Round Table Discussion 3 Principles of IT Governance - PowerPoint PPT Presentation

1 / 34
About This Presentation
Title:

Round Table Discussion 3 Principles of IT Governance

Description:

concentrating on optimising expenses and proving the value of IT. Risk management ... optimising knowledge and IT infrastructure. Performance measurement ... – PowerPoint PPT presentation

Number of Views:163
Avg rating:3.0/5.0
Slides: 35
Provided by: iactha
Category:

less

Transcript and Presenter's Notes

Title: Round Table Discussion 3 Principles of IT Governance


1
Round Table Discussion 3 Principles of IT
Governance IT Governance from the Worlds
Perspective
By Dr. Wachara Chantatub Faculty of Commerce and
Accountancy Chulalongkorn University Email
wachara_at_acc.chula.ac.th
2
IT Governance from the Worlds Perspective
  • Executive Summary
  • Critical Issues of IT Management
  • 4 Ps
  • IT Management and Governance Frameworks
  • IT Government
  • The IT Governance Institute
  • IT Governance Global Status Report 2006 (the
    Work)
  • Conclusion

3
Executive Summary
  • Over the years, IT has become the backbone of
    businesses to the point where it would be
    impossible for many to function (let alone
    succeed) without it. As a result of its
    increasing role in the enterprise, the IT
    function is changing, morphing from a technology
    provider into a strategic partner.
  • IT Governance is a structure of relationships and
    processes to direct and control the enterprise in
    order to achieve the enterprises goals by adding
    value while balancing risk versus return over IT
    and its processes.
  • This topic will present researches, findings,
    lessons learnt, and opinions on IT Governance
    from the worlds experts.

4
Critical Issues of IT Management
  • Considering all the issues of IT management, we
    have identified the following as critical issues
  • Environment
  • Today IT manager must manage a decentralized,
    end-user-focused environment.
  • Role
  • The current IT manager, instead of serving as the
    technical custodian of computer hardware
    entities, now functions more like an agent
    between IT resources and end-users.
  • Expanding Focus
  • The IT manager must understand the global issues
    of the business and its customers, as well as
    have a comprehensive knowledge of global IT
    management. IT has expanded on an international
    level and, as such, the present focus is now on
    matters that are more global in nature. The
    influx of technology into nearly every country
    has opened a cross-cultural window into other
    nations that, to this point, was unavailable.

5
  • Integration
  • In a given organization, the IT department is no
    longer strictly a separate function, rather, it
    is an integrated function of all departments.
  • Increased Risks
  • IT managers must be knowledgeable enough to
    effectively deal with greatly increased security
    risks brought about by the integration of
    technology.
  • Inadequate Preparation
  • Business schools continue to graduate students
    lacking basic knowledge in IT management.
  • Adapted from Curriculum Model 2000 of the
    Information Resource Management Association and
    the Data Administration Managers Association

6
4 Ps
  • IT management is all about the efficient and
    effective use of the four Ps
  • People
  • Processes
  • Products (tools and technology)
  • Partners (suppliers, vendors, and outsourcing
    organizations).

7
IT Management and Governance Frameworks
  • COBIT (Control Objectives for Information and
    Related Technology)
  • ITIL (IT Infrastructure Library)
  • CMMI (Capability Maturity Model Integration)
  • BS 15000
  • MOF (Microsoft Operations Framework)
  • and more

8
  • COBIT (Control Objective for Information and
    Related Technology)
  • Issued by the IT Governance Institute (ITGI),
    COBIT is an industry accepted standard for IT
    security and control practices that provides a
    reference framework for management, users and
    security practitioners.
  • ITIL (IT Infrastructure Library)
  • ITIL is one of the most widely accepted
    management frameworks in the IT world and
    describes an integrated set of process-oriented
    best practices for managing IT services.

9
  • CMMI
  • Capability Maturity Model Integration (CMMI) is
    a process improvement approach that provides
    organizations with the essential elements of
    effective processes. It can be used to guide
    process improvement across a project, a division,
    or an entire organization. CMMI helps integrate
    traditionally separate organizational functions,
    set process improvement goals and priorities,
    provide guidance for quality processes, and
    provide a point of reference for appraising
    current processes.

10
  • BS15000
  • This is the first formal standard for IT Service
    Management, developed by the British Standards
    Institute (BSI Code of Practice for IT Service
    Management). It is viewed across the industry as
    a crucial step in turning best practices into
    reality.
  • MOF (Microsoft Operations Framework)
  • MOF is a collection of best practices,
    principles, and models. It provides comprehensive
    technical guidance for achieving mission-critical
    production system reliability, availability,
    supportability, and manageability for solutions
    and services built on Microsoft products and
    technologies. This guidance is presented in the
    form of white papers, service management guides,
    assessment tools, operations kits, best
    practices, case studies, and support tools that
    address the people, process, and technologies for
    effectively managing production systems within
    todays complex distributed IT environment.

11
Evolution of IT Management Frameworks
12
IT Governance
  • IT Governance Process
  • IT Governance Areas

Source www.itgi.org
13
IT Governance Process
Source www.itgi.org
14
IT Governance Areas
  • Strategic alignment
  • with focus on aligning with the business and
    collaborative solutions
  • Value delivery
  • concentrating on optimising expenses and proving
    the value of IT
  • Risk management
  • addressing the safeguarding of IT assets,
    disaster recovery and continuity of operations
  • Resource management
  • optimising knowledge and IT infrastructure
  • Performance measurement
  • tracking project delivery and monitoring IT
    services

Source www.itgi.org
15
The IT Governance Institute
  • The IT Governance Institute (ITGI) (www.itgi.org)
    was established in 1998 in recognition of the
    increasing criticality of information technology
    to enterprise success. In many organizations,
    success depends on the ability of IT to enable
    achievement of business goals. In such an
    environment, governance over IT is as critical a
    board and management discipline as corporate
    governance or enterprise governance. Effective IT
    governance helps ensure that IT supports business
    goals, maximizes business investment in IT, and
    appropriately manages IT-related risks and
    opportunities.
  • ITGI is a research think tank that exists to  be
    the leading reference on IT-enabled business
    systems governance for the global business
    community. ITGI aims to benefit enterprises by
    assisting enterprise leaders in their
    responsibility to make IT successful in
    supporting the enterprise's mission and goals. By
    conducting original research on IT governance and
    related topics, ITGI helps enterprise leaders
    understand and have the tools to ensure effective
    governance over IT within their enterprise.

16
IT Governance Global Status Report 2006 (the
Work)
  • In 2005, PwC was commissioned by ITGI to conduct
    the second global survey on IT governance. The
    survey was conducted from July 2005 until October
    2005 and this report highlights the most
    significant find
  • The purpose of the survey was to reach members of
    the C-suite to determine their sense of priority
    and actions already taken relative to IT
    governance and their need for tools and services
    to help assure effective IT governance.

17
Key Findings of the 2006 Survey
  • 1. IT is more critical to business than ever.
  • 2. General managers feel more positive toward IT
    than IT managers do.
  • 3. Significant differences amongst industry
    sectors exist.
  • 4. IT staffing is the most important IT-related
    problem.
  • 5. IT security is not the most important
    IT-related problem.
  • 6. IT outsourcing is out.
  • 7. Awareness of ISACA and ITGI has increased.
  • 8. Awareness of COBIT has increased.
  • 9. Sarbanes-Oxley has not created the
    anticipated effect.
  • 10. IT governance (and COBIT) is not as easily
    implemented as originally estimated.
  • 11. COBIT is being used by about 10 percent of
    the IT population.

18
  • 1. IT is more critical to business than ever.
  • For 87 percent of the participants, IT is quite
    to very important to the delivery of the
    corporate strategy and vision.
  • For 63 percent of the respondents, IT is
    regularly or always on the boards agenda.

Question Thinking about your overall corporate
strategy or vision, how important do you consider
IT to be to the delivery of this strategy or
vision?
19
Question How frequently is IT included on your
organisations board agenda?
20
2. General managers feel more positive toward IT
than IT managers do. Compared to IT managers,
general managers attach even more criticality and
importance to IT. In addition, they are generally
more satisfied with IT and with its strategic
alignment with the business.
Question Thinking about your overall corporate
strategy or vision, how important do you consider
IT to be to the delivery of this strategy or
vision?
21
3. Significant differences amongst industry
sectors exist. IT/telecom and financial services
appear to be better performers when it comes to
IT governance, while the retail and manufacturing
industries are lesser performers. These outcomes
are in line with the degree of strategic
importance of IT in these industry sectors.
Question Thinking about your overall corporate
strategy or vision, how important do you consider
IT to be to the delivery of this strategy or
vision?
22
4. IT staffing is the most important IT-related
problem. When taking into account all aspects of
a problem, such as frequency of occurrence,
severity of the problem and future evolution, IT
staffing appears to be the most important problem
in IT.
Question Compound problem index?
23
5. IT security is not the most important
IT-related problem. When taking all dimensions of
the problem into account, security (and
compliance) is ranked last of eight IT problem
categories.
Question Compound problem index?
24
6. IT outsourcing is out. IT outsourcing is no
longer seen as the most effective measure to
resolve IT problems. As business and IT have
become increasingly aware of the fact that IT
problems cannot be outsourced, they have tended
to bring control of problematic systems back
in-house.
Question How effective could the following high
level measures be for resolving your IT-related
problems?
25
7. Awareness of ISACA and ITGI has
increased. Awareness amongst the general IT
population of the ISACA and ITGI brands has
almost tripled compared to the 2003 survey.
Question What organisations are you aware of
that provide or implement solutions to IT
governance problems?
26
8. Awareness of COBIT has increased. Awareness in
the general population of the existence of COBIT
has increased by 50 percent since 2003, from 18
percent to 27 percent. In addition, one out of
six respondents who know COBIT claims to know the
contents to a great extent.
Question Are you personally aware of the
existence of COBIT ?
27
Question If you are personally aware of the
existence of COBIT, are you personally aware of
the contents of COBIT?
Question If you are personally aware of the
existence and the contents of COBIT, to what
extent are you aware of its contents?
28
9. Sarbanes-Oxley has not created the anticipated
effect. A lower than expected numberonly 38
percentof the COBIT users indicated that
Sarbanes-Oxley legislation or other new
accounting-related legislation or regulation was
the reason to introduce COBIT in their
organisation. (The survey did not distinguish
between old and new COBIT users, which could
explain the result.)
Question Was the Sarbanes-Oxley legislation, or
any other new accounting-related legislation or
regulation, a reason to introduce COBIT in your
organisation?
29
10. IT governance (and COBIT) is not as easily
implemented as originally estimated. A number of
results lead to the conclusion that implementing
IT governance is not as straightforward as
perhaps once thought. The same conclusion can be
made regarding COBIT implementation. Putting
things in perspective, however, these results
confirm that Good IT governance practices are
not built overnight they require time and
continued commitment. Implementing COBIT is
not a matter of taking it out of the box and
implementing it as written. Instead, it is a
process of selecting the most appropriate
elements, tailoring them as needed and applying
them to the specific needs of the organisation.
30
Question How easy or difficult has it been for
you to implement the COBIT framework or part of
the COBIT framework?
31
11. COBIT is being used by about 10 percent of
the IT population. The current acceptance rate of
COBITi.e., the percentage of the general IT
population using one or more parts of COBITis
now 10 percent (at least). Given the relatively
large number of respondents indicating that they
use an internally developed IT governance
solution, it is probable that there are a number
of hidden COBIT users who have implemented
portions of it in their own enterprise-specific
solution.
32
Question What solutions/frameworks do you use or
are you considering using?
33
Conclusion
  • IT has become the backbone of enterprises.
  • Enterprise needs IT management and governance
    framework(s) to direct and control the enterprise
    in order to achieve the enterprises goals by
    adding value while balancing risk versus return
    over IT and its processes.
  • IT Governance Global Status Report 2006 (the
    Work) highlights the most significant findings
    of awareness, perceptions and applications of IT
    governance and IT governance frameworks.

34
3rd CIO Security Conference and Showcase
2006Proactive Preparation and Collaboration for
Thailand ICT Vision
Se
Platinum Sponsor
Gold Sponsor
Exhibitor
Strategic Alliances
Write a Comment
User Comments (0)
About PowerShow.com