Definition of IT governance
IT governance is an element of corporate governance, aimed at improving the overall management of IT and deriving improved value from investment in information and technology.
IT governance frameworks enable organisations to manage their IT risks effectively and ensure that the activities associated with information and technology are aligned with their overall business objectives.
Why is IT governance important?
IT governance enables an organisation to:
- Demonstrate measurable results against broader business strategies and goals;
- Meet relevant legal and regulatory obligations, such as those set out in the GDPR (General Data Protection Regulation);
- Assure stakeholders they can have confidence in your organisation's IT services;
- Facilitate an increase in the return on IT investment; and
- Comply with certain corporate governance or public listing rules or requirements.
IT governance frameworks, models and standards
ISO 38500 – The international IT governance standard
ISO/IEC 38500:2015 is the international standard for corporate governance of IT.
It sets out principles, definitions and a high-level framework that organisations of all types and sizes can use to better align their use of IT with organisational decisions, and meet their legal, regulatory and ethical obligations.
Buy a copy of ISO/IEC 38500:2015
As well as ISO 38500, there are numerous widely recognised, vendor-neutral frameworks that organisations can use to implement an IT governance programme.
Each has its own IT governance strengths – for instance, COBIT focuses more on process management and ITIL on service management – but you might benefit from an integrated approach, using parts of several frameworks to deliver the results you need.
Follow the links below to find out more about each framework.
COBIT (Control Objectives for Information and Related Technology) is an internationally recognised IT governance control framework that helps organisations meet business challenges in the areas of regulatory compliance, risk management and aligning IT strategy with organisational goals.
COBIT 2019, the latest iteration of the framework, was released in November 2018. It builds on COBIT 5, introducing new concepts and addressing the latest developments affecting enterprise IT.
COBITLearn more about COBIT
Browse COBIT products
The five domains of IT governance
The IT Governance Institute (a division of ISACA) breaks down IT governance into five domains:
- Value delivery
- Strategic alignment
- Performance management
- Resource management
- Risk management
How to establish an IT governance framework
The challenge for many organisations is to establish a coordinated, integrated framework that draws on best-practice IT governance frameworks.
We offer a wide range of products and services, including books, toolkits and training courses, that can support your organisation’s compliance with these frameworks. Browse our bestselling IT governance products and services below.