Towards Effective IT Governance

IT Governance is a critical issue for all organizations, particularly with the rapid increase in competition worldwide. One of the constant challenges facing every CIO is proving the contribution of their Information Services function. In addition, delivering IT and IM services that are effective and a “Value Add” to the organization is an ongoing necessity.

One of the ways CIOs can make their organizations more effective is by establishing a strong IT governance framework. Senior IT management needs to develop the management processes whereby executive management and business unit management are challenged and encouraged to participate in ensuring that:

1) there is executive management buy-in and involvement in all IT initiatives,

2) IT priorities are linked with business objectives and goals, and,

3) there is a joint effort in the effective organizational application of information technology.

In the last year ISACA (Information Systems Audit and Control Association) International has created an IT Governance Institute, the Web site ( for which is intended to become the preeminent information portal regarding IT governance. Various resources, links, and position papers are available by accessing the site, and regular updates further strengthen its effectiveness in supporting the IT professional.

This IT Governance Portal “strives to assist enterprise leadership in ensuring long-term, sustainable enterprise success and increased stakeholder value by expanding awareness of the need for and benefits of effective IT governance. The Institute develops and advances awareness of the vital link between IT and enterprise governance, and offers best practice guidance on the management of IT-related risks.”


Maximizing the Success of Chief Information Officers — An Executive Guide

The US General Accounting Office has recently developed an Executive Guide in support of the various CIOs in the U.S. Government’s Federal Departments. The paper describes six principles and key characteristics of CIO management in leading organizations. The information presented was developed from a year-long study of leading private- and public-sector organizations and should be a welcome addition to every CIO’s personal library.

While downloading the report at, also consider reviewing some of the other guidelines available at

I recommend, in particular, the reports entitled: “Measuring Performance and Demonstrating Results of Information Technology Investments”, and “Executive Guide: Information Security Management: Learning From Leading Organizations”, with respective reference numbers aimd-98-89 and aimd-98-69.

Finally, the documents at have been developed to assist CIOs at various U.S. federal government departments and agencies. There is much of value in them and I suggest you pass this bookmark on to all of your IT managers.

Dan Swanson is a management consultant with LGS Group in Winnipeg. He specializes in audit and management consulting and can be reached at

Web Sites Supporting IT Governance