—Knowledge Statements:

  1. An enterprise’s strategic plan and how it relates to IT
  2. Strategic planning processes and techniques
  3. Impact of changes in business strategy on IT strategy
  4. Barriers to the achievement of strategic alignment
  5. Policies and procedures necessary to support IT and business strategic alignment
  6. Methods to document and communicate IT strategic planning processes (for example, IT dashboard/balanced scorecard, key indicators)
  7. Components, principles and frameworks of enterprise architecture (EA)
  8. Current and future technologies
  9. Prioritization processes related to IT initiatives
  10. Scope, objectives and benefits of IT investment programs
  11. IT roles and responsibilities and methods to cascade business and IT objectives to IT personnel

Domain 3: Benefits Realization (16%)

Ensure that IT-enabled investments are managed to deliver optimized business benefits and that benefit realization outcome and performance measures are established, evaluated and progress is reported to key stakeholders.

Domain 3—Task Statements:

  1. Ensure that IT-enabled investments are managed as a portfolio of investments.
  2. Ensure that IT-enabled investments are managed through their economic life cycle to achieve business benefit.
  3. Ensure business ownership and accountability for IT-enabled investments are established.
  4. Ensure that IT investment management practices align with enterprise investment management practices.
  5. Ensure that IT-enabled investment portfolios, IT processes and IT services are evaluated and benchmarked to achieve business benefit.
  6. Ensure that outcome and performance measures are established and evaluated to assess progress towards the achievement of enterprise and IT objectives.
  7. Ensure that outcome and performance measures are monitored and reported to key stakeholders in a timely manner.
  8. Ensure that improvement initiatives are identified, prioritized, initiated and managed based on outcome and performance measures.

Domain 3—Knowledge Statements:

  1. IT investment management processes, including the economic life cycle of investments
  2. Basic principles of portfolio management
  3. Benefit calculation techniques (for example, earned value, total cost of ownership, return on investment)
  4. Process and service measurement techniques (for example, maturity models, benchmarking, key performance indicators [KPIs])
  5. Processes and practices for planning, development, transition, delivery, and support of IT solutions and services
  6. Continuous improvement concepts and principles
  7. Outcome and performance measurement techniques (for example, service metrics, key performance indicators [KPIs])
  8. Procedures to manage and report the status of IT investments
  9. Cost optimization strategies (for example, outsourcing, adoption of new technologies)
  10. Models and methods to establish accountability over IT investments
  11. Value delivery frameworks (for example, Val IT)
  12. Business case development and evaluation techniques

Domain 4: Risk Optimization (24%)

Ensure that an IT risk management framework exists to identify, analyze, mitigate, manage, monitor, and communicate IT-related business risk, and that the framework for IT risk management is in alignment with the enterprise risk management (ERM) framework.

Domain 4—Task Statements:

  1. Ensure that comprehensive IT risk management processes are established to identify, analyze, mitigate, manage, monitor, and communicate IT risk.
  2. Ensure that legal and regulatory compliance requirements are addressed through IT risk management.
  3. Ensure that IT risk management is aligned with the enterprise risk management (ERM) framework.
  4. Ensure appropriate senior level management sponsorship for IT risk management.
  5. Ensure that IT risk management policies, procedures and standards are developed and communicated.
  6. Ensure the identification of key risk indicators (KRIs).
  7. Ensure timely reporting and proper escalation of risk events and responses to appropriate levels of management.

Domain 4—Knowledge Statements:

  1. The application of risk management at the strategic, portfolio, program, project and operations levels
  2. Risk management frameworks and standards (for example, RISK IT, the Committee of Sponsoring Organizations of the Treadway Commission Enterprise Risk Management—Integrated Framework (2004) [COSO ERM], International Organization for Standardization (ISO) 31000)
  3. The relationship of the risk management approach to legal and regulatory compliance
  4. Methods to align IT and enterprise risk management (ERM)
  5. The relationship of the risk management approach to business resiliency (for example, business continuity planning [BCP] and disaster recovery planning [DRP])
  6. Risk, threats, vulnerabilities and opportunities inherent in the use of IT
  7. Types of business risk, exposures and threats (for example, external environment, internal fraud, information security) that can be addressed using IT resources
  8. Risk appetite and risk tolerance
  9. Quantitative and qualitative risk assessment methods
  10. Risk mitigation strategies related to IT in the enterprise
  11. Methods to monitor effectiveness of mitigation strategies and/or controls
  12. Stakeholder analysis and communication techniques
  13. Methods to establish key risk indicators (KRIs)
  14. Methods to manage and report the status of identified risk

Domain 5: Resource Optimization (15%)

Ensure the optimization of IT resources including information, services, infrastructure and applications, and people, to support the achievement of enterprise objectives.

Domain 5—Task Statements:

  1. Ensure that processes are in place to identify, acquire and maintain IT resources and capabilities (i.e., information, services, infrastructure and applications, and people).
  2. Evaluate, direct and monitor sourcing strategies to ensure existing resources are taken into account to optimize IT resource utilization.
  3. Ensure the integration of IT resource management into the enterprise’s strategic and tactical planning.
  4. Ensure the alignment of IT resource management processes with the enterprise’s resource management processes.
  5. Ensure that a resource gap analysis process is in place so that IT is able to meet strategic objectives of the enterprise.
  6. Ensure that policies exist to guide IT resource sourcing strategies that include service level agreements (SLAs) and changes to sourcing strategies.
  7. Ensure that policies and processes are in place for the assessment, training and development of staff to address enterprise requirements and personal/professional growth.

Domain 5—Knowledge Statements:

  1. IT resource planning methods
  2. Human resource procurement, assessment, training, and development methodologies
  3. Processes for acquiring application, information, and infrastructure resources
  4. Outsourcing and offshoring approaches that may be employed to meet the investment program and operation level agreements (OLAs) and service level agreements (SLAs)
  5. Methods used to record and monitor IT resource utilization and availability
  6. Methods used to evaluate and report on IT resource performance
  7. Interoperability, standardization and economies of scale
  8. Data management and data governance concepts
  9. Service level management concepts

Exam Track

The CGEIT exam measures your knowledge of the five domains (see 'Curriculum' above). Here is the percentage of questions that will appear on the exam, from each domain:

  • Domain 1: Framework for the Governance of Enterprise IT (25%)
  • Domain 2: Strategic Management (20%)
  • Domain 3: Benefits Realization (16%)
  • Domain 4: Risk Optimization (24%)
  • Domain 5: Resource Optimization (15%)

Firebrand is an ISACA ATO, which means you'll have access to official ISACA courseware. You'll prepare for the CGEIT exam and receive a CGEIT exam voucher, that can be used at your nearest test centre.

ISACA Exam Testing Windows

If you choose to sit the exam, there will be three testing windows of 16-week durations. Your accelerated course will take place within one of these testing windows.

Next testing window: 1 February - 24 May 2018

  • Early Registration Deadline: 16 February 2018
  • Final Registration Deadline: 18 May 2018

What's included

On this accelerated CGEIT course, you'll get official ISACA Student Kits which include:

  • Certification Review Manual
  • A 12 month subscription to Exam Review Questions, Answers and Explanations
  • Sample Practice Questions
  • Copy of Course Materials

You'll also access additional, exclusive CGEIT curriculum built by Firebrand.

Firebrand Training offers top-quality technical education and certification training in an all-inclusive course package specifically designed for the needs and ease of our students. We attend to every detail so our students can focus solely on their studies and certification goals.

Our Certification Programs includes

  • Intensive Hands-on Training Utilising our (Lecture | Lab | Review)TM Delivery
  • Comprehensive Study Materials, Program Courseware and Self-Testing Software including MeasureUp *
  • Fully instructor-led program with 24 hour lab access
  • Examination vouchers **
  • Near site testing, Transportation to/from Testing Center are provided ***
  • Accommodation, all meals, unlimited beverages, snacks and tea / coffee****
  • Examination Passing Policy

Please note

  • * Not on all courses
  • ** Examination vouchers are not included for the following courses: PMP, CAPM and CISSP CBK Review
  • *** Not included in our PMP, CAPM, CISA, CISM, CGEIT, CRISC, (ISC)2 or ITIL Managers and Revision Certifications
  • **** Accommodation not included on the CISSP CBK Review Seminar

Our instructors teach to accommodate every student's learning needs through individualised instruction, hands-on labs, lab partner and group exercises, independent study, self-testing, and question/answer drills.

Firebrand Training has dedicated, well-equipped educational facilities where you will attend instruction and labs and have access to comfortable study and lounging rooms. Our students consistently say our facilities are second-to-none.

Examination Passing Policy

Should a student complete a Firebrand Training Program without having successfully passed all vendor examinations, the student may re-attend that program for a period of one year.  Students will only be responsible for accommodations and vendor exam fees.


There are no prerequisites for attending this course, but some knowledge / experience of IT governance is recommended. However, in order to be eligible for receiving the CGEIT certification, you must meet the following requirements:

A minimum of five years experience managing, advising or otherwise supporting IT governance in an enterprise, is required for CGEIT certification. This experience must meet these specific requirements, based on the CGEIT Job Practice domains:

  • A minimum of one year of experience relating to the definition, establishment and management of a Framework for the Governance of IT. The type and extent of experience accepted is described in CGEIT domain 1 (Framework for the Governance of Enterprise IT).
  • Additional broad experience directly related to any two or more of the remaining CGEIT domains is required. The type and extent of experience accepted is described in CGEIT domains 2 through 5. These domains are:
    • Strategic Management
    • Benefits Realization
    • Risk Optimisation
    • Resource Optimisation

There are no waivers or substitutions for CGEIT experience, apart from one exception: Two years as a full-time university instructor teaching IT governance related subjects at an accredited university can be substituted for every one year of IT governance experience.

Individuals can take the CGEIT exam prior to meeting the experience requirements. This practice is acceptable and encouraged, although the CGEIT designation will not be awarded until all requirements are met.

Unsure whether you meet the prerequisites? Don’t worry. Your training consultant will discuss your background with you to understand if this course is right for you.


Here's the Firebrand Training review section. Since 2001 we've trained exactly 134,561 students and asked them all to review our Accelerated Learning. Currently, 96.46% have said Firebrand exceeded their expectations.

Read reviews from recent accelerated courses below or visit Firebrand Stories for written and video interviews from our alumni.

Jorge Cruz, Interpet Ltd. (15/11/2019 (Friday) to 17/11/2019 (Sunday))

"We use Firebrand because we know we are getting good quality training and good instructors that are worth every penny."
E.D.. (1/7/2019 (Monday) to 3/7/2019 (Wednesday))

"If you want a fast track to the CGEIT certificate, choose Firebrand."
Oliver Wildenstein, MLP Finanzdienstleistungen AG. (18/5/2015 (Monday) to 20/5/2015 (Wednesday))

"Great trainer!"
Anonymous (29/10/2018 (Monday) to 31/10/2018 (Wednesday))

"The contact and concept behind the training is competent and professionally handled."
Anonymous (22/5/2018 (Tuesday) to 24/5/2018 (Thursday))

Course Dates

ISACA - CGEIT Certification (Certified in the Governance of Enterprise IT)




Book now

23/10/2023 (Monday)

25/10/2023 (Wednesday)

Limited availability

Book now

13/11/2023 (Monday)

15/11/2023 (Wednesday)


Book now

8/5/2024 (Wednesday)

10/5/2024 (Friday)


Book now

13/5/2024 (Monday)

15/5/2024 (Wednesday)


Book now

Latest Reviews from our students