Professional Documents
Culture Documents
Governance, Architecture and IT Strategy
Governance, Architecture and IT Strategy
and IT Strategy
ITECH 3103 | ASSESSMENT TASK 3 (2021)
[STUDENT NAME AND ID]
Introduction 2
The areas that can be followed to get greatest value and impact from IT
governance are as follows:
COBIT: It is an all-inclusive framework of worldwide accepted performs, models and analytical tools designed for
management and governance of enterprise IT. The publisher, ISACA, extended scope of the COBIT with its roots in IT
auditing over the years to fully support IT governance. The latest version is COBIT 5.
COSO: COSO is the model for assessing internal controls. Focus of the COSO is less information technology specific than
the other frameworks. COSO concentrates more on business aspects like enterprise risk management and fraud
deterrence.
FAIR: FAIR or Factor Analysis of Information Risk helps to identify quantify risk for an organization. The focus of FAIR is on
operational risk and cyber security. The goal of FAIR is more well-informed decisions making.
ITIL: ITIL or stands for Information Technology Infrastructure Library focuses on IT service management. The aim of ITIL is
to ensure that IT services backing core processes of the organization. ITIL covers five sets of management best practices
i.e., design, service strategy, transition, continual service improvement and operation.
CMMI: The CMMI or Capability Maturity Model Integration method is a tactic to performance improvement. It uses a
scale of 1 to 5 to measure the performance, quality and profitability maturity level of an organization.
How to choose a correct Framework 8
• IT governance frameworks are designed to help the organization to determine how their IT
department is overall functioning, the key metrics management needed by them and what
is the return coming from the framework to the business in respect of the investments.
• COSO and COBIT are used mostly for risk.
• ITIL helps to streamline operations and service.
• CMMI was initially intended for software engineering. But later, it involves processes in
hardware service delivery, development and purchasing.
• FAIR is meant for measuring operational and cyber security risks.
• By considering the corporate culture of an organization, we can select which framework is
to use, it is a natural fit of for the organization or not.
• Framework can be more than one. One framework can balance another.
IT Governance Processes 9
• Gregory, R. W., Kaganer, E., Henfridsson, O., & Ruch, T. J. (2018). IT Consumerization and the Transformation of IT
Governance. Mis Quarterly, 42(4), 1225-1253.
• Levstek, A., Hovelja, T., & Pucihar, A. (2018). IT governance mechanisms and contingency factors: Towards an
adaptive IT governance model. Organizacija, 51(4), 286-310.
• Roy, I. (2018, June 26). 7 Keys Facts about IT Governance, IT Governance Journal, https://it-governance-
journal.com/2018/06/26/7-keys-facts-about-it-governance/
• Maccani, G., Connolly, N., McLoughlin, S., Puvvala, A., Karimikia, H. & Donnellan, B. (2020). An emerging typology
of IT governance structural mechanisms in smart cities, Government Information Quarterly, 37(4), 101-499.
• Hamzane, I., & Belangour, A. (2019). Implementation of a decision system for a suitable IT governance
framework. International Journal of Computer Science and Information Security (IJCSIS), 17(5), 1-7.