What is IT Governance?
• Corporate governance
– Processes, customs, rules, procedures, policies, and traditions – Determine how to direct and control management activities • People involved in corporate governance
– Board of directors, CEO, senior executives, and shareholders • Interest in corporate governance has grown due to recent accounting scandals
Information Technology for Managers
1
What is IT Governance? (continued)
• IT governance
– Decision-making process
– Involves investments in IT
– Includes defining:
•
•
•
•
Decision-making process itself
Who makes the decisions
Who is held accountable for results
How the results of decisions are communicated, measured, and monitored
Information Technology for Managers
2
What is IT Governance? (continued)
• Primary goals of effective IT governance
– Ensuring that an organization achieves good value from its investments in IT
– Mitigating IT-related risks
Information Technology for Managers
3
What is IT Governance? (continued)
Information Technology for Managers
4
Ensuring that an Organization
Achieves Good Value from its
Investments in IT
• Many parts of the organization could not operate without IT
• Governance must be applied to the management of
IT
– Effective IT strategic planning process ensures close alignment between business and IT goals
– Apply good project management principles
Guide to Microsoft Virtual PC 2005 and Virtual Server 2007
5
Mitigating IT-Related Risks
• Use good internal controls and management accountability • Internal control
– Provide reasonable assurance for:
• Effectiveness and efficiency of operations
• Reliability of financial reporting
• Compliance with applicable laws and regulations
• Improper conduct of senior managers and failure to hold managers accountable can circumvent internal controls
Information Technology for Managers
6
Mitigating IT-Related Risks (continued)
• Rules and regulations
– Hold senior management accountable for the integrity of financial data and internal controls
• Accounting, consulting, and software firms can provide products and services
• Five key activities needed for effective IT governance Information Technology for Managers
7
Information Technology for Managers
8
Why Managers Must Understand IT
Governance
• Universal goal for businesses
– Leveraging IT to transform an enterprise and create value-added services, increased revenue, and decreased expenses
• IT-related initiatives are seldom simple and straightforward • Good IT governance
– IT organization is better aligned and integrated with the business – Risks and costs are reduced
– IT helps the company gain a business advantage
Information Technology for Managers
9
IT Governance Frameworks
• IT Infrastructure Library (ITIL)
– Provides best practices and criteria for effective IT services • Control OBjectives for Information and Related
Technology (COBIT)
– COBIT provides guidelines for more than 30 processes that span a wide range of IT-related activities • Frameworks are complementary, not competing
Information Technology for Managers
10
IT Infrastructure Library (ITIL)
• Set of guidelines initially formulated by the UK government – Widely used today throughout Europe and the
United States
• Standardize, integrate, and manage IT service delivery • Consists of five distinct volumes
Strategy and value planning
Roles and responsibilities of key players
Planning and implementing service strategies
Business planning and IT strategy linkage
Risks and critical success factors for implementing
ITIL
Information Technology for Managers
12
Control OBjectives for Information and
Related Technology (COBIT)
• Set of guidelines
• Goal
– Align IT resources and processes with business objectives, quality standards, monetary controls, and security needs
• Issued by the IT Governance Institute
– www.isaca.org/cobit.htm