IT Governance: Notes from the Field

A critical factor in achieving speed of execution is being clear about who gets to make which decisions. Governance is about establishing a framework to ensure that all decisions are made by the right person or persons, according to the importance of the decision and the expertise and organizational responsibilities of the parties to the decision. Decisions with large financial impact must be made by senior managers as part of an ongoing management process, while those with lesser impact are more efficiently made by those who are accountable for executing the decisions.

I touched upon this topic briefly in a previous post, and I’d like to take a moment to expound further on the importance of IT governance and how my customer is using this to transform their organization.

This particular customer does have an established formal governance mechanism for all of their key assets, but the mechanism has fallen victim to neglect and a “we have bigger fish to fry” mindset. I have stated many times in meetings with customer executives that an adaptive enterprise like the one we are working so hard to achieve recognizes that information is an asset that is just as valuable as intellectual property, finances, business relationships, and physical assets. So too are the people, processes, and technologies that manage information and automate business processes. As a consequence, an adaptive enterprise extends corporate governance to include IT.

The notion of IT governance has considerable currency today for this customer, but there are varying ideas about just what IT governance is. I have always seen IT governance as the formal process of defining the strategy of the IT organization within the context of an overarching business strategy and overseeing its execution to achieve the goals of the enterprise. Let us explore that vision a bit further:

  • As a formal process, IT governance involves the creation of a decision rights framework and the creation of mechanisms for enabling those decisions and managing those rights. Questions to address include:
    – Who is authorized to make which IT decisions?
    – What processes, involving which parties, will be used to make those decisions?
    – How will the decisions be enforced?
  • In defining the IT strategy, IT governance delineates the IT mission, vision, goals, priorities, and KPIs—the metrics by which IT is measured. It defines the business value drivers for IT services and initiatives, commits resources to the IT organization so that it can deliver on its mission, articulates IT’s commitments to the business units, and outlines its change management plans.
  • In overseeing the execution of IT strategy, IT governance aligns and synchronizes the IT organization’s tactical and operational plans, provides project portfolio management and closed-loop monitoring of plan execution, and ensures accountability (and regulatory compliance, as necessary).
  • Finally, IT governance ensures that the IT strategy and its execution are aligned and synchronized with the enterprise strategy, including other key asset strategies (financial, business relationships, and so on).

What I have tried to maintain with this customer throughout the engagement is that unlike their legacy IT governance model, which was a static one, the adaptive enterprise IT governance model remains dynamic. Not only does it operationalize IT strategy so that everyone is aligned with the enterprise strategy, but through ongoing synchronization, it also enables IT to stay aligned in the face of change. This synchronization involves a closed-loop system with four main stages:

  • Planning: The IT strategy formulation stage
  • Driving: The stage where the strategy is driven into the IT organization and infrastructure
  • Validating: The stage where execution performance is evaluated against the plan
  • Correcting: The stage where the execution is tuned to improve performance against the plan


As the business priorities and strategies change, IT governance drives those changes into the IT organization, stimulating the creation of new strategic IT plans and priorities and refining the priorities of existing plans and projects. Through an ongoing process of assessment and synchronization, which recurs at many levels as strategies and execution plans unfold, the enterprise keeps IT aligned with business priorities.

Aligning business and IT and then keeping them aligned is a complex undertaking. It helps to have a simplified framework to highlight some of the key responsibilities and relationships. I have used the 2 x 2 matrix below as a useful tool for bridging both the business-IT and governance-operations dimensions. Across quadrant boundaries, there is a need for both alignment (of strategies, operational plans, and execution) and visibility (of value and performance). When the visibility is across organizational boundaries, it is referred to as “transparency.” Also, the matrix provides a useful context for understanding many possible scenarios of where change events arise and how they flow across the quadrants.


With the treatment of information and IT as key corporate assets—and with the new controls that IT governance demands—the customer CIO must transform IT into an effective service delivery business within the enterprise and then run it that way. This is neither a question of how the customer charges for IT’s time and services nor a question of turning IT into a profit center for the enterprise (although these have been considered). Rather, running the customer’s new organization as a service delivery business is all about operating efficiently, delivering professional service, acting with a keen interest in satisfying the business customers, and managing those business relationships. It is all about responding to business needs, innovating to provide state-of-the-art service, and knowing how best to provide the business units with the services they require, including adoption of the best sourcing options.

Business strategy drives IT processes, which in turn drive IT decisions. The IT governance executive team defines the IT strategy, including whether IT should provide differentiation when compared to the competition or simply provide commodity services (a utility) with utmost efficiency. The strategy determines the critical IT objectives, KPIs, and critical success factors (CSFs). The CIO, in turn, defines the service portfolio and service level objectives (SLOs) that will focus the IT organization on meeting those KPIs and CSFs.

This returns us to the idea of IT operating as an accountable service delivery business. By focusing on meeting the needs of the business units and supporting the business strategy, the customer’s new IT organization acts like any business partner is expected to act. It provides transparency through management and reporting tools (think of executive dashboards, for example) that enable corporate governance executives as well as the line of business (LOB) managers to see just how IT is performing against the KPIs and CSFs. The management and reporting tools also enable IT management and the IT governance executives to monitor and manage change itself, so that the impact and effect of business and IT changes can be observed quickly at all levels.


Posted in IT as a Service, Transformation & AgilityTagged , , , , , , ,