Governance of ICT

With the advent of the Internet, the World Wide Web and E-mail, the field of Information Technology (IT) has been expanded to Information and Communication Technology (ICT).

ICT has provided an unprecedented ability to deliver and access information. Few organisations can exist or flourish without leveraging ICT. However, while we enjoy the fruit of numerable successful uses of ICT, like other innovation threats and opportunities are encountered along the way, which may not have originally been anticipated.

Making the optimum use of ICT a complex activity requiring good risk management to ensure timely and appropriate commitment of financial and human resources.

Two Australian Standards, AS4360 and AS8015, offer a basis for implementing good risk and innovation management. They provide frameworks and glossaries that organisations can adapt to meet their culture, needs or a particular use of ICT.

AS8015 The Australian Standard for Corporate Governance of ICT was published in January 2005. It provides a vocabulary, principles and a model for Governing ICT. The six principles and model reflect the risk and uncertainty associated with organisations using ICT. However, few organisations can exist and operate without ICT, whether it be to meet operational or compliance requirements.

In "Understanding and Managing Risk Attitude", Hilson and Murray-Webster elaborate on the role of Heuristics and Emotional Intelligence in risk assessment and management. They classify Individuals as risk averse, risk neutral or risk tolerant and discuss how this influences individual and groups behavior towards risk identification and management. To some, inclusion in the group is important. Risk Takers may unrealistically emphasise benefits and underplay or not look for threats. Acheivement focussed individuals may seek lesser but less threatening outcomes. Individuals attitudes to risk and their role in the group, also affect the group's attitude to risk.

Rice, O'connor, Pierantozzi have (3) identified four broad areas of ICT project uncertainty: Technical, Market, Organisational and Resource Uncertainty.

Further Reading

• No Duty of Care: the Governance of ICT ET GOVICT2008
• Results of Straw Poll of ICT Roles and Responsibilities (April 2008)
• Leveraging ICT in Corporate Governance - the Australian Experience
  Malaysian Corporate Governance Conference, 2008
• Survey of IT Governance Instruments, Standards, Guides, Regulations, Laws and Frameworks, July 2007
• Introduction to AS8015 - IT Governance 2007
• The Club - a demonstration of Corporate Governance, August 2006
• Governance of the Australian Access Card Project, August 2006
• Slides for talk on effective ICT Governance in the Not for Profit Sector, June 2006
• Tips for Effective Corporate Governance of ICT
  • Tip No. 1 - Strategic Planning, 2006
  • Tip No. 2 - Applying The AS8015 Corporate Governance of ICT Model, 2006
• Performance Indicators for Websites, 2005
• ACS News April 2005: World's first IT governance standard
• Slides on Draft Australian Standard for the Corporate Governance of ICT,September 2004
• Taking ICT into the Board Room, November 2003
• Governance of ICT, August 2003
• Market Research into perceptions of the governance of ICT, 2002
• Service Delivery over the Internet, 1998
• Build or Buy?, 1997
• 
Frameworks for IT Management September 2006 includes a chapter on AS8015 by Marghanita da Cruz.
• Frameworks for IT Management - Pocket Guide
• Frameworks for IT Management (Japanese)
• German (Frameworks fur das IT Management (Broschiert))

(1) Links to Audit Reports, Court Cases and Media Coverage available at www.acs.org.au/governance/#reading

(2)Corporate Collapse - Accounting, Regulatory and Ethical Failure - sheds light on corporate collapse from the 1960s to the 1990s and beyond including Bond, HIH and One.Tel.

(3)Implementing a plan to Counter Project Uncertainty - Rice Oconnor Pierantozzi - MIT Sloane Management Review Winter 2008

www.ramin.com.au/itgovernance/index.html copyright Ramin Communications 2008. Last Update 7 May 2008