IT governance, corporate governance must align in economic recession

By Rachel Lebeaux, Associate Editor 12 Mar 2009 | SearchCIO.com

IT news and analysis for CIOs Digg This!     StumbleUpon     Del.icio.us

More IT management resources As recession deepens, IT transformation best handled in chunks Business intelligence strategy success a matter of alignment

Craig Crawford, senior manager of advisory services at Ernst & Young LLP, points to increasing risks in and expectations of IT in recent years -- the growth of the Internet, compliance concerns, mobile computing and advanced security risks -- as reasons for the critical need for IT governance.

Add the pressure that comes with operating in an economic recession, and, "at this moment in time, IT governance is probably more important than ever," Crawford said. "Specifically at the highest level of IT, making investments going forward, [there must be] an understanding of how to make decisions, take specific technologies and [determine] how IT applies them."

As companies try to pare down their budgets, one of the easiest places in IT to look at is the project portfolio -- specifically at those areas they don't have to do now, Crawford said. "It is that governing capability where those decisions have to be made between IT and the business."

Jane Landon, CIO and deputy commissioner of finance for the city of New York, advises being prepared for changes in IT governance in an economic recession.

"In my humble opinion, this is a period of time in which you're going to see changes in governance, not because IT is thinking it wants to change governance, but because companies are thinking they want to change it," she said. "There's nothing worse than having IT governance not in line with corporate governance. Governance needs to adapt. Otherwise, you're a fish out of water swimming upstream."

Jeff Stempora, a consultant who most recently was senior vice president and CIO at 4,500-employee Erie Insurance Group, called governance a "critical component" of doing more with less in an economic recession.

"In times like these, everybody wants to make sure they're focusing on the things that have to be done versus those they want to get done," he said. "Governance is all about who makes the decisions. And the results are obvious -- you get more out of the system with governance."

Establishing an IT governance solution

Landon went right to work on establishing a governance system when she started working for the city of New York two years ago. "There was none in place -- it was whoever called the right person or screamed the loudest" got what they wanted, she said.

The city implemented governance at three separate levels, depending on the cost of project or item requests and their impact on the organization as a whole. The city also makes an effort to track those projects within the organization that take less than 24 hours to complete.

These governance committees rely heavily on metrics, Landon said. For example, they might assess the effectiveness of IT adding a function to payment operations by measuring whether customer satisfaction increased by a certain percentage.

"We have literally thousands of metrics that we're measuring today as an agency," she said. "It's a little more difficult to do the pure ROI here in government like you would do in a business. We typically don't do that unless it's a project of a large scale."

That's why it's important, in promoting IT governance, to make IT performance management compatible with how the business at large understands and measures things, Crawford said.

"We tend to want to have some type of management system in place for IT, but they often become something that only IT understands," Crawford said.

For instance, an IT department in the mortgage lending business might relate its IT capabilities back to the number of loans originated or cost per loan originated, Crawford said. "It's a way of helping the business understand, in its own terms, how IT is contributing back to what they do."

IT governance and strategy

IT governance at Erie Insurance was linked to the firm's overall annual strategic planning process, Stempora said, following a system he put into place during his tenures at Bloomington, Ill.-based State Farm Mutual Automobile Insurance Co. and New York-based Citigroup Inc.

There's nothing worse than having IT governance not in line with corporate governance. Jane Landon CIO and deputy commissioner of finance, city of New York

Executives from all areas of the business gathered to discuss plans for five years out, then worked back to the current year in determining how to move forward with those plans and link them to the final budget.

"Typically, there are more initiatives than money and time to do them, so it becomes critical to sit down with the business and say, 'Here's what I have in terms of resources and budget,'" Stempora said.

Implementing checkpoints along the way are very important, so the business can see, for example, that a project's price is creeping up to the point that its cost outweighs its returns.

"That's the part of governance that needs to become more critical in current times, because very few companies can take on endeavors costing $3 million when they're only making $2 million," Stempora said. "Once you see the process going south, there are ways to recover that using insight and governance to make the right call."

Find the IT governance model that works for you

Landon said there are probably 10 to 15 well-established governance models, and organizations should assess which work best for them before putting one into place.

A CIO or other IT executive looking to improve an IT governance system should first determine whether the organization has a corporate governance structure and, if so, read it, understand it and model the decision making process to align with it, Landon advised.

If the company doesn't have a formal corporate governance, there is probably an informal one in place. The IT governance model "needs to be in alignment with the way decisions are being made; otherwise, you're fighting upstream on all decisions," she said.

Most important, "In these economic times … ROI and how you weigh things should be really important, so the right projects bubble to the top," Landon said. "As an executive, don't be married to the model you put in place in these economic times, because I think there will be changes to corporate governance."

Tags: IT governance,  Enterprise application integration,  Enterprise risk management,  Cost-cutting strategies for CIOs,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT IT governance How Virginia's new CIO is fixing the state's IT outsourcing problems Six ways to fail with your SOA implementation Agile development methodology not easy but worth the effort, users say Botched IT outsourcing contract shows need for governance, SLAs Multi-sourcing requires IT governance strategy with multiple tiers Looking for low-cost business processes? Check out GE WorkOut and FTD Uniting ITSM, PPM process methodologies yields IT management benefits What's your beef with the agile development methodology? PPM and IT governance in a recession: A guide for enterprise CIOs Project management governance: How much is enough? Enterprise application integration SOA success stories involve business process management Cloud computing helps firm bring call center in-house, integrate apps Using SaaS CRM for application integration gives users single sign-on On-demand data integration ties HD Supply to customers Enterprise application integration and development: Special Report Five ways to streamline your application development process IBM flexes PLM muscles in midmarket EAI software helps grocer streamline business processes, save money Slow application response time has negative effect on remote workers Make the business case for enterprise information integration Enterprise risk management Email archiving solutions and strategies for enterprise CIOs For CIOs, email deletion scandal shows need for email retention policy Swine flu preparedness: Business continuity during an H1N1 outbreak Talking swine flu and Conficker with the CIO of the CDC Tips from the CDC's CIO on H1N1 flu preparedness Tips for business continuity and contingency planning for swine flu Enterprise risk management quiz for CIOs Enterprise risk management solutions for CIOs Gartner: Future IT security jobs to focus on risk management strategy Business continuity plan needs the right leader, metrics to succeed

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary GRC (governance, risk management and compliance) software  (SearchCIO.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary