Book Review: IT Governance Pocket Guide 

Download Article Article in Digital Form

IT Governance:  A  Pocket GuideIT Governance: A Pocket Guide highlights important issues relating to corporate IT governance, showing how IT can help organizations achieve their goals and objectives.

The book is presented using nontechnical terminology that can be easily understood. As such, it will appeal to the management of organizations, IS managers, chief information officers (CIOs), chief information security officers (CISOs) and IS auditors as a guideline for establishing an organizational IT governance framework. Professionals and those seeking to become professionals in IT governance management, security and audit will also find the book useful as a reference guide because it outlines a framework for IT governance. That said, the book is largely directed toward top management tasked with instituting a proper framework for IT governance, as well as to anyone wanting to put an organization on track with regard to balancing IT and business goals.

The book is made up of seven chapters. The first chapter covers the importance of IT governance and defines the term. Chapter two highlights the drivers for IT governance, including competitive advantage, regulatory requirements, security, and strategic alignment between IT and business objectives and goals. Operational and strategic risk management is covered in chapter three, with reference to statistics from research on IT project failures by the Standish Group. Chapters four and six buttress the effects of inadequate IT governance and the benefits, respectively. The basis of and the recipe for a good and successful IT governance framework are presented in chapter five. The book concludes with the Calder-Moir IT governance framework in the final chapter, explaining how the framework can be used to organize IT governance issues for management and related parties. Additionally, related reference materials are listed in the appendix.

The book, being a pocket guide, is very brief and not exhaustive on the topic, which is appropriate as it is meant to be only an abbreviated presentation to top management to help them understand and appreciate the importance of IT governance. The book does this in an excellent way by presenting a business case for IT governance (on page 35), using the results of a survey that showed most organizations would pay an 11 percent premium for the stock of an organization that has good governance practices. Also, survey respondents indicated that organizations with above-average IT governance had profits 20 percent above those with poor IT governance, despite having the same strategy for business.

Editor’s Note

IT Governance: A Pocket Guide is available from the ISACA Bookstore. For information, see the ISACA Bookstore Supplement in this Journal, visit, e-mail or telephone +1.847.660.5650.

Reviewed by Dauda Sule, CISA, the marketing manager of Audit Associates Ltd., a consultancy firm that specializes in designing and organizing training programs pertaining to auditing, fraud detection and prevention, information security and assurance, and anti-money laundering. Sule has five years of experience in the Nigerian banking industry and as a systems security and assurance supervisor at Gtech Computers.

Enjoying this article? To read the most current ISACA Journal articles, become a member or subscribe to the Journal.

The ISACA Journal is published by ISACA. Membership in the association, a voluntary organization serving IT governance professionals, entitles one to receive an annual subscription to the ISACA Journal.

Opinions expressed in the ISACA Journal represent the views of the authors and advertisers. They may differ from policies and official statements of ISACA and/or the IT Governance Institute and their committees, and from opinions endorsed by authors’ employers, or the editors of this Journal. ISACA Journal does not attest to the originality of authors’ content.

© 2013 ISACA. All rights reserved.

Instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. For other copying, reprint or republication, permission must be obtained in writing from the association. Where necessary, permission is granted by the copyright owners for those registered with the Copyright Clearance Center (CCC), 27 Congress St., Salem, MA 01970, to photocopy articles owned by ISACA, for a flat fee of US $2.50 per article plus 25¢ per page. Send payment to the CCC stating the ISSN (1526-7407), date, volume, and first and last page number of each article. Copying for other than personal use or internal reference, or of articles or columns not owned by the association without express permission of the association or the copyright owner is expressly prohibited.