Effective business reporting

I’m a great fan of the COBIT and VAL-IT frameworks, but I also like to try and reconcile complex frameworks. I also hire a translation company at https://www.espressotranslations.com/gb/french-translation-services-london/ to make them a bit easier to understand for our non-native English speakers. I also like to talk in terms of people, process and technology, as I think that conceptually we can easily get our heads around it, and it also helps us turn complex things into stuff we can use in a small business and specially in home based business.

Frameworks like COBIT provide us with a way of distilling out the unnecessary.  It is so easy with an IT area to have it seem so complex that you don’t know where to start.  COBIT lets us see what matters, and it provides a strong link between the strategic direction and management of the business, and allows us to identify from those business goals the things that the IT area needs to be doing  That is the fundamental basis of the Getting IT Right service line that I provide through my company, Applied Insight Pty Ltd. It isn’t just something I made up, it has a real basis in research into the practice of IT management.

So for the effective business reporting presentation, I have taken the people-process-technology relationship, added environmental factors in the context of the financial reporting system (so, financial capacity, regulatory compliance, and business strategy), and then linked this to the COBIT process framework (DS11 – Data Management).

This approach can be seen here:

And linking through, I can, using this approach, give you a framework you can use to diagnose and assess the effectiveness of your financial reporting systems:

I have done this simply by identifying the key words in the COBIT control objective identified – it talks about words like ‘complete’, ‘accurate’, valid’ etc (as referred to in blue), and then you have a coherent, flexible, approach to the delivery of effectiveness business reporting without the need to make it up (so we know it’s complete) but not so complex and rich that it can’t be understood.

If I as a business can take these factors and score them

in some way, I have a good approach for assessing the health of my business reporting systems.  And that is half of the purpose of the presentation coming up is anyway.

IT Governance: A definition

There is a slight difference of opinion between a pure "governance" approach to IT and the IT governance approach espoused by COBIT.  In this series of blog posts I’ll be adopting the definition of Broadbent & Weill 2003 for IT Governance:

IT Governance is about who is entitled to make major decisions, who has input and who is accountable for implementing those decisions.  IT governance is different from IT Management.

Whereas I would contend that the approach under COBIT (alack and alas – managed by the IT Governance Institute) is not really about this true governance framework.  COBIT (Control OBjectives for IT) is about the control framework, identifying the maturity of IT processes, and who has what responsibilities in its role (using RACI charts – Responsible, Accountable, Consulted, Informed).  COBIT identifies the controls that should be put in place around IT, and some of its processes do in fact call for processes that support the kind of governance brought forward by Broadbent & Weill 2003, but in essence it is a framework for advising how to manage the business of IT.  IT Governance in this sense is more a concern of a board – the body that says "to address our requirements for corporate governance, thou shalt implement COBIT" – rather than IT managers – the body that implements COBIT. 

I do think that there is a distinct difference between IT Governance from the point of view of the Board, and IT Governance as put forward by COBIT.  This doesn’t mean that COBIT is not useful – on the contrary, COBIT is exceptionally useful.  However COBIT is by its nature focussed on the business of IT and is just… different.

Next week:  does IT Governance really matter?  WIIFTB (What’s In It For The Board)?

Aligning IS and Business Strategy

As will be a tradition this week, I present an introductory rant about the topic at hand, and since today is Tuesday it’s IT Strategy day it’s time to talk about strategy.Â

It’s a given that IT strategy ‘must align with business strategy’.  Yet it is quite difficult to get this right – not least because it is hard to align an IT strategy with a business strategy when there isn’t a business strategy.  There is another article on this site (‘Getting IT Right!‘) that talked about those things that need to be done to ‘Get IT Right!’.  There was a follow-up presentation to that, which I will post in due course, that used the COBIT framework to identify 20 core business goals, prioritise those goals, the best  accounting tools for business and then map those goals to fundamental IT activities – which of course should provide direction to IT strategy that is aligned with the business.

These business goals, as outlined by COBIT, are:

Financial Perspective
1. Expand market share
2. Increase revenue
3. Return on investment
4. Optimise asset utilisation
5. Manage business risks
Customer Perspective
6. Improve customer orientation and service
7. Offer competitive products and services
8. Service availability
9. Agility in responding to changing business requirements (time to market)
10. Cost optimisation of service delivery
Internal Perspective
11. Automate & integrate the enterprise value chain
12. Improve & maintain business process functionality
13. Lower process costs
14. Compliance with external laws/regulations
15. Transparency
16. Compliance with internal policies
17. Improve & maintain operational & staff productivity
Learning and Growth
18. Product/business innovation
19. Obtain reliable and useful information for strategic decision making
20. Acquire and maintain skilled and motivated personnel

COBIT is a very useful approach to use in IT consulting, and although it was originally developed as an IT Audit tool, it makes a lot of sense to adapt COBIT to a ‘doing’ framework as opposed to an ‘assurance’ framework.  BDO Kendalls uses COBIT as its framework in all consulting services to our SME clients, and it is a very valuable tool for that purpose.Â

Those in the know will recognise these business goals as driven by a balanced scorecard philosophy.  Using COBIT, it is possible to rank these goals, and then identify the IT activities and focus that align with the business goals.  I will be posting more around this approach in this area of strategy, but essentially if a business cannot identify its business strategy in a cohesive form – which, alas and alack, is often the realpolitik IS professionals must deal with – a process to rank these business goals can be very useful in identifying what IT activities are needed to align IT with the business.

Next week:  how to go about ranking the business goals.Â

Getting Great ICT Service Delivery

I am prompted to write a post around ICT Service Delivery as I have a request-for-proposal from a prospective client to review their ICT Service area.  Without giving too much away, they seem to have a reasonable number of people in their IT area (about one staff member for every 20-25 PCs) which by every benchmark I’ve ever read is probably twice the normal benchmark.

And yet, the users aren’t happy.  In fact, they’re quite unhappy, it would seem – almost to the point where boiling oil, pitchforks, and tedious jokes about broken coffee-cup holders are considered necessary.

It just highlights to me, I think, that the area of ICT Service Delivery is one that businesses still haven’t got right – particularly SMEs, I think.  I consider that this is due to a distinct lack of engagement between the business and the IT service area.  It’s a governance problem – business doesn’t tell IT what it needs, and so IT guesses and fills in the blanks.  And good on IT for trying, but it doesn’t help much, even if they’re really good at guessing.  Really, the need is for the business to give direction to IT and identify what the needs are.  The current situation that all too often arises is that IT gives the correct answer to the wrong question.  One client had four network administrators and one person on the help desk.

Not surprisingly, at a technical level the network worked very well (packets were not lost, data was transported around) but users were exceptionally unhappy (no application maintenance people, apparently, results in applications that don’t get maintained).

Anyway, the answer to great ICT service delivery seems to be:

  1. Know why you are doing something
  2. Know what it is you are trying to achieve
  3. Know who is responsible for achieving which aspects of the service
  4. Be informed as to how performance is going.
  5. If you are tempted to go beyond points 1-4, have a Bex and good lie down.

This means that you have to get the planning component right (links with the business – do what is needed), and then have the best practice components together for your building and managing components of the IT function (some version of ITIL/COBIT/PRINCE2/PMBOK) and THEN focus on the ‘running’ of IT.  In my experience problems in ICT service delivery really relate back to problems in the governance of IT – but it’s usually easier and more satisfying to yell at IT than to fix the real problems of the business.

Professor Wim Van Grembergen and IT Governance

The professor spoke today at the Gardens Theatre at Queensland University of Technology (great facility by the way) on the topic of IT governance. He focussed on the actual mechanisms for ensuring that IT and business are in alignment.

He focusses on structures, processes, and relational mechanisms.

He noted that relational mechanisms are often missed by consultants putting in a new IT Governance framework.

Structures and processes are fairly straightforward, but relational mechanisms are a little different. Relational mechanisms are mechanisms that ensure that the relationships that underpin the other two tools are effective. Examples include co-location of business and IT, aligned incentive programs, cross-functional business/IT training and job rotation.

The presentation was very interesting, and linked nicely to COBIT. He also noted balanced scorecard to measure corporate contribution, user orientation, operational excellence, and future orientation. A nice rule of thumb for operational measurement presented is that 33% of time should be spent on maintaining existing systems, 33% should be spent on enhancing existing systems, and 33% should be spent on building new systems.

Sherrena Buckby also presented on IT Governance. Sherrena is a PhD candidate at QUT and is writing her thesis on IT Governance. The topic of her presentation is ‘Why IT Governance is important for boards?’. Sherrena is doing significant research on IT governance on what are the tools that the board could use to cover off on iT Governance issues. Her presentaion was very interesting and holds some promise for a practical tool that may assist boards in addressing IT Governance.

A very worthwhile session today.