IT Governance has become part of Corporate Governance both in South Africa and other countries. Many IT Executives see this as a burden but if it is approached in a positive manner, these obligations can be turned into real benefits and in many cases, competitive advantage.
The most significant development in South Africa during the past few years year is the introduction of the King III Report on Corporate Governance which has a chapter dedicated to the Governance of Information Technology.
What is the significance of this? There are a number of principles and recommendations in the IT chapter, each of which is important. One of the most important principles and recommendations is, however, principle 5.2 which states:
The board should ensure that the IT strategy is integrated with the company's strategic and business processes. IT should be seen to add value by enabling the improvement of the company's performance and sustainability.
The principle shown above is both strategic and operational.
As we all know, technology is an enabler and can be used to enable strategic business initiatives if applied quickly and effectively. Strategic planning should, therefore, strive to achieve business and IT strategy alignment from a governance perspective.
Another very important principle is principle 5.1. which states:
The board should be responsible for Information Technology governance.
This, in conjunction with integrating business and IT strategies, means that board members and IT executives have a greater responsibility for leveraging the potential capabilities offered by modern technology in a more strategic manner than ever. It also means that they have a greater opportunity to use the combined resources to introduce differentiation for their organisations.
In addition to the strategic issues mentioned above, operational efficiencies should also be sought. These also relate to principle 5.2. Efficiencies of this nature can found by improving and optimising IT processes, especially those that involve interaction with business.
IT Service Management processes are a good example of processes that should be integrated with business processes. Optimised IT processes should be part your organisations' overall capabilities. Adopting ITIL V3 and ISO20000 can be very beneficial from governance and operational perspectives.
In addition to King III, there are a number of recognised related standards which can be applied either on their own or to address the King III recommendations. These include the ISO 27000 series for Information Security, as well as ISO 38500 for implementing IT Governance Frameworks and ISO 15489 for Document/Records Management to mention a few. The processes relating to these can and should be implemented in such a manner that they improve your IT organisation's operational efficiencies and competitive capabilities.
We offer services that assist you in ensuring that your IT Policies and Procedures cover the requirements of King III, as well as the Standards and practices mentioned above. Please click here for details of our IT Policy and Procedure service offerings.
We are also able to offer a number of comprehensive IT Governance toolkits to help you improve your programs without the need for external consultants. Click here or more information about these excellent kits.
In addition to the kits referred to above, a Social Media kit has been become available, please click here for more information.
IACT Africa has sound experience in these areas and will gladly help you with your governance journey.