Subscribe

SA`s low level of IT governance

Martin Czernowalow
By Martin Czernowalow, Contributor.
Johannesburg, 30 Jun 2005

Over 80% of respondents to ITWeb`s IT Governance 2005 Survey rated IT as very important to their organisations` business operations and growth, but only 30% of respondents` organisations formally implemented IT governance, delegates at the IT Governance 2005 conference were told yesterday.

Less than 60% felt that IT governance implementations are effective, said Johan Botha, author of the survey and MD of Analytix.

Botha reported that the study found that the majority of IT governance implementations were less than a year old, and compliance with regulations was the biggest driver for IT governance implementations among respondents.

Some 17% of respondents said they implemented IT governance to gain a strategic advantage and differentiation, while less than 15% said implementation was driven by improved management control. Botha pointed out that less than 10% of respondents implemented IT governance to control costs and manage IT risks.

Of the total respondents, he said that more than 40% used their own resources to implement an IT governance process, while about 2% used external consultants. Just over 25% used a combination of these two approaches.

But Botha warned that the sample used for the survey is not big enough to be fully representative, because after an initial 90 responses, only about 40 responses could be included in the survey results after a thorough clean-up.

"However, it provided enough meaningful feedback to provide perspective on the current IT governance thinking," Botha said.

The survey also aimed to establish average IT process maturity levels, requesting

respondents to provide the "Cobit" maturity levels for their organisations, said Botha, adding that the average levels were below three for the participating organisations.

The Cobit maturity levels allow a company to determine the "right" level of control for the organisation, he explained.

"Through self-assessment, using the Cobit maturity model, one is able to determine the 'as is` maturity level. This again allows for 'to be` assessments. Knowing the industry Cobit maturity level allows one to conduct benchmarking, leading to more informed decisions by comparing to what others are doing," Botha said.

Share