Cover image

IT (Information Technology) Governance

This specially commissioned report sets out what the latest legislation says and what it means, its impact on the organization as a whole and on the IT group specifically, and how to implement an effective IT governance initiative in your company.



Corporate fraud, the illegal use of resources, and sexual and racial harassment all have a growing presence in the digital domain. Directors can’t simply afford to turn a blind eye – the fines are potentially huge; and in extreme cases breaching the law can even lead to imprisonment. It’s vital to keep pace with the latest legislation, which will have serious implications for your company, your reporting and the design of your IT systems.

This specially commissioned briefing explains the latest legislation, including the 2006 Companies Act. It outlines the law’s impact on IT departments and on the company as a whole, leading you to an effective IT governance initiative for your own business.

Five key benefits of effective IT governance

  • Information systems that provide a true, transparent picture of the business.
  • Identifying and managing IT-related risk efficiently, thereby avoiding stringent penalties.
  • Automated systems that contribute effectively to your business goals.
  • Creating an accurate picture of what is stored on your servers.
  • Increased understanding of your IT staff’s actions and responsibilities.

Who should read this report?

  • Board-level directors responsible for organisational governance and good governance of automated systems.
  • IT managers responsible for ensuring their organisation’s governance policies are effectively implemented.
  • IT practitioners looking to assess the impact of an increased emphasis on corporate governance in their working life.
  • Auditors keen to get to grips with IT governance issues.


Management Overview: Drivers for IT Governance
  • Management issues in IT governance
  • Definition of IT governance

1. Context: Corporate Governance

2. External Pressures: What Regulations?
  • The response to apparent governance failures
  • Legislation affecting IT governance
  • General legislation with IT governance implications
3. Organisational Impact
  • Culture
  • Organisational maturity
  • Roles and responsibilities
  • Practical experience of governance
4. The Impact on IT
  • Enterprise Architecture
  • IT Governance Standards
  • IT service management
  • Lifecycle systems development process
  • Management reporting: telling a true story
  • Practical IT governance tools
5. Implementing IT Governance
  • Obtain management sponsorship
  • IT governance methodology overview

6. Conclusions

Appendix and resources

The author

David Norfolk, BSc, CEng, MBCS, CITP, CNE has been professionally involved with computers for since the early 1980s, first in Database Administration (with the Australian Dept of Health and Bank of America) and then in Development Methods and Standards (with Bank of America and Swiss Bank Corporation). At various times he has also been employed in Operations Research, Internal Control and Network Management.

Since 1992, David has been an Independent Analyst and Journalist. He is Executive Editor for IT Policies and Procedures and past Co-editor of Application Development Advisor, two UK publications for IT professionals. He is a Chartered Member of the British Computer Society, a Chartered Engineer and a Member of the Institute of Directors, as well as a Certified Novell Engineer.

Buy now

Buy now

This title is currently unavailable; please contact us for details.

Continuing professional development

This course qualifies for 0 hours for your CPD records.
More about CPD