transparency for effective it governance

7/30/2019 Transparency for Effective IT Governance

1/22

Transparency

for effective IT Governance

1

By Ahmed Buhazza

E-Government Authority


2/22

2


3/22

Lack of hidden agendas and conditions,

accompanied by the availability of fullinformation required for

collaboration, cooperation and

collective decision making.(Source: businessdictionary.com)

3

Transparency

What


4/22

4

360 Transparency

What


5/22

The framework for the leadership, organizational

structures and business processes, standards and

compliance to these standards, which ensures that the

organization's information systems support and

enable the achievement of its strategies and

objectives.

IT Governance

5

What


6/22

6

Internal Controls &

Audit demands

Government Policies

& Regulations

ComplianceDrivers

RiskMitigation

QualityAssurance

ManagingCorporateCompliance

Activeregulators

Risk

Drivers

Governance Drivers

What
http://www.google.com/imgres?imgurl=http://upload.wikimedia.org/wikipedia/commons/9/98/Information_magnifier_icon.png&imgrefurl=http://commons.wikimedia.org/wiki/File:Information_magnifier_icon.png&usg=__wTiknJmorRNtyMrSwWrnht6SshM=&h=1945&w=2187&sz=151&hl=en&start=26&sig2=FL_DorOUkTwWNT0mfPujjA&um=1&itbs=1&tbnid=y37DAQcfmjqUWM:&tbnh=133&tbnw=150&prev=/images?q=information&start=20&um=1&hl=en&sa=N&rls=com.microsoft:en-us:IE-SearchBox&ndsp=20&tbs=isch:1&ei=QeriS6arAdCZsgbI1t36Dw


7/22

Without IT Governance & Transparency

Why

7

Many Failures

Financial Loses

Bad Reputation

Closed Business

Legal Actions

Bad planning

Misused budgets and resources.

Random and Wrong decisions

Misunderstandings
http://www.google.com/imgres?imgurl=http://www.topnews.in/law/files/jail.jpg&imgrefurl=http://www.topnews.in/law/iranian-judiciary-orders-jail-term-news-agency-head&usg=__ZQRTlZpRfN-VYnFhNVqTPnJKGh4=&h=720&w=606&sz=43&hl=en&start=3&sig2=5yRnaf9Ho2outHWzcjylaA&um=1&itbs=1&tbnid=Txcyp1khLdgISM:&tbnh=140&tbnw=118&prev=/images?q=jail&um=1&hl=en&rls=com.microsoft:en-us:IE-SearchBox&tbs=isch:1&ei=k73jS_PyGIKangPc3siCBg


8/22

No Transparency

Why

8

Avoiding theBlame

HiddenAgenda

Lack ofAwareness

Tight ControlMany

Restrictions

RequireAdditional

Effort

AdditionalUnnecessary

hassle

Not Credited Not worthy

Not in culture


9/22

9

The Treatment

How
http://www.google.com/imgres?imgurl=http://www.injuryboard.com/uploadedImages/InjuryBoardcom_Content/Blogs/News_Blog/News/Doctor%20w%20no%20head(1).jpg&imgrefurl=http://www.injuryboard.com/national-news/when-insurers-play-doctor-part-2.aspx?googleid=28836&usg=__cTD2e2nAV7Pt0GzxCMdaIxLMzl0=&h=275&w=525&sz=33&hl=en&start=27&sig2=GD_bRcPsD5DMoPo2BhNy-A&um=1&itbs=1&tbnid=Jb2ANFq08KUOmM:&tbnh=69&tbnw=132&prev=/images?q=doctor+head&start=20&um=1&hl=en&sa=N&rls=com.microsoft:en-us:IE-SearchBox&ndsp=20&tbs=isch:1&ei=WeviS7a7LMSUsgaD8pDrDwhttp://www.google.com/imgres?imgurl=http://headacheandmigrainenews.com/news-images/doctor-head-mirror.gif&imgrefurl=http://headacheandmigrainenews.com/sorry-about-that-should-your-doctor-apologize/&usg=__0Ak8WMIQ2bMOKg1hKiz3MgwW4i8=&h=198&w=225&sz=5&hl=en&start=1&sig2=4ANnvfRynhzckGrXAEH58w&um=1&itbs=1&tbnid=F2trWWyWEVYA8M:&tbnh=95&tbnw=108&prev=/images?q=doctor+head&um=1&hl=en&rls=com.microsoft:en-us:IE-SearchBox&tbs=isch:1&ei=T-viS6G0GM_AsAbn_Kn6Dw


10/22

10

Transparency

MeasurabilityAccountability

Principles

How

Mission

StrategyVision


11/22

Integrated Strategy

How

11


12/22

Management Engagement

How

12

Weill, P. & Ross, J.W. (2004)

Active Engagement

TopManagementInvolvements

FormalCommittees


13/22

Solid, Flexible Practical Governance

How

13

Weill, P. & Ross, J.W. (2004)

Limited

Renegadeexceptions Fewer annual

changes


14/22

Resource Management

How

14

Forming

Storming

Norming

Performing

Appropriate Skills

Clear Objectives

Suitable Tools

Code of Ethics Disclosures

& Work Ethics Training

Selection

Top Down Hierarchy

Define your

required

transparency


15/22

SMART, focused and Mapped Objectives

How

15

If you want people to pay attention to something, measure them on it,

Mitchell said. It sends a serious message.

SMART

Built-in

(i.e. JD)

Focused

Mapped

(i.e. KPIKRI)

Performance

Review


16/22

Monitoring; the Built-in Assurance

IT Governance Structure

Audit Committee

Audit(Internal/External)

Assessment (i.e. Risk-basedplanning)

How

16Actively monitor and regularly review risks on a constructive, no-blame basis.


17/22

17

C-GRIDGlobal Regulatory

Information Database

Query: SIC/NAICS,

Geography

RelevantRegulations

RelevantRegulations

IT CompliancePolicies/Procedures

Gap Analysis

Updates

Goal: Automated Detection of New Regulatory Requirements and

Rule-Based Generation of Policies

OtherStake-holders

Vendors Auditors

Regulators

Users

IT Strategy & Operations

Requirements

Rules

Rules

Automation i.e. IT Compliance

How


18/22

Model General use

COBIT IT Control Objectives

Val IT Governance of IT investments

ISO 38500 Corporate Governance of Information and Communication

Technology

ITIL, ISO 20000 IT Service and operations management

ISO 27001, 27002 Information Security Management System

PMBOK, PMMM, PRINCE2 for Project Management

BS 25999 Business Continuity Management (BCM)

Weill and Ross model decision making structure

ISO 9001, Six Sigma for Quality improvementCMMI for System and Software development

People-CMM (P-CMM): for Human Asset Management

Balance Score Card (BSC) control and measurement scheme

E-Souring Capability Model Sourcing management for both service providers and

customers

What

H

ow

Adapting a solid framework

How


19/22

Annual IT Planning

Surveys

Direct or Escalated

Matters

Biyearly Service Survey

Correspondence

Feedback

IT Governance

Business Demand

IT Services

Best Practices

Requirements and

SuggestionsBiyearly IT Audit

Annual IT ReviewForum

General Meetings

Communication & Awareness

How

19


20/22

Rules are made to be broken Tone at the top Not only talk the talk, but more walk

the walk The Wisdom of Crowds and Mistakes

were madepossibly by me Gradual Change

Cultural Audit

20

Cultural Change

How


21/22

Culture

Organization

TechnologyCommunication

Process

21

Transparency Framework

How


22/22

22

Thank You
mailto:[email protected]:[email protected]

transparency for effective it governance

Documents