Businesses risk adverse consequences if information and communication technology governance is treated as the sole province of IT managers or fails to receive a high priority, according to the Australian Computer Society.
"It is poor corporate governance to push ICT governance down to the IT manager level. ICT is an integral part of business and ICT governance is an integral part of corporate governance," said ACS president Richard Hogg who was speaking at the CIO2002 Conference in Sydney this week.
"Awareness is no longer enough - true understanding of ICT is now required.
"Just as ICT managers have to broaden their skills to better understand the business structure and processes they are required to support, so must boards enhance their awareness of the various issues associated with IT. Corporate boards must learn what questions to ask about ICT governance," Hogg said.
An IT manager from an advertising agency, who requested anonymity, agrees with Hogg, saying that ICT governance should not be the sole province of IT managers, but said in many cases it ends up this way.
"Firstly, ICT is like a train system -- as long as it continues to run smoothly, operational costs are within expected limits and the staff are up to the task, nobody notices it.
"Secondly, given the technical knowledge required for selecting and managing ICT systems, the IT staff are often the only people in an organisation with the technical experience or credentials to vouch for one solution over another. A good example is voice over IP where it interfaces with a traditional networks, or perhaps phone systems where the same network connections one might use for a computer network are the same used for a phone network (such as ISDN)."
However, the IT manager doesn't see ICT governance remaining in IT to be such a bad thing, saying that in the agency he works for, he feels ICT governance is his domain and is not shared by the business executives.
"And I wouldn't mind it remaining that way, as I feel I have something to offer. As for executives, it would be nice to see them take more interest in the systems that allow them to communicate with customers and suppliers, but reality tends to suggest that unless forced to, they will not. An understanding of its importance would be nice," he said.
"IT staff are already handed the complex task of network management -- and often network security, policy creation and enforcement -- depending on the size of the organisation. So if they're up to this task, why not allow them some governance over the also-complex task of ICT as a whole?" he said.
Hogg said Australia's new privacy regime is one issue that has raised new ICT governance concerns for businesses to deal with.
"CIOs today must negotiate a potential minefield as a result of their new responsibilities in privacy that came into effect in December. The ramifications are complex and potentially expensive, especially in light of the dramatic growth of customer relationship management applications in recent years," he said.
While the US had already introduced a new role of chief privacy officer to address these concerns, privacy issues in Australia were still largely the domain of CIOs, he said.