Corporate Governance An effective Corporate IT Governance structure is the single most important predictor of getting value from IT. In fact, according to a recent study of 256 companies between 2001 and mid-2003 by MIT, businesses with superior governance practices generated 20% higher profits on average compared to other companies with status-quo governance practices. The idea behind Corporate IT Governance structures is to bring together key IT and business managers and give them joint responsibility for making decisions about technology priorities and investments. Effective IT Full-Cycle Governance does the following: Provides insight and advice to the board of directors on IT topics Gives direction on IT strategy to senior management Includes board members, key executives, external IT experts, business unit leaders and IT managers Makes decisions on IT spending levels, project plans and other operational issues Oversees daily management of projects and delivery of IT services to end users Improves the success of IT projects by transforming business project sponsors into business project leaders Cascades project accountability throughout the organization rather than leaving accountability to the CIOs IT Governance Sarbanes-Oxley compliance has become one of the most dominant business challenges facing corporate America today. As technology is at the core of most business operations, governance rigor now applies to the CIO and the IT organization. One of the principle concerns facing IT departments is how to produce well-defined and repeatable processes to help mitigate risk and achieve audit compliance. Establishing an IT Governance entity allows you to deploy services that are standardized and repeatableólowering the cost of service delivery, ensuring alignment with business unit customers, and improving service quality. At its most basic level, IT Governance is the set of policies, processes and procedures that support all IT activities. A governance framework and process is necessary to ensure that process implementations work as intended. Governance does not necessarily equate to police action. However, governance provides control over these processes and clearly assigns responsibilities for managing the execution of the processes. The fundamental practices to provide governance initially should include Requirements Management, Change Management, Software Configuration Management and Quality Assurance Testing. These best practices are foundation components that are necessary to ensure control over changes to software products. Aspen provides expertise in those areas to help your organization build better practices. For example, during an assessment of one of Aspen ís transportation clients it was identified that there were no consistent processes or practices across the IT development teams for requirements management, quality assurance testing or software configuration management. The practices that did exist were insufficient to be considered a best practice. Aspen defined an IT Governance structure, as well as the processes to support the structure. Additionally, Aspen provided educational materials, training and mentoring to key personnel within the organization to ensure the IT Governance entity was successful in its mission.