Extending Governance to IT

Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Extending Governance to IT

Within most companies, the data from which the company creates its reports originates from data within the company’s IT facility. As you might expect, much of corporate governance is based upon IT-related factors.

Further, over the past decades, companies have invested heavily in IT solutions that drive a variety of company (enterprise) applications. Unfortunately, many IT projects fail, either because of poor management, incorrect requirements, or misalignment of the IT solution with the company strategy. Put simply, companies make large investments in IT solutions, and to succeed, the projects should be governed.

IT governance is a subset of corporate governance, which includes the policies, procedures, and controls that relate to information technology use and deployment, performance, return on investment, and risk mitigation. As shown in FIGURE 15-6, IT governance is one of many key governance types a company must fulfill.

Corporate governance at the top branches out to strategy, ethics, and controls. Ethics leads to company assets, which in turn branches out to relationships; people; finances; plant, property, equipment; I T; and intellectual property. Relationships in turn lead to vendors, customers, suppliers, stakeholders, and shareholders. — FIGURE 15-6 IT governance is one of many key governance types a company must provide.

CASE 15-5 Sarbanes-Oxley

In 2002, in the aftermath of the .com crash and corporate scandals that included Enron, WorldCom, and Tyco, Senator Paul Sarbanes and Representative Michael Oxley cosponsored a senate bill titled the Public Company Accounting Reform and Investor Protection Act and a house bill titled the Corporate Auditing, Accountability, and Responsibility Act. The law became best known as Sarbanes-Oxley.

The law’s goal was to improve confidence in the truthfulness of company reporting by putting in place greater transparency and controls on the data upon which companies report. The law put in place criminal penalties for corporate officers who violated or failed to comply with the law.

As you would expect, Sarbanes-Oxley had a large impact on financial groups within an organization, who report a company’s financials. The law also had a large impact on corporate information-technology groups who had to put in place auditable controls on the processes, data, and applications which produced the information which drove the financial reports.

In general, Sarbanes-Oxley was a major catalyst in driving the origin of IT governance and the related processes. For more information on the Sarbanes-Oxley Act of 2002, download the act, shown in FIGURE 15-7.

FIGURE 15-7 Individuals responsible for IT governance should review the complete Sarbanes/Oxley Act of 2002, which is available on the web.

Case Study: Using the Web, research Sarbanes/Oxley. Provide a list of five reasons why Sarbanes/Oxley should remain in effect and five reasons why the law should be abolished.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for Extending Governance to IT

Create new playlist

Sign In

Sign Up

Extending Governance to IT

Table of Contents for
Extending Governance to IT