6 C
Wednesday, November 22, 2017
Home Tags IT Governance

Tag: IT Governance

Information and technology (ITgovernance is a subset discipline of corporate governance, focused on information and technology (IT) and its performance and risk management. The interest in IT governance is due to the ongoing need within organizations to focus value creation efforts on an organization’s strategic objectives and to better manage the performance of those responsible for creating this value in the best interest of all stakeholders. It has evolved from The Principles of Scientific Management, Total Quality Management and ISO 9001 Quality management system.

Historically, board-level executives deferred key IT decisions to the company’s IT management and business leaders. Short-term goals of those responsible for managing IT can be in conflict with the best interests of other stakeholders unless proper oversight is established. IT governance systematically involves everyone: board members, executive management, staff, customers, communities, investors and regulators. An IT Governance framework is used to identify, establish and link the mechanisms to oversee the use of information and related technology to create value and manage the risks associated with using information and technology.

Various definitions of IT governance exist. While in the business world the focus has been on managing performance and creating value, in the academic world the focus has been on “specifying the decision rights and an accountability framework to encourage desirable behavior in the use of IT.”

The IT Governance Institute’s definition is: “… leadership, organizational structures and processes to ensure that the organisation’s IT sustains and extends the organisation’s strategies and objectives.”

AS8015, the Australian Standard for Corporate Governance of Information and Communication Technology (ICT), defines Corporate Governance of ICT as “The system by which the current and future use of ICT is directed and controlled. It involves evaluating and directing the plans for the use of ICT to support the organisation and monitoring this use to achieve plans. It includes the strategy and policies for using ICT within an organisation.”

Manchester, UK, 24th February 2016 - VXL, one of the world`s leading suppliers of thin clients and device management software, has entered into a new distribution agreement with Networks Unlimited to distribute its new Fusion Universal Device Manager (UDM) Premium software to resellers in the UK.Established in 1992, Networks Unlimited is one of the UK’s foremost distributors in the field of network management, security and productivity solutions. Under the terms of the agreement, Networks Unlimited is officially assigned ‘Platinum’ distributor status for VXL Software’s Fusion UDM Premium. Frank Noon - VP Worldwide Sales - VXL Supporting all devices running VXL Linux, Windows Embedded, Windows, Windows POS, Android and iOS, OS X and Windows Mobile, Fusion UDM Premium offers users an unbeatable combination of simple, transparent pricing, user-friendly operation and powerful features. A highly attractive customer proposition, Fusion UDM Premium opens up device management to companies of almost any size and in particular to those supporting between 100 - 1,000 users.

Delivering effective control of hardware inventory, ensuring licence compliance, security, software upgrades and patches, Fusion UDM Premium also supports the latest developments in Bring Your Own Device (BYOD). Frank Noon, VXL VP Worldwide Sales commented; “Networks Unlimited expertise in the field of networking communications and as a leading value-added distributor means they are an ideal partner for our new software business strategy”. “Together we’re perfectly placed to take advantage of the current and projected growth in demand for device management solutions that target the SMB and small enterprise sectors” he added. Peter Reynolds, Managing Director of Networks Unlimited also commented, “The addition of VXL’s new Fusion UDM Premium software represents a considerable benefit to our existing product portfolio, providing a credible solution for our customer base looking for a highly-powerful yet cost-effective device management software.” For further information about Fusion UDM Premium and to take a free, no obligation, 90-day evaluation please visit www.vxlsoftware.com. -ENDS- Please contact Ian Cope, Marketing Manager at ian.cope@vxl.netAbout VXL SoftwareVXL Software is a division of VXL Instruments.

Established in 1976, VXL is a global leading manufacturer of thin-, zero- and cloud-client devices.
VXL Software develops world-class software for a range of business-focussed uses including Fusion UDM Premium device management, CloudDesktop PC repurposing and Illumineye, digital signage solution. VXL Software is a global company, with locations in the USA, United Kingdom, France, Germany, the United Arab Emirates, India and Singapore.
VXL Software's Americas Group is headquartered in Houston, Texas.

The European headquarters is in Manchester, UK.
VXL Software’s development team, and the Asia Pacific headquarters, are based in Bangalore, India. Visit: www.vxlsoftware.com for more information. About Networks UnlimitedFounded in 1992, Networks Unlimited is a privately owned, limited company specialising in the provision of IT Management, IT Administration and IT Security systems and tools.Operating from our offices in West Sussex, our customers include leading organisations across all sectors including Retail, Finance & Banking, Manufacturing, Telecoms, Local & Central Government, Education and Healthcare. Acting as primary distributors/resellers, our partner vendors are some of the most respected in their fields, many being recognised by Gartner and Forrester Research and having numerous awards for their solutions. Networks Unlimited has been responsible for the introduction of numerous new IT operational management and security technologies to the UK market and have successfully supplied, installed and supported over 4,000 businesses both here in the UK and around the globe. Visit: www.nultd.nu for more information.
By 2020, 35% of organisations’ technology budget will be spent outside the IT department, according to estimates from analyst Gartner. This trend will have profound implications for the role of IT professionals and the IT team. The growth of “shadow IT”, as it has become known, has been given impetus by the growth of consumer technology and cloud computing, which make it increasingly easy to deploy technology without going through the corporate IT department. At the same time, businesses are under pressure to adopt new technology quickly, and realise they can often deploy more rapidly by bypassing the IT department. IT suppliers are also part of the shadow IT problem because they will bypass the CIO if they can, said John Harris, chief technology officer of Aimia, which runs loyalty card programmes, such as the UK’s Nectar. “We will have our marketing people go out and talk to clients' CMO [chief marketing officer], and talk to them about loyalty and about how data services can help them,” said Harris at a meeting of the CW500 Club for senior IT professionals. John Seglias, group IT director of transport firm Abellio Group, said he learned from a chance conversation with a supplier that his company was spending a six-figure sum on an IT system. “I said OK, who is your point of contact? I though he was going to say it’s your head of IT, but he said: 'Oh, I spoke to someone in procurement',”  said Seglias. Find out why shadow IT exists Ensuring that shadow IT is managed and governed properly is a challenging task for CIOs. Christoph Burtscher, CEO of Be2Change Consultancy and former head of corporate and IS governance for TheTrainline.com, advised CIOs to find out why people in their organisations are buying their own IT. “If you know why there is shadow IT, you can do something about it,” he said. “Make sure you put the tools in place to address that root cause.” If the IT department provides the right solutions and services, it becomes easier to discuss with other business departments why they are not happy with the IT they have, said Burtscher. “And then, as long as they apply the reference architecture, marketing services, HR assistance or whatever it might be, it all works together and you still deliver the best possible value,” he said. Don’t ban shadow IT Banning shadow IT is not the answer, however. For several years, pharmaceutical company GlaxoSmithKline (GSK) struggled with how to manage employees’ use of mobile phones at work, said Harris, a former IT executive at the firm. “I remember when telephones with cameras first came along,” he said. “Because there were sensitive places – laboratories, factories, the rest of it – you were not allowed to take photos and that was a fairly explicit rule.” GSK tried to enforce the rule by banning phones with cameras, but the policy fell down when cameras became a standard fixture in mobiles. The company realised it was better to educate employees not to misuse phones than to ban them. “We got back to it being a behavioural thing,” said Harris. “Don’t take photos and let’s all collectively enforce it as a policy.” He also recalled a discussion with a CIO at one company about employees’ use of the Yammer social media service. “He said, John, this Yammer thing – I have made a decision; I am going to shut it down,” said Harris. The pair happened to be in a pub, watching news coverage of Libya during the Arab Spring revolution. Colonel Gadaffi had just tried – and failed – to shut down the use of Twitter. “The conclusion we came to was that actually the world had changed, and we could no longer have a system with a big span of control,” said Harris. “The globalised idea to get them under control with one CTO was gone – the world had moved on.” Harris’s current employer, Aimia, chose to offer a company-approved alternative when its marketing team began using Yammer to share thoughts and ideas. Some of the ideas were commercially confidential and could have proved useful to a competitor. The problem was that no one was checking whether former employees still had access to the service after they had left the company. Aimia selected another service, Chatter from Salesforce.com, as its corporate collaboration platform, but there was no compulsion for staff to use the new system. “By the way, if you throw the latest marketing plan on Yammer, and someone has left the company to join one of your competitors and they pick it up, that is your accountability,” said Harris. This approach – setting the behaviour without trying to control every aspect of technology – has been very effective, he said. “It’s a different way of thinking, but it actually it works well for us. And we have found that we get a lot of creativity from people doing the right thing.” Encouraging innovation Taking the IT reins off the business will help organisations to respond more quickly, and to exploit technology to generate more innovative ideas. Aimia, for example, hires data scientists, and although they may not be technology experts, they have the freedom to develop their ideas and source their own cloud services for data analytics. “If they had to come to the IT department each time to set these things up, we would slow them down, we probably would not value them, it would probably just be another task,” said Harris. TheTrainline.com introduced the principle of failing fast in a controlled environment to encourage innovation. The IT department gave the commercial and marketing departments three developers to work on rapid prototypes. All the costs were written off in advance, and there was no pressure to produce a working product. The only proviso was that if the work did lead to a product, the IT department would test it on one of its systems. And if it succeeded, IT would be responsible for scaling the technology and rolling it out. The project led to one of TheTrainline’s most successful products, Farefinder, which allows customers to search for the cheapest rail fares. “That started with two IT developers sitting in a corner, trying to figure out a customer problem,” said Burtscher. The company also set up 24-hour hackathons with free beer and pizza in the office. Whoever came up with the best ideas was given a few days off. “That really worked,” said Burtscher. “That engaged the younger generation.” Treat IT as an ecosystem CIOs should think of IT not as a system, but as an ecosystem with components that fall both inside and outside the IT department, said Harris. “Where I think, ‘IT sometimes goes wrong’, that is treating IT as a binary, one or zero. I am in control or I am not in control,” he said. “If you fight to try and get an ecosystem under control and you try and treat it as a system, and you try to exert your authority, then you are going to fail.” We need to use the cloud to put in place a platform, an ecosystem, that you can offer to the business for a unit price with a well-understood service-level agreement John Seglias, IT director, Abellio Group The role of the IT department should be to set expectations for employees, not to control the way they use technology, said Harris. Compliance teams would not consider following the CFO to the pub to make sure he doesn’t disclose sensitive company information, said Burtscher. It is just accepted that he knows what he can talk about and what he shouldn’t. Companies should take a similar approach with their own employees when it comes to IT, he said. “Talk about what 'good' looks like, talk about what is acceptable. You put the onus on the individual.” Marketing people don’t really want to run IT systems The role of the IT department should be to support other parts of the business to choose the most effective technology. Chief marketing officers just want their systems to scale and to work; they don’t want to have to maintain IT systems, or take responsibility for them working. So they are usually more than happy for the IT department to step in and provide support, said Harris. “We talk about how we want to do security, how we are measuring service, integration against the back end,” he said, “all the things we know the CIO and the CTO are good at and marketing people haven’t thought of.” When you explain that the director of marketing needs to be available on the phone at 2am when the system goes down, they soon want to bring the IT department on board, said Burtscher. “At that point in time, the CFO will immediately have a discussion with you about how you can put it on IT support and have 24/7 support,” he said. Move from in-house to cloud Seglias said organisations should move away from providing IT in-house and towards buying in standard services. “We need to use the cloud to put in place a platform, an ecosystem, that you can offer to the business for a unit price with a well-understood service-level agreement,” he said. The role of the IT department will not be to deliver the systems, but to work with external providers to offer the service quickly, for the best cost. “It means that IT governance is not about saying 'I need three months to go away, work out how much coverage I need, put forward a request to the CFO, go through the IT governance process, get approval if I am lucky, and so on',” said Seglias. The skillset of IT professionals will change. Rather than being technology experts, their role will be to work with business professionals to evangelise the benefits of IT. I am sure there are times when the CIO loses their role because the CMO went out, bought lots of stuff and messed up. But you can no longer say 'I didn’t know about it, don’t talk to me' John Harris, CTO, Aimia A really good chief information security officer will not just be someone who knows the technology backwards and how to fight off cyber attacks, said Harris. “They will know how to do that, but they will spend their time evangelising and explaining, articulating the risk in the ecosystem, challenging what is good behaviour, and when is it that you should go along to the IT department to get sponsorship,” he said. Who carries the can? One of the challenges facing CIOs is that although they no longer control the IT in the organisation, they are still held responsible if it goes wrong. However, companies that are less focused on finding fault when things go wrong are more likely to encourage innovation and risk-taking. TheTrainline.com was one such place, said Burtscher, a former executive consultant at the company. The CIO at TheTrainline was responsible for all aspects of IT, even in areas where he ceded control to other parts of the business. But when things went wrong, the CEO’s focus was on fixing the problem, rather than apportioning blame. That freed up the CIO and the business to innovate and to use IT in creative ways to improve the business. “If failure means being fired, then it is really difficult for the CIO to accept responsibility for something that he could not control,” said Burtscher. Yet chief financial officers are routinely fired when their companies do not perform as expected. And CIOs must expect to fall on their sword if a technology failure damages the company. “I am sure there are times when the CIO loses their role because the CMO went out, bought lots of stuff and messed up,” said Harris. “Naturally, the CIO did not know about it. But you can no longer say 'I didn’t know about it, don’t talk to me'.” Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK This was first published in August 2014
Many drivers feel capable of exceeding the speed limit and handling their vehicle appropriately. How do you feel when you find yourself behind the wheel on a deserted highway late at night? At that point, do the traffic laws feel somewhat restrictive and even a little pointless? Speed limits are like regulations affecting IT - sometimes we simply do not see their value. We only recognise they make our life more difficult.  When it comes to information technology and the role of governance in an organisation, the situation is often similar as individuals are reluctant to be fenced in by rules and regulations. I recently had a discussion with several managers of a large corporation with which I am working. Compliance officers, information security officers and the like were discussing how difficult it is to make the regulations tangible for the organisations.  For instance, legal regulations are extremely stringent when it comes to the security of personal data, and yet they regularly have employees who write passwords on Post-it notes. Governance is undoubtedly an important subject for any organisation, but what does it really involve? If you were to ask 10 experts you would end up with 11 explanations. It is therefore important to distil the topic down to its key elements. What does IT governance really mean? IT governance is about managing the IT organisation of a larger corporate, in a manner that not only works according to all rules and regulations, but also makes sure the business works according to all rules and regulations. This is not an easy task to manage with an influx of new regulations from, among others, federal, state and European governments. If IT governance is only viewed as a "regulation enforcement initiative", it will be a hard sell to management and staff alike. It is, therefore, much more and requires: 1. A clear understanding of the real task of the IT department: I encourage every leader in this area to be self-confident in this respect. IT is and will be a game-changer for many industries. 2. A clear and understandable message of what IT does: In most cases, this is a massive challenge for the IT department. The IT team will never be seen as a true partner for the business if it cannot communicate in a way others understand.  When I look for a new car, I do not care about how many extra gadgets it has, how many kilometres of wire they used to connect them or how complicated it was to build. I simply want a car I can drive. In essence, this is what the business functions expect from IT. But they should expect more.  The true value of IT comes when it generates new business opportunities through the use of technology and is capable of selling these opportunities to the business side of the organisation. 3. The obligation to ensure all rules and regulations are met: This is where the communication side of things becomes even more difficult.  Basel III, SEPA and IFRS are business-related regulations that IT needs to cover as much as IT-driven regulations, such as  security or data protection issues like whether HR data of a German company can be stored at a UK, Czech or Indian datacentre. I often hear IT complaining, that the business does not understand the implications of, for instance, data security. If the business unit believes data security to be a purely IT topic and does not act, IT has not been able to communicate the real impact of the regulations on the business. I have previously faced this situation with a client. What we did was deliver a presentation that showed the company’s board members behind jail bars. This was to demonstrate the possibility of incarceration should they not comply with the necessary regulations. The point was made. 4. For IT to clean up its own act: There are legacy systems that no IT department would develop with today’s knowledge. If that is the case, take a stand and change it. The most important ingredient of successful governance The most crucial factor in any process, regulation or governance is not the systems, which might not be perfect, or the lack of definitions. It is the human factor. When things go wrong, people notice. If they speak up, then governance can be a value-generating approach to IT’s biggest challenges. To achieve this, a positive atmosphere for critical conversations has to be generated. This environment needs to be cultivated first within IT and then within the business functions. A client of mine did a survey among their top managers and only 60% of them felt able to raise concerns. That means that two out of five executives will not speak up if they see something going wrong. Unbelievable.  No compliance or governance system can outweigh the lack of trust. No company or department can expect to identify governance and compliance issues if people do not feel secure in raising concerns. This in turn will result in a company where innovative ideas are few and far between as speaking up is relegated to the scrap heap. An innovative idea must challenge the status quo, which will make some executives, who believe in the status quo, defensive. If you want to know where you stand right now, why not conduct a short survey within your IT organisation? Everyone can answer anonymously. Ask these questions: Do you know the strategy of your IT organisation?If yes: Describe it in your own words. Do you feel safe to speak up if you see the need for a change of the status quo? Are you able to say something if you notice a superior not adhering to the rules and regulations? Have you ever experienced, personally or as an observer, an instance when someone wanted to raise a concern but got interrupted or blocked? When was the last time you received recognition for your work from, firstly within IT and secondly from the business functions you are working with? Do you believe IT has the influence in the business it should have? What do you believe IT needs to improve to be a respected partner for the business? If you conduct this survey and proceed to act upon the information you gather you are going to make a positive move forward -a move that will benefit your IT governance and your organisation. Axel Rittershaus is an executive and leadership coach at The Executive Coach and president of the Cape Town chapter of the International Coach Federation (ICF) Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK This was first published in July 2014
OpenDNS’ cloud-delivered Umbrella security service protects enterprise users from malware, botnets and phishing regardless of location or device. OpenDNS, a provider of cloud-delivered Web security services, announced that it has integrated its Umbrella service for managed service providers (MSPs) with ConnectWise, a developer of service management software designed for IT service providers, value-added resellers (VARs), independent software vendors (ISVs) and MSPs. The integration between OpenDNS and ConnectWise is designed to enable MSPs to manage their security services within the ConnectWise platform and access monitoring and reporting information from Umbrella, including malware blocked, contained infections and service status. OpenDNS’ cloud-delivered Umbrella security service protects enterprise users from malware, botnets and phishing regardless of location or device.

At the heart of all OpenDNS services is the OpenDNS Global Network, which secures 50 million active users daily through 20 data centers worldwide. "As an MSP, we need to be able to quickly and easily explain the value of our security service to customers. OpenDNS enables us to do this by providing instant visibility into network activity and metrics like the number of malware infections prevented and domains blocked," Ethan Tancredi, president of MySherpa, an IT managed services firm, said in a statement. "Being able to access actionable OpenDNS security data alongside other customer information within ConnectWise allows us to automate service and account management processes." The OpenDNS-ConnectWise integration enables MSPs to centrally access data from the Umbrella security service within the ConnectWise platform, including service status on customer endpoints, malware infections blocked and the number of Botnets contained. "The ability for MSPs that use ConnectWise to instantly access actionable data from the OpenDNS security service in one unified console provides the visibility they need to act as CIO for their customers," Dima Kumets, MSP product manager for OpenDNS, said in a statement. "The OpenDNS-ConnectWise partnership enables MSPs to centralize and automate business processes so they can service customers better, faster and most cost effectively, which increases renewal rates." Those MSPs can also access information regarding the top Websites visited, blocked domain statistics, top Website categories and the number of DNS queries processed. "The Umbrella by OpenDNS cloud-delivered security service is a natural complement for ConnectWise’s advanced automation platform.

This integration is attractive to MSPs because it transparently protects customers from advanced cyber-threats at the network layer," Jeannine Edwards, director of ConnectWise Community, said in a statement.