IT Governance and The Political Dimension
The Emergence of IT Governance
The need for strong IT governance has been recognized since the advent of IT itself. Methods and frameworks to support this have existed for decades, albeit never really attracting global following or mass media interest. This situation however changed in the late 1990's and the early years of the twentyfirst century.
Much of the change occured as a result of the natural maturing of the information technology sector itself. Much of it, however was driven by legislation stemming from political situations and decisions
The Political and Legislative Drivers
Often, legislation is passed as a result of public fear or corproate incident. This tendency also applies to the IT sector.
The earliest legislative involvement probably pertains to personal data, a reacrion fo public concern relating to the use of or disclose of private personal information. This is particularly the case in europe and the UK (the 'Data Protection Act 1998'). However, legal requirements gradually embraced other areas, perhaps less obvious to the layman.
However, the biggest development of all came in the United States, and resulted from a series of financial scandals, most notably Enron and WorldCom. This was of course the Sarbanes-Oxley Act. This was not specifically directed at IT, but the implications for IT were immense. The landscape had changed, as the need for controls and clarity became a legal requirement. Frameworks and methods to support this were now in vogue, indefinitely.
What Are The IT Governance Frameworks?
Over the years, a number of frameworks have emerged, each with their own strengths and weaknesses, but also, each with their own focus and purpose. Hardly suprisingly perhaps, many revolve around ISO standards (or are documented by ISO standards),but not all of them.
The major frameworks are currently:
Each of these frameworks is investigated in this section of PoliticalInformation. The history of each is summarized, along with our assessment of thier likely long term future.
- ISO 20000 - focusing upon IT service management
- ITIL - a lower level framework again for ITSM
- ISO 17799 / ISO 27001 - focusing upon information
- Six Sigma - focusing upon operational performance and defect identification
- COBIT - framework for information IT management risks
- Balanced Scorecard - a framework for measuring a company's activities in terms of its vision and strategies
- Prince2 - a project management method
Note: Still being populated (one link per framework, in advance of our forthcoming dedicated links page)