Home �   ITIL�  Index

IT Service Catalog - The Central Component Of IT Governance

By Boris Pevzner IT Governance is now widely recognized as a critical success factor for managing today's complex enterprise IT environments.
Sep 19, 2005

ITSM Watch Staff

By Boris Pevzner

IT Governance is now widely recognized as a critical success factor for managing today's complex enterprise IT environments. It has become one of the most popular buzzwords among IT executives and company boards alike. But, like many buzzwords, this one is far easier to recite than it is to understand, let alone apply.

Why is so little rigor and strategic planning applied to the subject of such pervasive significance? This stems from the fact that IT Governance has evolved over the last few years not as an actively designed CxO-driven initiative but as a collection of loosely connected "governance silos."

The most commonly encountered types of uncoordinated silos are "project governance," "outsourcing governance," "architecture governance," "data security and access governance," and "governance around change." In most cases, these governance silos are created as a reactive mechanism to address a particular need, for example, architecture problems or overspending or duplication. Adding to the confusion, a variety of point-solution product offerings addressing each of these silos are marketed by the vendors under the general "IT Governance" umbrella.

Complicating the picture even further is that there is no single IT Governance standard. Rather, the topic of IT Governance falls at the intersection of three popular frameworks, which are contemporary buzzwords extraordinaire in their own right: ITIL (from the IT delivery and support point of view), CobiT (from the financial auditing and control point of view), and SOX (from the US regulatory compliance point of view).

What is IT Governance?
A straightforward definition of IT Governance comes from the Board Briefing on IT Governance publication (pdf) produced by the IT Governance Institute:

    IT governance is the responsibility of the board of directors and executive management. It is an integral part of enterprise governance and consists of the leadership and organizational structures and processes that ensure that the organization's IT sustains and extends the organization's strategies and objectives.
At the next level, this breaks down into the following five IT Governance areas:
  1. Business-IT Strategic Alignment, with a focus on aligning with the business and collaborative solutions.
  2. Value Delivery, concentrating on optimizing expenses and proving the value of IT.
  3. Risk Management, addressing the safeguarding of IT assets, disaster recovery and continuity of operations, and risks associated with regulatory compliance.
  4. Resource Management, optimizing knowledge and IT infrastructure.
  5. Performance Measurement, tracking project delivery and monitoring IT services, which provides feedback to the governing body and enables decision making, objective setting, and policy adjustment.
Key issues in implementing a successful IT Governance framework
Every successful IT Governance framework intended to address these five areas needs to include an organizational component and a technology component.

The organizational aspects are neatly summarized by Peter Weill and Jeanne Ross in their the IT Governance book (published by HBS) as "Ten Principles of IT Governance": involve senior managers, ensure clear exception-handling, provide the right incentives, assign ownership and accountability, provide transparency and education, etc.

At the technology level, the key question is: How to identify the concepts that need to be defined to enable effective IT Governance, and how to implement the processes and tools that make these concepts actionable? The answer is guided by the old "DMMI" maxim "" because:

  • What is not defined cannot be managed.
  • What is not managed cannot be measured.
  • What is not measured cannot be improved.

    1 2 >> Last Page