Traditionally, security has focused on inventories of hardware assets, but in the information age, assets are abstract. The real risks are not the office on fire, but the failing network or corrupted database. Information security is complex - it deals with confidentiality, integrity and the availability of data. IT governance is even more complex, placing these concerns in a larger context of business needs, partners, suppliers and the chain of activity that make a business function. Standards, such as ISO/IEC 17799: 2005, encourage a systematic approach, the only real approach to these issues.
Information security is a key component of IT governance. As IT becomes more strategic and information evolves into the real capital of business, so the management of information and similar assets becomes of greater concern to company boards. Accountability is central to IT governance. The decision making process defines who makes decisions, who is accountable for processes, who changes them; all within the context of change management. The initial decision makers in software development or procurement processes must be accountable for performance since they have established the criteria on which performance assessment is made. This is especially so since regulation, notably in the financial sector, is focused on accountability and the way this responsibility is acknowledged and acted upon within the organisation. Accountability permeates the entire organisation. No level is untouched. IT governance recognises this when it inherits the larger view of enterprise and corporate governance. These latter realms address confidence and transparency within and without the organisation, establishing credibility and trust in the market. IT governance does much the same but largely within the organisation. However, when IT concerns link to the supply chain we see the extension of the enterprise; critical processes branch out into wider markets and chains of accountability.
Governance at this point widens the scope of interest. As we've seen, the financial sector spends huge sums on IT solutions. More than anything this investment reflects its dependency on technology to support its central role in the information economy. Firms now offer a large number of products and these are increasingly electronic in nature. Many companies encourage users to buy products and open acocunts on the Internet, using financial incentives and ease of access as market drivers. To not have this kind of solution is to seriously undermine a competitive position. A report from Financial Insights suggests that capital market firms alone were projected to spend $95.5 billion on technology in 2007. IT infrastructures are recognised as being core to the delivery of services, and central for home banking,ATMs and trading systems. Regulation has responded to this by developing legislation that assumes firms have certain IT capabilities. For many companies as the vertical sectors reshape in the face of changing market conditions, they merge and acquire each other. IT resources are combined and integrated to realise efficiencies of scale, pooling skills and consolidating platforms. These factors raise a number of specific sector issues. With the increase in IT-based products there is more to track and monitor. The size of IT spending requires high-level decisions and budgeting. IT infrastructures are used to link and integrate business activities such as home banking, ATMs, trading systems, call-centres and so on. The frequency and scale of mergers and acquisitions complicate IT integration and add extra levels of complexity to business.
Underpinning the succes of the sector in the context of these issues is the need to perform against targets. IT governance has a mission to shape the relationship between IT and business ambition. Closely linked is the requirement to ensure that business information is sound; the quality of business intelligenece (BI) cannot be understated as a fundamental issue. It is worth touching on all these issues to see how they interact as part for the IT governance picture.
Our website is not responsible for the information contained by this article. Articleinput.com is a free articles resource thus practically any visitor can submit an article. However if you notice any copyrighted material, please contact us and we will remove the article(s) in discussion right away.
Note: This article was sent to us by: Debra White at 01172010
1. Project underspends and overspends
All articles are property of their respective authors. Please read our Privacy Policy!
© 2009 ArticleInput.com.