IT governance is about producing value for the business and mitigating risk. Both are key aspects of PPM.
Q: Does implementing PPM satisfy all the requirements of IT governance? A: No.
Q: Should PPM be an integral part of your IT governance strategy? A: Yes!
The IT Governance Institute, which was founded in 1998, identifies the following objectives and requirements for IT governance:
- Alignment: For IT to be aligned with the enterprise and realize the promised benefits of information technology
- Value: For IT to enable the enterprise by exploiting opportunities and maximizing benefits
- Resource Optimization: For IT resources to be used responsibly
- Risk Mitigation: For IT-related risks to be managed appropriately
PPM fully meets the first three objectives of IT governance by:
- Prioritizing the IT portfolio of projects and applications according to business objectives and expected benefits
- Responding to changing conditions and new opportunities by being able to rapidly reallocate resources with a full understanding of the impact
- Knowing exactly what projects people are working on and making clear business decisions on what the priorities are and how well resources are utilized
Risk mitigation has two dimensions: operational risk and compliance, and project risk. PPM manages project risk by ensuring that projects are delivered on time, on budget, and on quality. Operational risk and compliance requires other disciplines such as GRC, Security, and application controls.
So implementing PPM is a great starting point for IT governance initiatives and creates the foundation for managing the entire governance program.
- Alex Lobba
Comments