By Judy Stokker, Deputy-Vice Chancellor, Technology, Information and Learning Support, QUT (Queensland University of Technology)
How ‘fit for purpose’ is your organization’sIT governance? In simple terms,effective IT governance will deliver tangible benefits to the organization through building competitive advantage and making the best use of resources. Sub-optimal IT governance will lead to resourcewastage; and in the worst cases, failures of IT governance can lead to significant reputational damage, or even the demise of the organization. In recent years in Australia we have seen a few very significant and public examples of IT governance failures in the public sector.
The CIO has a responsibility to provide leadership in the maturing of an organization’s IT governance model. This is a challenging task. IT governance is embedded in the decision making and governance for the whole organization. Changes in how decisions are mademay require not only structural change, but cultural change, whichis almost always difficult to achieve.
Corporate history is littered with examples of companies that failed to see the significance of new technologies,or were too slow to act upon them. The digital disruption impacting on all sectors of the economyrequires organizations to embrace and leverage technologies more quickly than in the past, and with imagination. New business models are emerging that present opportunities and threats to established models. The rate and magnitude of technological change is both exciting and challenging and requires organizations to be more agile, flexible and creative.
Globalization, increased competition, and heightened user expectations present organizations with significant challenges in continuing to be successful and remain relevant. In my own sector, higher education, universities were once considered as “specific” organizations where the norms of management and governance did not apply in the same way as they did in the corporate world. This was largely due to the long history and established traditions of universities and the nature of teaching and research being individual intellectual pursuits.
Allow stakeholdersto be leaders in IT Governance
Ubiquitous access to technology and the fact that IT enables all functions and services in some way or another, has meant that professionals are engaged with the technologies relevant to their professional fields. Some professionals are so tech savyy, their expertise is equal to,or sometimes greater than,IT specialists in IT departments. The growth in ‘shadow IT’ in an organization is evidence of how individuals andbusiness units are able toreadily pursue their own IT strategies.
In universities, in addition to tech-savvy professionals, there are members of academic staff who are leaders in the IT discipline and who undertake cutting edge IT research. These influential stakeholders have the potential to both disrupt and enrich a university’s IT governance.
An organization’s IT governance model will be more effective andunderstood by stakeholders if it harnesses the enthusiasm and IT expertise of subject matter experts (SMEs) and businessexperts. Engagement by these stakeholders in IT governance delivers IT decision making that is aligned with the needs of the organization, by capturing the thought leadership from staff ‘at the coalface’. In this type of model the IT decision making is informed by the consumers of, and providers of, the functions and services.Good governance should not rely on control measures alone, but encourage engagement by embedding key stakeholders within the decision making structure and processes.
Agility and flexibility
A devolved model in which IT governance groups have appropriate delegated financial authority, operating in a well understood IT governance framework, has the potential to deliver solutions in shorter timeframes that keep pace with the rate of technological change and consumer expectations.
There are risks with a delegated decision making model including: fragmentation of decision making; and involvement by stakeholders who do not possess the necessary IT governance experience. Effective strategies can be implemented to mitigate these risks.
All too often the membership of IT governance bodies is based on the positions held by members, rather than their knowledge and expertise in IT governance. The old adage that “a little knowledge is a dangerous thing” is worth keeping front of mind in IT governance groups. Well-informed and skilled members are an essential component of sound decision making. Orientation in IT governance concepts, and a program of ongoing professional learning, should be essential parts of an IT governance model.
Provide the tools
EffectiveIT governance is informed by a digital vision and strategy for the organization, as well as other tools including investment principles or guidelines and a clear enterprise architecture. Stakeholders can be guided in their use of these tools.
Keep your governance model ‘fit for purpose’
Making the right IT investments is mission critical. Organizations need to regularly review the performance of their IT governance models and make changes in line with changes in their environment. The rate and magnitude of technological change and the ubiquitous nature of IT are strong drivers for organizations to be reviewing the effectiveness of theirIT decision making framework and processes.