IT Governance: Staying in Check after the Wake of Fraud Busts

Posted by artgib

April 12, 2008

If you are a reader of business news, a shareholder, or just keep up on daily news events, you may think fraud when the names Enron, Worldcom or HealthSouth is mentioned. Scandal coupled with the tech world crumbling after the turn of the 21st century had the U.S. government responding with some new standards for public companies.

Sarbanes-Oxley was one of the big releases. This created a culture of responsibility for public companies that travelled up all the way to the top level executives. The Lays and Skillings of the corporate world are to be under a bigger magnifying glass. This trickled down to every aspect of the company, including the IT sector.

What IT Governance Measures Protect

Information Technology governance is only a section of the greater philosophy of Enterprise governance. It’s a framework of guidelines that both a company’s executive staff and the head of information services department creates and maintains. Basically this means there is more emphasis on rules that keep everything under quality control within the IT dept.

The IT dept has its own governance standard for several reasons , mostly to insure the integrity of the IT systems but also to:

- Include the departments own internal audit system
- Maintain controls to monitor IT risks, assets, align with data storage laws and regulation code
- Allow transparency to executive controls to maximize benefits to the IT dept
- To make sure the resources are used most efficiently

So with the transparency of what IT is doing presented to all of the stakeholders in a company, the responsibility cannot be blamed simply on the single stakeholder (heads of IT for instance) as often was the case. After the passing of Sarbanes and other control measures, where many of those in a company’s control contested they were unaware of what is being communicated, now this information should show up as being available and any changes are to be approved up to the top.

IT Organizations that Inform to Protect Against Government Audits

To keep updated in the field of IT governance, some have found a good deal of information and support in organizations like the Information Systems Audit and Control Association. This organization has local chapters throughout the nation. The Dallas Texas chapter is the tenth largest in the world that has many members in small business computer network services, not too far off from Enron’s home town of Houston.

The organizations also host several certifications for their staff. The Governance of Enterprise IT (CGEIT), for instance, has been constructed solely for the governance aspect of IT.

Art Gib writes for Network Elites (http://www.networkelites.com) who provide IT solutions for many technology-based operations. They are one of the few Dallas Texas small business computer network solutions companies that offer LAN-Link support 24 hours a day.

Information Technology