IT governance is a noxious task, yet leaving it undone — or asking the Chief Information Officer to bear the load alone — is a recipe for trouble.
I have written at length about the Governance Board, and how it brings (and keeps) the rest of the organization at the table with the CIO, to govern IT for the good of the enterprise.
But what are the core decisions that a Governance Board should be taking?
Each Board will come at these in the order that suits the needs of their enterprise, some needing immediate attention, others not coming to light for years. But all of these are part of the Board’s remit, and none should be sloughed off.
Under what circumstances should a project be funded and released? The goal here is to encourage the development of ideas — to follow the same principle a pharmaceutical research firm uses, of exploring many avenues and looking to turn many of them aside as unworkable or impractical. Rather than forcing the organization to “commit” to an idea simply to have it heard, the Board should encourage exploration by defining at what point an idea has become “a project”. (The outcome should be far less on the backlog, and a willingness to commit everything required for something to be done in a timely manner once it hits the release conditions.)
What does differentiation look like for us? The goal here is to define the areas of IT outcome that would make a true difference to the organization. In essence, the resulting asset portfolio is split: there’s the portion that is common to this enterprise and others (does not differentiate you), which should be made, over time, to be dead dog ordinary and “clean”. The other is the portion that makes the enterprise unique, and it should be as bespoke as possible.
What targets are we setting for the two key metrics of Actual Return on Investment Obtained (AROIO) and Total Cost to Own and Operate (TCOO)? These are the two key measures for IT investment success over time, the first focusing on getting results from the project portfolio and the second ensuring the asset portfolio is taking advantage of price-performance changes in the marketplace. It is a strategy-level decision appropriate to the Board, although the CIO will run IT so as to achieve the targets.
What are our information needs, especially information we do not have today? This is the translation of business strategy into IT strategy: what types of things need to be provided that aren’t readily available to the business, and why. It is the exploration, or R&D, portion of the IT portfolio, since getting to these is often pre-requirements definition in nature (so it is a requirement to invest accordingly on behalf of the enterprise, not a department).
Add to this approval of architectural states, policies, and stop decisions for projects whose projected AROIO has fallen into a loss situation, and the work of the Governing Board is complete.