Have you noticed that, suddenly, IT Governance is “on the agenda”? Why is this happening now? Is it something that needs your attention?
In between engagements to help significant organisations make sure that they do have effective IT Governance, I’ve been observing what else is happening in the broad marketplace. There are a lot of mixed and confusing messages out there, and it seems to me that it’s high time we did something about it.
And it’s not just my view. There was a distinct change in tone at the Institute of Company Directors Conference in Perth, in May this year. At the conferences of 2002 and 2003, people I met were politely disinterested in my field of endeavour. At the 2004 conference, there was a tangible interest, and the half day forum dedicated to IT Governance was the first to fill (perhaps it had something to do with the clever allocation of that forum to the Crocodile Farm). But this year, in Perth, although the topic was not on the agenda, many people had a strong desire to know more – to understand what IT Governance is about, and why it is an important matter for top level executives and for boards.
Corporate Governance of IT is not an IT problem – and it’s got very little to do with technology. It’s a corporate governance problem, and should be on the radar for executives and directors, in every organisation, in every sector of endeavour. The Australian Institute of Company Directors thinks it’s important, with IT Governance being a regular topic in the Company Director magazine, at conferences and in briefings.
This letter and the linked materials are written expressly for those who need to be sure that IT is effective, efficient and acceptable. The only technical skill you need is the ability to click your mouse on the hyperlinks – all underlined in blue.
I sincerely hope that you find the material interesting, and useful. Your feedback will be gratefully taken on board.
My aim is to publish this newsletter on a monthly basis, and through it to share information, views and experience about how organisations of all types can be better assured of success in their use of IT as a tool of business. Of necessity, this first edition is all my own work. I hope that future editions will include content from diverse sources.
Mark Toomey
5 August 2005
In this first edition
What is IT Governance all about anyway? The market is full of hype, and it’s easy to become confused, and disillusioned. Here we introduce three compact papers that should help most directors and executives put IT Governance into perspective, and check on how well it happens in their own organisations.
Why is this suddenly important? There are many reasons why proper governance of IT is important, and a vast base of research that explains why. For a different angle, we suggest here that many organisations may be suffering, or are likely to suffer from “The Jim Syndrome”. Is yours one of them?
Sources of further information IT Governance is not a scheme I dreamed up to make me a lot of money – though many other organisations seem to think that’s what it’s about. This section shows you how to find some of the more recent, and relevant writings on the topic – including the new Australian Standard.
Events Of course IT Governance is on the agenda for conferences. Every month, we’ll aim to let you know what’s coming, and whether it’s really likely to be relevant. There are September should see John Thorp speaking at a CEDA lunch in Melbourne, and a half-day conference at Macquarie Graduate School of Management.
The Infonomics Mailing List, SPAM and Privacy For those who may think this material isn’t for them, for those who would like to receive a copy direct, and fro those who are generous enough to give me some feedback, or content for the future.
On May 31st this year, well-known IT commentator Graeme Philipson said in an article entitled “IT Governance from the top” that “IT Governance has no standard definition” and that there was, effectively, no difference between governance and management. I saw this as being typical of the confusion that is being generated in the marketplace by organisations that are climbing on board the IT Governance bandwagon, and making it into the next “Silver Bullet” that will purportedly deliver to us a perfectly functioning IT shop for every enterprise.
In a flurry of correspondence, Graeme and I were able to agree that there is a fundamental distinction between governance and management. To make it straight-forward for all, we agreed that “Governance is the process of setting parameters for, and monitoring the performance of management”.
The discussion with Graeme Philipson overlapped strongly with the questions directors were asking at the Perth Company Directors’ Conference. What seems important right now is that we communicate in a very concise way just what IT Governance is really all about, to as many people as we can. There are many sources of information, but they vary markedly in their outlook, and could easily confuse. So, to complement this newsletter, we have created the Infonomics Executive Brief series. Each Executive Brief is a tight two-pager, written specifically for top-level executives and company directors. The first three are designed to give you a broad perspective on what IT Governance is about, and why it’s something that should be on the agenda for most organisations. We sincerely trust that you find them interesting, useful and worthy of further circulation. They are attached to the email along with this document, or you can download them from the Infonomics web site by clicking the links below.
EB1: IT Governance Definitions Explains what IT Governance is all about – in plain language. It positions the AS8015 definition in relation to suggestions from other authoritative sources.
EB2: AS8015 – What does it mean? Overviews the main points of the new standard, and explains the purpose of the six principles for good corporate governance of IT.
EB3: Profiling your Organisation’s IT Governance gives you a thumbnail self-assessment and checklist, to help you see if your organisation has characteristics of good IT Governance as suggested in AS8015. The results may well surprise many readers.
After nearly half a century of growing investment and increasing dependence on IT to underpin business, the IT industry hit an invisible wall in mid 2000. Investors questioned the unfathomable and, generally, unworkable business models of the “dot com insanity”, and bailed out. At the same time, top level executives and boards took stock of the money that had been spent on overcoming the very real dangers that were embedded in the “Year 2000 problem”, found that they had pulled forward several years worth of investment, and promptly lost appetite for further IT spend. While it didn’t happen everywhere, many organisations cut back to maintenance mode. Big redundancy programs and outsourcing initiatives together decimated the ranks of IT specialists within organisations that may not have realised the long term consequences of these actions.
Now, organisations are resuming investment in IT. The rejuvenated and new systems that were installed just in time for Year 2000 are beginning to show signs of age, and there are also many new opportunities for competitive advantage as businesses have matured and technology has evolved. More than ever, IT initiatives are fundamental and integral elements of business improvement programs, and organisations that are investing need to assure themselves that the process will deliver results, without unacceptable risk.
But in the skills and experience that resulted in mostly safe outcomes as Year 2000 loomed close have, in many cases, gone away. I call this “The Jim Syndrome”. The experienced stalwarts of delivering real business solutions using IT from the last decade have moved on. The IT industry downturn coincided with a generational transition – the baby-boomers who made up the vast body of top-level experience found redundancy a great motivator for a sea-change – typified by the purchase of a solo-operator franchise, such as a “Jim’s Mowing” round. These “Jims” have found that they like their new lifestyle, and they won’t be back.
So, organisations that pulled in the reins during the past five years, and are now investing again, are finding that there are gaps in their knowledge and capability. The Jim’s are gone. Those left behind are younger, perhaps more confident, but perhaps also lacking in bitter experience. They may not know what they don’t know – and there is a significant probability that some of the initiatives they undertake will fail to deliver. If history is any guide, some will fail spectacularly, and some may be so bad as to destroy the organisations that they were supposed to enable.
But it need not be a gloomy picture. Those with limited experience can learn from those who stayed on, and the whole organisation can take a greater responsibility for ensuring that IT based initiatives deliver success. Effective IT Governance is fundamental to sharing that experience, and making sure that every initiative undertaken has the essential ingredients of success.
Much has been written, and said, about IT Governance, and the reasons why it is important. From time to time, we will publish relevant references, along with reviews of some of the more relevant ones.
One starting point for this is AS8015 - The Australian Standard for Corporate Governance of Information and Communication Technology, which can be purchased as a download for $41.18 from SAI Global.
IT Governance: How Top Performers Manage IT Decision Rights for Superior Performance, by Peter Weill and Jeanne Ross (Harvard Business School Press, 2004) presents compelling case study data to underpin the importance of effective IT Governance. I’m still reading this work – and will produce a review in the near future.
The IT Governance Institute provides a range of briefings, and as well as promoting a popular framework for overall control of IT.
The Australian Department of Communications Information Technology and the Arts published a major Australian research study entitled “Achieving value from ICT: key management strategies” in April 2005. This study clearly explains several fundamental pre-requisites for success with IT investment.
The Infonomics web site of course has a range of information, and some may be interested to consider The Directors’ IT Compass, which can be obtained direct from Infonomics.
John Thorp, author of The Information Paradox and Head of the Fujitsu Global Consulting Centre for Strategic Leadership will speak at a CEDA Luncheon in Melbourne on 7 September. His topic: Meeting the Challenge for IT - Enabled Change: A Strategic Governance Approach is absolutely relevant for all concerned with strategic development of any enterprise. John is an engaging and practical speaker, who has vast experience of organisations that depend on and exploit the capabilities of IT for strategic advantage.
BEYOND COMPLIANCE: THE GOVERNANCE OF ICT PROJECTS is a mini-conference planned for mid to late September by Dr. Raymond Young, course convenor and lecturer for the Macquarie University course ITEC844 Strategic Project Management on IT governance. Raymond is a former CIO and management consultant. His recent PhD thesis entitled “Explaining senior management support through IT project governance” forms the basis of a forthcoming Standards Australia handbook: “HB 280 - 2005 IT Project Governance Handbook - Effective Senior Management Approaches”. The content for the proposed conference includes:
· PRO:NED Director, Michael Hadaway, will discuss the future of IT Governance at a board level;
· Infonomics principal Mark Toomey will describe how leading organisations are employing AS8015 to understand better how their organisations tackle the job of IT Governance;
· Laurence Archer chairs the committee developing AS8016, the forthcoming Australian Standard for Corporate Governance of ICT projects. He will present the status and directions of work on development of this companion to AS8015;
· Fujitsu (previously DMR) Consulting Director, Peter Harrison will present case studies of what has actually been achieved in practical benefits realisation and will argue that ‘value management’ may be a useful way of understanding IT Governance;
· Si2 principal John Englaro, notes that time and budget are critical elements IT project governance and the realisation of business benefits. He will explain why project plans are consistently wrong, and what to do about it.
For more information about BEYOND COMPLIANCE: THE GOVERNANCE OF ICT PROJECTS, please contact us.
Nobody likes SPAM – and we don’t either. The Infonomics mailing list complies with the requirements of the Spam Act: 2003, as described in the advice provided in “Spam Act 2003: A practical guide for business” which was published by the National Office for the Information Economy in February 2004. We believe that we have “Inferred Consent” to send you this newsletter because we have obtained your details through direct contact with you in a business context, as a friend, colleague, or client, or through meeting you and exchanging business cards at a legitimate business networking event.
Privacy is a concern to all, and we take our obligations very seriously. Please see out privacy policy.
If you do not wish to receive further correspondence from Infonomics, please unsubscribe here or reply to this email with the word unsubscribe in the subject line.
If you think a friend or colleague would find this newsletter and its attachments useful, please forward it to them, or ask them to subscribe here or by sending us an email requesting subscription to the mailing list.
Did you find the newsletter interesting and useful? What could we do to improve it? Do you have something to say about what Corporate Governance of IT is about, or why it is important? We will be delighted to take on board your feedback and inputs.
