IT Governance: No Longer an Option - It is a Must
Today’s information technology advancements continue to affect the banking industry. Online payments, remote bank deposits, and mobile banking via smartphone are redefining banks’ technology systems. A robust IT Governance Program is a necessary step for your institution to evolve technologically, provide adequate services and exceed consumer expectations.
What is IT Governance?
IT Governance is a subset of Corporate Governance that focuses on Information Technology systems and their operations, value delivery and risk management. The rising interest in IT governance is driven by compliance initiatives, increased threats and the need for greater accountability for IT decision-making. IT Governance programs cannot operate in a vacuum. Involve a variety of professionals from all departments to ensure a strong and legitimate IT Governance program.
Scope of IT Governance
According to the IT Governance Institute, an institution’s “long-term, sustainable success” depends on employees understanding the institution’s goals and working together to achieve their objectives. An IT steering committee at the board level can help ensure continuity and focus for the rest of your institution.
IT professionals cannot be solely responsible for resolving and implementing key IT issues. It is in the stakeholders’ interest to encourage board members, executive management and IT staff to all be involved in the IT Governance program. Decisions surrounding information technology can have major consequences (both positive and negative) on an institution's long-term success. A diverse IT Governance program is critical to enacting an effective decision-making process.
Why IT Governance?
There are several reasons that necessitate Information Technology Governance, including:
- Increased dependence on data and IT;
- Positive correlation between the advancement of IT Governance practices and the effects on IT;
- Rising cyber security risks;
- Sets clear expectations to encourage participation, open communication and establish accountability within an institution;
- Provides executive management oversight.
Some of the major IT Governance focus areas include:
- Value Delivery - IT delivers on the promised benefits against the strategy
- Risk Management - IT should include risk management responsibilities in the operation of an enterprise and specifically address the safeguarding of IT assets and customer information
- Resource Management - the optimal use and allocation of IT resources in servicing the institution's requirements
- Performance Measurement - tracking and monitoring IT services to achieve measurable goals
- Strategic Alignment - containing costs while adding value and competitive positioning to the institution's
It is no longer an option to allow IT departments to manage themselves. The board, executive management or audit committee must be involved in all major IT decisions. Furthermore, the institution must remain abreast of risk areas associated with confidentiality, integrity and accessibility of the bank's data and assets.