Making IT Governance Work in a Sarbanes-Oxley World

Jaap Bloem is a senior analyst with the Research Institute for New Technology (ViNT). He has coauthored two books: one on components in business and IT architecture, and the other on governance of information and technology in the context of corporate and financial governance. He was a consultant with KPMG and cofounder of the IT Trends Institute. Menno van Doorn is a manager of ViNT and contributor to several management and IT periodicals. He coauthored a book on the governance of IT in the context of corporate governance. For many years, he was a business consultant working with leading multinational corporations. Piyush Mittal is the U.S. National Delivery Manager for Sogeti, a CapGemini company. He works closely with businesses and IT teams on major initiatives including global delivery, outsourcing, large systems development, and ERP deployment. ViNT is part of Sogeti Netherlands B.V. and is directed by an advisory board that sets the research agenda of the institute. Members of the board are top executives of international organizations.

FOREWORD. PREFACE. PART ONE: Management: Governance and Its Human Dimension. Chapter 1: Types of Governance, Business Performance, and Common Sense. From the Separation of Powers to Sarbanes-Oxley. Corporate Governance Is Good Management. Governance in Corporations: All about Business Performance. Essentials of IT Governance. Plain Common Sense. Chapter 2: Impact and Challenges of Betrayed Trust. Progress and Its Crisis of Faith. The Role of IT and the Internet. The American President Intervenes. Eight Challenges Plus the Millennium Problem. Insight as the Basis of Realism. PART TWO: Accountability: An Economic-Based Business Focus for IT. Chapter 3: A Basis for IT Management. IT Measurement: Turning a Three-Leaf into a Four-Leaf Clover. IT Is Infrastructure and E-Business. Where Are We in Terms of the Micro- and Macro-Economics of E-Business? E-Business and the Shift from Decree to Dialogue. The IT Democracy. Not Dialogue but Babble. Limits to the Babble, but Almost Any Governance Structure Will Do. exT: Death of IT. Keep It Simple, Stupid! Money Makes the World Go Round: Rapid Economic Justification and Total Economic Impact. The Strategic Role of the CIO. Strategic Focus and Alignment. IT Governance: From Structures to Mechanisms and Techniques. Chapter 4: IT Portfolio Management. What Is Involved in a Portfolio Approach? An IT Portfolio Approach in Practice. IT Portfolio Management Begins with Outlines, Architecture, and Calculation. Maturity and IT Portfolio Management. Governance, Projects, Programs, and Performance. The Portfolio Approach as an Aggregation of Balanced Scorecard, Activity-Based Costing, and Economic Value Added. After 50 Years of Portfolio Thinking, IT's Turn Has Come. Thou Shalt Practice IT Portfolio Management. Nine Initial Practical Lessons, Plus One. Portfolio Management? By All Means, but... Chapter 5: Activity-Based Costing, Economic Value Added, and Applied Information Economics. Charting Costs. Hence ABC, but How? ABC: The Right Price and IT. Real Economic Value and the ROI of IT. Some Critical Remarks. Applied Information Economics. The Human Measure of Ambition and Limitations. PART THREE: Supervision: Stimulating Desirable Behavior. Chapter 6: Take Action When Necessary. Desirable Behavior as a Blind Spot. Economics of Governance. Supervision: A Lot or a Little? Good Mores or Good Laws? Our Limitations. Our Intentions. Arguments and Misunderstandings. Keep IT Governance Simple and Make Goals Apparent. The Balance of Supervision and Intervention. Chapter 7: Leadership: Overseeing Change. IT Governance and Leadership. From Control to Distributed Leadership. People No Longer Put up with Control. Eight Leadership Roles. Realists at the Helm. Cooperation instead of Coercion. No Prospects without Building Trust. Management as Institutionalized Mistrust. Back to IT Governance and Leadership. Leadership and Language. The Charisma and Leadership Paradox. Chapter 8: Issuing Rules Is Maintaining Supervision. The Legislator as Supervisor. The IT Management Reform Act of 1996 (Clinger-Cohen Act). Public Company Accounting Reform and Investor Protection Act of 2002 (Sarbanes-Oxley). European Legislation: Comply or Explain. A European Example: Dutch Legislation. Chapter 9: Frameworks and Accountants as Means of Supervision. Management Goals for Information and IT. COBIT Will Do This, but...? COBIT and the Balanced Scorecard. Six Sigma: Plus or Minus Three Times the Standard Deviation. Information Orientation and the Importance of Desirable Behavior. Accountants Overlook IT Value. Which Framework Should We Choose? APPENDIX A: From Control to Drift. APPENDIX B: The COBIT IT Governance Maturity Model. APPENDIX C: Ten Definitions of Corporate Governance in the European Member States. APPENDIX D: KIMBIA, the Portfolio Model of Rabobank Nederland: Management/Business ICT Alignment Implementation Chains. INDEX.