is a process used to monitor and control key information technology capability decisions - in an attempt - to ensure the delivery of value to key stakeholders in an organization.1
Here are the key points in this definition:
- IT Governance is a process. It is not a point in time event. It is not a committee. It is not a department.
- The objective of IT governance is to ensure the delivery of business results not "IT systems performance" nor "IT risk management" - that would reinforce the notion of IT as an end in itself. To the contrary, IT Governance is about IT decisions that have an impact on business value.
- The process therefore monitors and control key IT decisions that might have an impact - positive or negative - on business results.
- The concept of governance is meaningless without the recognition of both ownership and responsibility. The key stakeholders in an organization have an "ownership" stake in the organization. The management is responsible to these stakeholders.
- We must recognize the ownership stake of not just shareholders but also of the other stakeholders such as customers, vendors, employees etc.
- The "management," i.e. the people entrusted with making key decisions, is responsible to these stakeholders.
- Therefore, the objective of IT Governance is not just the delivery of risk optimized business value but also to engender the trust of the key stakeholders in the people who they have entrusted their money and/or livelihood!
- One can argue that this trust results in more business value. No doubt. But the fact remains that it is a means to that end and must be recognized independently as a motivation for IT Governance.
- In a sense, IT Governance acts upon the old adage of "trust but verify!"
There are many definitions of IT Governance. Notable among them are the following:
Weill and Ross define 2
IT governance as: the decision rights and accountability framework to encourage desirable behavior in the use of IT. They identify three components of governance:
- IT Decisions Domains: What are the key IT decision areas?
- IT Governance Archetypes: Who governs the decision domains and how is it organized? Who decides or has input, and how?
- Implementation Mechanisms: How are the decision and input structures formed and put in place?
The IT Governance Institute (ISACA) defines IT Governance as follows:
"... leadership, organizational structures and processes to ensure that the organisation's IT sustains and extends the organisation's strategies and objectives." 3
According to Gartner 4
, IT governance (ITG) is defined as the processes that ensure the effective and efficient use of IT in enabling an organization to achieve its goals. IT demand governance (ITDG—what IT should work on) is the process by which organizations ensure the effective evaluation, selection, prioritization, and funding of competing IT investments; oversee their implementation; and extract (measurable) business benefits. ITDG is a business investment decision-making and oversight process, and it is a business management responsibility. IT supply-side governance (ITSG—how IT should do what it does) is concerned with ensuring that the IT organization operates in an effective, efficient and compliant fashion, and it is primarily a CIO responsibility.
CIO Magazine 5
defines IT Governance as: Simply put, it’s putting structure around how organizations align IT strategy with business strategy, ensuring that companies stay on track to achieve their strategies and goals, and implementing good ways to measure IT’s performance. It makes sure that all stakeholders’ interests are taken into account and that processes provide measurable results. An IT governance framework should answer some key questions, such as how the IT department is functioning overall, what key metrics management needs and what return IT is giving back to the business from the investment it’s making.
Different names of IT Governance
- Information technology governance
- Information and communications technology governance (ICT Governance)
- Corporate governance of information technology
- Corporate governance of information and communications technology
CIO Desk Reference
(Relevant content on this topic in the CIO Toolkit on CIO Index)