In previous blog posts, I looked at how Simon Sinek’s ‘Golden Circle’ approach can be applied to ICT strategy – the importance of first establishing common beliefs and objectives across the business.
I then looked at how the ICT function can best deliver ICT services and where from using a well-considered architecture.
This final post in the series considers ICT governance, the patina of standards, policies, procedures, priorities and budgetary issues that guide the priorities and deliverables of technology functions.
This is where the rubber hits the road, where the organisation determines the priorities and parameters of ICT delivery (if and when) against the business objectives.
At its simplest, ICT governance is like any other governance regime. It is an arrangement of rules by which an organisational group and its stakeholders agree to operate in the interests of good decision making. Families have them, nations have them. Without them, chaos reigns.
If we don’t communicate them clearly, or fail to enforce them consistently, rules are ineffective in driving behaviours and outcomes.
If we don’t regularly review and update them to reflect agreed and relevant community practices and customs, rules can erode trust – they become ineffective and can test respect for the rule of law, lead to ridicule of our law makers and hinder our ability to realise objectives.
Theoretically, ICT governance is no different – consult and get consensus on the rules; ensure that they’re approved or endorsed at the right level; communicate them clearly; then follow and, if necessary, enforce them consistently.
The environment will inevitably change and there will be variables, so include some clear exceptions for flexibility – then review and repeat regularly.
Mind the gap
ICT governance faces many of the same challenges as any other governance framework. On the one hand, there will be promises and expectations.
On the other hand, there will be limited resources, tight budgets, timeframes slippage, skills gaps, risks and incidents to be managed.
Almost every ICT function has found itself in that uncomfortable place known as the “expectation gap” at one time or another. So, how do we ensure that our ICT function becomes trusted by the organisation to deliver on promises, rather than falling into the gap?
It can be broken down into ‘planning, prioritisation and policies’ combined with a healthy dose of ‘communication, consultation and commitment.’
Let’s take planning first. ICT executives should working with colleagues in the organisation to understand, agree and articulate the organisation’s broader vision and objectives.
The tangible output might be a corporate plan – the intangible output is a commonly shared belief (the why) communicated throughout the organisation.
From this common place, work with organisational stakeholders to understand their ICT requirements and the business drivers underlying them, and confirm that each aligns with the corporate plan.
This consultative process will enable ICT to develop a broader “demand portfolio”, a qualified list of what the organisation’s ICT requirements are.
This can then be evaluated against the supply side – how the requirements fit within the ICT architecture, sourcing strategy and available resources.
Almost inevitably, the demand side will outstrip the supply side. At this point, trust between the ICT function and stakeholders can be sorely tested or enhanced.
Having a well-considered and transparent methodology for prioritisation is critical to negotiating in a manner that builds trust. Priorities may vary depending on the nature of the organisation but will generally include a number of agreed ‘drivers’.
These can either be either success or risk factors such as:
| Success drivers | Risk |
| Business value | Risk mitigation |
| Strategic fit | Risks profile |
| Increased revenue | Security |
| Cost reduction | Capacity and skills |
| Customer experience | Architectural fit |
| Staff productivity | Staff retention |
Carefully evaluate each initiative against the drivers and use them to help guide discussions with stakeholders. For example, an initiative for which the organisational has little or no appetite is unlikely to succeed.
An initiative that is high risk may also be a difficult proposition, but if the business value is extremely high (e.g., business benefits, cost reductions), then rate it accordingly.
And if excellent internal skills can be relied upon to support delivery of an initiative, then it is more likely to succeed than one that relies on scarce external skills. Rate it accordingly.
Click here for an example of a business driver priority-driven plan.
It is equally important to work with stakeholders to evaluate each initiative against applicable organisational policies as part of this process. If an initiative does not comply with say, data management or security policy, then it will be need to be reconsidered.
Create a balanced partnership between demand, supply and governance
Read more: Vic Government's ICT strategy to save state $400m
With commitment to consultation and clear communication, this process will allow organisational initiatives to be ranked in a manner that will best balance ICT demand and supply in the organisation, optimising its ability to deliver fit-for-purpose outcomes on time and on budget.
Ensure that the priorities are then clearly set out in the annual program plan and formally endorsed by the relevant executive and financial committees. Each of the cascading plans that flows from this – whether they be business cases, project plans and the like – should then align with this.
Finally, do not put these plans in the bottom drawer – they are the map, the shield and the sword. Almost inevitably, there will be obstacles, doubters and people with strong ideas on ICT operations.
A plan, forged through collaboration and clear evaluation, will help navigate these issues, keep things on track, and build trust in the ICT function through reliable delivery.
Carsten Larsen is partner, ICT strategy at Business Aspect.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.