THE BUSINESS CASE FOR IT GOVERNANCE IN THE AGE OF DIGITAL TRANSFORMATION

Transcription

1 BUILDING SMARTER ORGANIZATIONS: THE BUSINESS CASE FOR IT GOVERNANCE IN THE AGE OF DIGITAL TRANSFORMATION SDI WHITE PAPER SERIES BUILDING SMARTER ORGANIZATIONS It seems that when smart is used in conversations related to information technology, people think of smart devices rather than smart, innovative, and effective organizations. As a national leader in the delivery of information technology planning and services, the SDI Team believes that the business and operational processes underlying IT organizations are fundamental to the larger organization s success. SDI presents this white paper series, curated to share our gained knowledge from hard-won experience and lessons learned over 20 years of serving over 160 local government agencies and utilities SDI Presence LLC 888-YOUR SDI ( ) sdipresence.com SDI Presence S D P R E S E N C L L C

2 SDI WHITE PAPER SERIES BUILDING SMARTER ORGANIZATIONS JANUARY 2019 THE MORE THINGS CHANGE, THE MORE THEY STAY THE SAME. - Jean-Baptiste Alphonse Karr 2

3 SDI WHITE PAPER SERIES BUILDING SMARTER ORGANIZATIONS JANUARY 2019 INTRODUCTION With the adoption of browser-based technologies, mobility and Bring Your Own Device, and the rapid maturation of the cloud as the vehicle of choice for the delivery of IT services, the role of information technology organizations has changed dramatically. Whereas information technology organizations were previously responsible for implementing and maintaining infrastructure and applications, these same organizations must now manage diverse portfolios of external (usually cloud-based) services in addition to legacy, on-premise departmental services. As with prior transformations in information technology, this transformation necessitates changes in how organizations govern information technology as well as how they manage and deliver IT services. One part of the challenge is that the arrival of cloud-based services has not only given users more alternatives, but the velocity of change has also increased. Departments can quickly sign up for and access cloud-based services with little change to the organization s IT infrastructure other than an increased consumption of bandwidth. This agility often comes at a price including the costs to eventually exit the service as well as the security of the information stored somewhere in the cloud. SDI s management consultants have found that another part of the challenge facing organizations in this rapidlyevolving environment is that many of them have ad-hoc approaches to IT governance that are driven by immediate concerns rather than long-term strategy. In the absence of a long-term vision for the use of information technology, making informed decisions regarding information technology expenditures (i.e., where to spend money and to allocate resources, when, and on what) has become very difficult. Writing in the dawn of the digital age - leading IT research firm Gartner noted in a Strategic Analysis Report that: Organizations that align their IT strategies with their overall strategic business objectives obtain greater value [measured in terms of the return for their investments in information technology] than those that do not. Organizations that integrate IT planning and business planning under a common framework do better still. These observations made sense then, and remain relevant today. 3

4 SDI WHITE PAPER SERIES BUILDING SMARTER ORGANIZATIONS JANUARY 2019 IT GOVERNANCE CHALLENGES Despite the vital nature of information technology governance, organizations often struggle to establish and maintain it. Part of the problem is that technology is still relatively new compared to the traditional functions of organizations. The need for information technology governance is not ingrained in organizational culture in the same way as budgeting, for example. Just as it is not possible to run an organization without having well-defined procedures for budgeting, information technology governance is vital for organizations that need to obtain the highest possible return for their investment in technology. The challenge is that while budgeting has been around for millennia, IT governance is still a new aspect of organizational life. And while user stakeholders have hard-won competencies in budgeting and operations management, the enterprise use of information technology (although not so much the personal use of IT) is still new to them. SDI is of the opinion that a focused and structured process for information technology governance can help ensure that: IT priorities and funding are aligned with the organization s business goals and objectives (strategic alignment). IT has the resources to protect the organization s information assets (including applications and data) from external and internal actors (cybersecurity). IT is a business enabler and maximizes benefits, particularly with regard to the ability of the organization to leverage its information assets to improve effectiveness; and to better sense and respond to change (performance management and analytics). IT resources are used responsibly (resource management). IT risks are managed appropriately (risk management). IT delivers value to the organization (value delivery). All of these are critical for public-sector executives who find that an increasingly technology-savvy public expects the same level of seamless digital services from government agencies as they do from the private sector using any device, anytime, anywhere. Critics often complain that IT governance stifles organizational agility. However, the reality is that the converse is true: IT governance enables agility by allowing organizations to allocate their technology resources to the most critical projects, and to keep IT objectives aligned with enteprise business objectives and priorities. This is particularly critical for larger organizations that tend to be siloed. In the course of conducting a planning session for a client that had recently implemented an industrystandard ERP product suite, SDI s consultants identified four overlapping procurements seeking the same largescale functionality that was already largely provided by the ERP suite including employee benefit self-service. While it was argued that the software products that the client proposed to purchase were a better fit, the client had not considered the costs and effort involved to establish and maintain processes to exchange information between the proposed software products and the ERP suite or the barriers that separate data repositories would present to the development of real-time analytics and queries. 4

5 SDI WHITE PAPER SERIES BUILDING SMARTER ORGANIZATIONS JANUARY 2019 The key difference in a collaborative IT governance process is that the stakeholders - not the IT organization - are responsible for the success of IT projects. As a result, more often than not, obstacles are overcome and projects succeed. IMPLEMENTING AN EFFECTIVE PROCESS FOR IT GOVERNANCE In the past, IT governance efforts were often led by the IT organization in an attempt to reconcile disparate organizational priorities and to marshal support for initiatives that the IT organization itself was sponsoring. These governance efforts led by IT organizations had limited success prior to the era of digital transformation. But once IT became integral to the delivery of business services, the need to align IT strategy with business strategy necessitated a collaborative IT governance led by the business stakeholders (and thus driven by business priorities rather than IT s relentless hype cycle). This is critical since in the absence of a collaborative IT governance process that is led by business stakeholders. Decisions regarding IT directions and priorities can be inconsistent leading to the diversion of resources from long-term IT projects; additional costs; delays; false starts; the adoption of applications and technologies that seem promising at first but that are dead-ends; and disagreement between functional units as to the allocation of scarce resources. An ad-hoc process also makes it difficult to ensure the alignment of technology plans and priorities with long-term goals. Lack of business-driven IT governance has consequences for high-value activities such as promoting information sharing and business resilience (particularly cybersecurity). Organizations that lack a collaborative process for IT governance will find that the benefits are elusive and that the commitment of user stakeholders to the process will wane over time. There is a win in this for the IT organization since effective IT governance enables the IT organization to act as a change agent, rather than as a regulator telling user-stakeholders what they can and can t do. The following SDI-designed Sample Structure for Effective IT Governance provides a best-practice organizational framework for the implementation of effective programs for IT Governance: 5

6 SDI WHITE PAPER SERIES BUILDING SMARTER ORGANIZATIONS JANUARY 2019 SAMPLE STRUCTURE FOR EFFECTIVE IT GOVERNANCE External Stakeholders Policy Makers Chief Executive User Stakeholders Chief Information Officer IT Governance Committee IT Organization Project Management Office (PMO) Steering Committees The SDI professional services team comprised of former CIO and industry thought-leaders with over 30 years of IT consulting experience, offers the following best practices for standing up effective IT governance in today s digital environment: Locate the IT governance committee at the highest possible level of the organization, ideally operating under the sponsorship of the organization s chief executive. Incorporate IT governance into the agenda of an existing meeting for user stakeholders, to ensure inclusion and awareness. Develop a formal charter for the IT governance committee that defines membership and responsibilities to ensure that the governance effort is sustainable. Ingrain IT governance into the culture of the organization. Keeping in mind that an enterprise approach to IT governance will be new, and likely uncomfortable to many of the participants, organizations should take proactive steps to periodically reinforce the need for IT governance, and use the IT governance committee to create what change management experts have termed a coalition for change in the enterprise. Establish steering committees, as needed, to handle more tactical / specialized issues and to report back to the IT governance committees. This ensures that stakeholders are not burdened by being asked to deal with issues that should not require their attention. Provide staff support for the IT governance committee. This can often be provided by the IT organization s project management office (PMO) or staff members who can provide equivalent services (i.e., developing project cost and resource estimates, tracking issues, and tracking project status). Develop and maintain an IT strategic plan that aligns the IT agenda with business priorities and directions to provide a baseline for IT governance. This enables larger organizations to better integrate the activities of siloed business units. The IT strategic plan should be supported by application and project portfolios that the organization should manage in much the same way as a financial portfolio to support the development of decisions on what to invest in, what to hold, and what to dispose of. One last thought about IT governance. The late New York Yankee manager and catcher, Yogi Berra, is reputed to have said that, if you don t know where you re going, how will you know when you get there? which is as good an insight as any to conclude this white paper. 6

7 SDI consultants have assisted over 80 California local government agencies and special districts with IT governance advisory services, to enable their organizations long-term business strategies and leverage technology innovation. Contact Terry Hackelman at to discuss how the SDI Team can assist your organization. ABOUT THE AUTHOR Mike Stein Managing Consultant SDI Presence LLC Mr. Stein is a highly experienced management and technology consultant with more than four decades of experience in the public sector, the telecommunications industry and commercial banking. His career has been focused on helping organizations implement complex technology solutions and effectively utilize technology to solve business problems through business process re-engineering, IT strategic planning, procurement assistance, definition of requirements, and project management. In recent years, he has been primarily engaged in facilitating the development of IT strategies, assisting agencies in the implementation of Commercial-Off- The-Shelf systems, in finding effective ways to exchange information, and in improving internal processes. Prior to joining SDI Presence, he served as a Managing Director for Intelligent Directions Consulting; as a Team Leader, Public Safety and Justice for Gartner (formerly Gartner Group); as a Solutions Director, Information Services Group (ISG), Unisys Corporation; as a Senior Manager at Deloitte & Touche; and as an Assistant Division Chief/Division Chief for the Los Angeles Judicial District, Municipal Courts of California, and the Administratively Unified Courts, County of Los Angeles. When not working, Mike is an avid cyclist, photographer, and model railroader. S D I P R E S E N C E L L C

8 S D I P R E S E N C E L L C SDI Presence LLC is an IT managed services provider (MSP) and consultancy that leverages its strong team presence to provide industry-leading IT services while advancing our clients to a secure digital enterprise. With a 20-year corporate resume, SDI delivers strategic managed services, IT consulting, and hybrid infrastructure solutions to optimize our clients technology environments. SDI is a certified Minority Business Enterprise (MBE), with a portfolio of clients that includes some of the nation s largest airports, utilities, commercial real estate portfolios, and government agencies. SDI delivers a deep technical presence through a local delivery model to achieve customer confidence and success. Visit us at and connect with us on LinkedIn, Twitter and Instagram SDI Presence LLC 888-YOUR SDI ( ) sdipresence.com