Download (direct link):
The electronic manufacturer example shows how policy results in architecture and standards that positively reinforce governance.
86 CHAPTER 3 PEOPLE AND GOVERNANCE
There should be a governing body for approving and monitoring IT portfolio management—the board of directors. The board of directors is responsible for providing the strategic leadership and oversight aspects of IT governance: policies, measurements, and delegation of accountability. However, the level of understanding of IT at the board level and the allocation of sufficient time to evaluate and assess IT investments is limited, creating a suboptimal situation. Therefore, the tactical aspects of IT governance should occur at the executive level where decisionmaking authority and funding allocations are made.
The executive-level representation occurs through the executive steering committee (ESC) or IT investment committee, which is responsible for governing the ongoing operations of the company, including balancing the IT portfolio. This committee is responsible for translating business and strategic goals into actionable plans, providing the foundation for leadership, organizational structures, and infrastructure to facilitate the achievement of these plans. Staffed by business and IT leadership, the committee engages in all big IT decisions. Smaller IT investment decisions are usually made within subcommittees and governed by an individual investment threshold and/or a cumulative per annum expenditure amount. The ESC is tasked with taking direction from the board regarding risk threshold levels and setting control parameters at the business unit and divisional levels. In addition, the ESC ensures alignment, balance of investments, close coordination with other entities in the company, and delivery of relevant performance metrics according to plan.
With respect to IT governance, neither one size, nor one approach, fits all companies. The IT Governance Institute presents an insightful perspective of forming an IT strategy committee and an executive steering committee. The executive steering committee oversees the day-to-day management of IT and decides IT spending and cost allocations. The IT strategy committee provides direction and assures that IT is pointed in the right direction when aligning with business strategy. Both board and nonboard members are represented on this committee. They also serve as the watchdog for the board, assuring that IT is meeting plans. Exhibit 3.3 shows the responsibility, authority, and membership of each committee.
The executive steering committee interacts closely with the enterprise program management office, finance, legal, facilities, procurement, and the IT division. These entities work closely together to assure an optimal allocation of resources (people, facilities, infrastructure, data, applications, contractors, and outsourcers) in planning, scheduling, and implementing investment decisions.
The enterprise program management office (EPMO), which is both a project management center of excellence and the project portfolio management organization, serves an important role in IT governance. Most companies struggle with
IT GOVERNANCE 87
EXHIBIT 3.3 IT STRATEGY AND EXECUTIVE STEERING COMMITTEES
Level IT Strategy Committee Executive Steering Committee
• Board level • Executive level
Responsibility • Provides insight and advice to the board on • Decides the overall level of IT spending and
topics such as: how costs will be allocated
--- The relevance of developments in IT • Aligns and approves the enterprise IT
from a business perspective architecture
--- The alignment of IT with the business • Approves project plans and budgets, setting
direction priorities and milestones
--- The achievement of strategic IT • Acquires and assigns appropriate resources
objectives • Ensures projects continuously meet business
--- The availability of suitable IT requirements, including reevaluation of the
resources, skills, and infrastructure business case
to meet the strategic objectives • Monitors project plans for delivery of
--- Optimization of IT costs, including the expected value and desired outcomes on
role and value delivery of external IT time and within budget