Saturday, February 11, 2012

What Keeps Me Up at Night (And What I Can Do About It) Part 4

"Governance? Resource contention? Process ownership? Prioritization? Resource management?" Those are the actual words I used in a recent presentation given to S-K’s Senior Leadership Team. I was educating them as part of a proposal for a new model of IT governance. I was also introducing them to an approach that had the potential to become just another failed attempt at getting our hands around how to manage scarce IT resources (the fifth thing that keeps me awake at night). Yet, I knew that for S-K to move forward – to enable our desired corporate transformation and to sustain effective on-going operations – a new model of IT governance was needed.

But let me step back and allow you to understand the genesis behind this new proposal related to IT governance. Like every other CIO, demand for IT capacity far exceeds the ability of IT to deliver at S-K. Everyone who makes a request of IT considers theirs to be a priority and wants it done as soon as possible. There is considerable frustration from these requesters when their work is not getting addressed or has been put on-hold to address other priorities. There is also considerable frustration within the IT Department. We do not want to have to wear the “black hat” and always be the one saying “no,” “not now,” or “later.” We do not want to have to “tamp down” on our own staff who try to squeeze in a small or quick fix to be more customer-service friendly. We do not want to wrestle with low morale resulting from the stress of demand exceeding supply.

If we want to transform S-K and fix this all-too-common problem, a new approach was needed. In simple terms, we needed an approach that ensures that IT capacity is working on the right things at the right time to enable business goals. We needed a set of controls that focuses on organizational success while managing associated risks. Sounds simple, right? Unfortunately, the devil is in the details!

Why is IT governance so difficult to implement? Business leaders want to do the right thing. They want the business to succeed and they will work hard to make that happen. But all too often, they are motivated and rewarded by having their small part of the organization succeed. IT governance requires that the scarce resource of technology capacity be diligently distributed across the organization for overall business success. In other words, it requires that IT cannot be allocated on the basis of individual team needs but rather on collective, organizational goals.

How does IT governance work at S-K? All technology investment requests are brought to a single committee (at S-K we are calling this the Process Owner Committee) and the merit of every request is debated and a decision is arrived upon. Membership of the board is made up of the process owners in the company (order to cash, customer acquisition, etc.) that have been selected by the Senior Leadership Team at S-K.

What are the “core” values that will ensure IT governance works at S-K? The core values required are the willingness to wear a “corporate hat” and the ability to compromise. If participants are focused on the success of the entire business, compromise becomes easier. This new committee will need to learn that there is a better way to manage your scarce IT resources.

Is IT governance optional? No! There are many ways to implement IT governance, but the principles remain the same. While we can debate the method of implementation, some form of IT governance must be part of your organizational processes. Bureaucratic? Sure. Essential? Definitely.

How is the new approach working at S-K? We have formed the committee. We have a clear roadmap of IT projects that have been agreed and approved to move forward on. We have a clear list of projects that are in the queue. We are educating the members on the criticality of getting all project owners to clearly define the ROI of their projects. We are all holding hands and wearing a “corporate” hat. But the bottom line is – it is too early to tell! We are merely starting on a journey.

While we don’t have all the answers (and I do not want to bore you with the details), what are some of the elements of a world class governance model that we are attempting to incorporate into our approach here at S-K:

1. Corporate Perspective
Projects are prioritized from a corporate perspective. Members are asked to make the best business decision for the company, not for their constituency.

2. Working Committee
This is not an informational meeting. It is a working meeting.

3. Forward Looking Committee
It is a forward-looking committee. Projects already “in flight” are only discussed if there are issues to resolve or risks to mitigate.

4. Single Governance Model
While there are three governance committees (we have individual committees that prioritize break-fixes and small enhancements for each functional area, we have the Process Owner Committee that prioritizes projects and major initiatives over a man-month, and we have an IT Executive Steering Committee that resolves conflicts and resource/funding issues arising from the Process Owner Committee), we have a single governance model. All requests (changes, enhancement, and projects) are entered into the same system. All requests over a man-month are reviewed by the Process Owner Committee (something that the IT Executive Steering Committee does not have the patience for). The executives and subordinates understand that the Process Owner Committee has to sign off on all requests (either by assigning IT resources to work on break-fix/enhancement requests or by assigning IT resources to projects).

5. Senior Management Support/Involvement
Senior management remains involved in the process. They select the members of the committee, they empower the committee members to be ambassadors for the corporation, they review committee decisions on a monthly basis, and they resolve any and all conflicts (resource and funding-related). Communicating and supporting IT governance is the single most important IT role of senior leaders.

6. Exception Handling Process
Inevitably, exceptions challenge the status quo, particularly the IT architecture and infrastructure. Some requests for exceptions are frivolous but most come from a true desire to meet business needs. If the exception proposed by a business unit has value, the Process Owner Committee will work with IT (and possibly the IT Executive Steering Committee) to make a change to the IT architecture that can benefit the entire enterprise. Formally approved exceptions offer a second benefit in that they formalize organizational learning about technology and architecture.

7. Incentive & Compensation
A common problem encountered with IT governance is a misalignment of incentive and reward systems with the behaviors and priorities the IT governance approach is designed to encourage. We are working with senior management to ensure that executive sponsors of projects have the successful completion of that project as one of their accountabilities/objectives for the year. We are also discussing how we might add IT-related objectives (e.g., meeting the IT budget) to the accountabilities/objectives for the Process Owner Committee members in future years. It is hard to overestimate the importance of aligning incentive and reward systems to governance arrangements.

8. Technology Expertise
IT assets are more and more important to the performance of most enterprises. A reliable, cost-effective, regulation-compliant, secure, and strategic IT portfolio is more critical today than ever before. The persons added to the committee must understand what the technology is and is not capable of. It is not the technical details that are critical but a feel for the two-way symbiotic connection between technology and business.

9. Transparency and Education
It's virtually impossible to have too much transparency or education about IT governance. Transparency and education often go together—the more education, the more transparency, and vice versa. The more transparency of the governance processes, the more confidence in the governance. In the future, S-K will be utilizing portals or intranets to communicate IT governance. The less transparent the governance processes are, the less people follow them. The more special deals are made, the less confidence there is in the process and the more workarounds are used. The less confidence there is in the governance, the less willingness there is to play by rules designed to lead to increased firm-wide performance. Special deals and non-transparent governance set off a downward spiral in governance effectiveness.

10. Outlaws Outlawed
We are experimenting with having the IT Executive Steering Committee (the Senior Leadership Team largely makes up this committee) acting as the “Sheriff.” There are many things that will undermine the success of this new IT governance approach but allowing “outlaws” to freely roam guarantees failure. What do I mean? It is imperative that senior management squelch rogue IT projects, disallow the building of shadow IT organizations, disallow funding of unapproved projects, and discourage quick-fix, throw-away solutions.