IT governance provides the framework and structure that links IT resources and information to enterprise goals and strategies. Furthermore, IT governance institutionalizes best practices for planning, acquiring, implementing, and monitoring IT performance, to ensure that the enterprise's IT assets support its business objectives. IT Governance ensures that:
In addition, regulatory environments around the world are increasingly mandating stricter enterprise control over information, driven by increasing reports of information system disasters and electronic fraud. The management of IT-related risk is now widely accepted as a key part of enterprise governance.
As with corporate governance, IT governance is a broad topic, beyond the scope of an enterprise architecture
framework such as TOGAF. A good source of detailed information on IT governance is the COBIT framework
(Control OBjectives for Information and related Technology). This is an open standard for control over IT,
developed and promoted by the IT Governance Institute, and published by the Information Systems Audit and
Control Foundation (ISACF).
COBIT also provides a generally accepted standard for good IT security and control practices to support the needs of enterprise management in determining and monitoring the appropriate level of IT security and control for their organizations.
This includes a conceptual and organizational framework for architecture governance. Implementation governance is just one aspect of architecture governance, which covers the management and control of all aspects of the development and evolution of enterprise architectures and other architectures within the enterprise.
TOGAF s dedicated to implementation governance, which concerns itself with the realization of the architecture
through change projects.
The TOGAF framework enables organizations to effectively address critical business needs by: