What are their roles and their differences?
IT governance is an integral part of corporate governance. Understanding the difference between the two governance practices is fundamental to understand the role of IT in this management model. Corporate governance is the standard or the system by which organizations are addressed and managed. Good corporate governance practices allow transparency in the processes involving shareholders, directors, auditors, Audit Committee and society.
Until the late 90s, governance was an unusual word in the dictionary of the corporations that, from a need for greater transparency brought about by the increased complexity of its business and interrelationships with its stakeholders, has forced companies to follow this set of practices. Another important factor for its adoption was the explosion of companies that started to open capital to finance their investments. In this context, companies discovered that in order to attract new investors a greater transparency of its business was needed, so that the current shareholders would know the result of their investments.
The year 2001 was a milestone for the acceleration of the adoption of corporate governance practices in the world. This year, financial scandals such as the one of the American company Enron, which forged financial statements to cover losses, damaged the confidence of many investors who lost all their investments.
After these scandals, a law under the name of Sarbanes-Oxley (SOX) was approved by the US Congress. SOX makes corporate executives with shares on the New York Stock Exchange Market criminally liable for any financial statement fraud. The penalties would affect executives even if they were not involved in the fraud, requiring the creation of control processes to prevent this type of crime and to show a greater transparency of the company with all its stakeholders. The punishment ranged from fines to imprisonment of executives.
It was in this environment of dismay that corporate governance had its peak, based on the principles of transparency, independence and accountability as mechanisms for attracting new investments.
And what is the role of IT in this Governance?
These days, all financial and operational information of organizations go through information systems. Thus, it is crucial that business decision-makers have confidence on the information contained in these systems.
A process methodologies focused, among other things, in governance is the ITIL V3 (2011). According to ITIL, IT Governance “consists on the leadership, organizational structures and processes that ensure that IT organization support and extend the strategies and objectives of the company”. That is to say, it directs IT investments so that they meet the needs of the business area.
The methodology used by IT professionals is COBIT, which describes the 5, focus areas of governance:
- Strategic Alignment;
- Delivery of Value;
- Risk Management;
- Resource Management;
- Performance Measurement.
If governance appeared to show greater transparency, how can we ensure that the data on the systems are real?
One of the roles of IT governance is to create strict controls so that IT works with information that can demonstrate the reality of the organization to all its stakeholders, including Executives, Board of Directors and Shareholders. Like any kind of process, IT governance is not immune to failures or fraud, but it is a process that has as an objective the creation of rules to show the business health of the companies.
Want to know more about IT governance? Visit another of our blog articles on the subject: What you should know about IT governance and how it can help your company