SLP 4

NEW

----------------------------------------------------------------------------------------------------------------------------------------

The Implementation of IT Governance Policies

Introduction

IT governance has two main benefits that double up as its uses. Top on the list is that IT governance provides clarity between an organization's IT strategy and its business strategy. Secondly, IT governance allows the executive management and staff of an organization to participate, communicate, set expectations and establish accountability. There are five domains of IT governance that should be considered in the implementation of IT governance policies.

The first domain is value delivery. IT governance policies should ensure that the IT infrastructure in place offers value to an organization. The second domain is strategic alignment. It is a waste of time for an organization to invest heavily in IT infrastructure and resources yet the resources and infrastructure are not aligned to the strategic goals and objectives of the organization (Turel, Liu & Bart, 2017). The third domain is performance management. IT governance should, at all times offer an avenue in which IT resources can have their performance measured. Resource management is the fourth domain of IT governance, and it emphasized on the management of IT resources and infrastructure. The last domain of IT governance is risk management. IT governance should always have in place a risk management framework to help in the mitigation of risks targeting IT infrastructure.

Implementing IT governance policies

1. Outlining the organization’s course on IT governance

There are eight steps in the establishment and implementation of IT governance policies. The first step is the outlining of an organization's course on IT governance. In the first step, the tactical and strategic IT governance responsibilities and roles are identified and described. Three main things are focused on in the first step. The first thing is to ensure that the organization has documented the responsibilities and roles of the executives, the board and the IT strategy committee. The second thing is distinguishing and denoting of how resources are allocated, how priorities are set, how projects are tracked and by whom. The third thing is the incorporation of senior managers from business and IT IT divisions. The identified individuals support and play a crucial role in the implementation and adoption of IT governance in the whole organization.

2. The establishment of an IT governance implementation plan

It is vital for the organization's board to own IT governance and dictate the direction that the organization's management needs to follow. The organization needs an action plan that complements the specific circumstances that the organization faces. There are six steps that the board needs to take in the establishment of IT governance implementation plan. The first step is ensuring that IT issues, wins and plans are right in the middle of the board’s agenda. By doing so, the board will come up with governance policies that have IT in mind.

The second step that the board needs to do is to help the organization’s managers align IT initiatives with the real business needs of the organization. The third step of the board is to emphasize the possible impact of IT-related risks on the business and the organization in general. The next step that the board needs to do is to have IT performance measured and reported. By doing so, the board ensures that all IT resources of the organization are value-driven. The fifth step of the board is to formulate an IT strategy committee accountable for conveying IT issues between the managers and the board. The last step of the board is to enforce the use of a standard methodology for IT management.

3. Establishing an IT governance road map for long-term strategies

The third step in the implementation of IT governance policies is the establishment of IT governance plan for long-term strategies. Through the setting up of a plan, the board and the management get to understand the critical ramifications of IT (Gregory et al., 2018). Consequentially, this plays a significant role in ensuring that the organization can execute the strategies needed to support its operations and future growth.

4. Aiming for short-term IT governance goals

After the IT governance plan is formulated, the second goal is for the organization to aim at its short-term IT goals. The organization should implement simple policies first over the stern and complicated policies (Al-Ruithe, Benkhelifa & Hameed, 2016). The successful implementation of the simple policies will motivate the board to implement more challenging and more complicated policies. For example, the organization can implement a policy on user access. User access policies are simple as the dictate who users are and the rights that they should have. Y successfully implementing user rights policies, there will be evidence that IT governance policies and procedures can protect and aid the organization in meeting its objectives.

5. Recognizing and administering IT-related opportunities and risks

It is crucial that the board researches on what users need and how such requirements influence how IT infrastructure and resources are used in the organization. Through the above, IT-related opportunities and risks can be discovered. Suggested ways of discovering IT opportunities and risks include the assessment of users and the conducting of surveys (Leclercq-Vandelannoitte & Bertin, 2018). Through surveys and assessments, one can identify the improper use of IT resources and facilities and also security gaps that may exist in IT infrastructure.

6. Re-evaluation of the policies regularly.

After policies have been implemented and used for a while, they should be re-evaluated and reviewed regularly. Such reviews ensure that the policies do what they were intended for, and that is to ensure IT security. The lack of re-evaluation can expose the organization to emerging and new risks that were not initially considered or present in the formulation of IT governance policies and procedures.

7. Enhancement of IT governance transparency

For effective IT governance policy implementation to happen, all employees of an organization need to know the policy. Thorough knowledge of the policy, it is easy for employees to play a role in securing the organization's It resources. Also, by knowing the policy, employees can ensure that their activities and duties are aligned to the strategic goal of the organization. It is, therefore, critical that IT governance policies are transparent for them to be effectively adopted.

8. Setting up exceptions to processes in the IT governance process.

Some circumstances require IT governance processes to be breached, such as a policy denying the performance of a crucial process. In such a situation, the organization should have in place a procedure to follow in case such a need comes up. The exception to processes will allow the organization to handle the emerging process and activities in the organization.

References

Al-Ruithe, M., Benkhelifa, E., & Hameed, K. (2016). A conceptual framework for designing data governance for cloud computing. Procedia Computer Science, 94, 160-167. Retrieved from https://doi.org/10.1016/j.procs.2016.08.025

Gregory, R. W., Kaganer, E., Henfridsson, O., & Ruch, T. J. (2018). IT Consumerization and the Transformation of IT Governance. Mis Quarterly, 42(4), 1225-1253. Retrieved from https://www.misq.org/skin/frontend/default/misq/pdf/appendices/2018/V42I4Appendices/10_13703_RA_GregoryKaganerAppendices.pdf

Leclercq-Vandelannoitte, A., & Bertin, E. (2018). From sovereign IT governance to liberal IT governmentality? A Foucauldian analogy. European Journal of Information Systems, 27(3), 326-346. Retrieved from https://doi.org/10.1080/0960085X.2018.1473932

Turel, O., Liu, P., & Bart, C. (2017). Board-level information technology governance effects on organizational performance: The roles of strategic alignment and authoritarian governance style. Information Systems Management, 34(2), 117-136. Retrieved from https://doi.org/10.1080/10580530.2017.1288523

=========================================================================================================================================================================

Module 4 - SLP

MANAGING COMPLEX IT ORGANIZATIONAL CHANGE AND CAPSTONE PAPER

The continuing professional development of IT personnel is a key managerial responsibility. In this light, reflect on a subordinate and prepare a somewhat detailed and actionable professional development plan which would be intended for use in a forthcoming performance review session. In this plan, you should hypothetically assume the individual to be reviewed has indicated interest in a long-term organizational career and steady advancement. From your perspective, your plan would include both near- and long-term objectives and milestones to assist this individual in reaching his or her goals. This plan should include traditional professional development issues such as potential schools and assignments as well as some counsel on how to make use of organizational politics (e.g., getting a senior mentor) and maintain a visible, positive profile. Begin the paper with a brief academic review of the importance of subordinate professional development to personal and organizational performance (with appropriate citations), and then follow this with your detailed plan. The plan title might be: "Achieving Personal Success While Advancing Organizational Performance."