Establish a coherent IT governance system across the group
A full IT governance overhaul for a diversified holding company — bringing IT investment decisions, risk management, and operational standards under one framework that the executive team could actually steer with.
A diversified holding company's IT decisions had drifted toward the local — each business unit on its own architecture, its own vendors, its own metrics. The result was IT spend that was high in aggregate but illegible at the centre.
The leadership team needed governance that would let them steer technology investment across the group without reaching for control over every project.
Design a governance framework that aligned IT priorities with group strategy, defined accountability, and gave executives the dashboards and decisions they needed.
A governance framework was designed around COBIT 2019 principles, customised for the group's scale and mix of businesses. Decision rights, risk thresholds, and investment processes were defined and assigned.
Operational standards were issued for the most-cited capability gaps — cybersecurity, change control, vendor management, and service-level reporting.
A governance dashboard surfaced the half-dozen metrics the executive team actually used to steer, replacing the previous monthly slide-deck ceremony.
This engagement matters because establish a coherent it governance system across the group required more than a technical deployment. The work combined Governance, Strategy, and Cybersecurity with an operating cadence the client could keep using after the project team stepped back.
The reusable pattern is the discipline behind the delivery: understand the baseline as it really is, decide what must be standardised, integrate with the systems that already carry the work, and measure whether daily operations become clearer, faster, or more reliable.
For similar organisations, the first question is not which tool to buy. It is who owns the outcome, which data is trusted, how adoption will be reinforced, and what evidence will prove the engagement changed the operation.
The follow-through is where many projects lose value. I look for early signs that the work has landed: the management meeting changes, the process owner is clear, the data appears at the point of decision, and the team knows what to do when requirements shift.
Assess the current governance baseline, design the target framework, embed it through policies, training, and tooling.
Map current governance practice across business units; identify the gaps that matter most.
Define decision rights, risk thresholds, investment processes, and operational standards.
Roll out via policy, training, and governance tooling; iterate on the metrics that actually steer.
