EDITORIAL: Governance - a strategic approach
Full alignment with business strategies and business direction is critical if organisational investment in IT is to deliver real value, whilst key risks have to be identified and controlled, and legislative and regulatory compliance must be demonstrated.
All analysts - and most CIOs - currently agree that probably the biggest risk and concern to executives is failing to align IT to real business needs, and a failure to deliver, or be seen to be delivering, value to the business. Since IT can have such a dramatic effect on business performance and competitiveness, a failure to manage IT effectively can have a serious impact on the business as a whole. IT governance covers this and more, and in light of recent corporate failures and the economic downturn, enjoys a far higher profile today than ever before.
Corporate governance generally has taken on even greater significance. It is being recognised that IT has a pivotal role to play in improving corporate governance practices, because critical business processes are usually automated and directors rely on information provided by IT systems for their decision making.
The current climate of cost reduction and budget restriction has resulted in a new norm - there is an expectation that IT resources should always be used as efficiently as possible and that steps are taken to organise these IT resources ready for the next cycle of growth, business innovations and new IT developments. A key aspect of these factors is the increasing use of third party service providers and the need to manage these suppliers properly to avoid costly and damaging service failures.
IT governance covers the culture, organisation, policies and practices that provide this kind of oversight and transparency of IT. The benefits are far reaching - good IT governance not only reduces the cost and damage caused by IT failures, but also engenders greater trust, teamwork and confidence in the use of IT itself and the people trusted with IT services.
In this issue of ITadviser we provide a perspective on developing a strategic approach to IT governance that explores many of the frameworks that exist to support your efforts - and we also take an early look at the new ISO IT governance standard.
NCC Head of Content
(ITadviser, Issue 56, Winter 2008)
The floods of 2007 caused significant disruption for many organisations in several parts of the UK. As a result of this, effects were felt way beyond the organisations whose workplaces were actually flooded; they included staff being unavailable for work, loss of power and water supplies, suppliers disrupted and an ... read more..
Maitland Hyslop is COO of the Onyx Group and a published author on the subject of information security. To spend or not to spend? This is the question facing most directors as pressures to cut costs and reduce overheads increase. IT departments are not immune to the current crisis and in ... read more..
Colin McDonald, Head of Curriculum Development at Ufi, the organisation behind learndirect and learndirect Business takes a look at the impact of Web 2.0 on IT skills training. Web 2.0 is set to revolutionise the way in which IT skills and other training is provided. In the near future, learners will ... read more..
A new avenue for civil discovery is appearing on the horizon: the discoverability of sound recordings. From March 2009 UK financial institutions will have to record and store telephone conversations and electronic communications relating to client orders, under new regulations introduced by the Financial Services Authority (FSA). Under these new rules ... read more..
Documents created in any country and any language can be, and increasingly are, relevant to investigations or regulatory matters. Consequently, there is more of a need than ever to be fully aware of how to best equip for the challenges of dealing with multi-lingual forms of data. In the area ... read more..
The aim of the IT department is to drive operational efficiency to achieve lower costs, while continually meeting business demands through technological innovation. It's a tough ask, but to make matters worse, there's no hiding from the fact that businesses today are also being forced to cut budgets and curb ... read more..
Missed opportunities for all A recent survey from Acresso Software has revealed that software producers and enterprise IT organisations are unsure about what software customers are entitled to use and are struggling to successfully manage and track license usage information. Half of the software producers surveyed said that they did ... read more..
Are you prepared for a crisis? Nick Turnbull explains why the ever-increasing range of threats to businesses of all sizes makes the existence of a business continuity plan absolutely essential. Events of recent years have shown that crises such as natural disasters can pose real risks to businesses. Yet many companies ... read more..
Do you really know how many people are using USB flash drives in your organisation? Don't worry if you're not sure - the majority of IT professionals are equally uncertain. In April 2008, a survey by SanDisk found that 77 per cent of corporate end users had used personal USB flash ... read more..
Can virtualisation help make an organisational IT infrastructure more resilient to failure? Dave Gilpin gives his views. Virtualisation has been very much the hot technology of 2008 and a plethora of claims have been made for the advantages that it brings. Many of these hold up to close scrutiny, but some ... read more..
With damage to reputation and brand now being seen as the key consequence of data breaches, it is vital that your approach to information security extends across the length and breadth of your supply chain, as Sheila Upton explains. Ernst Young's 11th global information security survey reveals that information security ... read more..
How do you take account of the various standards and best practice approaches when looking to develop an IT governance framework? Alan Calder guides you through the maze. Most IT management frameworks and standards offer solutions and tools that can help with IT governance, but they are typically very detailed, and ... read more..
Dorothy Tudor explores the elements of Agile project delivery with specific reference to DSDM Atern. She examines the factors which make success more likely in an Agile project and gives steps to successful implementation. What is Agile? The modern definition of Agile development approaches has evolved since the mid-1990s as part of ... read more..
Nick Hutton provides some practical guidance on how to improve the levels of information assurance within your organisation. Information assurance can be described as 'the confidence that information systems will protect the information they handle and will function as they need to, under the control of legitimate users'. More directly, information ... read more..
Securing remote workers using two-factor authentication Michael Robertson considers the business and environmental benefits offered by remote working and discusses the role of two-factor authentication in enabling this way of working. Remote working - when employees perform their day-to-day role away from a central office for all or part of their ... read more..
Despite the Brown-bounce during the financial crisis, should the IT industry, corporate users, IT vendors and public sector IT managers, start looking at what a Conservative Government might do if they come to power? Richard Sarson investigates. Disappointingly, speakers at the Conservative Party Conference tended to say what they would scrap, ... read more..
So how would you cope if your head office suffered at the hands of fire or some other disaster? In this special ITadviser feature, we look at the experiences of organisations who have had to deal with that very situation and assess how their business continuity plans stood up to ... read more..
Full alignment with business strategies and business direction is critical if organisational investment in IT is to deliver real value, whilst key risks have to be identified and controlled, and legislative and regulatory compliance must be demonstrated. All analysts - and most CIOs - currently agree that probably ... read more..