A number of CIOs turn a blind eye to decision- making and the corporate governance of their organization, instead preferring the more risky approach of being inwardly focused.
"To be internally focused [on creating processes] is the wrong way of going about IT governance," says Kumar Parakala, global chief operating officer at the information risk management division at KPMG, and also speaker at today's SEARCC 05 conference in Sydney.
Parakala, who has 16 years experience working in IT management positions and alongside C-class executives, is presenting a speech titled, Cultural change first, IT governance next, on Wednesday afternoon.
Parakala will present his speech ahead of Howard Nicholson, the vice president of the Information Systems Audit and Control Association (ISACA). Nicholson, also speaking at SEARCC 05 will also address the topic of governance, with his presentation looking at how IT can enable change and maximize the potential of an organization.
IT governance is in the spotlight this year. Australia's AS 8015 Corporate Governance of Information and Communication Technology standard was ratified by standards company SAI Global in March. It is intended to provide guiding principles to the senior executive in relation to IT governance.
SAI also devised a successful half-day seminar, 'ICT Governance', to assist C-class professionals -- company directors, CEOs, CIOs, senior project managers, information security personnel and IT managers to understand the new standard.
Dr Raymond Young a former CIO, management consultant and founding member of SAI's working group on IT Governance added to another dimension to this last weekend. His half day briefing session for board members and top managers gathered the leading practitioners in the country at Macquarie University to share insights on how IT Governance can be applied to produce bottom line benefits to an organisation.
Young says most IT Governance prescriptions have yet to include simple and relevant advice for boards or top managers. "Top management are the most important success factor, and a surprisingly small change in board practice would result in billions of dollars of unrealised benefits for the Australian economy alone... but hardly anyone is focussed at this level".
Young explains that AS 8015 helps unify existing international frameworks and methodologies such as COBIT, ITIL and Prince2. He adds "they all have value but we need to go beyond the dominant risk management and compliance focus and emphasise how we use IT to enable above average performance". The primary message from the Macquarie IT Governance conference was that "you can't get much value if apply governance with a narrow IT focus. You have to engage the board, top managers and the rest of the business".
Parakala confirms this perspective by defining corporate governance as the framework which is established to ensure effective transparency and accountability of senior management's decisions to its stakeholders. He compares this to IT governance which is the framework which allows the senior executives of an organization to get the best IT value from their investment decisions.
For Parakala, the key point of his message for CIOs is to understand the corporate governance framework of their organization -- whether it be a formal or informal one, and then establish IT governance to align with that.
"You [CIOs] need to understand how your culture works and if you don't, you will fail."
IDG is the official organizer and media sponsor of the SEARCC 05 conference.