IT Governance Framework
Source: Forrester Research
With IT at the core of most 21st century businesses, and with today's focus on compliance and risk management as a result of legislation like Sarbanes-Oxley, organizations can no longer afford to have IT governance by default or bad IT governance by design. IT governance at its most basic is the process of making decisions about IT. By this simple definition, every organization has some form of IT governance. Good IT governance ensures that IT investments are optimized, aligned with business strategy, and delivering value within acceptable risk boundaries — taking into account culture, organizational structure, maturity, and strategy.