Cloud-based technology -- and the shadow IT organizations that can pop up around the easily installed products -- can undermine IT governance initiatives. But good governance is an important component of any IT strategy, and CFOs have a prime opportunity to play a leading role on centralized IT governance teams, according to experts.
Joe Pucciarelli, vice president and IT executive advisor at Framingham, Mass.-based consultancy IDC, said that while shadow IT can be attractive in some ways, there's a danger in letting centralized IT governance fall by the wayside. "In organizations where you have a lot of disconnected IT initiatives, you're able to put things in quickly, but after a couple years [of] everybody doing it their own way, it creates a morass of complexity which slows down the organization," he said. Having an abundance of IT projects managed by various business units can also produce overlapping efforts, he added.
More on the CFO role
Learn why the CFO is gaining influence in IT spending
Read a Q&A on the CFO's role in risk management
Find out how strategic and transactional finance are diverging
Judging from recent IDC survey findings, this might be the reality for a considerable number of organizations. "About 40% of large organizations have issues with centralized IT governance," Pucciarelli said. As for what's spurring the growth of shadow IT, 42% of organizations said business leaders are "demanding a higher velocity in their IT projects than IT can deliver," and 34% said they're able to access technology more easily due to cloud computing, Pucciarelli said.
With IT governance posing a problem for many organizations, Pucciarelli and Martha Heller, president of Heller Search Associates, based in Westborough, Mass., described what good governance looks like -- who should be involved, what systems and processes should be in place, the CFO's stake and why governance doesn't have to be an enemy to innovation.
Effective IT governance requires the right people and complexity level
"You can have a wonderful governance structure that decides roles, responsibilities and accountabilities, but if you don't have the right members of the organization at the table, [it] won't be effective," Heller said. So who needs to pull up a chair?
For Pucciarelli, a solid centralized governance team requires representation from several business functions: IT, line of business owners, finance and shared services. He noted that the size of the governance organization depends on the size of the business.
Heller cautioned not to let it get too complex. "With some governance structures, there are just so many approval processes and committees and follow-up meetings that it overwhelms the organization and people won't buy into it," she said. "Sometimes simplicity is the way to go." An overly complex governance organization can obscure accountability, so major stakeholders should set aside time to hash out who's responsible for what, even if a structure is in place, she said.
Heller also said a layered governance model -- one that involves not only senior-level executives, but also directors and middle management -- can be a wise idea. "Good governance isn't only at the top; it needs to be filtered through the organization," she said.
And what's the CFO's role in an IT governance organization? Pucciarelli said she can act as a unifying leader, bridging the gap between business and IT leaders and helping them to work together effectively. "The CFO can bring the parties together -- that's really what we see as a key opportunity," he said.
Post-implementation review can inform future projects
Once an IT project is completed, the role of the governance organization is finished, right?
This attitude is a common mistake, according to Heller. She instead recommended that IT governance organizations review the outcomes of projects after implementation, to gauge to what extent the expected benefits were realized. Fewer than 10% of organizations complete such a review, according to her research.
"I think a very critical part of a governance organization is that post-implementation review," she said. "By the time the [project] is complete, we're onto another business case. Well, did we achieve the benefits we thought we were going to? Why didn't we? What did we do that was right?"
Allow IT innovation to exist outside of governance
With business leaders now able to take technology projects into their own hands, centralized governance often looms as an innovation killer. But Heller suggested a potential workaround: Separate the innovation out.
"Rigorous approval processes and processes for making investment priorities and decisions are a critical part of every company," she said. "However, if every single IT idea has to go through this bureaucratic, labyrinthine process, the little ideas can get lost. So having an innovation group or a fund that doesn't have to be a part of a governance process can allow companies to trial some things."
She explained that while most large IT projects must have a strong business case in order to be approved by a governance organization, innovative IT ideas often don't have such clear backing. With this in mind, freeing innovation projects from the governance process allows business leaders to see if a system or tool "sticks" without absolute certainty that it will be beneficial beforehand.
Get all C-suite hands on deck
The CFO, chief information office (CIO) and chief executive officer (CEO) all have a role to play in good governance, Pucciarelli said. While the CFO handles financial vetting and should have what Pucciarelli described as a "robust and reliable" tracking or accounting system in place to produce performance reports, the CIO needs to act as a transparent ally who aims to empower the business instead of playing defense. And the CEO, last but not least, needs to provide sponsorship for the initiative. Pucciarelli said this piece of the puzzle is not to be sneezed at.
"Does the CEO really want to force people to work together, or is she going to tolerate people saying 'yes' to one another in a meeting and then going off and doing what they want? Are there going to be corporate consequences for [people] not being team players?" he asked.
Instead, good governance requires clear sponsorship from the executive suite to support the process, he said. "It may sound trivial, but that's really one of the essential ingredients."
Dig Deeper on Corporate Performance Management Software
Emma Snider asks:
How would you rate your IT governance?
0 ResponsesJoin the Discussion