IT Governance The CIO Calendar Author: Marcel Origer Date: July 27th, 2010.
-
Upload
osborn-cross -
Category
Documents
-
view
213 -
download
0
Transcript of IT Governance The CIO Calendar Author: Marcel Origer Date: July 27th, 2010.
IT GovernanceThe CIO Calendar
Author: Marcel OrigerDate: July 27th, 2010
The CIO Calendar
An effective IT governance requires from the CIO a periodic intervention in three domains:- IT Projects / Architecture- IT Security- Internal Controls
The business environment determines whether the CIO takes a rather defensive or an offensive approach.
When the CIO is in a ‘defensive mode’ then he must deliver IT services in most reliable and cost-effective way. This determines a set of periodic actions listed on the first slide below.
When the CIO is strongly involved in the definition of the company’s business strategy, then he operates in an ‘offensive mode’. In this case IT is considered as an important component for developing innovative solutions and creating competitive advantages for the company. This implies that the CIO has to perform the ‘offensive governance’ actions listed on the 2nd slide below on top of the ‘defensive’ governance actions.
FEDIL ICT Group 2
IT Governance Calendar – DEFENSIVE Governance
IT Projects / Architecture Frequency
Receive update of strategic IT projects. Quartely
Receive update of technical architecture and review it. Semi-Annual
Ensure update of applications architecture and review it. Semi-annual
Perform budget planning for IT investments. Annual
IT Security
Audit IT security practices Annual
Perform Business Impact Analysis and appraise Disaster-Recovery capabilities (DR and BCP testing)
Annual
Review security policy and analyze new security related technology strategies
Internal Controls
Review IT-related audit-findings and verify remediation status. Semi-annual
Review audit strategy and adjust to regulatory and legal compliance Annual
3 FEDIL ICT Group
IT Governance Calendar – OFFENSIVE Governance
Strategic Technology Scanning Frequency
Stay informed and assess new technologies, applications, and systems that relate to or affect the company’s IT strategy or programs.
Continuously
Visit other companies to observe technology approaches and strategies. As needed
Engage outside experts to obtain third-party opinions about the company’s technology strategy.
Annual
Advisory Role
Advise CEO, COO, and CFO. Quarterly
Hold executive sessions with the board members to maintain awareness of IT strategy and related risks, opportunities, issues and concerns
Semi-annual
Receive business plan and update IT strategy to fulfill business objectives. Annual
Perform IT assessment and benchmarking; report results to the Board and propose actions. Annual
Business Strategy Alignment
Perform appropriate actions to ensure that the company’s IT programs effectively support the company’s business objectives and strategies.
Annual
4 FEDIL ICT Group