Page 30 - Courses
P. 30
IT Essentials — Introduction to IT
In addition to the CIO and/or CTO, organizations may also have a chief information security officer
(CISO) to oversee IT security, and often a dedicated data protection officer (DPO), chief data officer
(CDO), and/or a chief privacy officer (CPO) to oversee data privacy and compliance with regulations
related to privacy. To avoid conflicts of interest, the DPO, CDO, CPO, and CISO often function
independently of IT.
To have a “seat at the table” is to be included in the organization’s decision-making body. This could
include upper management, C-suite personnel, or the board. Having a seat at the table implies a
level of position, power, and respect that comes with the ability to help shape and impact the
direction of an organization.
It is important for IT leadership to have a seat at the table to better understand the organization it
supports and its critical processes, priorities, and strategic objectives. IT leadership should
participate at the initiation stage of enterprise (business driven) projects to provide meaningful
input regarding key business decisions that will require direct or indirect IT support.
Benefits of Effective IT Operations
It is also important for IT operations to be run as a business and be competitive with external
sourcing options. Duties may be performed in-house or outsourced depending on strategy (e.g.,
protecting intellectual property, maintaining control of core activities, or economies of scale),
budget and staffing requirements, or combinations thereof. IT operations should:
• Manage and maintain service level agreements (SLAs).
• Provide and monitor key performance indicators (KPIs) and key risk indicators (KRIs).
• Retain relationship managers to manage the services offered internally, externally, and
to the organization as a customer.
Oftentimes, IT operations is simply referred to as IT.
Oversight Processes
Key elements and components of IT governance oversight processes include:
Copyright © 2020 by The Institute of Internal Auditors, Inc. All rights reserved.