Getting a Foot in the IT Governance Door

Ann All

Earlier this month I wrote a post about how compromise is at the heart of IT governance, with both IT organizations and business executives working together to ensure IT projects are prioritized in order of importance to achieving a company's overall business goals. In my post, I included some tips from O'Reilly Media CIO Jonathan Reichental and Alan Calder, author of several books on IT governance.


Most of their tips, however, apply to companies where both IT and the business have already agreed upon the value of a solid IT governance structure. Unfortunately, some IT organizations either lack buy-in from business executives or find themselves working with executives who agree on governance's importance in theory but have a hard time sticking to the necessary structure in practice.


For those organizations, I found some helpful tips from John F. Bauer III on the Midwest IT Survival blog.


Bauer also provides a compelling list as to why governance is necessary. The list may or may not help convince reluctant business users of the value of governance, but it's worth a try. Without a good governance program, Bauer says:

  • IT may end up opting for less-than-optimal technologies to meet all of the conflicting deadlines.
  • Without collaborative discussions on business requirements (a key part of governance activities), IT will inevitably find itself playing catch-up and adding requirements that were overlooked.
  • Putting out fires leaves no time for more strategic activities. Without governance, IT will almost certainly end up spending more time than it should simply putting out fires.
  • Many requests will never be completely filled, as IT moves to the next, hot request.


Bauer offers four tips. His first one is to leverage a formal chargeback model to "ensure there is full accountability and recordability for all business-requested IT work." Not everyone agrees chargeback is a good idea, however. In comments on Bauer's post, CTO/CIO Perspectives blogger Peter Kretzman suggests chargeback should be "a last recourse."


(In June, I shared the story of a CIO who installed software that helped track IT costs and then sent business heads "bills" that showed what they would pay for IT services if they were being charged for them. This might be a better way than formal chargeback of making IT spending more transparent and giving users incentives to identify and eliminate wasteful spending.)


With that in mind, it makes sense to use Bauer's three other tips-in the order presented, as each builds on the previous idea-before introducing chargeback:

  • Ask lots of questions before beginning work on any request. This should help determine the reasons for making a work request and prompt folks to give more thought to their requests. Bauer writes: "Asking why to get to the real business case to support a request will help to reveal what is truly a priority that IT is in the best position to deliver on compared to a frivolous request that if not executed, actually reduces technical debt without harm to the requester."
  • Use time as IT "currency." This one won't work without full, data-based reporting of all IT activities. But IT organizations with these kinds of reports can simply update them with each business request. The reports should be distributed to business leaders, who can clearly see the resources that will be required to achieve the requests. They should be asked to prioritize the requests.
  • Establish some kind of formal work estimation model that includes duration and possible delivery dates. Doing this will make it easier for business folks to bump lower-priority work down the list, writes Bauer, "once it is known by all what is consuming time and delaying the delivery of what the business truly needs in a hurry." (I'd add this should also help IT organizations and business units identify tasks that should be considered for outsourcing.)


Bauer says in a response to a comment on his post that his tips are for "managers that are 'stuck in the middle' and can't just walk into the CIO's office and say 'Implement some governance by Friday so this problem goes away.'" He acknowledges the tips are a stop-gap until a CIO or other senior executive can champion a formal governance program.


Peter Kretzman mentions this in his comments as well, saying IT organizations "must do everything possible to get the root cause addressed, not to just work around the problem." The CEO is probably the most appropriate senior executive to address IT governance, says Kretzman, because the issue goes beyond IT to more broadly reflect on a company's culture of how it gets things done. (Or doesn't.)

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.