This document discusses IT governance and its importance for top-performing enterprises. It notes that successful enterprises understand both the risks and benefits of IT, and find ways to align IT strategy with business strategy. Top areas of focus for IT governance include strategic alignment, value delivery, resource management, risk management, and performance measurement. The goal of IT governance is to ensure IT is managed responsibly and supports business goals, enables new opportunities, and delivers services efficiently while risks are known and managed.

1. IT GOVERNANCE
Santika Hayam Wuruk – 19 Nopember 2015

2. Does IT Matter?
“When a resource become essential to competition but
inconsequential to strategy, the risks it creates become
more important than the advantages it provides.”
“Worrying about what might go wrong may not be as
glamorous a job as speculating about the future, but it
is more essential job right now.”
“The key to success, is no longer to seek advantage
aggressively but to manage costs and risk
meticulously.”
Nicholas G. Carr – IT Doesn’t Matter
2

3. Characteristics of Top-Performing
Enterprises
 MIT/CISR research has shown returns up to
40% greater than competitors by firms that
 Clarify business strategies and the role of IT in
achieving them
 Measure and manage the amount spent on, and
the value received from, IT
 Assign accountability for the organizational
changes required to benefit from new IT
capabilities
 Learn from each implementation, becoming more
adept at sharing and reusing IT assets.
3

4. Characteristics of Top-Performing
Enterprises
 Successful enterprises understand the risks and
exploit the benefits of IT, and find ways to deal
with
 Aligning IT strategy with the business strategy
 Cascading IT strategy and goals down into the
enterprise
 Providing organizational structures that facilitate the
implementation of strategy and goals
 Creating constructive relationships and effective
communications between the business and IT, and
with external partners
 Insisting that an IT control framework be adopted and
implemented
 Measuring IT’s performance
4

5. IT Governance Maturity Model
5
Industri di
Indonesia
K/L

6. Corporate Governance & IT
Governance
Corporate Strategy,
Activity, Culture and
Behavior
Finance
Governanc
e
HR
Governance
IT
Governanc
e
Market and Customers,
Regulation,
Stakeholders,
Resources,
Competitors,
Technology
Risk &
Opportunity
Create
Manage
Risks
Realize
Opportunity
Corporate Governance
Realize
Opportunity
Manage
Risks
Drive and
Set
Implement using Implement using
Driver
Sales &
Marketing
Governance
6

7. IT Governance
 It is a board or senior management responsibility
in relation to IT to ensure that:
 IT is aligned with the business strategy, or in other
words, IT delivers the functionality and services in line
with the organisation’s needs, so the organisation can
do what it wants to do.
 IT and new technologies enable the organisation to do
new things that were never possible before.
 IT-related services and functionality are delivered at
the maximum economical value or in the most
efficient manner. In other words, resources are used
responsibly.
 All risks related to IT are known and managed and IT
resources are secured.
7

8. Value delivery
Focuses on ensuring the linkage of business and IT plans;
on defining, maintaining and validating the IT value proposition;
and on aligning IT operations with enterprise operations
Is about executing the value proposition throughout the delivery cycle,
ensuring that IT delivers the promised benefits against the strategy,
concentrating on optimising costs and proving the intrinsic value of IT
Is about the optimal investment in, and the proper management of,
critical IT resources: applications, information, infrastructure and
people. Key issues relate to the optimisation of knowledge and
infrastructure.
Requires risk awareness by senior corporate officers, a clear
understanding of the enterprise’s appetite for risk, understanding of
compliance requirements, transparency about the significant risks to
the enterprise, and embedding of risk management responsibilities in
the organisation
Tracks and monitors strategy implementation, project completion,
resource usage, process performance and service delivery, using, for
example, balanced scorecards that translate strategy into action to
achieve goals measurable beyond conventional accounting
Performance
measurement
Risk management
Resource
management
Strategic
alignment
IT Governance Focus Areas
8