It is not enough for corporations to have IT systems and expect them to deliver strategic value to them. Instead, there needs to be a mechanism in place to regulate, monitor, and govern the value creation efforts of the IT systems. This governance mechanism of IT systems deals with the performance and risk management of those IT systems in a manner that would create value for the organizations and ensure that the intended alignment of the IT and business objectives is on track. Hence, IT governance deals with identification, establishment, and linking of the mechanisms of the IT systems to both manage risks and at the same time ensure that their performance is in tune with the stated objectives.
The need for IT governance is felt because the interests of the organization and those managing the IT systems can be at odds or in other words, there is a conflict between these two imperatives. Thus, IT governance is needed to ensure that the IT systems are doing their assigned duty and that the objectives of the CEO and the CIO are the same. Indeed, it can be said that IT governance includes all the key stakeholders in the organization starting with the executive management and the boards and including the staff, customers, and ending with the regulators and investors.