Establishing IT controls within an organization aids, rather than stifles, innovation in the business, according to an industry observer.
While some IT heads may find compliance painful to deal with, George Wang, chief information and security officer at Reuters Asia, said IT governance within the organization provides a formal structure that makes innovation "safe".
Wang, who was addressing participants at an IT governance conference in Singapore, noted: "One key thing is that idea generation does not equate innovation. Innovation is about the organization's ability to implement the right ideas."
Governance, he explained, provides the framework for making relevant decisions in IT according to an organization's business strategy. Such a framework would include risk tracking and management, incentives to shape governance culture, policies that define which employees have the right to make decisions and be held accountable, and a reporting and scorecard system.
Without proper governance, good ideas may risk being aborted, especially when wrong decisions are taken or if there is a failure to bring the ideas to fruition, he said.
According to Wang, having a controls framework in place provides a "safety net" to help organizations and employees on innovation. Organizations, by gaining an insight into the risks faced by their business, can determine and monitor how risks associated with new ideas can be managed.
In addition, governance establishes a clear chain of accountability and command within the organizations, making it easier to spot and address mistakes at the appropriate levels, he said.
Some employees, he added, may be deft at coming up with good ideas but may not be able to implement ideas well. Organizations can assign a separate team to manage the implementation of new ideas, and therefore, encourage greater innovation among employees.