Transcript IBM Presentations: Smart Planet Template
Shrikant Patil – Senior Advisory Consultant, Strategy & Change 09 January 2009
Applying IT Governance to Enterprise Initiatives : ISACA Bangalore
© 2009 IBM Corporation
2 ISACA Bangalore : Applying IT Governance to Enterprise Initiatives
Learning Objectives
Understand Basic IT Governance Concepts Review Relevant Organizational Constructs and Best Practice Frameworks Discuss Critical Role of IT Governance in Enterprise Initiatives © 2009 IBM Corporation
3
Agenda IT Governance Concepts IT Organization Design Principles Applying IT Governance Case Studies Q&A
© 2009 IBM Corporation
4
Governance Definition
“Governance is process of decision making in the exercise of authority for direction and control” -
G.E.P. Shailer
Implies that – Board knows the strategic direction of the company – Board is responsible for relevant actions and decisions – Board holds ultimate authority over the affairs of the organization – Board is should include oversight and control as part of governance © 2009 IBM Corporation
Components of Enterprise Governance
5
Doing the right way ?
Doing the right things ?
© 2009 IBM Corporation
IT Governance Definitions
It is an integral part of enterprise governance and consists of the
leadership
and
organisational structures
and
processes
that ensure that the organisation’s IT sustains and extends the organisation’s strategies and objectives.
IT governance is the responsibility of the board of directors and executive management
Relationship Mechanisms
Governance (within business units) play catalytic role in implementation of
The distribution of IT decision-making rights and responsibilities among enterprise stakeholders, and the procedures and mechanisms for making and monitoring strategic decisions regarding IT
— Source: Luftman and Brier, 1999; Sambamurthy and Zmud, 2000; Weill, 2004 CISR MIT Sloan
Source : IT Governance Institute 6 © 2009 IBM Corporation
What needs to be addressed within IT Governance?
According to COBIT there are five IT governance focus areas that executive management needs to address to govern IT within their enterprises: Strategic alignment Value delivery Risk management Resource management Performance measurement Source : IT Governance Institute 7 M M easu remen rman t Str ategic Alignm en t
IT
Deli
Domains
Val
Governance
ue Resource Management M M an agemen t t © 2009 IBM Corporation
IT Governance is embedded within Enterprise Governance
Internal Environment – Value Statements : Core beliefs and philosophies that shape the organization’s vision and mission – Guiding Principles : Durable statements that encapsulates the role IT will play and how decisions will be driven in both business and IT organizations Entrustment Framework – Accountability / authority framework across the organisation – Designated decision authorities : individuals or bodies – Organization constructs & functional interrelationships Decision Model & Framework – Clear (transparent) assignment of decisions rights – Sequence of actions and decision path in decision processes Source: Many faces of IT Governance by Nick Robinson CISA, ISACA Journal Volume 1 2007 8 © 2009 IBM Corporation
9
3 Key Questions for IT Governance
1. What decisions must be made ? 2. Who should take these decisions ?
3. How these decisions are made and monitored ?
© 2009 IBM Corporation
MIT CISR Arrangement Matrix
The Governance Arrangements Matrix is used to describe, analyze and communicate an organization’s IT governance The framework uses a set of political governance archetypes for five principle decision domains The matrix also identifies the set of mechanisms used to implement the governance arrangements (eg. committees, approval processes, relationships and organizational structures)
Five Key IT Decisions IT Principles
High level statements about how IT is used in the business
IT Infrastructure Strategies
Strategies for the base foundation of budgeted-for-IT capability (both technical and human), shared throughout the firm as reliable services and centrally coordinated
IT Architecture Business Application Needs IT Investment and Prioritization
An integrated set of technical choices to guide the organization in satisfying business needs Business applications to be acquired or built.
Decisions about how much and where to invest to IT including project approvals and justification techniques
IT Governance Archetypes Business Monarchy IT Monarchy
“C” level executives as a group or individuals Individuals or groups of IT executives.
Feudal IT Duopoly Federal Anarchy
Business unit leaders, Key Process owners, or their delegates IT executives and one other group Shared by “C” level executives and one other business group Each individual user 10 Source: MIT CISR © 2009 IBM Corporation
Governance and Alignment…”Six IT Decisions Your IT People Shouldn’t Make,” HBR – Ross and Weill
1. How much should we spend on IT?
2. Which business processes should receive IT dollars?
3. Which IT capabilities need to be companywide?
4. How good do our IT services really need to be?
5. What security and privacy risks will we accept?
6. Whom do we blame if an IT initiative fails?
© 2009 IBM Corporation 11
For each organization type there are different possible IT decision making mechanisms („archetypes“).
Local IT Management Federal IT Management Central IT Management ...
IT ...
IT ...
Business Line A ..
Business Line B ...
Business Line C
IT IT IT
...
Business Line D
IT
...
Business Line A ..
Business Line B ...
Business Line C
IT IT IT
...
Business Line D
IT
...
Business Line A ..
Business Line B ...
Business Line C ...
Business Line D
Different archetypes of IT decision rights*
Federal IT Management ...
IT Federal IT Management ...
IT Federal IT Management ...
IT Federal IT Management ...
IT ...
Business Line A ..
Business Line B ...
Business Line C ...
Business Line D
IT IT IT IT
...
Business Line A ..
Business Line B ...
Business Line C ...
Business Line D
IT IT IT IT
...
Business Line A ..
Business Line B ...
Business Line C ...
Business Line D
IT IT IT IT
...
Business Line A ..
Business Line B ...
Business Line C ...
Business Line D
IT IT IT IT Business Monarchy IT Monarchy Federal IT Duopoly Business executives make IT decisions.
IT makes IT decisions.
Coordinated decision making including all business units. IT may be involved.
12 Source: IT Governance, P. Weill, Jeanne W. Ross, Harvard Business School Press, 2004 Bilateral agreements between IT and business units.
© 2009 IBM Corporation
Allocation of IT Decision Making Authority across Business & IT Functions
13 Source: Weill & Boradbent 1998 © 2009 IBM Corporation
In most organizations the decision rights are implemented differently, depending on the different IT domains.
Business Monarchy IT Monarchy Federal Often, each IT domain has its own mechanisms to make decisions
IT Domains
14 Source: based on MIT Sloan, Center for Information Systems Research (CISR)
IT Strategy Application architecture System architecture Specialized architecture IT investments IT risk management
IT duopoly
Good Practice 1 Federal IT Monarchy IT Monarchy Federal Federal Business Monarchy
© 2009 IBM Corporation
IT Governance Models
15 Source: Peterson 2000 © 2009 IBM Corporation
Summary : To set direction and make it stick across the organization
IT governance is the responsibility of the board of directors and executive management. It is an
integral part of enterprise governance
and consists of the leadership and organizational structures and processes that
ensure that
the organization’s
IT sustains and extends the organization’s strategies
and objectives.
— Source: The IT Governance Institute
Term used to describe how those persons entrusted with governance of an entity will consider IT in their
supervision, monitoring, control and direction
Southern California
. How IT is applied within the entity will have an immense impact on whether the entity will attain its vision, mission or strategic goals
— Source: Prof. Robert S. Roussey, University of
A structure of control the enterprise in order to achieve the enterprise’s goals by
relationships and processes adding value while balancing risk
to direct and versus return over IT and its processes.
— Source: Cobit Executive Summary
© 2009 IBM Corporation 16
IT Governance Drivers
17
IT Principles & Policies Accountability Framework Processes & Decision Models Strategic Alignment, Risk and Resource Management Performance Management Value Management
• •
Guiding Principles Standards and procedures
• •
Organizational structures & functional interrelationships Individuals or bodies .e.g. committees, boards, empowered to make IT decisions
• •
Sequence of activities and decision paths In line with the number and type of decision
• •
Demand mgmt : ensure alignment / manage portfolio and investments Supply management : provisioning and supply of products and services
• •
Outcome focused – Is IT Function meeting the objectives?
Process focused – Are the IT processes operating effectively
•
Delivery of business value from IT investments
© 2009 IBM Corporation
18
Program Management Office (PMO) types
Temporary PMO
– For achieving specific business benefits – Decision of formation of PMO is taken based on size of the program (most economical for min 30 associates) – Largely Administrative – PMO disbanded post program retirement – E.g. ERP Rollout Program Office
Permanent PMO
– For continuous organizational improvement – Decision is based on the criticality of the objectives – Establishes the best practice framework and rolls out across the organization – E.g. Corporate Program Office, Chairman ’ s Program Office, Office of the CIO (OCIO) © 2009 IBM Corporation
The Office of the CIO (OCIO)
OCIO is Permanent type of PMO 5 % of 2000 CIOs participating in Gartner’s Executive Program (EXP) have OCIO OCIO acts as the mouth piece of centralized IT Provides transparency of IT to business Extremely important step towards Business – IT Alignment Mostly popular in Governments & large distributed organizations The US Departments of Commerce and Agricultural leverage the OCIO – Standardization of IT roles and responsibility execution – Processes application development to help desk support are developed and standardized – This consistency supports stronger and more accurate reporting 19 Strategy planning, lessons learned and financial IT performance are formally reviewed quarterly which is facilitated by the office of the CIO
— Zack Hicks, corporate manager at Toyota's office of the CIO Torrance, California
© 2009 IBM Corporation
20
PMO Within OCIO
© 2009 IBM Corporation
COBIT Framework - Activities and Responsibilities
PO1 RACI Chart Key Activities
1 Link business goals to IT goals 2 Identify critical dependencies and current performance 3 Build IT strategic plan 4 Build IT tactical plans 5 Analyze and manage project and service portfolios C C A C C
C EO
I C C I I
C FO B u si n es s E x ec
A/R
C
R
IO
R C A/R R I A A C C I
B u si n es s S r Mn gm H ea t d O pe ra ti o n C s h ie f A rc h it e ct H ea d D ev e lo pm e n t H ea d IT A dm in P MO
C C C C C C C C I C R C R C C C R C C R C
C A R S
C C I I
Business Executive Business Sr Management Head of Operations Chief Architect or CTO Head of Development Head of IT Admin HR, Fin, etc
21 CARS: Compliance, audit, risk and security (groups with control responsibilities who do not have operational IT responsibilities) Source : ISACA, COBIT © 2009 IBM Corporation
VAL IT Recommended Organization Chart
22 Source : ISACA, Val IT Framework © 2009 IBM Corporation
Role Definitions for VAL IT
23 Source : ISACA, Val IT Framework © 2009 IBM Corporation
VAL IT Framework RACI
24 Source : ISACA, Val IT Framework © 2009 IBM Corporation
Governance of Outsourcing
25 Ref : Capgemini Outsourcing Report © 2009 IBM Corporation
Client-Vendor Engagement : Governance of Outsourcing
26 Ref : Gartner © 2009 IBM Corporation
Why focus on IT Governance?
“Top performing enterprises generate returns on their IT investments up to 40 percent greater than their competitors.”
they clarify business strategies and the role of IT in achieving them they measure and manage the amount spent and value received they assign accountability for changes and decisions required to benefit from IT capabilities they become adept at sharing and reusing IT assets
- IT Governance, Peter Weill & Jeanne W. Ross, HBS Press
“Firms with above average IT governance combined with a specific business strategy (eg. customer intimacy) had >20% higher profits than firms pursuing the same strategy”
Source: 2005 MIT SeeIT/CISR survey (625 firms); Peter Weill & Stephanie Woerner
27
Investors have acknowledged their awareness of importance of governance, demonstrating a willingness to pay premium of up to 20 percent on shares of enterprises known to have a governance framework in place
- McKinsey Report 2000
© 2009 IBM Corporation
Applying IT Governance to Enterprise Initiatives
Strategy Operationalization IT Enabled Enterprise Transformation Program Underlying Organizational Change Management Portfolio / Investment Management Framework Implementations e.g. COBIT, ITIL (IT Control Establishments) Collaborative Innovation 28 © 2009 IBM Corporation
Enterprise Initiatives Classification
Source : W. “ RP ” Raghupathi August 2007/Vol. 50, No. 8 COMMUNICATIONS OF THE ACM 29 © 2009 IBM Corporation
Enterprise Initiatives Landscape
• • •
Portfolio / Investment Management : Stage 1 Framework Implementations e.g. COBIT, ITIL (IT Control Establishments) : Stage 1 & 2 Collaborative Innovation : All Stages
•
Audits & Assessments : All Stages
• •
Strategy Operationalization : Stage 1 & 2
•
IT Enabled Enterprise Transformation Program : All Stages Underlying Organizational Change Management : All Stages
Source : W. “ RP ” Raghupathi August 2007/Vol. 50, No. 8 COMMUNICATIONS OF THE ACM 30 © 2009 IBM Corporation
IT Governance for Enterprise Transformation Programs
31 © 2009 IBM Corporation
Case Study 1 : Manufacturing - Europe
Problem Statement
Global organization with revenue of US$ 9 BN First time in the life span started multi million dollar ERP program and did not succeed in 3 previous attempts Integrations within applications growing out of hand Program Office not established Low awareness and practice of Project Management Methodology Business frustrated due to consistent failures and not supportive of the initiative Processes adequate for managing small project but not sustainable for large programs
Solution Provided
a) Creation of program office b) Program Sponsor to undertake the OCM c) Revalidation of vendor commitment and customized framework for vendor and application evaluation Operationalization plan of IT strategy objectives related to program Mentoring the Program Manager Creation / implementation of Business IT alignment initiatives Establishment of core processes such as risk and quality at the program level Definition of process maturity framework 32 © 2009 IBM Corporation
Case Study 2 : How Org Context Affects the IT Governance
33 Source: Carol V Brown Graduate Business School Indiana University © 2009 IBM Corporation
How Leading firms behave differently
Greater top mgmt commitment to IT More integrated business and IT planning Less political turbulence Higher user satisfaction with IT More experience managing IT
34 © 2009 IBM Corporation
Thank you
Contact Shrikant Patil
Senior Advisory Consultant, IBM India
9620201083
35 © 2009 IBM Corporation