IT Governance Checklist
Do you have and follow a formal risk management process to evaluate the technical and business advantages and disadvantages accompanying infrastructure projects?
What listening posts have you established to understand the nature of new regulatory or legal requirements that are being considered applicable to your industry?
Have you charted the IT infrastructure implications of the result of the three recent major marketing initiatives your corporation has launched? Are there ways you should "tie in" to such initiatives to anticipate the IT impact?
Which industry-specific codes of behavior and ethics influence the operation of the IT functions within your corporation? How are you accumulating evidence that you support such codes?
Have recent EDP audit findings and recommendations been addressed as part of the day-to-day practice in your area?
Are you satisfied with the mechanisms you have in place for measuring and reporting the cost of IT services to the business? Have you analyzed those costs in comparison to the value the business derives from these services?
What productivity metrics have you identified for IT staff roles and positions? Have you seen improvement in the measurements over the last quarter?
Since IT services support business processes, how have you and the business collaborated in continuous process improvement programs to drive additional effectiveness and efficiency?
Have you identified the key internal and external stakeholders in the quality delivery of IT service? Do you have a periodic means to communicate with such stakeholders?
How does your IT organization "give back" to the community surrounding your installations?
Are your suppliers aware of your goals and objectives? Have you invited them to participate in key IT service management initiatives?
Does your corporate board or owners see IT acting in a leadership role in shaping governance procedures and execution?
Has the infrastructure been engineered such that it consistently supports meeting the requirements and commitments of the business?
Is this infrastructure robust enough to maintain acceptable service levels to the business?
Has the infrastructure been designed, developed, and implemented to provide for high enough levels of availability, flexibility, scalability, and performance?
Is the infrastructure internally and externally secure?
Clients and External Stakeholders
Is there an appropriate level of customer satisfaction with the level of service?
Are the services provided appropriate and fit-for-purpose?
Is the customer experience and feedback being gathered and used in a continuous service improvement process
How well are the organizational culture and perception of the services provided being monitored and compared against the value proposition to the customer?
Internal People and Process
Are the ongoing operational activities and the investments being made to provide the necessary services being monitored?
Are these activities and investments being compared to the results and valued-added benefits being provided?
Is the offering determined as fit-to-purpose based on the value provided and the cost effectiveness?
Does the service provided leverage and maximize the use of the organization’s intellectual property?
Are there effective quality processes in place to ensure the development, delivery, and ongoing support of the IT services and infrastructure?
Are there processes in place to support the internal and external relationships between service providers and suppliers and their interactive performance?