|
Information and technology (IT) governance is a subset discipline of corporate governance, focused on information and technology (IT) and its performance and risk management. The interest in IT governance is due to the ongoing need within organizations to focus value creation efforts on an organization's strategic objectives and to better manage the performance of those responsible for creating this value in the best interest of all stakeholders. It has evolved from The Principles of Scientific Management, Total Quality Management and ISO 9001 Quality management system. Historically, board-level executives deferred key IT decisions to the company's IT management and business leaders. Short-term goals of those responsible for managing IT can be in conflict with the best interests of other stakeholders unless proper oversight is established. IT governance systematically involves everyone: board members, executive management, staff, customers, communities, investors and regulators. An IT Governance framework is used to identify, establish and link the mechanisms to oversee the use of information and related technology to create value and manage the risks associated with using information and technology. Various definitions of IT governance exist. While in the business world the focus has been on managing performance and creating value, in the academic world the focus has been on "specifying the decision rights and an accountability framework to encourage desirable behavior in the use of IT."〔 Weill, P. & Ross, J. W., 2004, ''IT Governance: How Top Performers Manage IT Decision Rights for Superior Results''", Harvard Business School Press, Boston.〕 The IT Governance Institute's definition is: "... leadership, organizational structures and processes to ensure that the organisation's IT sustains and extends the organisation's strategies and objectives."〔 〕 AS8015, the Australian Standard for Corporate Governance of Information and Communication Technology (ICT), defines Corporate Governance of ICT as "The system by which the current and future use of ICT is directed and controlled. It involves evaluating and directing the plans for the use of ICT to support the organisation and monitoring this use to achieve plans. It includes the strategy and policies for using ICT within an organisation." ==Background== The discipline of information technology governance first emerged in 1993 as a derivative of corporate governance and deals primarily with the connection between an organisation's strategic objectives, business goals and IT management within an organization. It highlights the importance of value creation and accountability for the use of information and related technology and establishes the responsibility of the governing body, rather than the chief information officer or business management. The primary goals for information and technology (IT) governance are to (1) assure that the use of information and technology generate business value, (2) oversee management's performance and (3) mitigate the risks associated with using information and technology. This can be done through board-level direction, implementing an organizational structure with well-defined accountability for decisions that impact on the successful achievement of strategic objectives and institutionalize good practices through organizing activities in processes with clearly defined process outcomes that can be linked to the organisation's strategic objectives. Following corporate governance failures in the 1980s, a number of countries established codes of corporate governance in the early 1990s: * Committee of Sponsoring Organizations of the Treadway Commission (USA) * Cadbury Report (UK) * King Report (South Africa). As a result of these corporate governance efforts to better govern the leverage of corporate resources, specific attention was given to the role of information and the underpinning technology to support good corporate governance. It was soon recognized that information technology was not only an enabler of corporate governance, but as a resource, it was also a value creator that was in need of better governance. In Australia, the AS8015 Corporate Governance of ICT was published in January 2005. It was fast-track adopted as ISO/IEC 38500 in May 2008.〔(Introduction to ISO 38500 )〕 IT governance process enforces a direct link of IT resources & process to enterprise goals in line of strategy. There is a strong correlation between maturity curve of IT governance and overall effectiveness of IT. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Corporate governance of information technology」の詳細全文を読む スポンサード リンク
|