​​​​​How IT Governance Is Changing as Technology Changes

Comments Views

​In another post, I have shared an article of mine from 2010 on IT governance and internal audit.

But, has IT governance changed in the meantime?

I believe the principles are unchanged, but there are a few critical changes in how IT governance should be practiced, and the risks if it is not done well.

I would appreciate your thoughts on these points:

  1. Technology is even more essential to an organization than before. Not only is it critical to the provision of reliable, cost-effective, and quality business processes, but it is how organizations communicate with customers (including the end-customer) and it is changing the nature of the products and services that are offered. If technology is not part of strategy-setting, if it is not aligned with the business, the business may fail.
  2. Mobile applications mean that enterprise applications are coming to the palm near you. Employees will perform procurement and even IT security functions with smart phones and tablets. Are your organization's IT processes ready to provide change control over diverse mobile devices, each with a different operating environment and with the employee's personal applications in the same environment? (And, let's not forget security over the data on mobile devices).
  3. Business is getting faster and decisions have to be made at speed. Does IT provide reliable, quality, timely, and current information to the manager — wherever he is — in a form that can be used? Can the manager review the information and obtain answers to two or three follow-up questions? Quickly?
  4. Apps used in the business can be acquired quickly and inexpensively. Are the IT governance processes for selecting and acquiring such apps effective, or are they bureaucratic so that employees bypass IT? Is IT even involved in selecting apps used in the business?

I would appreciate your views.

Have the principles for IT governance changed? Should the practices for IT governance change? How much should the board be involved?

​The opinions expressed by Internal Auditor's bloggers may differ from policies and official statements of The Institute of Internal Auditors and its committees and from opinions endorsed by the bloggers' employers or the editors of Internal Auditor. The magazine is pleased to provide you an opportunity to share your thoughts about these blog posts. Some comments may be reprinted elsewhere, online or offline.



Comment on this article

comments powered by Disqus
  •  	Galvanize-July-2021-Blog-1
  • CRMA-July-2021-Blog-2
  • Bookstore-July-2021-Blog-3