Governance is vital to accomplishing the goals of an enterprise. By its very definition, governance of enterprise IT (GEIT) places a structure around how an organization aligns IT strategy with business strategy, ensuring that companies stay on track to achieve goals and implement methods to measure performance.
To be successful, an enterprise needs to manage expectations and satisfy stakeholder requirements— the drivers behind development of enterprise goals and subsequent IT-related goals. These goals must be in alignment and are best created with the full cooperation and involvement of IT and the stakeholders.
While governance is critical to any enterprise, form does not always follow function, resulting in many different pathways to successful implementation. In short, there seems to be no agreed-upon approach.
How to you get there—how do you start?
One valuable new resource is ISACA’s white paper, “Getting Started with GEIT.” The white paper outlines how an enterprise can begin the process of understanding needs and how to take that knowledge and put it into action.
It summarizes how using a well-established framework, such as COBIT 5, assists in creating a common language and understanding of governance concepts throughout the enterprise.
For example, the early benefits of using a framework include:
- Deliver value to stakeholders.
- Accomplish established stakeholder goals.
- Make future change easier to accomplish.
- Establish a framework that is part of the enterprise culture.
- Strengthen internal control.
- Rely less on external parties.
- Enhance credibility of internal resources.
One item to note is that no matter what new framework is introduced, the timing of its introduction should be sensitive to the general business environment or commitment to its adoption could prove difficult.
The beauty of a successful framework is that its strength resides in its flexibility. It offers guidance, not prescriptive steps in what to do. The end result? Risks to the enterprise are significantly reduced and overall value quickly recognized.
Joanne De Palma, CISM, BCMM Assessor, MBA
Director, Global Information Technology Risk Management – ORM