IT governance aims to provide appropriate support to the management team and put reliable structures in place that can guarantee transparent decision-making procedures, for example. This, in turn, ensures that IT supports business goals optimally at all times, uses resources responsibly and monitors relevant risks.
Standardised methods and procedures, together with key principles, regulations and measures, are the most important components of IT governance. The components that are required by LEXTA’s clients are as varied as our clients themselves: the characteristics and degree of complexity of each of these components needs to be chosen appropriately for the client to avoid excessive micromanagement or delays. This is also the only way to integrate an internationally distributed IT organisation, for example, so as to ensure goal-oriented cooperation.
The following figure uses an example project to demonstrate the effects of IT governance on IT as a whole.
We can see that the client’s IT unit was tending to fall back into the role of a simple ‘tool provider’.
A modern IT department needs to be positioned to promote efficiency, however – and ideally as a business enabler. An appropriate IT governance structure combined with effective leadership is not only able to prevent the organisation ‘going off at a tangent’, so to speak, but can instead guide it to ensure optimal positioning of its IT.
One possible approach to repositioning IT governance is to carry out a fundamental best practice comparison of the IT governance system currently in place.
Here, as always, we should point out that the ‘ideal project’ doesn’t exist: depending on the client and requirements, we adapt the process flexibly and where necessary in order to deliver a made-to-measure result. Generally speaking, however, IT governance does involve the following four phases:
Current state analysis
Depending on requirements, this analysis can either focus on individual areas of IT governance, such as the control system used for the EU General Data Protection Regulation (EU GDPR), project portfolio management or IT service management processes, or can create an overall view of IT governance features.
Sample questions for this kind of structured survey include:
Questions like these enable LEXTA to gain insights into the current structures, along with their strengths and weaknesses. At the same time, the results of this phase also paint a clearer picture of the demands on governance structures.
Strengths and weaknesses profile
While the first phase is dedicated to collecting, consolidating and evaluating internal information, the following phase focuses on comparing this to companies with similar requirements. These ‘benchmark companies’ are selected based on regional distribution, the current dynamics of their business and their size, among other factors.
This enables the strengths and weaknesses of internal IT governance to be established – and then refined against specific key figures in particular.
This phase aims to define a meaningful strength and weaknesses profile, both compared with and aligned to the market: this provides a baseline from which the business leaders involved can clearly recognise and understand the potential for improvement.
Deriving recommendations for action
In the penultimate phase, the project team discusses the conclusions the client can draw in terms of IT governance, and the extent to which the best-practice approaches can be applied to the client’s situation and structures.
Once options for changing the governance system have been defined, discussed and specified, all of the results are classified in terms of cost/benefit ratios in order to prepare a final set of recommendations for action for IT management.
Once a course of action has been agreed together with management, the last phases focuses on thing above all others: achieving acceptance and support for the proposed changes.
Even the best system for IT governance can only be genuinely effective when it is put into practice within the company, and serious discussion about the new methods and rules is limited to as short a period as possible.
Accordingly, implementation measures are defined in coordination – and ideally in consensus – with all relevant stakeholders. Together with target attainment monitoring, this ensures that IT governance is accepted and thereby creates long-term value for the company.
In this phase, the management experience of LEXTA’s own consultants is particularly effective. As resistance towards change is quickly and easily expressed, this reality should best be countered with a broad-based market view and a multitude of real-world examples.
Our consultants can also apply their experience to avoid well-known stumbling blocks and delays in implementing the measures. A critical outside-in perspective also helps to dissipate wayward forces within the organisation, while helping maintain the pace and effectiveness of change – even if compromises have indeed become necessary.
Optionally, a review can be scheduled for the changes made after a period of 12 to 18 months. This step helps to confirm that IT governance is not a mere paper tiger but has instead become a real and integral part of daily IT management.
Discussion of the heterogeneity of the requirements
Comparison to other shared services in the organisation*
Status-quo analysis for processes in IT strategy, project portfolio, development plans, investment decisions, service level management and benchmarking
Selection of comparable companies with similar requirements regarding:
Presentation of KPIs of comparable companies
Identification of strength/weakness profile
Discussion of application of best practice
Identification of potential showstoppers
Identification of consensus and dissent in project team
Classification by cost and by benefit
Derivation of recommendations for action
Presentation of dissent topics for management
Discussion of implementation projects
Formulation of targets in consensus with stakeholders
Organisation of workshops to achieve acceptance
Compilation and documenting of results
Target attainment monitoring
Securing acceptance by all stakeholders