Professional Documents
Culture Documents
Emerging Issues in IT Governance PDF
Emerging Issues in IT Governance PDF
Paul Williams
IT Governance Adviser
Protiviti UK
paul.williams@protiviti.co.uk
Agenda
• Corporate and IT governance – what is it, and why is it a
current issue for Boards, auditors and other risk
management professionals?
• Current drivers and inhibitors
• How should the Board address its IT governance
responsibilities?
• An emergent new profession?
• How can auditors and risk managers help?
Why is Corporate (and IT) Governance
Necessary?
The concept dates back at least as far as Adam Smith
(1776):
“when ownership and control of corporations are not fully
coincident, there is potential for conflicts of interest
between owners and controllers.”
Why is Corporate (and IT) Governance
Necessary?
The concept dates back at least as far as Adam Smith
(1776):
“when ownership and control of corporations are not fully
coincident, there is potential for conflicts of interest
between owners and controllers.”
• Society at large
The Bad News
g
collaborative solutions a te e n ve
r
S t ign m ry
A l
2. Value Delivery IT
focus on IT expenses and proof of value Governance
nt
Perf uremen
Mea
e
Domains
agem
3. Resource Management
Man isk
orm
s
R
knowledge, infrastructure and partners
ance t
4. Risk Management Resource
safeguarding assets and disaster recovery Management
5. Performance Measurement
IT Scorecards
What is IT Governance?
ic t Va
g
e en D e l i lu e
t
ra ve
1. Strategic Alignment S t ign m ry
Al
DOMAINS
nt
Perf uremen
collaborative solutions
Mea
e
Domains
agem
Man isk
orm
2. Value Delivery
R
ance t
focus on IT expenses and proof of value
4. Risk Management
safeguarding assets and disaster recovery
5. Performance Measurement
IT Scorecards
© Protiviti
Business Risk Model
© Protiviti
http://www.computerweekly.com/Articles/2006/07/04/216675/Banish+bafflement+in+the+boardroom.htm
(IT governance)….. must become dynamic and
sensitive to change. It too must have tolerance for
uncertainty and a commitment to continuous learning.
Those who implement decisions and deliver results
must be part of the decision-making process.
Yes, but………..
‘This (IT knowledge) is an area where few, if any, of
our sample would have personal expertise to bring to
bear.’