IT Governance, Risk & ComplianceDummy

Information Technology (I.T.) Governance

IT Governance

The I.T. governance principles that drives the present agile governance model across the John Keells Group, positions I.T. as a strategic asset that creates an enabling operating environment to facilitate innovation beyond conventional wisdom to constantly adjust and reinvent strategic responses to dynamic shifts in market demands. Managing the upside potential and downside risks requires an in-depth understanding of the intricacies that exists between governance drivers and how best governance enablers can influence the governance scope towards optimal delivery.

IT Governance Mandate

IT Governance Mandate

The underlying structure put in place derives its strength by way of executive engagement and active stewardship that are delineated by well-articulated roles and responsibilities between two governance committees – namely, the IT governance executive committee and IT governance operating committee which defines decision rights that span across areas of material relevance.


JKH IT Governance - Stewardship Roles

JKH IT Governance - Stewardship Roles

To support the integrated and adaptive IT governance framework that draws upon leading industry frameworks, standards and practices to assure a holistic approach for steering IT initiatives towards sustained optimal outcomes – strategic value definition and IT portfolio investment management is overseen by the IT governance executive committee, whilst the IT governance operating committee ensures value delivery and maximizing return on IT assets with due emphasis on governance attributes related to cost and risk arising out of IT investments in each of the IT governance domains.

IT Governance Framework

IT Governance Framework

IT Governance Domains

IT Governance Domains

BSC : IT Related Goals

BSC : IT Related Goals

IT Governance commentary 2013/14

During the financial year under review, there were several key IT Governance initiatives to facilitate and strengthen the implementation of the new IT governance model that was adopted by the group. Commencing with an in-depth review of leading IT governance frameworks and their contextual relevance for supporting and complementing the group’s business direction and strategic thrust, an exhaustive study of all aspects of these leading frameworks provided inputs to fine tune and derive an integrated IT governance framework that not only serves to overcome contemporary operating challenges, but also allows the group to benefit from future technology based opportunities. Towards this end, a coherent set of policies, procedures, and guidelines were implemented and disseminated using multiple channels to reinforce and strengthen the level of acceptance and adoption of the same across all employees, customers, and partners whilst using the group’s IT assets, facilities, and services.

Furthermore, a comprehensive business continuity planning and management initiative was concluded to ensure the availability and integrity of essential IT services that operate off the group’s centralized IT facility. This was designed and developed based on the best practices and recommendations set forth by the disaster recovery institute international (an American National Standards Institute and a Standards Development Organization) – a renowned authority on business continuity management and disaster recovery practices.

There are numerous planned initiatives that will be conducted group-wide with a view towards bringing about total transparency in IT governance and related areas via the harmonized adoption and reporting of key governance performance indicators and informational security measures that are centred around people, processes, and technology that will hinge on the principles of delivering business value, stakeholder accountability, and risk management. These metrics have been formulated in line with the focus areas of the Balance Score Card to ensure optimal resource utilization to maximize value realization.