IT governance moves centre stage

An empty stage Ramkumar Akella, managing director, Birlasoft UK, looks beyond management…

If information is power, then technology is its weapon and the CIO is commander in chief. But it's a challenging role, that is still often searching for definition.

In advance of publication of its 2007 CIO Agenda, Gartner has suggested that despite a predicted shift in focus towards supporting business competitiveness, the majority of CIOs are still concentrating on operations management.

The report also claims that many organisations are failing to deliver on the promise of technology because simply providing high-quality IT services is proving difficult enough. If this goal is to be achieved, the CIO needs to keep up to date with ever-changing technology and in control of the infrastructure.

The CIO is not only answerable for the integrity and consistency of information handling within the organisation, he or she must ensure that IT investments are properly aligned with the strategic direction of the business as a whole.

Rather than responding to demands from users about specific functionality, the CIO should be looking at what the business needs now, what it will need next - and what it will need in five years time.

To do that they need the right tools and support - particularly as the pervasiveness of IT places enormous pressure on both the systems and those who control them. Adding to this demand is the move in many organisations to view the IT department as a separate, accountable and transparent business unit with its own set of performance goals to meet.

Whether an organisation is considering a wholesale adoption of the six sigma approach, a revamp of online retailing operations or overhaul of internal processes such as expense management, the CIO needs to be aware of all new projects being created, and be able to evaluate, prioritise and approve them.

But it is difficult, if not impossible, to have a consolidated view of all the projects that are going on - certainly in larger organisations - without the right tools. This is where the distinction between CIO and CTO become really clear.

Technologists require IT management systems that ensure the infrastructure operates at optimum level on a daily basis. But the CIO needs a solution that goes beyond this: one that helps identify and prioritise strategic investments by providing visibility and accountability of IT across the organisation. In other words, the CIO needs to go beyond management and aim for IT governance.

In essence, IT governance is both a strategic and operational function. The majority of management-only tools will look solely at the equipment in place, and help IT managers ensure they are running effectively. But IT governance looks at the people, processes and priorities of IT as well, to ensure that these match the firm's strategic direction.

Any IT consultant will tell you that relying on technology alone to deliver business benefits is destined to failure. The way IT is used, and the people using it, is equally important - something that standard management tools do not take into account.

A good IT governance solution will offer a single door to the various demands made on IT rather than holding the meta-data about all the systems and applications that are in use in separate repositories.

By providing real-time updates of all IT activity, users gain access to the most accurate information available at any time, eliminating the need for email updates, phone calls, or meetings to gain insight and control over what is going on.

The need for efficient IT governance has grown more and more acute in recent years. At the top of almost every CIO agenda is the need for compliance with a growing and stringent regulatory regime put in place to ensure effective corporate governance.

The CIO is increasingly being asked to ensure that the IT domain will keep his company out of the financial and reputational trouble that regulatory breaches bring with them. What's more, where finance heads, for example, often have a clearly identified role and chain of authority, the personnel structure and responsibilities of the CIO are often less clear cut.

The CFO's compliance responsibilities are not challenged by other functional heads or senior figures outside the organisation. Conversely, it is quite common to see individual departments doing their own thing when it comes to IT.

What's more, it is not unknown for projects worth thousands of dollars, with serious implications for compliance processes, to be kicked off via an informal email or in a water cooler conversation.

The CIO therefore requires tools that help ensure best practice throughout the company with regards to the use of IT, and provide awareness of each and every new project. Effective governance enables the organisation to harness IT in order to automate necessary processes and controls. So for example, sensitive documents are allocated limited access privileges automatically.

A good IT governance solution will also assess the effectiveness of the controls in place, and provide reliable audit trails of that effectiveness. And by specifying, standardising and automating workflows, quality control can also be maintained, whether it is in new business development, financial management or recording consultant time spent on individual projects.

Of course, every organisation has a subtly different set of needs from its IT and consequently its IT governance solution. What they have in common is the need to treat all demands as efficiently and quickly as possible.

Therefore a good governance tool will be able to channel demands made on the IT system through to the appropriate control centres. For example, a strategic demand for new business systems and applications will get directed through the organisation's portfolio or asset management process. This makes sure that there is a strong business case for every proposed initiative, a disciplined approach to prioritise and fund them, and real-time visibility on all projects.

In the same way, IT governance helps manage resource allocation: whether it is staffing levels, or the procurement of new hardware. An end-to-end governance tool will identify where resources are under-utilised and where they are hopelessly stretched. The CIO can then balance the two to ensure optimum utilisation.

This is particularly important as the other major pressure placed on CIOs is that of financial constraint. Capital investment needs to be justified at the highest levels. And although budgets are still increasing, according to both Forrester and Gartner, the rate of growth is slowing down. Simply keeping pace with demand, and managing what is already in place, absorbs a significant portion of available funds.

Without effective governance, IT remains a cost centre, rather than a business enabler - and it is difficult, if not impossible, to prove return on investment or deliver accountability for the department's spending.

Indeed many companies that have deployed an IT governance solution to manage projects, programs and support processes have found that unnecessary capital costs have been reduced. More than that, the number of non-viable IT projects that are undertaken has been diminished, project management costs have gone down, while the use of existing resources goes up.

Technology presents the opportunity to make a major contribution to the bottom line, liberate the business to pursue new avenues, and manage exposure to a variety of risks. But for that to happen, IT needs to move beyond being simply managed. It needs to be governed.

Birlasoft is the global technology services division of the CK Birla Group, offering IT governance solutions and consultancy to companies worldwide.

12 March 2007