Last month's column argued that effective IT governance means making thoughtful decisions about the three major components of governance. First, five IT domains - IT principles or maxims, infrastructure strategies, architecture, business applications needs, IT investment and prioritisation - are areas where critical top-level decisions need to be made. Second, IT-governance styles define who provides input and who makes decisions in the IT domains. Third IT-governance mechanisms are techniques used to implement the IT-governance style.
The joint research on IT governance between MIT Sloan and Gartner's CIO group, Executive Programs, has identified that organisations with good IT governance have different enterprise characteristics to those with poor IT governance. Some IT-governance patterns are more effective than others and a lot depends on your business governance.
Tightly coupled decision making. When reviewing the patterns of enterprises with more effective governance some clear patterns emerge. Effective IT-governance arrangements have a real impact on business goals and involve top-level collaborative decision making between business and IT executives.
Top IT-governance performers have senior business and technology executives jointly making decisions in two of the IT domains. First they take responsibility for IT principles or maxims that are derived from business maxims. Second they take responsibility for major IT investment and prioritisation.
The IT leadership team is critical for infrastructure and architecture decisions. Once IT principles and investment guidelines are well established these provide the guide-rails for IT infrastructure strategy decisions. These are generally made by IT leadership groups, but with input from business colleagues. These decisions need to be based on sound input about the balance between enterprise synergy and autonomy, between centralisation and decentralisation of business assets.
While decision rights for IT architecture are similarly usually held by the IT leadership group, the right decisions need extensive business input. Future IT architectures really need to be driven by shifts in the business architecture.
IT-only and business-only decision rights don't work well. While IT governance is not "one size fits all", there are some general patterns indicating which arrangements work best and least well in all enterprises, all else being equal. When the IT leadership team has the decision rights for IT principles we tend to see poor governance arrangements. IT principles usually need to be validated by business executives.
We found a similar result for decision rights about business applications needs. Where these are held by business units only, it correlated with ineffective IT governance. Increasingly, major decisions about business applications for business units are being made by corporate executives. The rationale is to ensure wise investments are made, taking into account the wider interests of the whole enterprise. At the same time, this process might well identify other expertise, applications or initiatives in other parts of the enterprise that can be used.
Four governance mechanisms have the greatest impact. The mechanisms used to implement governance vary in their effectiveness. The most effective mechanisms for governance performance enhance business involvement. These are business/IT relationship managers, IT leadership groups comprising IT executives across the enterprise, IT councils comprising business and IT executives, and executive committees. These are the first mechanisms to work on to improve IT-governance performance.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.