Aligning IT governance, company vision
IT governance should be recognised as an integral part of business and a strategic corporate asset that should be represented on a board and audit committee level.
So said Telkom group CIO, Len de Villiers, addressing delegates at the ITWeb Governance, Risk and Compliance 2014 Summit in Bryanston this morning.
According to De Viliers, IT decisions, accountability, policies, standards, controls, procedures and reporting are required to be far more formalised and embedded in the organisation than ever before.
"Due to its pervasiveness in business, a proper IT governance framework is essential as chief information officers will have to demonstrate to the board how it is aligned with strategic vision of the organisation and fulfils new responsibilities.
De Villiers pointed out that boards require CIOs to give feedback on performance and sustainability of IT governance programmes adopted by their departments for the organisation.
"Boards are also concerned about IT investments, risk management, information security and governance structures, and how these link to key business decisions," stated de Villiers.
The CIOs' understanding of these programmes, according to de Villiers, will not only impose management and control disciplines on IT activities, but will also ensure the integrity and protection of IT operations and the achievement of targeted business goals.
"These principles are the core of IT governance that will allow CIOs get the most value from IT, including moving towards strategic goals and ensuring that stakeholders and management understand key IT risks and manage them accordingly."
Furthermore, De Villiers encouraged CIOs to take into account different dimensions of the IT risk universe such as the inability to recruit IT staff due to the industry's skills shortage, inflexible IT infrastructure and critical system failures, to name a few.
"The board should work in tandem with the CIO to ensure there is a process in place to identify and exploit opportunities to improve the performance and sustainability of the company through the use of IT," he said.
"To stay abreast of developments, the organisation's technology department must make use of research companies to perform annual benchmarks on components of the technology operations."
Additionally, De Villiers advised that the technology department must conduct customer satisfaction surveys regularly, by which the organisation rates the performance of IT in delivering services.
"The organisation must also adopt an infrastructure replacement programme which ensures that key infrastructure is refreshed and replaced in line with the organisation's depreciation cycle. This ensures that IT operations are resilient enough to continue support of key business processes in case of a system failure."
In closing, De Villiers listed the organisation's alignment to industry standards, involvement of the board in the development of the IT strategies, tracking project expenditure and benefits, as well as defined roles and responsibilities across technology platforms as some of the key factors in implementing successful IT governance.