IT Governance guides activities to follow strategy and ensures policies are followed (IT Governance Institute, 2007).
The Role of IT Governance:
In my opinion: Once an IT strategy and policy have been established, it is the role of governance to ensure that the company’s practices serve its strategy and follow its policy.
- Select framework- A governance framework should be selected based on the needs of the individual organization. What works/worked for one organization may be a complete fail for another organization. The best way to select a good framework is to research them- CoBIT, ITIL, CMMI, COSO.
- Use Best Practices- researching and using best practices for various procedures can create a more effective IT governance.
- Integrate business with IT- it is important to utilize some business processes when governing IT practices. It is also important to communicate with other business areas to effectively integrate business.
- Auditing- It is important to occasionally audit processes to ensure that the expectations and objectives are being met. (IT Governance Institute, 2007).
- Risk Management- an important part of IT Governance because risks always need to be identified, assessed, and prioritized. Governance needs to oversee this area to try to decrease, as much as possible, the chance of the risk occurring (Investopedia, n.d.).
- “Measure Performance and Value Delivery- When making someone accountable for their actions it is important to keep track of performance and value delivered by employee in order to offer praise and encouragement. Measuring performance outcomes quantitatively also creates visibility with how an area is performing and what can be done to optimize that area” (Varner, n.d.).
- Manage Resources- “One way to manage resources more effectively is to organize your staff more efficiently—for example, by skills instead of by line of business. This allows organizations to deploy employees to various lines of business on a demand basis” (Schwartz, 2007).
- Use Scorecards- The scorecard is important “to report the data of the key performance indicators (KPIs) and track your performance against the monthly targets” (Olsen, n.d.).
Tools, Techniques, Best Practices:
- CoBIT- As stated by the IT Governance Institute, COBIT emphasizes regulatory compliance, helps organizations to increase the value attained from IT, enables alignment and simplifies implementation of the enterprises’ IT governance and control framework (IT Governance Institute, 2007).
- ITIL- IT Infrastructure Library includes best practices for alignment of IT and the business processes. This is an important part of governance because the governance has the responsibility of ensuring that the IT and business are properly using best practices especially when looking at strategic goals (Wikipedia, 2014).
- Diagnostic Tools- “Diagnostic tools are useful for attracting management’s attention and raising their awareness by analyzing, understanding, documenting and communicating important aspects of the organization’s IT control environment, current management concerns and risks” (Kordel, n.d.).
- Structural and Process Components- “There is a structural component that pertains to the organization’s information technology activities, the way those activities support the goals of the business, and the people who help manage those activities. There is also a process component that defines the decision-making rights associated with IT as well as the mechanisms and policies used to measure and control the way IT decisions are made and carried out within the organization.” (Shuptar, 2012).