Organizations are increasingly making use of their Information and Communication Technologies (ICT). However, to maximize the value ICT contribute to the business, adequate management is not sufficient, as it is also required to perform constant alignment of ICT with the organization’s strategic objectives.
ICT governance comprises the set of activities carried out by a given organization in order to direct and control the use of ICT such that their current and future performance meets the organization’s requirements and needs.
ICT governance, includes activities related to the following spheres of action:
- Supervision of ICT performance, focusing both on the operating and functional aspects, and the quality and security guarantees offered.
- Assessment of the results of such supervision, evaluating them in terms of both strategic requirements, interests and needs of the organization, and the existing technological and functional possibilities available.
- Design of the technological strategy of the organization, defining the policies and guidelines to be observed and the technological plans to be developed in terms of ICT from the results of the analysis.
The main reference models for ICT governance are COBIT® and ISO/IEC 38500. The former refers to a framework integrated for the government and ICT management developed by private enterprise, ISACA, whereas the latter is an international standard that defines the basic principles required to make proper, efficient and effective use of IT.