In most organisations there is considerable reliance on the staff employed to get the required work completed in the specified manner, and within the required time-frame.
Codes of corporate governance encourage companies to deploy a system by which the current and future use of IT is directed and controlled. A system that increases visibility empowers management to track service levels through real-time dashboards that give managers key information about progress from both business and technological perspectives.
Management systems built using dynamic infrastructure deliver the scalability and flexibility needed to support unpredictable business workloads and enable organisations to integrate business and technical management, generate new services and make changes, while reducing business risks and fulfilling regulatory compliance obligations.
Through a combination of management planning, choreographed execution and automated triggers, IT teams are able to achieve significant improvements in productivity, higher levels of customer satisfaction, lower downtime and a reduction in operational costs.
Well designed processes, with carefully thought through actions can be more effectively managed with the aid of a management system. Managers are able to put operational staff on “autopilot”. Staff are able to follow regularly updated instructions about work tasks to be performed at designated locations, communicated to and displayed on each individual role’s ”To Do” list together with information regarding the task, the priority, sequence of execution and collaboration required.
Management requests for tasks to be actioned should generate work tickets that are assigned to members of the IT team, along with the information needed to undertake the assigned tasks. Following fully integrated, end-to-end ITIL processes, staff should execute the required work while providing management with a high degree of visibility of the progress made in collecting information and actioning tasks.
Any failure of IT to support business initiatives optimally through quick response could translate directly into downtime affecting the entire business. Increased visibility and tracking of progress ensures management are able to monitor closely, determine and effectively manage the quality of service delivered to customers.
Do you know how much risk your outsourced service provider contributes to your business? Do you know how their low level of organisational maturity could undermine your organisation’s ability to meet the performance expectations of your stakeholders? Do you know if your service provider continues to deliver on its original value proposition?
The King III Committee on Corporate Governance has addressed the issue of corporate governance for information technology for the first time devoting an entire chapter to the subject and keeping IT governance separate from risk management and compliance.
IT governance is defined in the glossary to the King III Code of Governance as “the effective and efficient management of IT resources to facilitate the achievement of corporate objectives”. IT governance is the responsibility of the board and an integral part of corporate governance. The focus is on the governance of management processes (and decisions) relating to the information and communication services used by an organisation.
Information and technology (IT) governance is a subset discipline of corporate governance, focused on information and technology (IT) and its performance and risk management. The interest in IT governance is due to the on-going need within organizations to focus value creation efforts on an organization's strategic objectives and to better manage the performance of those responsible for creating this value in the best interest of all stakeholders. It has evolved from The Principles of Scientific Management, Total Quality Management and ISO 9001 Quality Management Systems.
Historically, board-level executives deferred key IT decisions to the company's IT management and business leaders. Short-term goals of those responsible for managing IT can be in conflict with the best interests of other stakeholders unless proper oversight is established. IT governance systematically involves everyone: board members, executive management, staff, customers, communities, investors and regulators. An IT Governance framework is used to identify, establish and link the mechanisms to oversee the use of information and related technology to create value and manage the risks associated with using information and technology.
Various definitions of IT governance exist. Whilst in the business world the focus has been on managing performance and creating value, in the academic world the focus has been on "specifying the decision rights and an accountability framework to encourage desirable behavior in the use of IT.
IT governance is the assignment of decision-making authority and accountability to ensure desirable behavior in the use of information and technology. IT governance usually occurs at different layers, with team leaders reporting to and receiving direction from their managers, with managers reporting up to the executive, and the executive to board / council members.
The King III Report on Corporate Governance includes IT Governance. Boards are to take responsibility for the governance of information and technology. Whilst accountable to stakeholders, they can delegate responsibility for implementing an IT Governance framework to management.
King III contains over 150 requirements for management to consider when implementing better governance of the use of information and technology. The report provides management and board members with clarity about the nature, extent and importance of IT governance to their organisations.
The seven King III principles that relate to IT governance cover six domains: governance structures, strategic alignment, value delivery, risk management, resource optimisation and performance management.
The King III Report provides extensive guidance on the implementation of IT governance but it also states that "commonsense must apply". What then are the most essential requirements?
The King III principles on the corporate governance of information and technology have been strongly influenced by the principles of the ISO/IEC 38500 standard for the Corporate Governance of ICT.