Companies should ensure governance in their organisations is strategically aligned with their IT investment, and delivery must be measured by performance.
This is according to Vernon Fryer, Faritec divisional head for professional services.
Fryer made his presentation, entitled “The impact of governance, risk and compliance”, at the ITWeb Security Summit, in Midrand, this week.
“In the near future, you are going to find international organisations will not do business with you if you do not present them with clear governance and risk management processes. They can look at your balance sheet and think that 'this business is run well', but if they don't see any risk compliance, they will take away their investment.”
Fryer explained that IT governance is a subset of corporate governance and is not in a field of its own. He added that corporate governance includes processes, customers, policies, law, management practices and institutions affecting the manner an entity is controlled and managed.
“Corporate governance should also incorporate all the relationships among the many stakeholders involved, and should aim to organise them to meet the goals of the entity in the most effective and efficient manner possible.”
Fryer pointed out that, in implementing IT governance, companies should follow a set of rules, which should be accepted by all stakeholders taking responsibility for its successful implementation. Everyone would be held accountable for managing the results, he explained.
“Boards and executives need to provide the strategic direction to establish strategic fit and obtain assurance that value reporting is reliable.”
Fryer believes the most important factors in IT governance implementation is the strategic alignment of governance in an organisation, the approval of goals by stakeholders, and the acceptance of accountability for the achievement of goals by directors and management.
“The business and IT need to agree on the measures to be used to verify that business benefits are returned and jointly accept responsibility for results. This way no one will pass the buck should the governance processes fail.”
Share