IT Governance: A Closer Look at Important IT Policies for Your Business

Information technology security

IT governance provides clear decision rights and policies for handling your business’s IT needs. IT policies range from social media policies to ensuring IT purchases support business goals.

Here’s a closer look at the six core steps to take for a good governance policy to help you evaluate and develop your own governance plan.

1. Ask the right questions.

According to CIO Magazine, a good governance policy answers four questions about your organization’s IT performance. Look closely at the relationship of IT to achieving your business goals. Evaluate your company’s conformity to best practices in IT architecture and standards. Measure the level of efficiency of your processes and staff. Finally, get clear about how IT is contributing to your bottom line.

2. Choose a management model.

Decide where you’d like to put the authority for IT decisions: executive management or individual business units. Factors that influence this include your company’s overall culture, size, and strategic priorities. Three models are typically recognized. Centralized IT focuses on cost and efficiency as top priorities.

Decentralized models emphasize the effectiveness of specific business units or departments as the top priority. Federated models blend the best of both by centralizing decisions on some issues and delegating those that most affect specific departments.

3. Appoint staff to develop the plan.

Assembling your IT oversight team is part of developing a governance plan. Determine who is in charge of making complex IT decisions for the company and who will enforce them on a day-to-day basis. Your IT governance team oversees budgetary allocations, hardware purchases, software licensing, and staffing decisions.

Structures ensure that the right people are involved in conversations about IT. At a minimum, your team should include executive management, the person with budgetary authority in the company, and the IT manager.

4. Clarify budget priorities.

A strong governance policy resolves difficult budget questions. When IT funds are tight, it can be difficult to decide on priorities. Your governance team can refer to the company’s overall priorities when making IT decisions.

5. Implement usage and access policies.

Companies face tough questions about social media usage, personal tasks on company computers, and handling sensitive information. Governance policies address these tricky questions. There are no universal right answers. It’s important to evaluate your strategic priorities and the sensitivity of your information.

You also need to consider how your company handles sensitive health or financial information that may be regulated by the government or other authorities. Develop a list of the issues that matter so you can handle them efficiently when developing your plan.

6. Communicate your policy.

Develop a clear plan to communicate your governance policy to employees, management, and your board of directors. Document your governance program in written form and disseminate it to your employees. Devote 30 minutes to reviewing the plan, discussing why it’s important, and being clear about monitoring and enforcement.

Spend time with your IT department and other key staff to ensure they’re ready to implement governance as part of their overall job. Finally, make IT governance a regular discussion point at board meetings and executive team conversations. Ongoing communication ensures your policy evolves with the changing needs of your business.

Developing an IT governance plan is a significant undertaking. But the potential benefits are significant. By identifying opportunities and minimizing risks, you’re likely to capture efficiencies in your business that increase productivity and profits.

Liz Alton

Related IT Management Resources

5 Things to Consider When Choosing Fax Machines for Your Business posted in Hardware


4 of the Best Tablets for Your Small Business posted in Hardware

best tablets for business

How to Integrate Cloud Computing with Service Management posted in IT Management

integrating sales and cloud

Join the Conversation