Today’s organizations rely on information technology (IT) as a crucial part of their overall enterprise strategy. As such, policies and practices that extend to IT are an integral part of this strategy- that is, IT should be governed by practices that help ensure:
- An organization’s IT resources are utilized responsibly;
- Risks are managed appropriately and
- Information and related technology support and align with business objectives.
IT governance is the method by which decisions are made around IT investments. The trouble arises when organizations continue to increase their IT spending but fail to see a return. Thus, the need for effective IT Steering Committee level governance in order to realize value from IT is becoming increasingly crucial.
The importance of ITSC Oversight
IT governance is typically the primary responsibility of the ITSC and executive management (including the Chief Information Officer). It is an integral part of enterprise governance and consists of the leadership and organizational structures and processes that ensure that the organization’s IT sustains and extends its strategies and objectives.
When it comes to IT governance, ITSC members should oversee 4 areas:
Business/IT strategic alignment
The level to which the goals and objectives outlined in the business strategy are addressed within IT strategy.
IT value delivery
The measure of business value being delivered by the IT organization.
IT resource management
The method by which IT resources are being planned and managed.
IT risk management
The security of IT assets and privacy of critical business and customer data.
Roles and Responsibilities of the ITSC
ITSC members should aspire to evaluate and in certain instances, approve strategic plans, major programs/projects and establish priorities among competing requests for resources to ensure that everyone is aligned on those initiatives. They should also conduct formal periodic reviews of major initiatives, and operational service performance. Finally, ITSC members normally act as a final escalation point for major IT/business issues and their resolutions.
There are certain situations where the ITSC specifically needs to consider getting involved in IT oversight, such as:
A strategic project that will leverage an emerging technology for competitive advantage;
A major technology implementation project with a long installation period and substantial costs and
Any initiatives related to information security and privacy.
In such situations, senior level management should spend time discussing the organization’s technology initiatives. It is also critical for ITSC members to discuss with management about the associated technology risks and how the organization protects sensitive information.
Making IT Successful in the organization
IT governance exists so that enterprise leaders can ensure that IT is successfully supporting the organization’s goals and mission. IT governance helps upper management to raise awareness and understanding among employees. Such governance also helps to provide guidance and tools to ITSC members, executive managers, and CIOs to ensure that IT is appropriately aligned with corporate goals and policies and that IT meets and exceeds expectations of the organization.