Professional Documents
Culture Documents
Enterprise It Governance Par 374554 PDF
Enterprise It Governance Par 374554 PDF
Key Challenges
■ Existing IT governance market best practices are primarily focused on parts of the IT function.
They don’t account for the shifts happening at an enterprise level in information and technology
(I&T) in terms of business-led IT or the decision-making powers required for digitalization.
■ Choosing the wrong IT governance champion (someone other than a board member or
mandated executive) severely impedes the urgency, recognition and implementation of IT
governance.
■ The value of IT governance is determined by the maturity of the enterprise with regard to IT.
Enterprises with a high maturity toward IT recognize IT as a contributor to enterprise goals,
while enterprises with low maturity need to overcome initial resistance to IT governance.
Recommendations
CIOs addressing leadership in governance, strategic execution and operational performance:
■ Take a best-of-breed approach when evaluating industry best practice frameworks for your IT
governance capability by using what fits best from the various frameworks to create your own
framework. There is no such thing as an out-of-the-box IT governance framework.
■ Use business transformation and disruptions as an onramp for IT governance implementation or
validation by never wasting enterprisewide transformation projects that might “stress-test” your
IT governance capability. These changes test the enterprise’s ability to set direction, solidify
ownership/decision rights, and execute on its goals and objectives.
■ Validate the IT governance design with the primary and tertiary decision groups in the enterprise
by taking a lead-by-example approach. Show the examples in the organization that have
benefited or suffered from the lack of IT governance.
Introduction
This research will help CIOs and project teams tasked with implementation of IT governance
navigate the complexities of implementing a sustainable IT governance framework in their
enterprises. IT governance is considered one of the most critical leadership disciplines required to
enable organizations to execute on their operational and strategic goals.
The rationale for having enterprise IT governance (EITG) is well-understood, albeit from a regulatory
or performance perspective, but going from intent to implementation is often challenged. The
challenge is twofold:
1. Designing the right IT governance framework (matching your enterprise maturity and ambitions)
2. Implementing the configured IT governance framework to operate IT governance as a
recognized enterprise capability (integrated and recognized as part of your corporate
governance)
The implications of IT governance are far-reaching and may include adjustments to your business
operating model and the I&T operating model, and could subsequently influence the delivery of
services inside and outside the enterprise.
As custodians of I&T assets in the enterprise, CIOs are often tasked by their leadership to
implement an IT governance capability in their enterprises. CIOs will leverage enterprisewide
changes, such as ERP implementation or digital disruption, to ignite the importance of IT
governance across the enterprise.
It is important, however, for CIOs to understand that their role will be to establish the IT governance
capability through leadership, decision rights and structures, rather than owning it. The champion
and owner for IT governance ideally is the board. CIOs reporting to a member of the executive team
must validate that the delegated executive champion for IT governance has a mandate from the
board to implement IT governance.
As Part 1 of this two-part series, this research focuses on designing the right IT governance
framework (matching your enterprise maturity and ambitions). Part 2 (see“Enterprise IT Governance,
Part 2 — Implementing the Framework”) will focus on implementing the configured IT governance
framework to operate IT governance as a recognized enterprise capability (integrated and
recognized as part of your corporate governance).
Analysis
Determine Your Enterprise IT Governance Capability
IT governance is a subset of corporate governance and is ultimately the responsibility of the board,
which will balance both conformance and performance in their objective setting and decision
making for the enterprise. The board will emphasize oversight and conformance, whereas the
executive team will be more focused on performance and business value.
Good governance will drive connected and evidence-based decision making across conformance
and performance aspects to advance the goals of business and society. Enterprise governance of IT
IT governance aims to continuously align enterprise goals and outcomes with I&T. This, however,
has become increasingly complex, due the nature and speed of business, raising the attention of
the board and executive management on the risks associated with badly governed I&T and its
potential to accelerate aligned delivery of business outcomes. Enterprises, therefore, are rethinking
their IT governance approach to validate whether investments in I&T are generating business value,
and IT performance meets realistic business expectations.
Table 1 provides an overview of commonly found IT governance focus areas and their underlying
processes. CIOs should consider these when determining the scope of governance.
Strategy Direct Business Strategy Business and I&T strategy direct investments to execute
I&T Strategy/Planning strategy and deliver business outcomes.
IT Strategy Key Provide direction to IT function, IT plan and business-unit-
Performance Indicators led IT (IT/I&T) on priority setting.
(KPIs)
Value Create Business Value of I&T Assurance on IT’s contribution to strategic business
Business Outcomes performance indicators.
Portfolio Management IT portfolio investments and rationalization against
strategic requirements and business outcomes.
Performance Monitor Business Performance Evaluates and monitors strategy execution, investment
IT Performance returns, business-IT performance, and the achievement of
Execution business and IT outcomes.
Resourcing Match Capacity Management of Direct capacity of limited business and IT resources
Critical Resources toward realizing business outcomes.
Leadership, enterprise maturity (with regard to use of I&T and IT function), governance mechanisms
and culture heavily influence the adaptation and effectiveness of the IT governance capability in the
enterprise. These four critical enablers are often overlooked or underestimated when implementing
IT governance. CIOs need to address these enablers as part of change management to sustain the
implementation of IT governance in the enterprise (see Table 2).
Enterprise Grow I&T Capabilities The maturity of the enterprise toward leveraging I&T/IT as a
Maturity Enterprise Use of I&T strategic enabler for achieving business outcomes and
IT Function delivering value.
Culture Influence Beliefs Recognize and use culture and beliefs to frame your IT
Values governance in the enterprise.
Symbols
CIOs or business project teams tasked with implementing IT governance need answers to the
following questions to determine the scope of IT governance, the impact of its implementation and
how it will be evaluated to determine its performance:
The answers to these questions are provided by critical stakeholders that are accountable, affected
and responsible for decisions on IT and I&T in the enterprise: board members, executives,
enterprise leaders, HR and legal/risk. CIOs might be overwhelmed by the responses they receive,
but must keep the following in mind:
“Designing and Implementing the I&T Operating Model: Components and Interdependencies”
“Governance and Culture Are the Fabric of Your I&T Operating Model”
“Integrate ‘Shadow IT’ and Business-Led IT Into the I&T Operating Model to Enable Enterprise
Agility”
Corporate Headquarters
56 Top Gallant Road
Stamford, CT 06902-7700
USA
+1 203 964 0096
Regional Headquarters
AUSTRALIA
BRAZIL
JAPAN
UNITED KINGDOM
© 2018 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This
publication may not be reproduced or distributed in any form without Gartner's prior written permission. It consists of the opinions of
Gartner's research organization, which should not be construed as statements of fact. While the information contained in this publication
has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of
such information. Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice
and its research should not be construed or used as such. Your access and use of this publication are governed by Gartner Usage Policy.
Gartner prides itself on its reputation for independence and objectivity. Its research is produced independently by its research
organization without input or influence from any third party. For further information, see "Guiding Principles on Independence and
Objectivity."