|
Often analytical applications focus on specific business issues and information and also tend to focus on a department or function such as finance and accounting. Strategies will vary - some organisations will build in-house solutions, bespoke, or use consultants to develop integrated solutions, others will use point solutions. What these BI applications do have in common is that they straddle the IT-business divide. In this way they sit well with the concerns and value of IT governance. The Butler Group have produced a number of reports on this area; in one (Managing Costs in IT), they discuss the separation of IT management and the management of intelligence. Essentially the activities of managing data, its creation of storage, retrieval, transfer and destruction is different from the management of information, the transformation of data for decision making with context and meaning. The way these activities are handled involves crossing the IT-business divide, using IT, the engineering side to support business, the information use side. IT governance attempts to ensure this management of information in both spheres is a quality process. Inevitably the culture of organisation comes into play.
If the hierarchy of information transfer recognises the roles of all those involved, and their accountability and the need to understand processes, then it might be claimed to be transparent. This confers governance on the IT realm. The structures for decision making may vary. A contemporary financial services organisation may devolve decision making down to the call-centre, the trading desk or the branch operator. Wherever it stops it should be an informed process, information must be accessible and accurate. All the features of secure systems must be active. In fast moving markets, flexibility trades with control. IT governance makes this happen in a way that is in line with the risk profile of the organisation and accountable to it. Formal IT governance, defined and established through refernce models, is an effective way of finding solutions to the business issues that face financial services (discussed earlier). In the United States, The Sarbanes-Oxley Act of 2002 (SOX), which can also apply to companies outside the United States, has mandated a high standard for corporate governance and accountability in IT.
In the United Kingdom, The Turnbull Report and other guides, such as the Combined Code, have, like SOX, emphasised frequent auditing, and the monitoring of systems of controls over business processes. IT directors are now answerable to boards of directors that are directly accountable to regualtory bodies that threaten heavier penalties. They are responsible for the security, accuracy and reliability of the systems that manage and report their companies' financial data. A significant aspect of this regulation is that it assumes IT capabilities that can deliver information in near real-time, that is, almost instaneously. We have seen that MiFID assumes a lot from the technological base. All trends point to an intensification of the IT effort to meet modern business needs. Firms need to report on compliance with complete confidence in the accuracy of the data they provide. That demands up-to-the-minute accuracy and availability.
The current level of competitiveness with the financial sector is such that IT solutions that deal with these issues can make or break a business. Above all, it is the company with a coordinated approach to IT management and governance that will survive and grow. So, as well as integrating IT and business interests and supporting effetcive business decision making within the known risk profile of the firm, IT governance adds value by being a natural response to the increased demands of corporate governance, the automation and increased frequency of auditing, the exposure of the security of a firm's intellectual capital and data, the higher profile lines of accountability and the need for real-time information in a dynamic business environment.