Seminar on effective IT Governance to the Not for Profit Sector

NEXT	Corporate Governance of Information and Communication Technology (ICT) Marghanita da Cruz Principal Consultant Ramin Communications Chair ICT Governance Committee Australian Computer Society Governance for Not-For-Profit Organisations Seminar Sydney, Friday 9th June 2006. www.ramin.com.au © Ramin Communications 2006
NEXT BACK	Outline Corporate governance & ICT governance Risk management & compliance Questions Implementing effective governance of ICT Board, CEO, CIO roles & responsibilities Questions/Discussion © Ramin Communications 2006
NEXT BACK	What is Corporate Governance? Australian Corporate Governance Standards Good Governance Principles (AS8000 ) Fraud and Corruption Control (AS8001) Organisational Codes of Conduct (AS8002) Corporate Social Responsibility (AS8003) Whistle Blower protection programs (AS8004) Risk Management (AS4360) Corporate Governance of ICT (AS8015) © Ramin Communications 2006
NEXT BACK	Information and Communication Technology Anyone not use a Telephone, Computer, The Internet? Anyone satisfied with the reports from their finance system? Do you know who to turn to, when these do not work? How do you know you are getting value for money? © Ramin Communications 2006
NEXT BACK	Risks from poor Governance of ICT Failure to comply with Financial Disclosure Requirements Alienate Members and Stakeholders by poor use of email and website Breach Privacy Legislation by misuse of personal information eg email addresses Impact on strategic direction and operations, when anticipated returns on investment are not realised Questions/Comments © Ramin Communications 2006
NEXT BACK	Review, Discussion, Questions Governing the Use of ICT by an organisation is a core part of corporate governance. The success or failure of organisation depends on how well it Directors, deal with opportunities and threats. Comments/Questions? © Ramin Communications 2006
NEXT BACK	To implement Effective Governance of ICT Adopt AS8015 Corporate Governance of ICT Framework Model Principles Vocabulary © Ramin Communications 2006
NEXT BACK	AS8015 Framework - Principles Establish Clearly Understood Responsibilities for ICT Plan ICT to best support the organisation Acquire ICT validly Ensure that ICT performs well, whenever required Ensure ICT conforms with formal rules Ensure ICT respects human factors © Ramin Communications 2006
NEXT BACK	AS8015 Framework Principle 1. Establish Clearly Understood Responsibilities Board, CEO, CIO/CTO and advisers Management, Steering Committees, Champions Reports, Measures and Indicators Competence © Ramin Communications 2006
NEXT BACK	AS8015 Framework Principle 2. Plan ICT to best support the organisation Organisational Strategies - requirements for ICT Evaluate Opportunities and Threats Direct development of plans and policies © Ramin Communications 2006
NEXT BACK	AS8015 Framework Principle 3. Acquire ICT validly Throughout life cycle Pull the plug/change course in timely/cost effective manner Are benefits understood and related to investment - is the financial case sound Achieve Benefits - changes to business practices - impact on individual and organisation © Ramin Communications 2006
NEXT BACK	AS8015 Framework - Vocabulary Investment Risk Director Stakeholders © Ramin Communications 2006
BACK TOP	Summary & Questions ICT is a source of Risk to Organisations Adoption of Good Principles enables organisations to deal with threats and realise benefits However, effective Governance requires ongoing Monitoring, Evaluation and Direction of ICT