Readings
- Describe the five IT questions that Weill & Ross (see Figure 3-4) see all organizations making?
- How do the Weill & Ross questions line up to the McKinsey questions? What’s changed in the last 15 years?
- Which archetype do you think is the most rare? Most common? Why?
- What is the difference between and IT Strategy committee and an IT Steering Committee?
- What archetypes do you see in your company? How well do they work?
No case this week
Paul Linkchorst says
Professor Yeoman’s Section
What is the difference between and IT Strategy committee and an IT Steering Committee?
According to the CISA review manual, the major difference between an IT Strategy Committee and IT Steering Committee is that one focuses on the strategy while the other focuses on the implementation. As one can guess, IT Strategy Committee is the group involved in the IT strategy of an organization which advises the board and management on current and future IT strategies. This committee is made up of board members and specialists who provide insight on such topics such as alignment of IT with the business direction, achievement of strategic IT objectives, progress of major IT projects, risk and return of IT investments and much more. Conversely, the IT Steering Committee is involved in the implementation and oversees the day-to-day management of IT projects. This Committee is comprised up of sponsoring executives, business executives, the CIO and other key advisors such as Audit, Finance, Legal, etc. Some actions that this committee performs is determining an IT project budget, assign project resources, monitor the project for time and budget, and aligns the IT project with the business needs.
Wenlin Zhou says
Professor Yeoman’s Section
What is the difference between and IT Strategy committee and an IT Steering Committee?
IT Strategic Committee:
1.Focuses on Direction and Strategy
2.Advises board on IT strategy and alignment
3.Optimization of IT costs and risk
This group provides direction and high-level overview. They will be concerned that: IT plans align with business plans. IT delivers promised benefits and objectives. All understand risk. IT Delivers IT services at optimized costs. Group can track IT performance via metrics, scheduling, costs. IT Strategy Committee ensures availability of IT resources, skills and infrastructure to meet strategic objectives. IT Strategy Committee provides direction to management relative to IT strategy.
IT Steering Committee:
1.Focuses on Implementation
2.Monitors current projects
3.Decides IT spending
This is the functions of the lower management committee, the one which steers. They monitor progress of projects, detailed funding. Make decision of IT being centralized vs. decentralized, and assignment of responsibility. Makes recommendations for strategic plans . Approves IT architecture. Reviews and approves IT plans, budgets, priorities & milestones. Monitors major project plans and delivery performance
IT Strategic is highest level – they APPROVE business strategy and may help to DEFINE/DECIDE it.
IT Steering is lower than IT Strategic, but involves management
Think Steering = Deciding where to turn when driving a car. The car is still on the ground and navigates through real traffic.
Resource: http://www.cs.uwp.edu/Classes/Cs490/notes/ITGovernance.ppt
Richard Flanagan says
Wenlin,
I like you answer and encourage you to expand your description of the IT Strategy Committee by thinking about those questions that Weill & Ross focus on. These are the issues that the IT Strategy Committee should be thinking about.
Deepali Kochhar says
I agree with you Professor. The IT Strategy committee should be focused on alignment of C-Level, IT executives and business units based on the archetype being followed by the organisation. Once that is mapped out, the committee design and implement mechanisms to work on alignment with business strategy and establishing IT Governance.
Sachin Shah says
well put. I agree the IT Strategy committee is responsible for creating and picking members of the steering committee. I think that the steering committee establishes the IT governance as they are the ones who are enforcing policies or laws. The steering committee is usually in the trenches and their responsibility is also to keep the strategy team engaged and informed of what is going on with projects and initiatives.
Brou Marie Joelle Alexandra Adje says
Professor Yeoman’s Section
What is the difference between and IT Strategy committee and an IT Steering Committee?
On one hand, the IT strategy committee governs by ensuring alignment between IT and business strategy through enterprise IT governance. It monitors strategic IT plans and enterprise resource availability to support IT initiatives. The It strategy committee also helps to understand and mitigate the risks Note however that this committee does not carry decision authority exclusively.
On the other hand, the IT steering committee uses guidance received from the IT Strategy committee to oversee major projects and ensure that they meet business requirements and align with IT strategy. The IT steering committee It is the “link” between the IT strategy committee( the governing body) and project teams.
Sean Patrick Walsh says
If the IT Steering Committee only oversees “major” projects, who oversees all the other projects? I agree with you that the major projects would be on the committee’s radar and that some maximum amount of a project cost would be set to help alleviate the committee from having to approve and manage every project with its precious time. Which group do you think sets that limit? Do you think more goes into creating that cutoff than just cost?
Richard Flanagan says
Sean,
In a larger organization there is apt to be a PMO that “oversees” all the projects and reports to the IT Steering committee. Major projects go before the committee at each meeting, minor ones usually get reported on only when there is a problem. Our cut line was about $500,000 but that depends on the organization and the visibility of any one project. If a project is being done for the CEO or the board, it gets visibility no matter how small.
Sean Patrick Walsh says
I understand. I didn’t even think about PMO/PMP’s in the discussion beforehand and I see that I should have. It makes sense to have a cutoff so that way the resources of the actual steering committee’s time and focus aren’t utilized for projects that don’t really need the concern at that level. I can relate to anything that is being done for the CEO as “high visibility” much like work was for high ranking officers on the ship like the Admiral, CO, XO, Dept. Heads, etc. I’m guessing that projects that might not cross over the minimum set cost threshold would still be high-visibility if they were critical, or if their failure was critical to the company.
Richard Flanagan says
Exactly
Sachin Shah says
In my current company I have seen the IS department double in size and in order to remain efficient, a PMO was created. Every week there is a project intake meeting. In this meeting we go over the project or service requests. If 3 or more teams are involved than it is recommended to have a project manager.
Yet there are times we go backward and due to lack of Project Management resources, the IT representatives from the team have no choice but to internally manage the project. This is never an issue for me as I have worked at small companies or departments where I had a manager of course but no project managers. I was always one that did not need micro management or took care of my tasks promptly. Yet the same can not be said of every IT employee.
Other factor that the PMO needs to understand is the business significance or stake holders. Sometimes there may be a small task but there is a lot of money behind a small job yet it may seem trivial to have a Project Manager, but due to the significance there is one.
Jason Wulf says
4. What is the difference between and IT Strategy committee and an IT Steering Committee?
The IT Strategy Committee is typically composed of board and non-board members, whereas the IT Steering Committee is composed of executive and higher level managers.
The IT Strategy Committee looks at gaps, risks, direction, investments, and strategic objectives, whereas the IT Steering Committee prioritizes IT direction/projects, verifies business alignment, makes recommendations to strategic plans, approves budgets, monitors projects and service levels.
To quote the Info-Tech Research Group, the IT Steering Committee is about having the “right people making the right decisions to drive IT success”. This seems to have a direct correlation to the class core of “Right things, done right”.
InfoTech Research Group
See https://www.infotech.com/download/57468
Richard Flanagan says
Jason,
I know you got this from the reading but have you ever come across a company where a member of the board sits on the IT Strategy committee? I haven’t and it doesn’t seem like something a board member would do. CEO, CFO, COO sure but a board member. Am I wrong here?
Jan Yeomans says
I concur with Prof. Flanagan’s reply. Board members are responsible for making sure the IT Strategy Committee has a robust process which is consistently adhered to. They need to be careful not to step over the boundary and act as business management.
Jason Wulf says
Does this help?
Leadership and authority are key. According to the ITGI IT strategy committee briefing, “The chairman should be a board member and it is important that at least two board members remain active in the committee so the board is adequately represented.”
Reference:
Information Systems Control Journal Volume 4, 2003, Page 2
Coordinating IT Governance—A New Role for IT Strategy Committees
Gary Hardy
http://www.qualified-audit-partners.be/user_files/ITforBoards/GVIT_ISACA-Hardy_Garry_Coordinating_IT_Governance_____A_New-Role-for_IT_Strategy_Committees_2003.pdf
“Mellon Financial, Novell, Home Depot, Procter & Gamble, Wal-Mart, and FedEx, among others, have taken this step, creating board-level IT committees that are on a par with their audit, compensation, and governance committees.”
“Creating a board-level committee is not, however, a best practice all companies should adopt. For many firms—consulting firms, small retailers, and book publishers, for instance—it would be a waste of time.”
Harvard Business Review, October 2005 Issue
Information Technology and the Board of Directors
Richard Nolan and F. Warrent McFarlan
https://hbr.org/2005/10/information-technology-and-the-board-of-directors
Richard Flanagan says
I think the difference here is board committee vs management committees. A board committee would have only board members on it and they would oversee IT. Thats different from the management committee (i.e. IT Strategy Committee) that is making the decisions and presenting them to the board for oversight.
Jason Wulf says
Leadership and authority are key. According to the ITGI IT strategy committee briefing, “The chairman should be a board member and it is important that at least two board members remain active in the committee so the board is adequately represented.”
Reference:
Information Systems Control Journal Volume 4, 2003, Page 2
Coordinating IT Governance—A New Role for IT Strategy Committees
Gary Hardy
http://www.qualified-audit-partners.be/user_files/ITforBoards/GVIT_ISACA-Hardy_Garry_Coordinating_IT_Governance_____A_New-Role-for_IT_Strategy_Committees_2003.pdf
“Mellon Financial, Novell, Home Depot, Procter & Gamble, Wal-Mart, and FedEx, among others, have taken this step, creating board-level IT committees that are on a par with their audit, compensation, and governance committees.”
“Creating a board-level committee is not, however, a best practice all companies should adopt. For many firms—consulting firms, small retailers, and book publishers, for instance—it would be a waste of time.”
Harvard Business Review, October 2005 Issue
Information Technology and the Board of Directors
Richard Nolan and F. Warrent McFarlan
https://hbr.org/2005/10/information-technology-and-the-board-of-directors
Jason Wulf says
Hi Rich,
My apologies, I missed this. This is in COBIT 5.
“7. Establish an IT strategy committee (or equivalent) at the board level. This committee should ensure that governance of IT, as part of enterprise governance, is adequately addressed; advise on strategic direction; and review major investments on behalf of the full board.”
Specifically, the “on behalf of the full board” indicates they have board members in the ISACA COBIT v5 framework as part of the IT strategy committee.
COBIT Enabling Processes: APO02, APO04
Page 53
https://drive.google.com/open?id=0B8S2SZTC04ViYVRpUWxTczU4RXM
This is the first time I’ve looked at the COBIT v5 framework. This is news to me!
I’ve never ran across an organization that’s fully implemented everything in a framework. They typically use them as a guide.
Ahmed A. Alkaysi says
I would like to add that the IT Strategy committee makes sure that IT is aligned with the business strategy. The strategy committee also sets the standards and policy in place. The IT Steering committee implements the IT strategy and focuses on prioritizing projects, assigning resources, and ensures that the projects are aligned with overall IT strategy.
The IT Steering committee is also responsible for making sure that the project teams are aware of the strategic goals set by the IT Strategy committee.
source: http://www.escoute.com/2013/08/12/to-steer-or-to-strategize-differences-between-it-steering-committees-and-it-strategy-committees-2/
Sean Patrick Walsh says
3. Which archetype do you think is the most rare? Most common? Why?
I think Anarchy is the most rare archetype. Since small individual units make all the decisions based on their own input in an Anarchy model it would be very costly to operate and maintain. That type of model could easily get out of hand with IT projects and process implementations that could drive a business into bankruptcy if left unchecked. Also, I think businesses don’t normally give too much autonomy to each function or business line that would allow this type of model to take hold, or last long once identified.
I think an IT Duopoly is the most common archetype. In this type of model the business or executive leaders are involved with decision making, but they are competent enough about IT to know they need to involve IT leadership in the decision making process as well. By involving IT SME’s in the process business leadership is more confident that the right information is being used to make the right decisions. This type of model involves the right people from both aspects of EA and helps facilitate the right decisions to be made in regards to what the business needs and how IT can meet those needs best.
Loi Van Tran says
Sean,
I agree with your assessment with anarchy being the rarest. The requirements for business leaders to make fast competent decisions is a major factor in business success. This requires for the IT organization to deliver reliable business intelligence to make those decisions. If every business unit were given the power to decide what programs/applications they would use, then like in the Accenture case study, it leaves the organization inflexible or makes it very costly to change in the face of challenges or opportunities.
Joseph Henofer says
Sean,
I agree with you that anarchy is the most rare to be used today. I also agree that IT Duopoly is the most common used today, but was this always the case? If this model wasn’t used then what model was used? I believe that the Business monarchy was the most common twenty years ago. Technology has matured so rapidly in the last twenty years that it forced businesses to start looking at technology as a driving tool. Organizations today are focused on being agile and keeping up with the their competition. The Business monarchy has senior business executives making IT decisions which can cause major problems if they aren’t knowledgeable about IT. The YNG case is a perfect example, after IT failed the business unit took over, excluded IT and made things even worse.
Sean Patrick Walsh says
I completely agree with your assessment in times past. Technology period has been on a meteoric exponential rise in the last century. Businesses during that time have come and gone very quickly, and even “800 lb gorillas” have fallen from grace for failure to see the writing on the wall with tech. Like you stated, as tech matured and as businesses and industries matured they have had to learn how to respond quickly to those very dynamic environments. And most have realized that the best way to respond is to leverage that technology, and the best way to do that is to go to the SME’s to leverage their expertise to seize opportunities as they are quickly presenting themselves with each new change appearing on their industry’s and market’s horizons.
Richard Flanagan says
Actually, I think IT Monarchy was also common. This is where the business people abdicate their responsibilities around IT. Business leadership would simple not be willing to engage on any IT subject other than the total cost of the department. IT leaders would be forced to make their own decisions about what was aligned and important and what was not. It didn’t work very well.
Joseph Henofer says
Prof. Flanagan’s,
I would agree that the IT Monarchy was also common during this time. Do you think it didn’t work well because the IT leaders or the business people were not informed enough? I believe that it was a little of both. The business leaders didn’t know enough or care enough about the IT side and the IT leaders didn’t know enough about the business side to actually align their strategies with the business side. In my work experiences in the last five years I’ve seen that IT leaders are being held more accountable for knowing the business and IT side of things so the company can be more agile.
Andres Galarza says
Joseph,
My experiences at work mirror yours. In order to work in IT nowadays it’s less acceptable to have zero business knowledge. I’d argue that the ITACS program itself is incorporating some of those lessons in order to produce graduates that have at least a semblance of business knowledge before entering the work for. Heck, our program is in the Business school, not the Engineering school.
If the business world is moving towards seeing IT as more than just a utility, it should stand to reason that those who work in IT will find it harder to cocoon themselves into roles that allow them to isolate themselves from “businessy” responsibilities.
Daniel Warner says
Andres,
That is a good point, especially with some of the smaller businesses I think it behooves to have the IT department have an understanding of the business side. In my company (we’re fairly small) our directors put a lot of emphasis on the different departments increasing their understanding of the other departments. For example, we have a project manager that works alongside our new clients. In her role, it’s not required for her to have an understanding of some of the more IT heavy subjects (hosted servers, SQL server, etc) but it makes her a stronger employee overall if she exposes herself to these IT concepts so when interacting with our clients she is able to answer all of the questions needed and guide projects where they need to go. On the other side, I work with a database developer that I bring into meetings with me, so that he learns the business side. I think this is important, because there are suggestions that he can make towards a project and our process that he wouldn’t have the knowledge of otherwise.
Kevin Blankenship says
My organization is very much this way. Much of the IT/Business knowledge mix is on the IT side. Business Units are very rarely informed or knowledgeable of what goes on in the IT organization. When working with a business unit on a project, much of the learning in done by IT and then relays finding to the BU.
Recently we have tried to bridge this gap by utilizing more IT business analysts, who can act as ambassador for both sides. They don’t have all the technical knowledge the IT team has, but they are able to convey our capabilities to the BU. And on the reverse, they tell us in the IT organization what the business need is and their capabilities for the project. This has helped improve communication and the agility of our IT organization a lot.
Anonymous says
I concur with anarchy being the most rare and IT duopoly being the most common types of archetypes being utilized in practice today however, it does seem to depend on a number of variables and an organization could use IT Duopoly on decision on major projects while leveraging another type of IT duopoly at the same time for other decisions that may not meet the requirements to give their input. There were a number of examples in that listed in the cases at the end of the Weiss reading.
Sean Patrick Walsh says
4. What is the difference between and IT Strategy committee and an IT Steering Committee?
An IT Strategy Committee is associated with Governance. The committee is made up of board personnel and C-Suite personnel within a business. The committee’s purpose is to develop an IT strategy within the business that aligns with the business strategy to create and add value to the business. This committee also develops measurements and sets up processes to monitor performance.
An IT Steering Committee is associated with management within the business. The committee is made up of business leadership from different functions and may also involve some C-Suite personnel. The purpose of the committee is to direct and plan IT projects based upon the IT Strategy developed by the IT Strategy committee. The Steering Committee decides how to properly allocate resources and ensures projects are properly managed and monitored to ensure proper development and implementation.
Loi Van Tran says
Sean,
As professor Flanagan has mentioned, he has yet to see Board Members as part of the strategy committee, although everything that I’ve read says that they do. It would be interesting to find an organization where this is true. I believe that the overall purpose of the strategy committee is to advise the board members on the IT strategy of the organization, which may include; alignment of IT with business objectives, exposure of IT risks, and contribution of IT to the business.
You summarized the IT Steering committee very well. I think the best way to view the difference between IT Strategy Committee and IT Steering committee is that IT Strategy Committee shows direction while the steering committee drives or focuses on the implementation aspect of the strategy.
Magaly Perez says
What is the difference between and IT Strategy committee and an IT Steering Committee?
Professor Yeoman’s Section:
The difference between IT Strategy Committee and IT Steering Committee: The IT strategy committee works at the board level while the IT steering committee is at the executive level, which brings about a contrast in their authority and membership makeup. The CISA Manual goes into the further explanation by stating the IT Strategy committee seeks to advise the board and management on the IT Strategy of the organization whereas an IT Steering Committee helps the executive body in the delivery of the IT strategy. However, the IT Strategy committee concentrations on current and future strategic IT issues the IT Steering Committee focused on the implementation of those issues. Additionally, they contrast in terms of membership. The IT Steering Committee is comprised of the sponsoring executive, business executive, the CIO and its’ key advisers, whereas an IT Strategy Committee is comprised of board members and specialized non-board members.
Joseph Henofer says
4. What is the difference between and IT Strategy committee and an IT Steering Committee?
The IT Strategy committee ensures alignment between IT and business strategy through enterprise IT governance. This committee oversees IT management in partnership with other board committees. Below are some of their responsibilities,
-Provide IT insights to board and act as subject matter expert
-Monitor strategic IT plans
-Monitor enterprise resource availability to support IT initiatives
-Understand, Communicate, Mitigate IT risk
The IT Steering Committee is an administrative body that reviews, monitors and prioritizes major IT projects from a cross-functional perspective. The IT Steering committee is concerned with alignment and ownership. With alignment, they ensure that IT strategy is aligned with the strategic goals of the company and with ownership they have ultimate control over larger IT strategic decisions. Below are some of their responsibilities,
– Ensure programs/projects meet business requirements and align with IT strategy
– Communicate strategic goals to project teams and recommend changes to strategic plans
– Monitor and approve various architectures to support achievement of IT strategy
The difference between the committees is that the IT strategy committee operates at the board level while the IT steering committee operates at the executive level. The IT strategy committee seeks to advise the board and management on the IT strategy of the organization focusing on the big picture and future strategic IT issues. This is in contrast to the IT Steering committee where they assist the executive body in the delivery of the IT strategy, their main focus is on the implementation of the issues. Another difference is that the IT Steering committee oversees the day to day management of IT service delivery and major IT projects, while the IT Strategy committee is concerned with ensuring there is alignment between IT and business strategy through enterprise IT governance.
Loi Van Tran says
What archetypes do you see in your company? How well do they work?
Lockheed Martin uses a variety of archetypes for decision governance. I’ve only been working with them for a couple months and the description below is based on my observations and may not be exactly how it operates.
The central IT unit, Enterprise Business Services (EBS) is responsible for providing enterprise-wide system and application support for the organization. CIO’s from each business area (Missile & Fire Control, Aeronautics, Space Systems, and Mission Systems & Training) all report to a central IT group.
Based on the five IT questions that Weill & Ross addressed, here is what I believe to be true about the governance arrangement of this organization.
Governance Arrangements for IT principles:
In deciding the strategic roles for IT, the organization uses a duopoly archetype. We use a federal approach to retrieve inputs. Business unit leaders and process owners all provide their inputs to their respective business area CIO (BA-CIO). Ultimately, the decision for IT principle is made C-level executives and the IT committee or Corporate IT (T-Shaped Duopoly). This archetype enables senior management to align IT strategy to business strategy.
Governance Arrangements for IT architecture:
Lockheed business focuses on its ability to deliver innovative products and services and is heavily reliant on its IT organization to provide the infrastructure it needs to meet those business objectives. I don’t think that this organization view IT architecture as a technical problem, but more of a collaboration between IT and the businesses. Hence, the decision arrangement is a bicycle duopoly and inputs follow a federal approach.
Governance arrangement for IT infrastructure:
With the IT principles and architecture set by the tone at the top, the decision for IT infrastructure is made in a IT monarchy model.
Governance arrangement for Business Applications Needs
As stated earlier enterprise-wide applications are managed by EBS. In a sense they are using a duopoly model but does not require C-level executive. The inputs are gathered from the BA-CIO who gets their input from business leaders and process owners (federal model). An example is when making changes to SAP, the business area would only require approval from EBS CIO.
Governance for IT investment
I believe that IT investment decision follows the federal model where decisions are coordinated between corporate IT and the business units. Corporate IT has the ability to make decisions but budget is controlled by the business. IT is not the company’s only business and the IT organization has to compete for funds with the rest of the organization.
Lockheed is a very large and complex organization with each business unit delivering completely different products and services. Each has its own driving principle and architecture. To say that these archetypes is the only ones used may be ignorance on my part. With a limited experience with this organization I am compelled to say that their governance model(s) is extremely well executed. I’ve seen the organization make some dramatic changes over the past several months, some of which have never been attempted. They agility and flexibility that they had to make such change, with the entire organization marching to the same beat, was very impressive.
Joseph Henofer says
Loi,
You stated that the Governance for IT investment for Lockheed follows the federal model, do you think that this model is healthy or not? What do you think are the pros and cons of the IT group having to compete for funds? I know that you have only been there for a short amount of time but could you explain the process of how the IT would compete for funds?
Richard Flanagan says
Love the question – who has some ideas to share?
Ivy M. McCottry says
I’m with a large telco company that also follows a federal model. Because of the size of the company, it is a healthy model because many IT decisions are network decisions and the network is the core of our business. Also, I think that business unit leaders and their support are aware that when leadership makes significant IT investments everyone is impacted yet there is value creation that we are after and that ultimately the whole team wins when the investment is made and well integrated. There is transparency throughout the process and updates as needed because everyone has to support the changes whether as part of actual implementation or as promoters.
Jason Wulf says
I like the idea of a lean IT department to contain frivolous expenditures. However, I’m undecided when it comes to IT security and risk. In the last few years, NIST came out with a second framework geared toward organizations. The cybersecurity framework.
There’s a nice article explaining the difference between NIST 800-53 and the NIST Cybersecurity Framework.
As far as the pros and cons of the competing for funds, I believe it depends on the culture of the organization and the business model. Business alignment may prove to be difficult when looking at new projects. An IT department may be risk adverse to supporting new endeavors, thus leading to failure.
Deepali Kochhar says
Federal model is like central an state government working together. If they have same point of view and same goals it will definitely be beneficial but if they have differences in the point of view and what goals to achieve there can be clashes and conflict of interest.
The pros and cons for IT group competing for funds can be demand of IT depends on the market need. For example pros can be, If IT is a part of business to the company or is well aligned to meet the business goals it will bring profit to the organisation. On the other hand cons can be for example if elections are close by there will be less upcoming projects. In this case IT funds will not add much value.
Loi Van Tran says
Joe,
I was speaking from the perspective of the EBS unit. For example, every change that is made to Lockheed’s ERP system has to be very carefully reviewed and budgeted. The business unit submits a change request. The change request is sent to the BA-CIO for review at the business area levels. Once approved, it is forwarded to the ERP management team (part of EBS) who will review it, derive a business case, and since the ERP is used across the enterprise, it is reviewed with the remaining Business Areas for approval. Once the project is accepted by all business areas, it then goes corporate for funding approval against other IT-related projects.
The benefits of this type of archetype combines decision responsibilities between the business and IT. The business has the responsibility to ensure that IT investments are aligned with its strategy. Some of the cons may be, a long bureaucratic process to make changes, although it has not been the case for the changes that I’ve seen made over the past several months.
Joseph Henofer says
Loi,
Thank you for the explanation. I would think coming up with a good business case and having it approved is just half the battle, The other half of the battle is getting it approved by the corporate funding process.
Priya Prasad Pataskar says
Describe the five IT questions that Weill & Ross (see Figure 3-4) see all organizations making?
Weill and Ross define governance as,
Specifying the decisions rights and accountability framework to encourage desirable behavior in using IT. IT governance is not about making specific decisions, management does that but rather determines who systematically makes and contributes to those decisions.
There are 2 components of decision making, One, who contributes to decision making and two, Who makes the decision? The value an organization generates from IT results in effectiveness of IT governance.
Weill and Ross Framework was based on research of 300 enterprises in 20 countries. It has 3 components,
1. Domain – what decisions are to be made, 2. Styles – who has input /decision rights, 3. Mechanisms – how are decisions formed?
There are 5 key governance questions which encourages decisions
1. How will IT create business value?
This determines the IT principles. The high level strategic decisions that determine the role of IT in business
2. How will the shared service infrastructure be built?
The IT architecture determines the blueprint of IT infrastructure. What are the components of IT that business needs and who will they be placed to serve the business
3. What technical guidelines will be used?
The IT infrastructure must be central. IT should serve to all aspects and departments of the business. This will help the enterprise level management of IT.
4. What applications need to be supported by IT?
Determining the applications that will use IT and determining how will they use IT is necessary.
5. How much and where will be budget invested?
Prioritizing and budgeting is important. Every IT investment must be approved and justified.
Each of these decisions can be made by the stakeholders ex. corporate, business unit, or functional managers—or some combination. The IT managers could be the accountable department the senior management should appoints. Thus, the first step in designing IT governance is to determine who should make, and be held accountable for, each decision area.
Abhay V Kshirsagar says
Professor Yeoman’s Section
Difference between IT Strategy Committee & Steering Committee
IT Strategy Committee consists of board members and specialized non-board members and IT Steering committee consists of executives, CIO and other officials as and when required.
Strategy committee advises board and senior management on IT strategy. It advises on the strategy part of the IT implementation. Steering committee is more focused on the implementation part of IT.
Strategy committee makes sure that the IT is aligned with the business objectives. It is responsible for giving direction to management related to the IT strategy. Finally, it ensures role of IT/contribution of IT in the organization.
On the other hand, the steering committee approves project plans and the budget. It is responsible for implementation of IT as per the direction given by board.
Basically, the strategy committee advices the board about the IT strategy, board approves and steering committee is asked to monitor the IT strategy implementation. Strategy committee shows the direction and Steering committee drives the implementation part of it.
In conclusion, IT Strategy Committee advises board, the board then takes decisions on the basis of the recommendation given by the IT Strategy committee and gives instructions to the IT Steering committee for implementation and finally, IT Steering committee implements and monitors the IT strategy and ensures efficient use of IT resources.
Janet Yeomans says
Abhay,
It would be unusual for a member of a company’s board to serve as a member of the IT Strategy Committee. In general, the IT Strategy Committee is comprised of senior executives, often including the CEO and the CFO. The board’s role, as you correctly state, is approval and oversight of the strategy.
Loi Van Tran says
Professor Yeoman,
As you can see from the discussions, that most of the readings and articles that we read says that Board Members typically serve on the Strategy Committee. Is this a misconception, or is it just unlikely? Do you know of any organization where this is true? Correct me if I’m wrong. Based on yours and Professor’s Flanagan’s feedback, the Strategy Committee is consisted of C-level executives that advises the board members on IT strategy. The board members provides oversight and makes decisions, on basis of the Strategy Committee, to instruct the IT Steering Committee for implementation. The IT steering committee is then responsible for the implementation and monitoring of IT strategy.
Sachin Shah says
Can a CFO or CEO mat get elected by the board – but wouldnt they they be part of the board? Could they not be part of the Strategy committee also. I once worked at a small insurance company and the President would involve himself in IT decisions and provide oversight.
Vaibhav Shukla says
Which archetype do you think is the most rare? Most common? Why?
I think the Anarchy is the most rare archetype used in company’s as within an anarchy, individuals or small groups make their own decisions based only on their local needs. Decision rights or inputs rights for a particular IT decision are held by a single user or individuals.When decision lies on small group of individuals the IT decisions are not well collaborated and outcomes are not as fruitful.Thus in order to maintain IT operations in such organizations require more money and security
The IT duopoly is the most common archetype used in companies now a days as IT duopoly is a two-party arrangement where decisions represent a bilateral agreement between IT executives and one other group The IT executives may be a central IT group or team of central and business unit IT organizations.
Working in partnership with IT leaders in the decision process mantains realistic outcomes for IT and forces clarification of business strategy. A duopoly also secures the IT unit’s commitment to business principles
Sean Patrick Walsh says
I agree that Anarchy is the rarest archetype. When you say that “outcomes are not as fruitful,” do you mean that in the context that any change/implementation is only local without benefiting other units? I ask because even though that type of archetype is costly, I believe that the decisions in fact are fruitful for those individual units which is why they would operate in that manner. I can understand why some businesses, or functions/lines of business in an individual company, might run as that archetype to respond to dynamic environments. The ability to respond quickly to changes to either maintain a competitive parity or advantage, or to achieve one, is probably very important for some businesses. I could envision a business that operates in as a Business Monarchy, but then lets certain lines of business carry out their strategy in an Anarchy archetype in critical areas just based on the industry they operate within. What do you think?
Richard Flanagan says
Anyone seen anything close to anarchy in their business dealings? Where might it be a useful form of IT decision making?
Andres Galarza says
I was scrolling down wondering if anyone would bring up the world of startups as a place you might see a “functioning” anarchy.
Initially, I thought that startups would almost certainly have one of the monarchies, but I think an argument can be made that a startup whose founder may not be technically savvy might have enough sense to splash cash on this cloud host service, and that online payment system. I could see all of this outsourcing of tech fall into anarchy because there’s no one person or service to wear the IT crown.
What I feel more certain about is that anarchy cannot exist for long periods of time in large companies. I struggle to accept that they wouldn’t break up or go out of business.
Sean Patrick Walsh says
I could see a conglomerate utilize an Anarchy archetype. Since conglomerates are an amalgamation of very different types of business, it stands to reason that the needs of each business could be radically different from each other. Some businesses may be in very dynamic industries and may need to respond very quickly to changes in technology, standards, and/or processes that require it to be able to make those changes quickly without collaboration and approval from an “outside” group of that business. The differences in businesses could also be so different that trying to find ways to align all of the different businesses together would be astronomically taxing on resources available to the company.
Paul M. Dooley says
Sean, do you think they would utilize an anarchy archetype or a feudal? I would think that it would be closer to a feudal archetype being leveraged.
Sean Patrick Walsh says
After revisiting the reading for clarification I would agree. Although, I would also agree with the Anarchy archetype too. I think it all comes down to who makes the decisions and the words we use to describe that who. Is it individual small groups or is it business function/process/unit leaders. Looking at my response, you are right in the words I chose that I more accurately described a Feudal archetype, but had I used the right verbiage I could have just as well described an Anarchy archetype too. Thank you for asking the question because it helped me discern between the two better.
Sachin Shah says
I have seen the form of anarchy in a company i worked at. It is not useful but the company I worked for was a small insurance company where there were a lot of politics. when a so called leader had to make a decision they would pass the buck or ensure they would not be held accountable if anything failed.
This is not a system that works but in this scenerio, where people are intimidated than for managers they can utilize this as a means to threaten employees. make a decision or “just get it done”…if it fails its on you…because I do not want to make a decision and putting it on you.
Joseph Henofer says
5. What archetypes do you see in your company? How well do they work?
The archetype I see in my current company is IT Duopoly. In the short time that I have been working here, it seems to work well. The decisions are efficiently made and both the business strategies and IT strategies are aligned. The relationship that senior management has with the IT group is strong and cohesive. This allows for a flexible and consistent approach to working on projects. In the meetings that I have participated in, disagreements have been solved in an amicable way with both sides given valid points proving their case.
Richard Flanagan says
Joe,
What types of roles are on the committee?
Joseph Henofer says
I believe that the Executive committee is comprised of
CEO, CFO, COO
In the IT committee
Director of IT, Manager of Infrastructure, Director of IT Security
Sachin Shah says
In my company, the IT comittee is compromised of: CIO, AVP of Infrastructure, AVP of PMO, AVP of applications, AVP of Operations, AVP of technology and development.
The CIO reports to the board and the committee includes the CEO, COO, CFO, Chief Medical Officer, Chief Information Officer.
Wen Ting Lu says
• Strategy committee consists of board members and specialized non-board members, while steering committee has executives, CIO and other functionaries as required.
• Strategy committee advises board and senior management on IT strategy, steering committee focuses on implementation and monitoring.
• Strategy committee has the following responsibilities:
– Alignment of IT with business objectives
– Exposure to IT risks
– Direction to management related to IT strategy
– Contribution of IT to the business
• Steering committee has the following responsibilities:
-Implementation as per direction of board
-Approves project plans and budget
-Setting priorities and milestones
-Acquires and assigns appropriate resources
-Ensures project meets the business requirement and continuous monitoring
-Ensure efficient use of IT resources
To sum up, Strategy committee shows the direction, and board of directors approve and make decisions based on the advises from IT strategy committee, finally IT steering committee drives the implantation
Wen Ting Lu says
After reading Professors’ comments, I would like to make correction that strategy committee usually doesn’t consists of board member
Fangzhou Hou says
Question: What is the difference between and IT Strategy committee and an IT Steering Committee?
According to the CISA Review Manual, there are three mainly differences between the IT Strategy committee and IT Steering Committee: Membership, Authority, and the Responsibility.
From membership’s perspective, only the board members and specialist non-board members can be a part of the IT Strategy committee. As for the IT Steering Committee, it could include the sponsoring executive, business executive like the key users. CIO of the organization, and key advisors.
From authority’s perspective, IT Strategy committee more focus on making strategic planning from an information security standpoint relates to the long-term business development. IT Steering Committee focus on how to implement and communicating with the project teams.
Furthermore, from responsibility’s perspective, IT Strategy Committee provides insight and advice to the board on topics which related to who to achieve the specific IT objectives, potential risks in IT investments, optimization of IT cost, and other IT related projects from a big picture. Comparing with the IT Strategy Committee, the IT Steering Committee will monitor the IT project plans in details and ensure the projects continuously meet the business requirements.
Source: CISA Review Manual
Richard Flanagan says
Fangzhou,
I know ISACA says board members can be on the Steering committee but neither Jan or I have ever seen that. Boards oversee management, they are not part of management and therefore have no place on such a committee.
Ahmed A. Alkaysi says
Professor, although the board members are not on the IT Strategy committee (even though it is stated that), would their main responsibility regarding the committee be to advise, holding the committee accountable, and making sure the IT Strategy is aligning with overall business strategy?
Richard Flanagan says
Since Jan is on two Board of Directors I will let her answer from her experience.
Janet Yeomans says
Ahmed, I’ll share my experience as a board member. The board typically spends a lot of time on the business strategy. When the IT strategy is presented, the board generally considers it in the context of the familiar business strategy. If alignment seems weak, then challenges to the IT strategy ensue. Once satisfied that the alignment is solid and the IT strategy is the best possible one to support the business in achieving its stated goals, the board will generally approve it. Each time there is a change in business direction, the board should revisit the IT strategy knowing that the 2 strategies need to fit as hand in glove. Absent such changes, the board will monitor adherence to and progress of the IT strategy. Often the monitoring occurs though dashboards showing status vs. the KPI’s agreed upon when the strategy was approved.
Paul M. Dooley says
Professor Yeoman’s Section
Which archetype do you think is the most rare? Most common? Why?
The most rare archetype is anarchy. Anarchy there is no real structure or holistic view in the decision making process. The decision is often made to fix an immediate issue without any foresight into the long term vision of the organization and how that decision would fit. This causes them to be very expensive and difficult to support from an IT perspective.
The most common archetype is the IT Duopoly. In this type of archetype the decision is made by 2 equal parties, 1 of which is always IT. From an IT governance perspective this would seem to be the most effective way because they have the business leaders impacted by the decision in a key role of the decision making process which should be the primary objective of any corporate strategy. This is a more popular method because it only involves 2 parties in the decision making process which makes it easier to manage. In addition, since the business unit representative and the IT representative are equal parties it allows them to focus on the solving the underlying business problem but also having knowledge of other lines of business there may be opportunity to re-use existing resources to solve the problem.
Ming Hu says
Professor Yeoman’s Section
What is the difference between and IT Strategy committee and an IT Steering Committee?
The IT Strategy Committee operates at the board level while the IT Steering Committee is at the executive level.
The IT Strategy Committee seeks to advise the board and management on the IT strategy of the organization whereas the IT Steering Committee assists the executive body in the delivery of the IT strategy.
While the IT Strategy Committee focuses on current and future strategic IT issues the IT Steering Committee focused on the implementation of those issues.
The IT Steering Committee oversees the day to day management of IT service delivery and major IT projects while the IT Strategy Committee has the broader role of ensuring there is alignment between IT and business strategy through enterprise IT governance.
IT Strategy Committee’s responsibilities:
1. Provide IT insights to board and act as subject matter expert
2. Monitor strategic IT plans
3. Monitor enterprise resource availability to support IT initiatives
4. Understand, Communicate, Mitigate IT risk (may also be coordinated with a Risk or Compliance Committee)
IT Steering Committee’s responsibilities:
1. Ensure programs/projects meet business requirements and align with IT strategy
2. Determine overall level and allocation of resource to extend IT value across enterprise
3. Communicate strategic goals to project teams and recommend changes to strategic plans
4. Monitor and approve various architectures to support achievement of IT strategy
Source: http://www.termpaperwarehouse.com/essay-on/What-Is-The-Difference-Between-And/410272
Fred Zajac says
4. What is the difference between and IT Strategy committee and an IT Steering Committee?
The IT Strategy committee is created at the board level. They will analyze the risks and address the proper governance for the organization. The IT Strategy committee will research the types of IT available to the organization, and determine if the technology will assist the organization with the mission. The Strategy committee will determine if the costs to implement the strategies will fall within the resources the business is willing to invest. The IT Strategy committee should be active with industry associations and constantly research how technology in evolving to better companies like yours.
The IT Steering committee is composed of employees. Executives, IT personnel, and other internal staff who may be involved in the IT Strategy committee’s decision to move forward with the project. The IT Steering committee is responsible for deploying the project, track the status, and resolve any issue. In other words, they are the ones who build and maintain the implementation.
The difference between the IT Strategy Committee and the IT Steering committee is:
The IT Strategy – Decides if it is in the best interest of the company and in budget
-If the answer is yes:
The IT Steering – Builds and Maintains the IT investment
-COBIT5 Processing Guide, Chapter 5, Page 53
Deepali Kochhar says
1. Describe the five IT questions that Weill & Ross (see Figure 3-4) see all organizations making?
Every enterprise engages in IT decision making, but every enterprise differ on defining accountability and the way to communicate decision making processes.
There are five major decision making domains that Weill & Ross see all organizations making:
a. IT Principles: This includes high level decision about what is the strategic role of IT in business. For example, is it just a support function to the business or a part of business.
b. IT Architecture: This include the technical choices to be made in order to satisfy the business needs. For example, Accenture outsourced its data storage and backup thus reducing the no. of email servers from 250 to 115
c. IT Infrastructure: This includes decisions on shared IT services that provides the foundation for the enterprise’s IT Capabilities. Example organization choosing a third party vendor to provide network services to them.
d. Business applications: This includes decisions on what are the business requirements for any purchase or developed IT application. Example, Accenture introduced Global Delivery Network giving its employees facility to work remotely hence reducing IT cost per person by 69%
e. Prioritization and Investment: Where and when to invest in IT. Example: Accenture took a decision to reduce multiple technology platform to one (SAP) thus saving time needed to extract data from one system and feeding to another.
Richard Flanagan says
I hope everyone recognizes that what W&R call IT Principles is actually the work of the IT Strategy Committee and that the other four, to some degree depending on archetype, involve the IT Steering Committee. This is a high level executive committee so it will only be involved in major architecture & infrastructure decisions but it should be very active in business application and investment decisions.
Deepali Kochhar says
Thanks for the explanation professor. This point is a great example of the roles of IT strategy committee and IT steering committee
Deepali Kochhar says
3. Which archetype do you think is the most rare? Most common? Why?
Anarchies is the most rare out of all archetype. It requires no decision-making structures at all.
It is most decentralized system in which each individual user or small group pursues his, her or their own IT agenda. There is no collaboration between C-Level, Business units and IT department.
The most common is IT Duopoly and federal archetype. Since there is equal involvement of IT and business units in both of these which is necessary to align IT strategy with the business goals of the organization and both of these are blended approach.
Anthony Clayton Fecondo says
Deepali,
I agree that anarchy is the least common archetype and that duopoly and federal are both very common archetypes. However, you stated that duopoly and federal archetypes both have equal involvement of IT and the individual business units. I’d like to point out that in a duopoly, the business units are not always involved. According to the reading, the primary difference between a duopoly and a federal approach are that a duopoly consists of two groups, IT and either corporate or business unit representatives. A bicycle wheel duopoly and a federal archetype both have similar involvement of IT and business unit representatives while a T-shaped duopoly involves a central IT group and the senior management team
Mansi Paun says
Well put, Deepali. I agree that Anarchy model is the rarest of all the models and IT Duopoly and Federal models are the most common. while both IT Duopoly and Federal models have their advantages, personally, I find the IT Duopoly to be a better choice as it takes relatively lesser effort and time to arrive at balanced, well-informed decisions. Both IT and Business view points are considered in an IT Duopoly which further cements the alignment between IT and Business goals aswell. Apart from this, decisions coming out of the Federal model might have it’s essence diluted as the they could be “a little bit for everyone” and not necessarily the best or right decision.
Said Ouedraogo says
What is the difference between and IT Strategy committee and an IT Steering Committee?
Professor Yeoman’s Section:
First of all, both committees are composed of senior executives who report directly to the board member. However, it is important to understand the difference between both committees. Let’s simplify and say that the strategy committee shows direction and the steering committee drives the implementation.
The IT Strategy committee primary role is to advise the board and the C-suite on IT. The committee responsibilities include the alignment of IT with business objectives, the contribution of IT to business, define exposure to IT risks.
Whereas, the IT steering committee focus on implementation. In fact the committee is responsible to implement IT project under the board direction. Also, the committee approves budget of different IT projects and sets up priorities and milestones. It is its responsibility to make sure projects meet the business requirement.
In conclusion, the IT strategy committee advise the board on IT strategy, who then instructs the IT steering committee for implementation.
Joseph Henofer says
3. Which archetype do you think is the most rare? Most common? Why?
I would have to say that the anarchy archetype is most rare. This group is rare because they are usually small groups or individuals that have a difficult time receiving financial support for the decisions they make since its base on their needs. They do not support the company needs and tend to fight standards or policies. Besides not receiving the proper financial support this model gives no consistency or productively because everybody is doing things differently.
I think the most common archetype today is the IT duopoly. IT groups develop many different relationships with business units so they have the ability to tailored decisions in less time and focus directly on the business unit’s needs. This gives the business units satisfaction. I also believe this is the most common because it allows for a working partnership between both the business units and IT leaders in the process of deciding realistic expectations for IT and clarification of business strategies.
Richard Flanagan says
Joe,
Your “many different relationships” bother me a bit. A duopoly means one group of predefined membership making decisions not lots of different people working (and deciding) what to do for each business. That would be more like feudal.
Binu Anna Eapen says
2. How do the Weill & Ross questions line up to the McKinsey questions? What’s changed in the last 15 years?
McKinsey Questions:
1. How well does technology enable the core business?
2. What value is the business getting from its most important IT projects
3. How long does it take the IT organization to develop and deploy new features and functionality?
4. How efficient is IT at rolling out technologies and achieving desired outcomes?
5. How strongly is our supply of next generation IT talent?
The five questions Weill & Ross answers on how to govern
1. IT Principle
2. IT Architecture
3. IT Infrastructure Strategies
4. Business Application needs
5. IT investments
McKinsey suggests that technology has become an integral part in any organization and technology drives the business in a way. IT projects provide value and the board members should have the information on the percentage of the projects that are completed on time and on budget and the benefits that the IT solution generated in the designated timeframe. The boardroom discussions should include the time a project took from initial funding to first production release. By this, senior leaders could analyze the gap and check if there were any time lag what needs to be done to fix that. .And reallocate the resources like wise. The CIO and rest of the senior leadership should agree to establish cross-unit training and development teams. This way the Business and IT has to plan together its IT stratergy, IT principle, architecture, investments and business application needs based on the requirement.
Weill & Ross answers questions of Mckinsley by choosing the right archetypes for the organization in such a way the at IT business leaders are involved in making decisions concerning the 5 different governance units.
In the last 15 years companies are have shifted its focus from traditional cost related metrics to digital business model, automation technologies where in the focus is on hiring and retaining people with different skill set. IT organization are not only service providers but can help in determining the success of the business itself.
Deepali Kochhar says
Great point Binu. companies are shifting their focus from traditional cost related metrics to digital business model because the business understands the need to changing customers demands in order to stay competitive in market. This is the best example of alignment of IT to meet the business goals.
In this case the goal is to stay competitive and to assure that they are shifting to digital technology. This is how IT governance is established.
I worked on a project for designing IT strategy for a quick service restaurant chain in order to meet its business goals. The aim was to meet the customer demand and need of the changing market. Restaurants are moving to digital technology, fast point of sale system and so on to provide their customers fast services and best restaurant experience. So this is their business goals for which as a part of IT strategy new IT systems were established.
Richard Flanagan says
Binu,
Excellent, also note that the McKinsey questions are very close to W&R’s IT principles. How much should we spend? Where should we spend? What value are we getting? The rest are about oversight, is IT in a good position to move us forward when opportunities or problems pop up (agility).
Ahmed A. Alkaysi says
Very nice comparison Binu. I feel as though McKinsey’s questions are used to answer the how (how can we answer the questions), and that W&R is used to answer the what (what archetypes are used for questions).
Good last point on the shift of IT in the past 15 years. I believe it also has been a shift of the general mindset on how IT should be treated. 15 years ago, the IT org in a company was never really taken extremely seriously. It was almost treated as though it was a “necessary evil”. Now, companies are more reliant on their IT org than ever before. They are looking for different ways to invest in IT and cultivate the their talent. Not only can IT help business achieve its goals, with a strong IT org in place, it can be used as a competitive advantage.
Richard Flanagan says
Very true but us old guys would say the trend is at least 30 years old.
Anthony Clayton Fecondo says
The idea that businesses view IT as a cost-center or just a necessary evil seems so foreign to me. I joined the ITACS program directly after getting my undergraduate and so I have little work experience so I haven’t seen this perception firsthand. From my perspective, especially growing up in such an age of technological advancement, it seems so foreign to not appreciate technology/information systems. I’m curious as to how long the view of IT as a cost-center will persist. I think the ubiquity of complicated technology (thinking of smartphones, cloud storage, and the rise of the internet of things) will have a serious impact on this perception. As people who aren’t technically inclined become more reliant on technology and see the value it adds in their personal lives, I think that will translate into the business world as well which will open people’s eyes to the value that IT can add to a corporation when its leveraged properly.
These are just my thoughts, but I’d be curious to hear other opinions from people who have more experience in the industry.
Xiaodi Ji says
Binu,
I totally agree with your idea. Both questions are care about the position of IT in the enterprise. Weill & Ross ‘s question more care about the cost and the value about the IT. However, Mckinsley’s questions more care about the role of IT in the company and the future of IT.
I think in those 15 years, people’s views about IT has change a lot. 15 years ago, IT just be treat as a tools which can help business. However, 15 years later, people more care about how IT can become better to assist business. If business is a desk, the former view treat IT as a hammer or nail to help make desk stability. However, now, IT is treated as a foot of this desk.
I think the main idea of those questions is the same. However, the form and the point have been changed a little.
Ahmed A. Alkaysi says
5. What archetypes do you see in your company? How well do they work?
I have seen a blend of IT Monarchy, Federal, and Duopoly archetypes at my company. The company I work for is a large multinational corporation in the financial industry. It has many lines of businesses and has acquired multiple smaller financial companies throughout its history. In order to keep the LOB’s consistent with corporate IT, it operates a Federal archetype. For IT strategies within each LOB, an IT monarchy would be used, as the CIO would have final say over IT matters. IT duopoly has definitely been used for making IT investments. It has also been used for business applications needs, although through my experience, business generally provides their input and IT makes final decision. I feel as though in the group I work,
IT is a lot more powerful and has more influence on business than many other organization within the company due. This can be due to the critical functions that my IT org provides to business, that we try to limit as much impact as possible on our IT systems if we don’t believe it will provide much value to business.
Ahmed A. Alkaysi says
3. Which archetype do you think is the most rare? Most common? Why?
I think anarchy is the most rare archetype. In the age where business are trying to be as integrated as possible, the anarchy archetype directly goes against that idea. It will be hard for a company to remain consistent with compliance and regulatory concerns, if many small groups within a company are making their own IT decisions.
I believe duopoly is the most common archetype. These days, IT and business are both making IT decisions. Compliance issues are at the forefront of every company’s agenda. In order to remain compliant, business must be involved with what is going on in their IT organizations. Business’s need to make sure that their IT org is aligning with the overall business strategy, and in order for that to happen, they must have a say in IT matters.
Deepali Kochhar says
Great point Ahmed. Alignment of It strategy to the business goals is a major task that should be given preference before taking any decisions on implementation of IT systems so as to get the best return for money, resources and time. If both these are not aligned it is a failure of IT governance.
Ahmed A. Alkaysi says
1. Describe the five IT questions that Weill & Ross (see Figure 3-4) see all organizations making?
The five questions that must be answered in a company are:
IT Principles: gives the high level message of what the purpose of the IT is. This question makes sure that the overall IT strategy aligns with the Business strategy.
IT Architecture: I would describe this as the “framework” of IT. The architecture will map out how IT will deliver the business needs and objectives. In other words, the IT principles set in the first question, will be “translated” into architecture IT needs in order to meet the business objectives.
IT Infrastructure Strategies: these are the strategies used in the IT organization that is used to deliver the business wants and needs. In this question, the technologies used to provide for business is determined.
Business Application needs: this section describes the actual business needs for IT applications.
IT Investment and Prioritizations: the company decides on how much and where to invest in the IT organization.
Yulun Song says
Q4. What is the difference between and IT Strategy committee and an IT Steering Committee?
The IT strategy committee provides direction to management relative to IT strategy, whereas the IT steering committee monitors the resource and priority conflicts. (CISA exam question)
IT strategy committee is built by board members and specialized non-board members. It advises the board and senior management on IT strategies. it provides direct oversight of IT governance structure for organizations. It is for understanding the critical IT needs, reviewing key development in IT for potential impacts, appraising the breadth and scope of IT portfolio to prioritize reallocation and investments, providing guidance to organization on a variety of IT-related issues, determining the criteria for issues that will be considered by the committee, and making recommendations to the IT executive committee about strategic plans, policies, and funding priorities for IT within the organization.
On the other hand, IT steering committee is built by executives, CIO and other related and required functionaries. It focusses on implementation. it helps find and align business solutions that may leverage technology, and set spending priorities according to broadly based business recommendations. Other department will be able to see their IT demands in the larger context of strategic plans, and at lease understand the rationale behind decisions to proceed with one project over another. And IT projects will be decided upon based on committee approval and priority and not just within the IT business unit.
http://www.trentu.ca/vpadmin/committees_ITSteeringCommittee.php
Alexander B Olubajo says
1. Describe the five IT questions that Weill & Ross (see Figure 3-4) see all organizations making?
Weill & Ross, as well as the IT Governance framework proposes that an institution or organization should make five key IT governance decisions which could be captured by the following questions:
i. IT Principle: This is ultimately the asking the question of how IT will create business values by looking at how much money is budgeted and spent on IT as well as decisions on what that money should be used for and where it should be invested in.
ii. IT Architecture: This involves asking questions on what technical and business guidelines and standards IT will use to leverage benefits and values their investments.
iii. IT Infrastructure: This poses the question of how IT will build shared services with the current infrastructure they have in place to provide flexibility, stability, and agility to handle their current and future issues and business needs.
iv. Business Application Needs: This basically begs the questions of what applications are needed by the business that IT will provide.
v. IT Investment and Prioritization: This question involves asking how much money is needed and where the money is going to be actually spent and/or invested in.
Alexander B Olubajo says
3. Which archetype do you think is the most rare? Most common? Why?
I think Anarchy is the most rare and probably non-existent archetype, especially in for-profit enterprise organizations, while Federal and Duopoly, in my opinion are the most common archetypes.
This is because with anarchy, organizations promote individual and/or small groups working in silos and making decisions based on what they need and what is best for them. This kind of culture within an organization are the bane of the existence of multiple groups doing similar functions and in the long run are expensive to support/manage which ends up costing the organization. Enterprise sized organizations tend to avoid this archetype because it doesn’t provide any form of structure, governance, and standards, which makes it really rare.
From my experience and from what I’ve been exposed to, duopoly seems to be the most common archetype because these days, in especially enterprise companies, you find IT and other business unit/process leaders working together to define IT strategies to meet business goal/objectives. This collaboration could be in different forms, however are mostly through steering committees which most organizations have these days.
The federal archetype is also common and similar in the sense that there are multiple decision makers being represented from diverse groups/backgrounds (i.e not just on IT or business leaders making the decisions) and decisions made are central and apply company-wide.
Archetypes like the duopoly and federal are common because it allows the organization to exercise some form of governance, which when appropriately executed allows them to align IT to meet their business goals and objectives.
Richard Flanagan says
Alexander,
Suppose you had a company where small teams of researchers (or script writers, or artists, any creative practice) were inventing/creating your product. Would you let them do what they want or would you force them to use certain tools.
Alexander B Olubajo says
I think it will be a mixture of both. There would be standard tools that each and every employee must use. I would also allow them use tools they feel will enable them do their job well, however it will be regulated/supervised., in the sense that, in order for employees to use non-standard tools they must obtain approval from management, who will do their due diligence in ensuring those tool aren’t subject to any form of legal penalties (i.e most of these tools will be open source tools)
Nathan A. Van Cleave says
1. What are the five IT questions that Weill & Ross see all organizations make?
McKinsey posits that IT organizations of today must better manage how they integrate emerging technologies to drive its digital strategies. Additionally, the author stresses the point that boards must “master a second, digital, language” around themes like “speed to market, agile product development, and platform-based delivery models.” McKinsey outlines the five IT questions each organizations must make to create sensible, detail focused discussions around IT projects and processes.
1. How well does technology enable the core business?
– One of corporate IT’s most important objectives, then, is to facilitate end-to-end business processes
2. What value is the business getting from its most important IT projects?
– It is crucial for boards to track the most important projects actively and learn whether they are delivering the outcomes promised—according to our analysis, the act of measuring a project’s benefits can reduce the risk of failure by more than ten percentage points
3. How long does it take the IT organization to develop and deploy new features and functionality?
– Many IT organizations are now shifting toward two speeds of operation. Product-development teams and IT operations staff are charged with rapidly launching innovative customer-facing applications or upgrades while also maintaining slower (but still reliable) back-end transactions-oriented systems.
– One metric they might use is the percentage of groups, within the IT organization, that can develop and deploy “business consumable” functionality within four to eight weeks in a secure, repeatable way.
4. How efficient is IT at rolling out technologies and achieving desired outcomes?
– By regularly monitoring metrics relating to execution, boards can ensure that their companies get optimal returns on IT projects, that teams go to market quickly with new products or upgrades, and that overall costs remain low while the technologies used promote long-term reliability.
5. How strong is our supply of next-generation IT talent?
– They can measure their talent-development efforts along three dimensions: how often a company is rotating professionals in and out of different roles within the IT group and the business units, the degree to which the IT organization is hiring outside people, and how effective it has been in developing people in-house to fill pivotal roles.
Richard Flanagan says
Nathan,
Some very good points. I have a few nitpicks.
1. What do you think McKensey means when they say “core” processes? What would be core/non core? Do you think this related to W&R’s principle about where to invest IT dollars?
2. See Jan’s post about the role of boards. They are not managing or overseeing individual projects, they are looking to see that management has put in place a good mechanism for doing so.
3-5 These should be reminding you of Enterprise Architecture. How well positioned are we today? Where do we want to get to tomorrow? Are we as an organization agile? Can we react to a new digital challenge quickly? Do we have the right IT people for such a challenge?
Nathan A. Van Cleave says
Rich,
Hmm. Though provoking questions. The context of core business processes is centered on those processes that drive revenue or create value for an organization. It cited the example of a US bank’s processes around customer-registration, which would be a very core business process.
Additionally, the article points out that management should be prepared to share KPI’s to help boards understand how these digital initiatives will drive and flex when business processes shift to meet changing demands.
I think this aligns to how W&R views the three main types of archetypes with regards to IT investment. It makes sense that only 9% of companies IT investments are decided by IT departments. “Decision makers determine which business processes will and will not receive IT support.” The norm today is that board and C-suite decision makers must always be shown the business justification for IT investment to ensure they align with business strategy.
Richard Flanagan says
Nathan,
Good example of core. Everyone needs to recognize that core is different to every organization. Things like HR, accounting and routine IT are NOT core to most companies. Things like research and development, customer relations, manufacturing prowess, or operational reliability are often core. You need good processes for these support service, but probably just good enough, not great. You want to invest more heavily in your core process areas. This often results in the central IT deciding to say that all of the company will use the same cost effective software for personal productivity tools and support services and focus its attention and investment on their core activities.
Nathan A. Van Cleave says
5. What archetypes do you see in your company? How well do they work?
After reading IT Governance Archetypes for Allocating Decision Rights I found some striking similarities in the DuPont case study and my current company. Like DuPont, my company is a global company with many different business units with varying IT needs. Additionally, being a global company, it does require IT standardization like global applications for HR, Finance, etc as well.
Interestingly, the I have come to understand that, again like DuPont, my company has more than one archetype functioning. Or at least used to and now on a much lesser extent. An example of this would be, traditionally, because of the diversity of business unit application needs, it followed a feudal archetype and a federal investment approach. Fast forward, or backward I guess, to about 6 years ago when our current CIO took his post. He introduced an IT strategy around simplification as his primary goal was to reduce IT costs.
Long story short, in those six years, we have gone from 8000 applications (some global, mostly local) to 3500. In doing so, has reduced IT costs as well as clearly defined and mapped the IT application landscape. As I understand it now, this shifts from a feudal archetype to a (mostly) federal approach to IT governance.
Richard Flanagan says
Nathan,
You’ve described a very common story in large organizations. You can think of it as digital maturity. Companies are understanding that they need to care about IT things and acting accordingly to gain control over them.
Nathan A. Van Cleave says
Rich,
I am really interested to see how the IT strategy will shift when (or if) we hit our target goal of 2000 applications by 2020. Have you heard/seen the outcome of such a strategy in other companies? I think I mentioned this in another posting, with this simplification strategy, we’ve also become a leaner IT organization; it’s been flattened a couple times. Is it only natural to begin to inflate as the organization finds that there is a growing need for more customized applications?
Andres Galarza says
Nathan,
By flattened do you mean that personnel have also been let go? One of the readings in one of these ITACS courses (losing track!) mentioned that salary is a huge cost for IT. As you’re company has shed applications, is it also downsizing its IT staff?
Nathan A. Van Cleave says
Andres,
Spot on, yes. Unfortunately, my company has saw fit to reduce the size of its global IT staff significantly over the past 2.5 years. As I recall, when all was said and done about a $1B in reductions were scheduled. To give you some context, that amounts to closing one US R&D/Pharma site. Which, in essence, we did. The company certainly trimmed us down.
Andres Galarza says
Nathan,
Wow. When I was reading your initial comments I was positive the downsizing in applications would have to be mirrored by a downsize in people. Your anecdote is a powerful example of this.
Thanks for sharing!
Nathan A. Van Cleave says
Andres,
Apologies, I want to clarify my numbers there. The overall organizational focus was to cut $1B across the board. The IT organization saw a 30% reduction across all IT functions. Similar cuts were made business side as well. So that total cost reduction of $1B would equate, roughly, to shutting down an entire site.
Once I submitted the comment, I realized I had not defined that cost reduction. IT did not fully absorb that total cost, and I am not sure the actual dollar amount of the 30% reduction in staff equates too, but I can say that the knowledge and experience that was “transformed” out is immeasurable.
Alexander B Olubajo says
4. What is the difference between and IT Strategy committee and an IT Steering Committee?
IT Strategy committee, which is established at the board level, ensures that IT governance (i.e the alignment between IT and business strategy), as part of enterprise governance, is adequately addressed. They advise on strategic direction, and review major investments on behalf of the full board. The IT strategy committee doesn’t carry decision authority exclusively, though they are often assumed to operate at the board level. It has dashboard authority and oversees IT management in partnership with other board committees (i,e audit, business strategy, finance etc.).
The IT strategy committee is comprised of a chairman (usually a board member) and board/non-board members based on IT knowledge and corresponding business insight, and there responsibilities primarily consist of the following:
– Provide IT insights to board and act as subject matter expert
– Monitor strategic IT plans
– Monitor enterprise resource availability to support IT initiatives
– Understand, Communicate, Mitigate IT risk (may also be coordinated with a Risk or Compliance Committee)
IT Steering committee primarily oversees the life cycle of major projects by managing priorities and allocating resources with guidance from the IT strategy committee. There may be several steering committees within an organization depending on size, complexity and management culture of the organization. In any case, the steering committee should be the responsibility of executive management, providing a conduit between the governing body and program/project teams. An IT steering committee generally consists of varying business sponsors, the CIO and key advisors as applicable.
The responsibilities of the IT steering committee are primarily to:
– Ensure programs/projects meet business requirements and align with IT strategy
– Determine overall level and allocation of resource to extend IT value across enterprise
– Communicate strategic goals to project teams and recommend changes to strategic plans
– Monitor and approve various architectures to support achievement of IT strategy
Sources:
http://www.isaca.org/Groups/Professional-English/po4-2-it-strategy-committee/Pages/Overview.aspx
http://www.escoute.com/2013/08/12/to-steer-or-to-strategize-differences-between-it-steering-committees-and-it-strategy-committees-2/
Folake Stella Alabede says
1. Describe the five IT questions that Weill & Ross (see Figure 3-4) see all organizations making?
The five IT questions that Weill & Ross see all organizations making are :
1. IT Principle
IT principles are supposed to set the strategic role for IT across the enterprise and clarify the business role of IT.
Questions to be asked concerning IT principles includes:
– How do the business principles translate to IT principles to guide IT making decisions?
– What is the role of IT in the business?
– What are IT desirable behaviors?
– How will IT be funded?
2. IT Architecture
This defines integration and standardization requirements.
Questions to be addressed under It Architecture include
– What are the core business processes of the enterprise? How are they related?
– What information drives these core processes? How must these data be integrated?
– What technical capabilities should be standardized enterprise-wide to support IT efficiency and facilitate process standardization and integration?
– What activities must be standardized enterprise-wide to support data integration?
– What technology choices will guide the enterprise approach to IT initiatives?
3. IT Infrastructure
This determines shared and enabling services. Questions include:
– What infrastructure services are most critical to achieving the enterprise’s strategic objectives?
– What infrastructure services should be implemented enterprise–wide and what are the service-level requirements of those services?
– How should infrastructure services be priced?
– What is the plan for keeping underlying technologies up to date?
– what infrastructure services should be outsourced?
4. Business Application Needs
This specifies the business needs for purchased or internally developed IT applications.
Questions to be addressed induces:
– what are the market and business process opportunities for new business applications ?
– How are the strategic experiments designed to access success?
– How can business needs be addressed within architectural standards? When does a business need justify an exception to standard?
– who will own the outcomes of each project and institute organizational changes to ensure the values?
5. IT Investment and Prioritization:
This involves choosing which initiatives to fund and how much to spend.
Questions to be asked include:
– What process changes or enhancement are strategically most important to the enterprise?
– What is the distribution in the current IT portfolio? Is this portfolio consistent with the enterprise’s strategic objectives?
– What is the relative importance of enterprise-wide versus business unit investments/ do actual investment practices reflect their relative importance?
– What is the right balance between top down and bottom projects to balance standardization and innovation?
Alexander B Olubajo says
5. What archetypes do you see in your company? How well do they work?
I have actually been exposed to a couple archetypes from both my current and previous employers. At my previous employer I had the opportunity to see first-hand both duopoly and federal archetypes in play as I worked closely with the operations manager and occasionally, my input/opinion was required at some of their meetings. The company had a steering committee comprised of the Sales manager, Operations manager, Communications manager, Marketing specialist, IT, and other advisors that made business decisions and oversaw local project/programs that were specific to our location. The company also practiced federal archetype where by IT decisions were made centrally to meet business needs and objectives, and communicated down to each of the company’s locations to be implemented/executed. I thought both archetypes worked effectively as the federal ensured all locations were conforming and operating under a common/uniform IT strategy and architecture, while the duopoly archetype allowed us as a local unit to exercise additional resources (i.e wealth, local revenue etc) to further develop and improve our mode of operation.
Whereas, at my current employer I have experienced/seen a mixture of IT monarchy and duopoly, and at a stage, a little bit of feudal archetypes. I think the reason for this stems from the fact that we are somewhat considered an enterprise organization. In recent years, my organization has gone through numerous acquisitions and mergers where we have been acquired and lately, we have been acquiring other companies. After a series of these acquisitions, initially, there were multiple IT teams supporting different business units. However, as the IT process/structure within my company became more clearer, all of these teams got collapsed into one central IT.
Richard Flanagan says
Alexander,
By Federal we mean somewhere that some IT decisions are handled centrally while others are reserve to the sites or lines of business. It sounds to me that you were in more of a pure duopoly.
Folake Stella Alabede says
4. What is the difference between IT Strategy committee and an IT Steering Committee?
COBIT PO4 defines the IT Processes, Organization and Relationship:
IT STRATEGY COMMITTEE. Ensures alignment between IT and business strategy through enterprise IT governance. Although this committee is often assumed to operate at the board level, it does not carry decision authority exclusively. This committee has dashboard authority and oversees IT management in partnership with other board committees (audit, business strategy, finance, etc.). The committee is composed of a chairman (usually board member) and board/non-board members based on IT knowledge and corresponding business insight.
Responsibilities of the IT Strategy Committee includes:
• Provide IT insights to board and act as subject matter expert
• Monitor strategic IT plans
• Monitor enterprise resource availability to support IT initiatives
• Understand, Communicate, Mitigate IT risk (may also be coordinated with a Risk or Compliance Committee)
IT STEERING COMMITTEE. Oversees major projects – managing priorities and allocating resources with guidance from the IT Strategy Committee. There may be several steering committees within an organization depending on size, complexity and management culture. In any case, the steering committee should be the responsibility of executive management, providing a conduit between the governing body and program/project teams. Membership generally consists of varying business sponsors, the CIO and key advisors as applicable.
Responsibilities of the IT Steering Committee includes:
• Ensure programs/projects meet business requirements and align with IT strategy
• Determine overall level and allocation of resource to extend IT value across enterprise
• Communicate strategic goals to project teams and recommend changes to strategic plans
• Monitor and approve various architectures to support achievement of IT strategy
Difference Between and It Strategy Committee and an It Steering Committee?
The IT strategy committee operates at the board level while the IT steering committee is at the executive level, which brings about a contrast in their authority and membership makeup.
In terms of membership, an IT Steering Committee consists of sponsoring executive, business executive, the CIO and key advisers as required, whereas an IT Strategy Committee is composed of board members and specialized non-board members.
The IT Strategy committee seeks to advise the board and management on the IT Strategy of the organization whereas an IT Steering Committee assists the executive body in the delivery of the IT strategy.
While the IT Strategy committee focuses on current and future strategic IT issues the IT Steering Committee focuses on the implementation of those issues.
This entails that the IT Steering Committee oversees the day to day management of IT service delivery and major IT projects while the IT Strategy Committee has the broader role of ensuring there is alignment between IT and business strategy through enterprise IT governance.
The IT Strategy committee shows direction while the IT Steering Committee drives implementation.
Joshua Tarlow says
Professor Yeoman’s Section
What is the difference between and IT Strategy committee and an IT Steering Committee?
The IT Strategy Committee operates above the steering committee, often at the board level. It oversees IT Management with other committees and partners by providing IT insight to the board, monitor IT plans and initiatives, and to understand IT risks and issues. While the committee overseas IT strategy, it does not manage individual projects.
The IT Steering Committee manages important important projects, priorities, and resources based on the direction form the Strategy Committee. Unlike the strategy committee, the steering committee can oversee individual projects. In addition it makes decisions regarding specific technical requirements and resources. It also helps to ensure that that strategy committees vision is properly implemented across the enterprise.
Andres Galarza says
– What archetypes do you see in your company? How well do they work?
Since I work for the federal government in defense, appropriately, I see a healthy amount of the Federal archetype of IT Governance. My organization is a huge and lumbering beast that rolls out finished products over the course of decades, not weeks or quarters. The slow pace of progress is a result of bureaucracy, but it does almost guarantee that a mix of C-suit equivalent, technology, engineering, security and even human resource professionals are all involved, to an extent, in governance.
I say “almost” because once you get to a certain granularity, say a division within the “company” that numbers under 20 personnel, it’s easy to fall into the IT Monarchy archetype. A current example is a database project at work that is redundant (inappropriately) with a competitor project and it only exists because a supervisor lets the developers run riot.
I’d argue that archetypes like IT Monarchy and Anarchy are flawed, i.e. almost never appropriate. What I’m learning in this class about aligning IT functions to the core business functions reinforces my belief that business leaders need to lead their businesses, and that leadership now includes having a more-than-basic understanding of IT functions and strategy. Abdicating operational responsibility to the technologists (and I hope to be one!) is a negligent business practice in today’s business environment.
Folake Stella Alabede says
From your point Andre, it would stand to reason that the archetype used by a company would depend on the type of company it is right ?
Because you work for the Federal Government, so it is reasonable that the the Federal archetype is adopted.
And also relating this to Ahmed A. Alkaysi post about the archetype in his company, he says “I have seen a blend of IT Monarchy, Federal, and Duopoly archetypes at my company.”
Is it healthy for companies to have several archetypes being practiced ? does conflicts not arise from this ? Is there any law/check that states a limitation to the number of archetype a company can operate ?
Folake Stella Alabede says
in addition, the Feudal archetype, where business unit or process leaders make separate decisions based on the needs of their entities, i would think this should not be practiced in recent times, probably years ago, because it takes me back to the Stars Ambulance case, where different units adopted different practices and different policies and business owners did as they seem fit, this would look like a feudal archetype that doesn’t always have a good ending
Daniel Warner says
1. Describe the five IT questions that Weill & Ross (see Figure 3-4) see all organizations making?
• IT Principles
o IT Principles set the role for IT. The IT principles of an organization include the IT governance framework, and how to enact and maintain the structure and processes. This includes how the organization factors in risk management and compliance into their principles.
• IT Architecture
o The IT Architecture question is one where a business decides on how to align their IT operations and technology with their business objectives.
• IT Infrastructure Strategies
o This question focuses on the technical edge of IT and how to build the infrastructure that aligns with the business strategy.
• Business Application
o This question focuses on how the business wants to build the system when acquiring a new business or launching a new line of business. This may include leveraging current technology and structure, or developing new structure for the change in the business.
• IT Investment and Portfolio
o This pertains to how the organization is going to decide on where to spend the capital on IT.
Daniel Warner says
2. How do the Weill & Ross questions line up to the McKinsey questions? What’s changed in the last 15 years?
1. I think there are some similarities and differences among the questions that both articles state. For example, McKinsey asks the question “How well does technology enable the core business?” which is similar to the question of IT Architecture posed by Weill & Ross. Both of these questions highlight how IT strives to aid and align itself with the business objectives. Generally, both articles show how IT compliments and helps business strategy through various avenues. One difference I noted, when reading the McKinsey article was how much emphasis McKinsey placed on the different metrics available for each question. Weill & Ross has talked about the different decisions that each archetype had made which seemed driven by cost, but McKinsey mentioned about how decisions could be made based on metrics of IT. These metrics included; activation of customer accounts, and average time to go from initial funding to first production release. Another difference that McKinsey highlighted was the significance of IT talent. McKinsey made a point that IT talent is critical because an organization needs employees that can effectively build and maintain new systems as well as support the legacy systems.
Daniel Warner says
4. What is the difference between and IT Strategy committee and an IT Steering Committee?
1. The IT Strategy Committee consists of board members and specialized non-board members, whereas the IT Steering Committee consists of executives, the CIO, and other functionaries. The IT Strategy Committee advises the board and senior management on IT strategy and seeks to align IT and business strategy, whereas the IT Steering Committee supervises major projects and manages the allocation of resources in the business.
Daniel Warner says
5. What archetypes do you see in your company? How well do they work?
1. My current company is small, so the senior management drives all IT efforts, so we could be viewed as a business monarchy because the President and directors drive all of the decision-making. For us that works because the directors understand the business objectives, and also have a strong grasp of technology and understand it’s significance. I have worked for companies that have a business monarchy model and didn’t see IT infrastructure as something that needed updated or direction, which resulted in clunky, inefficient legacy systems receiving attention when considering IT alignment to the business.
Xiaodi Ji says
Daniel
It is so happy to hear that your company find right way to solve those complex problem. I think that the senior management manage all IT stuff is a good way for the small company because first they may do not have a lot of troubles with IT. Then, if they want to hire people to run all of those thing, it will spend extra money in it.
However, I think all of those thing should be established at the foundations that senior managements are good at IT. Otherwise, handling all of those thing by themselves sometime is a risk for the companies because first they do not have enough to think about all of those thing. Then, if they just have some basic knowledge about IT, they may not solve all of the IT problem in the company.
Folake Stella Alabede says
Yess Daniel, I think it’s a great thing for you and your company that “the directors understand the business objectives, and also have a strong grasp of technology and understand its significance hence the business monarchy would work perfectly. I have never really understood the importance/impart/benefit of IT Governance till I started this class, and I think IT governance for any enterprise cannot be over-emphasized.
Like Xiaodi Ji noted, it would be risky when the directors are making “uninformed” decisions while practicing the business monarchy archetype
Candace Nelson says
Professor Flanagan
1. Describe the five IT questions that Weill & Ross see all organizations making?
Peter Weill and Jeanne W. Ross (“Weill and Ross” or “the Authors”) authored MIT’s Center for Information Systems Research (CISR) Working Paper No. 349 titled IT Governance on One Page in November 2004. This paper was based on two studies performed by the Authors:
• A 2001 survey (performed in conjunction with CISR) of how CIO’s at 256 global enterprises govern IT, and
• A set of 40 interview based case studies that were developed by CISR researchers and examined IT governance in the context of organizational changes between 1995 and 2004.
Weill and Ross reported that no single best IT governance formula was discovered and that effective IT governance does not happen by accident. The studies also determined that companies with effective IT governance had 20% higher profits than others that were pursuing similar strategies.
The Authors defined IT governance as “the decision rights and accountability framework for encouraging desirable behaviors in the use if IT.” According to Weill and Ross, IT governance encompasses decisions to the following five questions related to the utilization and management of IT within an organization:
1. How will IT be utilized within the organization? This includes consideration of what IT’s role is in the business and whether the business and IT strategies and objectives are sufficiently aligned.
2. What core IT architecture (which is an integrated set of technical choices to guide the organization in satisfying business needs) will best serve the organization’s needs? Consideration should be given to the core business processes and the information that drives them, as well as the technical capabilities and activities that will need to be standardized in order to support process and data integration.
3. What IT infrastructure should be implemented to maintain the current business and technological needs while remaining sufficiently flexible to support future strategic and technological advances? Consideration should be given to outsourcing non-core IT services.
4. What opportunities exist for new business applications to be incorporated into the IT infrastructure to support business efficiencies and innovation, e.g. introduction of a new product line or geographic expansion that could result in additional regulatory / compliance requirements?
5. How should IT initiatives / projects be prioritized in a manner that ensures investments are made in a manner that best supports achievement of the overall organizational strategy?
Candace Nelson says
Professor Flanagan
2. How do the Weill & Ross questions line up to the McKinsey questions? What’s changed in the last 15 years?
The Weill and Ross’ questions resulted from studies conducted from 1995 through 2004. At this time, businesses were struggling to determine ways to maximize the value derived from technology. Although the discipline of IT governance first emerged in 1993, frameworks supporting its successful implementation were slow to follow. Hence, the earlier questions were directed towards ways to extract organizational value from IT assets and services.
In contract, the five questions suggested by McKinsey & Company seek to measure and improve upon the value IT imparts on the business based on factors including:
• Appropriately aligned business and IT strategies;
• Benefits derived from effective portfolio management and properly prioritized IT spend;
• IT’s speed to market, innovation and agility;
• Optimization of current/fostering of future IT talent through sound hiring practices and robust training and development opportunities; and
• How successfully the IT function supports achievement of enterprise goals.
Yu Ming Keung says
Professor Yeoman’s Section
4. What is the difference between and IT Strategy committee and an IT Steering Committee?
IT steering committee
1. Make sure all IT projects meet business needs and objectives
2. Create working groups and choose the right experts to complete a project
3. Proposed changes to a project’s scope must be approved by steering committee to ensure the change is aligned with the project’s aim
4. Encourage a collaborative work environment
5. Monitor progress towards goals
6. Control scope and resolve conflicts
IT strategy committee
1. ensure that IT governance, as part of enterprise governance, is adequately addressed;
2. advise on strategic direction;
3. review major investments on behalf of the full board.
Source:
http://searchcio.techtarget.com/definition/steering-committee
ISACA
Candace Nelson says
Professor Flanagan
3. Which archetype do you think is the most rare? Most common? Why?
The Anarchy archetype – where every individual in the organization makes decisions to suit their individual needs – seems to be the most ineffective, inefficient and potentially the priciest approach. Hence, I would consider this to be the rarest archetype.
Contrarily, I would expect the Duopoly archetype to be the most common since it incorporates leaders from several disciplines throughout the company in the form of an IT Steering Committee. This archetype has the potential to be the most effective and efficient approach. From a cost perspective, it is more likely wise IT investment decisions will be made if many facets of the business are represented and involved in making them.
Candace Nelson says
Professor Flanagan
5. What archetypes do you see in your company? How well do they work?
Unfortunately, the archetypes I see in my company are the Feudal and the Federal. As expected, this is due to the fact that my company (which had previously grown through acquisition) was spun off of a larger organization back in 2011 with the intent of being acquired. That acquisition occurred in mid-2015 and the combined organization has many disparate systems and processes.
There is a long-term strategy to consolidate all businesses onto one ERP (PeopleSoft) over the next several years, in a phased approach. In the meantime, extensive efforts are being employed to maintain all legacy systems and to align them as best possible in the meantime. From a control perspective the systems appear to be working effectively. However, this approach is anything but efficient!
Mengxue Ni says
What is the difference between and IT Strategy committee and an IT Steering Committee?
IT strategy committee included board members and specialized non-board members. Their major responsibility is providing advises the board and senior management on IT strategy.
IT steering committee included executives CIO and other functionaries as required. They focus on implementing strategies.
These two concepts are different but related, IT strategy committee leads the directions. Then IT steering committee drives the implementation.
IT strategy committee gives advises to board of directors===>board of directors make decisions based on the advises, instruct IT steering committee to implement====>IT steering committee is responsible for implementing and monitoring
This video is very helpful and it also gives out couple examples.
https://www.youtube.com/watch?v=Za9VMrSe094
Mengxue Ni says
Professor Flanagan section.
Jianhui Chen says
What is the difference between and IT Strategy committee and an IT Steering Committee?
Board members and specialist formed strategy committee, and steering committee consist of executives, CIO and other functionaries required. Strategy committee give the recommendation to the board and senior management on IT strategy. Steering committee implement the strategic plan. Strategy committee should take the responsibility for alignment of IT with business objectives, exposure to IT risks, direction to management related to IT strategy, and contribution of IT to the business. Steering committee is responsible for implementation as per direction of bard, approving project plans and budgets, setting priorities and milestones, acquiring and assigning appropriate resources, ensuring project meets the business requirement and continuous monitoring, and ensuring efficient use of IT resources.
source: https://www.youtube.com/watch?v=Za9VMrSe094
Kevin Blankenship says
3. Which archetype do you think is the most rare? Most common? Why?
I would consider the Anarchy archetype to be the most rare. Anarchy is very unfocused and has individuals or small groups only focusing what they need. This may work for a very small organization, but it will quickly lead to disarray and a ineffective IT organization.
On the flip side, I see the IT duopoly as the most common archetype.It uses leaders from both the IT organization and business units to make decisions with a full view of the company’s needs as a whole. This enables effective allocation of resources.
In my IT organization, we tend to work off the bicycle wheel form, with different IT groups servicing separate business units.
Yulun Song says
1. Describe the five IT questions that Weill & Ross (see Figure 3-4) see all organizations making?
IT Principles: set the strategic role for IT across the enterprise. Some questions to be asked: how does IT help business create value? How does IT strategy align with business strategy?
IT architecture: is the framework of IT, which is to integrate and standardize requirements. It is the blueprint of IT. this helps company deliver business needs and goals based on IT architecture.
IT infrastructure strategies: decisions are often made within the IT unit to deliver business needs and goals. IT infrastructure strategies will help senior managers to share their strategies with IT executives. This is to build a connection between business people and IT people.
IT business application needs determine what applications and softwares are needed by a business.
IT investment and prioritization: means how much to spend money and where the company will invest in IT organizations.
Yang Li Kang says
3. Which archetype do you think is the most rare? Most common? Why?
I think that the rarest archetype right now would be anarchy. I believe there was a time years ago where this archetype may be relatively common due to the perceive unimportance of the IT unit towards business decisions which resulted in many of the case studies that we so often read about in our courses. And as in many of the cases, those company eventually struggle and is forced to reform their IT decision archetype. Anarchy is no longer a feasible IT decision archetype because it creates separation between business units through silos.
On the other hand, I think IT Duopoly is the most common archetype because it involves only two parties, IT leader and business unit leaders making decisions. It has a much simpler management structure while also involving the IT executives who often sees the enterprise as a whole and share information when making decisions. Since the parties involves the IT executive and the business unit leader, decisions can be focused on the business unit’s actually need resulting in higher business unit satisfaction.
Andrew P. Sardaro says
4. What is the difference between and IT Strategy committee and an IT Steering Committee?
The IT Strategy Committee (senior executives, CEO, CFO) advises the board on IT strategy as so it is aligned with the business strategy (governance). The IT Steering Committee (executives, senior management) takes direction from the board and is involved in the implementation of day-to-day management of IT projects.
IT Strategy Committee Responsibilities:
• Alignment of IT with business goals and objectives
• Optimize cost and determine risk
• Provides direction to management as to IT strategy
• Right Things
IT Steering Committee Responsibilities:
• Implementation of IT strategy per direction of board and specialized board members
• Approves projects and budgets
• Overseas resource assignment
• Ensures projects meet business requirements.
• Done Right
To summarize, IT Strategy Committee advises the board on IT strategy that aligns IT with business, the board then empowers the IT Steering committee to implement.
Andrew P. Sardaro says
3. Which archetype do you think is the most rare? Most common? Why?
The most-rare IT Governance archetype is anarchy. With anarchy there is no structure or oversight in the decision making process. The decisions are made by individuals or small groups to address local needs without taking long term considerations as to how it impacts the organization. Anarchy is the most decentralized system, expensive and difficult to support (IT) but sometimes used when very rapid customer responsiveness is needed. With Anarchy, I see no partnership and cooperation between Business and IT. These individual groups are making decisions for their needs, not for the overall organizational needs.
The most common IT Governance archetype is the IT Duopoly. In this archetype, partnered decisions are made by senior business leaders and senior IT leaders representing the operating units. With this decision making process, we see an alignment of IT strategy and goal and objectives of the organization. An example of this decision organization would be a IT Steering committee.
Mansi Paun says
Q3 Which archetype do you think is the most rare? Most common? Why?
A3 After understanding the IT Governance Archetypes for allocating decision rights, in my opinion, the most rarely seen archetype in the real world scenario is the Anarchy model. In an Anarchy, individuals or small groups make their own decision as the need arises and as they think appropriate. This is highly improbable in an enterprise today as organizations are getting more and more focused and striving to achieve some sort of collaboration and uniformity enterprise-wide . However, as per the Weill & Ross model, the most rare archetype is the Feudal model. This doesn’t exactly mirror the real world scenario where we often see some of the larger enterprises give individual Business Units complete freedom to make their own IT decisions independently.
Regarding the most common Archetype, I believe it is the IT Duopoly model. The Duopoly model is a bi-party agreement between the IT Execs or IT Business unit and C-level Execs or between the IT group and Key business leaders. This model ensures the alignment of Business & IT goals well which is why it would be most preferred.
Noah J Berson says
Professor Yeoman’s section
The IT strategy committee focuses on the goals of IT and business strategy staying tied together through governance. It is often working with the board. It comes up with IT plans for the enterprise and consider IT risk.
An IT steering committee runs large projects under the watchful eye of the IT strategy committee. IT is also possible for there to be multiples in the same organization depending on how many large projects need running. They work mostly with top level executives and project sponsors. The CIO can be involved as well.
To give an exact contrast, the IT strategy committee is big picture while IT steering committee is a smaller picture. The strategy committee thinks up a direction and the steering committee figures out how to head in that direction. For them to both be effective, communication should occur between them.
Ryan P Boyce says
4. Which archetype do you think is the most rare? Most common? Why?
I think the most common and the rarest archetypes depends on the size of the business. Generally, I think the smaller the size of the company, the more common it would be to see an Anarchy, IT Duopoly, or IT Monarchy archetype. Less decision makers exist in smaller companies so the bulk of decisions are spread across fewer individuals. This means that as decisions arise concerning IT, two general outcomes will arise. Since the company is small, executives may have more time on their hands to associate with IT needs so a duopoly or monarchy may exist. Conversely, if the company is small enough, individual users may make their own IT decisions as the decisions they are making will not affect a great deal of people since the company is smaller. In this last example, an anarchy archetype exists. The opposite should be true in larger companies where more rigid, beau acratic systems are in place. The likelihood that an anarchy or feudal system exists in very large organizations is very low. In these places, I believe some type of monarchy would be most prevalent-either a Business Monarchy or an IT Monarchy. I think different flavors of the other archetypes may exist, though. Different business units may decide amongst themselves what system or application they want to run but, ultimately, I think that oversight and final decision making processes are done either by the senior IT executives, by business executives (CxO), or by a mix.
5. What is the difference between IT Strategy committee and an IT Steering committee?
The biggest difference between an IT Strategy Committee and an IT Steering Committee is that one makes initial IT decisions and one ensures those decisions are being acted out upon effectively. IT strategy committees set the direction for how a company’s IT department will support business needs. This committee would be responsible for determining if IT would assume the role of a cost center or a profit center for the company. Generally, this committee determines the role IT plays within the company. The IT steering committee assumes oversight of IT projects once the overall direction of IT has been determined. My previous employer was responsible for implementing a tax system for our client. The project manager from our company sat on the steering committee along with business leaders and high level IT personnel from the client side. The purpose of this committee was to maintain oversight of the project and make decisions throughout the life of the project if changes were taking place in relation to the scope of the project. The IT strategy committee of the client determined the direction of IT within that organization which eventually called for the purchase of my previous employers’ product which ultimately led to the creation of the steering committee that implemented that product.
Folake Stella Alabede says
3. Which archetype do you think is the most rare? Most common? Why?
Political archetypes are used to describe the combinations of people who have either decision rights or inputs to IT decisions.
There are 6 archetypes, and one of these 6 archetypes could describe how enterprises makes one or more of the five key IT decisions (as described by Weill and Ross) or provides inputs to the decision makers.
The 6 archetypes are:
1. Business monarchy: A senior business executive or a group of senior executives, sometimes including the CIO.
2. IT monarchy: Individual or groups of IT executives.
3. Federal: C-level executives and business representatives of all the operating groups—may include IT involvement (equivalent of the central government and the states working together).
4. IT duopoly: Two party decision making involving IT executives and one group of business leaders.
5. Feudal: Business unit or process leaders making separate decisions based on the needs of their entities.
6. Anarchy: Each individual user or small group.
I think the rarest is the Anarchy. Within anarchy, individuals or small groups make their own decisions based only on theirs local needs, and anarchies are expensive to support and secure.
Folake Stella Alabede says
Question 3 contd
Which archetype do you think is the most common?
I’m a teeny bit confused about the most common archetype.
Judging from Figure 3-4. An explanation of Figure 3-4 says “the darker shaded cells in figure 3-4 indicate the most common or typical governance pattern” (and the Federal archetype has the most darker shaded cells) and it further says “with the shaded bordered cells highlighting the most common decision-making patterns” (and here the IT Monarchy has the most shaded bordered cells)
But to inter-relate these archetypes, it would follow that IT Duopoly is the most common as here, decisions represents a bilateral agreement between IT executives and one other group, and even from studying the course IT Governance, we see that a lot of enterprises are now aligning IT strategies with Business Strategies (which should look more like Duopoly ?)
And I guess we could also say the IT Duopoly and the Federal Model are similar with the difference being that a federal arrangement always has both corporate and business representation, while a duopoly has one or the other but not both and always include IT professionals.
Also, the duopoly is popular partly because it involves only 2 decision making parties, and it can achieve many of the objectives of a federal model using a simpler management structure.
Andrew P. Sardaro says
1. Describe the five IT questions that Weill & Ross see all organizations making?
The five R&W’s questions that must be answered by non-IT people in the org.
• IT Principles:
Sets the strategic role for IT across the enterprise. Will IT only support the business (cost center), or be part of business. Ensures that both IT and business strategy align.
How much are we going to spend in IT, what do we want to do with it, where are we going to invest in IT.
• IT Architecture:
Focus on IT strategy, specifically what is IT going to use, where is best to place to invest our money to get value out of that IT Investment.
• IT Infrastructure:
Implement the infrastructure for today while keeping any eye on tomorrow. Provide the flexibility, agility for tomorrow’s business challenges.
• Business applications needs:
Business will need to meet market challenges, or market value opportunity that is not in the strategy, need for innovation. Business requirements for purchased or internally developed IT applications.
• Prioritization and Investment:
This question asks how much money is needed and where to invest in IT. How do you decide where to spend the money.
Anthony Clayton Fecondo says
Which archetype do you think is the most rare? Most common? Why?
The rarest archetype is Anarchy. I think this is the case because anarchy makes it impossible to coordinate on an enterprise level. The level of autonomy and variability provided by anarchy isn’t maintainable for most aspects of IT especially on a large scale. Anarchy directly sabotages the ability for an organization to have a clearly defined strategy, vision, mission, and general direction.
The most common archetype is Federal. I think federal is common because provides an effective combination of input by including IT, corporate, and business units in decision making. Having this collection of parties involved in decision making allows for a versatile and a cover-all-the-bases approach.
Xiaodi Ji says
Anthony,
I agree with your idea that anarchy is a very dangerous state for some enterprise. Now, many works need people work together and share their opinions. If anybody do whatever they like in the company, company will sink into the sand.
First of all, company does not have same dream or vision for the future. Employees do not have any sense of belonging for this company.
Then, everybody worry about their own stuffs and do not want to share with people. It is risk for the company, because employees always want to hide their thing which make dangerous relationship in the company.
Finally, enterprise cannot catch those employees. They have their own project, so they can go anywhere they like. Once a company cannot get stability employees, it is time for them to close.
Richard Flanagan says
Xioadi,
While I agree that anarchy is the rarest of all archetypes and not suitable for most companies or lines of business it may fit some. I spent five years working with 1400 PhD chemists whose job was to invent new products. They worked in small teams using a variety of very sophisticated lab equipment. As such, each group would demand IT support for whatever technologies (not IT) that they needed for their research. It would have been disasterous to force them into a standardized approach because it would have limited their ability to create new products which was exactly what they were there for. I think this could be true of any effort dominated by small groups of varying, but important, needs.
Richard Flanagan says
Anthony,
You are correct as far as you go but I think there is a fuller role for the IT Steering Committee. They are the oversight team for IT and as such approve directions, probably the EA, policies, etc. They do select projects to work on and other to kill but that is only one aspect of what they do.
Anthony Clayton Fecondo says
What is the difference between and IT Strategy committee and an IT Steering Committee?
In my own words, as succinct as possible, I would say the difference between an IT strategy committee and an IT steering committee is that an IT strategy committee establishes what strategy the IT department needs to pursue in order to align with the overarching business strategy and the steering committee decides prioritization of IT projects in order to align with the IT strategy.
I think the primary differentiating factor is the level of business that each committee operates on. The strategy committee is a higher level operator that’s concerned with aligning the department with the corporation. The steering committee operates on a more granular level and aligns projects with the department strategy.
Richard Flanagan says
Anthony,
You are correct as far as you go but I think there is a fuller role for the IT Steering Committee. They are the oversight team for IT and as such approve directions, probably the EA, policies, etc. They do select projects to work on and other to kill but that is only one aspect of what they do.
Xiaodi Ji says
What is the difference between and IT Strategy Committee and an IT Steering Committee?
I think that IT Strategy Committee is where the IT strategies come from or make. The IT Steering Committee is making decisions for the IT Strategy committee and creating general direction. The relationship between them is that IT Strategy Committee follow the rules which making by IT Steering Committee.
For example, we(IT Strategy Committee) want to find a way from Temple to ChinaTown with our friends. We may use Google map(IT Steering Committee) to find how should we go there. However, One of our friends want to go to Center City than go to ChinaTown because he wants to buy something. In this time, we check Google map again to know Center City have some event which will spend our extra 1 hours to go to ChinaTown. Then, we decide we do not go to Center City.
Therefore, IT Steering Committee is quite important for the enterprise’s strategies because they can stand as third-view to review the strategies to give some significant advice.
Xiaodi Ji says
Some points about archetype.
Many people have same viewpoint that Anarchy is the most rare archetype for the business. So am I. However, I think this archetype sometimes should be used in the business to help enterprise go through the bottom of valley or find other business line. When we limited use this archetype, it can give employee more space to think what they want to do, how the future looks like, and which is they real good at. It will expand employees’ creativity.
For example, Bell Labs is an amazing labs in the history of human’s technology. At the beginning, it just a labs of AT&T. However, AT&T does not limited its research. It does not ask Bell Labs have to development something which can get interest in 2 or 3 year. AT&T gives money to researchers to ask do anything what want. Although, some invents may be used in 5 years later or some always lay down in the storage, those things actually change the world. Unfortunately, Bell Labs was separated from AT&T. Thus, they have to do some effective thing to catch investor’s eye. They create things what today or 1 or 2 year’s need. Finally, Bell Labs make things for short-term benefit instead of something which can shaping world.
Thus, in my opinion, this archetype should be limited used in some enterprises, especially in some IT company to help them find the human’s future and catch valuable opportunity
Kevin Blankenship says
That’s an interesting thought. Anarchy does give a lot of freedom to developers and engineers to pursue experimental lines of work. This could definitely help a company that needs to kick start itself or find a new way to differentiate itself.
If I’m understanding you correctly, Anarchy is risky so should only be confined to small parts of the organization, rather than having the entire organization follow this path.
Xiaodi Ji says
Kevin,
Yes, you get my point. Anarchy sometimes create a loose organization. Everybody do not have same dream or goal for the future, which cannot build a strong sense of identity and hard to work together to get through the problem. However, if we use anarchy in right place, it will do right thing which just like my example.
Andrew P. Sardaro says
Agreed, this is an interesting thought. Innovation is important and I could see this working with a company that needs to kick start. However, within an organization using Duopoly how would these individuals get the money and resources for this Innovation? There would be some politicking involved I imagine.
Kevin Blankenship says
I could see companies like Google using this in it’s development areas.
Alexander B Olubajo says
2. How do the Weill & Ross questions line up to the McKinsey questions? What’s changed in the last 15 years?
I think the Weill & Ross questions line up pretty well with the McKinsey questions. Reading both questions, my first observation was that the McKinsey’s questions were more direct, concise, and they addressed, through the questions, the five key/major governance decisions every IT organization has to make. While, I felt the Weill & Ross questions did the same thing but were just broader in its scope. However, both Weill & Ross and McKinsey ultimately address/cover those five key decisions in their questions.
After reading both Weill & Ross and McKinsey’s questions, I was able to cross-match each of of those five questions from McKinsey to Weill & Ross:
1. How well does technology enable the core business? – I thought this question asked the same question as Weill & Ross’ “IT Principle” decision/question, which focuses around how IT will create business value. Here, McKinsey wants organization to answer this question by gauging their IT organizations ability to implement technologies that allow their core business activities to happen.
2. What value is the business getting from its most important IT project? – I thought this question lined up well with Weill & Ross’ question/decision on “IT Architecture”. Weill & Ross question looks at what IT is going to use and the best place to invest their money to leverage benefits & value from that investment. While McKiney wants IT to get assurances of that value and measure the organization’s project benefits.
3. How long does it take the IT organization to develop and deploy new features and functionality? – I thought this question aligned closely with Weill & Ross’ decision/question on “IT Infrastructure”. Both questions look at the infrastructure, resources, and capabilities required to provide the flexibility to handle current and future shared services.
4. How efficient is IT at rolling out new technologies and achieving desired outcomes? – I thought this question could be related to Weill & Ross’ question of “Business Application Needs”.
5. How strong is our supply of next-generation IT talent? – This question seems to line up with the Weill & Ross question/decision of “IT Investments & Prioritization”. These questions allows the board to have an understanding of what skills and capabilities the IT organization might need currently and in the future.
Folake Stella Alabede says
2. How do the Weill & Ross questions line up to the McKinsey questions? What’s changed in the last 15 years?
The McKinsey Questions are supposed to help board directors gain fluency if they routinely ask five critical questions relating to the IT organization’s performance. These questions are:
1. How well does Technology enable the core business?
2. What value is the business getting from its most important IT projects?
3. How long does it take the IT organization to develop and deploy new features and functionality?
4. How efficient is IT at rolling out technologies and achieving desired outcomes?
5. How strong is our supply of next-generation IT talent?
These questions help directors understand exactly how much value IT is creating for a company and how its IT capabilities stack up against those of competitors. And they are directly related to the Weill & Ross questions with the difference being a more direct approach from recent trends on the McKinsey questions
What’s changed in the last 15 years?
The McKinsey Questions are recent and they are more direct in their questions based on recent trends. For example, McKinsey questions on how well Technology enables the core business tells us that compared with even five years ago, companies are investing more in digital initiatives to gain critical process and production efficiencies ….., and these initiatives span multiple business units and functional areas… to facilitate end to end processes
Also, in the last 15 years,
Enterprises have moved focus to a more direct and focused view, with more direct involvement of the board of directors
Focus is shifting to hire data analysts instead of data programmers. (I.e hire people with different skill sets)
The IT organization is no longer considered just as a service provider, but how it manages the integration of emerging technologies can help determine the success of a company’s digital strategy
Sheena Thomas says
4.What is the difference between and IT Strategy committee and an IT Steering Committee?
I found this article that detailed the responsibilities of each committee very helpful
“IT STRATEGY COMMITTEE. Ensures alignment between IT and business strategy through enterprise IT governance. Although this committee is often assumed to operate at the board level, it does not carry decision authority exclusively. This committee has dashboard authority and oversees IT management in partnership with other board committees (audit, business strategy, finance, etc.).
Responsibilities:
-Provide IT insights to board and act as subject matter expert
-Monitor strategic IT plans
-Monitor enterprise resource availability to support IT initiatives
-Understand, Communicate, Mitigate IT risk (may also be coordinated with a Risk or Compliance Committee)
IT STEERING COMMITTEE. Oversees major projects – managing priorities and allocating resources with guidance from the IT Strategy Committee. The steering committee should be the responsibility of executive management, providing a conduit between the governing body and program/project teams.
Responsibilities:
-Ensure programs/projects meet business requirements and align with IT strategy
-Determine overall level and allocation of resource to extend IT value across enterprise
-Communicate strategic goals to project teams and recommend changes to strategic plans
-Monitor and approve various architectures to support achievement of IT strategy:
(Source: http://www.escoute.com/2013/08/12/to-steer-or-to-strategize-differences-between-it-steering-committees-and-it-strategy-committees-2/)
Sheena Thomas says
Which archetype do you think is the most rare? Most common? Why?
I think Anarchy is the most rare archetype.
-Most companies do not leave it up to each individual user to make a decision or have input rights. IT Execs and Mgrs normally make the decisions as to what technology, applications or processes a company would used based on their client need.
I think Business Monarchy is the most common archetype. From my personal experience, every company I worked for the groups listed in the Business Monarchy made all the decisions on technologies, applications, policies, etc.
Sachin Shah says
4. What is the difference between and IT Strategy committee and an IT Steering Committee?
Based on my experience a IT strategy committee focuses on direction, steering, advising business leaders, understanding business needs and creating a form of IT governance. I have seen this committee have board members and executives.
The strategy committee usually hires or creates the Steering committee who are usually managers who understand the vision, business direction, and IT strategy. This group’s main purpose is implementation and overseeing the day to day activities or monitor employees and projects. Implementing also includes enforcing the policies decided upon by the strategy committee.
Ivy M. McCottry says
3. Which archetype do you think is the most rare? Most common? Why?
I think that the anarchy archetype is the most rare because of the risk associated with it as well as the resources required as noted by Weill and Ross. However, I would like to propose that the anarchy model is likely common among start-ups because of the challenges and learning curves start-ups face as they skill up in different markets, with different needs, with different resources.
I think that the federal model is the most common archetype because of how funding decisions typically flow from the top down. My caveat would be that the C-level is increasingly involved because of how IT has elevated in importance relative to achieving corporate strategic goals.
Ivy M. McCottry says
5. What archetypes do you see in your company? How well do they work?
I see different archetypes in my company. For high-level matters that shareholders would hear about in the market, I see the federal archetype (ex. hot topic acquisitions that affect IT architecture, IT infrastructure strategies, IT investment). For a large part of our business that is business to consumer, I see business monarchy (ex. decisions for new business application needs). For specialty or niche business areas (ex. satellite communications), I see a feudal archetype because of business unit leadership, autonomy, and business unit skills. Some teams have skills for rapidly changing their tools and typically exercise those skills to make their work more efficient and effective whether high level decision makers enable them or not. People are pretty aware that they need to follow rules for maintaining compliance and security yet they also know to keep the network up at all times and to do whatever it takes because of service level agreements and reputational effects.
I think that the different models work well for the decision making levels/groups referenced. My role has given me exposure to headquarters and different parts of the business and that exposure helps me better understand our internal decision making structures and funding decisions, whether the decisions are for acquisitions or basic operations.
Ivy M. McCottry says
2. How do the Weill & Ross questions line up to the McKinsey questions? What’s changed in the last 15 years?
I would say that the big distinction between the question set is an emphasis on IT governance (Weill & Ross) versus IT performance (McKinsey). McKinsey’s question set is very much performance focused and probes to identify value creation/extraction for IT enablement and investments. The change experienced in the last 15 years is the value of IT to enterprise/corporate success in terms of achieving strategic goals and objectives. It’s no longer simply a question of what is an enterprise using, it’s a transition to deeper questioning that is comprehensive and centers around overall purpose, value, cost/benefit, agility, security, etc. that feed into broader enterprise risk management and corporate strategy.
Ivy M. McCottry says
4. What is the difference between and IT Strategy committee and an IT Steering Committee?
If IT governance was a kingdom, the board is the king, the IT strategy committee is the food taster and the IT steering committee is the chef. The IT steering committee must understand and respect the palate or appetite, if you will of the king. The strategic committee checks things beforehand and serves as an intermediary to make sure that the chef’s makings are proper.
In ISACA terms, an IT strategic committee ensures IT governance and reports to the board. The IT steering committee ranks/prioritizes IT investments, tracks project status, and monitors service levels and improvements that the board ultimately has to sign-off on and that must align with the IT governance ensured by the IT strategic committee.
http://www.isaca.org/Groups/Professional-English/po4-3-it-steering-committee/Pages/Overview.aspx
http://www.isaca.org/Groups/Professional-English/po4-2-it-strategy-committee/Pages/Overview.aspx