IT Governance

Feedback from data governance seminar

by

Hmmm.  One of my ‘corporate values’ is honesty.  Which translates to transparency.  So… I thought I’d post the feedback that I received for the data governance seminar a week or two ago (30th April 2008).  Out of 7, the feedback was 5.7, and I received comments like:

  • Good, relevant and practical
  • Very helpful
  • A good presentation. Will be checking up on notes
  • Annoying that an accountant knows so much about IT!!!
  • Good governance advice
  • Good, reusable data
  • Practical at times. I didn’t agree with some comments
  • Clear presentation; needs to use gender neutral language
  • Practical and concrete
  • Very data focussed and comprehensive

My favourite I think is that it’s annoying for an accountant to know so much about IT :).  And I’ll watch the gender-neutral language in future, old mysogynistic habits die hard.

CPA Australia ITM CoE meeting

by

Well I’m off to Melbourne again this morning for the first face-to-face meeting of the ITM Centre of Excellence this year.  In some ways we’ve been a bit slack this year – but our work plan is still cranking out because we’ve got the dance card aligned. 

There’s a major publication coming out on the business management of IT (that is very, very excellent and I love Chris Gillies’ and Jan Barned’s work on this one – you’ll be able to buy it online very soon), a research publication on telework has come out (thanks John Campbell from University of Canberra and Jon Heales from UQ- read it on the weekend and it looks good), there’s been an article for the CFO Software Guide that comes out next month (on social networking – thanks me!), and there are two forthcoming articles on the impact of social networking on your career and business (June and July issues).

These last two are for InTheBlack and again, thanks me!

There is also a major publication coming up that is a guide to ICT Outsourcing, which wraps up a stream of work that has been around for a couple of years now. 

CPA Australia has also commissioned me to write a policy and procedure guide to social networking.

As well as that I believe there is a ton of work coming through on the telework research front, and I am down to give three presentations at CPA Australia PD sessions in the next four months or so (Townsville, Brisbane, and Sydney and Melbourne, and Brisbane again). 

As well as continuing on with the IT Specialists assessment panel. 

There is also a total review of the websitre, and our content has been, finally, rebranded as “IT Management” rather than eBusiness, and as well as that we came up with some points to go to the 2020 Summit with.  However I don’t know that that produced very much :). 

So when I say ‘slack’ I actually think I may mean it in the ‘quite busy’ context. 

I think our work plan is still going strong – that will be the focus today and to align the dance card for the rest of the year.  April is a bit late for our first face-to-face meeting but no doubt it will all come together.

On another note – I’m thinking about setting up a video blog on this blog – technically, it’s all sorted.  I just need to find something to say.

IT Governance: A definition

by

There is a slight difference of opinion between a pure "governance" approach to IT and the IT governance approach espoused by COBIT.  In this series of blog posts I’ll be adopting the definition of Broadbent & Weill 2003 for IT Governance:

IT Governance is about who is entitled to make major decisions, who has input and who is accountable for implementing those decisions.  IT governance is different from IT Management.

Whereas I would contend that the approach under COBIT (alack and alas – managed by the IT Governance Institute) is not really about this true governance framework.  COBIT (Control OBjectives for IT) is about the control framework, identifying the maturity of IT processes, and who has what responsibilities in its role (using RACI charts – Responsible, Accountable, Consulted, Informed).  COBIT identifies the controls that should be put in place around IT, and some of its processes do in fact call for processes that support the kind of governance brought forward by Broadbent & Weill 2003, but in essence it is a framework for advising how to manage the business of IT.  IT Governance in this sense is more a concern of a board – the body that says "to address our requirements for corporate governance, thou shalt implement COBIT" – rather than IT managers – the body that implements COBIT. 

I do think that there is a distinct difference between IT Governance from the point of view of the Board, and IT Governance as put forward by COBIT.  This doesn’t mean that COBIT is not useful – on the contrary, COBIT is exceptionally useful.  However COBIT is by its nature focussed on the business of IT and is just… different.

Next week:  does IT Governance really matter?  WIIFTB (What’s In It For The Board)?

IT Governance Day: Is IT governance just for geeks?

by

Well if it’s Monday – and it isn’t (at least not in Australia) -  that means it is IT Governance day at the blog.  I could start with a fundamental overview of the world of IT Governance and set out an agenda of blog entries for the next few weeks – but I won’t.  That would probably be too ambitious – so I’ll start with a fundamental flaw in, apparently, just about everyone’s thinking.

Tying this post back to the subject line, not only is IT Governance not just for geeks, it isn’t for geeks.  IT Governance is ensuring that the entirety of the IT system works towards achieving business aims and strategy.  It relates to ensuring that the portfolio of IT people, processes, and technologies is in balance.  That role absolutely has nothing to do with IT speak.  And yet I have been approached by journalists and clients alike in the past with the absolute underlying assumption that IT is very technical and that it cannot be managed without an understanding of the technicalities below that threshold. That is absolutely not true and in fact the opposite is true – it is probably less-than-helpful at a Board and committee level  to have that technical understanding of IT.  You do not need to be an IT geek to be on the Board and governing IT operations.  All members of the Board are equally responsible for IT Governance, not just a board member with technical expertise. 

No-one expects a board member to understand how the engines in the fleet of delivery vehicles work – and, news flash, the modern vehicle is fairly complex!  Yet information technology instantly draws shudders of revulsion from some quarters and dark murmuring of witchcraft, magic smoke, and database normalisation (all of which are the blackest of black magic and therefore clearly evil and not to be understood by anyone).  The role of the board member in IT Governance is, in my view at least, to focus on the portfolio of activities, require monitoring and feedback regarding the performance of IT, and to provide direction in the allocation of resources.  Certainly this requires advice from IT professionals – particularly around the area of resource allocation – but good IT Governance does not require that the mechanic be at the board table just because he or she knows how to rebuild an engine.  .

I think the situation that we have has come about because in the past IT professionals have been guilty of portraying IT as some form of dark magic rite, as that was felt to give power and direction over IT.  There is certainly a danger for IT professionals in comjmunicating only half the story behind IT to the board.  I have met with more than a few IT professionals in the past who complain that their IT budget has been slashed because they opened up and tried to explain to the board what was needed.  In most casese, the board listened, heard mutterings of dark magic, and then found a language they could understand – the language of the bottom line.  Which, with great glee, the board slashed – with little regard for what that meant to business outcomes.  The danger here is that IT is seen as a cost rather than a benefit – and the lesson for IT in dealing with the board and those responsible for budget allocations is to focus on the benefits of IT rather than just the costs.

There is a great publication that I was involved with two years ago through CPA Australia called IT Governance:  A Practical Guide for Company Directors, and it is a very accessible and usable publication with great ideas for implementing IT Governance.  It can be purchased here and is something that any company should consider purchasing if they are serious about seeing value from IT. 

I will use this guide as a framework for my future posts around IT Governance.  I will make the note here and now that, as chair of the ITM CoE for CPA Austrralia, there is a publication focussed on the business management of information technology in the pipeline, and a publication of the IT Governance Guide aimed squarely at SME’s.  These will be interesting future publications – probably coming out in the second half of 2007 and first half of 2008 respectively.

Blogging and the art of lying fallow – fallow like a phoenix

by

The blog has been lying fallow for a fair chunk of this year.  There have been several good reasons (and several bad reasons) for this – it seems to be a point of pain that a lot of bloggers come to eventually.  For blogging to work, it seems you definitely need good content (well, duh) to attract readers.  And regular content.

So thinking it through the blog is at its tipping point – either it gets ‘heavier’ and more regular in its content or it devolves into a sporadic nonentity.  Clearly the second option is quite possible at the moment, but I guess I’d rather not.  The most successful blogs in my observation have had regular content on a topic of interest.  Now, ‘information systems’ is a fairly niche area of interest, so I am not kidding myself that this blog will:

  1. Ever make a Technorati ‘most popular’ list
  2. Make money

However, with any luck I can bring together my thoughts and research around the management of information systems into one spot and help at least a few people.  With this in mind, I am going to commit to the following schedule:

  • Monday:  IT Governance Day
  • Tuesday:  Business IS Strategy Day
  • Wednesday:  IT Management Day (IT Review and IT project management)
  • Thursday:  Information Management Day
  • Friday:  The Toolbox (New software or tools that help people to Get Things Done)
  • Weekend:  The Fun Stuff (Games, videos, jokes, strange stuff on the Net)

These topics cover off my areas of expertise and the work I do for clients, and of course I’ll try to throw in the ‘normal’ ad hoc blogging stuff like media mentions and upcoming speaking engagements.  I will try to throw in a bit more personal stuff as well to humanise the blog (although I attended a session on identity theft recently that scared the bedickens out of me). 

And while I’m at it – a name change is in order so that the blog sounds less like the poor cousin to a root canal and somewhat trender, hipper, and using a language that has been dead a thousand years:  from the ashes arise ‘notitia ratio procuratio’ (latin for information systems management).Â