value insights

IT Strategic Controls- Valutrics

IT strategy is crafted and aligned with the business functions of the organisation after the IT function is set up with a structure, personnel, administration, and the Enterprise Architecture is designed or improved.

Controls at this level enable and support the future roadmap for IT infrastructure and systems, and facilitate and support the successful execution of the daily activities and operational transactions of the IT systems of the organisation. These controls include: IT strategic process controls, IT strategy implementation and monitoring controls and IT strategic performance management controls.

The direction for overall organisational control comes from the general strategic goals and strategic plans of the organisation. General strategic plans are translated into specific performance measures, such as share of the market, earnings, return on investment, budgets, customer or citizen satisfaction, benefits to society, etc. These corporate strategic plans (whether formal or informal) define and establish the framework within which other operational business functions, such as IT, production, finance, sales, marketing, etc. are organised and operate.

In terms of organising the IT activities, within the larger framework of the organisation, several controls, such as organisational, strategic, administrative, etc. may be instituted and executed.

The purpose of IT strategic controls is to define and establish the future IT vision and mission for the IT efforts (infrastructure and systems) of the organisation, and prepare the whole IT environment to accommodate such requirements and needs of the IT systems and IT operations of the organisation.

Establishing the specific IT strategic controls to serve the needs of the organisation may be done by the formal IT committee, or the IT management and its senior staff, or some other corporate work team or group, or a combination of these (e.g. IT committee and IT management, etc.). It would be useful, however, and as it has been proved in practice, to have these controls ratified by the Board or senior management executive committee of the organisation.

The main types of IT strategic controls that may be designed and deployed are:

* IT strategic process controls

* IT strategy implementation controls

* IT strategic performance management controls

* Monitoring and review controls.


IT vision, mission, and values checklist

The objective of this checklist is to support the process of creating, reviewing, evaluating and improving the controls .

1. Are there overall corporate vision, mission and value statements?

2. Are the IT vision, mission and value statements in alignment with the overall corporate vision, mission and value statements?

3. Are all IT staff aware of the IT vision, mission and value statements in carrying out their duties?

4. Are all IT staff aware of the corporate vision, mission and value statements in carrying out their duties?

5. Are all the stakeholders and their staff aware of the entity’s corporate vision, mission and value statements in carrying out their duties?

6. Are all the stakeholders and their staff aware of the IT vision, mission and value statements in carrying out their duties to the entity’s IT function?

7. Is the IT function aligned with the corporate vision, mission and value statements?

8. Is the IT function aligned with the IT vision, mission and value statements?

9. Are the corporate vision, mission and value statements kept up to date and tied to the overall strategy?

10. Are the IT vision, mission and value statements kept up to date and tied to the overall strategy?


Corporate strategic plan checklist

The objective of this checklist is to support the process of creating, reviewing, evaluating and improving the controls .

This checklist covers the following issues: Enterprise Architecture process, strategic management process, strategic components alignment, education and training issues, and support activities.

Enterprise Architecture process

1. Has the Board established an Enterprise Architecture management programme. Consider: establishment of an Enterprise Architecture team, executing the Enterprise Architecture process, etc.

2. Does the executive and middle management of the organisation have a process, in operating mode, for managing, reviewing and improving EA and business strategy? Consider: all appropriate levels should participate, such as Board members, executive management, middle management, etc.

Strategic management process

3. Does the strategic management process include all aspects? Consider:

* Aligning Enterprise Architecture to business strategy?

* Monitoring performance against the corporate strategy?

* Interpreting performance data in a collaborative way?

* Developing new and innovative strategic ideas and insights?

* Formulating new short-term and long-term strategic directions?

* Reviewing the performance measures kept by the system?

* Updating the performance measures kept by the system?

* Reviewing and changing the budgets, as required?

4. Are all the results of the Enterprise Architecture and strategic management process properly documented?

5. Does the strategic plan of the organisation contain all required elements? Consider:

* SWOT analysis

* PESTLE analysis

* Vision statement

* Mission statement

* Values statement

* corporate strategy for the business affairs and activities of the organisation at the general and appropriate functional level

* contingency planning, disaster recovery and business continuity plan.

6. Are there corporate plans and specific targets at the specific operational level of: manufacturing/production process, business unit, project and work team?

7. Are budgets, priorities and other resources assigned to corporate strategic objectives and down to which hierarchy/management level?

8. Is there a communication system in place, assisting dissemination of strategies, policies and goals to all levels of the organisation?

Strategic components alignment

9. Are all the essential strategic components aligned? Consider:

* Corporate predefined objectives to objectives of business units, divisions, departments, functions and projects?

* Executive team activities aligned to corporate strategy?

* Monitoring and reviewing activities of the Board to corporate strategy?

* Middle management activities aligned to corporate strategy?

* Incentives and benefits plan to corporate strategy?

* Alignment of the following strategies to corporate strategy: human resources, IT, communications technology resources, public relations, financial and budgeting, sales strategy, production (manufacturing), research and innovation, customer support, marketing, change management.

10. Do all personnel have a full understanding of the strategy, and its relevant co-ordination, alignment and co-operation activities required at all levels of the organisation? Consider: Board, executives, middle management, employees, and stakeholders.


IT strategic process controls

These controls are required to formulate an IT strategic plan and to obtain the necessary funds to implement the IT strategy.

The main IT strategic process controls are:

* IT strategy analysis methodology

* IT strategic plan

* IT strategic resource plans

* IT strategic budgets

* IT strategic analysis tools.

IT strategy analysis methodology

A methodology, in a wider context, may be thought of as the system of working methods, principles, practices, procedures and rules used in a particular discipline, profession, etc. Its usual result is an output, product, service or process.

In IT terms, in executing the IT strategic process controls to craft and implement the IT strategy, an IT strategy analysis methodology may be used.

This methodology is usually employed, depending on the conditions prevalent in the given organisation and IT area, by the IT manager (CIO, etc.), or an external consultant, or a combination of both of these, etc. This methodology may also be overviewed by the IT committee and ratified by the Board, before its use in the environment of the organisation. The IT strategy analysis methodology is similar to the corporate strategy analysis methodology, except that it is targeted wholly at IT.

The main steps of this process are:

Step 1: Preparing for IT strategy

To prepare for IT strategic planning, an organisation and its IT management must first assess if it is in fact ready. While a number of issues must be addressed in assessing readiness, the determination essentially comes down to whether an organisation’s leaders and IT managers are really committed to the effort, and whether they are able to devote the necessary resources and attention to the ‘large picture’, in terms of IT systems and services required.

The formulation of IT strategy requires, given the current socio-economic environment:

* rational decisions regarding the future of the organisation

* corporate experience and learning

* personal experience

* interpersonal intelligence

* intrapersonal intelligence and learning

* quick and effective responses to the requirements, needs and expectations of the complex world, taking into consideration the cultural conditions and factors both within the organisation and within society

* assessing the environmental, legal, economic and regulatory frameworks which impact the organisation.

An organisation that determines, therefore, that it is indeed ready to begin IT strategic planning, may perform the following six tasks to pave the way for an organised strategic process:

Task 1: Identify specific issues or choices that the IT planning process should address.

Task 2: Clarify management and support staff roles (‘who’ does ‘what’ in the process).

Task 3: Create an IT planning committee.

Task 4: Develop an organisational IT profile (current projects, systems, hardware, services, etc.).

Task 5: Identify the information and the detailed data that must be collected to help make rational decisions.

Task 6: Carry out an IT strategic cultural readiness check .

Task 7: Obtain enough knowledge and expertise on using one or more strategic tools, such as SWOT, PEST, Value Chain Analysis, etc. .

Step 2: Articulating IT vision, mission and values

An organisation’s vision, mission and values statements depict where the organisation is going and how to get there. Likewise, within this corporate frame of reference, an IT vision statement presents an image of what IT success will look like, an IT mission statement lets all parties know where the IT organisation is going and how IT is getting there, and the IT values statement provides the guiding principles to enable both the IT mission and the IT vision to be realised.

To gain better understanding an example of the IT mission, IT vision and IT values statements of an airline company  YZ Corporation (fictitious entity) are provided.

YZ Corporation

IT Vision: The IT vision of  YZ Corporation is to ensure that the IT function provides the best IT services to all users and therefore to enable all customers to select it as a first choice in air travel around the world.

IT Mission: The IT mission of  YZ Corporation is to design, develop and deploy the most secure, efficient and effective IT systems and services to enable  YZ Corporation to be the best and most successful company in the airline business. To utilise the best IT technology in the market to support the strategic goals of  YZ  of building the world’s best global alliance in air travel and co-operating with similar corporate entities with a good presence in all major world markets.

IT Values: The IT function of  YZ Corporation will provide services to the Company’s customers to the highest quality, with security, honesty, fairness and integrity.

Step 3: Assessing the situation

Once an organisation and its IT function are committed as to why they exist and what they want to do, they may take a clear-eyed look at their current situation. Assessing the current situation can be done by the use of methods, such as SWOT, PEST and other methods  . Situation assessment usually means:

* obtaining current information about the organisation’s strengths, weaknesses, opportunities and threats via SWOT analysis

* assessing the environmental influences on the specific business and on its IT activities via PEST analysis and other methods

* assessing performance information which will highlight the critical issues that the organisation faces in an overall context and in terms of IT, and that its corporate and IT strategic plans must address.

These could include a variety of primary concerns, such as funding IT projects, new business opportunities due to IT, changing regulations and rules, changing needs in the customer population, new market penetration opportunities, etc. The point here might be to choose the most important issues to address, in terms of the IT strategy. The Planning Committee, for reasons of better performance and control, will probably need to agree on no more than five to 10 critical issues around which to organise the IT strategic plan.

The products of Step 3 include: a file of quality information that can be used to make decisions, and a list of critical IT issues which demand a response from the organisation.

Step 4: Developing IT strategy, goals, objectives and budget

After the vision, mission and values statements of the IT function have been confirmed and linked to the corporate vision, mission and values, it may be prudent for IT management to consider how to use them. This may be done by crafting the broad approaches to be taken (IT strategies), and the general and specific results to be sought (the IT goals and objectives). The inspiring and motivating words contained in mission, vision and value statements represent very little unless they are accompanied by IT strategy, IT objectives, IT performance measures, IT targets and IT initiatives.

There are many approaches to IT strategy crafting, such as: SWOT analysis, portfolio analysis, scenario planning, etc.

IT goals are typically timeless and less specific. IT objectives are more specific and for a given time period. All these must be funded via an IT budget. Strategies, goals and objectives may come from individual inspiration, group discussion, formal decision-making techniques, etc.  . The bottom line, however, is that the leadership agrees on how to address the critical issues.

The product of this step is (a) an outline of the organisation’s IT strategic direction, IT long-range goals and specific IT objectives in responding to its IT critical issues, and (b) an IT budget.

Example of IT strategic direction

The IT service strategy of  YZ  Corporation begins by selecting the IT performance priorities by which the corporation will provide services to its customers. These IT priorities include treating the customer in a friendly, polite and helpful way, deliver IT services in a quick and convenient way, provide a variety of IT service-delivery mechanisms to suit customer needs and expectations, and provide IT services at the highest quality and at the minimum cost.

Example of general IT goals

Increase market share, improve customer satisfaction and increase sales by the design, development and deployment of specific IT application systems and services.

Example of specific IT objectives

Increase sales by 5% in each year for the next 5 years and increase revenues by 20% in the next two years by the design, development and deployment of specific IT application systems and services.

Strategic direction, goals and objectives must be monitored to ensure that they achieve their planned results. In practice, strategic direction, goals and objectives may be linked by the use of the Balanced Scorecard (BSC) model, in an overall corporate sense. Likewise for IT, the IT BSC model can link IT strategy, IT objectives, etc. with measures, targets and initiatives in a very efficient way  .

Step 5: Completing the written IT strategic plan

The IT vision, mission and values have been articulated, the critical IT issues identified, and the IT goals, objectives and strategies agreed upon. This step essentially involves documenting all that information. Usually one member of the IT Planning Committee, the CIO, or even an external consultant will draft a final IT planning document and submit it for review to all key decision makers (usually the Board and senior IT staff). This is also the time to consult with senior staff to determine whether the document can be translated into IT operating plans (the subsequent detailed action plans for accomplishing the goals proposed by the strategic plan) and to ensure that the plan answers key questions about IT priorities and directions in sufficient detail to serve as a guide.

Step 6: IT strategy implementation

Most companies and organisations know their businesses, and the corporate and IT strategies required for success. However, many corporations may struggle to translate the theory that may be contained in an IT strategic plan into action plans that will enable the strategy to be successfully implemented and sustained. It may, therefore, prove necessary to have a disciplined methodology and management attitude to implement the crafted IT strategy.

Step 7: IT strategy evaluation

Measuring the effectiveness of the IT strategy is extremely important. This can be accomplished:

* by a SWOT analysis

* by reviewing the actual results as per the performance measures defined in the IT BSC model .


IT strategic plan

An IT strategy is a plan to meet the organisation’s information needs over 3 to 5 years through the development of computer systems and related services, such as automation and technology.

This may be needed as many private and public organisations find it necessary for efficiency and effectiveness reasons, and for survival purposes, to have a model for the future of their information systems.

This is achieved by IT strategic controls, both in terms of assessing the present needs of the organisation in terms of data and IT infrastructure, and a plan for the future.

The IT strategy includes a computer systems development plan but also the business needs and goals that must be satisfied including the environmental issues that must be addressed in support of a primary process of the business delivered through IT.

This strategy should also enable and facilitate the knowledge management framework.

The objectives of the IT strategic plan are:

* Align information systems with the competitive strategy and the Enterprise Architecture of the enterprise to enhance the company’s performance.

* Ensure that IT delivers effective solutions to business problems.

* Make certain that IT provides strategic advantage to the company through cost or price benefits, innovation, value of products or services offered.

* Target the customer, supplier, and competitor needs.

* Accurately target the corporate success factors to achieve, through the use of IT, the given business objectives.

This strategic plan should be reviewed at least every year, and it should be updated and re-issued every three to five years.

It should be linked to the master business plan of the organisation.

IT strategic plan – example

1. Executive Summary: A statement of organisational objectives, a summary of the strategic plan of the organisation and how the business objectives are related to the IT function and the IT strategic plan, and a set of proposed IT Projects (new and amendments to existing systems).

2. A statement of IT strategic objectives: A full description of IT systems, strategies, vision, mission, values, objectives and data maintained by these systems, and how these systems give the organisation a strategic advantage.

3. Future projection of the organisational environment: A statement of the needs of the organisation for the next 5 to 10 years in IT systems, infrastructure, telecommunications capabilities and data.

4. Future projection of the IT environment: A statement of the future (next 5 to 10 years) IT technological developments and how these might serve the organisation.

5. Current IT SWOT analysis: Description of the strengths, weaknesses, opportunities and threats of current IT systems. Other tools such as PEST, GAP, portfolio analysis, value chain analysis, Delphi Method, critical success factor analysis, etc. can be used to augment the strategy analysis process.

6. Current IT inventory: A description of the current IT systems and infrastructure and their problems in meeting the current and future business needs of the organisation.

7. Future acquisition of IT assets: Acquisition and development schedules and budgets for hardware, software and application systems to serve the current and future needs of the organisation.

8. IT regulations: Description of IT-related regulations, standards and guidelines, with which the organisation will have to comply, such as Sarbanes-Oxley Act, Data Privacy Legal Framework, International Accounting Standards for financial systems, etc.

9. IT risks: Description of the process of identifying and managing the IT risks in the development and deployment of new IT systems and infrastructure.

10. IT infrastructure plan: A general plan outlining the general architectural design of the computer systems, telecommunication network, databases and application systems of the organisation. This will have to be linked and connected to the Enterprise Architecture of the organisation  , and the information management quality procedures .

11. Human resources plan: A specific plan outlining the skills and dexterities required in terms of both IT and end-user personnel for the next 5 to 10 years.

12. Budget: A detailed budget for all new acquisitions and updates of all IT assets of the organisation.

13. IT organisation: A plan for the required changes of the organisational structure of the IT function.

14. IT strategic action plan: A management action plan for the implementation of the IT strategic plan. Action specifications and statements (for hardware, software, communications, cabling, database platform, organisational changes, standards, methods, tools and techniques, costs, benefits, resources, training, conversion). Action plans (objectives, responsibilities and time elements) specify how the strategic goals and strategies will be carried out. Action plans often include various objectives to be reached while achieving each goal, who is responsible for achieving each objective and by when.

15. Changes policy: A statement on how this IT strategic plan will be reviewed and updated.

Implementing this plan requires, usually, strategic resources and a budget, plus very important factors, such as discipline, proper management culture, skilled staff, etc.

IT strategic resource plans

Implementing any strategy, including the IT strategy, is usually a very difficult and demanding task. The management of the IT function may, therefore, need to craft strategic resource plans with all the necessary and critical IT resources (human, systems, materials, funds, facilities, equipment, etc.) required to operate all IT critical systems, networks and equipment in all offices and locations of the organisation. This plan will probably need, as good practice, to be reviewed and evaluated annually and should remain current on a continuing basis.

IT strategic budgets

The ‘budget’ can be considered as a tool for the strategic management control system of the organisation, and an integral part of the performance management process of the organisation. A budget generally refers to a list of all planned expenses and revenues.

In terms of IT, all management decisions, activities, actions, system development projects, application maintenance, IT solutions procurement and deployment, computer system support, outsourcing and offsourcing activities are ultimately reflected and contained in the IT budget of the given organisation.

The budgets relevant to implementing the IT strategy of the organisation, may be: IT strategic initiatives budget, IT operational budget and IT BSC implementation budget.

IT strategic initiatives budget

In general, budgets are tools that promote decision making on the basis of a top-down approach and are used to assess financial and other corporate performance at all functional levels of an organisation. IT strategic initiatives budgets also play a crucial role in the strategic management process, especially when initiatives must be undertaken to improve IT performance for a given set of IT strategic objectives. These IT strategic initiatives must be funded and evaluated through the formulation and execution of an IT strategic initiatives budget.

IT operational budget for strategy execution

The IT operational budget consists of a forecast of the expected revenues from sales of IT goods and services offered and the expenses to be incurred in the provision of these goods and services to customers (external and internal). This budget is also linked to the overall corporate strategy as the expected performance of the organisation is accomplished via the infrastructure, operations, maintenance and enhancement activities, and with the resources funded by the operational budget of the organisation.

IT BSC implementation budget

The implementation of the IT BSC for the IT function comes with a definite financial price tag. The budget for building and implementing the IT BSC should be formulated taking into consideration the following issues: personnel time, training and communication, consulting, BSC software and off-site expenses.

IT strategic analysis tools

Crafting an IT strategy and documenting it in a plan to be implemented, requires a set of methods, methodologies and techniques.

Methods are processes by which tasks may be accomplished, methodologies may be defined as the system of working methods, principles, practices, procedures and rules used in a particular discipline, etc. and techniques may be deemed as procedures used to accomplish a specific activity or task.

The methods, methodologies and techniques that may be utilised for the analysis and evaluation of IT strategy of the organisation include:

* SWOT analysis

* PEST analysis
* Gap analysis

* IT portfolio analysis

* IT value chain analysis

* Delphi Method

* Screening IT strategic options

* IT Financial analysis

* Critical success factor analysis.

The manager or IT strategy consultant may use only one method, or more than one, depending on their experience, corporate environment and situation.

IT portfolio analysis

Analysis of the balance and compatibility of an organisation’s IT strategic process, options and systems within a larger corporate setting, in terms of market share, growth rate, investment, product growth, etc.

IT value chain analysis

A systematic way of examining all activities within and around the organisation, such as purchasing inputs, human resources, designing products, delivering and supporting products, and IT systems, and relating them to an analysis of the competitive strength and advantage of the organisation.

Value chain analysis describes the activities that take place in a business and relates them to an analysis of the competitive strength of the business. These activities are:

1. Primary activities: those that are directly concerned with creating and delivering a product (e.g. component assembly).

2. Support activities: while not directly involved in production, they may increase effectiveness or efficiency (e.g. human resource management). It is rare for a business to undertake all primary and support activities.

Which activities a business undertakes is directly linked to achieving competitive advantage.

Value chain analysis can be broken down into a three sequential steps:

1. Break down a market/organisation into its key activities under each of the major headings in the model.

2. Assess the potential for adding value via cost advantage or differentiation, or identify current activities where a business appears to be at a competitive disadvantage.

3. Determine strategies built around focusing on activities where competitive advantage can be sustained.

Delphi Method

Assessment of whether an IT strategy is likely to be correct or needs change/improvements on the following basis:

* A moderator crafts a questionnaire and submits it to a group of experts; the experts do not know the identity of the other experts in the group.

* Each expert responds individually, without the influence of the group or other dominating individuals.

* The moderator compiles the results, and formulates a new questionnaire that is submitted to the group again (three to four rounds is the usual case), until satisfactory results are achieved.

Screening IT strategic options

Evaluation of various IT strategic options by ranking them against the expectations of resources and stakeholders, and/or by decision tree analysis, and/or by scenario planning (i.e. matching options to different future scenarios).

IT financial analysis

Assessment of profitability and beneficial impacts likely to accrue from the IT strategies by the use of various financial measures and tools, such as: payback period, ROCE, Discounted Cash Flow analysis, Shareholder Value Analysis, funds flow analysis, break-even analysis, sensitivity analysis, cost-benefit analysis, etc.

Critical success factor analysis

A technique to identify the areas in which a business and its IT operations must succeed in order to achieve its objectives and outperform the competition.


IT strategy implementation controls

These controls are required to ensure that the crafted IT strategic plan of the organisation is implemented, as planned, so that the intended results are achieved for all users of the IT systems and services.

The main controls in this area are:

* IT strategy implementation action plan

* Information quality management procedures.

IT strategy implementation action plan

An IT strategy that has been crafted is of no value unless it is also implemented. Implementation in this context encompasses all the processes involved in the execution of the tasks and activities contained in the IT strategic plan (see Paragraph 4.4.2). Its implementation may require, for efficiency and effectiveness reasons, a methodology:

Action 1: Set up an organisational structure

Setting up an organisational structure usually includes:

* establishing an organisation and its constituent parts to implement the IT strategy (if one does not exist), or restructuring the organisation (if the structure is not deemed appropriate)

* establishing a chain of command or some alternative structure (such as cross-functional teams)

* having a highly motivated leadership and workforce.

Action 2: Allocate resources

This entails allocating sufficient resources (financial, personnel, time, technology support) and managing them.

Action 3: Fund the IT strategy

Organisations successful at the implementation of IT strategies are aware of their need to fund their intended strategies on a continuous basis. This is accomplished by linking IT strategy to the corporate strategy and to the annual budget process.

Action 4: Establish and execute IT action plans

Action planning means assigning responsibility of specific tasks or processes to specific individuals or groups on the basis of an action plan with:

* chronological lists of action steps

* assignment of responsibilities to individuals

* due dates

* estimation of the resources required

* progress reporting.

Action 5: Linking and aligning strategy

Many organisations successfully carry out the above steps, and yet still fail to successfully implement those strategies. The reason, most often, is that they may lack aligning and linking. Aligning and linking is simply the tying together of all the activities (e.g. primary, support) to the Enterprise Architecture to make sure that all of the organisational resources are focusing on achieving the same results.

Strategies require linking and alignment both vertically and horizontally. Vertical linkages and alignments establish coordination and support between corporate, divisional and departmental plans. Horizontal linking and alignment (across departments, across regional offices, across manufacturing plants or divisions) require co-ordination and co-operation to get the organisational units in harmony. For example, a strategy calling for the introduction of a new IT service or system requires the combined efforts of coordination and co-operation among all business functions that this system or service is supposed to support.

Action 6: Establish the performance management process

This action includes:

* formulating and setting up the performance measurement system (e.g. BSC at the corporate level, and IT BSC at the IT level)

* entering the performance data

* carrying out the required performance analyses

* setting up a corporate awards system.

A good performance system must communicate strategy, must measure performance in real time, must offer an integrated performance project management capability, and must acknowledge and enable emotional contracting with all staff, which is so vital for linking individual commitment and activity to the attainment of organisational plans and goals.

Emotional contracting (also referred to as ‘the psychological contract’) is the crucial and powerful link between the organisational performance intent, and the motivations, values and aspirations of staff. This emotional contracting element is sometimes overlooked by organisations, and this may explain why people have failed to do what the organisation expected and asked them to do.

Action 7: Managing the IT strategy implementation process

Implementing the IT strategy also involves managing the process.

This usually includes:

* rolling out the plan to the whole organisation

* reviewing the IT strategy in monthly meetings

* monitoring results, at the overall or detailed level, depending on the conditions, cultural aspects and circumstances of the given organisation

* comparing to benchmarks and best practices

* evaluating the effectiveness and efficiency of the process

* controlling for variances

* making adjustments to the process as necessary.

When implementing specific IT systems, this involves acquiring the requisite resources, developing the process, training, process testing, documentation and integration with (and/or conversion from) legacy processes. . In order for a policy to work, there must be a level of consistency from every person in an organisation, including the management and the Board. This is what is needed, probably, to occur on both the tactical level of management as well as the strategic level.

Information quality management procedures

An IT strategy plan is also concerned with what data are required to be collected, processed and managed by IT so that the crafted IT strategy achieves its mission and objectives.

This is because corporate data represent the ever-changing world in which organisations operate and survive. Business functions and transactions may change, customers may come and go, organisations may die, restructure and add, change or delete functions, etc. Therefore, the data recorded to document all these (both on a manual and a computerised basis) may become obsolete and out of date. Hardware and software vendors may change their products and supplies. Government and other international regulators often make changes which affect the rules of doing business.

Without a strategic commitment to continuous ongoing information management and data quality, an organisation’s data may quickly become incorrect or invalid as incorrect or contaminated data reach mission-critical business applications.

Management may need to focus seriously on the issue of managing the quality of information and the underlying data. This may be achieved by the use of a data quality management procedure, giving organisations the tools they need to understand how and when their data changes significantly from its intended purpose.

With such a procedure in place, management can recognise data problems, inspect data sources and data processes, and implement process corrections to get the problems fixed.

Data management also helps identify and correct these inefficiencies through automated, ongoing enforcement of customisable business rules, and ensures that once data obtain the highest quality (i.e. they are consistent, accurate and reliable), they give confidence to management and professionals in their information-based decisions.

Organisations must also understand that the outcome of monitoring routines (reports, exception items, etc.) can provide important insight into the processes that create bad data. By studying this information, management can do more than correct the data. It can begin to improve the overall efficiency of the organisation.

Data quality may be improved, however, by the application of a data quality improvement methodology and the use of a data monitoring tool.

Data quality improvement methodology

Phase 1: Analyse the problem

This involves discovering the root cause of the problem and defining a path to improvement. Some problems are the result of a bad business decision, such as one that cannot be substantiated with underlying data. Other problems may continuously erode the organisation’s effectiveness but never surface as identifiable problems. This initial analysis measures all aspects of data quality, including completeness, accuracy, consistency and duplication of the organisation’s data. A data quality effort also measures business rule integrity as well as the deviation from corporate standards.

Phase 2: Fix the problem

Once specific data quality issues are identified, the next phase involves planning and executing processes for the improvement of the data. This is done by:

* ensuring that edits and validations occur during original data capture

* assigning clear procedures to improve data entry processes

* conducting intensive training and performance measure refinement

* performing data checks as information flows from application to application.

Phase 3: Control the problem

After data correction, the final step is to establish a control mechanism to ensure that high levels of data quality are maintained on an ongoing basis.

To monitor and control data effectively, organisations need to investigate:

* ongoing reporting and analysis of potential problem areas

* an alerting mechanism that recognises out-of-control data records and automatically flags the data owner or responsible party.

Data monitoring tool

A data monitoring tool (typically a computerised application) requires a repository  to store and manage all existing business rules. This repository should allow authorised users to track and note trends in specific rules and their violations. Business users can view rule exceptions and track violations over time. This system should provide a single view into how, and when, data are exceeding preset quality limits, and take the appropriate corrective actions.


IT strategy may be achieved probably more efficiently and effectively, by implementing a suitable set of controls  by reviewing, changing, adding, deleting, customising them, etc. to meet the IT needs, demands and operating mode of the given organisation, and operating them with continuous diligence. These controls, as we have seen, may include policies, practices, procedures, organisational structures and specialised tools. These controls will need to be established to ensure that the specific IT strategic objectives of the organisation can be met.