IT Governance

1. Introduction
Organizations invest in IT to secure or maintain a competitive advantage, and IT enabled businesses such as
banks in Zimbabwe invest on projects that they believe to present higher rates of return on investment. Bowen et
al (2007) stipulates that the success of many organizations depends on how effectively they manage and control
IT to ensure that the expected rewards are realized. Therefore, effective IT governance generates real business
benefits such as enhanced reputation, trust, product leadership and reduced costs (Lee et al, 2008).
IT governance arrangements encompass mechanisms that enable business and IT executives to formulate
policies and procedures, implement them in specific applications and monitor outcomes (Lunardi et al, 2013).
Governance arrangements include structural, processes and outcome metrics (Bowen 2007).The structural
arrangements consists of the organizational units and roles for making IT related decisions. Processes focus on
the implementation of IT management techniques and procedures in compliance with established IT strategies
and policies. Outcome metrics are the mechanisms used to assess the effectiveness of IT governance and to
identify improvement opportunities. According to ITIL (2007), outcome metrics can be measured in terms of
availability, capacity, continuity and security

The purpose of this study is to measure how proper IT governance has impacted on the effectiveness of a
banking enterprise which operates in Zimbabwe.
1.1 Background of the organization
The company case is a Zimbabwean based investment holding company whose principal subsidiary is a Limited
Bank, a registered commercial bank in terms of the Banking Act Chapter 24:20. The Group is listed on the
Zimbabwean Stock Exchange and the London Stock Exchange as noted from their website.
1.1.1 The Board
The Board recognizes that maintaining good corporate governance practices is an ongoing and continuous
process. The Board adopted corporate governance guidelines which reflect its commitment to monitoring the
effectiveness of policy and decision-making at board and management level ensuring strict adherence to
corporate governance principles, with the goal of enhancing shareholder value. The Group emulates corporate
European Journal of Business and Management
ISSN 2222-1905 (Paper) ISSN 2222-2839 (Online)
Vol.5, No.20, 2013
governance principles prescribed in the Combined Code of the United Kingdom, the King II report of South
Africa and the Reserve Bank of Zimbabwe Corporate Governance Guidelines.
Board appointments are made to ensure a variety of skills and expertise on the Board. Non-executive directors
are of such caliber as to provide independence to the Board. The Chairman of the Board is an independent nonexecutive
director. The Board is supported by mandatory committees in executing its responsibilities. The Board
meets at least quarterly to assess risk, review performance and provide guidance to management on both
operational and policy issues.
2. Overview of IT Governance
According to (Bowen et al, 2007) IT governance is viewed as the IT related decision making structure and
methodologies implemented to plan, organize and control IT activities. Therefore from this view it can be
concluded that IT governance is about management and management functions at the corporate level. (Lin et al,
2007) also states that the purpose of IT governance is to direct IT activities in a bid to ensure that its performance
meets the objectives set out in the strategy.
Lin et al ( 2007) further assert that IT governance is concerned about the deployment of IT resources in
alignment with organizational strategies and objectives, performance of IT in relation to value delivery and risk
mitigation and the conformance of IT processes to best practices (ITGI 2004). Increased IT performance through
good IT governance practices contributes significantly to the realization of IT investment with improved
operational costs and client relationship (ITGI, 2003). According to Luftman et al, 1999 as cited by (Lin et al,
2007) for IT to be governed there must be recognition of the need for governance and a shift in the
accountability for IT related decision to the top of the organization. IT governance is a top management concern
and therefore it is important that senior management has a working knowledge of the concepts and issues related
to IT governance.
Information technology (IT) governance is and should be a part of the corporate governance. In the information
economy, successful enterprises integrate IT and business strategies, culture, and ethics in order to attain
business objectives, optimize information value, and capitalize on technologies (ITGI 2003). Van Grembergen,
2004 as cited by (Bowen et al, 2007) define IT Governance as follows: 'IT Governance is the responsibility of
executives and the board of directors, and consists of the leadership, organizational structures, and processes that
ensure the enterprise's IT sustains and extends the organization's strategies and objectives'
CISA (2007) regards IT governance as a structure of relationships and processes to direct and control the
enterprise in order to achieve the enterprise's goals by adding value while balancing risk versus return over IT
and its processes. The relationships are between management and its governing body. The processes cover
setting objectives, giving direction on how to attain them, and measuring performance. IT is so critical to the
success of enterprises that it is an issue that cannot be relegated solely to management or IT specialists, but must
instead receive the focused attention of both
2.1 IT Governance as a structure
Focusing on IT structure alone however, ignores IT activities and processes that take place within these
structures, it also focuses on such as sourcing arrangements, strategic alliances, roles, teams, control, and
coordinating ( Powell, 2003).
IT governance structure involves the existence of responsible functions for making IT decisions, such as steering
committees (De Haes & Van Grembergen, 2005). Staffed by both business and IT executives, the IT steering
committee should be the primary governing body for ongoing IT operations and initiatives of the organization,
including IT investment projects (Maizlish and Handler, 2005). The IT steering committee is responsible for
translating business and strategic goals into actionable plans (CISA, 2006). Successful IT governance requires
effective communication among all parties based on constructive relationships (Johnson and Lederer, 2005), a
common language, and a shared commitment to IT policies and procedures (ITGI, 2003).
2.2 IT governance as a process
The implementation of IT management techniques and procedures in compliance with established IT strategies
and policies constitute IT governance processes , IT governance is the set of processes used by the organization
to manage IT i.e, aligning IT with business objectives, resourcing IT projects, and monitoring IT performance
(Vitale, 2001). IT investment processes involve the identification, acquisition, implementation, and ongoing
operation and maintenance activities of IT applications. As a continuous process, effective IT governance
provides transparent IT decision making, clear accountabilities, and acceptable and actionable IT measurements.
That is, effective IT governance enables business and IT executives to integrate business and IT decisions,
implement IT solutions, and monitor IT effectiveness (Peterson, 2004).

Source: Essay UK -

About this resource

This Information Technology essay was submitted to us by a student in order to help you with your studies.

Search our content:

  • Download this page
  • Print this page
  • Search again

  • Word count:

    This page has approximately words.



    If you use part of this page in your own work, you need to provide a citation, as follows:

    Essay UK, IT Governance. Available from: <> [26-05-20].

    More information:

    If you are the original author of this content and no longer wish to have it published on our website then please click on the link below to request removal: