IT governance, corporate governance and IT management
IT governance is linked with "corporate governance" and "IT management". In the following text, this link will be elaborated by taking a system theoretical perspective (De Leeuw 1990).
According to the OECD principles (2004), corporate governance provides the structure for determining the organizational objectives and for monitoring its performance in order to guarantee that business objectives are achieved. In corporate governance, the board of directors elected by shareholders controls C-level managers in order to assure the interest of shareholders (OECD 2004). The rationale of corporate governance is applied for the governance of key assets, such as human assets or financial assets (Ross & Weill 2004). For example, a CFO controls managers responsible for the enterprise's portfolio of investments in order to assure that their activities are align with the financial objectives of the organizations. The same rationale can be applied for IT governance (Ibid.). In the context of IT governance, top management (for example a CIO) controls that IT managers activities are in harmony with organizational objectives. For example, top management will control whether middle management (for example IT management) prioritizes IT projects which are in accordance with the organizational objectives. Figure 1 applies the corporate governance principles in the area of IT governance.
Governance has many layers from strategic to operational areas and it involves different stakeholders. The ISO 38500 (2008) focuses, specially, on corporate governance and, consequently, the main stakeholder is the board of directors. In the case of Ross & Weill (2004) governance is situated, specially, at CxO level; so the main stakeholder is the senior management personal. This difference in focus does not mean that corporate governance and IT governance are not interrelated. Ross & Weill (2004) show the link between corporate governance and IT governance in figure 2.
Figure.2: Link between corporate governance and IT governance (Ross & Weill 2004)
Governance is not (IT) management. Management is more about making and implementing the decision. For example, while management determines the amount of financial resources invested and the areas in which is invested, IT governance determines roles and responsibilities (Ross & Weill 2004). According to this literature review, IT governance deals, additionally, with issues related to the control of processes and relational mechanisms. All in all, IT governance and IT management are interrelated and they are not isolated systems.
In this section, it has been shown, that IT governance, IT management and corporate governance are different systems which are highly associated with each other. Figure 3 consists of two circles representing the governance systems (corporate governance and IT governance). Each system contains its relevant stakeholders (Board of directors, CxO managers, IT managers and line managers). The figure 3 shows that there is a link between corporate governance and IT governance. Senior executives might be part of corporate governance and IT governance, while the board of directors is only part of corporate governance. IT governances also include stakeholders such as IT managers and line managers (Rockart 1991). This representation allows to obtain a better impression of the context of IT governance. However, it is essential to mention that this formal system representation is vulnerable to structural contingencies and other contextual factors. In regard to structural contingencies, it has to be mentioned that organizations might have different IT governance archetype such as, monarchy, federalism, IT duopoly, feudal or even anarchy Ross & Weill (2004). In regard to other contextual factors, it is imperative to mention that a diversity of corporate governance systems exist because of historical and institutional differences (Clarke 2007). Those differences contingencies might have an impact on how IT governance is established in the organization. A further development of those topics is beyond the scope of this master thesis.
Figure 3: corporate governance, IT governance and stakeholders
The importance of IT governance has been demonstrated. Academic literature has been studied and different aspects of IT governance have been combined. Finally, IT governance is defined as a system which embraces the introduction and oversight of structures, processes and relations in order to create business value. Furthermore, IT governance is not an isolated system because it interacts with corporate governance and IT management.