IT Governance

IT Governance

IT Governance Jonathan Poland

IT Governance refers to the way in which an organization’s executive leadership manages and directs information technology. It is a type of corporate governance that involves the use of processes and practices to control and guide the use of technology within an organization. The scope and nature of IT Governance may vary significantly depending on the industry, internal politics, and maturity of the organization. The following are common practices.

Application Portfolio Management
Oversight of applications at the portfolio level. In many cases, an annual health check is performed to identify risks related to legacy systems, compliance, capacity and availability.

Asset Management
Governance of IT asset management processes such as asset life cycle management and IT inventory management.

Audits
Financial, technology and security audits.

Benchmarking
Comparison of IT performance and costs to your industry and competition.

Business Technology Alignment
Strategic management of gaps between business needs and IT capabilities. This includes things such as products that lack IT integration and addressing business pain points with IT. An IT Governance board may sponsor initiatives to analyze gaps that act as an input to strategy formation and tactical actions.

Capability Management
Viewing business and IT as a set of capabilities. A useful technique for executive management of strategy, risk management and performance visualization.

Compliance
Governance of IT regulatory compliance.

Enterprise Architecture
The practice of managing architecture at the organizational level. It is common for an enterprise architecture team to act as working level support for IT Governance. For example, they may propose practices, review project architecture and deliver analysis and reporting.

Facilities And Infrastructure
Governance related to IT facilities and infrastructure such as data centers.

Financial Governance
Financial controls such as budget approvals.

Information Governance
Mechanisms of information governance to support legal, risk and operational requirements. For example, roles and responsibilities such as data stewards and custodians may be established.

Information Security
The practice of defending your information from threats. In many cases, information security garners much attention from both Corporate Governance and IT Governance bodies.

IT Operations
Governance of core IT processes.

Information Technology Performance Management
Monitoring and measurement of IT performance metrics.

Information Technology Practices
Establishment and direction of practices related to IT such as a Project Management Office.

Information Technology Processes
Establishment and oversight of IT processes such as service management.

Information Technology Risk Management
Identification and treatment of risks related to IT. Not to be confused with Risk IT, the technology capabilities used to manage business risk.

Information Technology Strategy
Planning IT strategy and setting goals.

Knowledge Management
Establishing and governing knowledge management practices such as the requirement that application managers and projects document their architecture.

Problems And Incidents
It is common for an IT Governance Board to review a monthly incident report or investigate a particularly high impact incident.

Procurement
Governance of IT procurement processes potentially with approval authority for major deals.

Programs And Projects
Reviews of programs and projects often at defined checkpoints such as budget approval and pre-launch.

Quality Assurance
Governance of quality assurance practices such as development and testing processes.

Reporting And Dashboards
A governance board may sponsor reports and dashboards to support activities such as strategy formation and risk management. Dashboards may also be developed to provide visibility into IT for corporate governance and executive management purposes.

Service Portfolio Management
Governing IT as a collection of services.

Standards And Certifications
Developing or adopting standards and governance of certification processes.

Supplier Management
Governance of vendor management practices.

Customer Satisfaction Jonathan Poland

Customer Satisfaction

Customer satisfaction is the practice of measuring how happy customers are with a brand’s products and services. This is typically…

Risk Mitigation Jonathan Poland

Risk Mitigation

Risk mitigation is the process of identifying, analyzing, and taking steps to reduce or eliminate risks to an individual or…

Environmental Challenges Jonathan Poland

Environmental Challenges

Environmental issues are detrimental changes to the Earth’s natural surroundings that negatively impact the current quality of life for individuals…

SLED Contracts 150 150 Jonathan Poland

SLED Contracts

A SLED contract refers to a contract awarded by State, Local, and Education (SLED) government entities. These contracts involve the…

Keep It Super Simple Jonathan Poland

Keep It Super Simple

Keep it Super Simple or Keep it Simple Stupid. The KISS principle is a design guideline that suggests that unnecessary…

Time to Volume Jonathan Poland

Time to Volume

Time to volume is a marketing metric that measures the time it takes for a new product to go from concept to launch and reach a significant level of sales or usage.

Willingness to Pay Jonathan Poland

Willingness to Pay

Willingness to pay (WTP) is a measure of how much a customer is willing to pay for a product or…

Reputational Risk Jonathan Poland

Reputational Risk

Reputational risk refers to the potential for damage to an organization’s reputation as a result of its actions or inactions.…

Praxeology Jonathan Poland

Praxeology

Praxeology is the study of human action, particularly as it pertains to decision-making and the pursuit of goals. The term…

Jonathan Poland © 2026

Enter your
text here

Learn More

Dismissing Employees Jonathan Poland

Dismissing Employees

Letting go (aka firing) employees is a difficult and sensitive task, and it’s important to handle it with care and…

What is a Competitive Market? Jonathan Poland

What is a Competitive Market?

A competitive market is a type of market in which there are numerous buyers and sellers, and in which the…

Tactical Planning Jonathan Poland

Tactical Planning

Tactical planning is the process of developing specific strategies and actions to achieve the objectives of an organization. It involves…

First Principles Thinking Jonathan Poland

First Principles Thinking

Overview First principles thinking is a method of reasoning that involves breaking down complex problems into their most basic and…

Quality Metrics Jonathan Poland

Quality Metrics

Quality metrics are measurements that are used to evaluate the value and performance of products, services, and processes. These metrics…

Lead Generation Jonathan Poland

Lead Generation

Lead generation is the process of identifying and attracting potential customers for a business. This is typically the first step…

Brand Management Jonathan Poland

Brand Management

Brand management is the process of creating, developing, and managing a brand in order to build brand equity and drive…

Product Risk Jonathan Poland

Product Risk

Product risk refers to the potential for negative consequences that may result from the development, production, or use of a…

Toxic Positivity Jonathan Poland

Toxic Positivity

Top-down and bottom-up are opposing approaches to thinking, analysis, design, decision-making, strategy, management, and communication. The top-down approach begins with…