- As breach notification boosts onus, classification can boost CISOs’ business credibility
- A hard drive's LED light can be used to covertly leak data
- Google’s Upspin rethinks secure file-sharing for the cloud
- Survey identifies key digital transformation priorities for business in 2017
- What to expect from the Trump administration on cybersecurity
Why best practice is risky
A well-governed organisation implies that it operates within an appropriate framework of structured controls, policies and processes, all driven by best practice. But is this really what is needed in a time of disruption and change?
Governance frameworks exist for almost every aspect of an organisation to ensure it operates as intended, and in support of its overall mission.
Entire industries thrive on the evolution, implementation and maintenance of these governance frameworks, which underpin the development of published standards.
Mature governance frameworks embody so-called ‘best practice’, which implies the adoption of these frameworks will help the organisation achieve its goals with a higher degree of reliability.
Indeed, the Oxford dictionary defines ‘best practice’ as: “Commercial or professional procedures that are accepted or prescribed as being correct or most effective”.
Selecting, adapting, designing and integrating the various governance frameworks across the organisation is no trivial task, and is especially important for organisations with an enterprise-wide dependency on IT.
In an environment that is not changing very rapidly, or has a very high cost of failure, such as commercial aviation, accepted ‘best practice’ generally makes sense and with good reason.
If followed, best practice maximises the likelihood of the intended results being achieved. After all, the ‘recipe’ has been shown to work, and is often backed by evidence that reinforces adherence to the relevant standard yields results. Reinventing the wheel is a potentially risky and expensive process.
But does best practice + disruption = worst outcome?
Accepted ‘best practice’ may no longer be up to the task in the face of fundamental technological or marketplace disruption. If your organisation is dealing with a rapidly changing, innovative and disruptive competitor, rote adherence to such standards may be anything than ‘best’ for you.
On the flip side, if your organisation is the one doing the disrupting through innovative technologies, processes or business models, you have more likely than not broken ranks with those still constrained by the prevailing governance models based on demonstrated best practice.
But if your organisation is rusted onto ‘best practice’, how can it adapt to the change to ensure survival? Through IEDs, enterprise IT, disruption and governance.
For many organisations, and irrespective of whether it is in-house, outsourced or in the cloud, IT underpins the operation of most (if not all) aspects of the organisation. In such instances, any assumptions about the interplay between IT and enterprise governance need to be carefully considered in a disrupted environment.
But just believing the organisation can head off on its merry way, leaving the CIO to take care of IT governance as well as delivering on the value from investments made in IT-enabled change, should be seriously questioned.
The case of the £1.5 billion capital shortfall announced by the UK’s Co-operative Bank in June 2013, which arose from a failed attempt to replace the Banking Group’s IT platform, offers valuable insights into the role of governance, disruption, the expectations of IT and in particular, the role of the CIO.
The bank’s response was to commission an independent review by Sir Christopher Kelly entitled ‘Failings in management and governance’.
For any CIO dealing with major technology transformation, there are few lessons to take away from this:
- Such initiatives should not be treated primarily as IT projects;
- You need to ensure the responsibilities for key deliverables by executives other than the CIO are clearly and explicitly stated
- The abdication of responsibility to the CIO by the board is a warning for future potential problems.
As an IT leader, what’s your approach to steering the organisation’s strategy in optimising ‘best practice’ when faced with disruption?
- 6 cities | 20 exhibitors | International & local keynotes | Hear from Mark Loveless 'Simple Nomad' & Jeff Lanza Former FBI - Save your seat at CSO Perspectives Roadshow
- WIN a HTC Vive Kit valued at $1399, take this 3 minute survey for your chance to WIN!
- Participate in this market research and go into the draw to win a Lego Death Star, (valued at $999).
- Answer 5 quick questions and you could win a Lego Mindstorm EV3, (valued at $499).
- Customers up, losses down for Vodafone
- Verizon ranks tops in wireless coverage and reliability by RootMetrics
- MYOB acquires Paycorp, posts profit and plugs new platform
- Melbourne IT announces ‘turnaround complete’ amid strong growth
- Apple grabs icloud.net domain to solidify links to sync and storage service
- Kogan half-year profit smashes expectations
- Melbourne IT reports strong earnings following business transformation wrap up
- MYOB set to buy Aussie payments solutions provider for $48M
- Brennan IT snaps up 50 per cent stake in Fastrack Technology
- Empired reports “solid first half result” despite losses from NZ earthquake impact
- CMO's top 8 martech stories for the week - 23 February 2017
- Qantas reports solid financials; highlights customer data and digital as competitive advantage
- How Nude by Nature is using data to prove digital's worth
- Panel: Organisations embrace customer centricity differently
- Woolies welcome and aligned incentives help Woolworths improve first-half customer credentials