SA Banks urged to take precautions with clients’ personal information: With the Protection of Personal Information Bill (POPI) expected to be promulgated this year, the focus on
Secret to Enterprise Social Networking Success: These days, if it seems as if everyone and their dog have a presence on social media,
  • 1
  • 2

Latest Articles

  • 1
  • 2
  • 3
Mobility extends the reach of the business into the market

Mobility extends the reach of the business into the mar…

Mobility enjoys such acceptance in the market that many new ...

12 steps to IT governance

12 steps to IT governance

While most organisations go to great lengths to ‘comply’ wit...

Africa’s future is mobile

Africa’s future is mobile

Africa is an increasingly mobile continent, making smart mob...

A+ A A-

12 steps to IT governance

Rate this item
(0 votes)
12 steps to IT governance

While most organisations go to great lengths to ‘comply’ with requirements related to corporate governance, the increasingly important area of IT basically remains overlooked.  Perhaps it is largely due to the fact that most directors don’t have the necessary knowledge, skills or experience to ‘apply’ comprehensive oversight of this area of the business. Nevertheless, IT forms a significant part of a business’s core competency and any comprehensive corporate governance strategy focusing on maximising value for all stakeholders must include IT.

“The same rigours that are applied to other areas of corporate governance should also be applied to IT,” says OverSight Solutions Mike Jarvis.


In this regard OverSight Solutions has developed a 12 step programme to help organisations address their IT governance requirements. These steps involve a detailed plan for IT governance that not only meets compliance requirements but predominantly focusses on maximisation of stakeholder value.


Companies should begin by clearly defining their IT governance objectives within the organisation’s corporate governance strategy, and establishing appropriate structures (organisation and accountabilities, roles and responsibilities). These will mainly involve a Board sub-committee, established on similar lines to the audit or risk committees, together with Executive and Management Committees to supervise day to day IT activities. Following this directors and executive management need to be carefully selected, based on their previous exposure to IT, and appointed into the IT governance functions.


Once these structures have been established and appointments made, the IT governance model and frameworks can be constructed. These are vital to the ‘oversight’ of IT since they describe all the key components that ensure a holistic view of IT governance. Having established the components, they can be expanded into the domains, capability groups and capabilities that make up all world class IT organisations.


At this stage, it is crucial that a significant number of awareness campaigns are conducted with all stakeholders to bring everyone to the same level of understanding and, most importantly, to encourage stakeholder by-in.


Principles and value drivers need to be established for IT governance as a whole and also for all components of the IT governance model. It is these principles and value drivers that will provide directors with the direction needed to extract the maximimum benefits from IT.


With this in place the real IT governance work can start. At the outset there needs to be an accurate and honest assessment of the current maturity of the IT capabilities. Then a picture of the future can be painted, bearing in mind timeframes, costs and practical knowledge and experience. 


The next step is for companies to establish the priorities they want to pursue. Most gain or most pain is normally a good starting point. Armed with these priorities, the organisation can plan, agree, develop and implement solutions to meet its corporate objectives. Progress must be tracked and monitored to measure benefits, and results should be reported in a transparent way. Ongoing assurance and reviews need to take place to inform improvements in the future.


“While these 12 steps can help organisations develop a complete IT governance plan, they will not be successful without the full support and commitment of the board of directors and executive management team,” says Jarvis. “Knowledge about IT governance can be taught and learned but the determination to evaluate, direct and monitor cannot. Once a detailed IT governance implementation plan is established and communicated, directors must drive IT governance in the same way that they drive overall corporate governance. They must use whatever experience is available, internally and externally, to help them discharge their obligations,” says Jarvis.


OverSight Solutions is a start-up company focused exclusively on assisting boards of directors and executive management identify and deliver value from IT. Oversight Solutions approach is to provide directors and executive management with the right questions to ask of IT management to maximise value; to provide CIO’s and IT management with the right answers in business terms; and to support the primary advisors with the right information, methodologies, dashboards, scorecards etc. in guiding individual implementation programmes.


OverSight Solutions has established a very comprehensive IT Governance Model; a robust and complete library of processes; an extensive catalogue of products and services and a group of very competent subject matter experts. With these key ingredients it is able to support whatever value drivers, whatever implementation programme and whatever priorities an organisation wishes to pursue.

Related items

  • Corporate ethics, government ethics – are we accepting double standards?
  • The role of culture in SA business: What can we learn from Kevin Pietersen and Bob Diamond?
  • South Africa’s top 100 listed companies make positive progress on corporate reporting, but still some way to go
  • BEE - It needs growth to be good
  • Doing Business On Purpose
More in this category: « Building Long-Term Cloud Cover
Login to post comments

Technology Comments

Technology Tags

3G bandwidth BYOD call centres cloud software cloud technology cost cutting cyber security data security ERP iPad mobile mobile apps mobile commerce mobile device management network infrastructure networking outsourcing SaaS security Service Level Agreements smartphones SME social media tablets unified communications virtualisation VOIP WiFi



Copyright © 2013 gdmc (Geoffrey Dean Marketing Corporation cc). All rights reserved. Material may not be published or reproduced in any form without prior written permission. Use of this site constitutes acceptance of our Terms & Conditions and Privacy Policy. External links are provided for reference purposes. is not responsible for the content of external Internet sites.

Login or Register