IT Governance

IT Outsourcing and the CEO

by

When blogging it doesn’t rain but it pours – I almost made it to the end of March without a blog entry (those ‘daily posts’ get hard to do when you’re swamped with other work – one can only have respect for ‘a-list’ bloggers that do manage to post something every day.

I was commissioned by CEO Online recently to write an article on IT Outsourcing from the perspective of the CEO, and the pros and cons of this approach, for publication in their Expert Talk section.
There is becoming quite a library of material there – I have published there before – and it seems good value for the $11 a month subscription.
As it was commissioned for CEO Online for their April newsletter, I won’t publish the article here but would instead direct you to CEO Online to have a look. I may be able to publish the whole article at a later date.

I will however reproduce the introductory paragraph here:

“Figuratively at least, CEOS are lying awake at night asking, “Is my IT infrastructure delivering what it needs to?  In essence, are we doing IT right?” The February 2006 CEO Online Survey identified an age-old and important issue that causes CEOs considerable angst:  ‘What is the best way to manage IT infrastructure?’

Unfortunately, there is no definitive answer apart from, “Well, it depends.” The goal of this article is to outline three alternative approaches to the delivery of Information Technology (IT) services and then to consider the pros and cons of each approach.

At the end of this article, you – as a CEO – will be better informed as to the likely benefits, traps and pitfalls of IT outsourcing.”

From:  IT Outsourcing – Selecting The ‘Best’ Infrastructure Model, April Newsletter CEO Online.

For what it’s worth, I think it’s a fairly meaty article (for once, a reasonable word limit was available due to web-publication) focussed on risk management, the fact that small to medium-sized businesses can often find internal IT a distraction and a problem management for an area that may not deliver competitive advantage (clearly that’s not the case for all companies), and an organisationally mature approach to outsourcing that unfortunately will not deliver immediate, large benefits but will deliver long-term benefits at a lower level of risk.

Any feedback on the article is of course always appreciated.

Governing the IT Beast

by

I note the chaser’s take on blogs and how they can peter out (warning: some strong language in the Chaser Comments and some articles – non-FYOSS): “Blog Abandoned After Five Entries”.

At any rate, tonight I am to present at the CPA Australia IT Discussion Group, so you can as usual expect to see the growth in thinking that has occurred on IT Governance since the last time a presentations similar to this one was done. We had to close the books on this one at 50, so it is being re-run in May as I understand it from John Halliday.

Presentation for CPA Australia IT Discussion Group

Micheal is presenting to the CPA Australia IT Discussion Group on 29th March 2006 on the topic “Governing the Information Technology Beast”.

John Halliday is the convenor of this group – thanks John!!!

Topic: “Governing the Information Technology Beast”

Date: 29th March 2006 5:30pm for 6:00pm

About this Topic

This one hour presentation will introduce the topic of Information Technology Governance, and provide specific and practical tools to assist with taming the information technology ‘beast’ within your organisation.

Tools examined include:

  • Leading Approaches in Information Technology Management
  • The role of the Boardroom in Planning, Building, Managing, and Running the Information Technology business function
  • Business IT Planning Process
  • IT Governance Calendar
  • Project Governance Management Tools

The presentation is practical and is focussed on having an impact on the organisation, from an SME to a listed company. The material for this seminar will operate within the framework presented by CPA Australia’s recent ITM CoE publication, “IT Governance: a Practical Guide for Company Directors and Business Executives”.

About your Presenter:

Micheal is the Director of Information Systems Consulting within BDO Kendalls’ Consulting Division. Micheal has extensive expertise in the evaluation and assessment of information system projects and information technology services for large businesses and government agencies in line with business strategies, goals, and objectives.

Micheal has had several articles published on information systems and business in his role as Chairman for the CPA Australia Information Technology & Management Centre of Excellence. Micheal is also co-author of research papers on information systems in association with the University of Queensland and Georgia State University.

Corporate Governance, Boards, and ICT

by

As you may have noticed by now, IT Governance is something of a professional passion for me (I also have two dogs but that’s not a professional passion!). 

ZDNet, who feature regularly in these pages, ran an article recently on ‘Do Boards get ICT?‘. 

I left a comment on the board about this topic, which I reproduce here:

“In looking at the issues raised in your commentary, ‘Do boards get ICT?’ I note that you are saying that boards often remain focussed on ‘cutting the costs of IT’ rather than ‘what can IT do to achieve efficiency’.

An interesting effect of ‘cutting the costs of IT’ is often an increase in overall costs to the business – IT can’t undertake Department X’s project (because it cut costs) and Department X does without or finds a hollow log to cobble together an external solution.

The topic really is one of IT governance – corporate governance of the IT business function. You should note that a Director of a listed company has to comply with the corporate governance requirements of the ASE, and although these aren’t specifically IT they do discuss the need to recognise opportunity to create value and riskiness of the situation. There is also AS8015-2005 from Standards Australia which outlines a best practice model here.

Australia’s leading accounting body, CPA Australia (I chair the IT Centre of Excellence), released a very good and practical guide for Company Directors and Business Executives in October 2005 – see http://michealaxelsen.com/blog/?p=46 and https://www.cpaaustralia.com.au/cps/rde/xchg/SID-3F57FEDF-79F61B28/cpa/hs.xsl/1017_16305_ENA_HTML.htm.

The point is, a board does in fact need to understand its business approach to ICT, and put in specific governance mechanisms particularly where the business is very reliant upon ICT. The CPA Australia publication gives a practical approach for any board that wants to fulfill its duties and legal requirements.

I am happy to discuss with anyone on the topic.

Thanks:  Micheal Axelsen”

Just to maintain it for posterity, really…

Data Quality Metrics and IT Governance

by

Micheal is presenting a workshop on Data Quality Metrics and IT Governance in Sydney on 13th April 2006 for Ark Group:

Data Quality Metrics and IT Governance

Registration: 9.00am
Workshop starts: 9.30am
Workshop ends: 12.30pm

About the workshop:

This workshop will examine the link between data quality metrics, and the delivery and monitoring of this information to the operational, executive, and board management levels of your firm. These tools and approaches will ensure measurable impact on data quality and improved corporate governance over the information under management by the organisation.

In this workshop, the relationship between the frameworks available for implementing data quality and the metrics for assessing levels of data quality will be explored, together with their application to your industry. Practical tools to report on data quality at various management levels will be examined and their strengths and weaknesses will be tested. The issues to consider in the design of the reporting process necessary to address the corporate governance requirements of the information management function will also be addressed, together with templates and tools for addressing these requirements.

About your workshop leader: Micheal Axelsen

Micheal is the Director of Information Systems Consulting within BDO Kendalls? Consulting Division. Micheal has extensive expertise in the evaluation and assessment of information system projects and information technology services for large businesses and government agencies in line with business strategies, goals, and objectives.

Micheal has had several articles published on information systems and business in his role as Chairman for the CPA Australia Information Technology & Management Centre of Excellence. Micheal is also co-author of research papers on information systems in association with the University of Queensland and Georgia State University.

Emerging Issues in Information Systems Integration Risk

by

It is interesting to contemplate business risk and business benefit in today’s commercial world. If we think about how the world has changed over the past thirty years (I am of course referring to information systems – and am completely ignoring other somewhat less momentous issues such as the end of the cold war, the rise of Islamic extremism, and the invention of Viagra), there originally were computer mainframes that the well-heeled business could put in place to process transactions. The diagram below gives a flavour of the history here:


Mainframes were heavily customised – heck, at the beginning each one was a custom job. So they were heavily customised, had a long life to get anything like ROI out of them, and were expensive to maintain.

The rise of end-user computing – aka the rise of the PC – put computing in the hands of the masses, but those masses didn’t have too many options to customise their computers given that most programs were off-the-shelf unless you were a dab hand at Pascal.

Client-server architectures, and the rise of enterprise computing, lead to fairly extensive customisation of systems, but in hindsight they were not nearly as complex as modern systems and were less integrated (it was still considered novel to integrate information from two databases into a data warehouse).

Todays’ internet computing, though, is all about reliance upon the information systems and their inter-dependence. It is increasingly difficult to change one information system without affecting others – this is particularly the case for core information systems such as accounting information systems or human resource information systems.

This has all occurred at a time when business, due to competitive pressures and the impact of globalisation, is increasingly turning to automation and information tools to ‘produce the goods’. Increasing reliance on information systems, and increased customisation, results in increasing business risk:

So despite the maturity of the information industry (e.g. with the development of common approaches, architectures, and ubiquitous development tools), the forces of evil are being brought to bear due to the requirement to have ‘business on-demand’ (a resurgent long-term reliance upon the vendor, increased customisation of business processes and software, and the use of a wide range of software development tools to undertake these tasks).

These factors are leading to increased systems integration risk, and the only solution that seems to exist at this time is to promote the use of methodologies, standard enterprise tools, and, as always, to document, document, document your customisations. And of course, as I often say to clients, have a Bex and a good lie down before seriously thinking about customising an off-the-shelf system. Having high information systems risks due to a customisation of a system to achieve business benefits is somewhat disconcerting; to have a high level of information system risks for customisations that did not achieve their supposed benefits is a more disturbing outcome.

(PS – BDO Kendalls is running an Emerging Issues in Risk Management Seminar on 8 November 2005 – see you there).