MIT research has found that good IT governance leads to better return on assets for companies. But what makes for good governance? Here are the ingredients.

Companies with better than average IT governance earn at least a 20 percent higher return on assets than organizations with weaker governance. Why is this?

Just as corporate governance is critical for ensuring that key decisions are consistent with corporate vision, values and strategy, IT governance is critical for ensuring that IT-related decisions match companywide objectives. Simply put, good IT governance makes companies more successful by establishing coordinated mechanisms that link objectives to measurable goals.

So what constitutes good governance? We've been studying that question for the past three years, with more than 250 organizations in 23 countries. But before we share our findings, let's define what we mean by IT governance: It is the decision rights and accountability framework for encouraging desirable behaviour in the use of IT. Companies make five types of IT decisions:

• IT principles decisions dictating the role of IT in the enterprise
• IT architecture decisions on technical choices and directions
• IT infrastructure decisions on the delivery of shared IT services
• Business application requirements decisions for each project
• IT investment and prioritization decisions

The Elements of Governance

Companies design governance mechanisms to make and then implement each of these decisions. There are many types of governance mechanisms and techniques. For clarity, we group them into three categories based on what they accomplish - mechanisms that facilitate decision-making, processes that ensure alignment between technology and business goals, and methods for communicating governance principles and decisions. "Effective IT Governance Mechanisms" (page 24) lists common IT governance mechanisms in these three categories used by the majority of the 256 chief information officers we surveyed. The numbers associated with each mechanism represent the CIOs' rating of that mechanism's effectiveness in ensuring good governance. Judging by these effectiveness ratings, you can determine (on average) the likely success of each mechanism.

But we must note that any of these techniques can contribute to effective governance if they are implemented well. Those with relatively low effectiveness scores were generally rated that way because CIOs found them harder to implement. For example, tracking the business value of IT is tougher than tracking IT project resources. But we have found that tracking the business value of IT can generate significant benefits. It just takes practice; early efforts are often frustrating. Likewise, architecture committees can be difficult to implement well. These committees often have responsibility for limiting developers' choices and can easily become mired in insignificant battles that create bottlenecks in technology implementations. However, companies that persevere with architecture committees often find their efforts can improve cost, reliability and time-to-market.