Corporate Governance is about effective end-to-end knowledge and control of the enterprise. IT Governance is a subset of Corporate Governance which provides the context and communication for understanding an enterprise’s business rules and how they are best supported by operational assets. In order to execute overall corporate strategy and ensure tactical best practices, the ability to continuously and competently assess the strengths, weaknesses, opportunities, and threats to the organization will be baked into corporate values.
It is no surprise that most executives still suffer from a daily lack of visibility into business operations, especially those surrounding Information technology and related infrastructure expenditures. Even a limited understanding of how IT can better serve the business, spotting opportunities for better alignment of IT with business strategy, remains elusive. Some IT organizations have found that less than half of their ongoing projects have a direct correlation to a vital business objective. Recent polls of CIOs and business executives continue to reveal that aligning the goals of IT and the business is still a top priority. It is now realized that the alignment of IT and business begins and ends with policy and best practices that are rooted in governance. Alignment of IT strategy and business strategy will be the byproduct of having strong IT Governance structures and processes that have matured to a level where they are considered to be part of the corporate culture. However, real life shows that little progress has been made in this area, that many organizations remain mired in a non-matured or initial phase of strategy alignment, if there is any implementation effort at all.
A solid IT Governance dashboard should start out with clearly defined and measurable goals. From a high-level, the most critical will be as follows:
- The alignment of IT with the business in order to better assist in strategic objectives
- The delivery of value by IT to all supported business units
- The management and mitigation of IT and business-related risks
Specific value propositions or value missions should be thought of in terms of helping mature critical areas of the business through the dashboarding of governance. Some of the most common of these will be:
- Demand Management: to improve IT-Business service levels
- Risk Management: to assess and mitigate all classifications or risk
- Business Continuity: to assure uninterrupted business operations under any condition
- Compliance Management: to increase support and accountability in regulatory issues
- Portfolio Management: to drive consensus about what investments best suit the business
- Business Intelligence: to empower with strategic, customized, and actionable knowledge
Using industry best practices in service management and standardized governance methodologies and frameworks such as ITIL, Control Objectives for Information and related Technology (COBIT), and CPR, dashboards should help clients architect solutions and best practices tailored to their unique business objectives and regulatory environment. In Corporate Governance there is no such thing as one-size-fits-all continual expertise will be needed in integrating new or existing vendor tools and software as appropriate; striving to combine top-down planning with bottom-up execution. The execution of a well-balanced IT Governance policy should enhance business profit and value delivery while helping to greatly mitigate a multitude of IT and business risks. This strategic alignment will be made possible through best practices in methodology, measures, and knowledge.
Methodology. Cutting edge best practices and standards such as CPR, COSO, COBIT, ISO, ITIL, and more.
Measures. Balanced Scorecarding based on industry accepted standards and performance indicators for such things as process, policy, data, and service levels: What is not defined cannot be managed; what is not managed cannot be measured; what is not measured cannot be improved!
Knowledge. Complete stewardship and best practices around all “asset classes” of enterprise information—from vanilla data, to intellectual property, to business rules, to unstructured knowledge.
Successful companies must cultivate a better understanding of how IT can enable business objectives and reduce all dimensions of risk around the enterprise: Successful companies have IT Governance integrated into their corporate core values through the use of cutting edge governance dashboards. Aligning IT and business strategy is the most fundamental factor that must be addressed in order to secure high levels of return on IT investments, assure business continuity, improve worker productivity, and reduce external and internal threats to operations, reputation, and company portfolios.
IT Governance is about optimizing investments in information technology. The practice of IT Governance should not be a collection of loosely connected tactical “governance silos” that are uncoordinated and unaligned—created as a reactive mechanism to address a particular regulatory need or business continuity crisis. These one-dimensional implementations will eventually result in operational redundancies and poor functional transparency. Governance is a holistic paradigm by nature, its far-reaching tentacles of policy and process must often be managed from a centralized intelligent dashboard architecture. Keep in mind that the path to success for governance dashboards is a long one and a robust road map is a necessity.
Effective IT Governance relies on alignment—making sure that IT and the business are working hand-in-hand and that the organization is continually focused on the right priorities and projects that create value to all stakeholders; that change is properly managed and documented; that compliance is robust; that service levels are constantly and iteratively maintained and enhanced. While general governance policy, structure, and processes should drive accountability and value innovation, IT Governance assures that IT is run “as a business”—as a service provider and enabler—not just a cost center. For many companies, IT Governance is seen as a one-time internal auditing event with no long lasting or continuous controls. It is time for organizations to start making better formal commitments to IT Governance via an integrated and accountable dashboard approach.
When the business and IT are aligned, there is consensus on how organizational units will work with one another (service agreements), facilitating knowledge based collaboration and communication.
A governance dashboard empowers people to make informed and ethical decisions (both tactical and strategic) by working within a flexible framework of measurements, policies and control mechanisms which protect the decision makers against known areas of unacceptable risk. Dashboards will enforce consistency in the audit process and future risk mitigation, ensuring that the audit approach is inline with regulatory guidelines, and concepts of risk control and vulnerability assessment. Because of increased scrutiny and regulations worldwide, companies are required to incorporate new thinking regarding the importance of controls into its existing business model. Governance dashboards aid senior management and IT in speaking the same language (semantic consistency) in order to better work toward strategic goals that have become more dynamic and mutable. The trick is to make sure that the governance dashboard is a key driver in building consensus among varied departments (and unique cultures) by centralizing audit controls and risk mitigation practices. This may be done via a combination of project scoring, portfolio management budget alignment, and beyond. The bottom line is that a well executed governance dashboard will help focus on improving communications and teamwork between IT’s tactical customers and the overall strategic plan of the company.
Not implementing proper governance controls via a dashboard can result in dire problems for an organization. An IT governance dashboard will be a critical element in ensuring proper control over corporate information and the systems that create, store, manipulate and retrieve the data on which the enterprise runs—in order to proactively spot all dimensions of risk and assess the current state of operations and assets at multiple levels and from multiple dimensions.
Copyright 2008 - Dashboard Insight - All rights reserved.