IT Governance

IT governance aims to provide appropriate support to the management team and put reliable structures in place that can guarantee transparent decision-making procedures, for example. This, in turn, ensures that IT supports business goals optimally at all times, uses resources responsibly and monitors relevant risks.

Standardised methods and procedures, together with key principles, regulations and measures, are the most important components of IT governance. The components that are required by LEXTA’s clients are as varied as our clients themselves: the characteristics and degree of complexity of each of these components needs to be chosen appropriately for the client to avoid excessive micromanagement or delays. This is also the only way to integrate an internationally distributed IT organisation, for example, so as to ensure goal-oriented cooperation.


Supporting strategic targets with IT governance

The following figure uses an example project to demonstrate the effects of IT governance on IT as a whole.

We can see that the client’s IT unit was tending to fall back into the role of a simple ‘tool provider’.
A modern IT department needs to be positioned to promote efficiency, however – and ideally as a business enabler. An appropriate IT governance structure combined with effective leadership is not only able to prevent the organisation ‘going off at a tangent’, so to speak, but can instead guide it to ensure optimal positioning of its IT.

The LEXTA method for best practice comparisons

One possible approach to repositioning IT governance is to carry out a fundamental best practice comparison of the IT governance system currently in place.

Here, as always, we should point out that the ‘ideal project’ doesn’t exist: depending on the client and requirements, we adapt the process flexibly and where necessary in order to deliver a made-to-measure result. Generally speaking, however, IT governance does involve the following four phases:


Current state analysis

Depending on requirements, this analysis can either focus on individual areas of IT governance, such as the control system used for the EU General Data Protection Regulation (EU GDPR), project portfolio management or IT service management processes, or can create an overall view of IT governance features.

Sample questions for this kind of structured survey include:

  • How heterogeneous are the demands placed on governance?
  • What are the specific process characteristics?
  • Which KPIs are particularly important?
  • What degree of governance is customary in the company, and what are the rules applied to other shared service areas (such as Purchasing or Human Resources) within the organisation?

Questions like these enable LEXTA to gain insights into the current structures, along with their strengths and weaknesses. At the same time, the results of this phase also paint a clearer picture of the demands on governance structures.


Strengths and weaknesses profile

While the first phase is dedicated to collecting, consolidating and evaluating internal information, the following phase focuses on comparing this to companies with similar requirements. These ‘benchmark companies’ are selected based on regional distribution, the current dynamics of their business and their size, among other factors.

This enables the strengths and weaknesses of internal IT governance to be established – and then refined against specific key figures in particular.

This phase aims to define a meaningful strength and weaknesses profile, both compared with and aligned to the market: this provides a baseline from which the business leaders involved can clearly recognise and understand the potential for improvement.


Deriving recommendations for action

In the penultimate phase, the project team discusses the conclusions the client can draw in terms of IT governance, and the extent to which the best-practice approaches can be applied to the client’s situation and structures.

Once options for changing the governance system have been defined, discussed and specified, all of the results are classified in terms of cost/benefit ratios in order to prepare a final set of recommendations for action for IT management.



Once a course of action has been agreed together with management, the last phases focuses on thing above all others: achieving acceptance and support for the proposed changes.

Even the best system for IT governance can only be genuinely effective when it is put into practice within the company, and serious discussion about the new methods and rules is limited to as short a period as possible.

Accordingly, implementation measures are defined in coordination – and ideally in consensus – with all relevant stakeholders. Together with target attainment monitoring, this ensures that IT governance is accepted and thereby creates long-term value for the company.

In this phase, the management experience of LEXTA’s own consultants is particularly effective. As resistance towards change is quickly and easily expressed, this reality should best be countered with a broad-based market view and a multitude of real-world examples.

Our consultants can also apply their experience to avoid well-known stumbling blocks and delays in implementing the measures. A critical outside-in perspective also helps to dissipate wayward forces within the organisation, while helping maintain the pace and effectiveness of change – even if compromises have indeed become necessary.

Optionally, a review can be scheduled for the changes made after a period of 12 to 18 months. This step helps to confirm that IT governance is not a mere paper tiger but has instead become a real and integral part of daily IT management.


In IT governance projects we optimise processes,
methods and content individually for the respective project phase:

  • Current state analysis 
  • Strengths and weaknesses profile 
  • Derivation of actions 
  • Implementation 

Current state analysis 

Discussion of the heterogeneity of the requirements

Comparison to other shared services in the organisation*

Status-quo analysis for processes in IT strategy, project portfolio, development plans, investment decisions, service level management and benchmarking

  • Process characteristics
  • Allocation of tasks and competences
  • KPIs**

Strengths and weaknesses profile 

Selection of comparable companies with similar requirements regarding:

  • Regional coverage
  • Business dynamics
  • Size

Presentation of KPIs of comparable companies

Identification of strength/weakness profile

Derivation of actions 

Discussion of application of best practice

Identification of potential showstoppers

Identification of consensus and dissent in project team

Classification by cost and by benefit

Derivation of recommendations for action

Presentation of dissent topics for management


Discussion of implementation projects

Formulation of targets in consensus with stakeholders

Organisation of workshops to achieve acceptance

Compilation and documenting of results

Target attainment monitoring

Securing acceptance by all stakeholders

We are also happy to offer workshops where we work together to identify the options and potential for your business in relation to IT governance.