A confluence of regulatory, business, and security issues are fuelling the $30 billion investment that companies are making this year alone in technology and services to support IT governance and risk management (GRM) initiatives (AMR Research estimate). Success in IT governance and risk management requires a company take a comprehensive approach that addresses the enterprise as a whole - throughout the entire IT lifecycle.

Increased globalisation, staggering regulatory complexity and security threats all lurk in today’s business environment. However, firms that manage to execute an effective G&RM strategy are richly rewarded. Organisations that successfully execute on a solid IT governance strategy can realise 20 percent higher profits than businesses whose practices fall into the category of poor governance, according to research published by Centre for Information Systems Research (CISR) at MIT’s Sloan School of Management.

Unfortunately too many G&RM strategies get caught in the trap of dedicating efforts to projects that meet the immediate needs of a particular unit within the organisation but miss the larger corporate picture. And too often, business, development, and technology operations teams work in isolation from each other, missing synergistic opportunities that would lead to greater innovation and better risk management.

IT has to put an end to the siloed approach that has limited the effectiveness of too many governance and risk management strategies. IBM has staked out a position helping companies do exactly that by composing integrated strategies that drive successful governance and better risk management. This starts with identifying the most important strategic IT initiatives in order to better align IT with the business it supports. It then extends to improving visibility and control across the entire technology lifecycle from the initial identification of a business issue through the design, deployment, and optimisation of technology.

IBM brings both the technology portfolio and the expertise that companies need to mitigate risk and establish effective IT governance. IBM provides the technology, the services support, and the methodologies derived from extensive experience to help businesses take a lifecycle approach to IT governance and risk management, starting with the most strategic IT initiatives that’ll have the greatest affect on business alignment, visibility and control. Solutions such as the Business of IT Dashboard, a set of services built on IBM Tivoli Netcool Technology, help companies get on the right track with respect to IT G&RM. The Business of IT Dashboard services help companies gain a clearer picture of how IT performance corresponds with the performance of the business as a whole to help companies evaluate, develop, deploy, and administer applications to meet corporate goals and better manage risks. Other software solutions include:

·         IT Lifecycle Management and Governance Services for Tivoli Service Desk provide organisations with a unified and integrated process, similar to a central clearing house, for technology issues.

·         New Tivoli Business Service Manager helps IT managers create a business-oriented perspective on the health and performance of IT resources supporting critical business services.

·         IBM Tivoli Security Operations Manager offers a dashboard view of the enterprise in the context of the threat environment while helping the IT organisation spot policy violations and keep systems in compliance with regulatory requirements.

·         IBM Rational Portfolio Manager v.7.1 supplies organisations with an easy-to-use enterprise project management tool to help rationalise IT investments and specify survey priorities.

Solutions such as these, along with the invaluable knowledge base that IBM brings through its Global Services organisation to an engagement, are crucial to helping companies ensure they are designing an IT Governance and Risk Management strategy that achieves the level of resilience and corporate excellence they need to compete in the global economy. Only then, can companies guarantee that IT is really working for the business.