The primary and most foundational step in implementing IT governance, particularly in a small and newly established organization, is to assign clear roles and responsibilities. This establishes the organizational structure, accountability, and authority necessary for all other governance activities. Without a defined structure of who is responsible for making decisions, providing oversight, and executing tasks, any subsequent efforts such as budgeting, defining methodologies, or approving standards will lack direction and authority. This initial step ensures that there is a clear framework for accountability, which is the cornerstone of effective governance.

A. Assigning a budget for IT governance applications.

This is a supporting activity. A budget can only be effectively assigned after the governance structure, needs, and responsible parties have been identified.

B. Defining IT project management methodology.

This is a specific IT management process. Establishing the overarching governance roles that will oversee and approve such methodologies must come first.

C. Approving enterprise architecture (EA) and standards.

Approval of EA requires an established governance body or individuals with the designated authority, which is defined by assigning roles and responsibilities.

1. ISACA

CGEIT Review Manual

8th Edition. Domain 1: Governance Framework

Task 1.3

"Establish roles

responsibilities and accountabilities for information and technology

" is listed as a key task in establishing the governance framework. This task is foundational to ensuring that the governance system is operational and that accountability is clear.

2. ISACA

COBIT 2019 Framework: Governance and Management Objectives. The governance objective EDM01

"Ensured Governance Framework Setting and Maintenance

" explicitly includes the key activity of defining and implementing organizational structures

roles

and responsibilities. This is presented as a fundamental component for directing and monitoring the enterprise's governance system for I&T. (p. 36).

3. De Haes

S.

& Van Grembergen

W. (2015). Enterprise Governance of Information Technology: Achieving Alignment and Value

Featuring COBIT 5. Springer International Publishing. Chapter 3

"Implementing Enterprise Governance of IT

" emphasizes that the first phase of implementation involves creating the right environment

which includes defining principles

structures

and roles and responsibilities to get buy-in and establish a foundation for the program. (pp. 85-87). DOI: 10.1007/978-3-319-14547-1.