week 10 - IT governance Flashcards
what is meant by IT governance?
the decision rights + accountability framework deployed through a mix of structural, processual + relational mechanisms + used to ensure the alignment of IT related activities with the org’s strategy + objectives.
what does IT governance include?
the processes, policies, standards + relationships that ensure the effective + efficient use of IT in support of the org.
what does IT governance involve?
establishing a framework for IT related decision making + for managing risks associated with IT activities such as security, privacy + compliance.
what does IT governance help orgs to do?
- optimise investments in IT
- improve their performance
- reduce risks associated with IT activities
where is IT governance critical for in todays age?
where orgs rely heavily on tech to support their operations + where the risks associated with IT activities are complex + pervasive.
what are the benefits of IT governance?
Improved decision making: this helps ensure that decisions are based on the org’s strategic goals, priorities + values.
Reduced risk: this provides a framework for identifying, assessing + managing risks associated with IT resources + activities.
Improved performance: this enables the org to better manage its IT resources + investments, leading to improved performance + efficiency.
Increased transparency + accountability: this provides a clear framework for decision making + accountability, helps to build trust among stakeholders.
what can poorly managed IT platforms result in?
significant risks to the org including data breaches, downtime, regulatory noncompliance + reputational damage.
Effective governance helps mitigate these risks + ensures the org can operate in a secure + compliant manner.
what are the challenges of IT governance?
Resistance to change: some stakeholders may resist the changes required to implement IT governance such as new policies.
Lack of resources: implementing this requires resources such as time, money + expertise which may be in short supply.
Complexity: this can be complex + difficult to implement in large, decentralised orgs.
Balancing innovation + risk: this must balance the need for innovation + agility with the need to manage risks + ensure compliance.
what is value creation?
the process + activities that lead to the production of a marketable good. The result of how resources are combined to produce goods with specific properties that define their value when exchanged.
how can the value creation process be effective?
this is determined by the efficiency of the processes that are used to finalise the production of goods that can be exchanged.
what is meant by the aggregation process?
a contingent process which aggregates + binds resources inscribing them into a physical object for the temporal moment in time. It is dynamic, modular + reversible.
what does the business result as from the aggregation process?
a complex web of algorithms which interact in the process that determines what will be inscribed into the physical object + how.
what is the movement of the value creation process?
it moves from a linear sequence of activities towards an intricate web of algorithmic relationships + interdependencies.
This cannot be managed following the linear relationships described in the value chain model.
what are the IT governance dimensions?
Focus (what to govern): what IT related activities must be aligned with org strategy + objectives.
Scope (who to govern): which actors + stakeholders are held accountable for ensuring IT’s contribution to the org.
Patterns (how to govern): what mechanisms are put in place to ensure “desirable” IT related activities + outcomes.
what factors are included in the focus of IT governance?
- value creation
- IT investment
- IT business alignment
what is meant by the scope of governance?
which actors + stakeholders are held accountable for ensuring IT’s contribution to the org.
what is the primary scope of IT governance?
the IT function, the underlying assumption is relying on the specialised expertise of IT professionals. This varies depending on size of the project across departments, interorganisational or global.
what are the patterns of governance (implementation)?
- structural arrangements
- formal processes ensuring desirable access + use of IT in alignment with org needs.
- relational mechanisms facilitating communication, coordination + shared understanding between businesses + IT stakeholders.
what are structural arrangements?
centralising IT decision making to create cross unit synergies
vs
decentralising IT decision making to create flexibility for local business units.
what does centralisation involve?
a single entity or authority having control over the system.
what are the benefits of centralisation?
- clear decision making
- centralised security
- easier maintenance
what are the issues of centralisation?
- lack of flexibility
- susceptibility to system wide failures
- potential for abuse of power
what does decentralisation involve?
a network of entities or authorities sharing control over the system.
what are the benefits of decentralisation?
- increased resilience
- greater transparency
- more innovation
