From Information Governance to IT Governance: An Overview of Issues and Frameworks for Large Organizations

From Information Governance to IT Governance: An Overview of Issues and Frameworks for Large Organizations

DOI: 10.4018/978-1-5225-7826-0.ch001
(Individual Chapters)
No Current Special Offers


Information governance is more established in organizations. While the need to manage information is not new, new challenges have emerged over the past decade and have grown and become more complex with the opportunities offered by emerging technologies. This chapter provides a deep overview of current information governance literature across five key focus areas defined by COBIT 5: business strategic alignment, delivery of value, risk management, management, and performance management. The chapter focuses on synthesizing the current literature on information governance definitions and issues. The purpose of this chapter is to present a detailed overview of research across information governance definitions in the last two decades. The chapter aims to guide future research in each of the focus areas of information governance.
Chapter Preview


The development of digital technologies, the modification of company structures, and the upheaval of practices have undermined these objectives in organizations. The digital tsunami, the big content that is overwhelming society is also affecting organizations (Murphy, Lyytinen, & Somers, 2018). Info-obesity and the dissemination of information within the company risk, if nothing is done to weaken it. They have relied on and many still rely on computer tools to solve their information problems, neglecting to define governance policies. Paradoxically, while it cannot be denied that tools are valuable aids, they are also the source of new challenges. Digital technologies have increased the dispersion of information and the proliferation of documents. The development of digital technology and the increasing simplicity of the tools also gave the illusion that information governance had become unnecessary and that everyone could appropriate the skills needed to manage information. As access to information has become more democratic, the role of the information professional as an intermediary has been called into question. Its competences have been diluted, its functions have been redistributed to other poles or delegated to the user himself. However, the problems of controlling information flows do not only concern technology, but their origin is also often organizational or human (Bailey, Minto-Coy, & Thakur, 2017).

The value of information has also evolved. As an organizational factor, information has become an asset that helps companies to become more competitive. Now seen as capital worth considering, it must be managed as an essential resource and developed (Pang, 2014).

On the other hand, mismanagement is a risk factor (von Solms & van Niekerk, 2013). At a time when regulatory and transparency requirements are increasingly stringent, companies must protect themselves against the risk of legal disputes. It also endangers its image with the loss of information or poor dissemination of data. However, the most frequent problem is the loss of time spent searching for information and thus productivity. Information governance is once again becoming a priority for companies (Joshi, Bollen, Hassink, De Haes, & Van Grembergen, 2018). More and more of them are concerned about these issues and are implementing global or “information governance” policies.

When we talk about information governance, we generally think of large companies but not necessarily small structures. While information volumes are smaller, and players are closer, they are also affected by the information explosion and, unlike large companies, these difficulties are compounded by a lack of resources to deal with them. What is the situation in the associative world? The risks are certainly less important than in a commercial organization, but the issues related to information control and access are also crucial (Bailey et al., 2017).

While the need to manage information is not new, new challenges have emerged over the past decade and have grown and become more complex with the opportunities offered by digital. These include information overload (infobesity), the multiplication of information sources, the fragility of formats and the plurality of media, as well as an increase in legislation relating to information management.

Information governance is becoming increasingly entrenched, although poorly defined. Very few studies have been carried out on the subject and the reflections come essentially from the practice of professionals. However, public administrations are beginning to implement information governance strategies.

This chapter represents an opportunity to reflect on the issues related to information in organizations and to examine closely, without claiming to be exhaustive, the difficulties and challenges they face; the value of information in companies and the interest of organizing it. The main objective of this chapter is to provide a state of the art on information governance and IT governance definitions, issues and frameworks.

Key Terms in this Chapter

Information Systems: Defined as the deployment of information technology to collect, process and disseminate information in organizations and society. Employees using information technology are an important aspect of an information system. Information systems include both technological components and the humans who use them to store, process and distribute electronic data.

Resource Management: The main focus on the optimal investment in IT.

Risk Management: The main focus on the risk control of the enterprise, transparency about the significant risks.

Strategic Alignment: The main focus on the connection and link between the IT strategy and business strategy also the business process with the IT operations.

Information: An asset, like other business assets which have value to an organization and that needs to be suitably protected.

Performance Measurement: Keeps track and monitors the implementation of IT strategy, resource usage, IT process performance, IT project completion and service delivery.

COBIT (Control Objectives for Information and Related Technologies): Links the objectives of the IS to those of the company in order to evaluate its maturity towards its IT: it is a tool for auditors. It represents a consensus among experts on good practices in IT governance and with regard to investments in IT and the service provided by the IT. It provides a measurement scale to diagnose possible slippages.

Complete Chapter List

Search this Book: