Corporate governance has received a lot of attention over the last few years. Major factors contributing to this are a number of major corporate fraud cases and the introduction of new regulations, such as the Sarbanes-Oxley Act in 2002 for American companies and the King II report for South Africa. The attention to corporate governance also leads to attention to information technology (IT) governance because IT plays a vital role in supporting business processes. Information technology governance is a subset discipline of corporate governance, focusing on information and technology and its performance and risk management. Information technology governance is essential to ensure that the National Regulator for Compulsory Specifications (NRCS) gets expected return on investment. Information technology (IT) governance is all about the implementation of processes, structures and mechanisms that enable business to realise value from IT investment. The main objective of this study was to evaluate the impact and effectiveness of IT governance in NRCS. The researcher’s aim was: to examine the effectiveness of IT controls implemented on the NRCS IT systems; the enforcement of IT policies; the alignment of the IT department with business; and accountability of IT management. This study was conducted using a qualitative research design – specifically case study as a research method. A case study allowed the researcher to gather information through interview questions and observation of the target population, which comprises NRCS management, IT personnel and systems. To conclude the study, the researcher has identified factors prohibiting the NRCS IT department to enforce and implement IT governance for NRCS to realise return on investment they made on IT infrastructure. The inferences may be drawn that effectiveness of IT governance can be achieved by training management and IT personnel in IT governance, using approved IT policies and aligning IT strategy with a business strategy.