SUMMARY OF STUDY OBJECTIVES

An introduction to IT governance and its role in strategic management. The board of directors and top-level executive managers must take responsibility to ensure that the organization has processes that align IT systems to the strategies and objectives of the organization. IT systems should be chosen and implemented that support attainment of strategies and objectives. To ensure that IT systems support long-term strategic objectives and also support daily operations, management must constantly assess its current situation, where it plans to go, and which IT systems will help it get there. To be effective, this assessment should be part of an ongoing process to evaluate organizational direction and the fit of IT to that direction. The board and management should establish ongoing processes and procedures to accomplish this IT fit. These processes would include an IT governance committee and a systematic approach to IT system change, such as a systems development life cycle approach.

An overview of the system development life cycle (SDLC). The SDLC is a systematic approach to the change or upgrade of an IT system. While there are many approaches to the SDLC, a popular approach has five phases: systems planning, systems analysis, systems design, systems implementation, and operation and maintenance. These five phases are a structured and systematic way to undertake changing or upgrading IT systems.

The elements of the systems planning phase of the SDLC. Systems planning is the evaluation of long-term, strategic objectives and the prioritization of the IT systems that assist the organization in achieving its objectives. Systems planning also involves the planning and continuing oversight of the design, implementation, and use of those IT systems. The planning phase involves matching organization strategy to IT strategy and selecting IT changes that successfully meet the requirements of the feasibility study. In a feasibility study, the realism of the possibility of each proposed IT change is assessed on four dimensions: technical feasibility, operational feasibility, economic feasibility, and schedule feasibility.

The elements of the systems analysis phase of the SDLC. Systems analysis is a study of the current system to determine the strengths and weaknesses and the user needs of that system. Analysis requires the collection of data about the system and the careful evaluation of that data to identify areas of the system that can be improved. Data are collected through observation, documentation review, interviews, and questionnaires.

The elements of the systems design phase of the SDLC. Systems design is the creation of the system that meets user needs and incorporates the improvements identified by the systems analysis phase. The design phase includes generating alternative conceptual designs, evaluating those designs, selecting the best conceptual design, and designing the details of the selected conceptual design.

The elements of the systems implementation phase of the SDLC. Implementation consists of the steps undertaken to program, test, and activate the IT system selected in the system design phase.

The elements of the operation and maintenance phase of the SDLC. Operation and maintenance is the regular, ongoing functioning of the IT system and the processes to fix small problems, or “bugs,” in the IT system. During ongoing operation, management should request and receive ongoing reports about the performance of the IT system.

The critical importance of IT governance in an organization. The SDLC serves as the mechanism to continually assess the fit of IT systems to long-term strategy and short-run goals of the organization. As such, it is an important part of the strategic management of the organization. The SDLC process also serves as a mechanism to monitor and control security, availability, acquisition, implementation, and maintenance of IT systems. In addition, the SDLC assists management in ensuring that it maintains accurate and complete accounting records and accounting reports and that it maintains full disclosure within those reports. The SDLC is a mechanism that assists the organization in developing accurate and complete accounting processes and systems.

Ethical considerations related to IT governance. Managers, employees, and consultants all have obligations to act ethically while engaged in changes to IT systems. Managers must ensure that proper IT systems are functioning to meet the stewardship obligation they have for the assets entrusted to them. In addition, they must consider confidentiality and the effects of employee displacement as changes occur. Employees have obligations to provide honest feedback about IT systems and to not disclose confidential information. Consultants have ethical obligations to bid and bill time fairly, to not oversell IT system modules, and to maintain confidentiality.

KEY TERMS