Continuous Improvement

Is COVID-19 Rewriting the Guidelines of IT Governance?

Since the onset of COVID-19, corporate board members have faced a string of difficult situations. Many companies have changed their delivery models, and more professionals are now opting to work remotely to adhere to new social distancing protocols. Remember, no enterprise remains 100% prepared for unprecedented times. However, strong governance in a company’s IT security program helps organizations adapt to the changing environment. In this article at ISACA, Gabriel Cusu explains the role of IT governance during the COVID-19 pandemic.

IT Governance in Unprecedented Times

IT governance plays a massive role in bridging the gap between business goals and the enterprise’s IT infrastructure. “This framework then needs to be tailored to the enterprise’s needs (design factors): enterprise strategy/goals, risk profile, size, threat landscape, compliance requirements, role of IT, sourcing model for IT, IT implementation methods and technology adoption strategy,” says Cusu. Continuing IT services and maintaining IT during a disaster is a part of business continuity planning (BCP) within the IT governance process scope.

Organizations must, therefore, establish and maintain a plan to enable the business to quickly respond to an incident. To establish a robust plan, the enterprise must identify what processes are critical for its business and what must be done during uncertain times. The purpose of IT governance here is to make organizations more resilient, adapt rapidly, and continue business operations during unprecedented times. Resilience is a system or network’s ability to resist failure or recover from any disruption, usually with minimal effect. This is a healthy governance framework.

More Comprehensive Approach

Working closely with management on strategy, overseeing an expanded menu of risks, engaging in more thoughtful deliberation, tracking a richer set of performance measures – all of these activities demand time. Organizations must tailor their IT governance approach to fit their needs. A working governance program is a customized program, with individual pieces glued together to serve the business’s needs.

To read the original article, click on

Show More
Back to top button

We use cookies on our website

We use cookies to give you the best user experience. Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.