Datasec - IT Security & Control

Information Technology Governance Print
Information Technology Governance (IT Governance) implies an awareness of the principles and practices of Knowledge Management, where people and experience are highly valued. The evolution from the information age to the knowledge age was not, unfortunately, the great milestone that should have been for many IT professionals. There are yet professionals in IT management positions that regrettably still cling to old routines plagued with technicalities and who simply can't view their organization in terms of business and of the current challenges that need to be addressed, which are not technical but organizational and human in nature.

Last century's information era stressed the importance of introducing and accepting automation for information management and handling. Somehow, the notion that things had to be done differently had to be imposed and implemented practically, and in such endeavor those enlightened few, who usually had an IT background, took many a time shortcuts that disregarded some essential aspects of human communication and experience from the very people that comprised the organization.

For several years and in the name of progress this sacrifice was a necessary evil, until its impact could no longer be denied with the worldwide IT problem in the year 2000 that revealed a lack of communication, isolation, and a clear absence of constructive and interdisciplinary work. This serious blow made us realize that we had somehow taken a wrong turn along the way.

In Knowledge Management the prominence of the people that know the business is essential, and computer usage is a widely known and accepted phenomenon. The issue is now to organize the processes around the people performing these new roles, without the shortsighted hyper-technological view of the past, adequately integrating the knowledge and experience that can only be found within people's minds with the automated knowledge hosted in common access databases.

It is in this context that we cannot help but need IT Governance, embodied by the COBIT framework, which sets a more ambitious goal than that of IT management and focuses solely in the effectiveness and efficiency of IT service and product delivery, and in the proper functioning of the IT itself.

IT Governance has a broader scope, focusing in the execution and transformation of the IT to comply with the current and future demands of the business and its clients. To this end COBIT defines processes aligned with IT and business objectives, determining roles and responsibilities for almost all members of the organization, and providing a clear roadmap to perform assessments, define action plans that reflect reality and include the goals and maturity levels of the processes that have been set out. It also provides a set of measurements that allow us to effectively measure the progress achieved.

Finally, after an internal effort unique to each organization, it is possible to determine the value that all of this adds to the business, considering the involvement of most organization's members. This is undoubtedly a great effort, but in the end we will have workgroups highly proficient not only in IT resource management but what is more important, they will be experts on the best practices for IT Management and Governance of the 21st century.