This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
IT Governance: Sound Management Practices that Deliver Results
Corporate Governance Defined
• Governance derives from the Latin word “gubernare” relating to the rudder and steering of a ship
• "Corporate Governance is concerned with holding the balance between economic and social goals and between individual and communal goals. The corporate governance framework is there to encourage the efficient use of resources and equally to require accountability for the stewardship of those resources. The aim is to align as nearly as possible the interests of individuals, corporations and society." -- Adrian Cadbury in “Global Corporate Governance Forum”, World Bank
• “Corporate governance is the set of processes, customs, policies, laws and institutions affecting the way a corporation is directed, administered or controlled. Corporate governance also includes the relationships among the many players involved (the stakeholders) and the goals for which the corporation is governed. The principal players are the shareholders, management and the board of directors. Other stakeholders include employees, suppliers, customers, banks and other lenders, regulators, the environment and the community at large.” – Wikipedia
IT Governance: Sound Management Practices that Deliver Results
IT Governance
• “The overall objective of IT governance, therefore, is to understand the issues and the strategic importance of IT, so that the enterprise can sustain its operations and implement the strategies required to extend its activities into the future. IT governance aims at ensuring that expectations for IT are met and IT risks are mitigated.” – IT Governance Institute’s “Board Briefing on IT Governance”
• It arose from a lack of discussions about IT at the Board and strategy levels
– Often times IT is only discussed with capital is needed– Organizations that had strategic IT discussions at the Board level outperformed
competitors over the past five years – AT Kearney– The management of IT should be no different than any other functional area.
• In short, IT Governance outside of the Board level is really concerned about sound management and not governance per se
IT Governance: Sound Management Practices that Deliver Results
Theory of Constraints• Dr. Eliyahu Goldratt – Israeli Physicist• Organizations are systems of business units assembled to achieve a goal• If there isn’t a goal, there isn’t a system• Throughput accounting
– Inventory is money tied up in the system– Operating Expenses are monies consumed creating units of the goal– Throughput is the conversion of units of inventory into units of the goal– We want systems that improve throughput while driving down inventory and operating expenses
• Constraints are what inhibit attainment of the goal• We want to identify constraints and then act to drive them down to increases
systemic throughput• Need to recognize that we are dealing with a system and focus on system
throughput – not just local optimizations• If we can’t relate activities to the goal, then why are we performing the activities?
• Resource– Domenico Lepore and Oded Cohen. “Deming and Goldratt – The Theory of Constraints and the
System of Profound Knowledge”. North River Press. 1999.– Eliyahu Goldratt. “Beyond the Goal: Eliyahu Goldratt Speaks on the Theory of Constraints”. Coach
IT Governance: Sound Management Practices that Deliver Results
Quality Management
• Quality means conformance to requirements – Phil Cosby
• This means– IT must understand the customer’s requirements– IT must meet the customer’s requirements– This assumes that the customer and IT understand the
goals of the organization and how functional area objectives support them
• After WWII in Japan, Ishikawa used to tell the people on the manufacturing line that the people in the next step were their customer
IT Governance: Sound Management Practices that Deliver Results
Business IT Alignment (BITA)
• Need the business engaged with IT and not just IT in a vacuum• “Technology Pull” vs. “Technology Push”• IT Service Management – services that meet customer
requirements both today and in the future• Primus inter pares
– “First among equals” – IT and other managers working together– IT may know the technology but the business knows the business even
better– IT and the business must leverage each others’ strengths and
compensate for each others’ weaknesses– Requires dialogue, regular meetings, … and lots of hard work!– Roles & responsibilities must be understood
• It can’t just be IT – this is an organizational culture issue• Who better than logistics to argue for a new IT logistics service with IT
IT Governance: Sound Management Practices that Deliver Results
Strategic Planning
• IT and the business must work together to accomplish objectives
• IT needs to understand strategic plans in order to support the business and the business must understand IT’s capabilities
• IT projects and resulting services are costly and can impact the quality of business services rendered – they need proper planning– No different than planning for new production plants
• Recognition of IT value, not just cost• Board level IT strategy committee
IT Governance: Sound Management Practices that Deliver Results
Service Development Lifecycle
• Quality standards around development projects– Requirements definition– Coding standards– Testing– Identification of best practices– Migration to production– Documentation– Evidentiary requirements– Roles and responsibilities
• Resource– Carnegie Mellon’s Capability Maturing Model Integrated (CMMI)– Google
IT Governance: Sound Management Practices that Deliver Results
Project Management
• 29% of projects delivered on-time with expected features, 53% were challenged and 18% outright failed1
• The majority of the causal factors are non-technical including:– Lack of project planning– Poor requirements definition– Correct stakeholders not involved, or not involved early enough– Poor communications– Insufficient management oversight
• Resources– PMI’s Project Management Body of Knowledge (PM-BOK)– Projects in Controlled Environments Version Two (PRINCE2)– Google
1. “Third Quarter 2004 CHAOS Report”. The Standish Group.
IT Governance: Sound Management Practices that Deliver Results
Internal Audit
• Dr. Deming eschewed the Shewhart cycle of Plan-Do-Check-Act
• Audit plays an important role in organizations by performing a facet of the “check” function– Ethics– Regulatory Compliance– Process Compliance– Control and Process Improvement Opportunities
• Resources– The Institute of Internal Auditors (The IIA)– Information Systems Audit and Control Association (ISACA)