Skip to content

IT Governance Process: Measurement

June 12, 2008

See the image below

Perspective

Corporate Contribution

Mission

Ensuring maximum profit while mitigating IT related risks

Objectives

Strategic Alignment

Measures

Weighted governance performance

Strategic match of major IT projects

Percentage of development capacity engaged in strategic projects

Percentage of business goals supported by IT goals

Value Delivery

Measures

Business unit performance management

Business value of major IT projects based on ROI, NPV, IRR, PB

Ratio IT costs/total turnover

IT costs charged back to the business

Risk Management

Measures

Number of new implemented IT security initiatives and security breaches

Attainment of disaster recovery plans

Number of IT audits performed and reported shortcomings

Corporate contribution

Perspective

Stakeholders Orientation

Mission

Measuring up to stakeholders’ expectations

Objectives

Stakeholders’satisfaction

Measures

Stakeholders’ satisfaction surveys on fixed times

Number of complaints of stakeholders

Index of availability of systems and applications

Management of stakeholders’ needs

Measures

Number of meetings with stakeholders

Clear communication in place with CEO and board members

Index of CEO/board involvement in new and major IT initiatives

Number of major IT projects within SLA

Legal and ethical compliance

Measures

IT adherence to Sarbanes-Oxley Act

IT adherence to privacy regulations

Adherence to IT code of ethics/ IT code of conduct

Stakeholders

Perspective

Operational Excellence

Mission

Ensuring effective and sustained IT governance

Objectives

Structures

Measures

Number of meetings of IT strategy committee and IT steering committees

Composition of IT committees

Overall attendance of IT committees

CIO on board or member of executive management

Processes

Measures

Level of IT strategy planning and business planning

Number of hours spent on IT/business strategic issues

Existence of an IT balanced scorecard and a business balanced scorecard

Number of IT processes measured through a scorecard

Number of IT processes covered by COBIT

Number of IT processes covered by ITIL

Maturity levels of IT processes

Percentage of IT goals supported by IT processes

Maturity

Measure

Overall level of the IT governance process maturity

Operational excellence

Perspective

Future Orientation

Mission

Building foundations for IT governance delivery

Objectives

Skills and knowledge

Measures

Number and level of cross-functional business/IT training sessions

Number of overall IT governance training sessions

Percentage completed IT governance education per skill type

Number of IT governance presentations for CEO and board members

Level and use of IT governance knowledge management system

IT/business partnership

Measures

Percentage of senior managers IT literate

Percentage of IT managers business literate

Level of business perception of IT value

Future orientation

Governance Measurement

0 Non Existent. Complete lack of any recognisable processes. Organisation has not even recognised that there is an issue to be addressed.

1 Initial. There is evidence that the organisation has recognised that the issues exist and need to be addressed. There are, however, no standardised processes but instead there are ad hoc approaches that tend to be applied on an individual or case by case basis. The overall approach to management is chaotic.

2 Repeatable. Processes have developed to the stage where similar procedures are followed different people undertaking the same task. There is no formal training or communication of standard procedures and responsibility is left to the individual. There is a high degree of reliance on the knowledge of individuals and therefore errors are likely.

3 Defined. Procedures have been standardised and documented, and communicated through training. It is however left to the individual to follow these processes, and any deviations would be unlikely to be detected. The procedures themselves are not sophisticated but are the formalisation of existing practices.

4 Managed. It is possible to monitor and measure compliance with procedures and to take action where processes appear not to be working effectively. Processes are under constant improvement and provide good practice. Automation and tools are used in a limited or fragmented way.

5 Optimised. Processes have been refined to a level of best practice, based on the results of continuous improvement and maturity modelling with other organisations. IT is used in an integrated way to automate the workflow and provide tools to improve quality and effectiveness.

Advertisements
No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: