金融控股公司建立IT治理機制之研究

Abstract

IT在現代企業高度競爭的產業環境中，扮演著關鍵性的角色。展望未來，IT對於企業營運績效的影響，將持續增長，而IT的投資回報，也將擴大企業核心競爭力的差距。如何強化「IT治理」，並積極促進，使「IT治理」能在「公司治理」的環節中，發揮積極的作用，是一項極為重要的課題。 IT治理學會提出COBIT，作為IT治理的基礎架構，將IT治理的五大構面因素劃分為四個控制區域，分別為34項處理程序訂定了控制目標，並運用關鍵績效指標（KPI）、關鍵目標指標（KGI）和成熟度模型（CMM）等做法，協助企業在風險和效益間取得平衡，並有效達成目標。 美國麻省理工學院Weill ＆ Ross和他們的研究團隊，所建構的「CISR」IT治理機制，提出了IT治理的五大關鍵決策、六種治理原型、治理安排矩陣和治理設計框架，為企業妥善規劃了一個可以明確規範決策權力與責任歸屬的管理架構。 本研究融合了COBIT和「CISR」IT治理機制的精華之後，嘗試提出一個可以適合台灣地區金控公司使用的IT治理機制架構，稱之為「金控IT治理機制」。本研究認為一個規劃完善的IT治理機制，必須能確實做到「五要」：「策略要調準」、「投資要評估」、「營運要確保」、「風險要控管」以及「績效要考核」。

Information Technology (IT) is playing a key role in the modern highly competitive environment. Toward the future, IT will increase the significant influence on enterprise's operational performance continuously, and the repayment on IT investment will expand the disparity of core competitiveness. How to strengthen the topics on IT Governance actively, and impel it in the link of Corporate Governance, is an extremely important subject. IT Governance Institute（ITGI）, propose COBIT as infrastructure of IT Governance. COBIT divide the five key factors of IT Governance into 4 control areas, stipulate the control goal for 34 IT processes respectively, and apply the methodologies, such as key performance indicator(KPI ) , the key goal indicator(KGI ) and capacity maturity model (CMM ), etc., help enterprises to make the balance between risk and benefit, and reach the goal effectively. Peter Weill and Jeanne W. Ross and their research team in MIT Sloan School Center for Information System Research（CISR）construct a framework for decision rights related to IT Governance. Six archetypes classified by who makes the decisions are applied to the framework. They pay much attention to survey how top performers govern IT. Lessons are learned to ensure right group are making the key IT decision. Who can make decisions and how they are accountable for the enterprise goals. This research has absorbed the quintessence of COBIT and CISR. Then, I’d like try to build a model suitable for the financial holding company in Taiwan. The Taiwan Financial Holding Company Model（TFHC）emphasize a ‘5M’ slogan. M1: IT Strategy must be aligned. M2 : IT Investment must be evaluated. M3 : IT Services must be assured. M4 : IT Risks must be controlled. M5 : IT Performance must be measured.