1

IT

has become crucial in the support, the sustainability and the growth of the business The pervasive use of technology has created a critical dependency on IT This calls for a specific focus on IT governance Consists of the leadership and organizational structures and processes that ensure that the organizations IT sustains and extends the organizations strategy and objectives (Grembergen et al., 2004)
2

 IT

governance can be defined as specifying decision rights and accountability framework to encourage desirable behavior in the use of IT (Weill & Ross, 2004)

IT governance is the structures and processes that ensure that IT supports the organizations mission The purpose is to align IT with the enterprise, maximize the benefits of IT, use IT resources responsibly and manage IT risks
1)

2) A structure of relationships and processes to direct and control the enterprise in order to achieve the enterprises goals by adding value while balancing risk vs. return over IT and its processes

3) IT governance is the responsibility of the board of directors and executive management (integral part of enterprise governance) and consists of the leadership and organizational structures and processes that ensure that the organizations IT sustains and extends the organizations strategies and objectives

4) IT governance is the system by which an organizations IT portfolio is directed and controlled - Describes - A distribution of decision-making rights & responsibilities among different stakeholders, and - The rules and procedures for making and monitoring decisions on strategic IT concerns (Peterson, 2004)

 IT

governance is a board or senior management responsibility in relation to IT to ensure that: IT is aligned with the business strategy IT and new technologies enable the organization to do new things that were never possible before IT-related services and functionality are delivered at the maximum economical value or in the most efficient way All risks related to IT are known and managed and IT resources are secured.
8

 IT

management is focused on the internal effective supply of IT services and products, and management of present IT operations IT governance is much broader, and concentrates on performing and transforming IT to meet present and future demands of the business (internal focus) and the business customers (external focus)

10

 The

domain of IT management focuses on the efficient and effective supply of IT services and products, and the management of IT operations IT governance faces the dual demand of Contributing to present business operations and performance, and Transforming and positioning IT for meeting future business challenges ITG is both internally and externally oriented
11

desirable behavior is one that is consistent with the organizations mission, strategy, values, norms, and culture such as behavior promoting entrepreneurship, sharing, and reuse or relentless cost reduction ITG is not about what specific decisions are made (that is management) Rather ITG is about systematically determining who makes each type of decision (a decision right), who has input to a decision (an input right), and how these people (or groups) are held accountable for their role
12

 Good

ITG draws on corporate governance principles to manage and use IT to achieve corporate performance goals Effective ITG encourages and leverages the ingenuity of all enterprise personnel in using IT, while ensuring compliance with the enterprises overall vision and principles So, good ITG can achieve a management paradox: simultaneously empowering and controlling (Weill, 2004)

13

 All

enterprises have ITG The difference is that enterprises with effective governance have actively designed a set of ITG mechanisms (committees, budgeting processes, approvals, IT organizational structure etc) that encourage behaviors consistent with the organizations mission, strategy, values, norms, and culture When the desirable behaviors change, ITG also changes!
14

 ITG

cannot be considered in isolation because it links to the governance of other enterprise assets (such as financial, human, intellectual property, etc) Governance of the key assets, in turn, links to corporate governance and desirable behaviors In the models of corporate governance, one can organize the variables and concepts used to describe the complexity of corporate governance mechanisms into two main categories: capital-related and labor-related
15

 The

capital-related aspects contain variables like ownership structure, corporate voting, the identity of the owners, and the role of institutional owners. The labor-related aspects refer mainly to the stakeholding position of labor in corporate governance (employee involvement schemes, participatory management, co-determination etc.

16

 Became

a dominant business topic in the wake of the corporate scandals of midyear 2002 Enron, Worldcom, and Tyco Interest in corporate governance is not new, but the severity of the financial impacts undermined the confidence of institutional and individual investors, and heightened concerns about the ability and resolve of private enterprises to protect their stakeholders
17

 Contributed

to the downward pressure on stock prices worldwide New US Govt. legislation required CEOs to personally attest to the accuracy of their firms accounts and report results more quickly. Corporate America increased the level of selfregulation Professional investors are prepared to pay large premiums for investments in firms with high governance standards Firms best on corporate governance could expect an increase of 12% in market value
18

 Corporate

governance is defined as providing the structure for determining organizational objectives and monitoring performance to ensure that objectives are attained [Organization for Economic Cooperation and Development (OECD), 1999] There is no single model of good corporate governance, but in many countries corporate governance is vested in a supervisory board that is responsible for protecting the rights of shareholders and other stakeholders The board in turn, works with a senior management team to implement governance principles that ensure the effectiveness of organizational processes
19

20

 The

top of the framework depicts the boards relationships. The senior executive team, as the boards agent, articulates strategies and desirable behaviors to fulfill board mandates Strategy is seen as a set of choices (targeted customers, product & service offerings, unique position targeted, core processes etc.) Desirable behaviors embody the beliefs and culture of the organization as defined and enacted thro not only strategy but also corporate value statements, mission statements, business principles, rituals, and structures 21

 Desirable

behaviors are different in enterprises. Behaviors and not strategies create value For instance, J&J relied on autonomous business units (individual J&J operating companies) to create shareholder value for nearly 100 years. Later, J&J evolved to specify desirable behaviors like lowering costs, creating mechanisms for better understanding the unique needs of individual customers. Transferring employees across J&J companies to help them identify with the corporation.

22

 The

lower half of the fig 2 identifies the 6 key assets thro which enterprises accomplish their strategies and generate business value Senior executive teams create mechanisms to govern the management and use of each of these assets both independently and together

23

 Key

assets include the following Human assets: people, skills, career paths, training, reporting, mentoring, competencies Financial assets: cash, investments, liabilities, cash flow, receivables Physical assets: buildings, plant, equipment, maintenance, security, utilization IP assets: IP including products, services, and process know-how formally patented, copyrighted or embedded in the enterprises people and systems
24

 Information

and IT assets: digitized data, information, and knowledge about customers, processes performance, finances, Info systems Relationship assets: relationships within the enterprise as well as relationships, brand, and reputation with customers, suppliers, business units, regulators, competitors, channel partners

25

 Governance

of the key assets occurs via organizational mechanisms (structures, processes, committee, procedures, and audits) Some mechanisms are unique to an asset (IT architecture committee) Others cross and integrate multiple asset types (the capital approval process) ensuring synergies between key assets Maturity across the governance of the assets varies Typically, financial and physical assets are the best governed, and information assets are among the worst 26

 At

the bottom of fig 2 are the mechanisms used to govern each of the 6 key assets. Enterprises with common mechanisms across multiple assets perform better If the same executive committee governs both financial and IT assets, a firm can achieve better integration and create more value Some mechanisms will always be unique to each asset (audit committee for financial asset and the IT architecture committee for IT) But, some common mechanisms lead to better coordination of the six assets
27

 Creating

common governance mechanisms across assets will not only increase integration, but the resulting smaller number of mechanisms will be simpler to communicate and implement. Education of the senior management team about how governance mechanisms combine to work for the enterprise, is an essential and ongoing task for effective governance Many tangible benefits await better IT governance (Weill & Ross)

28

 In

governing IT we can learn from good financial and corporate governance - CFO doesnt sign every cheque Instead, she sets up financial governance (who can make what decisions and how) She then oversees the enterprises portfolio of investments and manages the required cash flow and risk exposure Tracks a series of financial metrics to manage the enterprises financial assets, intervening only if there are problems or unforeseen opportunities Exactly the same approach should be applied to ITG 29

governance: Specifying the decision rights and accountability framework to encourage desirable behavior in the use of IT Aims to capture the simplicity of ITG and also its complexity The senior management team designs the IT decision rights and accountabilities to encourage the enterprises desirable behaviors
IT

30

 If

desirable behavior involves independent and entrepreneurial business units, IT investment decisions will be primarily with the business unit heads. In contrast, if desirable behavior involves an enterprise-wide view of the customer with a single point of customer contact, a more centralized IT investment governance model works better. More centralized models for HR (and other key assets) would also assist in achieving a single point of customer contact.
31

 Problems

occur when there is a mismatch between desirable behavior and governance. Example a particular business unit wanted to lead its financial services industry segment with a new IT-enables service providing alerts to important clients via their handheld devices The business unit had to pay the entire cost of the wireless infrastructure plus the application development cost for the business process But, other business units and product offerings would probably use the same infrastructure Thus the innovator was asked to bear all the risk and other business units could then utilize the infrastructure, if successful (irrational?)
32

Solution was to introduce a dividend system consistent with the firms culture For a potential multi-business unit application for the infrastructure, the CEO would fund some of the cost (20%) from corporate funds The innovating business unit would make the remaining infrastructure investment If other business units later utilized the infrastructure, the innovating business unit received a dividend of one-third its cost from each business unit
Rational
33

 This

approach encouraged early adopters and created infrastructure to foster future innovation across the enterprise. The new funding mechanism, implemented via the executive management, capital investment, and IT architecture committees, carefully balanced risk and reward, encouraging rather than discouraging desirable behavior

34

 The

example highlights two complementary sides of governance articulated by OECD Behavioral side the way managers, shareholders, employees, creditors, key customers, and communities interact with each other to form the strategy of the company Normative side the set of rules that frame these relationships and private behaviors, thus shaping corporate strategy formation. These can be the company law, securities regulation. But, they may also be private, self-regulation

35

 The

behavioral side defines the formal and informal relationships and assigns decision rights to specific individuals or groups The normative side defines mechanisms formalizing the relationships and providing rules and operating procedures to ensure that objectives are met Enterprises often implement a dozen of or more mechanisms to make IT decisions

36

 Effective

IT governance must address three questions:

decisions must be made to ensure effective management and use of IT? should make these decisions?

What

Who How

will these decisions be made and monitored? are numerous frameworks and insights that can help management teams address these questions
37

There