2. What is IT Governance?
Structure to help align IT strategy with business strategy
According to ITGI, there are 5 areas of focus:
Strategic alignment
Value delivery
Resource management
Risk management
Performance measures
3. Why is IT Governance
important?
Compliance with regulations
Competitive advantage
Support of enterprise goals
Growth and innovation
Increase in intangible assets
Reduction of risk
4. Who is involved?
Team leaders
Managers
Executives
Board of Directors
Stakeholders
5. IT Governance Framework
(ITGI)
Set Objectives
v IT is aligned with the business
v IT enables the business and
maximizes benefits
v IT resources are used responsibly
v IT-related risks managed
appropriately
Provide
Direction
Compare
Measure
Performance
IT Activities
v Increase automation (make the
business effective)
v Decrease cost (make enterprise
efficient)
v Manage risks (security reliability
and compliance)
7. Aligning IT and Business Strategy
Corporate Mission – Business Goals – IT Strategy
Requires involvement from many levels and activities
within the enterprise.
Lack of alignment leads to adverse business issues.
Strong IT Governance contributes toward proper
alignment.
8.
9. Ensuring Value and Effectiveness
IT issues are the least understood, despite increasing
reliance placed on IT.
Initiate IT governance structures with the right level of
executive involvement.
Board of Director’s require essential IT related skills
10. IS Governance
Consists of leadership, organizational structures and
processes that safeguard information.
Security over information assets.
Benefits of IS Governance.
IS is a top-down process.
11. Measuring IT Governance
Performance
Measuring IT performance is a key concern as it
demonstrates the effectiveness and added business
value of IT.
Commonly seen as the IT “Black Hole” – costs
continually rise without clear evidence of value derived
from the IT function.
Traditional performance measurement methods require
monetary values which are hard to apply to IT systems.
13. IT Balanced Scorecard
One of the most effective means to aid an
organization in achieving IT and business
alignment.
Provides a systematic translation of the IT strategy
into tangible success factors and metrics.
Gives a balanced view of the value added by IT to
the business.
Calculating the value of IT investments is a
business issue for which business managers are
ultimately responsible for.
15. Harley Davidson IT
Harley Davidson is the oldest producer of motorcycles
and has achieved 20 consecutive years of record
growth. Until 2003, Harley Davidson focused solely on
manufacturing and selling high quality motorcycles.
They realized that for continued growth, they must unite
management and the IT and Audit functions with a common
governance while maintaining their unique company culture.
16. •Until 2003, Harley Davidson had limited IT controls in place and the
employees had limited knowledge of control and risk.
•There were limited: Standardized user access processes, change
management processes or backup and recovery processes.
•Harley Davidson created a new IT compliance department to manage
control and risk in the company.
•This department implemented the COBIT framework to focus on key
value areas of the business.
•Switched to a broad control framework rather than continually raising
the bar.
17. COBIT – Control Objectives for Information and Related Technology
Harley Davidson chose COBIT because
•An internationally accepted standard for IT governance and control
•Provides a common language for management, end users and IT audit
professionals
•A means for benchmarking controls compliance
•Low implementation cost
•Cohesiveness with other standards
•External auditor signed off on the framework
It was important for management and IT to understand the importance of
effective, value-focused controls.
By focusing on IT business value and their control needs, COBIT provided a
tool to spur internal change while maintaining their position as an industry
leader.