200 likes | 729 Views
IT Governance. Group 4: James Fort Stephanie Joyner Jeff Seremak. What is IT Governance?. Structure to help align IT strategy with business strategy According to ITGI, there are 5 areas of focus: Strategic alignment Value delivery Resource management Risk management
E N D
IT Governance Group 4: James Fort Stephanie Joyner Jeff Seremak
What is IT Governance? • Structure to help align IT strategy with business strategy • According to ITGI, there are 5 areas of focus: • Strategic alignment • Value delivery • Resource management • Risk management • Performance measures
Why is IT Governance important? • Compliance with regulations • Competitive advantage • Support of enterprise goals • Growth and innovation • Increase in intangible assets • Reduction of risk
Who is involved? • Team leaders • Managers • Executives • Board of Directors • Stakeholders
Aligning IT and Business Strategy • Corporate Mission – Business Goals – IT Strategy • Requires involvement from many levels and activities within the enterprise. • Lack of alignment leads to adverse business issues. • Strong IT Governance contributes toward proper alignment.
Ensuring Value and Effectiveness • IT issues are the least understood, despite increasing reliance placed on IT. • Initiate IT governance structures with the right level of executive involvement. • Board of Director’s require essential IT related skills
IS Governance • Consists of leadership, organizational structures and processes that safeguard information. • Security over information assets. • Benefits of IS Governance. • IS is a top-down process.
Measuring IT Governance Performance • Measuring IT performance is a key concern as it demonstrates the effectiveness and added business value of IT. • Commonly seen as the IT “Black Hole” – costs continually rise without clear evidence of value derived from the IT function. • Traditional performance measurement methods require monetary values which are hard to apply to IT systems.
IT Balanced Scorecard • One of the most effective means to aid an organization in achieving IT and business alignment. • Provides a systematic translation of the IT strategy into tangible success factors and metrics. • Gives a balanced view of the value added by IT to the business. • Calculating the value of IT investments is a business issue for which business managers are ultimately responsible for.
Harley Davidson IT Harley Davidson is the oldest producer of motorcycles and has achieved 20 consecutive years of record growth. Until 2003, Harley Davidson focused solely on manufacturing and selling high quality motorcycles. They realized that for continued growth, they must unite management and the IT and Audit functions with a common governance while maintaining their unique company culture.
Until 2003, Harley Davidson had limited IT controls in place and the employees had limited knowledge of control and risk. • There were limited: Standardized user access processes, change management processes or backup and recovery processes. • Harley Davidson created a new IT compliance department to manage control and risk in the company. • This department implemented the COBIT framework to focus on key value areas of the business. • Switched to a broad control framework rather than continually raising the bar.
COBIT – Control Objectives for Information and Related Technology • Harley Davidson chose COBIT because • An internationally accepted standard for IT governance and control • Provides a common language for management, end users and IT audit professionals • A means for benchmarking controls compliance • Low implementation cost • Cohesiveness with other standards • External auditor signed off on the framework • It was important for management and IT to understand the importance of effective, value-focused controls. • By focusing on IT business value and their control needs, COBIT provided a tool to spur internal change while maintaining their position as an industry leader.