In the last issue of MIS I argued we need to make business owners accountable for what have traditionally been called ‘IT projects’, which I prefer to think of as IT components of business projects. That, of course, implies IT is aligned with and in synch with the business; which, by definition, means every IT project links explicitly to a stated business project or strategic initiative. If you buy that idea, I would be surprised if you would argue with the notion that business owners should be held accountable (or at least jointly accountable) for IT components of their business initiatives.
What we are essentially talking about is a better way to govern and manage IT. To come up with better governance and management models we need to:
Determine those functions per-formed in and around IT;
Determine the best place to house these functions organisationally and hence assign accountabilities and responsibilities;
Implement processes, standards and methodologies by which parties and functions can co-operatively be linked;
Establish appropriate oversight and risk management mechanisms.Traditionally IT has been something of a ‘black box’ (or a black art, depending on your point of view), with business owners feeding their needs in and ‘solutions’ magically popping out the other end. To get better value from the considerable investments we make in IT, we are going to have to pull this black box apart, understand the functions occurring inside it and integrate these functions with the business in an open and transparent manner.
We need to ask ourselves which functions are best housed in the IT shop, which might be better housed in a business unit and, in making these decisions, what are the outcomes we are trying to achieve and the trade-offs we may incur as a result of the housing and accountability choices we make?
There is no single ‘right answer’. Different organisations will see optimal paths enabled by different modes of organisation. The factors driving these modes will typically include size; capabilities; core competencies; contractual obligations (for example, outsourcing); ‘points of pain’; and desire for and ability to change.
What we are talking about is clear demarcation of roles and responsibilities and establishing clear accountabilities for the functions surrounding IT. I have always held the view there is nothing that generates a positive result like being held accountable and knowing your neck is on the line if you screw up! One of the biggest reasons in my experience for ‘IT projects’ going bad comes down to a lack of definition and/or communication of responsibilities.
Whatever organisational mode we choose as our means to better integrate IT functions with the business and establish accountabilities, we will also need some agreement on standards by which IT and business units will work together. What we are talking about here is really agreement on some standard processes and artefacts to enable adequate communication and definition of needs between business units and IT.
In addition, we also need a means to monitor and assert corrective action for projects showing signs of going off the rails. As is the case with modes of organisation there is no single right answer. In addition to the factors that drive organisational modes we must also consider any regulatory and compliance requirements. Some of the oversight and risk management mechanisms often employed include steering committee; project management office; IT governing council; IT user group; and portfolio management techniques.
Everything I have mentioned in this article has a quite simple but subversive underlying message. What I am advocating is the application of discipline, rigour and structure to de-mystify IT and remove the mystique – and perhaps even fear – at the root of some of the poor practices we see today.
Aaron Kumove is managing director of Horizon Consulting.
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.