Figure 2.The interrelations between governance domains.Corporate governance has become important, as effective governance ensures that the businessenvironment is fair and transparent, and that companies can be held accountable for their actions .
Sustainability2018,10, 957 of 26In contrast, weak corporate governance leads to waste, mismanagement and corruption. According tothe Organization for Economic Cooperation and Development (OECD), corporate governance is “a setof relationships between a company’s management, its board, its shareholders, and other stakeholders, corporategovernance also provides the structure through which the objectives of the company are set, and the means ofattaining the objectives and monitoring performance are determined” .In recent years, IT has been the backbone of every business . As a result, the concept ofIT governance has become more important for organisations. IT governance, similarly to corporategovernance, is the process of establishing authority, responsibilities, and communication, along withpolicies, standards, control mechanisms and measurements to enable the fulfilment of defined rolesand responsibilities . Thus, corporate governance can provide a starting point in the definitionof IT governance . According to Herbst et al. (2013), IT governance is defined as “procedures andpolicies established in order to assure that the IT system of an organization sustains its goals and strategies” .It is pertinent, however, to note that there is a difference between IT governance and IT functions;this difference is not just about the centralisation or decentralisation of IT structures, but also that it isnot the sole responsibility of the CIO .The term “information governance” was introduced by Donaldson and Walker (2004) asa framework to support the work of the National Health Society in the USA. Unfortunately, manyorganisations have not yet established a clear distinction between information governance and ITgovernance . Information governance can be viewed as a subset of corporate governance, with themain objectives being to improve the effectiveness and speed of decisions and processes, to reduce thecosts and risks to the business or organisation, and to make maximum use of information in terms ofvalue creation . Gartner defines information governance as “the specification of decision rights and anaccountability framework to ensure appropriate behaviour in the valuation, creation, storage, use, archiving anddeletion of information” . The information governance approach focuses on controlling informationthat is generated by IT and office systems, or their output, but does focus on detailed IT or data captureand quality processes.