The Role of IT Governance

The purpose of IT governance is to direct IT endeavors, to ensure that IT’s performance meets the following objectives:

Alignment of IT with the enterprise and realisation of the promised benefits
Use of IT to enable the enterprise by exploiting opportunities and maximising benefits
Responsible use of IT resources
Appropriate management of IT-related risks

Fundamentally, IT governance is concerned about two things: IT’s delivery of value to the business and the mitigation of IT risks. The first is driven by strategic alignment of IT with the business. The second is driven by embedding accountability into the enterprise. Both need to be supported by adequate resources and measured to ensure that the results are obtained. IT governance is also a process through which the IT strategy drives the IT processes, which obtain resources necessary to execute their responsibilities. The IT processes report against these responsibilities on process outcome, performance, risks mitigated and accepted, and resources consumed. These reports should either confirm that the strategy is properly executed or provide indications that strategic redirection is required. This leads to the five main focus areas for IT governance, all driven by stakeholder value. Two of them are outcomes: value delivery and risk management. Three of them are drivers: strategic alignment, resource management (which overlays them all) and performance measurement. -IT Governance Using COBIT