Plain language about Digital Leadership
and Governance of Information Technology
for Executives and Directors
Welcome back to the Infonomics Letter – the third and final edition for 2014.
Back on January 6, I hoped that this would be a great year for all of us. Somehow, it didn’t work out like that and I’ve instead had what Queen Elizabeth once called an “Annus Horribilis” – a horrible year. Without going into too much detail, it’s best to say that I let my guard down on health and was flattened by multiple bouts of influenza. Maintaining my normal level of productivity became impossible and I was forced to choose carefully the tasks that would get my energy. Two of the victims were The Infonomics Letter and my promised new book, Digital Leadership Manifesto.
The good news from my perspective is that I have recovered my health and am now looking forward to both a great Christmas break and a very significant 2015.
So, before we close off 2014, a year in which I did not achieve all my plans, I’d like to share four things with you:
There is no doubt that the world is advancing into the Digital Era. In the digital era, individual advanced technologies and management models including: ubiquitous high speed communication; massive, ubiquitous storage and processing capacity; big data; analytics; cloud; social media; software as a service; mobility; BYOD; and the internet of things are being integrated at every level of personal and enterprise endeavour to create new capabilities and improve existing ones. As part of preparing my 2014 ACS Education Across the Nation series, I defined the dawn of the digital era as: “An unfolding landscape where we can do better things we have always done and do things we have never been able to do, because digital technologies enable us to capture and manage information in ways not previously possible. It begins with a time of profound, ongoing change, enabled by digital technologies”.
One of the significant challenges in governance of IT in the digital era is that almost everybody is in a position to exploit technology to achieve their own goals. No more powerful illustration of this fact is the way that individuals use mobile devices to access social media and empower themselves to communicate to audiences that were unimaginable just a few years ago.
This challenge is extended by the way that mass-consumption technology resources such as cloud and software as a service have fundamentally changed the costs of acquiring technology.
Many industries are being intensively disrupted not just by new entrants in to their markets, but by the way established actors in their market are rewriting the rules in their own favour. Consider for example how universities are unavoidably driven to embrace the digital era. Students are driving the agenda with their own use of mobile and other technologies. Institutions are exploiting technology to reach markets far beyond their traditional geographic bounds, and to deliver education and resources at massively lower cost than previously possible. At the same time advances in technology offer unprecedented capacity for collection and analysis of data. Researchers and administrators are generating ideas for new digital-enabled research and capability at a prodigious rate and demanding delivery at a speed that was unimaginable only a couple of years ago. Readily accessible technology enables rapid launch of new capability that in turn demands accelerated development of new technology and operational capability.
What has not changed is that adoption of technology in the digital era still frequently involves substantial change in existing business operating models and development of new capability to enable future business models. As we have learned through many years and examples of failed IT investments, success is not merely in the delivery of the technology, but in the realisation of the intended outcomes for business capability and performance which come from a properly orchestrated change program that addresses the fundamentals of business change. H. J. Leavitt described these fundamentals in his 1964 paper “Applying Organizational Change in Industry: Structural, Technological, and Humanistic Approaches”, published in Handbook of Organizations, edited by James G. March and published by Rand McNally 1964. Fifty years on, we adapt Leavitt’s Diamond to describe technology-enabled transformation:
New digital technologies empower people to work in new and different ways, enabling and frequently requiring new processes and demanding organisational and structural change including new policy guidance and assignment of authority. In order to attain new capability, business systems and their organisational context must transform through all four dimensions. While in some cases these transformations are happening in a ubiquitous and sometimes subliminal manner, there are many more cases where planned change encounters obstruction through the tendency for the status quo to persist unless forcibly disrupted.
The clear message to be considered by organisations is that governance of IT is no longer solely or principally about the technology. Rather, governance of IT must address the use of technology as an enabler but not as a driver of business capability, and must deal with the essential need to govern ongoing business transformation and performance enabled by new technologies. We refer to this extensive and essential business change as digital transformation.
Bear in mind that digital transformation is a phenomenon that is simultaneously occurring within and external to every organisation, and that while some aspects of digital transformation may be voluntary and fully controllable, many aspects of digital transformation are involuntary because they are driven by external (and sometimes internal) actors over whom the organisation has no direct control. These factors make it essential that governance of IT in the digital era is capable of dealing with the entire emerging digital context of the organisation as well as its ongoing legacy of pre-digital era technologies. But this does not mean that we need to start again with a clean sheet of paper to develop a model for governance of IT in the digital era. Rather, we need to understand that ISO 38500 is perfectly applicable in the digital era. In the adapted ISO 38500 model presented in:
The digital era governance arrangements provide overarching direction and control for the organisation as it plans, builds and runs its digital future capability;
The organisation adopts a management approach to planning, building and running the digital capabilities that recognises that digital transformation includes potentially substantial business transformation as well as adaptation to and participation in market transformation;
In the digital era, policy settings, including assignment of decision rights and authorities, are likely to be different to those applicable in the pre-digital context.
Many aspects of the fundamental governance activities – evaluate, direct and monitor – are likely to be delegated into the management space.
The principles for good governance of IT are equally, if not more relevant in the digital era. For example, the responsibility principle reminds us to think carefully about and appropriately assign responsibility for digital transformation – bearing in mind as we learned from Leavitt, that digital transformation is not merely a matter of acquiring the technology. Similarly the human behaviour principle reminds us to address a wide spectrum of human characteristics including the seeming polar opposites of resistance to change (such as resistance to changing work duties driven by new systems) and propensity to rapidly assimilate change (such as use of personal mobile devices).
While the ISO 38500 model seems very well suited to the current digital transformation landscape, the same cannot be said for many aspects of management systems originally designed to enable effective “IT Governance”. These older models are becoming suboptimal because they are geared to a time when technology was the greatest challenge and expense in the use of IT. Nowadays, the technical aspects are frequently the least complex and least expensive part of the initiatives in which business capability is redefined and reimplemented for the digital era. However, this does not necessarily regard these management systems are fundamentally flawed. Rather, they need to be updated in perspective – refreshing their orientation and approach so that they deal with the broader range of complexities in digital transformation while also operating at the speed of digital transformation. Using ISO 38500 as the overarching model for governance of IT, and especially focusing on the meaning and application of its model and principles, can greatly assist in overhaul of the more detailed management processes and decision-making arrangements.
Using ISO 38500 in this way enables organisations to take a top-down approach to evolving the management systems that underpin effective governance of IT and therefore effective governance of digital transformation. It highlights that top level policy should guide the evolution of the management systems.
Improving governance of IT at every level requires a clear understanding of two things – the starting point and the goal, each of which is different for every organisation. Commencing an improvement process without understanding either is clearly an exercise in futility, as there is no means of focusing on the most important and valuable adjustments.
The Infonomics ISO 38500 Assessment Method is a proven effective way of understanding how any organisation governs IT without presupposing any implementation model for the underpinning management systems. It provides a clear view of the subject organisation’s approach to governing the bigger picture of business use of IT and therefore provides a comprehensive basis on which to identify change that adapts the organisation’s governance arrangements for effective governance of digital transformation and ongoing digital business operations.
While I was laid low for more days than I care to count, I have not been totally absent from my desk and the workplace in general. Here are some of the highlights.
The year started with some moderately intense travel, as I delivered complete the Australian Computer Society’s Education Across the Nation program from January to April. This took me to Adelaide, Brisbane, Canberra, Hobart, Melbourne, Perth and Sydney, as well as the regional city of Toowoomba in Queensland. The hour long presentation on Digital Leadership and Digital Transformation was well received with an unofficial tally of around four hundred people attending. Perth, Brisbane, Sydney and Melbourne also delivered nineteen senior professionals for the two day ISO 38500 Foundation Class, for which some very encouraging endorsements were received (as reported in Return from the Outback, posted on 23 June).
2014 has been an interesting year for ISO 38500 based assessments of how organisations govern their use of IT – particularly in the federal government and large corporate space. While I can’t go into detail, I can report that the assessment tool worked very well and highlighted all the key issues in management behaviour, again reconfirming that no matter how good the process model, if management behaviour is not good enough, there will be problems with IT. As is often the case, simply exposing the behaviour issues and associated consequences is only the first step – what is essential is that there is a robust commitment ot change at the very top of the organisation.
My teaching activities carried through the second half of the year with eight days on ISO 9000, IT Service Management and Information Security Management for the Solomon Islands Government, followed by briefings for Australian Institute of Company Directors members in Geelong and for Governance Institute members in Melbourne. There were also sessions at The Next Big Thing conference and the IQNite Testing and Software Quality conference, also in Melbourne.
Hewlett Packard delivered for me in two ways during 2014. Paul Muller, who leads the global IT management evangelist team within the Software business at HP, picked my brains in a series of three interviews on various aspects of governing IT, as part of his HP Discover Performance Weekly Interview series.
The interviews are all on YouTube and each runs for about 15 minutes. I claim no credit for the episode titles, but I assure you that all the content is real, and straight off the cuff:
HP’s second delivery was a replacement for my ageing HP Pavilion notebook. Having discovered that a Windows 8 tablet was perfectly OK for browsing and email but absolutely useless for developing and delivering serious content, HP kindly took back the tablet and upgraded me to the Envy notebook. At less than half the weight of its predecessor and with many times more power and storage, it’s become my complete mobile office and when teamed with a decent smartphone leaves me wondering if there is space in my life for another tablet! Perhaps some time in the future…
It’s taken a very long time for ISO 38500 to achieve even modest acceptance in the market. It faced several challenges: it was radically different from prior guidance on governance of IT; it doesn’t contain a prescription for implementation; it required deep thought on behalf of adopting organisations to understand how to use it effectively; there were few properly competent ISO 38500 consultants available to assist; many professionals were deeply committed to alternative views on governance of IT; business leaders still thought that governance of IT was an IT problem; and so on. However, little by little, the tide has turned. Where ever possible I have sought to publicise the organisations that are using the standard, though until this year few have come forward. The major accessible exemplar remains South African Government, through its Department of Public Service Administration.
During my travels of 2014 however, I have learned of several Australian organisations in public and private sectors which claim to have adopted the standard. Some of them have used Waltzing with the Elephant to guide their work. Others have done their own thinking from first principles. One has adopted the principles in ISO 38500 not just for governance of IT, but for governance of the organisation’s activities on a much wider scale.
This is good to hear. However, there now comes a question: Have they adopted the guidance in ISO 38500 in a way that does truly improve their governance of IT (and other things) so that they make effective, efficient and acceptable use of IT? How can they verify the outcomes of their work? One way of course is to test the outcomes achieved against the goals they set at the start of the change program. Another, as is the normal practice in every other field of activity, is to evaluate what has been done and look for opportunities for improvement. It should come as no surprise at all for me to suggest that the Infonomics ISO 38500 Assessment Method is a highly effective way of gaining insight for both planning and assessing a change program.
Evidence that not all organisations get it right in adoption of ISO 38500 can be found very close to the Infonomics home base. During 2014, in response to policy direction of Victoria’s Liberal State Government, the state bureaucracy developed the Victorian Government Information and Communication Technology (ICT)Governance Framework. In a word, this document is pure, unadulterated rubbish! It demonstrates a profound failure to comprehend the context and role of IT in the 21st century and instead perpetuates the mind-set that only IT people should be involved in directing and controlling the use of IT. For example, it nominates the responsibility of Agency heads in respect of Victorian Government ICT Strategic Directions as being “Accountable for contributing to ICT Strategy outcomes, supported by their agency CIO”. It says nothing about, and therefore seems oblivious to the potential role for agency heads in finding more effective ways for the state government to operate through redesign of government activities at whole of government, inter-agency and intra-agency levels.
Some may say that I am unhappy with the Victorian Government’s effort because the people involved all of my offers of help. Well – the South African Government developed its approach to using ISO 38500 also without my help, and indeed without even reading Waltzing with the Elephant. They got it right and I rang their praises loud and clear in 2012!
OK – enough on that. There’s a new Labor government in power now in Victoria, and I will certainly be encouraging them to take serious notice of the opportunity to use ISO 38500 effectively in setting up the state for its transition into the digital era.
Even though I have had limited capacity, 2014 has been a big year for academic collaboration. This includes:
Ongoing conversation with Lizzie Valentine at Queensland University of Technology in relation to her work on the competencies needed by company directors for effective governance of IT. She has published much of her work in a highly accessible form at www.enterprisegovernance.com.au;
Similar conversations with Shafi Mohamad at Griffith University as part of his work on “Developing a Model to Evaluate the Information Technology Competence of Boards of Directors”;
Co-authoring a book chapter with Shafi Mohamad: "The Importance of Enterprise Technology Governance in Effective Corporate Governance" will be published as Chapter 4 in the "Responsible governance: perspectives for the new era" by Business Expert Press, early in 2015;
Co-authoring a paper with Carlos Juiz: “To Govern IT, or Not to Govern IT?” is scheduled for publication in the February 2015 edition of Communications of the ACM. Carlos is a leading proponent of ISO 38500, having taken a leadership role in its adoption at the University of the Balearic Islands in Barcelona, Spain, shortly after the standard was published in 2008;
Dr Helena Garbarino, a professor at ORT University in Montevideo was awarded her PhD by the Polytechnic University of Madrid during the year. Her thesis is entitled “Marco de Gobernanza de TI para empresas PyMEs – SMEsITGF” (The thesis is predominantly written in Spanish, but it does include a brief English abstract). It was my pleasure to assist Helena as she developed her analysis and recommendations for effective governance of IT in small and medium enterprises;
Mai Hyari from Kuwait is the newest addition to the list of people I am helping with their work on governance of IT. She is completing an MBA with Durham University Business School, UK;
Jerry Luftman, the irrepressible chief of the Global Institute for IT Management invited Infonomics connections to participate in his global research on Global IT Trends. The 29 page report makes for some interesting reading!
Following the ACS Education Across the Nation program in the first quarter, Paul Tubridy saw the potential for some of his past and present clients to benefit from the guidance in ISO 38500. Although it’s perhaps not as easy to pitch the idea of something different as we would like, Paul has found traction and we have completed a small ISO 38500 assessment for one of his clients, with another in the wings.
Paul has also provided an introduction to several others in Sydney, including the principals of BSR Solutions. Together, we are seeking ways to make a real difference to how government, private and non-for-profit organisations in New South Wales approach their governance of IT. These efforts are the first steps in the forward plan discussed below.
Many of you know that in 2012 my partner Leonie and I purchased a small farm. There we will continue working on the things that interest us, while easing into a slightly more relaxed semi-retirement phase of life. Before we go there, we must complete as fairly major renovation of our current home in the hills to the east of Melbourne. As with many IT projects however, work has not proceeded to plan, as we have discovered many evil acts perpetrated by the original builder that have become evident only when we look under the covers.
Regardless of the problems encountered, this is a project that must deliver, and we remain very focused on the outcome that we have planned, while taking care to observe other principles in ISO 38500 which, while written to guide the use of IT, is also very relevant in guiding many other sorts of activity.
Wow – having now written the review of 2014 activities I wonder how much more I might have completed had I been in peak health for the full year! It was certainly busy. But 2015 is going to be busier. Here are some of the things I have in my plan.
It’s been a long time coming, but there is definitely increasing interest in ISO 38500 and therefore an increasing opportunity for Infonomics to help many organisations around the world. However, I can’t do it alone. What I will be doing is moving Infonomics into its next stage of development, where it is a provider of resources to the specialists.
This builds on a couple of experiments in 2011 and 2013, from which I have learned much about how to equip people for the use of Infonomics IP. The intention is to package the Infonomics ISO 38500 Assessment Method into a product that can be used under license by a suitably qualified practitioner. There will be accreditation requirements, so that the product cannot be used by those who have insufficient skill, and there will be complementary training to help appropriate people build the requisite skill.
Similarly, the training materials I have developed over several years will also be refined and packaged, with a full instructor kit and other supporting material. Authorised users of the training material will also be permitted, subject to certain quality controls, to adapt the material to their own marketplace, especially in terms of language and example cases.
Announcements on the packaged assessment method and training materials will be made as work proceeds through the next few months. If you’d like to be considered as a potential licensee, please do let me know.
While delayed by my tough year, the new book remains totally relevant and observation of the evolving market increases my conviction that an ISO 38500-inspired guide to navigating digital transformation is essential. The book will have significant priority and will definitely emerge before mid-year.
During 2014, a new version of this Australian Standard AS 8016 was published. It focuses the guidance in ISO 38500 on the “build” of IT-enabled business capability and is an excellent companion to ISO 38500. There is now a suggestion that it should be considered for adoption as an ISO standard – just as ISO 38500 is the ISO adoption of the original AS 8015.
There is thus clear justification for development of companion Infonomics products, to provide education in AS 8016 and assessment of the project activities using the standard. From the outset, this material will be developed for use by what I hope will become a global network of specialists using Infonomics IP.
I’ve completed several projects to improve governance of IT since the first release of AS 8015 and its ISO successor. Several of them have involved establishing the management frameworks that enable effective and efficient decision-making while ensuring that the business agenda is firmly in the lead. While there have been differences from one organisation to the next, I think there is now enough experience to justify a new book that sets out a generic implementation model for governance of IT that the ISO 38500 guidance at its core. It may be ambitious, but this is my second major publication goal for 2015.
Having stood on the sidelines for several years, I’ve finally taken the plunge to participate more directly in oversight of the Australian Computer Society, and have been elected to join the Victorian Branch Executive Committee. This role commences on January 1, with a major planning day scheduled for January 17. My focus in joining the committee is embedded in the statement I made as part of the election process:
“Many ACS Members know me for my work on governance of IT. As the original ISO 38500 Project Editor, I have sought to communicate and build on its key messages, including two ACS Education Across the Nation tours (2009 and 2014), several ISO 38500 classes and occasional lectures for ACS Education. This work contributed to my success as 2012 iAwards ICT Professional of the Year.
My ongoing research into digital transformation and digital leadership helps me understand that, because our future is substantially enabled by technology, immense change is being wrought in every field of endeavour. This affects business leaders who must adopt new technology enabled business models as much as it does technology professionals. Navigating the change requires ACS leadership that has deep understanding of both business leadership and technology professional aspects. In this regard, my membership of the Australian Institute of Company Directors complements my ACS membership and helps me play an active role in building effective business/technology engagement for the future.
As an ACS Committee member, my goal is to help grow our engagement with business leaders, so that we can better help them be successful and in turn create better opportunities for us as technology professionals”.
With a new government in place, I hope also to participate in growing the ACS engagement with the government leadership, especially with the new Premier and his ministerial team.
I’m about to exploit one of the benefits of the Digital Era – availability of accessible, easy to use technology at an affordable price. Since 2008, I’ve used Constant Contact as my mailing list engine, but in recent times have become dissatisfied with the tools which, through a series of “improvements” have become less functional. That’s OK – there are plenty of other options. From the first edition in 2015, we will be using a new system.
What more is there to say? Christmas and the New Year are upon us. I wish you and yours all the very best for the season and look forward to our interactions in 2015. Thank you to the many people who have helped me through the year. I look forward to achieving much more with you and others in the coming year.
I will be focusing primarily on farming and home renovation activities from now until January 12, though I will always scan email at least once a day.
19 December 2014.