With the rapid evolution of Information Technology (IT) applications, and practices across the organization, appropriate IT Governance (ITG) has become essential to an organization’s success. The use of IT has become pervasive in every facet of the organisations’ endeavours in supporting and evolving each aspect of the business. As IT is associated with risk and value opportunities, a comprehensive, high-level system is required in each organization to minimise the associated risks and optimize value. The fact that the IT value to be achieved due to effective IT governance is related to efficient and cost effective IT delivery, innovation and business impact. This presentation highlights the Critical Success Factors (CSFs) needed for the successful and effective implementation of ITG.
5. What is IT Governance?
5
It is …
The responsibility of the Board and Executive
It consists of …
The Leadership, Organizational Structures, and Processes
To ensure that the enterprise’s IT …
Sustain and extend organizational strategies and objectives
6. Why IT Governance?
6
GEIT Objectives
IT Value Delivery
to the Business
Mitigation of
IT-related risks
▪ Strategic alignment
▪ Resources availability & Mgmt.
▪ Monitoring
7. 7
Enterprise governance is about:
Conformance
Adhering to legislation, internal policies,
audit requirements, etc.
Performance
Improving profitability, efficiency,
effectiveness, growth, etc.
9. IT Governance focus areas
9
IT Governance should focus on these
key areas:
▪ Strategic alignment with business
▪ Value delivery
▪ Risk management
▪ Resource management
▪ Performance measurement
10. Context - IT Governance
10
What is
the
purpose
of IT?
How is IT
managed?
11. 11
IT Governance
"Which skills should be
developed and kept
internal and which
activities should be
outsourced?"
"How should the IT service
portfolio be managed and
controlled from a corporate
perspective?"
"How should BUILD, TRANSFORM,
and RUN be managed? How should
the development process look like?
What are appropriate standards for
delivery (SLAs, availability ...)?
"How are corporate-wide architecture
standards developed and implemented
for the entire organization?"
How is
IT managed?
"How should the IT
organization be structured to
account for local and global
needs?"
"How well are the overall business
strategy and IT strategy aligned?"
What is the
purpose of IT for
the company?
Overall: "How much value
does IT contribute to the
organization?"
Business
and IT
strategy
alignment
IT
architecture
IT planning
and
controlling
IT leader-
ship and
organization Skills
and
sourcing
IT develop-
ment and
delivery
Context - IT Governance
12. IT governance is an integral part of corporate governance and analogously
combines leadership, organizational structures, and processes that ensure
that IT sustains and extends the organization’s strategies and objectives
IT governance provides guidelines, establishes criteria and standards for
decision making, monitoring, measuring, and improving the performance
of IT
IT governance is the responsibility of the executive board and the
executive management (incl. IT) and supports the interaction of all the
organization's parties involved with IT
What?
How?
Who?
12
13. What are the Drivers?
13
Need for new or improved IT governance organization
is usually recognized by:
Pain points / trigger events
Board and executive management should:
▪ Analyze pain points to identify root cause
▪ Look for opportunities during trigger events
14. Typical Pain Points
14
• Failed IT initiatives
• Rising costs
• Perception of low business value
for IT investments
• Significant incidents related to IT
risk (data loss)
• Service delivery problems
• Failure to meet regulatory or
contractual requirements (GDPR)
• Audit findings for poor IT
performance or low service level
15. IT GovernanceTrigger Events
15
▪ Merger, acquisition or divestiture
▪ Shift in the market, economy or competitive position
▪ Change in business operating model or sourcing
arrangements
▪ New regulatory or compliance requirements
▪ Significant technology change or paradigm shift
17. External IT service
providers
Internal IT service providers
(IT organization,
shared services center)
Transparency needed: roles, influence and mandate of each involved party
Board of directors
Central functions
(Corporate strategy,
Accounting,
Controlling, HR ...)
Business units,
subsidiaries,
affiliated companies
Employees,
workers' council Cooperation Regulatory authorities(1)
17
18. Each framework can be deployed in different situations accordingly
ITIL
Business/IT alignmentIT focus
Focus on
operations
Focus on
strategy
BCG
Gartner
Giga Group
COBIT
ISO
27001
ITIL
Company
individual
De facto
standard
IT process
performance controls
and metrics
IT security
management
IT services
management
Structure of
global IT
organizations
KPMG
IBM
IT decision
structures and
processes
Business and
IT strategy
integrated
Business and
IT strategy
alignment
Implementation of
IT governance
using CobiT, ITIL
Content
Primary
objective
18
19. Critical Success Factors (CSF)
19
Limited number (usually between 3 to 8) of characteristics,
conditions, or variables that have a direct and serious impact
on the effectiveness, efficiency, and viability of an
organization, program, or project.
Activities associated with CSF must be performed at the
highest possible level of excellence to achieve the intended
overall objectives. Also called key success factors (KSF) or key
result areas (KRA).
21. 1. Get Executive Sponsorship
21
▪ The higher in the organization
the better. If IT governance is
seen as “optional,” it won’t work.
▪ On the business side, it would
be ideal to have a C-level
executive.
22. 2. Put Resources on the Team
22
▪ Success depends on strong teamwork
and alliances across IT and the
business side.
▪ By exposing both key business-side
and IT users to the system early, you
create champions who carry the story
across the company
Marshmallow Challenge
24. 3. Understand the Problem
24
▪ Aim before you fire. Take the time
to determine where you’re starting
from in the Capability Maturity
Model.
▪ Pick an attainable target to start
with, ideally a particular pain point
that is costing you time and
money.
26. 4. Envision the Solution
26
▪ Think hard about what you want to
accomplish initially. Set goals high, but
don’t make them unattainable—it
demoralizes people.
▪ Make sure your requirements are
clearly defined and universally
understood among all the
stakeholders.
▪ Stick to the original plan once you’ve
adopted it
▪ Focus on process improvement areas.
27. 5. Pick the Right Software for the Right Reasons
27
▪ Recognize that successful IT
governance requires clear,
enforceable processes and
standards.
▪ Think beyond your initial
implementation.
▪ Leverages, best practice frameworks
such as ITIL and CMMi, and
supports such quality issues as Six
Sigma.
28. 6. Take Small Steps
28
▪ Don’t “swing for the fences.”
▪ Training is extremely important.
▪ Take the time to win recalcitrant
users over through
collaborative engagement.
▪ You have to keep moving
forward once you’ve started.
Small steps will get you there,
29. 7. Include Post-Implementation Activities
29
▪ This is one of the most overlooked
parts of the process, though it is
potentially the most important.
▪ Make sure you have developed clear
plans for the transition.
▪ This is a critical time to assess the
effectiveness of your training.
▪ This is also the time to promote the
system on the business side.
▪ Actively ask for feedback.
30. Summary
30
▪ IT Governance is more than just a process-
and-organization recipe
▪ IT Governance is first of all a management
challenge taking into account the enterprise’s
culture.
▪ Recognizing that CSFs are essential for
successful IT Governance
▪ It is a long Journey …
31. 31
Where there is poor
organizational governance
practice in place, it will be
difficult to implement good IT
and information practice that
delivers consistent quality
deliverables.
Alison Holt