iT Governance discussion on LinkedIn

A2“IT Governance, is a subset discipline of Enterprise Governance focused on Information Technology and their performance and risk management”. It can be also define as “the leadership and organisational structures and processes that ensure that the organisation’s IT sustains and extends the organisation’s strategies and objectives”. Proper IT Governance is required for compliance. 

The characteristic theme of IT governance discussions are - 
1. IT capability can no longer be a black box. 
2. Traditional involvement of board-level executives in IT issues was to defer all key decisions to the company’s IT professionals. 
3. IT governance implies a system in which all stakeholders, including the board, internal customers, and in particular departments such as finance, have the necessary input into the decision making process. 

Major advantages of IT Governance are - 
1. This prevents IT from independently making and later being held solely responsible for poor decisions. 
2. It also prevents critical users from later complaining that the system does not behave or perform as expected, as explained in the Business Requirement. 

It should align properly with the business and act as a positive catalyst. This is the right way to do it. 

Since today IT is the backbone of any business it is equally important as Enterprise Governance. IT Governance is an undividable part of Enterprise Governance. With the time it’s become more and more mature. 

I consider CobiT as an IT Governance Framework. 

The question of paying consultant \professional for IT Governance completely depends on company strategy. You can always take the help from third party consultants but it is highly recommended to have an in-house dedicated team which is the key factor for the success. Team includes champion (i.e. leader), board members, implementers, responsible managers, internal auditors and others as required.

A3The is a much shorter and simpler answer: 

Enterprise IT Architecture Framework is (or should be) responsible for who is doing what, why, when, where and how. 

Enterprise IT Governance Framework is (or should be) responsible that all this is really happening as planned.

A4Governance is the body of rules, agreements and standards that defines the interaction between people, departments, roles and functions with your organisation. 
The frameworks you mention all deal with specific areas or levels of governance within an organisation. For instance ITIL focuses on IT Operations and Prince on project management. 
An IT governance consultant (who might actually be an IT Strategist or Enterprise Architect) would be able to select and situate the most useful existing frameworks within an overall governance framework that reflects your business environment.

A5don’t pay through the nose for expensive stuff you don’t need. I can teach you simple ways to do “IT governance” with slightly modified existing forum and wiki. The heart of the matter is smart methodology, not expensive software. 

Then, if you got more money, I can design and project manage building of a custom system for $5K that will be lightyears ahead of anything that’s on the market. Then we sell this system to other people and you/your company gets half the profits. How does that sound?

A6Check out the definition by Weill & Ross, who emphasize that IT governance is about the framework to ensure the proper use of IT, explicitly naming culture as important. 

Also: check ISO38.500 (ISO standard for IT Governance). 

Regards, 

Michiel

Links:

• http://delicious.com/Getronics01

A7The definition of governance has not changed. It is the actions you take and the associated ability to demonstrate that you are exercising control over your activities, that all your activities are directed towards achieving the goals of your organization and that all your resources are being used for that purpose. 

There is no one single governance framework that I know of. To achieve good governance you have to put together the different components in different areas that will allow you achieve governance. COBIT, ITIL/ISO:IEC 2000, CMMI, SOX, ISO9000, SIX SIGMA TQM, EFQM, etc. those are all frameworks and methodologies that bring one or more aspects of governance to your organization. Once you know what targets you need to achieve to maintain governance, you pick the frameworks and methodologies you need based on your requirements.

A8Look at ISO38500 which was released in 2008, as a high level standard. 

38500 defines governance overall, building upon the seminal defintion in Cadbury, a UK report from the early 1990s. 

In my opinion 38500 provides an excellent overall framework within which a number of other tools/frameworks can be utilised such as COBIT, etc 

Critical though to my mind is that none of these approaches work unless there a a culture of ethics and integrity within an organization. The frameworks and processes must be accompanied by a values based approach, else the desired objectives may well not be achieved, or if achieved not be as successful as they might. 

You may find this link to an ISACA presentation I made on this subject helpful. 

Happy to help at anytime

Links:

• http://petermsalmon.wordpress.com/2008/11/11/48/
• http://www.itgi.org/Template_ITGI.cfm