Deck 10: Governance of the Information Systems Organization

As a result of Sarbanes-Oxley Act, the CEO, CFO, and CIO must certify financial accounting records.

The IT governance ____________archetype consists only of business unit leaders, key process owners, or their delegates.

A steering committee is geared only toward the highest level of the organization and reports directly to the board of directors or the CEO.

____________is the act through which behavior is aligned with business goals through empowerment and monitoring.

The combinations of people to whom decision rights are allocated are classified by various IT governance ________.

The global nature of business today makes complete centralization impossible.

Gregory et al., argue that IT consumerization was developed to fit within traditional IT governance.

As a result of Sarbanes-Oxley, IT managers are now required to manage the level of controls needed to mitigate risk in business processes.

Most digital ecosystems have developed platforms that are based on standards for data exchange and applications.

Federal IT provides for strong centralization, like the U.S. Federal Government.

The____________ was passed in 2002 in response to the rogue accounting activities of major global corporations such as Enron and WorldCom?

There were pressures for centralizing IT back when mainframes ruled, but today's use of "consumerized" technologies have provided strong pressure, by IT people, for decentralization.

The____________ is a highly specific measurement used to indicate whether business process goals are being met.

IT plays a major role in ensuring the accuracy of financial data.

A____________ is a committee that is formally designated to approve, monitor, and review specific topics that ensure IT governance.

Match the disadvantages below as either being associated with a centralized IT governance approach or a decentralized IT governance approach.
$$\begin{array} { | l | l | } \hline \text { Centralized } & \begin{array} { l } \text { Techrology may not meet the needs of the } \\\text { business units }\end{array} \\\hline \text { Centralized } & \begin{array} { l } \text { Poor relations between the business units and the } \\\text { IT orgarization }\end{array} \\\hline \text { Centralized } & \text { Slow support for stratepic initiatives } \\\hline \text { Decentralized } & \text { Duplication of staff and data } \\\hline \text { Decentralized } & \text { Hipher infrastructure costs } \\\hline \text { Decentralized } & \begin{array} { l } \text { Difficulty negotiating preferential supplier } \\\text { agreerments }\end{array} \\\hline\end{array}$$

Match the advantages below as either being associated with a centralized IT governance approach or a decentralized IT governance approach.
$$\begin{array} { | l | l | } \hline \text { Centralized } & \text { Global standards and corrmon data } \\\hline \text { Centralized } & \text { Econonies of scale } \\\hline \text { Centralized } & \text { Better control of security and databases } \\\hline \text { Decentralized } & \text { Techrology custonized to local business needs } \\\hline \text { Decentralized } & \text { Greater flexibility } \\\hline \text { Decentralized } & \begin{array} { l } \text { Closer relationship between IT and business } \\\text { units }\end{array} \\\hline\end{array}$$

Match the allocation of decision rights below with the IT governance archetype it represents.
$$\begin{array} { | l | l | } \hline \text { Business monarchy } & \begin{array} { l } \text { The CEO, COO and CFO } \\\text { decide to expand the SCM } \\\text { infonnation system to support } \\\text { marufacturing's erowth in } \\\text { China }\end{array} \\\hline \text { IT monarchy } & \begin{array} { l } \text { The CIO and the data center } \\\text { manager decide to outsource } \\\text { server maintenance. }\end{array} \\\hline \text { Feudal } & \begin{array} { l } \text { The Marketing department } \\\text { decides to irmplement a new } \\\text { social business stratepy }\end{array} \\\hline \text { Federal } & \begin{array} { l } \text { The CFO, CEO and CIO focus } \\\text { energies to ensure SoX } \\\text { compliance globally. }\end{array} \\\hline \text { IT Duopoly } & \begin{array} { l } \text { IT works the Sales department } \\\text { to roll out a new social } \\\text { networking marketplace. }\end{array} \\\hline\end{array}$$

Why is it recommended that the IT governance archetype for an organization's information security strategy be business monarchy?

Explain how federalism is able to capture the benefits of centralized and decentralized IT governance while eliminating the drawbacks of each.

Review the description of 3 different IT organizations and map the organization's design to the IT governance model it best represents.
$$\begin{array} { | l | l | } \hline \text { Federalimn } & \begin{array} { l } \text { Strong IT vision and leadership; business } \\\text { units have ownership }\end{array} \\\hline \text { Decentralized } & \text { Flexible IT; lacks synergy and integration } \\\hline \text { Centralized } & \begin{array} { l } \text { Highly struetured IT; does not meet the } \\\text { needs of all business units }\end{array} \\\hline\end{array}$$

Define federalism as it pertains to organizational structures. How does it improve on the centralized model?

Explain the value steering committees offer the IT organization.

Another term used to describe digital platforms is ____________.

The____________ term is used to describe the increasingly powerful tools available to consumers that are impacting corporations.

Explain the role the IT organization has in ensuring a company's Sarbanes-Oxley compliance.