A director's guide to IT governance
This book is an essential read for those sitting on the board of any organisation that wants to secure its information, its intellectual property and its competitive advantage.
Written for a non-technical, commercially-minded audience, this book offers a comprehensive introduction to the critical subject of IT governance.
Why is IT governance important?
Your business will stand or fall on the quality of its IT governance. Information technology can enable you to improve your operations and cut costs. And by changing the way you deal with your customers, IT may even have the potential to transform your entire business.
However, IT involves an element of risk. For the sake of your bottom line, these risks are something your company needs to be capable of managing.
IT governance and the board
IT governance generally enjoys less board understanding and commitment than corporate governance. However, the reality is that the IT function is vital to the running of your business and so IT governance too requires leadership from the top.
Information security breaches have the potential to alienate your customers and to damage your company's reputation. The consequences of cyber crime could cripple your business with heavy financial losses. Failure to comply with the information security requirements of corporate governance codes may even cause your company to be denied a presence in entire countries.
The road to information security goes through corporate governance. This means that information security has to be a specific board-agenda item, and a priority at CEO level.
IT governance and intellectual property
While you can easily judge how much a factory is worth, some of your company's most important assets may be the intangible ones. The real worth of your company is a matter of its intellectual capital - such as patents, designs and databases - as well as the sites and machinery in its possession.
This kind of information is held on computer systems. So your company needs to be as serious about protecting its digital information from industrial espionage and cybercrime as it is about protecting its warehouses from robbery and arson.
IT governance as a business enabler
Having an effective IT governance framework in place will help you to safeguard your company against an information security breach. At the same time, your IT governance framework can open doors for your business.
By ensuring that your IT systems are properly integrated with your business, and in harmony with your overall business goals, your company will be in a far better position to drive through changes and improvements. Establishing an IT governance framework is essential for the success both of IT projects and for the larger projects that need support from across the whole organisation."
Table of Contents
- About the author
- CHAPTER 1: WHY IT GOVERNANCE MATTERS
CHAPTER 2: GOVERNANCE AND RISK MANAGEMENT
- Fiduciary duties
- Governance frameworks
- Capital markets and financial reporting convergence
- Converging audit requirements
- Corporate Governance in Europe
- Combined Code and the Turnbull Guidance
- Sarbanes Oxley
- Risk management framework
CHAPTER 3: INTELLECTUAL CAPITAL
- Knowledge assets
- Tangible relevance
- Structure of intellectual capital
- The role of IT governance
- Beyond knowledge management
- Protecting intellectual assets
- Third party intellectual property rights (IPR)
CHAPTER 4: COMPLIANCE
- Privacy and Data Protection
- EU Regulation
- UK Regulation
- US Regulation
- APEC regulation
- Anti-spam legislation
- Freedom of Information legislation
- Computer misuse legislation
- Human Rights
- Other legislation
- Record retention and destruction
CHAPTER 5: INFORMATION RISK
- Overview of threats and impacts
- Information security governance
- Complexity and larger organizations
- ‘Traditional’ external threats
- ‘Traditional’ insider threats
- Organized crime
- Emerging trends
- Information security best practice
- The need for metrics
- CHAPTER 6: SYSTEM DEPLOYMENT AND PROJECT RISK
CHAPTER 7: DESIGNING AN IT GOVERNANCE FRAMEWORK
- Business context and culture
- IT governance framework
- Business, information and ICT strategies
- IT steering and executive committees
- Hierarchy of IT decisions
- Reporting and monitoring framework
- External systems and standards
CHAPTER 8: IT GOVERNANCE IN ACTION
- ‘Operationalization’ of strategy
- Responsibility and accountability
- IT goals, functional organization and communication
- Information Strategy
- ICT Strategy
- Project governance
- Information security and compliance
- IT performance optimisation
- CHAPTER 9: ISSUES FOR THE PUBLIC SECTOR AND NOT-FOR-PROFIT ORGANIZATIONS
- CHAPTER 10: IT’S ALL ABOUT LEADERSHIP
- FURTHER READING
- USEFUL WEBSITES
- Title: IT Governance: Guidelines for Directors
- Release date: April 2005
- Publisher(s): IT Governance Publishing
- ISBN: 9781849281058