Governance makes a difference
Hayward - Bob Hayward, VP - Research Fellow, Gartner Asia-Pacific and Japan
says that you need a corporate IT governance framework in order to use
IT to it's optimal best in an organization. Soutiman Das Gupta
What is corporate IT governance?
Corporate IT governance can be described as a framework that encompasses an
entire system of organizational issues, constructs, committees, councils, various
forums, and how often the participants involved meet to discuss and arrive at
decisions about what to do with technology.
It's about how you structure the system of management organization and the various
constructs you use to make sure that IT is utilized as effectively as possible.
Irrespective of the size or industry vertical of an organization, it lays down
a system to design or assign decision rights and the accountability framework
to encourage desirable behavior in the use of IT.
How is corporate IT governance different from IT management?
IT governance is very different from IT management, which
is all about the regular day-to-day duties and responsibilities where you're
reporting on project management, recruitment, and motivation and training of
personnel. These duties are also necessary and important, but in many organizations
this is all that is done. Beyond these activities there is no corporate IT governance
If you ask CIOs of organizations that do not follow corporate IT governance
about who actually makes decisions on priority of projects, they're likely to
answer that, the decisions are made in an ad-hoc way where a few executives
get together for a discussion. If you ask whether the business units and leaders
are involved in IT governance, the answer usually is that the IT department
is solely in charge of the solutions.
This is not a very good way of doing things. You may be good at managing IT
but you must have a framework that binds the rest of the organization into the
decisions you make about IT. This makes them a part of the decision.
So in a few years from now, if something fails other business units can't blame
IT for the failure. They can't because they were a part of the decision and
are a part of the governance framework.
What are the roles played by the other heads of business
in corporate IT governance?
The business units and their leaders have to be closely involved in corporate
IT governance. This is because large technology projects often fail since they
are perceived as 'technology' projects. But they're actually not restricted
When we asked CIOs of companies where CRM projects have failed, and who was
responsible for the project, they'd say that it was the IT department's responsibility.
They did not need to explain further because we immediately knew why the project
It is perceived as a technology project because of the CRM software. But CRM
is all about changing the way you do business and deal with the customer. CRM
will make you deal with the customer in a different and more intimate manner.
It will make the company change the way it works with a customer. It's actually
a company change management process.
A part of the process can be eased or made better if you use a software tool.
It's just a minor part, which by the way should be managed by the chief of sales,
chief of marketing, or the chief of operations. It's their responsibility and
strategy to be customer-centric, not IT's. It's the company's collective responsibility.
So the business unit leaders must be involved and take ownership.
IT will help, contribute, facilitate, and deliver but the ownership and responsibility
of making the project a success should lie with the business units. The CEOs
role is also important because even with the best system of governance there
will be disputes. And there has to be a decision-maker who'll have to look at
two competing business interests, and prioritize based on the limited budget.
What approach must the CIO take to introduce corporate
IT governance in an organization?
The CIO has to first convince the rest of the organization that corporate IT
governance is important. There will be challenges like a few executives may
be resistant and reluctant to be involved. They may be suspicious of the technology
or not too comfortable with technology, and perhaps intimidated by it.
The CIO has to work with these executives, if necessary individually,
and convince them not be nervous, to have trust, and collaborate. If needed
the executive can assign a smart and younger person to understand the technology
better. The executives can be taken on a trip to another company perhaps in
another part of the world to see how others are using technology effectively.
These will help turn skeptics into believers.
What are the salient features of a good corporate IT governance
We found in a research study that that the ease with which senior executives
could describe IT governance was directly related to how effective people were
in using IT. If they were ambiguous or confused it was not good.
If they said, yes we have IT governance and it works this way, it was a good
sign. The senior executive should be able to easily say things like, we have
a committee that deals with these issues and it meets once a month. We also
have a forum to deal with those issues, and another team that deals with other
The business leaders should clearly tell you about the people that are involved
and those actually responsible for the committees. If personnel can answer these
questions easily, these are the signals that the organization is very effective
in the use of technology.
Some organizations think that they don't need business personnel to be involved
in IT decisions. That may not be a good thing.
To what extent should business unit leaders be involved
in corporate IT governance?
Certain functions are best left to the professionals in the IT department. They
are selecting a server or PC brand over another, IT architecture technology
standards, fundamental solution layers, kinds of knowledge management repositories,
and databases. They will make the decisions within the broad guidelines set
If business personnel are involved in these decisions, it
may slow down and complicate the process. For instance, there may be different
personal agendas due to the various relationships with vendors.
The other decisions regarding investments, prioritization, business applications,
and overall philosophy or vision must involve the business leaders and IT executives
in a federal system.
How often and under what circumstances should IT governance
policies be modified?
I recommend that the policies be modified as little as possible. We came across
a few organizations that changed their governance every year. They made radical
changes in terms of the members of the various committees, and regularity of
meetings and schedules.
If you change the metrics that are used to determine a good business, you will
automatically change the metrics needed to calculate the value of IT. And when
that changes every year, everybody is confused.
Once you good IT governance try and keep it that way. You can maybe tweak the
margins, but not make radical changes. This will need you to start from scratch.
The governance should evolve since every company is dynamic, but the change
should be evaluated to see how it benefits the organization.
What are the indications that a corporate IT governance
strategy has worked?
The biggest indication is the performance of the company in the market. The
company will grow in market share and customer satisfaction. Another indication
is that every person in the boardroom will have a clear idea what corporate
governance is all about.
Are there any tools for IT governance?
There are no tools, because IT governance does not involve areas that can be
helped by technology. It involves processes, people, and strategy. There are
tools for meeting management, electronic whiteboards, and remote conferencing.
But at the end of the day there is no IT governance software.
Soutiman Das Gupta can be reached at: firstname.lastname@example.org