IT governance is a framework that ensures your organization’s IT infrastructure supports and enables the achievement of its corporate strategies and objectives. The full definition can be found in IT Governance: A Pocket Guide by Alan Calder. IT governance framework is a type of framework that defines the ways and methods through which an organization can implement, manage and monitor IT governance within an organization The official IT governance standard is ISO/IEC 38500:2015. It sets out a straightforward framework for the board's governance of information and communications technology and is a key resource for IT governance professionals everywhere in the world.
IT governance frameworks
The challenge, for many organisations, is to establish a coordinated, integrated framework that draws on all three of these standards. Leading books on the subject are:
Subdomains of IT governance
In addition to the three frameworks listed above, there are many subdomains of IT governance, including:
This site provides extensive information and advice on IT governance, as well as:
IT governance auditing
• Infrastructure & technology
• Service management
• Investment & prioritization
In this respect, we understand investment & prioritization to be the IT portfolio management with which the strategy is converted, benefit-oriented, into operational measures. Together with IT management, PwC implements a rational form of these decision areas for a uniform and long-term optimization of the information technology.
The following advantages are achieved as a result:
• Sustained alignment of IT to the corporate objective from the point of effectiveness (alignment)
• Securing efficiency (continuous optimization of IT production through well-defined balance between performance and compliance)
• Established control mechanisms for the purpose of functional IT controlling
• Securing business process-oriented adaptability of IT through all-round transparency within the IT processes and systems
Projects stand for the structured implementation of corporate decisions which, in the end, find their way into the classical IT operation. The decision areas also form the framework for the design of operative process and control frameworks for IT production. The design of the frameworks must comply with the regulatory demands on IT (IT compliance) and should be aligned with international standards and best practices (ITIL, COSO and COBiT).
PwC methods for the design and implementation of these process and control frameworks include:• a risk analysis on the basis of international standards and industry-related regulatory requirements,
• the description of a framework consisting of process and control elements,
• efficient structuring of the processes using ITIL or comparable methods and support of the rollout.
An audit of already implemented solutions for the IT governance framework according to latest standards can also be carried out by PwC specialists. This includes information on improving the stipulated processes.