IT Governance Today

IT Governance Today: A Practitioners Handbook

ALAN CALDER
Copyright Date: 2005
Published by: IT Governance Publishing
Pages: 168
https://www.jstor.org/stable/j.ctt5hh4sf
  • Cite this Item
  • Book Info
    IT Governance Today
    Book Description:

    IT governance is a board-led management framework - not a software 'solution' or a single, proprietary framework - for making IT an integrated, value-adding part of the business. IT Governance Today: A Practitione'rs Handbook proposes an integrated IT governance model that pulls together the key components of these frameworks into a single integrated model that overcomes the limitations of each, and creates a comprehensive tool that is truly capable of generating long-term business value.

    eISBN: 978-1-905356-03-4
    Subjects: Business, Technology

Table of Contents

  1. Front Matter
    (pp. 1-4)
  2. Table of Contents
    (pp. 5-8)
  3. PREFACE
    (pp. 9-10)
  4. CHAPTER 1: IT GOVERNANCE TODAY
    (pp. 11-23)

    A Google search on the term ‘IT governance’ produces a range of responses, all from companies who have either optimised their website using the key phrase ‘IT governance’ or who are running a ‘pay-per-click’ campaign using ‘IT governance’ as a key search terms. Here is the content of some of the pay-per-click adverts:

    IT Governance: Total solution with best practices, services and training (which is primarily a portfolio management tool that ‘ensures all IT investments align with overall business objectives’;

    IT Governance: naming some software products and taking the surfer directly to a ‘developerworks’ (whatever that is) full of downloadable...

  5. CHAPTER 2: IMPLEMENTING IT GOVERNANCE
    (pp. 24-34)

    Implementation of an IT governance framework is, conceptually, quite straightforward; it does, however, require substantial planning and detailed follow through if it is to be effective. This chapter provides an overview of the key steps, discusses the key initial issues whose resolution is essential to a successful implementation, and leads into the body of the book.

    Capability maturity models (‘CMM’) are a useful concept for considering how best to approach IT governance. CMM originated, with a strong focus on process maturity, in the quality management sphere, as part of a framework for quality improvement. CMM was used to describe typical...

  6. CHAPTER 3: IT MANAGEMENT STRUCTURE
    (pp. 35-51)

    The organizational position and role of the CIO (Chief Information Officer) first emerged in the 1980s and had become sufficiently well-established for there to be an adequate readership for CIO magazine when it was launched in 1988. As is sometimes the case, governments around the world took the initial steps to establish a role that has subsequently become widely performed in the private sector; private sector CIOs now take key commercial skills back to the public sector, where they gain new skill sets themselves, negotiating tough procurement contracts virtually in public, building management teams in difficult and sometimes bureaucratic circumstances....

  7. CHAPTER 4: ERM AND INTERNAL CONTROL
    (pp. 52-74)

    Enterprise risk management is a fundamental governance responsibility. The board has, depending on jurisdiction, either a fiduciary or both a fiduciary and a statutory duty to identify and manage enterprise risk. While enterprise risk management ought to be the responsibility of a corporate risk management team, the IT governance practitioner has three specific contributions to make to the risk management activity and, for that reason, needs to have a practical, high level understanding of the key risk management issues and concepts.

    While corporate governance is overtly concerned with board structure, executive compensation and shareholder reporting, the underlying assumption is that...

  8. CHAPTER 5: ENTERPRISE IT ARCHITECTURE
    (pp. 75-83)

    InIT Governance: Guidelines for Directorswe discussed the hierarchy of IT decision making, the importance of an enterprise IT architecture and the relationship between the enterprise architecture committee and the technology committee. This chapter looks in more detail at the role and work of the former.

    A key architectural debate that all organizations have to resolve is the postural one, the extent to which IT – as an infrastructure and as a functional department (or organization) is centralized or decentralized. The question as to whether or not IT (or parts of it) should be outsourced is entirely subsidiary to...

  9. CHAPTER 6: PROJECT GOVERNANCE
    (pp. 84-105)

    Project management should be, for almost every organization, a key competence. For many organizations, such as manufacturers and software developers for example, it is more than key; it is a fundamental, strategic competence. A core competence whose presence (or, more frequently absence) has such a major impact on the long term competitiveness of an organization deserves special attention from the board. It is a key component of an IT governance framework, and it had the whole of chapter six ofIT Governance: Guidelines for Directorsdevoted to it, as well as a part of chapter eight.

    Project governance is one...

  10. CHAPTER 7: IT GOVERNANCE METRICS
    (pp. 106-113)

    A fundamental aspect of any meaningful IT governance framework is the measurement of IT activity. Measurement of IT is also one of the many areas in which businesses have traditionally failed in their governance responsibilities. The Balanced Scorecard, which is now widely used in organizations across the world, can be extended to the IT function. In organizations that already use the Balanced Scorecard, this will not be a revolutionary step; organizations that do not currently use the Balanced Scorecard anywhere do not need to first deploy it in the business as a whole before applying it to the IT function....

  11. CHAPTER 8: IT PERFORMANCE MANAGEMENT
    (pp. 114-128)

    The introduction into any organization of an IT governance framework ought to bring three specific benefits:

    1. The reduction of IT-related risk, with a related improvement in project outcomes, information security and technology stability, all of which contribute to a more profitable, more effective enterprise;

    2. Integration – rather than just alignment – of IT with the business, so that IT contributes more significantly to the achieving the business goals; and

    3. Improved performance from the IT team, from the investment in technology and in IT services, which directly contributes to profit improvement through cost-reduction and better value for money.

    This chapter deals...

  12. CHAPTER 9: FRAMEWORKS
    (pp. 129-151)

    The point of departure for the IT governance journey is, usually, one the lower stages of the capability maturity model that was outlined in chapter two. Starting the journey does not require the immediate application of best practice throughout the organization. Indeed, an attempt to go too far, too fast can be ultimately destructive.

    Once started, progress up the maturity stages requires the progressive codification and formalisation of procedures, the adoption of best practice and the implementation of formal assessment, monitoring, review and continuous improvement practices. It is worth planning, from the outset, which third party frameworks (if any) will...

  13. CHAPTER 10: IT AUDIT
    (pp. 152-162)

    The reality of life in an IT-enabled organization, particularly for those who work in the IT unit, is that IT audits are inescapable. There are internal audits, external audits and audits designed to achieve specific external certifications. Audit preparation – by the unit that is to be audited – can require significant effort, ensuring that all systems are up to date and that the documentation is all present and correct. Audits are used by boards, regulators and outside organizations to uncover the facts and give them comfort about specific issues; they can, therefore, be uncomfortable for those being audited. On...

  14. FURTHER READING
    (pp. 163-164)
  15. USEFUL WEBSITES
    (pp. 165-168)