Bus2.0 - Governance of IT

CRICOS #00212KCRICOS #00212K© Raymond Young 2010

Business 2.0 Business and IT fusion

Lecture 7: IT Governance and Standards

Dr Raymond Young (MBA, GAICD) [email protected]

mailto:[email protected]

CRICOS #00212K© Raymond Young 2010

The value of IT GovernanceCIO Wisdom (2004) p124

• ‘soft-infrastructure’ that facilitates decision making– Allows daily operations to function with minimal supervision while

allowing the CIO to focus on strategy and vision– Facilitates communication

• Governance = building consensus– Requires leadership, must be able to make tough decisions and

follow through

• Right governance determined by context– Long term investment– Implement in ‘politically doable’ stages c.f. ‘Tipping point’


Definitions of IT GovernanceSmith (2006) pp54-55

• the process of making decisions about IT – Forester Research• The decision rights and accountability framework for encouraging

desirable behaviour in the use of IT – Weill and Ross• The responsibility of the board of directors and executive

management. It is an integral part of enterprise governance and consists of leadership and organisational structures and processes that ensure that the organisation’s IT sustains and extends the organisations strategies and objectives – ITGI

• The system by which the current and future use of ICT is directed and controlled. It involves evaluating and directing the plans for the use of ICT to support the organisation and monitoring this use to achieve plans. It includes the strategy and policies for using ICT within an organisation – AS8015, ISO38500– C.F. The system by which entities are directed and controlled (AS8000)


Inside the head of top management

Telescope

Governance

Mic

rosc

ope

ProjectsProjects

Strategy

On-timeOn-budget

Inside the head of project managers

Young and Jordan 2008

Lovallo and Kahneman 2003Clegg et al. 1997

Kwak and Anabari 2009?

Mintzberg 1978

? Project Governance? Portfolio Management? Programme Management

Projects Success: On-time On-budget Standish

0%

10%

20%

30%

40%

50%

60%

70%

80%

90%

100%

1994 1996 1998 2000 2002 2004 2006 2009

Successful Challenged Failed

OK

Som

eN

oF

ail

ROI30%

2/3 of projectsdeliver no benefitswhatsoever


Evolution of GovernanceCIO Wisdom (2004) p143

1. No coordination of IT effort

2. Various individuals at independent locations assume the role of managing IT assets (in addition to other duties)

3. An individual is given “official” responsibility for IT assets and activities. May be in multiple locations operating independently.

4. IT managers are allowed to hire resources

5. Autonomous islands of systems and information, and the need to coordinate them are recognised. Often a harmonization project is initiated.

6. The benefits of full coordination are recognised. A director level position is established, responsible for cross company or global activities.


IT Principles IT Architecture

IT Infrastructure

Business application

needs

IT Investments

Business Monarchy

IT Monarchy

Feudal

Federal

IT Duopoly

Input

Decison

Input

Decison

Input

Decison

Input Decison

Input

Decison

IT Governance [structure]Decision Rights in leading organisations – Weill & Ross

1

1 1

1

12

2 2

2

23 3 3 3

3


Governance mechanisms to overcome value leakageWhere most organisations suffer value leakage

Operations Management

Project Management

Program Management

Portfolio Management

Strategy Management

Asset Mngt

Architecture

Ma

nag

em

en

t

Sources: IBM Strategy & Change, Survey of Fortune 1000 CIOs, Fujitsu Australia, John Thorp

15%33%

52%

• Duplication of initiatives

• Applications which don’t fit the business model

• Poorly conceived initiatives (too late, too early, unnecessary)

• Rework (requirements misunderstood)

• Over-engineering (lost sight of reason for change)

• Resouce model not aligned to business need

• Underutilised infrastructure

• Frequent reinvention due to poor architecture alignment

PRINCE2PMP

MSPPgMP

P3M3OPM3

COBIT5(incl ValIT)

ITIL

As many as 75% of IT organisations have little oversight of their project

portfolios and employ non-repeatable, chaotic

planning approaches AMR Research


Mistaken uses of governanceCIO Wisdom (2004) p145

• Strategy vs. Execution– Strategic process: Who decides what is done?– Operational process: how is the strategy executed?

• Throttling– Too much for the CIO ... Learn to use high-level governance

bodies to share prioritisation process

• Hypocrisy– You must be prepared to practice what you preach

• Governance for governance’s sake– “never put anything in a design unless it has a specific reason to

be there”


Major Assignment

• Implementation of an IT Capital Planning and investment management process – Best strategy to infuse technologies into organisations

• Stakeholder analysis• Collaboration / influence strategy• Change leadership

– Governance• Metrics – to measure usefulness of technologies• Strategy to balance portfolio of projects• Governance structures


Business processes

ICT Operations

GovernanceSupport

Changed Business Processes

Changed ICT Operations

Evaluate

InitiateDirect & Monitor

Investment:benefits or terminate?

Strategy/capability: how much change is required?

Investment & Strategy:Benefits / alignment?

Responsibility: Project Sponsor?

Performance & Behaviour:measures and motivation?

67%->40%Business Case

40% ?MSP?

5-23%

33-67%ChangeTracking™

0-13%Benefits Realisation

ITIL, COBITProjects

PMBOK, PRINCE2, etc

Conformance & Behaviour: culture for issues to be raised?

??%

HB280, AS8016, 6Q Governance™


OutputInitiatives

Key Concepts (I)

10-year goals• ↑ economy, ↑ jobs (↑quality)• ↓ crime 5% & ‘feel safer’• ↑ health

– ↓ waiting times (emergency, elective, …)

• ↑ education – ↑ literacy/numeracy– >90% yr 12– ↑ VET participation

• ↑ transport– ↓ commuting times

• ↑ environment– ↓ water usage 15%

Asset Investments

Programs asset investments alone generally will not

lead directly to the realisation of strategic goals


Key Concepts (II)

Efficiency

EffectivenessAny

benefitsBenefits aligned

to strategyRealisation

of strategic goals

Pro

ject

M

an

ag

em

entOn-time

On-budget

Avoidduplication

Products/Outputs

Programme management

Governanceof Programmes

Programme management

Portfoliomanagement

Programme PortfolioManagement

Victorianinvestmentframeworks

Q1. Strategy:Benefits / alignment?

67%->40%

Q2. Strategy/capability: how much change is required?

Q3. Responsibility: Project Sponsor?

5-23%

40%

Q4. Performance & Behaviourmeasures and motivation?

33-67%

Q5. Conformance & Behaviourculture for issues to be raised?

Q6. Monitor:benefits or terminate?

0-13%


Questions & Discussion


Business 2.0 Business and IT fusion

Risk and Reward

Dr Raymond Young (MBA, GAICD) [email protected]

mailto:[email protected]


Risk IdentificationSmith (2006) p202

• Identify Risks

• Prioritise• Strategise

to minimise– Avoid– Transfer– Minimise

Risk Type Internal External

Political Personal agendas cause delays

Regulations affect growth

Cultural Access to data is a threat to fiefdoms

Customers dislike new system

Economic Accounting changes affect financials

Recession impacts donations

Environmental Office relocation impacts data access

Unstable power threatens BCP

Technical

Continuity Virus causes downtime ERP processing errors cause delays

Data integrity Dirty data delay system migration

New system doesn’t match requirements

Change mngt Users don’t accept new ERP system

Training new users impacts staff time


Min Low Med High Extreme

Minimal

Low

Medium

High

Extreme

© UC 2010

Risk Prioritisation


Questions & Discussion

Date post:	16-May-2015
Category:	Business
Upload:	raymond-young
View:	844 times
Download:	1 times