IT Governance Defined
IT governance is a framework that ensures your organisation's IT infrastructure supports and enables the achievement of its corporate strategies and objectives. The full definition can be found in IT Governance: A Pocket Guide by Alan Calder.
The official IT governance standard is ISO/IEC 38500:2015. It sets out a straightforward framework for the board's governance of information and communications technology and is a key resource for IT governance professionals everywhere in the world.
IT governance frameworks
There are three widely recognised, vendor-neutral, third-party frameworks that are often described as 'IT governance frameworks'. While on their own they are not completely adequate to that task, each has significant IT governance strengths:
ITIL, or IT Infrastructure Library®, was developed by the UK's Cabinet Office as a library of best-practice processes for IT service management. Widely adopted around the world, ITIL is supported by ISO/IEC 20000:2011, against which independent certification can be achieved. On our ITIL page, you can access a free briefing paper on ITIL, IT service management and ISO 20000.
Control Objectives for Information and Related Technology (COBIT) is an IT governance control framework that helps organisations meet today’s business challenges in the areas of regulatory compliance, risk management and aligning IT strategy with organisational goals. COBIT is an internationally recognised framework. In particular, COBIT's Management Guidelines component contains a framework for the control and measurability of IT by providing tools to assess and measure the enterprise’s IT capability for the 37 identified COBIT processes. Read more about COBIT here >>
ISO 27002 (supported by ISO 27001), is the global best-practice standard for information security management in organisations.
The challenge, for many organisations, is to establish a coordinated, integrated framework that draws on all three of these standards. Leading books on the subject are:
Get all of these titles, plus more, in the IT governance library.
Subdomains of IT governance
In addition to the three frameworks listed above, there are many subdomains of IT governance, including:
This site provides extensive information and advice on IT governance, as well as:
Calder-Moir IT Governance Framework
IT governance is a critical component of corporate governance and the Calder-Moir IT Governance Framework provides structured guidance on how to approach this complex subject. The framework also provides a useful tool for benchmarking the balance and effectiveness of IT governance practices within an organisation, and the IT Governance Toolkit provides practical assistance and guidance for practitioners and board members who are tackling the subject.
IT governance auditing
As IT governance plays such a key role in strategic performance, internal auditors are expected to include auditing IT governance in their work plans.
An increasingly relevant subject to IT governance is green IT. In the same way that IT governance is critical to the corporate governance of an organisation, green IT has become essential to the decision making, framework building, and business processes, of IT governance.
Find further green IT products , including cutting-edge texts, support manuals, and standards on both green IT and the environmental management standard ISO 14001 on our website.