Companies depend on IT to stay competitive, so it’s no
surprise there is a big push to provide the same level of oversight to IT that
is traditionally reserved for areas such as finance and accounting. However,
governing IT is more involved due to its technical nature, and poses unique
challenges for board members and management. Some of the areas management must
take into account are: understanding the impact IT has within the company,
providing boundaries for IT professionals to do their jobs, establishing performance
measurement, and reassuring shareholders that the IT investment is performing
according to preset goals.
To help you get your IT governance program moving in the
right direction, you need a plan that suits the company’s particular needs. To begin,
the board must take the lead in developing an IT governance agenda for
management to follow. IT governance must have complete board member buy-in and
even the non-technical members must be made aware of its importance. The
following steps should help with this process:
- Create
an IT strategy committee for better communications between the board and
management. - Each
board meeting includes IT as an agenda item. - The
board should align IT projects with business goals. - Measurements
should be established by the board regarding IT performance. - The
board should challenge management on IT initiatives by benchmarking
measurable results.
After the board has established the direction for an IT
governance program, it is up to management to put it into action. To help
management decide where to begin, the following steps are suggested:
- Create
an outline that will move IT governance forward with clear
responsibilities for all IT professionals. - Management
should promote responsibility among the IT staff for the success of IT
projects. - Establish
a scoring technique to measure current performance results. Monitor these
key points: organizational support for the implementation, risk management
responsibilities within the organization, the need for interdepartmental
sharing of business information, and project communication. - Drill
down and define the process areas in IT that are critical to managing high
risk areas. - Manage
expectations among IT staff by making it clear this is not an overnight
process. - Understand
the risks associated with IT investment. Consider the company’s previous
patterns of performance, current IT staff qualifications, complexity of IT
environment, and the type of new IT initiatives being considered. - Analyze
current capability and identify gaps. Find out where improvements are
needed most. - The
program should consist of a series of continuous improvement phases rather
than a one- or two-step process. - Decide
which improvement strategies are the highest priority projects. This
decision should be based on the most potential benefit and ease of
implementation of an IT project. - Align
IT strategy with business goals by asking tough questions such as: where
does IT fit in the overall strategy for the company, what is management’s
risk tolerance level with IT investments, and what are the major IT issues
facing the organization at the moment.
Putting an IT governance program in place is no small task
and may seem like overkill when IT makes up only a small portion of the
company’s overall budget. However, with today’s budget constraints and tight
margins, coupled with IT’s increasing role in running and growing an
enterprise, the work involved in establishing an IT governance program can
provide dividends by enabling a more responsive and cost-effective organization.
By using these tips to implement your governance program, you should have a
clearer picture of your IT organization’s strengths and weaknesses.