value insights

Strategies of IT Governance- Valutrics

Conceptually, IT governance can be viewed as the effort to design a system to achieve a set of related objectives:
– Attainment of strategic goals
– Efficient operation
– Reliable measurement
– Compliance management
A high-functioning system continually exchanges feedback among its various elements
to ensure that they remain aligned and focused on achieving the goal of the
system. The elements of a governance system include leadership roles, organizational
structures, business processes, standards, and measures of compliance to these standards.

 

p56

IT governance involves the whole organization, not just IT; therefore, governance requires
defining leadership roles and organizational structures involving the business units, the
executive team, and board members, as well as IT members. Similarly, it involves designing
business processes and standards that may imply obligations of both IT and business
unit managers and employees. Collectively, these elements work together to:
– Shape decisions concerning IT use in the organization,
– Determine criteria by which to assess conformance to these decisions. and
– Define mechanisms by which these decisions can be communicated, implemented,
and enforced throughout the organization.

IT-Business Alignment
A particular objective of IT governance is to ensure that IT strategic goals are met;
goals that are, in turn, linked to the overall goals of the enterprise. As the role of IT shifts from business support to business enablement, there is an increasing need for
IT strategy to be developed in parallel with business strategy-rather than in response
to it. Thus governance efforts may involve establishing organizational planning and
communication processes that connect IT leaders to line-of-business leaders and to the
corporate side of the business in tighter discussions of the costs and business impacts
of IT initiatives. New organizational structures may include an IT Steering Committee
or an IT Strategy Committee, seating both IT and business executives. Such cross-
functional structures and processes can ensure that significant changes to the business
strategy trigger corresponding adjustments in IT strategy and expenditures and vice-versa.

Investment Value
A key goal of governance is to maximize strategic value from major IT investments.
Thus, governance efforts should define processes to ensure the involvement of all
relevant stakeholders-including IT managers, business unit leaders, functional
representatives, and the board-in deciding what kinds of IT investments to pursue. In
addition, the board may be directed to review IT budgets and plans on a regular basis.
Furthermore, governance efforts might define standard procedures for determining
the business worth (both financial and non financial) and risk of IT-enabled business
investments, and also specify the criteria for selecting and prioritizing investments.

The overall goal is to align IT investments with business wide priorities, maintain
necessary conformance to enterprise-level architecture and infrastructure standards,
and manage projects as a portfolio, so as to leverage synergies across business units
where possible.

 

Project Delivery
As IT projects increasingly address business mission-critical activities, a cost-effective
project delivery capability becomes increasingly valuable. Governance includes deter-
mining responsibilities and accountability (both within IT and within business units
and other functions) together with accompanying processes, standards, and measures
to ensure that, as far as possible, projects conform to architectural standards, meet
business objectives, and deliver on their promised benefits in a cost-effective manner.
These efforts may include, for instance, the definition of standard project management
processes, the identification of critical project management skills, and the establishment
of levels of approval and project milestones to control the disbursement of funding.
An effective project delivery capability also requires attention to the development
context, a key part of which is the existence of technical and architectural standards.
These, in turn, facilitate the control of costs, faster implementation of new initiatives,
as well as subsequent support and maintenance-thus positively influencing both project
value delivery and service efficiency. However, since standardization efforts often
confront culture, unique business needs, and legacy situations, effective governance is necessary to motivate and enforce the necessary standardization. The formation of an
IT Architecture Board or committee is frequently the means to achieve stronger central
oversight of overall IT architecture.
On one hand, governance efforts aim to systematically reduce project risk by
reducing variance in the project implementation process. On the other hand, good
governance also allows the right amount of flexibility that will yield more effective
results.
Service Delivery
The governance process also addresses the cost-effectiveness of  IT services, by specifying
structures, roles, and techniques for managing and controlling IT services. Often
the cost of funding IT is a hot topic for business customers, largely due to a lack of
clarity on their part about how costs are compiled. Mechanisms such as charge-backs
and cost transparency help to raise awareness among business users regarding the
costs of their visions for IT services, thus allowing for better prioritization and decision
making. Service-level agreements (SLAs), for example, also can be developed to
define levels of service that are acceptable to each business, and then used as a basis
for monitoring services. A governance perspective helps ensure that day-to-day problem
fixing and support efforts remain aligned with business needs.

Resource Management
The governance focus on operational efficiency also draws attention to how IT assets
and resources, including staff, are utilized. Governance efforts may thus include the
formation of organizational structures for overseeing and directing all the organization’s
IT resources, or the implementation of processes to ensure that IT resource
requirements are identified based on business priorities. A future-oriented emphasis
on resource management may indicate the need to budget for and perform preventative
maintenance or upgrades on essential equipment or applications. Governance efforts
may also define structures, criteria, and processes for making decisions regarding the
outsourcing of particular skills, technologies, or IT capabilities.
Insufficient IT staff or inadequate skills and expertise among existing IT staff are
among the 1110st prominent concerns of contemporary IT organizations. IS Resource
management efforts that recognize these concerns may work to enable more flexible
skills-based deployment and establish procedures and time frames to develop and
upgrade internal skills and expertise.

Measurement of IT Performance
A critical part of IT governance involves designing and implementing structures and
controls for measuring IT performance reliably and in terms that are valuable to the
business and external stakeholders. Often, qualitative measures are more easily avail-
able, but governance efforts are likely to gain more buy-in if governance costs and
benefits can be quantified. Strategic business value, as viewed by executives, often
includes financial measurements and other measures of stakeholder value. Many governance initiatives make use of the Balanced Scorecard technique, measuring over-
all IT performance on a set of different dimensions such as achievement of business
goals, user satisfaction, operational excellence, and support for learning and growth.”

Risk Management
Risk management is clearly implicit in many of the preceding themes. For example, a
focus on investment return should acknowledge the risk that the investment being made
in IT fails to provide value for money or is otherwise excessive or wasted. This includes
consideration of the overall portfolio of IT investments. A governance focus on project
delivery should address project ownership risk, the risk of IT projects failing to meet
objectives through lack of accountability and commitment, or perhaps the risk of drawing
on inaccurate or incomplete data. Service delivery depends, in a similar fashion, on
effective management of a variety of different kinds of risks.
These might include a loss of service, inappropriate access to confidential or sensitive
information (access or security risk), or the risk that infrastructure is inadequate to meet the
current and future needs of the business in a cost-effective and timely manner. Thus, risk
management is central to governance efforts, which may involve identifying various possible
sources of risk, as we did above, determining acceptable levels of each type of risk,
defining metrics for monitoring and measuring each type of risk, and instituting internal
processes and roles to address unacceptable changes in the level of each type of risk.
In conclusion, the scope of IT governance is broad and allows for great variability
in how it is defined and implemented. Organizations tend to vary in how they define IT
governance-and hence put it into practice-based on which drivers are most salient.

Leave a Reply

Your email address will not be published. Required fields are marked *