October 22, 2023 In Consultancy


IT Governance (ITG) has become a new risk in the management of institutions. Most, if not all, businesses are 100% reliant on the proper functioning of their IT systems in all aspects of their business i.e. Customer Relationship Management (CRM), Payment systems, knowledge management etc. This creates serious institutional risks where systems crash or are hacked.

The pervasive use of technology has created a critical dependency on IT that calls for a specific focus on ITG. Boards and management expect IT to deliver business value by providing fast, secured, high quality solutions and services, to generate reasonable Return on Investment (ROI), as well as to enhance efficiency and productivity gains and business effectiveness.

What is of importance to Management is to know that their IT systems are likely to achieve their objectives, are resilient enough to learn and adapt, judiciously managing the risks it faces and appropriately recognizing opportunities and acting upon them.

The important issues for IT Management include 1) Strategic alignment, which focus is on aligning with business and collaborative solutions 2) Value delivery, concentrates on optimising expenses and proving the value of IT 3) Risk Management – safeguarding IT assets, disaster recovery and continuity of operations 4) Resource Management – optimizing knowledge and IT infrastructure 5) Performance Measurement – tracking project delivery and monitoring IT services.

Successful enterprises align their IT strategy with their business strategy, cascades IT strategy and goals down into the enterprise and provide organizational structures to facilitate the implementation of strategy and goals, it also creates constructive relationships and effective communication between business, IT and external partners. Boards must therefore insist that an IT control Framework be adopted and implemented and must measures IT’s performance.

ITG is not an isolated discipline; it is an integral part of overall enterprise governance. Therefore it should not be practised in remote corners or ivory towers. Increasingly, educated and assertive stakeholders are concerned about sound management of their interests. Board members are required to exercise due-diligence in their roles. Investors also realize the importance of sound governance and are willing to pay a 20% premium on companies that show good governance practices. Therefore the goals of an enterprise’ governance is to provide strategic direction, ensuring that objectives are achieved, ascertain that risks are managed appropriately and verifying that the use of enterprise resources are used responsibly.

Inefficiencies in IT systems result in business losses, reputational damage and weakened competitive position. It may also result in the inability to obtain or measure ROI from IT, failure of IT systems to bring innovation and benefits they promised, inadequate or obsolete technology and unmet deadlines and overrun budgets. It goes without saying that this is the information age and enterprises that ignore the critical role of IT management are at a greater risk of unrealized benefits and missed opportunities. Organizations are also exposed to potential claims for damages from shareholders and other stakeholders where IT systems, processes or usage are abused or misrepresented.

Ronny Mkhwanazi is the MD of Mkhwanazi Inc.; a specialist Corporate and IT Governance law firm.