September 27, 2006, 11:44 AM — Everyone seems to be talking about IT Governance (ITG) these days, and they all seem to agree that it's good for you, like taking your vitamins or getting 30 minutes of exercise each day. We like the way it sounds, we'd vote for it, we'd even buy it if someone would just tell us what the heck it is.
Q: Is IT Governance a program to improve my IT operations?
A: Sure, sounds good.
Q: Is it improved audit compliance?
A: Why not? If it will allow you to tell the guys in the corner office that you're Sarbanes-Oxley compliant (whatever that means for an IT department), then I'm all for it.
Q: If I create a Project Management Office, then do I have ITG?
A: According to some CIOs, yes. But even the prettiest project methodology won't save your job if your maintenance budget balloons every year due to poor management of your daily operations.
Q: All right, what if we just download all of the best practice documents from ITIL and CobIT, e-mail them to everyone in the department, and tell them to implement whatever they read? Will we have ITG then?
A: It depends: Do you want to do anything else - like answer production support requests - in the next six months?
Q: Will I get ITG if I spend half of next year's budget on a software package that claims to offer ITG in a box?
A: Well, maybe. What do your IT operations look like now? Automating bad processes just helps you waste your time slightly more efficiently.
Q: OK, smart guy, then what is it? How do I get IT Governance, and do I even need it?
A: I'm glad you asked. The fact is, all of these ideas have some merit: they're just not the whole picture. ITG could be any of these things, depending upon where your organization stands today. Here's a general definition: IT Governance is a holistic, profit-driven approach to IT operations that encompasses organizational structure, decision-making processes, management controls, and automation to most effectively align IT efforts with the business of the company at large and manage IT like a business.
There. Perfectly clear, right?
Successful IT Governance requires effective portfolio, project, process, financial, resource, risk, and communication management. It requires the IT organization to switch its mentality from that of a cost center - "We're just here to keep the lights on" - to that of a profit center - "We're a strategic business partner, and you can't live without us." This shift also requires the IT organization to take on some of the entrepreneurial characteristics of an independent business: seeking profit opportunities, reorganizing itself to take advantage of them, and then selling them to the rest of the company.
IT organizations can no longer hide behind their support desks and hope that no one bothers them, nor can they afford to focus solely on the cost side of the balance sheet. In other words, they can't act like a monopoly utility company. If you haven't noticed it yet, allow me to be the first to tell you: you have competition. It's not enough to see if you can squeeze another 5-10% in efficiency gains out of your staff next year. You need to start thinking about making money, not just trying not to spend it. You need to start showing your business partners how you can help them meet their revenue goals and proving yourself to be a valuable business partner.
Q: Hey, remember those production support requests you mentioned earlier? They're piling up even as I read this. How am I supposed to act like an entrepreneur when I can't even keep the database from crashing once a week?
A: Baby steps, my overworked friend, baby steps…
Before you can figure out where you're going, you need to know where you are. This isn't a gentle, self-actualizing exercise in mindfulness, though; it's a cold, hard look at your organization in the bright, white light of day. You need to perform an organizational audit:
