Six SIgns your IT Governance is failing


Published on

When an IT organization has to make decisions without effective boundaries being established, the overall organization often suffers and is subject to significant risk. Alternately, when boundaries are rigid and inflexible, creativity is stifled and often the most innovative benefits are not delivered. The traditional methods of governing through control are slowly being replaced by governance through enablement. This brings its own problems and often sees organizations doing a pendulum swing from a focus on "costs and risks" to a focus on "value and innovation" and back again. How do we fix this? What are the most innovative companies doing? Join John as he takes an in-depth look at some of the interesting and somewhat surprising symptoms that arise in organizations that have these governance challenges and how innovative companies are overcoming them through governing the relationship between the business and IT.

Published in: Business, Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Front row, second row, third row…
  • Peter and I have had numerous conversations about the phrase “Business and IT Alignment”. The challenge with the term is that it implies that the business and IT are different entities. This car analogy is probably more suited to the discussion. The Car is the business. The tires are IT (part of the car) they are useless without eachother. Alignment is about effective and efficient use of IT to help the car get to its objectives..
  • IT is a very powerful machine. In some organizations it is the entity that brings the most risk and and the most value to the business. Our view of the risk and value is often skewed
  • Is there really any such thing as IT Risk. Sometimes you have to go to the business
  • Lets focus on the middle three…. Lets face it.. If you are the business – you get value out of me if I provide services that give you value and I don’t cost you too much in terms of resources and I don’t put you at an elevated level of risk. Making sure that all the stakeholders involved in the decision making process understand what they need to know…
  • For your organizations. Try to think about the last project that was killed mid stream… I am surprised by this number… My experience is that the number is far higher!.In government (or government like) organizations (Traditionally RISK adverse!) what do we do? Projects never fail. They morph, the deliverables get watered down… etc.
  • While we ponder that!
  • What do I mean by this?
  • City of Calgary’s 911 systemWaterworks SystemSCADA systems that control the OIL & GasI am a trusted advisor for one of my current customers fought really hard for his Financial Services organization to leverage technology in a unique way. Once the business saw the potential – they created a special team and took it away from IT.Walmarts Knowledge Management Approach began as an IT driven data mining initiative and once business value was shown – the business took ownership
  • Look at Nortel. Who outsources their core technical capabilities to lower cost providers who proceeded to turn Nortel’s competitive advantage into a commodity
  • The only thing that is certain here is that there is a disconnect between customer expectations and what they think they got!.
  • Relate back to the statement earlier “We don’t kill projects”. Seems counter intuitive that when I am assessing an organization, evidence of either no failed projects or many failed projects is an indicator of failed governance.
  • This can apply to both operational costs or project costs.. Remember the three key areas we talked about at the beginning…Benefits RealizationRisk OptimizationResources Optimization
  • Over building is a way to manage risk… but at what costs…Organizations I have worked with continually add capacity until the business removes funding
  • In most organization we typically only give the business one “control” over IT. One lever.. What is that?
  • I find that many organizations have somewhat of an adversarial relationship between the business and IT. This is because of the disconnect in strategies between the sides.. It may also be that the IT organization is trying to move up in this model without firmly establishing themselves first.
  • Six SIgns your IT Governance is failing

    1. 1. John Krogh
 Blog:" 6 Signs of Poor IT Governance" proven experience • proven tactics • proven success © Service Management Art 2013"
    2. 2. What is governance" ?  
    3. 3. IT Governance Definitions 
 take your pick!" The responsibility of executives and the board of directors, and consists of the leadership, organizational structures and processes that ensure that the enterprise’s IT sustains and extends the organization’s strategies and objectives." © IT Governance Institute. All rights reserved. " " “The set of processes that ensure the effective and efficient use of IT in enabling an organization to achieve its goals.” " © 2010 Gartner, Inc. All rights reserved. " " “A decision-making framework for IT investments that is designed to maximize the return of benefits while managing risk to acceptable levels.” " © 2010 Forrester Research, Inc. All rights reserved. " " Specifying the decision rights and accountability framework to encourage desirable behavior in using IT. " ©  Peter  Weill  &  Jeanne  W.  Ross  (MIT  CISR)  All  rights  reserved.     .  
    4. 4. Simple Definition" “The processes and relationships that lead to reasoned decision-making in the use of IT”!
    5. 5. What is alignment?"
    6. 6. “The business wants nothing more from you than for you to demonstrate that you have control over IT”… Paul Wilkinson Gamingworks"
    7. 7. …  
    8. 8. …  
    9. 9. What do we need to control?" ITIL   Resources! " Financial" Infrastructure" Information" Applications" People" Capabilities! " Organization" Management" Process" Knowledge" People"
    10. 10. 5 Elements of Governance" Establish and Maintain a Governance Frameworks" Benefit Realization" Risk Optimization" Resource Optimization" Stakeholder Transparency" Cobit  5  
    11. 11. # 6 Symptom of Failing IT Governance" “We don’t kill Projects!”"
    12. 12. “43% of respondents said that they have euthanized a project”" Top reasons to kill an IT projects" •  Business needs changed " " "30%" •  Failed to deliver on promise" " "23%" •  No Longer a priority" " " " "14%" •  Exceeded Budget " " " " "13%" •  Did not support business strategy "7%" •  Fell behind schedule " " " "4%"" …  &  ISACA    
    13. 13. …  
    14. 14. # 5 Symptom of Failing IT Governance" Loss of control of IT services to external providers" "
    15. 15.   “Does the business trust us with their critical business systems?”" "
    16. 16. Loss of control could also mean the loss of core business assets" "
    17. 17. # 4 Symptom of Failing IT Governance" “Business and Customer Dis-satisfaction”"
    18. 18. “50% of surveyed CEOs say IT has a problem executing, only 10% of CIOs agree”! "
    19. 19. “50% of surveyed CEOs say IT has a problem executing, only 10% of CIOs agree”! " “53% of all statistics are made up on the spot”! "
    20. 20. # 3 Symptom of Failing IT Governance" Project and operational failures for which an approved mitigation strategy was not in place"
    21. 21. Would killing this project, before complete failure occurred, have been the right thing to do?"
    22. 22. # 2 Symptom of Failing IT Governance" “Continually escalating costs without an associated return of value ”"
    23. 23.   Over-engineering" " Too much capacity" "
    24. 24. Calgary $829M" Salt Lake $1.2B" Torino $3.6B" Vancouver $1.7B" Sochi $50B est."
    25. 25. Costs of Poor Governance" Indirect Costs" Retraining IT staff" Loss of business credibility" Failed audits" Lost productivity" Poorly operating systems" " Direct costs" Failed or delayed IT projects" Lost revenue" Extra time spent gathering business requirements" Higher-than-average help desk costs" Security breaches/non-compliance fines"
    26. 26. # 1 Symptom of Failing IT Governance" Absence of business leaders in the IT decision making processes" &" Absence of IT leaders in the business decision making processes"
    27. 27. Shows up as IT managing risk and costs myopically…" …  
    28. 28. Or.. " the Business using IT in inappropriate ways" …  
    29. 29. “Today, businesses are 100% reliant on information technology for day-to-day operations, yet fewer than 50% of organizations involve senior management in IT decisions”! " InfoTech  Research  Group  
    30. 30. " “If an initiative takes time away from revenue-generating activities, management won’t participate. IT must communicate potential quantitative benefits to gain management involvement”! " IT  Governance  in  PracCce  –  Insights  from  leading  CEOs  
    31. 31. " “On average, only 38% of senior managers in poorly governed firms understand how technology is governed”! " IT  Governance  in  PracCce  –  Insights  from  leading  CEOs  
    32. 32. There are four key areas where senior management must play an active role:" " – Making IT investment decisions." – Prioritizing and approving projects." – Evaluating IT service delivery." – Mitigating risks and vulnerabilities to IT assets." " InfoTech  Research  Group  
    33. 33. Governance must be in place in order to foster the appropriate relationship between IT & the Business." Trusted  Supplier   Partner     Player   Solid  UClity   Forrester  IT  Archetype  Model  
    34. 34. Time   “TacCcal”  BRM  “Strategic”  BRM   Business   Efficiency   Level  1  IT  Focus   •  Provide  basic  systems  and  services   •  Stabilize  operaCons  and  support   •  Improve  service  delivery   •  IT  management  fundamentals   Business   Effec5veness   Business   Transforma5on   Level  3  Business  Needs   •  Business  growth  and  InnovaCon   •  Rapid  reconfiguraCon  capability   •  Market  informaCon   •  Business  integraCon  orientaCon   Level  3  IT  Focus   •  ConCnuous  strategy  and  planning   •  Converge  business  and  IT   •  Expand  and  extend  infrastructure   •  Enable  flexibility  and  agility   •  Embrace  ‘ConsumerizaCon  of  IT’   Demand   Supply   Œ     Level        Level   Level   Ž     Support  Improve  Innovate   Value   Level  2  IT  Focus   •  Establish  common  IT  infrastructure   •  Build  IT  credibility   •  Improve  soluCon  delivery   •  Establish  Enterprise  Architecture   •  Respond  to  ‘ConsumerizaCon  of  IT’   Level  2  Business  Needs   •  Business  network/process  redesign   •  Enable  business  and  partnerships   •  Management  informaCon   •  Process  orientaCon   Level  1  Business  Needs   •  FoundaCon  systems   •  Cost  savings   •  OperaConal  informaCon   •  FuncConal  orientaCon   Focus  is  Supply  Management  Focus  is  Demand  Management   Business Demand/Provider Supply Maturity
    35. 35. 72% Insufficient IT Resources Planned" 69% Misalignment Between Business/IT Strategy" 69% Business Unaware of Services IT Provides" " InfoTech  Research  Group   Recent poll of problems due to lack of business involvement in IT decision making." "
    36. 36. Summary" – Failure  to  kill  projects   – Loss  of  control  of  IT  services  to  external  suppliers   – Business  and  customer  dissaCsfacCon   – Project  and  OperaConal  Failures  for  which  an   approved  miCgaCon  strategy  was  not  in  place   – ConCnually  escalaCng  costs  without  an  associated   return  in  business  value   – Absence  of  business  involvement  in  IT  governance   and  IT  involvement  in  business  governance  
    37. 37. “Effective decision-making is critical to the governance of IT investments, projects, service delivery, and risk, all of which keep the business in business”! Forrester  Research  
    38. 38. Questions?"
    39. 39. itSMF Presentation" “Business Relationship Management is about Innovation”" Peter Lijnse" " November 28, 2011" Breakfast Event" " Register at"