Rethink Your IT Governance Models: Wise Governance

Governance. Still an ugly, shiver-inducing word for most. In my previous blog post in this series, I did some level-setting on where IT governance came from, its goals, and how analyst firms like Gartner currently define it. Shining some light on the background, goals, and failures of governance should make it less of an organizational bogeyman.

Despite the failures of formal IT governance models, governance can still be crucial in driving real business value. It can be the means by which organizations unleash digital technology with confidence. In today’s world, digital technology is the engine that allows us to remain competitive, or better yet, disruptive. Enabling organizations to harness digital technology without getting in their own way should be the job of those implementing IT governance. Because formal models of IT governance have failed us, it’s time to clearly rethink it.

How should we change our thinking? The most effective approach is to go back to basics. In my last post, I talked about the real goals of IT governance. The true why behind all of the framework and structure:

  1. Assure that IT is being used to generate business value
  2. Oversee management’s performance
  3. Mitigate the risks associated with using IT

Your approach to IT governance should be as clear and concise as the above-stated goals, focusing upward towards decision makers rather than towards the doers in the trenches. You should strive for simplicity so that whatever IT governance program that you deliver is easily executable and understandable no matter the complexity of your organization. Adhering to these three goals will drive the outcomes you ultimately want. I call this approach Wise governance. With this change in thinking, we can start to get a picture of what Wise IT governance models look like.

What should wise IT governance models look like?

Again, the goals of IT governance are clear and concise, but how you deliver on them is based on the needs of a given organization. A toy manufacturer desirous of making more toys is going to have a vastly different governance model than an insurance company trying to retain more customers. So it makes sense to have different IT Governance models for different organizations. There might be overlap in needs from organization to organization, but one size definitely should not be made to fit all.

This is the first conclusion:  Wise IT governance models should be tailored for a specific organization.

Thinking deeper, it becomes obvious that while achieving these goals are relevant for every IT undertaking within an organization, how we achieve these goals would differ initiative to initiative. For example, ensuring the business value outcomes of a high performance computing initiative would be different than, say, creating a customer portal to enhance customer experience. It isn’t hard to see how management performance oversight and IT risk mitigation would look different per initiative as well.

Organization to organization and initiative to initiative, a one-size-fits-all approach to governing IT initiatives is a recipe for disaster: Shadow IT proliferation, compliance and regulation dereliction, and messy architectures.

This leads to our second conclusion:  Wise IT governance models should also be tailored to the specific program or initiative it is governing.

That one-size-fits-all approach serves only as a stranglehold on your company.

Lastly, to keep with the theme of concise clarity, the purpose of a given initiative, and how IT governance goals are met within the initiative should be explicitly spelled out as simply as possible. For example, the core mission of a low-code initiative could be: Empower our entire organization, business and IT, to co-create and streamline the execution of innovative, high quality solutions that achieve business goals.

Concise clarity should extend beyond the core mission of the initiative, but also the specific parts of the goals of IT governance. It is important to clearly define how business value is measured (e.g. additional one-time and recurring net revenue, OPEX reduction percent, and productivity improvement for exempt workers), how management should behave (e.g. process efficiencies, guidelines for decision making, hiring and role priorities, org structure expectations, etc.), and how risks will be mitigated (e.g. security and information classification adherence, red-tape removal, portfolio management & quality expectations, etc.) within that initiative. In fact, every part of an IT governance model should be in service of those goals.

Thus, our third conclusion: Wise IT governance models are explicit and concise in the purpose of the IT initiative they are governing, how value is measured, how management should behave, and how risks are mitigated.

The name of the governance game: Clear and concise

To avoid the failures of formal IT governance definitions and models, we need to change our thinking by focusing on the clear and concise goals of IT governance. Doing so will help us build IT Governance models that are easily understandable and executable. Or, simply stated in another way: they are wise. Wise IT governance models are intended to drive outcomes, not impede them, and because of this, they should be tailored for each organization, and specific initiatives within that organization. Furthermore, Wise IT governance models need to be explicit about the purpose of a given initiative as well as how value is defined and measured.

Good IT governance
Clear and concise governance goals support your organization.

In my next blog, I will show how you can start applying this change in thinking, and I’ll provide a high-level picture of what good looks like in building actual Wise IT governance models. You can also check out our guide on how to start re-framing your governance models by clicking the banner below.