IT Governance Process

  • IT Governance Process
Automation Consultants Governance Model is based on COBIT, ITIL and ISO 17799 Models and Forrester Research frame of work. At its most basic definition, IT governance is the process by which decisions are made around IT investments. How decisions are made, who makes the decisions, who is held accountable, and how the results of decisions are measured and monitored are all parts of IT governance. Based on this definition, everyone has some form of IT governance. Unfortunately for many firms, the governance process is ad hoc and informal. There is no consistency across the enterprise, accountability is weak — if present at all — and there are no formal mechanisms to measure and monitor the outcomes of the decisions.


Enterprise Architecture


  • ITIL

The IT Infrastructure Library (ITIL), initially developed in the UK by the Office of Government Commerce (OGC), is gaining traction in the global IT community as a framework for IT governance.  The library currently consists of eight books, including: Software Asset Management, Service Support, Service Delivery, Security Management, Application Management, ICT Infrastructure Management, The Business Perspective, and Planning to Implement Service Management. ITIL is focused on identifying best practices in regards to managing IT service levels and is particularly process-oriented.

  • Planning to Implement Service Management
  • The Business Perspective
  • Software Asset Management
  • Service Support
  • Service Delivery
  • Security Management
  • ICT Infrastructure Management
  • ISO 17799

  The International Organization for Standardization has developed the third major governance framework, ISO 17799, titled “Information Technology — Code of Practice for Information Security Management.” It was first released by the ISO in December 2000. However, it is based on British Standard 7799, which was finalized in 1999. The intent of the standard is to focus on security and aid an organization in the creation of an effective IT security plan.