The document discusses the critical importance of IT governance in aligning IT strategies with business objectives and mitigating risks associated with IT projects, citing statistics on project failures due to poor ownership and management involvement. It emphasizes the need for a structured governance framework, such as COBIT 5, to enhance accountability and optimize IT resource usage. Key success factors identified include board commitment, transparency, and strategic alignment within IT management practices.

1. Governing IT
Do or Die?
Eryk Budi Pratama
Advisory Consultant
KPMG
23 Feb 2019
Executive Briefing for CISA, CISM, CRISC Program
@Binus JWC

2. Is IT works as needed?

3. IT Project Management Failure
46% of CIOs say that one of the main reas
ons IT projects fail is weak ownership.
Source: The Harvey Nash/KPMG CIO Survey, 2017
33% of IT projects fail because senior
management doesn’t get involved
and requirements/scope change
mid-way through the project.
Source: A Replicated Survey of IT Software Project Failu
res by Khaled El Emam and A. Güneş Koru, 2008
40% of CIOs say that some of the main
reasons IT projects fail is an overly
optimistic approach and unclear
objectives.
Source: The Harvey Nash/KPMG CIO Survey, 2017

4. Business Expectations of IT
What does management expect from IT?
How to be sure everything works as needed?
What is an IT at all?
How to use it?
How to manage it?
How to measure results?

5. Key Risk
Misalignment between IT and Business
Time and budget overruns
Ineffective IT Investments
Ineffective IT systems usage

6. What is IT Governance?

7. Definition and Coverage
IT governance is the responsibility of the board of directors and executive
management. It is an integral part of enterprise governance and consists of the
leadership and organisational structures and processes that ensure that the
organisation’s IT sustains and extends the organisation’s strategies and objectives.
Source: IT Governance Institute
 Strategic Alignment
Aligning with the business and providing collaborative solutions
 Value Delivery
Executing the value proposition throughout the delivery cycle
 Risk Management
Safeguarding assets, disaster recovery, and compliance
 Resource Management
Optimising the development and use of available resources
 Performance Measurement
Monitoring results for corrective action

8. COBIT 5 as IT Governance Framework

9. Why IT Governence is
important?

10. IT Governance Importance
In the wake of Enron and other corporate scandals, “Governance” generally
has taken on even greater significance. IT has a pivotal role to play in
improving corporate governance practices.
Management’s awareness of IT related risks has increased.
There is a focus on IT costs in all organisations.
There is a growing realization that more management commitment is
needed to improve the management and control of IT activities
Source: National Computing Center: Developing a Successful Governance Strategy

11. IT Governance Driver
Source: IMPACT’s IT Governance Special Interest Group (SIG)
general lack of accountability and not enough shared ownership
gap between what IT departments think the business requires and vice
versa
value delivered by IT , both internally and from external suppliers.
infrastructure underpinning today’s and tomorrow’s IT (technology, people,
processes) is capable of supporting expected business needs.
management needs to be more aware of critical IT risks
how is my organisation doing with IT in comparison with other peer groups

12. Case Study
“Owned-state company”

13. Summary
Drivers
• PER-02/MBU/2013
• POJK Nomor 38/POJK.03/2016
Review Area
Audit
Report
POJK
Review
ITSP
COBIT 5
Capa-
bility
COBIT
5
Map to
COBIT 4
Road-
map
Risk
Profile
Other
docs
Methods

14. Approach
Levels and Necessary Ratings
Scale Process Attributes Rating
Level 1 – Performed Process Process Performance Largely or fully
Level 2 – Managed Process Process Performance
Performance Management
Work ProductManagement
Fully
Largely or fully
Largely or fully
Level 3 – Established Process Process Performance
Performance Management
Work ProductManagement
Process Definition
Process Deployment
Fully
Fully
Fully
Largely or fully
Largely or fully
Level 4 – Predictable Process Process Performance
Performance Management
Work ProductManagement
Process Definition
Process Deployment
Process Measurement
Process Control
Fully
Fully
Fully
Fully
Fully
Largely or fully
Largely or fully
Level 5 – Optimizing Process Process Performance
Performance Management
Work ProductManagement
Process Definition
Process Deployment
Process Measurement
Process Control
Process Innovation
Process Optimization
Fully
Fully
Fully
Fully
Fully
Fully
Fully
Largely or fully
Largely or fully
Top Down Bottom Up

15. Result
Point of improvement in several process (12 process)
Improve capability level from partially to fully for Level 1
Alignment between our recommendation and client’s action plan
Alignment between assessment report to IT Strategic Plan
Board of Director commitment to conduct regular assessment

16. Key Success Factor?

17. Key Success Factor
BoD Commitment
Stakeholder Transparency
Strategic Alignment
Portfolio/Program/Project Management
Implement, Monitor, and Control IT Governance Framework
Make it your KPI !!
“First rule of IT governance: To cut costs, align business and IT”
Source: Techtarget – First Rule of IT Governance

18. Thank You
eryk.pratama@gmail.com
https://proferyk.blogspot.co.id