This pocket guide is designed to provide the reader with a basic understanding of how an organization's Information Technology supports and enables the achievement of its strategies and objectives. IT Governance recognizes that Information and Information Technology is at the heart of the modern economy - and at the heart of the modern business. It is a critical component of corporate governance and this pocket guide provides an introduction on how to approach this complex subject. This pocket guide describes the drivers for IT governance; why it matters; the relationship between IT governance, risk management, information risk, project governance and compliance risk; lists the symptoms of inadequate IT governance and the benefits that can be won by implementing an IT governance framework, and describes - in principle - how to go about doing this.
Alan Calder is the founder director of IT Governance Ltd (www.itgovernance.co.uk), a information, advice and consultancy firm that helps company boards tackles governance, risk management, compliance and information security issues. He has many years of senior management experience in the private and public sectors. The company's website also provides access to a range of unique books, tools and other publication on governance, risk management, compliance and information security.
CONTENTS CHAPTER 1: Why IT Governance Matters 1 Governance background 1 IT governance defined 3 CHAPTER 2: Drivers for IT Governance 5 The information economy and intellectual capital 5 Competitiveness 7 Governance convergence 9 CHAPTER 3: Strategic and Operational Risk Management 13 Compliance risk 15 Information risk 18 Project governance 19 CHAPTER 4: Symptoms of Inadequate IT Governance 23 CHAPTER 5: What is in an IT Governance Framework? 25 IT steering committee 27 Enterprise IT architecture committee 30 IT audit 32 Third-party standards 33 CHAPTER 6: Benefits of an IT Governance Framework 35 CHAPTER 7: The Calder-Moir IT Governance Framework 37 Navigating the framework 39 Evaluate, direct, monitor 42 APPENDIX : IT Governance Resources 43