Published: March 24 2010, 11:15 AM | 1 Comment(s)
by Steve Romero

I was enthused by Susan Cramm's @HarvardBiz blog post: "Eight Things Executives Hate About IT" http://s.hbr.org/cLCkEz. Her views inspired me, because I thought they provided a great test of my assertion that there isn't a single problem in IT to which the solution is not connected to sound IT Governance.

I will limit this examination of my contention to elements of IT Governance I have either described in previous blog posts or in my IT Governance presentation. (If you haven't seen it, there is a recorded webcast and PDF of an abbreviated version on our PPM Community site: http://successfulppm.ning.com/ ).

So here is my ammo:

A description of IT Governance, including the principles of IT Governance, from a May, 2008 post:

"IT enables IT Governance, but the ITG discipline is a means for the business to govern IT, to ensure IT is aligned, delivering value and appropriately managing risk, resources and performance. The business must govern IT just as it must govern every other important business function, such as Finance or Human Resources."

The major decision areas of IT Governance (from my heroes Peter Weill and Jeanne Ross from MIT's Center for Information Systems Research and included in my ITG Presentation)

• IT Principles
• IT Architecture
• IT Infrastructure Strategies
• IT Applications and Systems
• IT  Investment and Prioritization

The processes required to support/enable IT Governance (included in my ITG Presentation):

1. Integrated Business & IT Planning
2. IT Investment Assessment, Prioritization, Funding & Benefits Realization Accountability (PPM)
3. IT Financial & Resource Allocation
4. Project Prioritization & Decision-making
5. Emerging Technology Evaluation & Adoption
6. Client Relationship Management
7. Building & Maintaining Applications & Infrastructure
8. Provisioning of IT Services
9. Outsourcing Services
10. Audit & Risk Management
11. Architecture Management - Standards & Review

Now, here are the targets from Susan's great post: "Eight Things Executives Hate About IT." I follow each with my IT Governance-related solution.

1. IT limits managers' authority

IT's bureaucratic processes rival the tax code in complexity. When challenged, IT justifies red tape as necessary because the business makes half-baked requests and is clueless about enterprise impact.

IT Governance includes the principle of ensuring IT is appropriately managing performance. This means the business needs to ensure IT Processes are optimized to meet business needs - and not bureaucratic, slow, overly complex or unnecessary. The business needs to work with IT and participate (even if it is simply in an oversight capacity) in the design, implementation and managing of all IT processes. PPM (#2) and Client Relationship Management (#6) processes ensure requests are not "half-baked." Every one of the IT Governance processes has a role in understanding and appropriately responding to enterprise impact.

2. Consists of condescending techies who don't listen

The CIO may be impressive, but he or she is also totally unavailable. When you have questions, your only option is someone a few rungs down, who lacks the breadth of expertise to advise senior executives. The irony is, these "techies" often feel just as frustrated by managers who treat them like servant-genies.

IT Governance provides the forums and mechanisms necessary for technology-related decision-making. The business agrees to the appropriate staffing (Business and IT representatives) of formal decision-making committees. PPM (#2) and Service Provisioning (#8) processes are optimized to respond to business requests. These Committees or Request and Work Management Processes should have the means and mechanisms to address any question raised by the business. Some organizations go even further by providing the Client Relationship Management process (#6), providing personnel dedicated to acting as liaisons between the business and IT.

3. Doesn't understand the true needs of the business

IT nags you for requirements and complains that you always change your mind about what you want from your systems. Why doesn't IT understand that change should be expected in a dynamic business environment where nothing is static?

IT Governance ensures IT is aligned with the business. Every single one of the IT Governance Processes I list above has decision-making mechanisms specifically intended to ensure business needs are identified, defined, understood, refined, validated, and fulfilled. IT Governance also includes the systematic ability to measure process performance to ensure the Enterprise is meeting each of the IT Governance principles. If IT doesn't understand the needs of the business, numerous processes will indicate failures.

4. Proposes "deluxe" when "good enough" will do

Your "simple" request requires a boatload of specialists and weeks (if not months) of analysis. Yet you wanted a timely, cost-effective solution, not an expensive panacea.

IT Governance provides two processes critical to "serving" the business: PPM (#2) and Service Provisioning (#8). These "customer-facing" processes must address ANY request from the business and direct the request to the process optimized to serve it. In the case of "simple requests," the Provisioning of IT Services processes ensures they are directed to the channel optimized for their simplicity. Add the metrics and measures to determine if IT is aligned with business, delivering value and managing performance and resources and you'll be able to determine when round pegs are getting hammered into square holes.

5. IT projects never end

It's not just that IT projects are never completed on time...it's that they never feel completed at all. They're perennially 90% done. "Finished" projects don't have the agreed-to functionality.

IT Governance provides governance of all IT investments (including projects and programs). PPM (#2), Project Prioritization & Decision-making (#4), and Building and the Maintaining Applications and Infrastructure Process (#7) directly address this problem. These processes are supplemented by Integrated Biz/IT planning (#1), Financial and Resource Allocation (#3), Client Relationship Management (#6), and Audit and Risk Management (#10). I mention these because each has the means to ensure commitments are defined and met.

6. Is reactive rather than proactive

When you need help, you feel like a technology pauper, going door-to-door begging for help from functional specialists who complain that you didn't get them involved early enough.

Integrated Business & IT Planning (#1), PPM (#2), Project Prioritization & Decision-making (#4), Client Relationship Management (#6), Building & Maintaining Applications & Infrastructure (#7) and Provisioning of IT Services (#8), provide formal mechanisms and channels optimized for the business to team with IT. Each of these processes could actually have multiple channels, creating a plethora of avenues for the business to effectively engage IT.

7. Doesn't support innovation

When you try to brainstorm with IT about new technologies you could use to innovate - like 2.0 tools, for instance - they patronize you by dismissing your questions and noting that your people aren't properly using the systems already in place.

IT Governance provides the Emerging Technology and Evaluation Process (#5) to address future business technology needs. This process (like ALL IT Governance processes) is directly linked to business strategy and its specific purpose is to determine when new technology will be adopted to serve business needs. And like all IT Governance processes, the business ensures the mix of business and IT participants is optimized to ensure reasoned and rational business technology decisions.

8. IT never has good news

No matter how much you spend or how hard you work, the promise of technology seems perpetually beyond your reach. Even the "successful" launch of new systems is accompanied with the inevitable onslaught of bugs, crashes, and change requests.

IT Governance is entirely devoted to rectifying this problem. And the 2008 ISACA survey of 255 Non-IT CEOs showed "Realizing the Value of IT" was the #1 reason Enterprises were investing in sound IT Governance (supplanting "Managing Risk" for the very first time). Every one of the IT Governance processes I propose plays a role in realizing appropriate value for technology investment. Bugs, crashes and change request onslaughts are addressed (prevented, reduced, resolved) by Project Prioritization & Decision-making (#4), Emerging Technology Evaluation & Adoption (#5), Emerging Technology Evaluation & Adoption (#6), Building & Maintaining Applications & Infrastructure (#7), Provisioning of IT Services (#8) and Audit & Risk Management (#10).

I believe I am 8-for-8. I would love to hear your thoughts, but for now, let me use Susan's final paragraph to wrap up this post:

This dysfunctional relationship satisfies no one. And companies can no longer afford to waste precious resources on IT "investments" sponsored by business leaders who believe IT is not their job - or wish it weren't. How will you forge a more productive relationship with IT?

Notice the most telling aspect of her closing: "...business leaders who believe IT is not their job." Therein lies the rub. The only shortcoming I can find with my beloved IT Governance is its name: "IT" Governance. This name contributes to perpetuating the pervasive mistaken belief that IT Governance is a function of IT or the sole responsibility of the CIO. In actuality, IT Governance is specifically intended to forge a more productive relationship with IT by eliminating the "white space", the gap, the divide between the Business and IT. Until the business embraces its role and responsibility in governing IT, they will continue to potentially "hate IT."

Steve Romero, IT Governance Evangelist

Share this post:  Email

Share

Published: March 15 2010, 07:22 AM | 4 Comment(s)
by Steve Romero

I received a tweet from one of my favorite Twitterites @PeterKretzman . Peter retweeted @abbielundberg  and @twailgum (I already follow the former and now follow the latter) who cited a recent CIO Online Magazine blog post titled: "Why the New Normal Could Kill IT" http://bit.ly/aGcP1a . I found it to be an inspiring post and hope everyone will read it before this post. It would help to test my opinions, the first being that the gist of the article is how most CIOs and their IT organizations must change if they have any chance of serving the "new Norm" (the current state created by the monumental shift triggered by the Global Economic Downturn).

I absolutely agree far too many IT organizations are overly complex, too expensive, and incapable of either leading or responding quickly to fast-paced business change. I absolutely disagree with the implication it is the CIO and IT that need to change in the unilateral fashion I interpret from the post. Once again, the Dog expects the Tail to do the wagging - which is exactly why CIOs and their IT organizations are in trouble in the first place.

Consider this excerpt from the post:

"...a harsh light finally glared on unfavorable licensing agreements and much-too-much shelfware; ill-conceived purchasing and integration strategies; and questionable software married to entrenched business processes. And non-IT executives seated at the boardroom table were more than likely horrified by what they found during closer inspection of IT's operations."

I suggest it takes some nerve for a non-IT executive to be "horrified" at what they find in IT if they are only now closely inspecting IT's operations. Anything they find in IT is there because they let it happen. A likely defense is they didn't know what IT was doing - which is precisely the problem. They didn't know!

This was even more troubling:

"In many corners of the corporate HQ, in fact, there are plenty of execs who, from time to time, would probably take pleasure in watching IT fail, a la Lehman Brothers. This most recent inspection of IT's ledgers and strategy probably amplified that feeling."

Could this actually be true? How often do you see a better example of cutting off your nose to spite your face?  The post goes on to say why Execs can't let IT fail and how IT has to fix itself. IT has to fix itself. This implies IT is expected to do this on its own, even while the post rightly points out the downside of IT acting alone. Check this out:

"This is your wakeup call, big-league IT execs. After nearly five decades of gate-keeping prominence, corporate IT is in trouble and at a crossroads like never before in its mercurial and storied history as a corporate function. "The era of CIO dictatorship ends with 2009," writes Altimeter Group partner for enterprise strategy Ray Wang. "

If any CIO has been a dictatorial it is only because the business abdicated authority. This abdication is supported by the following statements from the post:

 "Given the aforementioned warning signs, it's easy to speculate that the CIO's role and the department's sovereign power might be slip-sliding away."

"CIO's have lost a lot of control in guiding how technology is used in the enterprise," blogs Altimeter Group's Wang, "because the world of consumer tech has out-innovated enterprise-class technologies."

The only possible way CIOs could act autonomously or control how any technology is used (enterprise-class or consumer) is if Business Leaders forgo their responsibility to "govern" IT. IT Governance (or more appropriately, the Business Governance of IT) provides the approach, framework, discipline and processes for the Business to ensure:

• IT is aligned with the Enterprise it supports
• IT delivers appropriate value for technology investment
• IT appropriately manages risk
• IT appropriately manages resources
• IT appropriately manages performance

Unfortunately, the post does not cite IT Governance as the answer. Instead, as we've seen before, it provides recommendations for how the CIO must change. Each of the recommendations is reasoned and rational, but I found it hard to accept there are many CIOs who don't already practice them.

The post concludes by noting how many CIOs are already falling into the tail-wagging-the-dog trap I lament:

"Some CIOs have already responded: Capgemini's 2009 Global CIO Study found that 55 percent of the 490 respondents say they are giving priority to projects that contribute more to the business, and 34 percent are prioritizing projects that take advantage of new market conditions."

It appeared to me the blog presented this as good news. I contend it is bad news, because yet again, these CIOs are acting autonomously with the tacit approval of the business. It is not IT's responsibility to prioritize projects, it is Business Leadership who should decide. (And I do love it when CIO's are actually included at the Business Leadership Table. The downturn has driven the number down to low 40s so the current percentage saddens me.)

I agree with each of the problems cited in the post and with many of the changes sagely presented to overcome the latest round of Enterprise technology challenges. What I emphatically disagree with is the focus on CIO changes alone. I wince every time I hear Business Leaders have new/more /different expectations of IT, and how they won't tolerate entrenched IT practices and behaviors. How can they say this when they are partner to everything IT is today and everything IT has ever been? Since IT's inception, Boards of Directors and Business Unit Leaders have overlooked or misunderstood their role in leveraging technology and have subsequently neglected their responsibility to govern IT. They left IT to IT, and predictably, the results have been far less then optimal for the business.

Business needs to ensure IT is aligned, delivering value, managing risk, performance and resources. They do this in partnership with the CIO and with IT. All of the problems in IT, the licensing agreements, the huge ERP systems, the inability to react precisely and quickly, are due to the business letting them happen. Now they want the CIO to do something about their lack of oversight and their non-existent governance. Until the business takes full accountability for ensuring the realization of maximum value for their investment in technology, IT will continue to be misaligned, disconnected and ultimately out of touch.

Yes, I agree there should be a new norm - and that is: Business Governance of IT. It's time for the IT-tail to stop wagging the Enterprise-dog.

Steve Romero, IT Governance Evangelist

Share this post:  Email

Share

Published: March 07 2010, 04:40 PM | no comments
by Steve Romero

I had an interesting conversation the other night with the Director of a PMO for a large company. After delivering my Project and Portfolio Management presentation she took me aside. She described her role leading the PMO and explained how she was also a leading advocate for advancing PPM in her company. She has indeed garnered a semblance of executive interest and support and has been told to "Go ahead and do it." She asked me who I thought should be the leader of PPM and if I was of the opinion she could indeed fill that role.

I told her the ideal was for the CEO to act as the leader of PPM. I immediately acknowledged I have seldom seen this to be the case. I then said the second best scenario is for the CEO to act as the "champion" of PPM, constantly reinforcing the vision and knocking down the countless inevitable obstacles to PPM success. In this scenario, the leader of PPM is the member of the Executive Leadership Team who has the best chance of meeting the business objectives set forth for PPM. Identifying this person is always a challenge.

The first aspect of the challenge is the determination of the business objectives of PPM for a given organization. Many people argue that PPM is PPM is PPM. I beg to differ. PPM can manifest itself in numerous ways and it comes in many shapes and sizes. The optimal incarnation is one that directly addresses the business opportunities and business problems that initiated the need for PPM in the first place. Yes, the ultimate goal and purpose of PPM is to determine the optimal mix and sequencing of proposed programs and projects to best achieve the organization's overall goals. But meeting this goal is a journey. There are numerous sub-processes and operational mechanisms and few enterprises can establish them all at once. Instead, the most pressing business needs (opportunities and problems) should determine which vestiges of PPM are introduced when.

Once the appropriate business objectives are determined, the next aspect of the challenge is to determine which member of the Executive Leadership Team is best positioned to lead the charge to achieve them. Some of the challenges she or he will face are:

• The clear articulation of PPM vision and the "roadmap" for getting there
• Defining the steps required to meet determined PPM objectives
• The need to engage and influence every area of the business and constantly traverse organizational boundaries
• The establishment and fostering of the appropriate mechanisms required to meet PPM process objectives - the most challenging being those required to reconcile inevitable differences and conflicts
• The systematic management of PPM processes (monitoring, measuring, analyzing and optimizing)
• The practical and reasonable maturation of PPM
• Proving the business value of PPM

To overcome these challenges, the Leader of PPM must have:

• The respect and confidence of the Executive Leadership Team
• An acute understanding of business strategy, goals, objectives and planning processes
• An understanding of corporate culture, organizational behavior and political nature
• A detailed understanding of Governance and PPM best practices, frameworks and methodologies
• A working knowledge of the art and science of Process Management and the ability to apply this insight to ensuring the correct PPM flavor and fit
• The ability to facilitate the reconciliation of differences in opinion and interpersonal conflicts - at the Executive level
• An understanding of the enterprise's definition of business value and the ability to articulate the benefits of PPM in those terms

After describing much of this to the PMO Director, she knew my answer to the second part of her question. Seldom do I find a PMO Leader with the means to fulfill the role of PPM Leader and she came to this conclusion without my saying so. Yet again and again I find PMO Directors thrust into the unenviable position of leading the charge for PPM. I believe this occurs when enterprises don't fully understand this critical, strategic, game-changing business process. This lack of understanding prevents many organizations from having an appreciation of the horsepower required to lead PPM and the process suffers because of it.

Who leads PPM in your organization and how are they doing? Who do you think should? I am sure there are PMO Directors out there who would appreciate your insights.

 Steve Romero, IT Governance Evangelist

Share this post:  Email

Share

Published: March 01 2010, 09:22 PM | 2 Comment(s)
by Steve Romero

I am very fortunate to be able to work out of my home office on those few days I don't find myself on the road evangelizing the power and promise of IT Governance. Last Friday was one of those days and after seeing my wife and kids off to school, I turned to pour myself a cup of coffee and get back to work. To my surprise, the decanter I usually find brimming with piping-hot coffee was empty.

I put the kettle on the stove, prepped the French Press and dialed my wife's cell phone. She is the consummate Wife/Mother and spoils my kids and me to no end. Her dawn-to-dusk diligence is like clockwork and I found a break in her routine cause for concern. I called, not to whine like a hapless husband, but to see if everything was OK.

My unease was indeed founded. She explained how she was not feeling well, got up late, skipped a few things and planned to get back to bed as soon as she returned from dropping the kids - which she said was exactly what she had already told me before she left. Whoops!

Now this is not an isolated event. She toggles between the conclusions that I am either hard-of-hearing or a master of selective-hearing. It was such an issue for a time that a few years back, as a birthday gift to her, I had my hearing checked. The doctor said my ears were fine, though my wife remains unconvinced.

I am certain this "communication problem" is quite common, not only in marriages today but in every circumstance of human interaction. I don't have the nerve to suggest a concrete solution to the spousal example, but I do think we can take a disciplined approach in our professional lives and work situations.

I am sure I don't need to convince anyone of the importance of good communication. Communication skills are highlighted in almost every job description at any level of any organization. I underscore the criticality of communication in every one of my IT Governance-related presentations, but I dive deeper into the subject when delivering my Process Presentation.

There are 3 distinct Process phases: Process Design; Process Implementation; Process Management. Of the three, I spend the most time on the Implementation Phase because I believe it is the most underestimated and mistake-laden. I stress the organizational change management focus of the effort and spotlight its two major components, Communication and Training.

I tell my audiences that communication is more than "sending an email." I insist it is even more than "two-way" communication (send/acknowledgment). I propose a "four-phase" communication model:

• 1. Say/send the message
• 2. Validate the message was received
• 3. Validate the message was understood
• 4. Validate the message was accepted

It is not enough to just say or send the message and assume, well, anything. The sender needs to take the step to ensure the message was indeed received. And even if the message was received, it may not necessarily be understood. Finally, even if the message is understood, there may be disagreement preventing the message from being accepted. Communication can never be based on assumption. Communication must be validated, and that takes legwork and follow-through.

Though you can likely see why I don't suggest these tactics to my wife, I believe it is a reasonable approach in businesses today. I think it is a great model for Project Managers, who probably rely on communication more than anyone. Communication is essential in every aspect of enterprise success today. And there is more at stake than a cup of coffee.

Steve Romero, IT Governance Evangelist

Share this post:  Email

Share