Enterprises have many reasons for implementing an IT governance framework. These can range from business and IT alignment, integrated enterprise and IT risk management, IT enablement of business, IT resource and performance optimisation through to regulatory compliance and corporate governance requirements. Agilient can assist organisations in designing, implementing, communicating and maintaining an appropriate IT governance framework.
Agilent’s approach to IT Governance helps organisations in:
- Aligning the IT strategy with the business strategy.
- Measuring IT performance.
- Providing assurance to investors and shareholders that a ‘standard of due care’ around mitigating IT risks is being met by the organisation.
- Meeting regulatory requirements for IT controls in areas such as privacy and financial reporting and in specific sectors such as finance, pharmaceutical and healthcare.
- Putting in place measures that ensure IT achieves its objectives.
- Making IT resilient enough to learn and adapt.
- Recognising opportunities to improve IT and acting upon them.
- Obtaining demonstrable value from IT investments.
- Managing the selection of service providers, service outsourcing and acquisition.
- Managing the increasingly complex IT-related risks, such as network security.
- Benchmarking to compare enterprise performance against accepted standards and peers.
The development and implementation of an IT governance framework can be a complex project that requires specialist knowledge and the support of experienced practitioners. Agilient’s experienced IT governance consultants can help organisations implement a wide range of IT governance frameworks – including those based on the following standards:
- Control Objectives for Information and Related Technology (COBIT);
- ISO/IEC 38500: Information technology — Governance of IT for the organization;
- ISO/IEC 20000-1: Information technology — Service management — Part 1: Service management system requirements;
- ISO/IEC 20000-2: Information technology — Service management — Part 2: Guidance on the application of service management systems;
- ISO/IEC 20000-3: Information technology — Service management — Part 3: Guidance on scope definition and applicability of ISO/IEC 20000-1;
- ISO/IEC TR 20000-4: Information technology — Service management — Part 4: Process reference model;
- ISO/IEC TR 20000-5: Information technology — Service management — Part 5: Exemplar implementation plan for ISO/IEC 20000-1;
- ISO/IEC 20000-6: Information technology — Service management — Part 6: Requirements for bodies providing audit and certification of service management systems;
- ISO/IEC TR 20000-9: Information technology — Service management — Part 9: Guidance on the application of ISO/IEC 20000-1 to cloud services;
- ISO/IEC TR 20000-10: Information technology — Service management — Part 10: Concepts and terminology;
- ISO/IEC TR 20000-11: Information technology — Service management — Part 11: Guidance on the relationship between ISO/IEC 20000-1:2011 and service management frameworks: ITIL®;
- ISO/IEC TR 20000-12: Information technology — Service management — Part 12: Guidance on the relationship between ISO/IEC 20000-1:2011 and service management frameworks: CMMI-SVC;
- ISO/IEC 30105-1: Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 1: Process reference model (PRM);
- ISO/IEC 30105-2: Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 2: Process assessment model (PAM);
- ISO/IEC 30105-3: Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 3: Measurement framework (MF) and organization maturity model (OMM);
- ISO/IEC 30105-4: Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 4: Terms and concepts;
- ISO/IEC 30105-5: Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 5: Guidelines;
- ISO/IEC 30121: Information technology — Governance of digital forensic risk framework;
- ISO/IEC 38500: Information technology — Governance of IT for the organization;
- ISO/IEC TS 38501: Information technology — Governance of IT — Implementation guide;
- ISO/IEC TR 38502: Information technology — Governance of IT — Framework and model;
- ISO/IEC TR 38504: Governance of information technology — Guidance for principles-based standards in the governance of information technology; and
- ISO/IEC 38505-1: Information technology — Governance of IT — Governance of data — Part 1: Application of ISO/IEC 38500 to the governance of data.