It-governance
Oversat titel
It-governace
Forfatter
Bøgh, Jakob
Semester
4. semester
Uddannelse
Udgivelsesår
2013
Afleveret
2013-02-28
Antal sider
90
Resumé
Specialet undersøger governance’ rolle i it-ledelse med fokus på, hvilke værktøjer der kan understøtte styring og risikovurdering, og hvorfor dette er relevant for virksomheder. Metodisk kombineres en teoretisk gennemgang af centrale rammeværker og standarder—COSO Enterprise Risk Management, COBIT 5, God it-skik 2011 og ISO/IEC 38500—med en analyse af empiriske kilder, herunder Rambølls It i Praksis 2012 og ISACA’s Global Status Report on the Governance of Enterprise IT (2011). Analysen peger på, at it ofte undervurderes som konkurrenceparameter, mens kompleksiteten stiger, hvilket øger behovet for struktureret styring. Specialet konkluderer, at governance bør inddrage it tidligt i den strategiske planlægning, at dialogen mellem topledelse og it-governance skal bygge på dokumenteret værdiskabelse, og at CIO’en har en central rolle i at facilitere denne dialog. Rammeværkerne kan skabe fælles sprog, struktur og risikostyring (bl.a. via COSO), men skal tilpasses den enkelte virksomhed og ofte suppleres af standarder og retningslinjer. Overordnet anbefales det at betragte it som en strategisk driver for konkurrenceevne frem for udelukkende en støttefunktion og omkostning, samt at udnytte den information og modenhed, der følger af en målrettet implementering af rammeværkerne.
This thesis examines the role of governance in managing IT, the tools that support control and risk assessment, and why these issues matter for organizations. The method combines a theoretical review of key frameworks and standards—COSO Enterprise Risk Management, COBIT 5, the Danish “God it-skik 2011,” and ISO/IEC 38500—with an analysis of empirical sources, including Rambøll’s It i Praksis 2012 and ISACA’s Global Status Report on the Governance of Enterprise IT (2011). The analysis indicates that IT is often undervalued as a competitive lever while complexity increases, reinforcing the need for structured management. The thesis concludes that governance should integrate IT early in strategic planning, that dialogue between top management and IT governance must be grounded in documented value creation, and that the CIO plays a key role in facilitating this discussion. The frameworks provide common language, structure, and risk management (notably via COSO) but must be tailored to each organization and often supplemented by standards and guidelines. Overall, the thesis recommends viewing IT as a strategic driver of competitiveness rather than solely a support function and cost, and making active use of the information and maturity gained from targeted framework implementation.
[Dette resumé er genereret med hjælp fra AI direkte fra projektet (PDF)]
Emneord
It-governance ; COBIT 5 ; God it skik ; ISO 38500 ; COSO