One of the biggest challenges for CIOs today is to align the IT initiatives
in their organizations with the core business goals. Obviously, they need to
involve people from all the business processes to collect strategic inputs that
can help them take right decisions for the overall business growth. But the task
is too cumbersome, if it is not carried out systematically. So, IT governance
methodologies empower CIOs to formalize the processes to get support from other
departments in the organization. This support is to effectively manage the IT
resources, roll out new applications for internal as well as external consumers,
ensure return on investment from IT deployment, manage risk, and measure the
impact of technology on their business.
While some enterprises customize their processes for effective IT governance,
others use standard solutions like GRC packages. According to Forrester Research
estimates, the GRC software platform market would reach $1.3 billion in 2011.
Forrester divides the market into four areas: policy and procedure management;
risk and control assessment; risk analytics, and investigations management. In
the current economic environment when companies are trying to do more with less,
the importance of IT governance goes up manifold.
Towards Governance
Companies operating in the global environment have realized that their IT
resources stay underutilized in the absence of proper IT management policies and
practices. On the other hand, governance fixes the responsibility of service
providers, takes care of service-level agreements, ensures resource utilization,
and thus helps achieve RoI targets.
Standards
Companies are generally adopting ISO 20000, Cy (COBIT and ITIL standards to
improve process and implement IT governance practices. Depending on their need,
companies adopt either centralized or business process-specific IT governance
models.
One of the important components of any IT governance model is security
governance. In today's web based businesses, information security holds extreme
importance. The right governance standards can help enterprises save IT assets
from internal and external threats. Special standards can be applied to
different IT management areas. For example, ISO 27,000 can be applied for
information security and ISO 20,000 for service delivery. It is observed that
standards based models can help user companies implement IT governance faster
than the tailor-made solutions. However, the implementation process expects set
policies and procedures from the user companies. These policies must cover the
end-to-end management of IT resources-from procurement to deployment and use.
Clearly defined policies can help companies implement IT governance effectively.
Local View
Although IT governance is at a conceptual stage in the Indian market, most
big enterprises have started considering it as an integral part of their
technology deployment process. Financial services sector, for example, seems to
be quite aggressive in adopting IT governance. The Institute for Development &
Research in Banking Technology (IDRBT) believes that IT governance is becoming
important for performance and conformance while focus is on customer value and
better risk management.
As India is a major hub for ITeS, most BPO centers are eagerly looking at IT
governance adoption. This is not only to achieve process efficiency and cost
optimization, but these centers also want to meet the globally accepted quality
of service levels. So, today IT governance is not just an option, but it has
become imperative for forward-looking enterprises.
Rakesh Raman
maildqindia@cybermedia.co.in