What is information technology
Why IT Governance
Who benefits from IT governance
Areas of IT governance
Rules and regulation
Advantages and disadvantages
What is Information Technology?
It refers to creation, gathering, processing, storage
and delivery of the information and processes and
devices that make it possible.
It processes raw data.
It can package information in new form so that it is
easy to understand and attractive.
It deals with the use of computers and computer
software to convert, store, protect, process, transmit,
and securely retrieve information.
of the leadership, organizational structures and
processes that ensure that the enterprise’s information
technology sustains and extends the organization’s strategies
Safety of the commonwealth, duty to our principals, and to each
other requires that we adhere, and be seen to adhere, to the
highest ethical standards of behavior.
It can be classified as running the business of IT vs running the
technology by setting the rules and assuring that they are
Ethical responsibility of the stakeholders.
• Principal – Business
• Commonwealth – People
• Each other - Reputation
Why IT governance?
Why IT governance ?
Direct impact on business performance
Who benefited from sustainable
and effective IT governance?
What Executives get?
What mid level business manager get
what senior it manager get
What program /project and operation
• What everyone gets
According to the IT Governance Institute, there are five areas of focus:
Strategic alignment: Linking business and IT so they work well together.
Value delivery: Making sure that the IT department does what’s necessary to
deliver the benefits promised at the beginning of a project or investment.
Resource management: One way to manage resources more effectively is to
organize your staff more efficiently. This allows organizations to deploy
employees to various lines of business on a demand basis.
Risk management: Instituting a formal risk framework that puts some rigor
around how IT measures, accepts and manages risk, as well as reporting on
what IT is managing in terms of risk.
measures: Putting structure around measuring business
performance. One popular method involves instituting an IT Balanced Scorecard,
which examines where IT makes a contribution in terms of achieving business
References that are useful guides to the implementation of information technology
AS8015-2005 Australian Standard for Corporate Governance of Information and
ISO/IEC 38500:2008 Corporate governance of information technology, provides a framework
for effective governance of IT to assist those at the highest level of organizations to
understand and fulfill their legal, regulatory, and ethical obligations in respect of their
organizations’ use of IT.
COBIT (Control Objectives for Information and related Technology) world's leading IT
governance and control framework. COBIT provides a reference model of 34 IT processes
typically found in an organization.
ITIL (IT Infrastructure Library) is a high-level framework with information on how to achieve a
successful operational Service management of IT, developed and maintained by the United
Kingdom's Office of Government Commerce, in partnership with the IT Service Management
ISO/IEC 27000-series - focus on Information Security
CMM - The Capability Maturity Model: focus on software engineering
TickIT - a quality-management certification program for software development
Non-IT specific frameworks of use include:
The Balanced Scorecard (BSC) - method to assess an organization’s performance in many
Six Sigma - focus on quality assurance
TOGAF - The Open Group Architectural Framework - methodology to align business and IT,
resulting in useful projects and effective governance.
More control over priorities
Critical mass of skills
Improved visibility into cost
More responsive to diverse needs
Business Unit Autonomy
Typically higher cost
Less responsive to owners and business units
No business unit ownership
Not aligned to business
Learning and Implications
Cost effective service Delivery
Value creation and Capture
Calculating the cost effectiveness
Benchmarking against the best peers
Communicating the structures and changes throughout the
Quick Flow of data throughout the organization