IT governance is about managing, controlling and monitoring IT within the organisation – and there is increasing pressure to manage IT as a business in order to reduce IT risks and enhance its business value.
Although executives of top companies have different views on what IT governance is all about, what is clear is that any form of IT governance implemented in a business must successfully achieve the benefits and objectives originally envisioned.
Angeli Hoekstra, national leader of PricewaterhouseCoopers SA Technology Advisory Services practice and global leader for PricewaterhouseCoopers IT Governance services, says the objectives of IT governance may vary between companies, but in all cases, the activities of the IT division of an organisation must be aligned with and support the business objectives of the broader organisation.
“Clear IT governance objectives will also identify and enable synergies between various IT initiatives and ensure they serve the best interests of the entire company, rather than narrowly support individual business units. A culture of IT governance will create value for the organisation through optimising cost structures and creating value through critical and responsible resource management, minimising business risks and measuring benefits flowing from the IT governance processes.”
But none of these objectives can be achieved, says Hoekstra, unless all common stakeholders are committed to the value of IT governance. “This buy-in has to start with the board of directors and top management and filter down to heads of business units and IT management.”
There is little point in having the ideal IT governance framework clearly set out in theory, but it is not then effectively enforced and monitored. Policies and standards (such as those for end-users, security, technical and product specifications) must be in place and the culture of compliance must be strong.
A vital quality in an IT governance framework is that the perspective for this strategy must be holistic. This means there should be extensive interface with the more operational IT aspects of the business, such as IT processes and procedures. A holistic framework assists the organisation in realising a range of benefits such as increased IT agility and flexibility, greater IT value delivery and reduced costs through more responsible IT resource use.
Hoekstra warns that if a holistic approach is not followed and an organisation focuses on individual aspects of processes, structures, compliance or controls, the overall objectives of IT governance will not be achieved. “IT Governance must be embedded throughout the organisation via the use of a comprehensive framework that allows executives to align decisions to the organisation’s internal and external environment.”
Hoekstra says that optimal IT governance arrangements will differ for every organisation but some principles are universal. “If an organisation wants to improve existing governance, it should be a gradual approach. The instant big-bang transformation will probably fail and not deliver.
"The company should also clearly define what it means by IT governance and this should be communicated across the business. Targets and expectations should be achievable and well understood and objectives must be clearly measurable. If the value that improved IT governance is meant to add cannot be defined and assessed, there is really no point in having a strategy.”