How many of these do you do?
- Establish and reinforce an IT Executive / Strategy Committee for IT decision making and operation of effective IT governance
- Ensure you create, maintain and monitor a business case justifying the benefits of IT Governance
- Promise never to implement IT Governance with a “big bang” – rather build on quick wins progressively
- Focus on the basics – reliable and repeatable process for critical activities
- Engage with at least two key business stakeholders to help them understand their role in driving value from IT
- Avoid IT governance becoming another silo – build on existing governance and management practices
- Invest in skills development – one of the most cost-effective ways to create change
IT has such a high impact on critical business operations, and on competitiveness in an increasingly information dependent world, that it has become imperative for board directors to ensure that the value expected from IT is delivered, and IT related risks are managed. And that’s Governance (note, no mention of compliance or tick-boxing…)
Governance enables the enterprise to achieve effective and transparent use of IT to deliver business value, making sure there is clear and understandable communication between IT providers and the business users and other stakeholders.
We concentrate on the implementation improved outcomes from IT investments by enabling IT Governance improvements based on KING IV, COBIT® and other standards and best practices. We also provide tools to support the ongoing monitoring of IT activities. This includes prioritisation tools, maturity assessments to identify where improvements are needed as well as Metricus to provide management dashboards and scorecards.
Gary Hardy is a long standing member of ISACA and has been a contributor to COBIT since its inception in 1992. He has also co-authored ISACA’s Governance documents.
- IT governance and COBIT implementation workshop
- Interfacing and Adopting ITIL® and COBIT® workshop
- King IV Corporate Governance of IT workshop
- Management of IT Risk workshop