IT Governance, o Why is It Important? o Do you understand what it is?

IT Governance

  • Why is It Important?
  • Do you understand what it is?

I have often been talking with clients and business associates on how things are tracking and their various level of success in the area of IT operations, Projects, and Business As Usual activities, frequently the subject of Governance will come into conversation.

  • “The key to our success is governance”
  • “How do I know if my group is complaint to IT Governance standards?”
  • “What we are really missing is good, solid governance”
  • “We would be doing better if we only had good governance”

Does everyone in your organization understand what IT Governance is in reality?

First let’s look at “Governance”

If you have a look at most dictionaries, they tell you that governance would be defined as ‘establishing chains of responsibility, authority, and communication to empower people’.

If you conduct a little more detailed search, you will find something along these lines; the key words reveals these additional details.

  • Governance includes
    • Responsibility – being held accountable for a specific duty, task, or decision;
    • Authority – the power to influence behaviour;
    • Communication – exchanging information;
    • Empowering – giving an individual authority to act.

Another term often used to describe the above meanings is to use a “R.A.C.E Matrix

Which is a chart or grid format document that explains who is has for Responsibility, Accountability, Communication, Empowerment.

Governance also involves establishing measurement and control mechanisms to enable people to carry out their roles and responsibilities. Using this definition as a guideline, the goal of governance is to ensure the results of an organisation’s business processes meet the strategic requirements of the organisation.

Now let’s look at IT Governance

Based on the above concepts, IT governance can be described as having two distinct components. There is a structural component that pertains to the organisation’s information technology activities, the way those activities supports the goals of the business, and the people who help manage those activities. There is also a process component that defines the decision-making rights associated with IT as well as the mechanisms and policies used to measure and control the way IT decisions are made and carried out within the organisation.

Now to make this all effective you need to create a structure and or plan. Best of Practice now dictates that an organisation needs to design and implement an IT Governance Framework.

Its primary objectives are too

  • Underpin and enable the organisations Business Strategy & Corporate Governance.
  • Enable Regulatory & Legal compliance
    • Enable implementation of Technology Trends ( Best Practice Standards & Processes)

IT Governance Framework has 2 core components;

  • IT GOVERNANCE: Mission, IT and Business Alignment – Portfolio Management – IT Risk Management – Policy
  • IT STRATEGY & PLANNING: Planning – Sourcing – Human Resources – Asset Management – Organisation & Structure – Budgets, Metrics & Controls

It’s widely accepted today that IT Governance is managed by the business itself, which some may agree or disagree, however it must be acknowledged that at corporate level there is a Governance structure that provides an overarching framework on how the organisation operates its various business units or departments, providing alignment to its mission and vision, its actual business strategy, planning, sourcing, controls & metrics, policies and procedures etc.

Therefore an IT Governance Framework will contain an alignment to these objectives and goals. It is also the critical enabler for the Business Strategy o Vision. IT capability is a critical success component for the Business Strategy.

The following diagram shows how these all relate and function.


What IT governance seeks to achieve?

IT governance creates clarity between business goals and IT projects.  To reaffirm this statement, go back to my initial statements at the start of this article –

  • “The key to our success is governance”
  • “How do I know if my group is complaint to IT Governance standards?”
  • “What we are really missing is good, solid governance”
  • “We would be doing better if we only had good governance”

Hopefully you now are starting to see why these statements ring true. IT governance is a critical component to having a well-performing IT organisation.

The following are some additional explanations to, what is IT governance?

 IT governance is:

  • Having clarity around the organisations business strategy and successfully aligning the technology strategy to the business strategy
  • Being able to clearly show alignment between the business strategy and the IT initiatives – by mapping the
    links between business objectives and project objectives
  • Facilitating best practice for each initiative by using a business case to show a project will improve business capability
  • Facilitating agreement on priorities for the business or organisation – as a group looking at the entire enterprise
  • Attaining agreement on which priorities should finish first
  • Effective resource management – by understanding the resources necessary to accomplish the initiatives – good governance establishes priorities on resources – both human and financial. Having capital funds is not enough, having the people is usually more difficult

IT Governance Structure:

The structure of your IT Governance and its Framework is also critical. There are in principle, 5 key functional area’s and 3 key non-functional.

Functions Groups are

  •   Technology Planning
  •   Emerging Technologies
    •   Standards
    •   Design & Management
    •   Software, Security & Infrastructure
    •   Vendor & Product selection
    •   Integration & Consolidation
Project Management:

  •   PMLC – Project   Management Life Cycle
    • Initiating
    • Planning
    • Executing
    • Controlling
    • Closing
Project Management:

  •   SDLC – Systems   Development Life Cycle
    • Design
    • Acquire / Build
    • Test & QA
    • Data conversion
    • Implement /   Deploy
    • Support /   Maintain
    • Project Risk   Review
    • Post   Implementation Review
Applications & Databases

  •   Change Management
    •   Applications, Databases & Infrastructure
    •   Change prioritisation
    •   Documentation, Approval & Tracking
    •   Acquire & Build
    •   Test & QA
    •   User Acceptance
    •   Approval to transfer to production
Applications & Databases

Emergency Changes

Patch Management

Configuration   Controls

Data Quality   & Integrity

Interface Validation   & Integrity


  •   Data processing
    •   Batch scheduling
    •   Online Processing
    •   Application /   Database Mgt
      •   Capacity
      •   Availability
      •   Performance

  •   Data Retention /   Backup
    •   Scheduling
    •   Processing
    •   Offsite Storage
    •   Retrieval & Restoration
    •   Storage management
    •   Facilities   Management

  •   Problem   Management
  •   Incident Response
  •   Service Level   Management
  •   Vendor / Third   party Mgt

  •   Help Desk
  •   User Awareness   & Training
  •   End-User   Computing
  •   Software   Licensing
Non Functions Groups are
Enterprise Security

  •   Configuration Mgt
  •   Identity &   access Mgt
  •   Threat &   Vulnerability Mgt
  •   Awareness  & Training
  •   Compliance
  •   Privacy
  •   Physical Security
Disaster Recovery

  • Business Impact Assessment
  • Planning
  • Communications / Crisis Management Plans
  • Testing
  •   Ongoing Maintenance   / Upgrades

  •   Operating Systems
  •   Database Structure
  •   Network (Int. & Ext.)
  •   Hardware
  •   Locations
  • Tools (E-mail, EDI, Messaging, etc)


The Diagram below provides a visual overview of how a IT Governance Framework links together – generic guide only

IT Governance Framework


This entry was posted in Business, Research and tagged , , , , , , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s