JW Marriott Jakarta27 September 2018
OpenGov is pleased to invite you to our timely and exclusive Breakfast Insight to discuss and deliberate IT Governance issues with top-level Indonesian and international agencies. This Breakfast Insight aims to help your organisation adopt technology smarter, secure data tighter and be compliance-ready.
Interested in getting the Agenda for this event? Request a copy from our staff (email@example.com):
“The current human resources solely focus on data management and information systems. There is a need for policies related to human resource management that have competence in the cyber field”.
Minister of Home Affairs, Tjahjo Kumolo
Over the years, adoption of technology to assist management and operations within governments have yielded tremendous benefits. The shift from rudimentary paper records to today’s cutting-edge cloud technology has helped organisations become more efficient. Technology is deeply entrenched in all aspects of our lives and has radically changed the face of online government services, mobile financial services and day to day decision making abilities in all facets of modern business.
Some organisation types have high risk in their overall operations and management, such as governments, financial service institutions and telecoms. These organisations handle sensitive and valuable information that need to be managed with regulations and security, such as personal information of citizens, banking details, and classified government files.
What happens when Information Technology is not governed properly?
What can ensure good governance participation by agencies and programs?
Imagine a network breach of government services such as tax filing, healthcare and retirement planning services – leading to mass tampering of all personal information of citizens in a single day. A breach like this will undoubtedly make an unprecedented dent in government credibility.
It is challenging to maintain oversight across risks and compliance when using multiple systems, which can lead to failure of meeting regulations and contractual requirements. There are cases where organisations employ numerous systems, causing data silos, which can also cause IT auditing issues. These taxing tasks can and should be managed together to avoid difficulties.
Organisations need to be mindful of regulations such as Service Organisation Control 2 (SOC2) or National Institute of Standards and Technology (NIST) Cybersecurity Framework to avoid any legal issues to arise, internationally or locally. SOC2 compliance regulations specifically pertains to storage of other people’s personal information on the cloud. The NIST Framework deals with the management of cyber risks through five steps of Identifying, Protecting, Detecting, Responding and Recovering. Complying to such regulations will not only protect the citizens/users’ information but will also hold the organisation up to scrutiny.
A recent example of the government’s initiative to regulate and protect cyber users is through the formation of the National Cyber and Encryption Agency (Badan Siber and Sandi Negara, BSSN). This initiative will protect users and their data and will regulate networks and systems to avoid cyberthreat risks. Governance is more than just a way to manage a system, there are several aspects interconnected to one other.
IT Governance is broadly divided into 4 disciplines:
A good marriage between technology and business is only possible with the help of sound IT Governance. Good IT Governance will help the organisation manage, monitor, and secure information and technology better, while also achieving organisational goals. This will help organisations contain risk at an acceptable level, improve performance and mitigate productivity loss due to business continuity threats.
What needs to be done? How can we strengthen our IT Governance? How can we objectively determine the effectiveness of IT Governance?