IT Governance Defined
IT governance is a framework which ensures your organisation's IT infrastructure supports and enables the achievement of the corporate strategies and objectives. The full definition can be found in IT Governance: a Pocket Guide by Alan Calder.
The official IT governance standard is ISO/IEC 38500:2008.
The sub-domains of IT governance include:
This site provides extensive information and advice on IT governance, as well as:
Calder-Moir IT Governance Framework
IT governance is a critical component of corporate governance and the Calder-Moir IT Governance Framework provides structured guidance on how to approach this complex subject. The framework also provides a useful tool for benchmarking the balance and effectiveness of IT governance practices within an organisation, and the IT Governance Toolkit provides practical assistance and guidance for practitioners and board members who are tackling the subject.
IT Governance for Executives
IT Governance is a key subject for company directors and executives. The leading books on the subject are:
IT Governance: Guidelines for Directors
IT Governance: Implementing Frameworks and Standards for the Corporate Governance of IT
IT Governance Today: a Practitioner's Handbook
Get all of these titles, plus more in the IT Governance Library.
IT Governance Auditing
As IT governance plays such a key role in strategic performance, internal auditors are expected to include auditing IT governance in their work plans.
The world's formal international IT governance Standard, ISO/IEC 38500, was published in June 2008. It built upon the trail-blazing work done by the Australian Standards Institute, which published AS 8015 in 2005. ISO/IEC 38500 sets out a very straightforward framework for the board's governance of Information and Communications Technology. Irrespective of its geographic origin, the standard is a key resource for IT governance professionals everywhere in the world.
'IT Governance Frameworks'
There are three widely recognised, vendor-neutral, third party frameworks that are often described as 'IT governance frameworks'. While on their own they are not completely adequate to that task, each has significant IT governance strengths.
ITIL, or IT Infrastructure Library®, was developed by the UK's Cabinet Office as a library of best practice processes for IT service management. Widely adopted around the world, ITIL is supported by ISO/IEC 20000:2011, against which independent certification can be achieved. On our ITIL page, you can access a free briefing paper on ITIL, IT Service Management and ISO20000.
Control Objectives for Information and Related Technology (COBIT) is an IT governance control framework that helps organisations meet today’s business challenges in the areas of regulatory compliance, risk management and aligning IT strategy with organisational goals. COBIT is an internationally recognised framework and was updated from version 4.1 to version 5 in 2012. In particular, COBIT's Management Guidelines component contains a framework for the control and measurability of IT by providing tools to assess and measure the enterprise’s IT capability for the 37 identified COBIT processes.
Read more about COBIT here.
ISO27002 (supported by ISO27001), is the global best practice Standard for information security management in organisations.
These three frameworks are all, potentially, part of any best-practice approach to regulatory and corporate governance compliance. The challenge, for many organisations, is to establish a coordinated, integrated framework that draws on all three of these standards.
The Joint Framework, put together by the ITGI (owners of COBIT) and the OGC (owners of ITIL) is a significant step in the right direction.
An increasingly relevant subject requiring consideration within the sphere of IT Governance is the issue of Green IT. In the same way that IT Governance is a critical component within the Corporate Governance of an organisation, Green IT has become an essential aspect within the decision making, framework building, and business processes, of IT Governance.
Find further Green IT products here, including cutting-edge texts, support manuals, and standards on both Green IT and the Environmental Management Standard ISO14000.