BY DR SOHA MAAD
With the advent of next generation operating systems, the announcement of Windows 11, and the growth of Google Chrome operating system, the scope of IT GOVERNANCE is widening. IT Governance involves the strategic decision of the choice of suitable next generation operating system that can support the digital transformation in banks and SMEs in post COVID-19 era. This article overviews the wide scope of IT Governance. It highlights IT governance challenges in the post COVID-19 era, with reference to the Union of Arab banks training webinar presented by Mr Abdo Chalhoub on IT Governance in the age of Covid-19 and beyond. Following this IT Governance and challenges overview, the article draws attention to the importance of the appropriate choice of the next generation operating system by exploring the offering of Windows 11 and Google Chrome Operating systems. The article concludes with a proposed IT Governance framework for banks and SMEs to embrace the next generation operating system and support digital transformation in the post COVID-19 ERA.
overview of it governance
What is IT Governance?
In Gartner Glossary, IT governance (ITG) is defined as the processes that ensure the effective and efficient use of IT in enabling an organization to achieve its goals. IT demand governance (ITDG) is the process by which organizations ensure the effective evaluation, selection, prioritization, and funding of competing IT investments; oversee their implementation; and extract measurable business benefits. ITDG is a business investment decision-making and oversight process, and it is a business management responsibility. IT supply-side governance (ITSG) is concerned with ensuring that the IT organization operates in an effective, efficient and compliant fashion, and it is primarily a Chief Information Officer CIO responsibility.
According to United Kingdom CIO Tech News, IT governance provides a structure for aligning IT strategy with business strategy. By following a formal framework, organizations can produce measurable results toward achieving their strategies and goals. A formal program also takes stakeholders interests into account, as well as the needs of staff. IT governance is an integral part of overall enterprise governance.
IT governance is an element of corporate governance, aimed at improving the overall management of IT and deriving improved value from investment in information and technology.
IT Governance Infrastructure
Organizations today are subject to many regulations governing the protection of confidential information, financial accountability, data retention and disaster recovery. They are also under pressure from shareholders, stakeholders and customers. To ensure they meet internal and external requirements, many organizations implement a formal IT governance program that provides an infrastructure for best practices and controls.
IT Governance in Organisations
Both public and private sector organizations need a way to ensure that their IT functions support business strategies and objectives An IT governance program is also needed for any organization in any industry that needs to comply with regulations related to financial and technological accountability. However, implementing a comprehensive IT governance program requires a lot of time and effort. Where very small entities might practice only essential IT governance methods, larger and more regulated organizations should implement a full-fledged IT governance program.
Implementation of IT Governance
The easiest way for implementation of IT Governance is to start with a framework that has been created by industry experts and used by thousands of organizations.
IT Governance frameworks
IT governance frameworks enable organisations to manage their IT risks effectively and ensure that the activities associated with information and technology are aligned with their overall business objectives. IT Governance frameworks include:
- COBIT: Published by ISACA, COBIT is a comprehensive framework of globally accepted practices, analytical tools and models designed for governance and management of enterprise IT. With its roots in IT auditing, ISACA expanded COBIT’s scope over the years to fully support IT governance. The latest version is COBIT 5, which is widely used by organizations focused on risk management and mitigation.
- ITIL: Information Technology Infrastructure Library, ITIL focuses on IT service management. It aims to ensure that IT services support core processes of the business. ITIL comprises five sets of management best practices for service strategy, design, transition (such as change management), operation and continual service improvement.
- COSO: This model for evaluating internal controls is from the Committee of Sponsoring Organizations of the Treadway Commission (COSO). COSO focus is less IT-specific than the other frameworks, concentrating more on business aspects like enterprise risk management (ERM) and fraud deterrence.
- CMMI: The Capability Maturity Model Integration method, developed by the Software Engineering Institute, is an approach to performance improvement. CMMI uses a scale of 1 to 5 to assess an organization performance, quality and profitability maturity level.
- FAIR: Factor Analysis of Information Risk (FAIR) is a relatively new model that helps organizations quantify risk. The focus is on cyber security and operational risk, with the goal of making more well-informed decisions.
Choice of IT Governance Framework
Most IT governance frameworks are designed to help organisations in determining how the IT department is functioning, what key metrics management are needed and what return IT is giving back to the business from its investments.
When choosing an IT Governance framework, organisations should consider their corporate culture and their stakeholders interest.
IT governance CHALLENGES IN POST COVID-19 ERA
The training program of the Union of Arab banks offered by Mr Abdo Chalhoub addressed IT Governance challenges post Covid-19 era. After more than a year and half in COVID -19 crisis, the uncertainty, and economy is slowing down, IT budget is kept for only the survival matters. This raises the importance of IT governance. The world economy is not at its best state, businesses, almost in all countries, are affected, cost cutting mode and survival mode might be the right description of today’s situation.
Many IT Governance strategies need to be addressed including maintaining business continuity, identifying the best practices during and post COVID-19, establishing a balance between business survival, cost cutting, offering online services, looking for new technological ways to solve business issues, and driving the digital transformation.
The best approach to address all those pain points is to have an effective IT governance framework, which balances the value delivery for business, the cost and the risks. There is a rising need to:
- raise awareness and build a solid information and technology governance.
- drive the digital transformation by adopting a robust IT governance framework.
- identify a clear vision of information and technology governance.
- adhere to governance standards and their applications.
- identify the most affected IT functions in post COVID-19 era to ensure business continuity. This include information security, and information system development practices.
IT governance to EMBRACe THE NEXT GENERATION OPERATING SYSTEM
The choice of next generation operating system is an IT Governance challenge that banks and SMEs need to urgently address in order to ensure sound IT systems and infrastructures. The advent of Windows 11 is raising this challenge and motivating the exploration of extant operating systems and their offering.
With limited resources to SMEs and businesses and a tighter IT budget for banks, it is worth to shed light on Google Chrome Operating System (chromeOS), a rising next generation operating system. The sale of computers shipped with Google Chrome Operating System witnessed an unprecedented growth over the last period.
As part of an IT Governance agenda it is worth to explore whether google chrome operating system may be the cheapest lightweight alternative operating system to adopt.
Below we establish a comparison between Windows 11 and ChromeOS that may help SMEs and banks in their future IT governance plans. This comparison is based on a Windows report that highlighted the following key differences and similarities:
- User interface: Windows 11 and ChromeOS share many similarities in terms of visual appearance, and with the new Taskbar that is positioned in the center, Windows 11 resembles Chrome OS.
- Application support: Chrome OS started humbly, and in the beginning, the operating system was very web-centric and it worked only with Chrome extensions and web apps. However, the operating system got native support for Android apps, and now many Chromebooks can download and run apps from the Play Store. This was a giant step forward for ChromeOS and Chromebooks, and today many models can run Android apps. Chromebooks can also run Linux apps. Chrome OS is slowly becoming a full-fledged operating system.
Windows is a much larger platform with more users worldwide, so most applications are specifically developed and optimized for Windows. While Windows 11 offers support for Win32 and Universal apps, a brand-new feature is the ability for Windows 11 to run Android apps natively. However, there are few drawbacks, and if we want to use Android apps natively on Windows 11, we need a processor that supports Intel Bridge technology. Windows 11 uses Amazon App Store, which means that there are fewer apps to choose from than on the Play Store. Windows 11 uses Amazon App Store, which means that there are fewer apps to choose from than on the Play Store. Amazon App Store offers less variety when it comes to the list of available apps, which can be a problem for some users. On the other hand, Chrome OS uses Google Play Store, so we get access to a greater variety of apps.
- Security: ChromeOS utilizes sandboxing technology, which means that each software runs independently from one another. In case of malware infection, infected software can not affect other software on the device.
Chromebooks have a security chip that encrypts sensitive data, as well as a Verified Boot feature that prevents malware from running during the boot. There is also built-in virus protection in Chromebook to be safe at all times.
Windows 11 does not have a native sandboxing feature like Chrome OS, but we expect to see this feature soon.
With the requirement for a TPM (Trusted Platform Module) chip, Windows 11 protects PCs similarly to Chrome OS by encrypting sensitive data.
- Running Windows on Chromebook is possible, but this is for experienced users.
- In terms of cost, Chromebooks are affordable and offer decent performance, and the introduction of Android apps is increasing their capabilities. Microsoft is fighting back with claims that Windows will give laptops better performance and battery life, but the simple way to get online and Google services is to use a Chromebook. For banks and SMEs who are looking for more affordable hardware requirements, then Chromebooks may be an option. To run Android apps and Linux applications, then ChromeOS is a better choice. On the other hand, to run Win32 apps, the latest games, and consumer software, Windows 11 is the only choice.
Overall, Windows 11 and ChromeOS do share a couple of similarities, most notably in terms of visual interface, however, they do have major differences. Due to its nature, ChromeOS is more secure, however, Windows 11 is more powerful and it should be able to run any application or game. ChromeOS has support for Linux applications, but we expect to see that on Windows soon. The biggest strength of ChromeOS is the support of Android apps. Many Chromebooks, even the older models, can download and run apps natively from the Google Play Store. Android apps have been present on ChromeOS for years, while Windows 11 is just starting to implement native support for Android apps. Hardware requirements and the reliance on Amazon App Store are the biggest drawbacks when it comes to running Android apps on Windows.
IT governance framework for next generation operating system
As part of a broad IT Governance agenda, banks and SMEs are urged to seriously address the dilemma of appropriate choice of next generation operating system.
Banks and SMEs should develop a strategic IT Governance framework for the transition to the next generation operating system taking in consideration the following:
- Operating system features
- Applications support including the support of android apps
- Hardware requirements