Monday, September 20, 2010

Steps for Better IT Governance

Towards better IT Governance

Improving governance in organisations is a strategic change process. There is no silver bullet. Governance is not just a new process but it also needs a new mindset and behaviours at senior levels of both IT and business.

The established power centres within organisations do not always welcome greater transparency and accountability. Experience suggests that strong support from CEO and CIO and gradual increase in governance maturity usually works better than constant tinkering.

Here are ten steps for improving IT governance:
  1. Visible and active top management commitment is absolutely critical for the success of any governance initiative. Governance is a disciplined approach. There must be consequences for all the executives for non-compliance.

  2. Treat governance as a change program requiring resources and commitment. It must have a visible benefits for it to be considered successful. Also, consider organisation's culture, resources available and capacity for change. Establish credible goals, measure and communicate the benefits.

    If the IT is struggling to deliver reliable service, or have a poor track record of customer service or project delivery; focus the governance efforts for addressing these burning issues rather than going for the lofty goals of strategy alignment and such.

  3. Use recognised frameworks for the governance initiative. There are number of frameworks like COBIT, ITIL and others.

  4. Transparency of decision making and reporting gives governance its potency. Transparency, whether it be business cases, standards compliance or project health reports, create trust and creates peer pressure to address issues identified or to question unusual decisions.

  5. Create a formal process for handling exceptions. Then report on percent of exceptions and key reasons for these. May be the standard it inappropriate or the enforcement is poor. Openly discuss and address.

  6. Encourage peer group consensus at each governance tier and avoid escalations to higher levels. This will build trust and sense of compromise within the framework of good governance.

  7. Where possible align with the corporate governance mechanisms. Most companies would have risk management, investment management, and crisis or business continuity management mechanisms. Align IT with this where possible.

  8. Educate senior management on benefits of IT governance as well as on new technologies and challenges so that they can participate in an informed manner in key technology related decisions. Lack of technological knowledge should not be an excuse for executives not to be participate in key technology investment decisions.

  9. Build accountability for benefits realisation in the business case itself. This will encourage active interest in delivery governance.

  10. Avoid clogging the IT steering committee with technical or architectural details. Address the technical details at a technical forum and report only on compliance or non-compliance/risk to the top team. The top team can then focus on "is this the right thing to be doing or investing in" rather than "how".

No comments: