What are the top issues for IT governance?
Larry Marks (no relation) has had an article published by ISACA on “top IT governance issues of 2011“. He has a great surname, but I am not persuaded that his points and priorities are so great.
Like Larry, I am a fan of the ISACA/ITGI guidance on IT governance, and his summary of it is excellent – highly recommended (although I even more strongly recommend checking out the complete guidance, available at http://www.itgi.org/).
He has these as the IT governance issues of 2011:
- IT risk management
- The establishment of a governance framework
- A sense of teamwork and of enterprise
- Value delivery through IT
- A more activist information security department and board of directors
- Cloud computing
- Continuous auditing and assurance
- Include IT-related activities to enable as well as support enterprise strategies and goals. Be part of, if not lead, strategy-setting
- Provide leadership as technology enables new corporate strategies and initiatives. In these days of mobile computing, cloud, and ‘big data’, IT should be taking the lead to explain what is possible to management – rather than waiting to meet their (ignorant) requirements
- Integrate IT risk activities into the enterprise risk management process, and (if necessary and appropriate) taking a lead to ensure effective ERM
- Ensure that decisions are made on reliable, current, timely, and available (where it is needed, when it is needed) information. Move from managing based on old, inconsistent, and fragmented data to current information that is reliable
- Simplify the IT infrastructure, eliminating duplicative or redundant applications and data repositories, to not only contain cost but build the platform for the future
- Support all the compliance requirements, preferably through a strategy that relies on a single set of solutions rather than an incompatible rag-bag