IT governance is a subset of corporate governance and it provides a mechanism for aligning IT strategy with the strategy of the business. By implementing an IT governance framework organisations can produce measurable results in achieving their objectives.
There are various reasons that organisations choose to implement an IT governance framework, including stakeholder pressure, although the main reason is to ensure compliance with regulations governing things such as data protection, financial accountability, and data retention.
Organisations from the public, private and not for profit sectors implement an IT governance strategy to ensure that the IT function supports the organisational strategy. Most organisations that have to deal with regulations relating to financial and technological accountability should have at least considered an IT governance programme. While small organisations, being pragmatic, will only make use of essential IT governance methods, larger organisations are bound to implement a full IT governance programme.
What is the easiest way to implement an IT governance programme?
The easiest way to get started with implementing IT governance is to use a framework that has been created for that very purpose. There are several different options to consider here. They are:
COBIT® – COBIT (Control Objective for Information and Related Technology) is a best practice IT governance framework created by ISACA®. COBIT 5 is the latest iteration of the framework. It provides a framework, analytical tools and models for the governance of enterprise IT.
Buy the COBIT 5.
CMMI® – Capability Maturity Model Integration, as developed by the Software Engineering Institute, is an approach to performance improvement. CMMI uses a scale of 1 to 5 to measure the organisation’s performance, quality and profitability.
ITIL® – the Information Technology Infrastructure Library® (ITIL) from AXELOS consists of twenty-six processes arranged around a lifecycle of the lifespan of an IT service. It is designed to align IT with the objectives of the business.
Buy the ITIL Lifecycle Publication Suite.
ISO/IEC 27001 – the International Standard for information security. The standard, along with ISO/IEC 27002, details how to implement a best practice information security management system (ISMS).
ISO/IEC 38500 – the International Standard for the governance of IT. The first part of the standard provides principles, guidance, definitions and a model for IT governance.
Buy ISO/IEC 38500.
Which approach should I use?
Selecting a framework for IT governance can seem like a nightmare at first. But it really isn’t that difficult at all. What you should consider is which framework works best for your organisational culture and values.
If two frameworks are attractive to you there is nothing to say that you can’t take an integrated approach to implementation. For example, COBIT and ITIL complement each other as COBIT provides the strategy and ITIL provides the means to get there.
IT governance consultancy
Aligning IT with the objectives of the business can be a difficult task. That’s why we at the ITSM Shop are here to help. We have a team of experienced IT governance consultants who can help with any size or type of IT governance project.
Call us on +44 (0) 3333 445 286 to discuss your IT governance project, or email [email protected]