Professional Documents
Culture Documents
Information and Technology (IT) Governance Is A Subset Discipline of
Information and Technology (IT) Governance Is A Subset Discipline of
focused on information and technology (IT) and its performance and risk management.
Various definitions of IT governance exist. While in the business world the focus has been on
managing performance and creating value, in the academic world the focus has been on
"specifying the decision rights and an accountability framework to encourage desirable behavior
in the use of IT."
The primary goals for information and technology (IT) governance are to (1) assure that the use
of information and technology generate business value, (2) oversee management's
performance and (3) mitigate the risks associated with using information and technology
Information technology (IT) governance has taken on greater importance in the global economy.
With the globalization of many industries and financial markets, developed and developing
economies are recognizing the importance of effective governance and controls to the success
of organizations
Control Objectives for Information and Related Technology (COBIT) is becoming a global
standard for IT governance and controls. COBIT provides an excellent framework for
implementing controls in IT to comply with SarbanesOxley and other global governance
standards..
Same survey noted that the higher the level of IT governance maturity, the higher the return on
IT investment. To achieve IT governance maturity and a higher return on IT investment requires
a close partnership between IT and business management. Close alignment of the IT strategy
with the business strategy is essential to the success of a well-functioning partnership. It is
important for IT to understand the business it supports and for the business to understand IT
IT management must also have a clear understanding of their current strengths and
weaknesses and be able to honestly communicate this information to the business
management. IT governance provides the structure to achieve the alignment of the IT strategy
with the business strategy, incorporate IT into the enterprise risk management (ERM) program,
manage the performance of IT and ensure delivery of value, and ensure adequate internal
controls and regulatory compliance.
----
COBIT Monitor and Evaluate IT Performance domain (Exhibit 8.1) addresses IT governance
and performance management facilitated by reporting and measurement. Effectively managing
an IT organization requires a solid foundation of governance and control over IT resources.
Governance guides the decision rights, accountability, and behaviours of an organization.