2. 1.0 ICT GOVERNANCE
ī§ The ability to direct and control the firm or organizationâs use of Information
Technology resources in line with its strategic goals.
ī§ ICT governance also address the description and implementation of structures,
processes, and relational mechanisms in a firm in order to enable both business
and IT professionals execute their function in support to business-IT alignment and
in the creation of business value within all IT enabled business investments.
4. ICT Governance
ī§ With relevance to the above diagram, it is clear that ICT governance acts as the
center pillar to standardizing business process and operations such that they all
align to the internal and external business regulation regulations and standards.
ī§ ICT governance;
īManage performance and creating value
īSpecifying the decision rights and an accountability framework to encourage
desirable behavior in the use of IT
5. Compliance Officers
ī§ They promote ethical conduct and compliance with regulations, rules, and standard
processes that govern how technology-based services organizations should
conduct business
ī§ They provide real time monitoring and correction of employee conduct and
operations.
ī§ Within an organization, compliance officers are specific to a unit of operations such
as the ICT department.
6. Compliance Officers: Roles and
Responsibilities
ī§ Compliance officers ensure there is an utmost focus on value creation efforts and
to better manage the performance of those responsible for creating this value in
the best interest of all stakeholders.
ī§ They have to ensure that business is conducted with full compliance to the national
and international laws and regulations within a specified industry or unit of
operations.
ī§ All professional standards, internal standards, and the accepted business practices
must be followed.
7. Compliance Officers: Roles and
Responsibilities
ī§ The responsibilities of a compliance officer can be defined within two levels of
operation:
īLevel 1: Compliance with the external rules that are imposed upon an organization
as a whole
īLevel 2: Compliance with internal systems of control that are imposed to achieve
compliance with the externally imposed rules.
8. ICT Compliance Officers: Roles and
Responsibilities
ī§ Within these different levels of operations, the ICT compliance officers are
expected to effect the following within the ICT department:
īMonitor adherence to policies and report on compliance activities
īWork with the business to remediate incidents of non - compliance
īMaintain regulatory awareness
īDevelop policy to support compliance
9. ICT Governance and Compliance Officers
ī§ When ICT governance is assigned with a mandated officer, this person is referred to as
the ICT compliance officer.
ī§ Within his clearance level, the ICT compliance office gains some operations powers
which include:
ī Inspection
ī Investigation powers
ī Surveillance powers
ī The imposition of corrective or remedial action
ī The imposition of penalties
ī§ These powers cut across all organizational processes that use and comprise
information technology.
10. ICT Governance and Compliance Officers
ī§ Therefore, the ICT compliance office is always on the look for risks to all IT-based
operations in order to impose the appropriate mitigation strategies.
ī§ The officers always match and contrast the following operationsâ factors whenever
searching for risks:
ī The nature of the operation
ī The diversity of its operations
ī The complexity of its business
ī The scale of its business
ī The volume of transactions
ī The size of the transactions
11. Value Creation by Compliance Officers
ī§ The roles and responsibilities of ICT compliance officers define their absolute
efforts in creating value within the organization.
ī§ The diagram below define the absolute position of an ICT compliance office within
the corporate governance structure.
12. Value Creation by Compliance Officers
Organizational value
creation
ICT
Compliance
Officer
Corporate
Manager
Corporate
governance
ICT governance
Timely risk
assessment
Timely risk mitigation
Operation compliance
with national and
international
standards
Insured data and
information
confidentiality
13. Value Creation by Compliance Officers
ī§ Second to the corporate managers, the ICT compliance officers are responsible in
supervising the efficiency in all IT-based organizational processes.
ī§ Therefore, any task completed by an ICT compliance equals to added value to the
overall operations of the organization.
ī§ These value creation practices include but not limited to:
īReporting institutional compliance with external business standards.
īEnsuring both internal and external business standards are effectively implemented.
īTimely reporting on risk assessment and risk mitigation measures.
īEnsuring organizational awareness to both internal and external business standards.
īMaintaining a hierarchical and confidential flow of information within the organization.
14. Value Creation by Compliance Officers
ī§ For this reason, the ICT compliance officers should bear the following skills:
īAbility to conduct governance, risk and compliance sessions
īExcellent written and verbal communications skills.
īAbility to feedback on governance, risk and compliance issues in a structured
manner
īDemonstrated initiative and commitment for results and the ability to set priorities
and manage multiple initiatives.
īAbility to adjust to changing priorities while multitasking effectively.
īTime Management
īSolid work ethic with attention to detail
15. Monitoring and Measuring Value Creation
ī§ The corporate managers or corporate governors are responsible for monitoring the
effectiveness of ICT compliance officers in affecting their roles within the
organization.
ī§ All the value creation practices assigned to the compliance officers are superseded
by the managers and implemented by the compliance officers.
ī§ Similarly, all milestones made in value creation are reported and approved by the
managers.
16. Monitoring and Measuring Value Creation
ī§ Measuring the ability of ICT compliance officers to affect value creation by other
corporate employees is based on the ability of these officers to efficiently complete
their tasks.
ī§ These include:
īTo maintain a low probability of insolvency.
īTo maintain a low probability to any consequential loss to an organization's
ultimate customers
īTo ensure the resolution of the position of any organization whose viability is
impaired, while protecting the interests of their customers to the maximum possible
extent.
17. Reference List
ī§ Burton, P., Wu, Y., & Prybutok, V. (2010). Social network position and its
relationship to performance of IT professionals. IEEE Computer Society, 7, 121-
137.
ī§ Dillardm, J. (2015). The data analysis process: 5 steps towards better decision
making. The big sky associates, 2(1), 1-18.
ī§ Henderson, K. J. (2012, April 30). Small Businesses: the Disadvantages of
Information Technology in Business. Retrieved March 11, 2016, from Demand
Media: smallbusiness.chron.com/âĻadvantages-information...
18. 2.0 COMMUNICATION IN ICT GOVERNANCE
ī§ Strategic communications planning refers to the process of driving alignment
between the communications function and the organizationâs core objectives.
ī§ The core relevance of the communications function is to contribute to the
organizationâs strategic value.
ī§ Therefore, effective communication strategy planning also lie as function of ICT
compliance officers.
19. Stakeholder groups in Organizational
Communication
ī§ The compliance officers need to adequately learn and understand their audience if
at all the communication strategies are to work effectively.
ī§ Any group influential individuals to the organizational matrix is considered as
stakeholders.
ī§ Whenever possible, the stakeholders should be involved in the planning process.
20. Stakeholder groups in Organizational
Communication
ī§ To better review and understand the strategic position and influence of each of the
corporate stakeholders, they are categorized into the following groups:
īPolitical stakeholders.
īEconomic Stakeholders.
īSocial stakeholders.
21. Stakeholder groups in Organizational
Communication
d
Stakeholder Groups in Organizational Comm.
POLITICAL
Government and
Political leaders,
City agency
representatives.
SOCIAL
Families,
Educators,
Directors of
community-based
organizations,
Cultural and ethical
groups, Healthcare
providers , Media
representatives,
Social services
agencies
ECONOMIC
Customers,
Suppliers,
Distributors,
Leaders in
business.
The stakeholder
groups can be
divided into:
22. Principles of Effective Communication Planning
ī§ The communications strategy is basically the heart of strategic communications
planning.
ī§ This implies that the ICT officers will require sound guidelines to guide them while
developing effective communications strategies.
ī§ Below are the major governing principle in developing sound communications
strategies:
23. Principles of Effective Communication Planning
i. Communications should be designed to deliver a measurable result.
ii. Effective communications does not happen by accident but by planning.
iii. Communications should be focused on results rather than on activity.
iv. Communications is a support function and thus must support and propel
organizational objectives and mandate.
v. Communications should be planned from inside out.
24. ICT Compliance in Effecting the
Communications Strategy
ī§ ICT compliance officers are tool to effecting value creation in the best interest of all
stakeholders.
ī§ This makes creating and overseeing effective communications strategies their
primary concerns.
ī§ Below are some of the best practices that ICT compliance officers may engage in
to ensure that the communications strategies are on point to organizational value
creation:
25. ICT Compliance in Effecting the
Communications Strategy
i. Set clear and measurable objectives.
ii. Initiate and drive alignment.
iii. Set oneself up for success.
iv. Focus on the audience.
v. View messaging as the core product.
vi. Design and implement the tactical mix strategy.
vii. Measure, refine, and report on the effectiveness of the various communications
strategies.
26. Steps in Effective Communications Planning
Based on the above
principles, the figure on
the side can summarized
the primary steps
involved in developing
effective communications
strategies (Henderson,
2012).
27. Messaging in Communications Planning
ī§ Fundamentally, communication is all about bringing the organizational message to
life.
ī§ Compliance officers should invest more time in crafting a powerful message
architecture.
ī§ The message should be deliberately crafted through audience-centric approaches
with an outside-in thinking structure.
ī§ Therefore, the officers must clearly know and understand their audience or the
stakeholders.
28. Key Communication Messages to Address
ī§ Key messages include what the stakeholders should know and understand about
the organization.
ī§ Identifying and clearly defining the key messages help avoid confusion within
stakeholders in understanding the organization.
ī§ Key Messages should be repeated in all organizational communications and to all
stakeholders.
29. Key Communication Messages to Address
ī§ Given the above requirements, the key messages should be:
īFlexible. Such that they are easy to adapt in a campaign situation.
īPersistent but respectful.
īClear and concise. They should be sent out along with clearly written executive
summaries and factsheets.
30. How to Message the Stakeholders
ī§ Given the diversity in stakeholders base, the compliance officers need to select the
most appropriate communications strategy.
ī§ The strategy should be comprehensive enough.
ī§ It should feature a diversity of audience-appropriate programs and resources.
ī§ Below include some of the models that can be used on a real-life situation to
achieve the highest stakeholder coverage during organizational communication:
31. How to Message the Stakeholders
īLeverage the media to provide editorial coverage of the issue and the ongoing
programs
īOutreach to grassroots organizations and nonprofit groups with a vested interest in
OST programs
īUse key influencers to help deliver the messages, through community forums,
media opportunities and organized events
īCreate direct mail pieces that can be distributed to your target audiences
īLeverage the internet for outreach to and education of your audiences
īUse local businesses that reach the community to help deliver messages
32. Conclusion
ī§ Organizational communication is a very crucial element in ICT governance .
ī§ Communications planning should be done to effect successful ICT governance.
ī§ The communications strategy is basically the heart of strategic communications
planning.
ī§ The compliance officers need to adequately learn and understand their audience if
at all the communication strategies are to work effectively.
33. Reference List
ī§ Carillo, J. (2013) âIT Policy Framework based on COBIT 5â, Governance and
Management of Enterprise IT, ISACA Journal p.24.
ī§ Dillardm, J. (2015). The data analysis process: 5 steps towards better decision
making. The big sky associates, 2(1), 1-18.
ī§ Lallana, E. (2010), ICT for Development policy, process and governance, Briefing
Note 2, United Nations Asian and Pacific Training Centre for ICT for Development,
January 2010.
ī§ Miller, K. (. (2012). Organizational Communication: Approaches and Process (Sixth
edition ed.). Boston, MA, USA: Wadsworth.