Be aware of scammers impersonating as IMDA officers and report any suspicious calls to the police. Please note that IMDA officers will never call you nor request for your personal information. For scam-related advice, please call the Anti-Scam helpline at 1800-722-6688 or go to

IT Governance Is A Means To An End

6 October 2005 - Keynote Address By Ms Wu Choy Peng, Deputy Chief Executive (Industry) and Government Chief Information Officer, Infocomm Development Authority of Singapore At ITMA 11th Information Technology Best Practices Seminar, Meritus Mandarin Hotel.

Keynote Address By Ms Wu Choy Peng, Deputy Chief Executive (Industry) and Government Chief Information Officer, Infocomm Development Authority of Singapore At ITMA 11th Information Technology Best Practices Seminar on 6 October 2005, Meritus Mandarin Hotel.

Good morning, distinguished guests, friends and colleagues. I am indeed honoured and pleased to be invited to speak at this morning's ITMA 11th Information Technology Best Practices Seminar.

Expectations of IT

At the height of the dotcom euphoria, the CIO found it easy to persuade the Board and senior management to invest in almost any IT initiative. Indeed, the Board and the CEO would be rather nervous if their CIO did not have any ambitious IT initiatives that contained the word "e-commerce" or the "Internet". Indeed, if you, the CIO, did not have a big-ticket IT initiative, you were probably not "strategic" enough.

At the depth of the post-dotcom pessimism, any IT initiative or proposal was suspicious. The CIO suddenly found that IT was no longer "sexy", and any IT project proposal was intensively scrutinised. Boards and senior executives were generally reluctant to invest in any IT projects.

Today, companies are slowly, but surely, investing in IT systems and services again. Boards and senior executives understand that IT is a key enabler in transforming business, increasing efficiency, enhancing effectiveness, and improving the quality of service to customers. At the same time, they understand that IT investments, like any other investments, need to be directed and managed by the Board and senior management. Decisions on how much to spend on what aspects of IT need to be made by the Board and senior management, and not left to the IT department. The Board and senior executives expect IT investments to create and deliver business value.

Role of the CIO

The CIO must be an important ally of the CEO; the CIO plays an important role in shaping the strategic direction of the business. The CIO is no longer just responsible for managing IT infrastructure, systems and services. The CIO needs to work with his Board, CEO and other colleagues in the business units to make the best use of relevant technologies to transform the business, reduce cost, increase revenue and improve customer service. Indeed the CIO has to "work with the business, for the business".

The CIO has to put in place a framework to ensure that IT investments create and deliver value to the business, IT systems across business units across geographies are connected and integrated, and IT projects are well managed and executed in an increasingly complex eco-system comprising partners, internal IT experts, and external technology and solution providers. IT Governance is a term often used to describe such a framework.

IT Governance

IT Governance is a decision rights and accountability framework to encourage desirable behaviour in the use of IT. The framework defines who make what decisions in IT - generally investment decisions are strategic decisions that are best made by the Board and senior management, the policy and business decisions are best made by the business units most impacted by the IT projects, and the technical decisions are best made by the technically competent units.
Depending on the needs of the organisation, the IT Governance framework generally comprises the following:

(a) Methodologies that guide the Board and senior executives in evaluating and prioritising new and existing IT projects and understanding the returns from such investments - IT Portfolio Management has become popular as it advocates adopting a balanced investment mindset and approach for IT projects;

(b) Policies and standards to ensure IT systems are connected, data and information can be shared across the enterprise, and investments in IT hardware and software acquisitions are maximised; and

(c) Methodologies to ensure that IT projects are executed on time and within budget, and IT systems deliver the promised business outcome and value.

The speaker line-up for this seminar is impressive. I hope you will find some or all of the above elements of IT Governance in the speakers' presentations. My colleague, So Leng, from IDA, will also speak on the details of these elements of the IT Governance framework in the Singapore public sector. There is so much we can learn from one another at a gathering like this.

IT Governance Must Be Relevant

As I was working on this speech, it struck me that the IT Governance Framework in the Singapore public sector has also evolved over time.
In the early 80s, IT knowledge and expertise were relatively scarce and IT was generally difficult to understand. IT systems tended to be complex and monolithic. Hence, systems and expertise tended to be concentrated and centralised. Policy, business and technical decisions on IT also tended to be made centrally.

In the late 80s and early 90s, personal computers and personal productivity software invaded our desktops. Client server technologies were in vogue. End users were knowledgeable about the power of IT. The central authorities could not keep pace with the demand for more IT systems and respond to the diverse business needs. Policy, business and technical decisions were devolved, and government agencies were able to adopt new and diverse systems and technologies to meet their business needs. "Governance" was not a popular word, and implied bureaucracy, centralisation, control and everything negative that they bring along.

From the late 90s till now, the "Many Agencies, One Government" vision has meant a need for greater alignment of business goals and priorities at the Whole-of-Government level. Technical complexities of exchanging data and integrating systems across multiple technology platforms highlight the need for technical standards across government agencies. Tight budgets demand that IT investments be properly evaluated and prioritised. A fixed formula for allocating budget requires IT costs to be properly managed. So our IT Governance Framework today has to strike a proper balance between allowing for local innovation and autonomy and central coordination and control.


The Board, CEO and CIO today increasingly recognise the importance and relevance of IT Governance in the enterprise. As the CIO, if you do not already have an IT Governance Framework today, I strongly encourage you to start thinking about developing and setting this up in your organisation. The Framework does not need to be comprehensive. It is more important that the Framework meets the needs, context and culture of your organisation.

Remember, IT Governance is only a means to an end. At the most basic level, a relevant IT Governance Framework allows the CIO to manage IT infrastructure, systems, services and projects efficiently and effectively. At a more strategic level, the IT Governance Framework allows the CIO to align IT with business, to create, deliver and demonstrate the value of IT to the business. Making the right decisions on IT at the right time determines whether you are left behind your competitors, or consistently outperform your competitors. I am confident that if you are not already convinced, our speakers today will convince you of the importance and relevance of IT Governance in enabling you, the CIO, in "working with business for business".

Have an enjoyable and fruitful seminar.

Thank you.