IT Governance & Quality Management Lekture 1 Introduction 1IT-University of Copenhagen11/01/2014.
-
Upload
jose-mcclure -
Category
Documents
-
view
220 -
download
2
Transcript of IT Governance & Quality Management Lekture 1 Introduction 1IT-University of Copenhagen11/01/2014.
IT Governance & Quality Management
Lekture 1Introduction
1IT-University of Copenhagen10/04/23
After the course the student should be able to: • Describe IT governance control structures and mechanisms in a company • Describe quality management structures and mechanisms in a company • Explain the value of IT governance and quality management • Describe industry standards for IT process models (e.g. CoBIT and ITIL) and development and test of IT systems (e.g. Agile, V-model) • Analyze the contents of quality related standards and compliance requirements. Reflect on the significance of quality standards and compliance requirements. • Recommend an IT governance setup for a given situation • Recommend an quality management approach in a given situation
2IT-University of Copenhagen10/04/23
IT-Governance in a context
Six key assets
• Human
• Financial
• Physical
• Intellectual property
• IT
• RelationshipsRoss & Weill
3IT-University of Copenhagen10/04/23
IT-Governance in a context• 5 Key assets
• People, Portfolios and Processes:
• The 3P Model of IT Governance
• http://www.isaca.org/Journal/Past-Issues/2008/Volume-2/Pages/People-Portfolios-and-Processes-The-3P-Model-of-IT-Governance1.aspx
4IT-University of Copenhagen10/04/23
One definition of IT architecture
” The fundamental organization of a system
represented by its components,their relationships to each other and to the environment,
and the principles that govern the systemdesign and development. "
ANSI/IEEE Std 1471-2000 superseded by ISO/IEC/IEEE 42010:2011,Systems and software engineering — Architecture description.
” The fundamental organization of a system
represented by its components,their relationships to each other and to the environment,
and the principles that govern the systemdesign and development. "
ANSI/IEEE Std 1471-2000 superseded by ISO/IEC/IEEE 42010:2011,Systems and software engineering — Architecture description.
5IT-University of Copenhagen10/04/23
BusinessIT
6
Strategy
6IT-University of Copenhagen10/04/23
Conant-Ashby Theorem • ”every good regulator of a system has to have a model
of that system” • Our ability to control a system depends on
understanding that system• This means that we need to understand all facets of
The systems - not only the technical
In conclusion
10/04/23 · 7
“Now! …. That should clear up a few things around here!”10/04/23 8IT-University of Copenhagen
10/04/23 IT-University of Copenhagen 9
•What is IT-Governance•For who by who•The Goals of IT-Governance•The importens of IT-Governance
What is IT-Governance• Information technology governance is a subset discipline of corporate governance
focused on information technology (IT) systems and their performance and risk management. The rising interest in IT governance is partly due to compliance initiatives, for instance Sarbanes-Oxley in the USA and Basel II in Europe, but more so because of the need for greater accountability for decision-making around the use of IT in the best interest of all stakeholders.
10IT-University of Copenhagen10/04/23
Definitions• Specifying the decision rights and accountability framework to encourage desirable
behavior in the use of IT.“ Weill and Ross
• "… the leadership and organizational structures and processes that ensure that the organization's IT sustains and extends the organization's strategies and objectives.” The IT Governance Institute
• "an integral part of corporate governance and addresses the definition and implementation of processes, structures and relational mechanisms in the organization that enable both business and IT people to execute their responsibilities in support of business/IT alignment and the creation of business value from IT enabled investments". Van Grembergen and De Haes (2009)
• "The system by which the current and future use of ICT is directed and controlled. It involves evaluating and directing the plans for the use of ICT to support the organization and monitoring this use to achieve plans. It includes the strategy and policies for using ICT within an organization.” the Australian Standard for Corporate Governance of Information and Communication Technology
11IT-University of Copenhagen10/04/23
Key Players Involved with IT Governance
IT governance occurs at different layers. Project Managers and Team leaders report to and receive direction from their managers; managers’ report up to the CIO’s; and the CIO’s report to executives, who report to the board of directors. Reporting includes descriptions of any activities that show signs of deviating from targeted objectives. Each level, when reporting these deviations, includes recommendations for action that must be endorsed by the governing bodies above.
Stakeholders play a part in IT governance. At the heart of the governance responsibilities of setting strategy, managing risks, allocating resources, delivering value and measuring performance, are the stakeholder values, which drive the enterprise and IT strategy. Sustaining the current business and growing into new business models are certainly stakeholder expectations and are achieved with adequate governance of the IT infrastructure.
12IT-University of Copenhagen10/04/23
The goals of IT-Governance
• The primary goals for information technology governance are to (1) assure that the investments in IT generate business value, and (2) mitigate the risks that are associated with IT. This can be done by implementing an organizational structure with well-defined roles for the responsibility of information, business processes, applications, ICT infrastructure, etc.
• Accountability is the key concern of IT governance.
13IT-University of Copenhagen10/04/23
Desirable behaviors
Embody the:• Beliefs• CultureDefined and enacted though:• Strategy• Corporate value statements• Mission statements• Business principles• Rituals• structures
04/10/23 14IT University of Copenhagen
Mechanisms for governance of the key assets
• Structures
• Processes
• Committee
• Procedures
• audits
• And more
04/10/23 15IT University of Copenhagen
IT Governance
Effective IT governance must address three questions:
• What decisions must be made to ensure effective management of IT?
• Who should make these decisions?
• How will these decisions be made and monitored?
But before that - Why
04/10/23 IT University of Copenhagen 16
Why is IT Governance important?
• New information technologies bombard enterprises with new business opportunities
• IT is Pervasive• IT is Expensive• Looking ahead, the influence of IT on enterprise
performance will continue to grow• Leading Enterprises Govern IT differently - Find the right
balance• Senior Management has limited bandwidth
04/10/23 IT University of Copenhagen 17
Why is IT-Governance important?
"IT-Governance is the most important factor in generating business value from IT”
“IT-Governance can actually deliver on the longtime management paradox of encouraging and leveraging the ingenuity of all the enterprises people while ensuring compliance with the overall vision and principles”
04/10/23 IT University of Copenhagen 18
Framework for the key IT Governance decisions
04/10/23 IT University of Copenhagen 19
04/10/23 20IT University of Copenhagen
Four IT Architecture Stages
Define Your Operating Model