Matakuliah
Tahun
: Pengantar IT Governance
: Feb - 2010
IT GOVERNANCE SIMULTANEOUSLY
EMPOWERS AND CONTROLS
Pertemuan ke-1 & 2
What is governance & IT Governance
• What is Governance ?
Governance relates to decisions that define expectations,
grant power, or verify performance. It consists either of a
separate process or of a specific part of management or
leadership processes. Sometimes people set up a
government to administer these processes and systems.
Bina Nusantara University
3
Corporate and Key Asset Governance
What is Governance ? (cont.)
Bina Nusantara University
4
What is Governance ? (cont.)
The key elements of each asset include :
• Human assets : people, skills, career paths, training, reporting,
mentoring, competencies, and so on.
• Financial assets : cash, investments, liabilities, cash flow,
receivables, and so on.
• Physical assets : Building, plant, equipment, maintenance, security,
utilization, and so on.
• IP assets : IP product, services and process
• Information and IT assets : digitized data, information, knowledge
about customers, processes performance, finances, IS, and so on.
• Relationship assets : relationship within the enterprise as well as
realtionships, brand, and reputation, and so on.
Bina Nusantara University
5
What is IT Governance ?
Specifying the decision rights and accountability
framework to encourage desirable behavior in
the use of IT.
IT Governance is a subset discipline of Corporate
Governance focused on information technology (IT)
systems and their performance and risk management.
Bina Nusantara University
6
What is Governance ?
IT Governance is the responsibility of the board of
directors And executive management. It is an
integral part of enterprise governance and
consists of the leadership and organizational
structures and processes that ensure that the
organization’s IT sustains and extends the
organization’s strategies and objectives
Bina Nusantara University
7
Why is IT Governance needed ?
• IT has become a major enabler to almost all
business transformation initiatives. How IT is
being used will have a very important impact on
whether the organization achieve its vision,
mission or strategic goals.
Bina Nusantara University
8
Complementary sides of governance :
• Behavioral side of corporate governance
• Normative side of corporate governance
Bina Nusantara University
9
Effective IT Governance must address three
questions :
• What decisions must be made to ensure effective
management and use of IT ?
• Who should make theses decisions ?
• How will these decisions be made and monitored ?
Bina Nusantara University
10
The enterprise's challenges and concerns are:
• Aligning IT strategy with the business strategy
• Cascading strategy and goals down into the enterprise
• Providing organizational structures that facilitate the
implementation of strategy and goals
• Insisting that an IT control framework be adopted and
implemented
• Measuring IT's performance
Bina Nusantara University
11
IMPORTANT IT GOVERNANCE CONCEPTS
•
•
•
•
•
IT Principles
IT Architecture
IT Infrastructure
Business application needs
IT Investment and prioritization
Bina Nusantara University
12
Archetype identifies the type of people involved in
making an IT Decision :
•
•
•
•
•
•
Business monarchy
IT monarchy
Feudal
Federal
IT duopoly
Anarchy
Bina Nusantara University
13
Governance Arrangements Matrix
Decision
Arche
type
Business
IT Monarchy
Feudal
Federal
Duopoly
Bina Nusantara University
IT Principles
IT Architecture
IT Infrastructure
Application
IT Investment
?
14
IT Governance Design Framework
Enterprise
Strategi and
organization
Relationship
Physical asset
IP Governance
Business
Performance
goals
HR Governance
IT organization
And desirable
behavior
Financial governance
IT metrics and
accountabilities
IT governance
arrangements
IT Governance mechanisms
IT
Decisions
Bina Nusantara University
15
Why is IT Governance Important ?
•
•
•
•
•
•
•
•
Good IT Governance pays off
IT is Expensive
IT is pervasive
New information technologies bombard enterprises with
new business opportunities
IT Governance is critical to organizational learning about
IT Value
IT value depends on more than good technology
Senior management has limited bandwidth
Leading enterprises govern IT differently
Bina Nusantara University
16
A few supporting references developed to guide the
implementation of information technology governance :
• Control Objectives for Information and related
Technology (COBIT)
• The IT Infrastructure Library (ITIL)
• The ISO/IEC 27001 (ISO 27001)
• The IT Baseline Protection Catalogs
• The Information Security Management Maturity Model
ISM3
• ISO/IEC 38500:2008 Corporate governance of
information technology.
Bina Nusantara University
17
Case study : UPS
United Parcel Service (UPS) illustrates how an enterprise
can transform IT from a strategic liability to an strategic
advantage through effective IT Governance.
Bina Nusantara University
18
IT Governance at UPS
Bina Nusantara University
19
Governance : Call to action
Information :
• Is increasingly easy to collect and digitize
• Has increasing importance in products and services
• Is very hard to value or price
• Has a decreasing half-life
• Has increasing risk exposure
• Is a significant expense in most enterprises
Bina Nusantara University
20