In the previous post, we laid out a common
sense definition of what IT governance is (i.e. - “the what”). In this post, we will attempt to look at
the drivers of IT Governance (or “the why”). The drivers outlined below have
collectively contributed to the increasing importance of ITG in the C-suite and
have also in one sense led to the framing of the scope of IT Governance needs
as well.
Keep Business running:
Modern organizations and business rely heavily on IT. When IT systems
become unavailable because of technical failure or other disruptions (e.g.
power failure), the impact is usually significant. Even office workers cannot
function if support systems (e.g. email, document processing, etc) fail. Similarly,
a simple failure, such as a server’s storage capacity being exceeded, can bring
an entire department to a standstill.
This level of reliance on IT systems necessitate that appropriate
controls be in place to ensure service continuity.
Realizing business
value: There are numerous statistics on failed
projects. Some suggest that as many as three out of four projects do not
realize their expected benefits. There are many reasons for these failures
including - poor definition and planning at the start, compounded by
insufficient control during delivery.
Ensuring benefit realization on IT investments is a key area addressed
by IT governance.
Rising costs of IT: Despite lower costs of IT hardware,
the expenditure on IT as a proportion of the total business cost is increasing
and considered by senior business executives as “black hole”. With the market
forcing the business to run more efficiently, enterprises are increasing
looking at IT costs to better understand them and regulate their allocation. Adopting
a portfolio approach to IT spend, assets and investments (addressed in ITG)
provides a lever for business executives to control the IT Spend.
Aligning IT with the
business: Business staff does not always take ownership
of IT initiatives which leads to a situation where IT staff end up directing
many such initiatives. Getting the business into the driver’s seat when it
comes to picking the right projects to execute and following through to benefit
realization is critical today, especially when IT spend is significant.
Achieving this strategic alignment with the enterprise objectives is a key
discipline in ITG.
Increased regulatory
compliance: Over the
past few decades there has been an increase in legislation affecting business
and the use of IT. Some examples are the Sarbanes-Oxley Act, regulations around
protection of personal data, and sector specific requirements for the
healthcare, pharmaceutical and financial industries. These regulations elevate the relevance of IT
operations and controls to the purview of Enterprise Governance, and hence make
it a part of the Leadership Agenda.
IT security affecting
the business: This area is often misunderstood by Senior
Leadership because of the technical nature of the conversations. Frequently,
this area is delegated to an expert. In reality, many weaknesses are not
technical, but are instead caused by a lack of awareness of the issues between
users and management. Specific control practices are required to address the
complexities of security and to reduce damage to business because of risk
exposure of security breaches. This area
is addressed within risk management discipline of ITG.
The drivers discussed above provide a flavor of the different
dimensions of the role that IT plays in an enterprise. This necessitates that
IT be governed as a critical asset by the leadership thereby providing the
raison d’etre for IT Governance.
We would really like to hear from you on the relevance of IT Governance to your professional context. Please use the comment feature on this blog to get back to us.
No comments:
Post a Comment
We covet your feedback. Please let us know what you think by posting your comments using the feature below.