IT governance in practice is classically concerned with all aspects of information processing, but not primarily with the business benefits of IT or the value of information in the organization. This is despite the fact that the relevant frameworks (e.g. Cobit) also deal with these topics. For us, IT governance therefore means above all the control of information-processing procedures, components and resources. In other words, to answer the questions:

• Is IT managed according to recognized rules of the art and does the cost-performance ratio meet the needs of the organization.
• Are the procedures and controls adequate and do they ensure the achievement of governance objectives?

IT governance provides the essential means and mechanisms for achieving information governance and is thus on a par with both information management and information risk management.