What is IT Governance and Why is it Important?

 

In my almost three decades in IT, what has truly amazed me is how few organizations actually have IT governance programs. What is even more amazing is how few C-suite leaders and other leaders even understand what IT governance is and the value that it can bring to their organizations. This group of leaders includes those within IT as well, many of whom see IT governance as a threat to their leadership. Let’s take a dive into what IT governance really is, why it is valuable and why IT leaders should actually embrace and not fear it.

What is IT Governance?

Simply put, IT governance is a framework that helps organizations manage and align their IT operations with their business goals and objectives. At the end of the day, isn’t meeting the organization’s goals and objectives what we should all be about? IT doesn’t exist in a vacuum. In order to make sure that IT is properly aligned with and working towards the organization’s goals and objectives, stakeholders outside of IT need to be involved in determining what that looks like from a strategy and performance management perspective. The goal of IT governance is to bring those outside stakeholders to the table.

Why is IT Governance Important?

So, now that we know what IT governance is, why is it so important? Bringing outside stakeholders to the table to help IT leadership create an aligned strategy ensures that the projects that IT takes on are the right projects to help the business progress. Furthermore, these stakeholders work with IT to help prioritize these projects and provide support and funding to ensure that they get done. One of the most common reasons for projects failing is unclear business objectives or poorly defined project goals and milestones. Including stakeholders in this process can help ensure that the business objectives, project goals, and milestones are clearly defined before the project is even approved and started. This increases the likelihood of project success and that the project will provide the organization value. IT governance is really a “shared responsibility” model where IT works with its key stakeholders to share the responsibility for the success of the IT department and ensure that its efforts are optimized and delivering value to the organization.

Why Should IT Leadership Embrace IT Governance?

In the traditional IT model, IT owns the total responsibility for the success or failure of its initiatives and projects and whether or not it delivers value (real or perceived) to the organization. In this model, IT leadership really becomes the scapegoat for failures related to lack of engagement and support from other business leaders. I don’t know about you, but to me, that just seems like a recipe for failure. And a lot of times, it is.

With a true IT governance model, on the other hand, responsibility for the success or failure of IT to deliver value to the business is a shared responsibility with stakeholders having input into the strategy and execution of the IT department. If done right, there really is very little reason that there should be failure as we will see in the next section when we talk about the mechanics of how IT governance works and how it delivers value.

How Does IT Governance Work?

We stated earlier that, in its most simple terms, IT governance is a framework that brings together IT leadership and leaders or stakeholders from across the organization to share the responsibility for the governance of IT. Let’s talk a little bit, in a very generic way, about ways in which this is typically achieved. Keep in mind that these are broad, high-level applications and the approach and the details required to make this work for a particular organization really depends on that organization’s needs and resources.

1. The Chief Information Officer (CIO) should be a part of the business strategy development process and should be in attendance at board of directors’ meetings. In order to ensure IT alignment with business goals and objectives, the leader of the IT department needs to be in the room when those are developed and discussed.

2.  An IT Steering Committee should be formed made up of stakeholders from across the organization. This committee makes recommendations on the IT strategy and ensures that it aligns with the overall business strategy before being passed up to the board of directors for approval. 

a.      This committee acts as a governance body for IT where key metrics and KPIs for evaluating the operational performance of IT are developed, approved, and presented.

b.     Prioritization of projects and initiatives for that the IT department works on should also generally occur in this committee.

c.      The agreed upon KPIs, metrics, and project portfolio performance should be captured in a balanced scorecard which can then be used to measure the overall effectiveness of the IT department in achieving its strategic objectives. Plans for corrective action, if necessary, can be discussed and developed in this committee and then progress against those corrective action plans can be monitored along with the balanced scorecard. 

      3.  The IT scorecard, as approved and validated by the IT Steering Committee, should then be presented to the board of directors along with summaries of any actions discussed and taken in the IT Steering Committee and project portfolio status.

Conclusion

As you can see, this model sets up an organization for the most effective use and deployment of its IT resources by ensuring that said use and deployment is always in alignment with the needs of the business as directed by the business leaders. This avoids the IT department making key decisions in a vacuum and increases transparency in the effectiveness of the operation of the IT department. This transparency increases credibility and sets the IT department up to be trusted technology advisors and a strategic asset for helping the organization scale and achieve its objectives.