There are narrower and broader definitions of IT governance. Weill and Ross focus on "Specifying the decision rights and accountability framework to encourage desirable behavior in the use of IT."^[1]

In contrast, the IT Governance Institute expands the definition to include foundational mechanisms: "… the leadership and organisational structures and processes that ensure that the organisation’s IT sustains and extends the organisation’s strategies and objectives." ^[2]

Van Grembergen and De Haes (2009) focus on enterprise governance of IT and define this as "an integral part of corporate governance and addresses the definition and implementation of processes, structures and relational mechanisms in the organization that enable both business and IT people to execute their responsibilities in support of business/IT alignment and the creation of business value from IT enabled investments".

While AS8015, the Australian Standard for Corporate Governance of ICT, defines Corporate Governance of ICT as "The system by which the current and future use of ICT is directed and controlled. It involves evaluating and directing the plans for the use of ICT to support the organisation and monitoring this use to achieve plans. It includes the strategy and policies for using ICT within an organisation."