Further Reading & Resources¶

This page provides a curated reading list for MBA students who want to go deeper into enterprise IT topics. Each resource includes an annotation explaining why it is valuable and which sections of this primer it connects to. The list is intentionally selective — these are the resources most worth your time, not an exhaustive bibliography.

Quick-Reference: Primer Sections to Recommended Readings¶

Use this table to find the most relevant resources for each section of the primer.

Textbooks (Primary References)¶

These are the foundational texts most commonly used in MBA-level IT management courses. Each provides a different lens on the same core material covered in this primer.

1. Management Information Systems: Managing the Digital Firm¶

Authors: Kenneth C. Laudon and Jane P. Laudon Edition: 17^th Edition, Pearson, 2022

This is the standard MIS textbook used in MBA programs worldwide and the most comprehensive single-volume treatment of the topics covered in this primer. Laudon and Laudon cover the full spectrum — from IT infrastructure and enterprise applications to governance, security, e-commerce, and decision support — with a consistent focus on how technology creates business value. The book excels at connecting technical concepts to managerial decision-making through extensive case studies and real-world examples drawn from companies like Amazon, Walmart, and UPS.

Why it matters: If you want one reference that covers nearly every topic in this primer with rigorous academic treatment and strong business context, this is it. The textbook's chapter on IT infrastructure and its treatment of enterprise systems (ERP, CRM, SCM) are particularly strong complements to the Enterprise Applications and Cloud Computing sections of this primer.

Connects to: IT Governance, Enterprise Technology, Risk & Security, IT Budgeting

2. Managing and Using Information Systems: A Strategic Approach¶

Authors: Keri E. Pearlson, Carol S. Saunders, and Dennis F. Galletta Edition: 7^th Edition, Wiley, 2019

Where Laudon and Laudon provide breadth, Pearlson, Saunders, and Galletta provide strategic depth. This textbook is built around a central premise that MBA students do not need to understand how to build systems — they need to understand how to manage and leverage them strategically. The book organizes its material around key managerial decisions: How should IT be governed? What is the strategic role of information? How should the IT organization be structured? This strategic framing makes it especially valuable for students who find purely technical descriptions less engaging.

Why it matters: The book's treatment of IT governance decision-making, organizational design for IT, and the strategic alignment between business and technology is exceptionally clear. Its frameworks for thinking about the "information" in "information technology" — how data becomes a strategic asset — complement the Data Governance and IT-Business Alignment sections of this primer particularly well.

Connects to: IT-Business Alignment, Make vs. Buy, Shadow IT, Data Governance

3. Adventures of an IT Leader¶

Authors: Robert D. Austin, Richard L. Nolan, and Shannon O'Donnell Edition: Updated Edition, Harvard Business Review Press, 2019

This book takes an entirely different approach from traditional textbooks. Written as a narrative — essentially a business novel — it follows Jim Barton, a newly appointed CIO with no IT background, as he navigates the challenges of leading an enterprise IT organization. Each chapter presents a realistic scenario (a major outage, a security breach, a troubled ERP implementation, board-level politics) and forces the reader to think through how they would respond. Discussion questions at the end of each chapter make it ideal for classroom use.

Why it matters: The narrative format makes abstract governance and management concepts visceral and memorable in a way that traditional textbooks cannot. Barton's journey from overwhelmed newcomer to effective IT leader mirrors the learning curve many MBA graduates experience when they first encounter enterprise IT responsibilities. The book is especially strong on the human and political dimensions of IT leadership — stakeholder management, organizational politics, building credibility, and managing through crises — which complement the more structural treatment in this primer's C-Suite IT Roles and Project Management sections.

Connects to: C-Suite IT Roles, Project Management, Digital Transformation

4. IT Governance: How Top Performers Manage IT Decision Rights for Superior Results¶

Authors: Peter Weill and Jeanne W. Ross Publisher: Harvard Business School Press, 2004

Despite its publication date, this remains the definitive academic treatment of IT governance. Weill and Ross conducted extensive research at MIT's Center for Information Systems Research (CISR) to identify how high-performing organizations structure IT decision-making. Their central contribution is a practical governance framework organized around five key IT decisions (IT principles, IT architecture, IT infrastructure, business application needs, and IT investment) and six governance archetypes (business monarchy, IT monarchy, feudal, federal, IT duopoly, and anarchy) that describe who makes each type of decision.

Why it matters: The Weill and Ross governance archetypes have become standard vocabulary in IT governance discussions. Their research demonstrates a clear empirical link between governance structure and organizational performance — companies with well-designed IT governance earn up to 20% higher returns on IT assets than their peers. This book is essential reading for anyone who wants to go beyond the frameworks (COBIT, ITIL) covered in this primer and understand the organizational design principles that determine whether governance actually works. It directly deepens the material in the Governance Frameworks and IT-Business Alignment sections.

Connects to: Governance Frameworks, IT-Business Alignment, C-Suite IT Roles, Vendor Management

Industry Frameworks & Standards (Free/Online)¶

These are the primary frameworks and standards referenced throughout this primer. Each provides free introductory materials that are worth reviewing to build familiarity with the actual source documents.

5. ISACA COBIT 2019 Resources¶

Source: ISACA (Information Systems Audit and Control Association) URL: isaca.org/resources/cobit

ISACA provides a range of free and paid resources for COBIT 2019, the comprehensive IT governance and management framework discussed extensively in the Governance Frameworks section of this primer. The free resources include the COBIT 2019 Framework Overview, executive summaries, and introductory guides. The full framework documentation (including the detailed process reference guides and implementation guides) requires an ISACA membership or separate purchase, but the free materials provide sufficient depth for MBA students to understand the framework's structure, goals cascade, and capability maturity model.

Why it matters: COBIT is the framework most commonly cited in audit, compliance, and regulatory contexts. Familiarity with COBIT terminology and structure is essential if you work in regulated industries (financial services, healthcare, government) or if you interact with internal audit and compliance functions. Reviewing the ISACA introductory materials will reinforce and deepen your understanding of the COBIT content in this primer.

Connects to: Governance Frameworks, Cybersecurity, Data Governance, Frameworks Reference

6. ITIL 4 Foundation Overview¶

Source: Axelos / PeopleCert URL: peoplecert.org/itil-4

ITIL 4 is the world's most widely adopted framework for IT service management. PeopleCert (which acquired Axelos) provides free overviews of the ITIL 4 framework, including the Service Value System, the four dimensions of service management, and the 34 ITIL practices. The ITIL 4 Foundation certification is the entry-level credential and its study materials provide an accessible introduction to how organizations design, deliver, and continually improve IT services. While the full certification requires a paid exam, the introductory materials and study guides available online offer substantial learning value on their own.

Why it matters: ITIL vocabulary — incident management, change enablement, service level agreements, service desk — is the lingua franca of IT operations in most large organizations. Even if you never pursue the certification, understanding ITIL concepts will help you communicate effectively with IT operations teams and interpret IT service reports. The ITIL content in the Governance Frameworks section provides an overview; these source materials let you go deeper.

Connects to: Governance Frameworks, Business Process Management, Frameworks Reference

7. NIST Cybersecurity Framework 2.0¶

Source: National Institute of Standards and Technology (NIST), U.S. Department of Commerce URL: nist.gov/cyberframework

The NIST Cybersecurity Framework (CSF) is a voluntary framework that provides organizations with a structured approach to managing cybersecurity risk. Version 2.0, released in February 2024, expanded the framework's scope and added a sixth function — Govern — to the original five (Identify, Protect, Detect, Respond, Recover). The entire framework, including implementation guides, quick-start guides, and reference tools, is freely available from NIST. The CSF is widely adopted across industries and is increasingly referenced by regulators, insurers, and business partners as a baseline for cybersecurity maturity.

Why it matters: The NIST CSF provides the most accessible and practical entry point for business leaders who need to understand how cybersecurity programs are structured. Its core functions (Govern, Identify, Protect, Detect, Respond, Recover) provide a mental model you can use to evaluate your organization's cybersecurity posture without deep technical expertise. This resource directly extends the Cybersecurity section of this primer.

Connects to: Cybersecurity, Data Governance, Governance Frameworks

8. TOGAF Standard (The Open Group)¶

Source: The Open Group URL: opengroup.org/togaf

TOGAF (The Open Group Architecture Framework) is the most widely used framework for enterprise architecture — the discipline of designing and managing an organization's overall technology landscape to ensure it aligns with business strategy. The Open Group provides free introductory materials, including overviews of the Architecture Development Method (ADM), the enterprise architecture domains (business, data, application, technology), and the TOGAF Library. The full standard is available to Open Group members, but the free resources provide a solid foundation for understanding how enterprise architects think about technology strategy.

Why it matters: Enterprise architecture is the discipline that connects technology decisions to business strategy at a structural level. Understanding the TOGAF domains (business architecture, data architecture, application architecture, technology architecture) gives you a vocabulary for discussing how systems fit together across the enterprise. This resource deepens the material in the Enterprise Architecture section of this primer.

Connects to: Enterprise Architecture, Governance Frameworks, Frameworks Reference

Practitioner Reading¶

These resources bridge the gap between academic frameworks and the realities of managing technology in organizations. They provide the perspectives, data, and debates that inform how senior leaders think about IT strategy.

9. "IT Doesn't Matter" by Nicholas Carr (Harvard Business Review, 2003)¶

Author: Nicholas G. Carr Publication: Harvard Business Review, May 2003

This article is arguably the most famous — and most debated — piece ever written about IT strategy. Carr argued that as information technology becomes ubiquitous and standardized (like electricity or railroads), it loses its power to provide competitive advantage. He concluded that companies should focus on reducing IT costs and risks rather than seeking strategic advantage through technology. The article provoked fierce responses from IT leaders and academics, including rebuttals from Microsoft, Intel, and leading IT scholars. The resulting debate — which continues today — crystallized fundamental questions about the strategic role of technology.

Why it matters: Regardless of whether you agree with Carr's thesis, engaging with this debate sharpens your ability to think critically about IT investment and strategy. The article forces you to articulate why technology creates value — is it the technology itself, or how organizations deploy and integrate it? Reading the original article alongside the published responses provides a masterclass in strategic IT thinking. This debate directly informs the IT-Business Alignment and IT Budgeting sections of this primer.

Connects to: IT-Business Alignment, IT Budgeting & Finance, Digital Transformation

10. McKinsey Digital Reports and Articles¶

Source: McKinsey & Company URL: mckinsey.com/capabilities/mckinsey-digital

McKinsey Digital publishes regular research on digital transformation, technology strategy, AI adoption, and IT operating models. Key publications include the annual "Digital Sentiments" survey of senior executives, deep-dive reports on cloud economics and AI implementation, and practitioner-oriented articles on topics such as tech talent management, agile at scale, and technology-driven business model innovation. The content is freely available and consistently combines rigorous research methodology with practical managerial recommendations.

Why it matters: McKinsey's research provides the data and case evidence that inform how C-suite executives and board members think about technology strategy. Their findings on digital transformation success rates (approximately 30% succeed), the organizational factors that drive success, and the financial impact of technology investments are widely cited in boardroom discussions. For MBA students, McKinsey Digital articles are valuable both as learning resources and as the kind of strategic analysis you may be expected to produce in consulting, strategy, and leadership roles.

Connects to: Digital Transformation, AI & Emerging Tech, C-Suite IT Roles, Make vs. Buy

11. Gartner Hype Cycle Reports¶

Source: Gartner, Inc. URL: gartner.com/en/research/methodologies/gartner-hype-cycle

The Gartner Hype Cycle is one of the most widely recognized tools for understanding how emerging technologies evolve from initial excitement through disillusionment to productive maturity. Each year, Gartner publishes Hype Cycle reports across dozens of technology domains (cloud computing, artificial intelligence, cybersecurity, digital workplace, and others), plotting individual technologies along a curve that progresses through five phases: Innovation Trigger, Peak of Inflated Expectations, Trough of Disillusionment, Slope of Enlightenment, and Plateau of Productivity. While the full reports require a Gartner subscription, the methodology overview and selected Hype Cycle graphics are freely available and widely reproduced in business media.

Why it matters: The Hype Cycle provides a shared vocabulary and visual framework for discussing technology maturity and adoption timing — critical capabilities for any business leader making technology investment decisions. Understanding where a technology sits on the Hype Cycle helps you calibrate vendor claims, set realistic expectations, and time investments appropriately. This resource complements the AI & Emerging Tech and IT Budgeting sections of this primer.

Connects to: AI & Emerging Tech, IT Budgeting & Finance, Cloud Computing

12. MIT Sloan Center for Information Systems Research (CISR) Publications¶

Source: MIT Sloan School of Management, CISR URL: cisr.mit.edu

MIT CISR has been the leading academic research center for IT management and governance for over four decades. Founded by Peter Weill (co-author of IT Governance, listed above), CISR produces research briefings, working papers, and executive education content on topics including IT governance archetypes, digital transformation strategies, data monetization, platform business models, and the future of the IT organization. Selected research briefings are available for free, with full access available through organizational membership. CISR's annual surveys of CIOs and IT executives provide some of the most reliable longitudinal data on enterprise IT trends.

Why it matters: CISR research is distinguished by its combination of academic rigor and practical relevance — their work is published in top academic journals but is written for and used by practicing executives. The governance archetypes and digital transformation maturity models developed at CISR are widely adopted by large organizations worldwide. For MBA students, CISR publications demonstrate what high-quality research-informed management practice looks like at the intersection of business and technology.

Connects to: IT-Business Alignment, Digital Transformation, C-Suite IT Roles, IT Governance

Online Courses & Learning¶

These resources provide structured learning opportunities for MBA students who want to build deeper technical fluency or pursue professional certifications in IT management and governance.

13. MIT OpenCourseWare — Information Technology Essentials¶

Source: Massachusetts Institute of Technology, OpenCourseWare URL: ocw.mit.edu

MIT OpenCourseWare offers free access to course materials from MIT's technology and management curriculum, including courses on information systems, IT infrastructure, data management, and technology strategy. Relevant courses include offerings from the MIT Sloan School of Management on IT management and digital business strategy, as well as more technical courses from MIT's Electrical Engineering and Computer Science department for students who want to build deeper technical fluency. Materials typically include lecture notes, readings, assignments, and in some cases recorded lectures.

Why it matters: MIT OCW provides graduate-level academic content for free, making it one of the highest-value learning resources available. For MBA students, the management-oriented IT courses complement this primer by providing additional depth, different examples, and rigorous academic framing. For students who feel their technical foundations are weak, the more technical offerings provide a structured path to building fluency without requiring enrollment in a degree program.

Connects to: Cloud Computing, Data Centers, Enterprise Applications, AI & Emerging Tech

14. Coursera and edX — IT Management Courses¶

Source: Various universities via Coursera and edX platforms URLs: coursera.org | edx.org

Both Coursera and edX host IT management courses from leading universities and technology companies. Notable offerings include the University of Virginia's "Digital Transformation" specialization on Coursera, the University of Minnesota's "Information Systems" specialization, Google's "IT Support Professional Certificate," and various cloud computing courses from AWS, Microsoft, and Google. edX offers the RIT MicroMasters in "IT Project Management" and courses on enterprise architecture and cybersecurity from top universities. Many courses offer free audit access, with paid options for certificates and graded assignments.

Why it matters: These platforms provide flexible, self-paced learning that allows you to fill specific knowledge gaps identified during the course. If a particular primer topic — cloud computing, project management, cybersecurity, or digital transformation — sparks your interest, these courses let you go substantially deeper with structured curricula, hands-on exercises, and assessment. The university-affiliated courses carry academic credibility, while the industry-provided courses (AWS, Google, Microsoft) offer practical, vendor-specific knowledge that is directly applicable in the workplace.

Connects to: Project Management, Digital Transformation, Cloud Computing, Enterprise Applications

15. ISACA Certifications (CISA, CISM, COBIT)¶

Source: ISACA URL: isaca.org/credentialing

ISACA offers several globally recognized professional certifications that are relevant to MBA students interested in IT governance, audit, and security:

• CISA (Certified Information Systems Auditor) — The gold standard for IT audit professionals. Covers IT governance, systems acquisition and development, IT operations, and information asset protection. Valuable for students interested in consulting, internal audit, or compliance roles.
• CISM (Certified Information Security Manager) — Focused on information security governance, risk management, program development, and incident management. Designed for managers rather than technical practitioners, making it especially relevant for MBA graduates.
• COBIT 2019 Foundation — Demonstrates understanding of the COBIT governance framework covered in this primer's Governance Frameworks section. A lighter certification than CISA or CISM, useful for establishing baseline governance knowledge.

ISACA provides free study resources, practice questions, and exam preparation guides for each certification.

Why it matters: While MBA students do not typically need IT-specific certifications, these credentials can differentiate you in roles that bridge business and technology — particularly consulting, internal audit, risk management, and IT leadership. Even if you do not pursue full certification, the study materials provide structured, comprehensive coverage of IT governance and security topics at a professional level. The CISM certification is especially worth considering for MBA graduates who plan to work closely with cybersecurity teams or serve on risk committees.

Connects to: Governance Frameworks, Cybersecurity, Data Governance, Frameworks Reference

How to Use This Reading List¶