It takes strategic and systematic thinking and holistic IT governance approach in running an Agile IT.
Digital IT is permeating into the very fabric or core processes in modern organizations, thus, IT governance is crucial to steer business toward the right direction and make effective business decisions. However, what is the best approach to begin implementing formal IT Governance specifically aimed at improving the quality of demand? How can the “competition” for finite dollars be structured so that the end game, best benefit for the enterprise, is achieved? How much of a decision making body (vs. advisory or discussion forum) is the IT Steering Committee (ITSC) and how do they make those decisions? How does one keep the ITSC focused on WHAT IT should work on and not HOW IT accomplishes it (“If IT was more efficient at keeping the lights on, you could have more dollars to spend on new things”)?
Starting with the Board sponsorship: Make the recognition by the BoD and officer team that the IT dollars are enterprise resource and are finite, and must be leveraged to the benefit of the enterprise. IT governance’s purpose is to facilitate all business units in competing for the dollars based on benefit to the enterprise.Begin with the CIO identifying every component of cost associated with “keeping the lights on”, then the current approved projects by title, executive sponsor, budget, schedule and resources dedicated to each project.
Categorization and prioritization: There is no reason the executive team shouldn’t be completely aware of where and how IT assets are being deployed. Next in exactly the same format, show the requested projects for which there are no resources in the current budget. Informally the resources can be bucketed under the run, grow, transform category at the broad organization level. This will help the organization keep a tab on the type of the expenditure and ensure that a significant portion of the resource is used to create new capabilities which help business transformation. Now the CIO asks the senior executive team and officer of IT steering committee what they’d like him/her to do, he/she has to keep explaining what they are doing to make operations more efficient, outside consultants, benchmarks etc. The CIO’s willingness to do anything to improve IT performance usually puts more pressure on the justifications the other officers are offering.
Holistic governance approach: Each Organization is different; hence IT governance should be looked more holistically in an enterprise, Try out the approach with following steps:
(1). Understand the operating style of organization. Who holds the decision making power, Is it with the CEO, Board, CFO, PE Investors or someone else. Know what view each of the CXO roles has on organization priorities and the role they consider IT has in the organization.
(2) Assess IT performance. This should give a clear idea about the maturity of IT function (Sourcing Unit, Order Taker, Solution Provider, Innovation Partner) – A CXO survey could help at this stage.
(3) Identify IT pain point: By Now some pain points from IT would have surfaced (Delayed Projects, Cost Overrun, No Innovation, No business involvement, Rogue IT – Every organization will have some quandaries with IT).
(4) Formal governance domains: Once the ground is firmed up, a formal IT Governance can be established – Consider following governance can be around:
a. IT Operations – Service Catalog , SLA
b. Business Management- Projects, Innovation, Demand
c. Sourcing ,Vendor Management and Control
d. Organization Structure, Learning, Leadership Development
e. Data, Process , Architecture etc
f. Security and Compliance – Information Security, Risk and Compliance
(5) Governance practices: Pick what is most relevant to gain trust of leaders, execution approach could consider following in any order what works best for your organization:
a. Newsletters – Issue Newsletters, Broadcasting good and bad about IT, This could be about ROI of IT, Project delays, Benefits Realization etc.
b. Gamification – Create IT scorecards and benchmarking performance of business units on IT benchmarks to generate a spirit of competition.
c. Decision Entities – Implement Delegation of Authority for IT, This way all the decisions are not cascaded up to IT Steering Committee. Let the Project Manager and Business Manager resolve some things at their own level.
d. Audits – While no one likes them, however, sometimes they just help in drawing attention to CXO’s ears. Partner with the Audit team and explore how they can help.
e. End to End Demand Management Process – Implement an end to end Demand management process which takes care of new project validation, business case approval, project development and design, user training and rollout, user adoption and change management and benefits realization.
(6). The best approach for IT governance has been the one which has aligned the framework approach with
a. maturity of IT function and the expectations business leaders have from IT
b.immediate and long term priorities of organization
c. ways of working, political equations among key leaders and decision making approach in the organization.
IT management and IT governance are interdependent disciplines. The purpose of IT management is to optimize IT resource and catalyze business growth; the goal of IT governance is to ensure making the right decisions and running an effective and agile IT.
Every business is prone to risk is everyday operations. Risks can be analyzed through scenario analysis, which involves the study of possible future happenings. The approach places risk into three probabilities; the probability of the occurrence, the probable loop holes and the probable impact.
Risk management is the act of identifying the potential risks and developing strategies to decrease their chances or eliminating them altogether. Here’s a list of the possible risks that a business can face.
1. Health and safety
There are health and safety risks for all businesses. For example, a customer or an employee can slip on a wet floor. An employee with an infected disease can prevent harm to the co-workers, and an overtime shift of employees can lead to headaches. Therefore, risk management is important for every type of business.
2. Financial risks
Financial risks are mostly faced by financial institutions. According to J.P Morgan, one of the major reasons of sub-prime mortgage crises was poor risk management. Small and large companies are at a risk of client confidence, bankruptcy and dissolution of the business. These financial risks can be avoided through a sound strategy.
3. Legal risks
Legal risks are present for any business, and they can expose the business to big financial penalties. Arthur Andersen, the accountancy firm, lost the trust of its clients and investors due to the Enron debacle. Many partners and employees also resigned.
Businesses may be overwhelmed as all risks are a priority. So how does a business owner manage all the risks taking into consideration the budgetary constraints? The idle solution lies in enterprise risk management, which is a holistic risk management solution. Professional risk management strategies are also available for businesses such as LexisNexis risk management. All risk management solutions and strategies include these 3 processes.
1. Identification and assessment of risks
After taking the service of a professional company, the senior authorities have to agree to the process. It’s importance to identify those risks for the organization that are talked about but not documented. Identification will require carrying out different processes and activities such as holding workshops and meetings among employees and management. This will allow for the input of those who may have documented variety of risks.
2. Creating a strategy
After the risk has been identified, a strategy is going to be required. Enterprise diversification strategy requires creating backups in perfect correlation. Risks will also be prioritized depending on the extent of harm they can cause during strategic planning.
3. Regular reviews
Risk management needs to be a long term process with frequent reviews of the strategy designed to reduce or eliminate the risks. Through regular reviews, the risk management company and business can find out whether the strategy needs to be revised or not. It’s also important for businesses to consider it as a part or the overall planning and decision-making.
Risk management can have a positive effect on the overall image of the company. It also improves the decision-making process and leads to the efficient use of resources, leading to higher revenue in the long run.