All analysts agree at present that probably the biggest risk and worrying to Top Management today is failing to align IT to real business needs and a failure to deliver value to the business. It is being recognized that IT has a pivotal role to play in improving corporate governance practices, because critical business processes are usually automated and directors rely on information provided by IT systems for their decision making.
CIO’s must balance among many competing priorities:
- Maximize return: improve business results, grow revenue and earnings, cash flow, reduced cost-of-operation
- Increase agility: enable the business organization and operations to adapt to changing business needs
- Mitigate risk: ensure security and continuity of internal business operations, while minimizing exposure to external risk factor
- Improve performance: improve business operations performance end-to-end
across the enterprise, Increase customer and employee satisfaction
What is IT Governance?
IT governance is the formal process (decision rights framework & mechanisms) of defining the strategy (vision, value proposition , resource commitments , change management) of the IT organization and overseeing its execution (aligned with the enterprise strategy, including other key asset strategies) to achieve the goals of the enterprise translating them into aligned, tactical and operational plans , implementing closed-loop monitoring & control and guaranteeing accountability & regulatory compliance.
Why is IT Governance important?
IT Governance has become very topical for a number of reasons:
- Management’s awareness of IT related risks has increased.
- There is a focus on IT costs in all organisations.
- It’s mandatory to address decision-making accountability and definition of user and provider
relationships - There is a growing realization that more management commitment is needed to improve the management and control of IT activities
- Enables an integrated approach to meeting external legal and regulatory
requirements
IT Governance covers the culture, organisation, policies and practices that provide this kind of oversight and transparency of IT. IT Governance is part of a wider Corporate Governance activity but with its own specific focus.
The benefits of good IT risk management, oversight and clear communication not only reduce the cost and damage caused by IT failures but also engenders greater trust, teamwork and confidence in the use of IT itself and the people trusted with IT service.
What does IT Governance cover?
IT Governance spans the culture, organisation, policy and practices that provide for IT management and control across five key areas:
- Alignment : provide for strategic direction of IT and the alignment of IT and the business with respect to services and projects.
- Value Delivery : confirm that the IT/Business organisation is designed to drive maximum business value from IT. Oversee the delivery of value by IT to the business, and assess ROI.
- Risk Management : ascertain that processes are in place to ensure that risks have been adequately managed. Include assessment of the risk aspects of IT investments.
- Resource Management : provide high-level direction for sourcing and use of IT resources. Oversee the aggregate funding of IT at enterprise level. Ensure there is an adequate IT capability and infrastructure to support current and expected future business requirements.
- Performance Measurement : verify strategic compliance (i.e. achievement of strategic IT objectives). Review the measurement of IT performance and the contribution of IT to the business (i.e. delivery of promised business)
Critical factor of IT Governance
- Clarity of Purpose
- Senior Management Commitment
- Management of Business Change
- Focus, execute and enforce
- Measure achievable targets and expectations
- Don’t over-engineer IT Governance
- Evolution not revolution
How to implement IT Governance
Alessandro Siani IT Governance & Management Specialist 