Thursday, September 1, 2016

The Importance of IT Governance

Gartner defines IT Governance (ITG) as "the processes that ensure the effective and efficient use of IT in enabling an organization to achieve its goals." ITG ensures that the IT organization operates in an effective, efficient and compliant fashion. This includes processes for project prioritization & management, product selection, systems implementation, IT security, oversight & review and even funding.

From the perspective of the IT users within an organization, IT governance is often seen as an unnecessary set of procedures set by senior management that hinders the productivity of the organization. While IT governance does represent a set of management standards and policies to be followed, at its core IT governance is primarily concerned with the alignment of the goals and objectives of the business with the utilization of its IT resources to effectively achieve the desired results. The end result of good IT governance is that it aligns your business strategically to support the growth of the IT enterprise architecture so that it delivers consistent and improved business value. In contrast, poor IT governance can lead to wasted resource efforts, bureaucracy, lower morale, reduced financial performance, and expose an organization to IT security issues.

Characteristics of Good IT Governance
  • IT investments and decisions are assessed in a similar manner to business investments and decisions. This means there is top management participation in key IT decisions. There is oversight of IT investments, and a steering committee of executives are held accountable for realizing benefits.
  • IT is an essential part of corporate planning and strategic planning. IT understands the business dynamics and contributes to the development of the business strategy. IT and business work together to identify opportunities and improve efficiencies.
  • Top IT risks are considered within the entire enterprise risk management framework. Risks such as data protection, IT security and business continuity receive periodic steering committee review.
  • IT performance is regularly reviewed and compared with industry best practices.
  • How decisions are made and why is well understood. Expectations and outcomes are clearly communicated to the stakeholders. Formal exception processes are documented to promote transparency.

As business organizations are becoming increasingly dependent on IT, there is growing recognition that IT governance is an essential part of the overall corporate governance. Alignment between IT and business strategy, as well as between IT and business governance, must develop and remain strong.

Click here to contact me regarding this or any other blog post.
David Schuchman

1 comment:

  1. David, this is a timely post as governance encompasses many facets in the IT area. Not to mention Sarbanes Oxley, HIPAA, etc. Good article.


I encourage you to add your comment to this post...