IT Governance

IT Governance is made of the processes and responsibilities that allow for:

1. IT Use

• Continual use of IT

• Using IT in a way that meets goals and follows strategies

2. Management and Accountability

• Effective management

• Monitoring

• Performance management of the technology

• Accountability

• Allocation of roles and responsibilities

3. Value and Revenue

• Value creation from the use of technology

• Revenue generation

• Realization of objectives

Related Terms

People

• Chief Information Officer

• Members of various committees

Governance, Risk Management and Compliance (GRC) is made of three broad (and overlapping) practices an organization follows to:

• Achieve business and IT objectives

• Avoid risk (and manage it)

• Follow policies and regulations

• Follow business and IT strategy

• Monitor and enforce compliance

• Achieve and sustain effective communication between those responsible for these areas

IT Governance Framework is a pre-existing structure of procedures and methods that an organization can apply to their implementation, monitoring, and managing of IT governance.

Example

Control Objectives for Information and related Technology (COBIT) is a popular governance* framework of recommendations, processes, and objectives an organization can use to measure its performance and use of IT.

Creator

ISACA

5 Principles

1. meet stakeholder needs

2. cover the organization end-to-end

3. deploy a single framework that integrates all related standards, activities, and practices

4. support holistic governance

5. differentiate the definitions, processes, and responsibilities of governance from management

Update

COBIT 5

Guidelines