The Online Encyclopedia and Dictionary






Information technology governance

Information technology governance may also be spelled Information Technology Governance, IT Governance, IT governance or it governance.

Over the past decades, the IT department has moved from being a commodity service provider to a strategic partner where IT is viewed as a tool for increasing business growth rather than just an expense. The discipline of information technology governance derives from corporate governance and deals primarily with the connection between business focus and IT management of an organization. It highlights the importance of IT related matters in contemporary organizations and states that strategic IT decisions are to be made by the board, rather than handled by the chief information officer or other IT managers. The primary goal for information technology governance is to assure that the investments in IT generate business value and the mitigation of risks associated with IT. This can be done by implementing an organizational structure with clear roles for the responsibility of information, business processes, applications, infrastructure, etc. Depending of an organizationís business, scope and IT maturity ; centralized, decentralized or federated responsibility for strategic IT matters are suggested. Well defined control of IT is the key to success.

After the disastrous collapse of Enron in 2000, and the related scandals with Arthur Andersen and WorldCom, the duties and responsibilities of the board were questioned. As a response to this, and to prevent it from happening again, the US Sarbanes-Oxley Act was written to stress the importance of business control and auditing. It has been highly important for the development of information technology governance in the early 00īs.

There are quite a few supporting mechanisms developed to guide the implementation of information technology governance. Some of them are:

    • The IT Infrastructure Library (ITIL) is a detailed framework with hands-on information on how to achieve a successful governance of IT. It was originally developed by the British Office of Government Commerce in the early 80ís to provide British companies with a framework for efficient and financially responsible use of IT resources. (
    • Control Objectives for IT (CobiT ) is another approach to standardize good information technology security and control practices. This is done by providing tools to assess and measure the performance of 34 IT processes of an organization. The IT Governance Institute is responsible for CobiT
    • Balanced Scorecards (BSC) also provides ways to asses the organizationís performance in many different areas.

External sources

The IT Governance Institute
Informations Systems Audit and Control Association
IT Infrastructure Library
ITIL and BS15000 Governance Forum

Selected references

Weill P., Ross J., IT Governance: How Top Performers Manage IT for Superior Results, Harvard Business School Press, 2004, ISBN 1591392535

Van Grembergen W., Strategies for Information technology Governance, IDEA Group Publishing, 2004, ISBN 1591402840

March J., Simon H., Organizations, Blackwell Publishers, 1993 (First ed. Wiley, 1958), ISBN 063118631X

Last updated: 05-15-2005 14:37:54