IT Governance Defined

IT Governance is "a framework for the leadership, organizational structures and business processes, standards and compliance to these standards, which ensure that the organization’s IT supports and enables the achievement of its strategies and objectives."  (IT Governance: a Pocket Guide).

The sub-domains of IT governance include

• Business continuity and disaster recovery
• Regulatory compliance
• Information governance and information security
• IT Service Management, including ITIL and Service Level Management
• Knowledge Management, including Intellectual Capital
• Project governance
• Risk management

This site provides extensive information and advice on IT governance, as well as

• An opportunity to browse our well-stocked IT governance bookshop;
• Special tools useful to the IT governance practitioner;
  • including CobiT and Val IT
• Training services;
• Consulting services;
• Material on IT Service Management (of which ITIL is a key component);
• A selection of IT governance standards.

Calder-Moir IT Governance Framework

IT governance is a critical component of corporate governance; the Calder-Moir IT Governance Framework provides structured guidance on how to approach this complex subject. The framework also provides a useful tool for benchmarking the balance and effectiveness of IT governance practices within an organization, and the IT Governance Toolkit provides practical assistance and guidance for practitioners and board members who are tackling the subject. 

IT Governance for Executives

IT Governance is a key subject for company directors and executives. The leading books on the subject are:

1.  IT Governance: Guidelines for Directors
2.  IT Governance Today: a Practitioner's Handbook
3.  IT Governance: How Top Performers Manage IT for Superior Results
4.  Governance of the Extended Enterprise: Bridging Business and IT Strategies
5.  Get the lot, plus more: IT Governance Library.

Other Resources

• Our special IT Governance Board Awareness Toolkit can help your board get to grips with how IT governance fits with the Turnbull Report, the UK Combined Code and the requirements of Sarbanes Oxley. 
• A 'triptych' of IT Governance Pocket Guides describe IT governance, as well as providing an overview of IT-related regulatory compliance requirements in the UK and North America.
  
• BOARD BRIEFING ON IT GOVERNANCE - if you would like a free copy of the most recent version of our (mercifully short) Board Briefing on IT Governance, please provide your email address and we will email the download link to you.

AS 8015:2005

The world's first formal IT Governance Standard was published by the Australian Standards Instititute in 2005, under the number AS 8015. This standard sets out a very straightforward framework for the board's governance of Information and Communications Technology. Irrespective of its geographic origin, the standard is a key resource for IT governance professionals everywhere in the world.

ITIL^®, CobiT^® and ISO17799

There are three widely-recognised, vendor-neutral, third party frameworks that are often described as 'IT governance frameworks'. While, on their own, they are not completely adequate to that task, each has significant IT governance strengths.

• ITIL^®, or IT Infrastructure Library^®, was developed by the UK's Office of Government Commerce as a library of best practice processes for IT service management. Widely adopted around the world, ITIL is supported by ISO/IEC 20000:2005, against which independent certification can be achieved. On our ITIL page, you can access a free briefing paper on ITIL, IT Service Management and ISO20000. 
• CobiT^®, or Control Objectives for Information and related Technology, now in version 4.1, was developed by America's IT Governance Institute. CobiT is increasingly accepted as good practice for control over information, IT and related risks. Its guidance helps organizations implement effective governance over enterprise-wide IT. In particular, CobiT's Management Guidelines component contains a framework for the control and measurability of IT by providing tools to assess and measure the enterprise’s IT capability for the 34 identified CobiT processes. Governance of the Extended Enterprise, published by the IT Governance Institute, explores how some of the world's most successful enterprises have integrated information technology with business strategies, culture, and ethics to optimize information value, attain business objectives, and capitalize on technologies in highly competitive environments.
• ISO17799, now renumbered as ISO27002 and supported by ISO 27001, (both issued by the International Standards Organization in Geneva), is the global best practice standard for information security management in organizations.

Joint Framework

ISO 17799 (ISO27002), ITIL and CobiT are all, potentially, part of any best-practice approach to regulatory and corporate governance compliance. The challenge, for many organizations, is to establish a co-ordinated, integrated framework that draws on all three of these standards. The recently released Joint Framework, put together by the ITGI (owners of CobiT) and the OGC (owners of ITIL) is a significant step in the right direction. Here is a webinar that describes how to leverage this best-practice framework to simplify your regulatory compliance.

An increasingly relevant subject requiring consideration within the sphere of IT Governance is the issue of Green IT. In the same way that IT Governance is a critical component within the Corporate Governance of an organisation, Green IT has become an essential aspect within the decision making, framework building, and business processes, of IT Governance.

Find further information on Green IT here and a selection of cutting edge texts, support manuals, and standards on both Green IT and the Environmental Management Standard ISO 14000.

Bookmark with:

What are online bookmarks?