Recipe for Good Governance, J.
Ross & P. Weill,
6/15/04
CIO Magazine
http://www.cio.com/archive/061504/keynote.html
Edited for classroom usage (Original word count:
2,224; final count: 494 – 22%)
Firms
with above average IT governance earn
higher returns than those with weaker governance (based on a study of 256 CIOs).
IT governance ensures IT-related decisions match company-wide objectives by establishing
mechanisms for linking objectives to measurable goals. IT governance is the
decision rights and accountability framework for encouraging desirable behavior
in the use of IT. Firms make various IT decisions: the enterprise role of
IT, IT architecture (technical choices), IT infrastructure (shared IT services),
business application requirements, and IT investment and prioritization
decisions. The IT steering committee at UPS, three senior executives (including
the CIO), sets IT principles. An IT governance committee, IT executives headed
by the CIO, follows the mandates of the IT steering committee in making key
architecture decisions. A standards committee of technologists determines when
a standard is obsolete or cannot meet the needs of a specific application. This
committee handles standards negotiations, but escalates decisions to the IT
governance committee when a standards decision has implications beyond one
application.
Principles of effective design and
implementation of IT
Decision-making
structures. Assign clear
responsibility for IT decisions to individuals who can accept accountability
for the outcomes of those decisions. Mechanisms include service-level agreements,
chargeback, project-resource and business-value tracking, enterprise-wide
budgeting, and senior management announcements to clarify desirable behavior
and individual responsibility for IT management and use.
Overlap
responsibilities. Top firms have overlapping membership in
decision-making bodies. At Campbell Soup, the CIO sits on the executive
committee that sets strategic direction. She heads an IT leadership team that sets
IT architecture and infrastructure. Its architecture review board is headed by
a member of the IT leadership team.
Senior management. If senior management is not involved in IT decision
making, the organization will lack a clear link between business objectives and
IT capabilities.
Exception processes. Allow exceptions to technology and business process
standards. Governance exception processes review standards that limit business
success. Organizations with effective governance have fewer renegade
exceptions, but more exceptions approved through a formal exception process.
Changing governance. Changing governance, communicating the changes and
then institutionalizing it is lengthy, six months or longer. Top performers
change governance less than once a year; poorer performers as much as three
times a year. Because it takes time to learn new governance mechanisms, changes
should be rare.
Transparency. The key predictor of governance performance is the
percentage of managers who can describe the enterprise's IT governance. When
more managers can describe governance, it is part of the enterprise's
management culture, and likely to be followed. Nearly half of all of the
managers in the top 50% of governance performers can describe their IT
governance; fewer than 30% can do so in poorer performers.
Firms that use IT strategically demonstrate stronger financial performance, but
strategic use of IT is possible only when companies design and communicate IT
decision-making parameters and mechanisms.