Implementing IT Governance – A Perspective
Today businesses rely on information technology (IT) as an integral part of their overall enterprise strategy. For the same very reason, a new field of thought called IT governance has been under development for several years. Just as business management is governed by generally accepted good practices, IT should be governed by practices that help ensure
- An enterprise’s IT resources are used responsibly
- Risks are managed appropriately
- Information and related technology support business objectives
In other word IT governance is the process by which decisions are made around IT investments.
Although the level of maturity and acceptance of IT Governance varies considerably across different organizations and sectors but a number of different views emerge in its favor. These view, though present conflicting arguments but favor the implementation of IT Governance.
IT alignment to the business is the highest rated driver and outcome of IT Governance practices. A large majority of organizations recognize the importance of IT alignment in order to deliver sustainable business results, and feel IT Governance is the best means to achieve this. A general understanding among all the organizations and their CIOs is
“The successful application of IT Governance principles can provide a mechanism to increase the effectiveness of IT and, in turn, meet the increasingly high demands from business for IT.”
The results of effective IT governance can be transformational. The current climate of cost reduction and budget restriction has resulted in new norm – there is an expectation that IT resources should always be used as efficiently as possible and that steps are taken to organize these IT resources ready for the next cycle of growth and new IT developments. There is a wide acceptance of the fact that the IT Governance is required and investment in IT to deliver full value, it is recognized that IT has to be fully aligned to business strategies and direction. Implementing right governance for IT, business aligned strategy and right set of IT Governance tools can provides a large number of benefits for organizations. These benefits can be observed by all the stake holders in the organization through different means and metrics.
Executive Management: Executive management will see the improvement in the quality of IT services over time. There is also a reduced failure of IT projects, minimizing risk and saving cost.
Business Owners: For business owners there is major reduction of IT risk over time. There is also a reduction in cost of delivering IT service over time.
Other Managers: For other managers in an organization they will experience enhanced delivery of IT Services.
All IT Workers: Projects undertaken are followed up as well as operations in the organization. This leads to fewer surprises and less frustration. As an organization starts implementing IT Governance tools, more benefits will be released and the benefits can be measured.
Though, we talk very highly about the importance of implementing the RIGHT STRATEGY for IT Governance and Organizations spend money and effort in that direction, but there remains the fact that IT governance implementations fail, and lead to a disastrous results for the stakeholders. Moreover, IT Governance is still very much associated with fulfilling control or compliance requirements rather than it being an overarching framework that can be used to enhance the value of IT for the organization. There can be an unending debate about the reasons of the failure but let us accept the fact that the risk of IT Governance and Management failure is not so trivial. Gartner, on one hand, says 50 per cent of projects are rolled back out of production, Carnegie Mellon, on the other, says 25 to 40 per cent of all spending on projects is wasted as a result of re-work.
Despite these frequent reminders on the costly consequences, there is still evidence that many organizations do not place sufficient executive attention on this issue.
“We’ve always done it this way.”
That simple sentence has probably been uttered millions of times in businesses around the world. Usually, the people who say it are sincere; thinking the way they work adds value to the business. This always leads to a situation where “IT Governance is driven by top management”, and is often associated with ‘strong’ CIOs who have the full support of executive management, with a resultant reduction in the risk that the implementation effort will be faced with staff and business management resistance.
“What is the value add out of it.”
The benefits of implementing IT Governance are not measured and are difficult to quantify. In many instances the desired benefits are not defined upfront, which makes it impossible to measure them. When some organization went out to measure the performance of IT Governance practices, they start by measuring how it works in terms of performance indicators, but only a small number of them measure hard benefits or the eventual outcomes of the governance practices.
How to overcome challenges
Responding effectively and better executive support, a growing number of experts believe that can help the situation. Part of the problem is attitudinal, where many organizations view this as another unfunded mandate; a needless expense far removed from any kind of profit center. In our view, effective IT Governance needs to draw on 2 things –
Implementing right governance body
According to the IT Governance Institute, IT governance is the responsibility of the board of directors and the executive management, and is an integral part of enterprise governance. It elevates information as a key organizational asset and treats governance of information at par with governance of other assets like human, financial, intellectual, and relationship assets.
Governance body is extremely important and foremost step in implementing the IT governance tool. It is expected that this body / structure within the organization will define expectations, grant power, and verify performance. This body also establishes the strategic, operational, and technical decision-making process which is extremely critical. This helps to manage sourcing, assign trained and capable resources to govern sourcing relationships; put appropriate processes, escalation procedure to keep an open dialogue, create the disciplines around monitoring, reporting, changes, and feedback, and employ the right tools.
Each organization is unique in terms of their vision, set of customers and processes and should evolve its own governance model based on its own particular circumstances. Organizations which have no IT governance at all should start small and steady with an advisory body with strategic planning, standards making, and project prioritization and should also add more functions to the governing body as it and the organization matures. These organizations that are employing some form of IT governance may wish to expand their body further into decision-making and performance management.
Governance body need to decide who will decide when it comes to verifying performance, defining what is accepted. This is often controlled by the size of the organization and at what level the governance committee has authority over implementation. Many believe that IT governance should sit at the highest level of the organization and should strictly the domain of CIOs, CEOs, and department heads. This is unfortunate because these same principals can scale down to the department level or even smaller business units. There is room for IT governance wherever there are decisions to be made regarding how to utilize technology resources to make a unit function better. Rather than only heads, the whole team commitment added innumerable edge in implementing an IT governance tool successfully.
To attain the optimal results, the IT governance body should be responsible for the following:
- Establishing and communicating an organization-wide IT vision that supports the mission and goals
- Establishing IT policies that support strategic & IT priorities
- Establish and control the overall budget for total spend
- Suggesting or recommending technical architecture and standards
- Establishing best practices and recommended governance tool
Implementing a Governance Tool
Other than deciding what role IT governance body is going to play in the organization, Tools for managing IT governance can be developed, created in-house or purchased from a third party vendor. Tools provided by third parties are maturing and growing in popularity. There is nothing like one size fits all when creating or adopting IT governance tool.
Organization should select that tool which could facilitate governance and improve their reporting, automate and standardize processes, simplify and reduce administrative burdens; improve staff effectiveness to optimize scarce resources; and reduce the overall costs of governance.
Organization need to understand strengths and weaknesses of the leading tools and match them with their growing and immediate needs. They should also be ready to invest in proof of concept and generate a set of real life working conditions against which tool can tested.
Implementing IT governance tool is an important step in becoming a more responsive IT entity in today’s ever increasing challenging world. This process should be approached with all the planning, research, and resources that are fitting a major project or program for your organization.
The needs of the organizations could revolve around the below areas:
- Performance measurement and reporting
- Financial analysis, reporting and processing
- Contract management
- Process automation and workflow
- New ideas generation and conceptualization
A department-level, division-level, or bureau-level IT manager has no reason to shy away from this process. Organization should make sure that its stays in sync with the goals and objectives and strategic vision of the governance committee of organization’s higher body.
Challenges and way forward
Organizations should approach this very meticulously while selecting and implementing the IT governance tool. Many of the tools cover only with some limited capabilities which may not fulfill all the needs (immediate and future). To get the entire desired functionalities one may consider buying multiple applications and a varied degree of customization. Below are some pointers when it comes to selecting and implementing a sourcing governance tool from third party vendor.
- Carefully consider and document your requirements
- Consider the internal tool landscape
- Costs for licensing and implementation vary widely
- Understand the different solutions on the market
- Conduct a proof of concept as part of the selection process
A big IT organization’s management team including Project Management, Program management, Service management and Demand Management wanted to implement IT governance tool to streamline their processes. With a list of domain experts with diverse experience, they had an internal session where they nailed the problem and decided to implement a tool. It was a rigorous process to select right tool and implement and this took almost 6 months of duration. To everyone’s surprise, this tool was rejected after 6 months of Go-live claiming this does not fit organization needs. Another tool was evaluated with a lot of brain storming sessions and finally implemented. This tool also failed to live up to expectation and could not yield the desired results.
Now the question, “Is there really a tool which can help this organization?” This led to engaging a professional team to evaluate and recommend right tool. Professional team, after a month’s study suggested the same tool which was rejected few months back. In their finding, they clearly identified the gaps and documented those.
- A tool can strengthen existing process but will fail if process does not exist
- A tool can bring in transparency but cannot force compliance to process
- A tool can enhance reporting but will fail to add value unless reports are analyzed and corrective actions are taken
An assumption that implementing IT governance tool will solve all the existing organizational problems is like taking the first step in wrong direction. Process owners need to revamp and make sure that processes exist at the first place before they look outside for a governance tool to implement and expect it to work efficiently. No tool in the world can optimize a non-existent process. The Governance body must look inward first to make sure that processes are there to be optimized and people are mature enough to embrace the change which the tool will bring.
Don’t forget to leave your comments below.