This website uses cookies. View our cookie policy
Select regional store:

IT Governance defined

IT governance is a framework which ensures your organisation's IT infrastructure supports and enables the achievement of the corporate strategies and objectives. The full definition can be found in IT Governance: A Pocket Guide by Alan Calder.

The official IT governance standard is ISO/IEC 38500:2008 which provides principles, definitions and a model for the board’s governance of information and communications technology and is an essential resource for IT governance professionals in the GCC (Gulf Cooperation Council) countries.

For advice on IT governance or to find out about the solutions we offer in the GCC countries, get in touch with one of our experts today.

Speak to an expert

What are IT governance frameworks?

There are three widely recognised, vendor-neutral, third party frameworks that are often described as ‘IT governance frameworks’, each of which has significant IT governance strengths.

  • ITIL®
    ITIL (The Information Technology Infrastructure Library) is a methodology for managing IT as a service and aims to provide IT services that better align with business needs. Widely adopted in the GCC countries, ITIL is supported by the international standard for service management, ISO/IEC 20000:2011.

    Browse our ITIL resources >>

  • COBIT®
    COBIT (Control Objectives for Information and Related Technology) is an internationally recognised IT governance framework that helps GCC organisations meet today’s business challenges in the areas of regulatory compliance, risk management and aligning IT strategy with organisational goals. Developed by ISACA®, COBIT is based on five key principles that are essential for the effective management and governance of enterprise IT.

    Browse our COBIT resources >>

  • ISO 27002
    ISO 27002 is the global best-practice standard for information security management in organisations and is supported by ISO 27001.

What are the subdomains of IT governance?

There are many subdomains of IT governance, including:

  • Business continuity and disaster recovery;
  • EU GDPR (General Data Protection Regulation) compliance;
  • Information security and ISO 27001;
  • IT service management – including ITIL and service level management;
  • Knowledge management – including intellectual capital;
  • Project governance; and
  • Risk management.

Considerations for GCC organisations implementing IT governance

  • Calder-Moir IT Governance Framework
    The Calder-Moir IT Governance Framework provides structured guidance on how to approach the complex subject of corporate governance. The framework also provides a useful tool to benchmark the balance and effectiveness of IT governance practices within an organisation. The Calder-Moir IT Governance Framework Toolkit provides practical guidance to help those tackling the subject.

  • IT Governance auditing
    As IT governance plays a vital role in strategic performance, internal auditors are expected to include auditing IT governance in their plans.

  • Green IT
    Green IT has become essential to the decision making, framework building and business processes of IT governance. ISO 14001:2015 is the international standard for an EMS (environmental management system) which helps GCC organisations identify, manage, monitor and control environmental issues.

Download our free resources


Shop our range of ISO 27001 solutions

Speak to an expert

If you need support assessing your infrastructure or require advice on integrating standards and key components of IT governance, get in touch with our experts today.