Governance is not a process by which IT becomes a team of order takers, but is a process intended to make sure that scarce IT resources are targeted at projects to which they will do the most good.
As we move into an era of IT that is more distributed, more "democratic," and more competitive, it's more important than ever that IT have tools that can be used to allow it to focus squarely on broadly accepted and strategic initiatives that will have a positive impact on the organization's mission, whether that mission is to maximize shareholder value or something else.
Ensuring that the organization remains focused on critical items is one of the outcomes derived from good governance processes. Governance is not a process by which IT becomes a team of order takers, but is a process intended to make sure that scarce IT resources are targeted at projects to which they will do the most good.
Implementing good governance means that the organizational culture might need to adjust a bit and this can be a major challenge on a number of levels. Here are some hurdles that may need to be overcome:
- Initial resistance from IT staff. At first glance, IT governance may appear as a way to control an unruly IT department. However, it shouldn't be viewed as such. Rather, IT staff should be steered toward the positive outcomes that are had when good governance processes are in place. These outcomes include better overall project prioritization, less last minute work and overall better morale.
- Executive pushback. In many organizations, prioritization happens through a process known as "who yells the loudest." In other words, whichever executive is raising the most fuss gets the attention. While the initiatives that are undertaken by this method may be worthy, it's not a good long-term solution to governance. Often, in these kinds of environments, the IT department ends up being pulled in a number of different directions and lacks the ability to truly focus.
- General staff angst. Many line staffers are not used to being heavily involved in helping the organization set priorities and may wonder why, if things seem to be going well, they would need to get involved. This can create angst with these staff members who already have full plates. However, in order to ensure that the organization is undertaking IT projects that really matter, there needs to be strong representation from every area that relies on IT services.
- Focusing on "we" and not "I". This is probably the hardest one. For so long, staffers and even the executives in charge of specific areas have focused on their individual IT needs that many may have forgotten that other units may have more or different IT needs and may not realize that needs in another unit are organizationally more important. Good governance will require that staff-most notably executive staff-wear their company hats and not their unit hats when discussing IT priorities. When IT governance is implemented, there must be an enforced directive from the CEO that personal agendas will not be tolerated.
Making it work
Good IT governance doesn't mean telling the CIO what to do. It means that the entire organization creates a partnership toward the common goal of laser focus on business outcomes. I can't stress enough this point: Governance is not about "telling IT what to do and how to do it." Governance creates a deep partnership in the organization that includes IT and other business units (yes IT is a business unit). There must also be accountability to governance. In fact, I believe that all members of the governance structure should have an annual evaluation item that assesses their role in the structure. Here are some items that I believe are critical here:
- The CIO should be evaluated on transparency, capacity and capability. In IT governance, someone needs to bring to the table a broad and deep understanding of what is currently happening in IT and what the capabilities and capacity are for the IT unit. The CIO should have all of this information. The CIO should be held accountable for being transparent with regard to resource levels, current commitments and current status. The CIO should also be held accountable for assessing and communicating the current workload and skills of the IT staff. For the rest of the committee, this is key information. This also means that members of the governance structure can't simply tell IT to "do X" if there aren't skills in place to do so. Again, this is not an order-giving group. It's a guiding group that needs to understand reality.
- The executive team should be evaluated on support of the structure. This means that executives that may have been squarely in the "my needs are the most important" group should be evaluated on their willingness and ability to look out for the organization as a whole. This also means that these executives are responsible for the actions and behaviors of the people representing their units in the governance structure. They must lead by example.
- IT staff should be evaluated against clear project goals. Once governance is in place, IT staff members should no longer be accepting major project requests outside the structure. If they do so, disciplinary action should be taken. This item should be included on every IT staff member's appraisal. That said, IT still needs to support core functions on a support basis, so definer as best as possible what it means to support something as opposed to what it means to undertake a project.
- Remaining governance group members should be evaluated on professionalism, teamwork and project outcomes. I've seen people on IT governance committees get drunk on perceived power. This should be actively discouraged through the evaluation and organizational disciplinary process. Governance should be a collegial matter-yes, at times, it will get messy-but respect should be maintained.
I've seen what happens in organizations that refuse to implement reasonable governance processes and that allow the "person who yells the loudest" mentality to overcome reason. Simply put: They fail. Often, it's not the CIO that is at fault, but that person often takes the blame. It's not good for anyone, though. As we move into a future where IT becomes every more ingrained in our work, it's critical that governance structures that work be put into place for maximum possibility of success.