A governance system comprises various governance mechanisms that enable multiple stakeholders in an enterprise, including management, to have an organised say in evaluating conditions and options; setting direction; and monitoring compliance, performance and progress against plans, to satisfy specific enterprise objectives. It is usually the CIO's responsibility to identify and implement the appropriate governance mechanisms for the use of information and technology. However, in doing so commonsense must prevail. Suitably appropriate structures, processes and governance mechanisms should deployed based on the size, complexity and nature of business activities that are necessary to achieve the organisation’s strategies and objectives.
Typical governance mechanisms, include:
- frameworks and architecture
- goals and objectives
- IT governance charters
- IT policies
- IT plans, schedules, deadlines
- IT strategies
- organisational structures
- decision mechanisms, roles and responsibilities
- processes and practices, registries
- standards, contracts, SLAs,
- monitoring of compliance and managing
- scorecards, bench-marking and reporting.
Although frameworks like COBIT provide important guidance about the required tasks that make up generally accepted best practice for IT processes, the actual process of implementing or modifying the recommended practices for a particular organisation can be challenging. Companies often struggle to define and implement the processes, controls and governance mechanisms recommended without expert consultation. Frequently there is considerable upfront investment in simply understanding the requirements of the selected frameworks with little real value actually being created.
With the ITGN's expert guidance, streamlined processes with clearly defined actionable tasks and governance mechanisms can be implemented to manage the risks, deliver the results expected and support regulatory compliance obligations.