IT governance

IT governance consists of leadership, organizational structures, and processes that ensure that information technology (IT) supports corporate strategy and goals. In this context, IT is understood to mean the entire infrastructure, but also the capabilities and organization that support and justify IT. IT governance is the responsibility of the board of directors and management and is an integral part of corporate governance.

Components

Successful business-IT alignment is an essential part of IT governance . The implementation of IT governance is supported by powerful and internationally accepted procedures ( CobiT , MOF , ISO 20000 , IT Infrastructure Library ). These tools can be viewed hierarchically as follows:

Corporate governance standard : COSO , ISO / IEC 38500: 2008
Superordinate standard and connection to corporate governance : CobiT (Control Objectives for Information and related Technology)
Implementation of IT service management: ISO 20000 , ITIL (Information Technology Infrastructure Library)
Information security: ISO / IEC 2700x and IT-Grundschutz Catalogs
Project management: PMBOK , ICB and PRINCE2
Architecture: TOGAF
System development: TickIT and CMMI

aims

The main goal of IT governance is to understand the requirements for IT as well as the strategic importance of IT from the perspective of the core and management processes in the company, in order to ensure optimal operation to achieve corporate goals and to develop strategies for the future expansion of business operations create. IT governance aims to ensure that IT expectations are known and that IT is able to meet these expectations. In doing so, possible risks are to be defused. In this sense, it would be more correct to speak of enterprise governance over IT than of IT governance . IT governance does not take place in the IT organization, but outside of it.

IT governance essentially balances two areas:

Creating corporate value
minimizing IT risks

Analysts set the goals of IT governance as follows:

Strategic alignment with a focus on business solutions
Generating benefits with a focus on optimizing expenses and evaluating the benefits of IT
Risk management that relates to the protection of IT assets, taking into account disaster recovery (restart after disasters) and continuation of company processes in the event of a crisis
Management of resources, optimization of knowledge and infrastructure

Functions

Product orientation
Controlling
strategy
organization
Business process modeling
Architecture management
Efficiency
Human resource management

Use case

IT governance is about placing a certain IT discipline in a special focus. This focus is particularly interesting for corporations or very large companies in which IT support for business processes has taken on a dimension that there is no longer any way around special regulations and agreements. This effort is reflected in transaction costs. So that these do not get out of hand, it makes sense to agree on uniform IT governance standards.

In principle, IT governance should create an effective and efficient framework in order to be able to optimally support a company's business processes through IT. For this purpose, principles must be specified in the company and suitable procedures and measures for enforcement both in IT and - and even more important - in the departments.

The IT should therefore be optimally aligned to the business activities of the group and thereby help the group that the IT resources provided are used to achieve an optimal group of costs, quality and security. In addition, it is expected that risks from IT use will be eliminated or minimized and that the benefit that the investment in a project supported by IT will also be achieved.

Federal model

This section presents an IT governance model often found in conglomerates, the federal model.

The federal model almost inevitably arises in corporations and especially in conglomerates, because in this environment central and decentralized forms of organization coexist. Like many other support processes, IT lives in an area of tension. This area of tension is characterized by the fact that IT should mostly support decentralized core processes in the various business areas, products or services, and on the other hand should also provide a central information hub that seamlessly connects all business units and their data. The federal IT governance model tries to establish adapted structures and committees here in order to develop an optimum for the group in this area of tension.

In this federal model there are three parties with different tasks and roles. The form and balance of the model depends on the company. The federal model is somewhere between a centralized and a decentralized organizational approach. Depending on the overall inclination of the group, its IT governance model will also be set. However, for all corporations that have implemented or want to implement a federal model, the basic tasks and roles must be located.

The following model shows the basic responsibilities and regulatory requirements and shows a common location in the federal model.

The federal IT governance model for in-house IT supply

In this framework there are three pillars that have to be in balance:

Pillar 1: Group CIO (comprehensive control) with responsibility for overall IT planning in the group, definition of central IT projects to ensure overarching synergies, specification of IT standards and monitoring of compliance, definition of the sourcing strategy, control and monitoring of the IT Cross-benefits across IT demand and IT supply.

Pillar 2: IT demand is the first point of contact for the IT departments, responsible for the definition of requirements, the creation of specialist concepts and the specialist architecture. IT demand takes IT services from the IT supply department and in this role is a kind of auditor.

Pillar 3: IT supply is the contact person for IT demand, responsible for development, IT operation and technical architecture. She advises IT demand and CIO on technical innovations.

The main features of this model are:

Central control tasks by the group CIO
Decentralized company or area CIOs as IT demand organizations
Central IT supply with own responsibility
The group companies are responsible for IT demand on a decentralized basis
Decentralized IT budgets in the group companies and for infrastructure in IT supply
Central budget for central IT projects at Group CIO
Coordination via committee structures
Basic synergies can be achieved in the central IT supply
Group synergies when there are binding, common standards and guidelines

Success factors to be considered are:

The general success factors apply to all companies
The special success factors apply to all companies in an industry
The individual success factors apply to a very specific company

General success factors	Special success factors	Individual success factors
costs	Consolidation ability Standardization ability	-
time	-	Scalability
quality	Security	Process quality
Employee satisfaction	Sourcing ability	Organizational FIT Cultural FIT
Customer satisfaction	Business process support	-

swell

↑ Archive link ( Memento of the original dated June 5, 2005 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. IT Governance for Managing Directors and Board Members, second edition, p. 11, IT Governance Institute @1@ 2
↑ Volker Johanning: IT strategy . Springer Fachmedien Wiesbaden, Wiesbaden 2014, ISBN 978-3-658-02048-4 , p. 205 ff ., doi : 10.1007 / 978-3-658-02049-1 ( springer.com [accessed June 9, 2019]).
↑ Archive link ( Memento of the original dated June 5, 2005 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. IT governance for managing directors and board members, second edition, pp. 8, 26, 29, IT Governance Institute @1@ 2
↑ Development, adaptation and planning of a procurement strategy for the use of internal and external support ( Section 2 No. 5 of the KONSENS Act )

literature

Engel, Andreas (Ed.): IT Governance in State and Municipalities - Networking, Cooperation and the Control of Change Processes in Public Information Technology (= E-Government and the Renewal of the Public Sector, Vol. 16), Berlin 2014. ISBN 978 -3-89404-846-4
Marx Gómez, Jorge / Junker, Horst / Odebrecht Stefan: IT controlling - strategies, tools, practice . Berlin 2009. ISBN 3-503-10391-0
Fröschle, Hans-Peter / Strahringer, Susanne: IT Governance . Business informatics practice. HMD 250. Heidelberg 2006. ISBN 3-89864-382-4
Peter Weill, Jeanne / W. Ross: IT Governance: How Top Performers Manage IT Decision Rights for Superior Results . Harvard Business Press, Harvard 2004. ISBN 1-59139-253-5
Johannsen, Wolfgang / Goeken, Matthias: "Reference models for IT governance, methodical support for corporate IT with COBIT, ITIL & Co". Heidelberg 2011. 2nd edition. ISBN 978-3-89864-616-1

[1] Archive link ( Memento of the original dated June 5, 2005 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. IT Governance for Managing Directors and Board Members, second edition, p. 11, IT Governance Institute @1@ 2

[2] Volker Johanning: IT strategy . Springer Fachmedien Wiesbaden, Wiesbaden 2014, ISBN 978-3-658-02048-4 , p. 205 ff ., doi : 10.1007 / 978-3-658-02049-1 ( springer.com [accessed June 9, 2019]).

[3] Archive link ( Memento of the original dated June 5, 2005 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. IT governance for managing directors and board members, second edition, pp. 8, 26, 29, IT Governance Institute @1@ 2

[4] Development, adaptation and planning of a procurement strategy for the use of internal and external support ( Section 2 No. 5 of the KONSENS Act )