Print this page Share

Making IT Governance Work in a Sarbanes-Oxley World

ISBN: 978-0-471-77199-9
288 pages
October 2005
Making IT Governance Work in a Sarbanes-Oxley World (0471771996) cover image
This book discusses a dilemma common to many corporation’s IT departments--the tension between top-down governance directives and the challenge to get everything properly functioning on a bottom-up basis. Making IT governance work does not simply mean adherence to an ABC of (a) going more deeply into rules, (b) implementing a framework, and (c) registering good results. Neither is this book a guide to frameworks and compliance. Its goal is to describe an entire repertoire of resources that can assist in arriving at better IT governance. Among these resources are CobiT, bottom-up governance principles such as distributed leadership constitute another, and portfolio management.

This book provides a realistic governance of information and IT in corporations. The authors' view is that "new technology" can only achieve its optimum impact when it is properly managed. Money and behavior are key factors: the money that information and IT must generate and the activity and latitude of people in the organization from top to bottom. This book:

  • Presents a clear view on the relationship of corporate governance and IT governance.
  • Provides recent Sarbanes-Oxley history and the compliance consequences for organizations.
  • Offers in-depth insight into IT portfolio management.
  • Provides an overview of various IT governance opinions from such groups as Gartner, Forrester, and IT Governance Institute.

Energetic, thoughtful and highly informative, this book provides a valuable and timely guide to IT governance and the complexities of IT management in an increasingly regulated world. The authors are great at focusing on the things that really matter for practitioners. The book is also very readable.
Leslie P. Willcocks
Professor of Technology, Work and Globalization
London School of Economics

See More


PART ONE: Management: Governance and Its Human Dimension.

Chapter 1: Types of Governance, Business Performance, and Common Sense.

From the Separation of Powers to Sarbanes-Oxley.

Corporate Governance Is Good Management.

Governance in Corporations: All about Business Performance.

Essentials of IT Governance.

Plain Common Sense.

Chapter 2: Impact and Challenges of Betrayed Trust.

Progress and Its Crisis of Faith.

The Role of IT and the Internet.

The American President Intervenes.

Eight Challenges Plus the Millennium Problem.

Insight as the Basis of Realism.

PART TWO: Accountability: An Economic-Based Business Focus for IT.

Chapter 3: A Basis for IT Management.

IT Measurement: Turning a Three-Leaf into a Four-Leaf Clover.

IT Is Infrastructure and E-Business.

Where Are We in Terms of the Micro- and Macro-Economics of E-Business?

E-Business and the Shift from Decree to Dialogue.

The IT Democracy.

Not Dialogue but Babble.

Limits to the Babble, but Almost Any Governance Structure Will Do.

exT: Death of IT.

Keep It Simple, Stupid!

Money Makes the World Go Round: Rapid Economic Justification and Total Economic Impact.

The Strategic Role of the CIO.

Strategic Focus and Alignment.

IT Governance: From Structures to Mechanisms and Techniques.

Chapter 4: IT Portfolio Management.

What Is Involved in a Portfolio Approach?

An IT Portfolio Approach in Practice.

IT Portfolio Management Begins with Outlines, Architecture, and Calculation.

Maturity and IT Portfolio Management.

Governance, Projects, Programs, and Performance.

The Portfolio Approach as an Aggregation of Balanced Scorecard, Activity-Based Costing, and Economic Value Added.

After 50 Years of Portfolio Thinking, IT’s Turn Has Come.

Thou Shalt Practice IT Portfolio Management.

Nine Initial Practical Lessons, Plus One.

Portfolio Management? By All Means, but.…

Chapter 5: Activity-Based Costing, Economic Value Added, and Applied Information Economics.

Charting Costs.

Hence ABC, but How?

ABC: The Right Price and IT.

Real Economic Value and the ROI of IT.

Some Critical Remarks.

Applied Information Economics.

The Human Measure of Ambition and Limitations.

PART THREE: Supervision: Stimulating Desirable Behavior.

Chapter 6: Take Action When Necessary.

Desirable Behavior as a Blind Spot.

Economics of Governance.

Supervision: A Lot or a Little?

Good Mores or Good Laws?

Our Limitations.

Our Intentions.

Arguments and Misunderstandings.

Keep IT Governance Simple and Make Goals Apparent.

The Balance of Supervision and Intervention.

Chapter 7: Leadership: Overseeing Change.

IT Governance and Leadership.

From Control to Distributed Leadership.

People No Longer Put up with Control.

Eight Leadership Roles.

Realists at the Helm.

Cooperation instead of Coercion.

No Prospects without Building Trust.

Management as Institutionalized Mistrust.

Back to IT Governance and Leadership.

Leadership and Language.

The Charisma and Leadership Paradox.

Chapter 8: Issuing Rules Is Maintaining Supervision.

The Legislator as Supervisor.

The IT Management Reform Act of 1996 (Clinger-Cohen Act).

Public Company Accounting Reform and Investor Protection Act of 2002 (Sarbanes-Oxley).

European Legislation: Comply or Explain.

A European Example: Dutch Legislation.

Chapter 9: Frameworks and Accountants as Means of Supervision.

Management Goals for Information and IT.

COBIT Will Do This, but...?

COBIT and the Balanced Scorecard.

Six Sigma: Plus or Minus Three Times the Standard Deviation.

Information Orientation and the Importance of Desirable Behavior.

Accountants Overlook IT Value.

Which Framework Should We Choose?

APPENDIX A: From Control to Drift.

APPENDIX B: The COBIT IT Governance Maturity Model.

APPENDIX C: Ten Definitions of Corporate Governance in the European Member States.

APPENDIX D: KIMBIA, the Portfolio Model of Rabobank Nederland: Management/Business ICT Alignment Implementation Chains.


See More
Jaap Bloem is a senior analyst with the Research Institute for New Technology (ViNT). He has coauthored two books: one on components in business and IT architecture, and the other on governance of information and technology in the context of corporate and financial governance. He was a consultant with KPMG and cofounder of the IT Trends Institute.

Menno van Doorn is a manager of ViNT and contributor to several management and IT periodicals. He coauthored a book on the governance of IT in the context of corporate governance. For many years, he was a business consultant working with leading multinational corporations.

Piyush Mittal is the U.S. National Delivery Manager for Sogeti, a CapGemini company. He works closely with businesses and IT teams on major initiatives including global delivery, outsourcing, large systems development, and ERP deployment.

ViNT is part of Sogeti Netherlands B.V. and is directed by an advisory board that sets the research agenda of the institute. Members of the board are top executives of international organizations.

See More
"In a nutshell, this is a book with a great amount of valuable content…a good book for the reference shelf…" (freeprint.com, August 2006)
See More
Back to Top