There’s little doubt that today’s IT leaders recognize the need for enhanced security and control. After all, virtually every day brings more news of failures, ranging from embarrassing security breaches to massive losses of confidential client data. In many cases, the result has been a degradation of organizational integrity and a loss of public faith.
Thankfully, IT governance stands in the wings, ready to combat the malicious with the promise of reduced business risk and in many cases streamlined business processes. Its advantages are too compelling to ignore.
IT governance is often defined as the leadership, organizational structure, and processes that ensure IT extends and supports business strategies and objectives. It is a framework designed to “align technology with business” and thereby deliver value – by properly allocating resources, measuring performance, and managing risks.
IT governance has assumed even greater prominence in recent years thanks to the litany of corporate scandals that have rocked confidence in the capital markets.
With investor confidence at all-time lows, governments have stepped in to ensure companies do the right thing. In the U.S., government response gave us legislation like the Sarbanes-Oxley Act which sets a high bar of internal control requirements.
In Canada, our regulators have reacted similarly, with the objective of clamping down on the kinds of organizational misdeeds that land people in jail and wipe out retirement savings.
IT plays a vital role in the overall control environment – by forming the basis of reliable information and communication. Without controls in IT, these objectives are nothing more than hopeful, and little confidence can be placed in the information we receive.
Take, for instance, a company that has no control over who has access to its sales system – how can we be sure that no one is entering bogus sales in just to get a commission on them?
In an ever increasing electronic world, IT control is not just a reality, it’s a necessity. Implementing controls and IT governance, however, doesn’t happen overnight.
It requires leadership and a vision that recognizes long term benefits outweigh short term costs.
Sounds scary, but it’s not as dire as you’d think. IT governance doesn’t have to be conventionally viewed as expensive or ponderous. The more enlightened technology leaders view it as a means of streamlining operational processes and gaining competitive advantage. Despite its forbidding reputation, IT governance could be technology’s ace in the hole. Its benefits fall into three broad categories: