1 |
1 |
Governance |
Evaluate, Direct and Monitor |
1. Analyze and identify the internal and external environmental factors (legal, regulatory and contractual obligations) and trends in the business environment that may influence governance design. |
Evaluate the governance system |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
2 |
2 |
Governance |
Evaluate, Direct and Monitor |
2. Determine the significance of I&T and its role with respect to the business. |
Evaluate the governance system |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
3 |
3 |
Governance |
Evaluate, Direct and Monitor |
3. Consider external regulations, laws and contractual obligations and determine how they should be applied within the governance of enterprise I&T. |
Evaluate the governance system |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
4 |
4 |
Governance |
Evaluate, Direct and Monitor |
4. Determine the implications of the overall enterprise control environment with regard to I&T. |
Evaluate the governance system |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
5 |
5 |
Governance |
Evaluate, Direct and Monitor |
5. Align the ethical use and processing of information and its impact on society, the natural environment, and internal and external stakeholder interests with the enterprise’s direction, goals and objectives. |
Evaluate the governance system |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
6 |
6 |
Governance |
Evaluate, Direct and Monitor |
6. Articulate principles that will guide the design of governance and decision making of I&T. |
Evaluate the governance system |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
7 |
7 |
Governance |
Evaluate, Direct and Monitor |
7. Determine the optimal decision-making model for I&T. |
Evaluate the governance system |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
8 |
8 |
Governance |
Evaluate, Direct and Monitor |
8. Determine the appropriate levels of authority delegation, including threshold rules, for I&T decisions. |
Evaluate the governance system |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
9 |
9 |
Governance |
Evaluate, Direct and Monitor |
1. Communicate governance of I&T principles and agree with executive management on the way to establish informed and committed leadership. |
Direct the governance system. |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
10 |
10 |
Governance |
Evaluate, Direct and Monitor |
2. Establish or delegate the establishment of governance structures, processes and practices in line with agreed-on design principles. |
Direct the governance system. |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
11 |
11 |
Governance |
Evaluate, Direct and Monitor |
3. Establish an I&T governance board (or equivalent) at the board level. This board should ensure that governance of information and technology, as part of enterprise governance, is adequately addressed; advise on strategic direction; and determine prioritization of I&T-enabled investment programs in line with the enterprise’s business strategy and priorities. |
Direct the governance system. |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
12 |
12 |
Governance |
Evaluate, Direct and Monitor |
4. Allocate responsibility, authority and accountability for I&T decisions in line with agreed-on governance design principles, decision-making models and delegation. |
Direct the governance system. |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
13 |
13 |
Governance |
Evaluate, Direct and Monitor |
5. Ensure that communication and reporting mechanisms provide those responsible for oversight and decision making with appropriate information. |
Direct the governance system. |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
14 |
14 |
Governance |
Evaluate, Direct and Monitor |
6. Direct that staff follow relevant guidelines for ethical and professional behavior and ensure that consequences of noncompliance are known and enforced. |
Direct the governance system. |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
15 |
15 |
Governance |
Evaluate, Direct and Monitor |
7. Direct the establishment of a reward system to promote desirable cultural change. |
Direct the governance system. |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
16 |
16 |
Governance |
Evaluate, Direct and Monitor |
1. Assess the effectiveness and performance of those stakeholders given delegated responsibility and authority for governance of enterprise I&T. |
Monitor the governance system. |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
17 |
17 |
Governance |
Evaluate, Direct and Monitor |
2. Periodically assess whether agreed-on governance of I&T mechanisms (structures, principles, processes, etc.) are established and operating effectively. |
Monitor the governance system. |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
18 |
18 |
Governance |
Evaluate, Direct and Monitor |
3. Assess the effectiveness of the governance design and identify actions to rectify any deviations found. |
Monitor the governance system. |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
19 |
19 |
Governance |
Evaluate, Direct and Monitor |
4. Maintain oversight of the extent to which I&T satisfies obligations (regulatory, legislation, common law, contractual), internal policies, standards and professional guidelines. |
Monitor the governance system. |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
20 |
20 |
Governance |
Evaluate, Direct and Monitor |
5. Provide oversight of the effectiveness of, and compliance with, the enterprise’s system of control. |
Monitor the governance system. |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
21 |
21 |
Governance |
Evaluate, Direct and Monitor |
6. Monitor regular and routine mechanisms for ensuring that the use of I&T complies with relevant obligations (regulatory, legislation, common law, contractual), standards and guidelines. |
Monitor the governance system. |
Ensured Governance Framework Setting and Maintenance |
Analyze and articulate the requirements for the governance of enterprise I&T. Put in place and maintain governance components with clarity of authority and responsibilities to achieve the enterprise's mission, goals and objectives. |
Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T-related decisions are made in line with the enterprise's strategies and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual and regulatory requirements is confirmed; and the governance requirements for board members are met. |
22 |
22 |
Governance |
Evaluate, Direct and Monitor |
1. Create and maintain portfolios of I&T-enabled investment programs, IT services and IT assets, which form the basis for the current IT budget and support the I&T tactical and strategic plans. |
Establish the target investment mix. |
Ensured Benefits Delivery |
Optimize the value to the business from investments in business processes, I&T services and I&T assets. |
Secure optimal value from I&T-enabled initiatives, services and assets; cost-efficient delivery of solutions and services; and a reliable and accurate picture of costs and likely benefits so that business needs are supported effectively and efficiently. |
23 |
23 |
Governance |
Evaluate, Direct and Monitor |
2. Obtain a common understanding between IT and the other business functions on the potential opportunities for IT to enable and contribute to enterprise strategy. |
Establish the target investment mix. |
Ensured Benefits Delivery |
Optimize the value to the business from investments in business processes, I&T services and I&T assets. |
Secure optimal value from I&T-enabled initiatives, services and assets; cost-efficient delivery of solutions and services; and a reliable and accurate picture of costs and likely benefits so that business needs are supported effectively and efficiently. |
24 |
24 |
Governance |
Evaluate, Direct and Monitor |
3. Identify the broad categories of information systems, applications, data, IT services, infrastructure, I&T assets, resources, skills, practices, controls and relationships needed to support the enterprise strategy. |
Establish the target investment mix. |
Ensured Benefits Delivery |
Optimize the value to the business from investments in business processes, I&T services and I&T assets. |
Secure optimal value from I&T-enabled initiatives, services and assets; cost-efficient delivery of solutions and services; and a reliable and accurate picture of costs and likely benefits so that business needs are supported effectively and efficiently. |
25 |
25 |
Governance |
Evaluate, Direct and Monitor |
4. Agree on I&T goals, taking into account the interrelationships between the enterprise strategy and the I&T services, assets and other resources. Identify and leverage synergies that can be achieved. |
Establish the target investment mix. |
Ensured Benefits Delivery |
Optimize the value to the business from investments in business processes, I&T services and I&T assets. |
Secure optimal value from I&T-enabled initiatives, services and assets; cost-efficient delivery of solutions and services; and a reliable and accurate picture of costs and likely benefits so that business needs are supported effectively and efficiently. |