IT governance comprises the entirety of structures, processes and roles used to ensure that IT supports the company strategy [Nie08; Han12a]. Effective implementation of such a governance requires the availability of EA models provided by EAM [Nie08].
IT Governance Foundations
IT governance aims at ensuring that IT supports the business strategy and goals and at providing an appropriate risk management [Nie08]. Further, it institutionalizes best practices for planning, acquiring, implementing, and monitoring IT operations and transformation [11b]. In order to realize its functions, IT governance comprises processes for decision making and measurement of IT performance as well as structures like steering committees or quality boards and clear definitions of roles and responsibilities [Nie08].
IT governance is heavily influenced by the structural organization of the IT of an enterprise. For example, an outsourced IT department with a responsible manager acts different to an IT department, in which also the business departments have decision rights. At the same time, IT governance also influences the evolution of the structural organization of the IT.
Generally, six IT governance archetypes can be identified within enterprises. These archetypes are classified according to the IT / business distinction and have provocative political names, since most managers identify with these stereotypes. The archetypes and their descriptions are listed in Table 1 [WR04].
ARCHETYPE |
DESCRIPTION |
Business Monarchy |
Top managers make IT-related decisions. |
IT Monarchy |
IT specialists make IT-related decisions. |
Feudal |
Each business unit of the organization makes its own IT decisions. |
Federal |
The decision making is done by the corporate center together with the business units. IT people may be involved or not. |
IT Duopoly |
The IT group together with one other group, e.g. business unit leaders or top management, decide on IT related topics. |
Anarchy |
Decisions are made by isolated individuals or small groups within the organization. |
Table 1: Six IT governance archetypes [Based on: P. Weill and J. W. Ross. IT Governance on One Page. MIT Sloan Working Paper No. 4517-04 2004. 2004.].
Probably the most renown framework for IT governance is the Control OBjectives for Information and related Technology (COBIT) framework, developed by ISACA and currently available in its 5th edition [Inta].
Further, TOGAF provides the Architecture Governance Framework, which constitutes a framework for architecture governance. According to TOGAF, architecture governance is “[...] the practice and orientation by which enterprise architectures and other architectures are managed and controlled at an enterprise-wide level.”. This includes for example the implementation of a system to ensure compliance with internal and external standards and the development of practices that ensure accountability of stakeholders actions [11b].
To implement IT governance effectively, a model of the enterprises IT needs to be available. Such a model, which documents and relates all enterprise architecture elements, is maintained by the EAM team. Additionally, Enterprise Architects can support the analysis and the planning of an effective design of the IT governance function [Nie08].
Source:
[Nie08] |
K. Niemann. “Enterprise Architecture Management and its Role in IT Governance and IT Investment Planning.” In: Advances in Government Enterprise Architecture. IGI Global, 2008, pp. 208–228. |
[Han12a] |
I. Hanschke. “EAM - einfach und effektiv.” In: Wirtschaftsinformatik & Management (WuM), Springer Verlag 04.2012 (2012), pp. 72–76. |
[WR04] |
P. Weill and J. W. Ross. IT Governance on One Page. MIT Sloan Working Paper No. 4517-04 2004. 2004. |
[11b] |
TOGAF® Version 9.1, an Open Group Standard. Standard. The Open Group, 2011. |
[Inta] |
I. International. About COBIT 5. https://cobitonline.isaca.org/about. Accessed: 18.12.2016. |