IT Governance & Strategic Sourcing 2019-2020
HC1: IT Governance (Ross & Weill) 1
Chapter 1: What is IT Governance? 1
Chapter 2: Five Key Decisions: Important IT governance concepts 2
Chapter 3: IT Governance Archetypes 3
HC2: COBIT for IT Governance and IT Audit 5
HC3: Digital Transformation 10
WC2 : Digital Transformation in Insurance 13
HC4: IT Outsourcing Theories 16
HC5: IT Outsourcing in Practice 21
Past Exam Questions 24
,HC1: IT Governance (Ross & Weill)
Chapter 1: What is IT Governance?
IT governance can be broadly defined as the effective framework of leadership, organizational structures and
processes that ensure that the organization's IT sustains and extends the organization's strategies and
objectives.
Ross & Weill: ITG is specifying the decision rights and accountability framework to encourage desirable
behaviour using IT. A desirable behavior is one that is consistent with the organization’s mission, strategy,
values, norms, and culture.
This definition of IT governance aims to capture the simplicity of IT governance (decision rights and
accountability) and its complexity (desirable behaviors that are different in every enterprise). Governance
determines who makes the decisions. Management is the process of making and implementing the decisions.
The motivations for organizations to implement effective IT governance include both regulatory compliance
and economic benefits. It is critical to integrate the business, IT management, digital transformation, and
strategic sourcing in the governance process, covering both internal and external parties as well as
inter-organization or units.
Good corporate governance is important to professional investors. Major institutions rank corporate
governance on par with the firm’s financial indicators when evaluating investment decisions.
Corporate and key asset governance:
The upper half of this figure includes the senior executive team as the board’s agents that communicate
strategies and desirable behaviours to fulfill board mandates. The lower half includes six key assets through
which enterprises accomplish their strategies and generate business value.
Information—and consequently IT— is an increasingly important element of organizational products and
services and the foundation of enterprise wide processes. The tight linkage between IT and organizational
processes means that the IT unit cannot bear sole responsibility for the effective use of information and IT.
Getting more value from IT is an increasingly important organizational competency. Leaders throughout an
enterprise must develop this competency.
1
, ‘’Effective IT governance is the single most important predictor of the value an organization generates from IT.’’
The behavioral side of IT governance defines the formal and informal relationships and assigns decision rights
to specific individuals or groups of individuals. The normative side, on the other hand, defines mechanisms
formalizing the relationships and providing rules and operating procedures to ensure that objectives are met.
The difference between management and governance:
It is like the difference between a soccer team running harder and practicing longer (Management) and the
team stepping back to analyze its competition and game strategy (Governance).
Governance design and analysis requires stepping back from day-to-day decision making, taking advice and
focusing on identifying the fundamental decisions to be made and who is best positioned to make them.
Why is ITG important?
Good IT governance harmonizes decision making about the management and use of IT with desired behaviors
and business objectives. Without carefully designed and implemented governance structures, this harmony
cannot be properly implemented.
● Good IT governance pays off
● IT is expensive
● IT is pervasive
● New IT bombard enterprises with new business opportunities
● IT governance is critical to organizational learning about IT value
● IT value depends on more than good technology
● Senior management has limited bandwidth
● Leading enterprises govern IT differently
Chapter 2: Five Key Decisions: Important IT governance concepts
● IT principles: clarifying the business role of IT
○ what is the enterprise’s operating model?
○ what are IT-desirable behaviors?
○ how will IT be funded?
● IT architecture: defining integration and standardization
○ what are the core business processes of the enterprise and how are they related?
○ what information drives these core processes and how must data be integrated?
○ what technical capabilities should be standardized enterprise wide to support IT efficiencies
and facilitate business process standardization and integration?
○ what activities must be standardized enterprise wide to support data integration?
○ what technology choices will guide the enterprise’s approach to IT initiatives?
2
HC1: IT Governance (Ross & Weill) 1
Chapter 1: What is IT Governance? 1
Chapter 2: Five Key Decisions: Important IT governance concepts 2
Chapter 3: IT Governance Archetypes 3
HC2: COBIT for IT Governance and IT Audit 5
HC3: Digital Transformation 10
WC2 : Digital Transformation in Insurance 13
HC4: IT Outsourcing Theories 16
HC5: IT Outsourcing in Practice 21
Past Exam Questions 24
,HC1: IT Governance (Ross & Weill)
Chapter 1: What is IT Governance?
IT governance can be broadly defined as the effective framework of leadership, organizational structures and
processes that ensure that the organization's IT sustains and extends the organization's strategies and
objectives.
Ross & Weill: ITG is specifying the decision rights and accountability framework to encourage desirable
behaviour using IT. A desirable behavior is one that is consistent with the organization’s mission, strategy,
values, norms, and culture.
This definition of IT governance aims to capture the simplicity of IT governance (decision rights and
accountability) and its complexity (desirable behaviors that are different in every enterprise). Governance
determines who makes the decisions. Management is the process of making and implementing the decisions.
The motivations for organizations to implement effective IT governance include both regulatory compliance
and economic benefits. It is critical to integrate the business, IT management, digital transformation, and
strategic sourcing in the governance process, covering both internal and external parties as well as
inter-organization or units.
Good corporate governance is important to professional investors. Major institutions rank corporate
governance on par with the firm’s financial indicators when evaluating investment decisions.
Corporate and key asset governance:
The upper half of this figure includes the senior executive team as the board’s agents that communicate
strategies and desirable behaviours to fulfill board mandates. The lower half includes six key assets through
which enterprises accomplish their strategies and generate business value.
Information—and consequently IT— is an increasingly important element of organizational products and
services and the foundation of enterprise wide processes. The tight linkage between IT and organizational
processes means that the IT unit cannot bear sole responsibility for the effective use of information and IT.
Getting more value from IT is an increasingly important organizational competency. Leaders throughout an
enterprise must develop this competency.
1
, ‘’Effective IT governance is the single most important predictor of the value an organization generates from IT.’’
The behavioral side of IT governance defines the formal and informal relationships and assigns decision rights
to specific individuals or groups of individuals. The normative side, on the other hand, defines mechanisms
formalizing the relationships and providing rules and operating procedures to ensure that objectives are met.
The difference between management and governance:
It is like the difference between a soccer team running harder and practicing longer (Management) and the
team stepping back to analyze its competition and game strategy (Governance).
Governance design and analysis requires stepping back from day-to-day decision making, taking advice and
focusing on identifying the fundamental decisions to be made and who is best positioned to make them.
Why is ITG important?
Good IT governance harmonizes decision making about the management and use of IT with desired behaviors
and business objectives. Without carefully designed and implemented governance structures, this harmony
cannot be properly implemented.
● Good IT governance pays off
● IT is expensive
● IT is pervasive
● New IT bombard enterprises with new business opportunities
● IT governance is critical to organizational learning about IT value
● IT value depends on more than good technology
● Senior management has limited bandwidth
● Leading enterprises govern IT differently
Chapter 2: Five Key Decisions: Important IT governance concepts
● IT principles: clarifying the business role of IT
○ what is the enterprise’s operating model?
○ what are IT-desirable behaviors?
○ how will IT be funded?
● IT architecture: defining integration and standardization
○ what are the core business processes of the enterprise and how are they related?
○ what information drives these core processes and how must data be integrated?
○ what technical capabilities should be standardized enterprise wide to support IT efficiencies
and facilitate business process standardization and integration?
○ what activities must be standardized enterprise wide to support data integration?
○ what technology choices will guide the enterprise’s approach to IT initiatives?
2
