For most CIOs, IT governance is not a new concept. Much attention has been given to formal IT governance in recent...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
years, and the payoff for instituting a formal structure can be significant. However, managing and maintaining successful IT governance can be a CIO's biggest challenge.
"There's a lot of interest," said Craig Symons, principal analyst in IT management at Forrester Research in Cambridge, Mass. "CIOs are under more and more pressure to demonstrate a value mechanism for IT."
But although much of the attention has been paid to the side of the process involving portfolio management and prioritization, committees populated by CIOs and senior business executives, the biggest challenge of IT governance is project management.
Successful IT governance frameworks must not only take into consideration the big-picture considerations of project portfolio management, but also the details of how those investments get built—on time and on budget.
"Most companies have some degree of IT governance, but they're now adding formal procedures such as key performance indicators," said, John Pironti, principal enterprise solutions architect and security consultant at Unisys Corp., in Blue Bell, Penn. "Project managers then need to abide by those policies and procedures when planning projects." Peronti added that IT governance implementation also requires change on the part of project managers and executive sponsors.
CIOs looking to build an IT governance framework that balances business prioritization with project management issues should keep the following tips in mind:
Address increased project management overhead
One of the most important parts of the IT governance processes is the creation of formal metrics and controls that measure both IT efficiency and the business ROI of a particular technology project.
"Governance is saying that they're going to prove that IT is doing things in the fashion decided by the organization, and it means putting in indicator points and processes that allow for reporting mechanisms," Pironti said.
But incorporating such governance controls into an IT project adds both time and costs to any project—something that few project managers will face with equanimity.
"Project managers are usually measured on their ability to stay on time and budget, so when you talk about adding money and resource requirements to a project, they get scared," points out Pironti. "It's a balancing act. Project managers have the right intentions but they will still worry about the consequences of putting in overhead costs."
Pironti recommends that IT governance staff work with project planning offices to factor in the new controls in each project, even going so far as to provide a governance representative for larger initiatives.
And responsibility must rest with the business side -- not the project manager—to okay the added cost and impact that the inclusion of governance mechanisms will have on a project.
"[The business side] must always make the decisions that relate to business goals and decisions, and executives need to communicate that it's necessary to do so," Pironti said.
Include project management in the IT decision tree
IT governance methodologies add new decision-making bodies to the mix, said Susan Dallas, principal analyst at Gartner in Stamford, Conn.
"In the old days, there was one IT steering committee, but now we're seeing different governance mechanisms put in place to decide various domains," she said. So while there should be a senior steering committee comprising the CIO, line business executives, the CEO and the CFO that makes IT funding and prioritization decisions, companies are also adding different structures to accommodate supporting issues. Smart companies build project management into the interlocking series of decision-making bodies.
For example, Oregon Health and Science University (OHSU) in Portland, Oregon, has created a solution development life cycle that integrates project management and IT governance processes. "One of the first steps to successfully implement this strategy is to develop an organizational strategic information plan (SIP) based on business objectives and strategies," said John A. Kocon, project management officer in OSHU's information technology group. "The SIP is jointly developed by business unit leaders and IT leaders, and once completed, the key IT Initiatives are then identified through a prioritization process."
CIOs are under more and more pressure to demonstrate a value mechanism for IT.
Craig Symons, principal analyst, Forrester Research Inc.
The SIP then feeds into the project management life cycle, with periodic check backs to ensure that ongoing projects continue to reflect business needs.
Institute a portfolio review. IT governance can also help companies better monitor projects through the project portfolio review process. Portfolio reviews are designed to continually evaluate the status of an ongoing project and its projected business benefit. By constantly re-evaluating projects and allocating funds to match changed statuses, businesses stand a better chance of bringing the best projects to fruition from a business standpoint. "In the past, once a project got approved it took on a life of its own and three years later was over budget," said Forrester's Symons.
Gartner's Dallas recalls one client who had a standing rule that any project facing a 10% increase in budget, time or scope had to face a mandatory project review. "The project manager and the project sponsor were responsible for staying on top of this, and it was a very serious responsibility," she said. "You could go over budgets for good reasons, but there was no good reason for it to be a surprise."
While IT governance processes and procedures may be throwing a few spanners into the works now, these controls will most likely become mainstream within several years. "There's no doubt that certain organizations have started to feel the pain of increased costs in project management activities," said Pironti. "But it's like QA -- after a while, it will become business as usual."
Carol Hildebrand is a contributing writer based in Wellesley, Mass. Let us know what you think about the story; email firstname.lastname@example.org.