Get Instant Access
to This Blueprint

Cio icon

Make Your IT Governance Adaptable

Governance isn’t optional, so keep it simple and make it flexible.

  • People don’t understand the value of governance, seeing it as a hindrance to productivity and efficiency.
  • Governance is delegated to people and practices that don’t have the ability or authority to make these decisions.
  • Decisions are made within committees that don’t meet frequently enough to support business velocity.
  • It is difficult to allocate time and resources to build or execute governance effectively.

Our Advice

Critical Insight

  • IT governance applies not just to the IT department but to all uses of information and technology.
  • IT governance works against you if it no longer aligns with or supports your organizational direction, goals, and work practices.
  • Governance doesn’t have to be bureaucratic or control based.
  • Your governance model should be able to adapt to changes in the organization’s strategy and goals, your industry, and your ways of working.
  • Governance can be embedded and automated into your practices.

Impact and Result

  • You will produce more value from IT by developing a governance framework optimized for your current needs and context, with the ability to adapt as your needs shift.
  • You will create the foundation and ability to delegate and empower governance to enable agile delivery.
  • You will identify areas where governance does not require manual oversight and can be embedded into the way you work.

Make Your IT Governance Adaptable Research & Tools

1. Make Your IT Governance Adaptable Deck – A document that walks you through how to design and implement governance that fits the context of your organization and can adapt to change.

Our dynamic, flexible, and embedded approach to governance will help drive organizational success. The three-phase methodology will help you identify your governance needs, select and refine your governance model, and embed and automate governance decisions.

2. Adaptive and Controlled Governance Model Templates and Workbook – Documents that gather context information about your organization to identify the best approach for governance.

Use these templates and workbook to identify the criteria and design factors for your organization and the design triggers to maintain fit. Upon completion this will be your new governance framework model.

3. Implementation Plan and Workbook – Tools that help you build and finalize your approach to implement your new or revised governance model.

Upon completion you will have a finalized implementation plan and a visual roadmap.

4. Governance Committee Charter Templates – Base charters that can be adapted for communication.

Customize these templates to create the committee charters or terms of reference for the committees developed in your governance model.

5. Governance Automation Criteria Checklist and Worksheet – Tools that help you determine which governance decisions can be automated and work through the required logic and rules.

The checklist is a starting point for confirming which activities and decisions should be considered for automation or embedding. Use the worksheet to develop decision logic by defining the steps and information inputs involved in making decisions.


Onsite Workshop: Make Your IT Governance Adaptable

Onsite workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost onsite delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

Module 1: Develop Your Guiding Star

The Purpose

  • Establish the context for your governance model.

Key Benefits Achieved

  • Core understanding of the context that will enable us to build an optimal model

Activities

Outputs

1.1

Confirm mission, vision, and goals.

1.2

Define scope and principles.

  • Governance principles
1.3

Adjust for culture and finalize context.

  • Governance context and goals

Module 2: Define the Governance Model

The Purpose

  • To select and adapt a governance model based on your context.

Key Benefits Achieved

  • A selected and optimized governance model

Activities

Outputs

2.1

Select and refine governance model.

  • IT governance model and adjustment triggers
2.2

Confirm and adjust the structure.

  • IT governance structure, responsibilities, membership, and cadence
2.3

Review and adapt governance responsibilities and activities.

  • Governance committee charters
2.4

Validate governance mandates and membership.

Module 3: Build Governance Process and Policy

The Purpose

  • Refine your governance practices and associate policies properly.

Key Benefits Achieved

  • A completed governance model that can be implemented with clear update triggers and review timing
  • Policy alignment with the right levels of authority

Activities

Outputs

3.1

Update your governance process.

  • IT governance process and information flow
3.2

Align policies to mandate.

  • IT governance policies
3.3

Adjust and confirm your model.

  • Finalized governance model
3.4

Identify and document update triggers and embed into review cycle.

Module 4: Embed and Automate Governance

The Purpose

  • Identify options to automate and embed governance activities and decisions.

Key Benefits Achieved

  • Simply more consistent governance activities and automate them to enhance speed and support governance delegation and empowerment

Activities

Outputs

4.1

Identify decisions and standards that can be automated. Develop decision logic.

  • Selected automation options, decision logic, and business rules
4.2

Plan verification and validation approach.

4.3

Build implementation plan.

  • Implementation and communication plan
4.4

Develop communication strategy and messaging.


Make Your IT Governance Adaptable

Governance isn't optional, so keep it simple and make it flexible.

Table of Contents

4 Analyst Perspective

5 Executive Summary

13 Governance Stages

14 Info-Tech’s IT Governance Thought Model

19 Info-Tech’s Approach

23 Insight Summary

30 Phase 1: Identify Your Governance Needs

54 Phase 2: Select and Refine Your Governance Model

76 Phase 3: Embed and Automate

94 Summary of Accomplishment

95 Additional Support

97 Contributors

98 Bibliography

Make Your IT Governance Adaptable

Governance isn't optional, so keep it simple and make it flexible.

EXECUTIVE BRIEF

Analyst Perspective

Governance will always be part of the fabric of your organization. Make it adaptable so it doesn’t constrain your success.

Photo of Valence Howden, Principal Research Director, Info-Tech Research Group

Far too often, the purpose of information and technology (I&T) governance is misunderstood. Instead of being seen as a way to align the organization’s vision to its investment in information and technology, it has become so synonymous with compliance and control that even mentioning the word “governance” elicits a negative reaction.

Success in modern digital organizations depends on their ability to adjust for velocity and uncertainty, requiring a dynamic and responsive approach to governance – one that is embedded and automated in your organization to enable new ways of working, innovation, and change.

Evolutionary theory describes adaptability as the way an organism adjusts to fit a new environment, or changes to its existing environment, to survive. Applied to organizations, adaptable governance is critical to the ability to survive and succeed.

If your governance doesn’t adjust to enable your changing business environment and customer needs, it will quickly become misaligned with your goals and drive you to failure.

It is critical that people build an approach to governance that is effective and relevant today while building in adaptability to keep it relevant tomorrow.

Valence Howden
Principal Research Director, Info-Tech Research Group

Executive Summary

Your Challenge

  • People don’t understand the value of governance, seeing it as a hindrance to productivity and efficiency.
  • Governance is delegated to people and practices that don’t have the ability or authority to make decisions.
  • Decisions are made within committees that don’t meet frequently enough to support business velocity.
  • It is difficult to allocate time and resources to build or execute governance effectively

Common Obstacles

  • You are unable to clearly communicate how governance adds value to your organization.
  • Your IT governance approach no longer aligns with or supports your organizational direction, goals, and work practices.
  • Governance is seen and performed as a bureaucratic control-based exercise.
  • Governance activities are not transparent.
  • The governance committee gets too deeply involved with project deep dives and daily management, derailing its effectiveness and ability to produce value.

Info-Tech’s Approach

  • Use Info-Tech’s IT governance models to identify a base model similar to the way you are organized. Confirm your current and future placement in governance execution.
  • Adjust the model based on industry needs, your principles, regulatory requirements, and your future direction.
  • Identify where to embed or automate decision making and compliance and what is required to do so effectively.
  • Implement your governance model for success.

Info-Tech Insight

IT governance must be embedded and automated, where possible, to effectively meet the needs and velocity of digital organizations and modern practices and to drive success and value.

What is governance?

IT governance is a critical and embedded practice that ensures that information and technology investments, risks, and resources are aligned in the best interests of the organization and produce business value.

Effective governance ensures that the right technology investments are made at the right time to support and enable your organization’s mission, vision, and goals.

5 KEY OUTCOMES OF GOOD GOVERNANCE

STRATEGIC ALIGNMENT

Technology investments and portfolios are aligned with the organization's strategic objectives.

RISK OPTIMIZATION

Organizational risks are understood and addressed to minimize impact and optimize opportunities.

VALUE DELIVERY

IT investments and initiatives deliver their expected benefits.

RESOURCE OPTIMIZATION

Resources (people, finances, time) are appropriately allocated across the organization to optimal organizational benefit.

PERFORMANCE MEASUREMENT

The performance of technology investments is monitored and used to determine future courses of action and to confirm achievement of success.

‹–EVALUATE–DIRECT–MONITOR–›

Why is this necessary?

  • Governance is not simply a committee or an activity that you perform at a specific point in time; it is a critical and continuously active practice that drives the success of your organization. It is part of your organization’s DNA and is just as unique, with some attributes common to all (IT governance elements), some specific to your family (industry refinements), and some specific to you (individual organization).
  • Your approach to governance needs to change over time in order to remain relevant and continue to enable value and success, but organizations rarely want to change governance once it’s in place.
  • To meet the speed and flow of practices like Lean, DevOps, and Agile, your IT governance needs to be done differently and become embedded into the way your organization works. You must adjust your governance model based on key moments of change – organizational triggers – to maintain the effectiveness of your model.

Info-Tech Insight

Build an optimal model quickly and implement the core elements using an iterative approach to ensure the changes provide the most value.

The Technology Value Trinity

Delivery of Business Value & Strategic Needs

  • DIGITAL & TECHNOLOGY STRATEGY
    The identification of objectives and initiatives necessary to achieve business goals.
  • IT OPERATING MODEL
    The model for how IT is organized to deliver on business needs and strategies.
  • INFORMATION & TECHNOLOGY GOVERNANCE
    The governance to ensure the organization and its customers get maximum value from the use of information and technology.

All three elements of the Technology Value Trinity work in harmony to deliver business value and meet strategic needs. As one changes, the others need to change as well.

  • Digital and IT Strategy tells you what you need to achieve to be successful.
  • IT Operating Model and Organizational Design is the alignment of resources to deliver on your strategy and priorities.
  • Information & Technology Governance is the confirmation that IT’s goals and strategy align with the business’ strategy. It is the mechanism by which you continuously prioritize work to ensure that what you deliver is in line with the strategy. This oversight involves evaluating, directing, and monitoring the delivery of outcomes to ensure that the use of resources results in achieving the organization’s goals.

Too often strategy, operating model and organizational design, and governance are considered separate practices. As a result, “strategic documents” end up being wish lists, and projects continue to be prioritized based on who shouts the loudest rather than on what is in the best interest of the organization.

Where information & technology governance fits within an organization

An infographic illustrating where Governance fits within an organization. The main section is titled 'Enterprise Governance and Strategy' and contains 'Value Outcomes', 'Mission and Vision', 'Goals and Objectives', and 'Guiding Principles'. These all feed into the highlighted 'Information & Technology Governance', which then contributes to 'IT Strategy', which lies outside the main section.

I&T governance hasn’t achieved its purpose

Governance is the means by which IT ensures that information and technology delivery and spend is aligned to business goals and delivers business outcomes. However, most CEOs continue to perceive IT as being poorly aligned to the business’ strategic goals, which indicates that governance is not implemented or executed properly.

For I&T governance to be effective you need a clear understanding of the things that drive your organization and its success. This understanding becomes your guiding star, which is critical for effective governance. It also requires participation by all parts of the organization, not just IT.

Info-Tech CIO/CEO Alignment Diagnostics (N=124)

43% of CEOs believe that business goals are going unsupported by IT.

60% of CEOs believe that improvement is required around IT’s understanding of business goals.

80% of CIOs/CEOs are misaligned on the target role for IT.

30% of business stakeholders are supporters (N=32,536) of their IT departments

Common causes of poor governance

Key causes of poor or misaligned governance

  1. Governance and its value to your organization is not well understood, often being confused or integrated with more granular management activities.
  2. Business executives fail to understand that IT governance is a function of the business and not the IT department.
  3. Poor past experiences have made “governance” a bad word in the organization. People see it as a constraint and barrier that must be circumvented to get work done.
  4. There is misalignment between accountability and authority throughout the organization, and the wrong people are involved in governance practices.
  5. There is an unwillingness to change a governance approach that has served the organization well in the past, leading to challenges when the organization starts to change practices and speed of delivery.
  6. There is a lack of data and data-related capabilities required to support good decision making and the automation of governance decisions.
  7. The goals and strategy of the organization are not known or understood, leaving nothing for IT governance to orient around.

Key symptoms of ineffective governance committees

  1. No actions or decisions are generated. The committee produces no value and makes no decisions after it meets. The lack of value output makes the usefulness of the committee questionable.
  2. Resources are overallocated. There is a lack of clear understanding of capacity and value in work to be done, leading to consistent underestimation of required resources and poor resource allocation.
  3. Decisions are changed outside of committee. Decisions made or initiatives approved by the committee are later changed when the proper decision makers are involved or the right information becomes available.
  4. Governance decisions conflict with organizational direction. This shows an obvious lack of alignment and behavioral disconnect that work against organizational success. It is often due to not accounting for where power really exists within the structure.
  5. Consistently poor outcomes are produced from governance direction. Committee members’ lack of business acumen, relevant data, or understanding of organizational goals results in decisions that fail to drive successful measured outcomes.

Mature your governance by transitioning from ad hoc to automated

Organizations should look to progress in their governance stages. Ad hoc and controlled governance practices tend to be more rigid, making these a poor fit for organizations requiring higher velocity delivery or using more agile and adaptive practices.

The goal as you progress through these stages is to delegate governance and empower teams based on your fit and culture, enabling teams where needed to make optimal decisions in real time, ensuring that they are aligned with the best interests of the organization.

Automate governance for optimal velocity while mitigating risks and driving value.

This puts your organization in the best position to be adaptive, able to react effectively to volatility and uncertainty.

A graph illustrating the transition from Ad Hoc to Automated. The y-axis is 'Process Integration' and x-axis is 'Trust & Empowerment'. 'Ad Hoc: Inconsistent Decision Making' lies close to the origin, ranking low on both axes' values. 'Controlled: Authoritarian, Highly Structured' ranks slightly higher on both axes. 'Agile: Distributed & Empowered' ranks 2nd highest on both axes. 'Automated: High Velocity, Embedded & Flexible' ranks highest on both axes.

Stages of governance

Adaptive
Data-Centric


ˆ


ˆ


ˆ


ˆ


ˆ
Traditional
(People- and Document-Centric)

4

Automated Governance
  • Entrenched into organizational processes and product/service design
  • Empowered and fully delegated to maintain fit and drive organizational success and survival

3

Agile Governance
  • Flexible enough to support different needs in the organization and respond quickly to change
  • Driven by principles and delegated throughout the company

2

Controlled Governance
  • Focused on compliance and hierarchy-based authority
  • Levels of authority defined and often driven by regulatory requirements

1

Ad Hoc Governance
  • Not well defined or understood within the organization
  • Occurs out of necessity but often not done by the right people or bodies

Make Governance Adaptable and Automated to Drive Success and Value

Governance adaptiveness ensures the success of digital organizations and modern practice implementation.

THE PROBLEM

  • The wrong people are making decisions.
  • Organizations don't understand what governance is or why it's done.
  • Governance scope and design is a bad fit, damaging the organization.
  • People think governance is optional.

THE SOLUTION

ESTABLISH YOUR GUIDING PRINCIPLES

Define and establish the guiding principle that drive your organization toward success.

  • Mission & Vision
  • Business Goals & Success Criteria
  • Operating Model & Work Practices
  • Governance Scope
  • Principles
SELECT AND REFINE YOUR MODEL

Use Info-Tech's IT Governance Models to identify a base model similar to the way you are organized. Confirm your current and future placement in governance execution.

IDENTIFY MODEL UPDATE TRIGGERS

Adjust the model based on industry needs, your principles, regulatory requirements, and future direction.

  • Principles
    Select principles that allow the organization to be adaptive while still ensuring the governance continues to stay on course with pursuing its guiding star.
  • Responsibilities
    Decide on the governance responsibilities related to Oversight Level, Strategic Alignment, Value Delivery, Risk Optimization, Resource Optimization, and Performance Management.
  • Structure
    Determine at which structured level governance is appropriate: Enterprise, Strategic, Tactical, or Operational.
  • Processes
    Establish processes that will enable governance to occur such as: Embed the processes required for successful governance.
  • Membership
    Identify the Responsibility & Accountability of those who should be involved in governance processes, policies, guidelines, and responsibilities.
  • Policies
    Confirm any governing policies that need to be adhered to and considered to manage risk.
DETERMINE AUTOMATION OPTIONS AND DECISION RULES

Identify where to embed or automate decision making and compliance and what is required to do so effectively.

STAGES OF GOVERNANCE

    Traditional (People- and document-centric)
  1. AD HOC GOVERNANCE
    Governance that is not well defined or understood within the organization. It occurs out of necessity but often not by the right people or bodies.
  2. CONTROLLED GOVERNANCE
    Governance focused on compliance and hierarchy-based, authority-driven control of decisions. Levels of Authority are defined and often driven by regulatory requirements.
  3. Adaptive (Data Centric)
  4. AGILE GOVERNANCE
    Governance that is flexible to support different needs and quick responses in the organization. Driven by principles and delegated throughout the company.
  5. AUTOMATED GOVERNANCE
    Governance that is entrenched and automated into the organizational processes and product/service design. Empowered and fully delegated governance to maintain fit and drive organizational success and survival.

KEY INSIGHT

Governance must actively adapt to changes in your organization, environment, and practices or it will drive you to failure.

Developing governance principles

Governance principles support the move from controlled to automated governance by providing guardrails that guide your decisions. They provide the ethical boundaries and cultural perspectives that contextualize your decisions and keep you in line with organizational values. Determining principles are global in nature.

CONTROLLED CHANGE ACTIONS AND RATIONALE AUTOMATED
Disentangle governance and management Move from governance focused on evaluating, directing, and monitoring strategic decisions around information and technology toward defining and automating rules and principles for decision making into processes and practices, empowering the organization and driving adaptiveness. Delegate and empower
Govern toward value Move from identifying the organization’s mission, goals, and key drivers toward orienting IT to align with those value outcomes and embedding value outcomes into design and delivery practices. Deliver to defined outcomes
Make risk-informed decisions Move from governance bodies using risk information to manually make informed decisions based on their defined risk tolerance toward having risk information and attestation baked into decision making across all aspects and layers of the IT organization – from design to sustainment. Embed risk decision making into processes and practices
Measure to drive improvement Move from static lagging metrics that validate that the work being done is meeting the organization’s needs and guide future decision making toward automated governance with more transparency driven by data-based decision making and real-time data insights. Trust through real-time reporting
Enforce standards and behavior Move from enforcing standards and behavior and managing exceptions to ensure that there are consistent outcomes and quality toward automating standards and behavioral policies and embedding adherence and changes in behavior into the organization’s natural way of working. Automate standards through automated decision rules, verification, and validation

Find your guiding star

MISSION AND VISION –› GOALS AND OBJECTIVES –› GUIDING PRINCIPLES –›

VALUE

Why your organization exists and what value it aims to provide. The purpose you build a strategy to achieve. What your organization needs be successful at to fulfill its mission. Key propositions and guardrails that define and guide expected organizational behavior and beliefs.

Your mission and vision define your goals and objectives. These are reinforced by your guiding principles, including ethical considerations, your culture, and expected behaviors. They provide the boundaries and guardrails for enabling adaptive governance, ensuring you continue to move in the right direction for organizational success.

To paraphrase Lewis Carroll, “If you don't know where you want to get to, it doesn't much matter which way you go.” Once you know what matters, where value resides, and which considerations are necessary to make decisions, you have consistent directional alignment that allows you to delegate empowered governance throughout the organization, taking you to the places you want to go.

Understand governance versus management

Don’t blur the lines between governance and management; each has a unique role to play. Confusing them results in wasted time and confusion around ownership.

Governance

I&T governance defines WHAT should be done and sets direction through prioritization and decision making, monitoring overall IT performance.

Governance aligns with the mission and vision of the organization to guide IT.

A cycle of processes split into two halves, 'Governance Processes' and 'Management Processes'. Beginning on the Management side, the processes are 'Plan', 'Build', 'Run', 'Monitor', then to the Governance side, 'Evaluate', 'Direct', 'Monitor', and back to the beginning.

Management

Management focuses on HOW to do things to achieve the WHAT. It is responsible for executing on, operating, and monitoring activities as determined by I&T governance.

Management makes decisions for implementation based on governance direction.

Data is critical to automating governance

Documents and subjective/non-transparent decisions do not create sufficient structure to allow for the true automation of governance. Data related to decisions and aggregated risk allow you to define decision logic and rules and algorithmically embed them into your organization.

People- and Document-Centric

Governance drives activities through specific actors (individuals/committees) and unstructured data in processes and documents that are manually executed, assessed, and revised. There are often constraints caused by gaps or lack of adequate and integrated information in support of good decisions.

Data-Centric

Governance actors provide principles, parameters, and decision logic that enable the creation of code, rulesets, and algorithms that leverage organizational data. Attestation is automatic – validated and managed within the process, product, or service.

Info-Tech’s Approach

Define your context and build your model

ESTABLISH YOUR GUIDING PRINCIPLES

Define and establish the guiding principle that drive your organization toward success.

  • Mission & Vision
  • Business Goals & Success Criteria
  • Operating Model & Work Practices
  • Governance Scope
  • Principles
SELECT AND REFINE YOUR MODEL

Use Info-Tech's IT Governance Models to identify a base model similar to the way you are organized. Confirm your current and future placement in governance execution.

MODEL UPDATE TRIGGERS

Adjust the model based on industry needs, your principles, regulatory requirements, and future direction.

  • Principles
    Select principles that allow the organization to be adaptive while still ensuring the governance continues to stay on course with pursuing its guiding star.
  • Responsibilities
    Decide on the governance responsibilities related to Oversight Level, Strategic Alignment, Value Delivery, Risk Optimization, Resource Optimization, and Performance Management.
  • Structure
    Determine at which structured level governance is appropriate: Enterprise, Strategic, Tactical, or Operational.
  • Processes
    Establish processes that will enable governance to occur such as: Embed the processes required for successful governance.
  • Membership
    Identify the Responsibility & Accountability of those who should be involved in governance processes, policies, guidelines, and responsibilities.
  • Policies
    Confirm any governing policies that need to be adhered to and considered to manage risk.
AUTOMATION OPTIONS AND DECISION RULES

Identify where to embed or automate decision making and compliance and what is required to do so effectively.

The Info-Tech Difference

Define your context and build your model

  1. Quickly identify the organizational needs driving governance and your guiding star.
  2. Select and refine a base governance model based on our templates.
  3. Define and document the key changes in your organization that will trigger a need to update or revise your governance.
  4. Determine where you might be able to automate aspects of your governance.
  5. Design your decision rules where appropriate to support automated and adaptive governance.

How to use this research

Where are you in your governance optimization journey?

MY GOVERNANCE IS AD HOC AND WE’RE STARTING FROM SCRATCH I NEED TO BUILD A NEW GOVERNANCE STRUCTURE OUR GOVERNANCE APPROACH IS INEFFECTIVE AND NEEDS IMPROVEMENT I NEED TO LOOK AT OPTIONS FOR AUTOMATING GOVERNANCE PRACTICES
Step 1.1: Define Your Governance Context Step 1.2: Structure Your IT Governance Phase 2: Select and Refine Your Model Phase 3: Embed and Automate

IT governance is about ensuring that the investment decisions made around information and technology drive the optimal organizational value, not about governing the IT department.

In this section we will clarify your organizational context for governance and define your guiding star to orient your governance design and inform your structure.

There is no need to start from scratch! Start with Info-Tech’s best-practice IT governance models and customize them based on your organizational context.

The research in this section will help you to select the right base model to work from and provide guidance on how to refine it.

Governance practices eventually stop being a good fit for a changing organization, and things that worked before become bottlenecks.

Governing roles and committees don’t adjust well, don’t have consistent practices, and lack the right information to make good decisions.

The research in this section will help you improve and realign your governance practices.

Once your governance is controlled and optimized you are ready to investigate opportunities to automate.

This phase of the blueprint will help you determine where it’s feasible to automate and embed governance, understand key governance automation practices, and develop governing business rules to move your journey forward.

Related Research:

If you are looking for details on specific associated practices, please see our related research:

  1. I need to establish data governance.
  2. I need to manage my project portfolio, from intake to confirmation of value.
  3. I need better risk information to support decision making.
  4. I need to ensure I am getting the expected outcomes and benefits from IT spend.
  5. I need to prioritize my product backlog or service portfolio.

Info-Tech’s methodology for building and embedding adaptive governance

1. Identify Your Governance Needs 2. Select and Refine Your Governance Model 3. Embed and Automate
Phase Steps
  1. Confirm Mission, Vision, and Goals
  2. Define Scope and Principles
  3. Adjust for Culture and Finalize Context
  1. Select and Refine Your Governance Model
  2. Identify and Document Your Governance Triggers
  3. Build Your Implementation Plan
  1. Identify Decisions to Embed and Automate
  2. Plan Validation and Verification
  3. Update Implementation Plan
Phase Outcomes
  • Governance context, guiding star, and principles
  • Completed governance model with associated decisions and policies
  • Implementation plan
  • List of automation options
  • Decision logic, rules, and rulesets
  • Validation and verification approach
  • Finalized implementation plan

Insight summary

Value

To remain valuable, I&T governance must actively adapt to changes in your organization, environment, and practices, or it will drive you to failure instead of success.

Focus

I&T governance does not focus on the IT department. Rather, its intent is to ensure your organization makes sound decisions around investment in and use of information and technology.

Maturity

Your governance approach progresses in stages from ad hoc to automated as your organization matures. Your stage depends on your organizational needs and ways of working.

Good governance

Good governance does not equate to control and does not stifle innovation.

Automation

Automating governance must be done in stages, based on your capabilities, level of maturity, and amount of usable data.

Strategy

Establish the least amount of governance required to allow you to achieve your goals.

Guiding star

If you don’t establish a guiding star to align the different stakeholders in your organization, governance practices will create conflict and confusion.

Blueprint deliverables

Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

Key Deliverable:
Governance Framework Model

The governance framework model provides the design of your new governance model and the organizational context to retain stakeholder alignment and organizational satisfaction with governance.

The model includes the structures, practices, and responsibilities to drive effective governance in your organization.

Sample of the key blueprint deliverable 'Governance Framework Model'.

Governance Implementation Plan

This roadmap lays out the changes required to implement the governance model, the cultural items that need to be addressed, and anticipated timing.

Sample of the blueprint deliverable 'Governance Implementation Plan'.

Governance Committee Charters

Develop a detail governance charter or term of reference for each governing body. Outline the mandate, responsibilities, membership, process, and associated policies for each.

Sample of the blueprint deliverable 'Governance Committee Charters'.

Blueprint benefits

IT Benefits

  • Stronger, traceable alignment of IT decisions and initiatives to business needs.
  • Improved ability for IT to meet the changing demands and velocity of the business.
  • Better support and enablement of innovation – removing constraints and barriers.
  • Optimized governance that supports and enables modern work practices.
  • Increased value generation from IT initiatives and optimal use of IT resources.
  • Designed adaptability to ensure you remain in alignment as your business and IT environments change.

Business Benefits

  • Clear transparent focus of IT initiatives on generating strategic business value.
  • Improved ability to measure the value and contribution of IT to business goals.
  • Alignment and integration of business/IT strategy.
  • Optimized development and use of IT capabilities to meet business needs.
  • Improved integration with corporate/enterprise governance.

Executive Brief Case Study

INDUSTRY Manufacturing
SOURCE Info-Tech analyst experience

Improving the governance approach and delegating decision making to support a change in business operation

Challenge

The large, multi-national organization has locations across the world but has two primary headquarters, in Europe and the United States.

Market shifts drove an organizational shift in strategy, leading to a change in operating models, a product focus, and new work approaches across the organization.

Much of the implementation and execution was done in isolation, and effectiveness was slowed by poor integration and conflicting activities that worked against each other.

The product owner role was not well defined.

Solution

After reviewing the organization’s challenges and governance approach, we redefined and realigned its organizational and regional goals and identified outcomes that needed to be driven into their strategies.

We also reviewed their span of control and integration requirements and properly defined decisions that could be made regionally versus globally, so that decisions could be made to support new work practices.

We defined the product and service owner roles and the decisions each needed to make.

Results

We saw an improvement in the alignment of organizational activities and the right people and bodies making decisions.

Work and practices were aimed at the same key outcomes and alignment between teams toward organizational goal improved.

Within one year, the success rate of the organization’s initiatives increased by 22%, and the percentage of product-related decisions made by product owners increased by 50%.

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

Guided Implementation

Workshop

Consulting

"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

Diagnostics and consistent frameworks used throughout all four options

Guided Implementation

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is between 5 and 8 calls over the course of 2 to 3 months.

What does a typical GI on this topic look like?

    Phase 1: Identify Your Governance Needs

  • Call #1: Confirm your organization’s mission and vision and review your strategy and goals.
  • Call #2: Identify considerations and governance needs. Develop your guiding star and governing principles.
  • Phase 2: Select and Refine Your Model

  • Call #3: Select your base model and optimize it to meet your governance needs.
  • Call #4: Define your adjustment triggers and develop your implementation plan.
  • Phase 3: Embed and Automate

  • Call #5: Identify decisions and standards you can automate and where to embed them.
  • Call #6: Confirm levels of authority and data requirements. Establish your approach and update the implementation plan.

Workshop Overview

Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889

Session 1 Session 2 Session 3 Session 4 Session 5
Activities
Develop Your Guiding Star

1.1 Confirm mission, vision, and goals

1.2 Define scope and principles

1.3 Adjust for culture and finalize context

Define the Governance Model

2.1 Select and refine governance model

2.2 Confirm and adjust the structure

2.3 Review and adapt governance responsibilities and activities

2.4 Validate governance mandates and membership

Build Governance Process and Policy

3.1 Update your governance process

3.2 Align policies to mandate

3.3 Adjust and confirm your governance model

3.4 Identify and document your update triggers

3.5 Embed triggers into review cycle

Embed and Automate Governance

4.1 Identify decisions and standards to automate

4.2 Plan verification and validation approach

4.3 Build implementation plan

4.4 Develop communication strategy and messaging

Next Steps and Wrap-Up

5.1 Complete in-progress outputs from previous four sessions

5.2 Set up review time for workshop outputs and to discuss next steps

Outcomes
  1. Governance context and goals
  2. Governance principles
  1. IT governance model and adjustment triggers
  2. IT governance structure, responsibilities, membership, and cadence
  3. Governance committee charters
  1. IT governance process and information flow
  2. IT governance policies
  3. Finalized governance model
  1. Selected automation options, decision logic, and business rules
  2. Implementation and communication plan
  1. Governance context and principles
  2. Finalized governance model and charters
  3. Finalized implementation plan

Make Your IT Governance Adaptable

Phase 1

Identify your Governance Needs

Phase 1

  • 1.1 Define Your Guiding Star
  • 1.2 Define Scope and Principles
  • 1.3 Adjust for Culture and Finalize Context

Phase 2

  • 2.1 Choose and Adapt Your Model
  • 2.2. Identify and Document Your Governance Triggers
  • 2.3 Build Your Implementation Approach

Phase 3

  • 3.1 Identify Decisions to Embed and Automate
  • 3.2 Plan Validation and Verification
  • 3.3 Update Implementation Plan

This phase will walk you through the following activities:

Identify the organization’s goals, mission, and vision that will guide governance.

Define the scope of your governance model and the principles that will guide how it works.

Account for organizational attitudes, behaviors, and culture related to governance and finalize your context.

This phase involves the following participants:

  • Senior IT leadership
  • Governance leads

Step 1.1

Define Your Guiding Star

Activities
  • 1.1.1 Document and interpret your strategy, mission, and vision
  • 1.1.2 Document and interpret the business and IT goals and outcomes
  • 1.1.3 Identify your operating model and work processes

This step will walk you through the following activities:

Review your business and IT strategy, mission, and vision to ensure understanding of organizational direction.

Identify the business and IT goals that governance needs to align.

Confirm your operating model and any work practices that need to be accounted for in your model.

This step involves the following participants:

  • Senior IT leadership
  • Governance leads

Outcomes of this step

Identified guiding star outcomes to align governance outcomes with

Defined operating model type and work style that impact governance design

Identify Your Governance Needs

Step 1.1 – Define your Guiding Star Step 1.2 – Define Scope and Principles Step 1.3 – Adjust for Culture and Finalize Context

Govern by intent

Find the balance for your designed governance approach

Organic governance occurs during the formation of an organization and shifts with challenges, but it is rarely transparent and understood. It changes your culture in uncontrolled ways. Intentional governance is triggered by changes in organizational needs, working approaches, goals, and structures. It is deliberate and changes your culture to enable success.
Stock photo of a weight scale.

Info-Tech Insight

Your approach to governance needs to be designed, even if your execution of governance is adaptable and delegated.

What is your guiding star?

Your guiding star is a combination of your organization’s mission, vision, and strategy and the goals that have been defined to meet them.

It provides you with a consistent focal point around which I&T-related activities and projects orbit, like planets around a star.

It generates the gravity that governance uses to keep things from straying too far away from the goal of achieving relevant value.

  1. Mission & Vision
  2. Business Goals & Success Criteria
  3. Operating Model & Work Practices
  4. Governance Scope
  5. Principles

1.1.1 Document and interpret your strategy, mission, and vision

30 minutes

Input: Business strategy, IT strategy, Mission and vision statements

Output: Updated Governance Workbook, Documented strategic outcomes and organizational aims that governance needs to achieve

Materials: Whiteboard/flip charts, Governance Workbook

Participants: IT senior leadership

  1. Gather your available business, digital, and IT strategy, mission, and vision information and document everything in your Governance Workbook. It’s ok if you don’t have all of it.
  2. Review and your mission and vision as a group. Discuss and document key points, including:
    • Which activities do you perform as an organization that embody your vision?
    • What key decisions and behaviors are required to ensure that your mission and vision are achievable?
    • What do you require from leadership to enable you to govern effectively?
    • What are the implications of the mission and vision on how the organization needs to work? What are the implications on decisions around opportunities and risks?

Download the Governance Workbook

1.1.2 Document and interpret the business and IT goals and outcomes

60 minutes

Input: Business strategy, Business and IT goals and related initiatives

Output: Required success outcomes for goals, Links between IT and business goals that governance needs to align

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Document the business and IT goals that have been created to achieve the mission and vision.
  2. Discuss if there are any gaps between the goals and the mission and vision. Ask yourself – if we accomplish these goals will we have successfully achieved the mission?
  3. For each goal, define what successful achievement of the goal looks like. Starting with one goal or objective, ask:
    • How would I know I am on the right path and how will I know I have gotten there?
    • How would I know if I am not on the right path and what does a bad result look like?
  4. Document your success criteria.
  5. Brainstorm some examples of decisions that support or constrain the achievement of your goals.
  6. Repeat this exercise for your remaining goals.
  7. As a group, map IT goals to business goals.

What is your operating model and why is it important?

An IT operating model is a visual representation of the way your IT organization needs to be designed and the capabilities it requires to deliver on the business mission, strategic objectives, and technological ambitions.

The model is critical in the optimization and alignment of the IT organization’s structure in order to deliver the capabilities required to achieve business goals. It is a key determinant of how governance needs to be designed and where it is implemented.

Little visualizations of different operating models: 'Centralized', 'Decentralized', and 'Hybrid'.

1.1.3 Identify your operating model and work practices

60 minutes

Input: Organizational structure, Operating model (if available)

Output: Confirmed operating approach, Defined work practices

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Identify the way your organization functions:
    • How do we currently operate? Are we centralized, decentralized or a hybrid? Are we focused on delivering products and services? Do we provide service ourselves or do we use vendors for delivery?
    • Can we achieve our mission, goals, and strategies, if we continue to operate this way? What would we have to change in how we operate to be successful in the future?
  2. Identify your governance needs. Do we need to be more structured or more flexible to support our future ways of working?
    • If you operate in a more traditional way, consider whether you are implementing or moving toward more modern practices (e.g. Agile, DevOps, enterprise service management). Do you need to make more frequent but lower-risk decisions?
    • Is your organization ready to delegate governance culturally and in terms of business understanding? Is there enough available information to support adaptive decisions and actions?
  3. Document your operating style, expected changes in work style, and cultural readiness. You will need to consider the implications on design.

Step 1.2

Define Scope and Principles

Activities
  • 1.2.1 Determine the proper scope for your governance
  • 1.2.2 Confirm your determining governing principles
  • 1.2.3 Develop your specific governing principles

This step will walk you through the following activities:

Identify what is included and excluded within the scope of your governance.

Develop the determining and specific principles that provide guardrails for governance activities and decisions.

This step involves the following participants:

  • Senior IT leadership
  • Governance leads

Outcomes of this step

Documented governance scope and principles to apply

Identify Your Governance Needs

Step 1.1 – Define your Guiding Star Step 1.2 – Define Scope and Principles Step 1.3 – Adjust for Culture and Finalize Context

Define the context for governance

Based on the goals and principles you defined and the operating model you selected, confirm where oversight will be necessary and at what level. Focus on the necessity to expedite and clear barriers to the achievement of goals and on the ownership of risks and compliance. Some key considerations:

  • Where in the organization will you need to decide on work that needs to be done?
  • What type of work will you need to do?
  • In what areas could there be conflicts in prioritization/resource allocation to address?
  • Who is accountable for risks to the organization and its objectives?
  • Where are your regional or business-unit-specific concerns that require focused local attention?
  • Are we using more agile, rapid delivery methods to produce work?

Understand your governance scope

Your governance scope helps you define the boundaries of what your governance model and practices will cover. This includes key characteristics of your organization that impact what governance needs to address.

Sample Considerations

  • Organizational Span
    • The geographical area the organization operates within. Regional laws and requirements will affect governance delegation and standards/policy development.
  • Level of Regulation
    • Higher levels of regulation create more standards and controls for risk and compliance, impacting how authority can be delegated or automated.
  • Sourcing Model
    • Changing technology sourcing introduces additional vendor governance requirements and may impact compliance and audit.
  • Risk Posture
    • The appetite for risk organizationally, and in pockets, impacts the level of uncertainty you are willing to work within and impact decision-making authority positioning.
  • Size
    • The size of your organization impacts the approach to governance, practice implementation, and delegation of authority.
  • What Is Working Today?
    • Which elements of your current governance approach should be retained, and what are the biggest pain points that need to be addressed?
(Source: COBIT 2019)

1.2.1 Determine the proper scope for your governance

60 minutes

Input: Context information from Activity 1.1, Scoping areas

Output: Defined scope and span of control

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Determine the scope/span of control required for your governance by:
    • Reviewing your key IT capabilities. Identify the ones where the responsibilities and decisions require oversight to ensure they meet the needs of the organization.
    • Identify what works well or poorly in your current governance approach.
    • Discuss and document the level and type of knowledge and business understanding required.
    • Identify and document any regulations, standards, or laws that apply to your organization/industry and how broadly they have to be applied.
    • Identify the organization’s risk appetite, where known, and areas where acceptable thresholds of risk have been defined. Where are key risk and opportunity decisions made? Who owns risk in your organization?
    • Identify and document the perceived role of the IT group in your organization (e.g. support, innovator, partner) and sourcing model (e.g. insource, outsource).
    • Is there sufficient information and data available in your organization to support effective decision making?

How should your governance be structured?

Organizations often have too many governance bodies, creating friction without value. Where that isn’t the case, the bodies are often inefficient, with gaps or overlaps in accountability and authority. Structure your governance to optimize its effectiveness, designing with the intent to have the fewest number of governing bodies to be effective, but no less than is necessary.

Start with your operating model.

  • Understand what’s different about your governance based on whether your organization in centralized, distributed, or a different model (e.g. hybrid, product).
  • Identify and include governance structures that are mandatory due to regulation or industry.
  • Based on your context, identify how many of your governance activities should be performed together.

Determine whether your governance should be controlled or adaptive.

  • Do you have the capability to distribute governance and is your organization empowered enough culturally?
  • Do you have sufficient standards and data to leverage? Do you have the tools and capabilities?
  • Identify governance structures that are required due to regulation or industry.

Info-Tech Insight

Your approach to governance needs to be designed and structured, even if your execution of governance is adaptable and delegated.

Identify and Refine your Principles

Confirm your defining principles based on your selection of controlled or adaptive governance. Create specific principles to clarify boundaries or provide specific guidance for teams within the organization.

Controlled Adaptive
Disentangle governance and management Delegate and empower
Govern toward value Deliver to defined outcomes
Make risk-informed decisions Embed risk into decision making
Measure to drive improvement Trust though real-time reporting
Enforce standards and behavior Automate decision making though established standards

Determining Principle: Delegate and empower.

Specific Principle: Decisions should be made at the lowest reasonable level of the organization with clarity.

Rationale: To govern effectively with the velocity required to address business needs, governance needs to be executed deeper into the organization and organizational goals need to be clearly understood everywhere.

Implication: Decision making needs to be delegated throughout the organization, so information and data requirements need to be identified, decision-making approach and principles need to be shared, and authority needs to be delegated clearly.

1.2.2 Confirm your determining governance principles

30-45 minutes

Input: Governance Framework Model– Governance Principles

Output: Governance workbook - Finalized list of determining principles

Materials: Whiteboard/flip charts, Governance Workbook

Participants: IT senior leadership

  1. Review the IT governance principles in your Governance Workbook.
  2. Within your IT senior leadership team (or IT governance working group) assign one or two principles to teams of two to three participants. Have each team identify what this would mean for your organization. Answering the questions:
    • In what ways do our current governance practices support this?
    • What are some examples of changes that would need to be made to make this a reality?
    • How would applying this principle improve your governance?
  3. Have each team present their results and compile the findings and implications in the Governance Workbook to use for future communication of the change.

Specific governing principles

Specific governing principles are refined principles derived from a determining principle, when additional specificity and detail is necessary. It allows you to define an approach for specific behaviors and activities. Multiple specific principles may underpin the determining one.

A visualization of a staircase with stairs labelled, bottom to top, 'Determining Principle', 'Rationale', 'Implications', 'Specific Principles'.

Specific Principles – Related principles that may be required to ensure the implications of the determining principal are addressed within the organization. They may be specific to individual areas and may be addressed in policies.

Implications – The implications of this principle on the organization, specific to how and where governance is executed and the level of information and authority that would be necessary.

Rationale – The reason(s) driving the determining principle.

Determining Principle – A core overarching principle – a defining aspect of your governance model.

1.2.3 Develop your specific governing principles

30 minutes

Input: Updated determining principles

Output: List of specific principles linked to determining principles

Materials: Whiteboard/flip charts, Governance Workbook

Participants: IT senior leadership

  1. Confirm the determining principles for your governance model based on your previous discussions.
  2. Identify where to apply the principles. This is based on:
    1. Your governance scope (how much is within your span of control)
    2. The amount of data you have available
    3. Your cultural readiness for delegation
  3. Create specific principles to support the determining principles:
    1. Document the rationale driving the determining principles.
    2. Identify the implications.
    3. Create specific principles that will support the success in achieving the goals of each determining principle.
  4. Document all information on the “Governance guiding star” slide in the Governance Workbook.

Download the Governance Workbook

Step 1.3

Adjust for Culture and Finalize Context

Activities
  • 1.3.1 Identify and address the impact of attitude, behavior, and culture
  • 1.3.2 Finalize your context

This step will walk you through the following activities:

Identify your organizational attitude, behavior, and culture related to governance.

Identify positives that can be leveraged and develop means to address negatives.

Finalize the context that your model will leverage and align to.

This step involves the following participants:

  • Senior IT leadership
  • Governance leads

Outcomes of this step

Downloaded tool ready to select the base governance model for your organization

Identify Your Governance Needs

Step 1.1 – Define your Guiding Star Step 1.2 – Define Scope and Principles Step 1.3 – Adjust for Culture and Finalize Context

Understanding attitude, behavior, and culture

A

ttitude

What people think and feel. It can be seen in their demeanor and how they react to change initiatives, colleagues, and users. This manifests in the belief that governance is a constraint that needs to be avoided or ignored – often with unintended consequences.

A stock photo of a lightbulb over a person's head and a blackboard behind them reading 'New Mindset - data-verified= New Results'.">

Any form of organizational change involves adjusting people’s attitudes to create buy-in and commitment.

You need to identify and address attitudes that can lead to negative behaviors and actions or that are counter-productive.

Understanding attitude, behavior, and culture

B

ehavior

What people do. This is influenced by attitude and the culture of the organization. In governance, this manifests as people’s willingness to be governed, who pushes back, and who tries to bypass it.

A stock photo of someone walking up a set of stairs into the distant sunlight.

To implement change within IT, especially at a tactical and strategic level, organizational behavior needs to change.

This is relevant because people gravitate toward stability and will resist change in an active or passive way unless you can sell the need, value, and benefit of changing their behavior and way of working.

Understanding attitude, behavior, and culture

C

ulture

The accepted and understood ways of working in an organization. The values and standards that people find normal and what would be tacitly identified to new resources. In governance terms, this is how decisions are really made and where responsibility really exists rather than what is identified formally.

A stock photo of a compass pointing to 'VALUES'.

The impact of the organizational or corporate “attitude” on employee behavior and attitude is often not fully understood.

Culture is an invisible element, which makes it difficult to identify, but it has a strong impact and must be addressed to successfully embed governance models. In the case of automating governance, cultural readiness for automation is a critical success factor.

1.3.1 Identify and address the impact of attitude, behavior, and culture

45 minutes

Input: Senior leadership knowledge

Output: Updated Governance Workbook

Materials: Governance Workbook

Participants: IT senior leadership

  1. Break into three groups. Each group will discuss and document the positive and negative aspects of one of attitude, behavior, or culture related to governance in your organization.
  2. Each group will present and explain their list to the group.
  3. Add any additional suggestions in each area that are identified by the other groups.
  4. Identify the positive elements of attitude, behavior, and culture that would help with changing or implementing your updated governance model.
  5. Identify any challenges that will need to be addressed for the change to be successful.
  6. As a group, brainstorm some mitigations or solutions to these challenges. Document them in the Governance Workbook to be incorporated into the implementation plan.

Download the Governance Workbook

Attitude, behavior, and culture

Evaluate the organization across the three contexts. The positive items represent opportunities for leveraging these characteristics with the implementation of the governance model, while the negative items must be considered and/or mitigated.

Attitude Behavior Culture
Positive
Negative
Mitigation

1.3.2 Finalize your governance context

30 minutes

Input: Documented governance principles and scope from previous exercises

Output: Finalized governance context in the Governance Workbook

Materials: Whiteboard/flip charts, Governance Workbook

Participants: IT senior leadership

  1. Use the information that has been gathered throughout this section to update and finalize your IT governance context.
  2. Document it in your Governance Workbook.

Download the Governance Workbook

Make Your IT Governance Adaptable

Phase 2

Select and Refine Your Governance Model

Phase 1

  • 1.1 Define Your Guiding Star
  • 1.2 Define Scope and Principles
  • 1.3 Adjust for Culture and Finalize Context

Phase 2

  • 2.1 Choose and Adapt Your Model
  • 2.2. Identify and Document Your Governance Triggers
  • 2.3 Build Your Implementation Approach

Phase 3

  • 3.1 Identify Decisions to Embed and Automate
  • 3.2 Plan Validation and Verification
  • 3.3 Update Implementation Plan

This phase will walk you through the following activities:

Select a base governance model and refine it to suit your organization.

Identify scenarios and changes that will trigger updates to your governance model.

Build your implementation plan.

This phase involves the following participants:

  • Senior IT leadership
  • Governance resources

Step 2.1

Choose and Adapt Your Model

Activities
  • 2.1.1 Choose your base governance model
  • 2.1.2 Confirm and adjust the structure of your model
  • 2.1.3 Define the governance responsibilities
  • 2.1.4 Validate the governance mandates and membership
  • 2.1.5 Update your committee processes
  • 2.1.6 Adjust your associated policies
  • 2.1.7 Adjust and confirm your governance model

This step will walk you through the following activities:

Review and selecting your base governance model.

Adjust the structure, responsibilities, policies, mandate, and membership to best support your organization.

This step involves the following participants:

  • Senior IT leadership
  • Governance leads

Outcomes of this step

Downloaded tool ready to select the base governance model for your organization

Select and Refine Your Governance Model

Step 2.1 – Choose and Adapt Your Model Step 2.2 – Identify and Document Your Governance Triggers Step 2.3 – Build Implementation Approach

Your governance framework has six key components

GOVERNANCE FRAMEWORK

  • GUIDELINES
    The key behavioral factors that ground your governance framework
  • MEMBERSHIP
    Formalization of who has authority and accountability to make specific governance decisions
  • RESPONSIBILITIES
    The definition of which decisions and outcomes your governance structure and each governance body is accountable for
  • STRUCTURE
    Which governance bodies and roles are in place to articulate where decisions are made in the organization
  • PROCESS
    Identification of the how your governance will be executed, how decisions are made, and the inputs, outputs, and connections to related processes
  • POLICY
    Set of principles established to address risk and drive expected and required behavior

4 layers of governance bodies

There are traditionally 4 layers of governance in an enterprise, and organizations have governing bodies or individuals at each level

RESPONSIBILITIES AND TYPICAL MEMBERSHIP
ENTERPRISE Defines organizational goals. Directs or regulates the performance and behavior of the enterprise, ensuring it has the structure and capabilities to achieve its goals.

Membership: Business executives, Board

STRATEGIC Ensures IT initiatives, products, and services are aligned to organizational goals and strategy and provide expected value. Ensure adherence to key principles.

Membership: Business executives, CIO, CDO

TACTICAL Ensures key activities and planning are in place to execute strategic initiatives.

Membership: Authorized division leadership, related IT leadership

OPERATIONAL Ensures effective execution of day-to-day functions and practices to meet their key objectives.

Membership: Service/product owners, process owners, architecture leadership, directors, managers

2.1.1 Choose your base governance model

30 minutes

Input: Governance models templates

Output: Selected governance model

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Download Info-Tech’s base governance models (Controlled Governance Models Template and IT Governance Program Overview) and review them to find a template that most closely matches your context from Phase 1. You can start with a centralized, decentralized, or product/service hybrid IT organization. Remove unneeded models.
  2. If you do not have documented governance today, start with a controlled model as your foundation. Continue working through this phase if you have a documented governance framework you wish to optimize using our best practices or move to Phase 3 if you are looking to automate or embed your governance activities.

Controlled Governance Models Template

Adaptive Governance Models Template

2.1.2 Confirm and adjust the structure of your model

30-45 minutes

Input: Selected base governance model, Governance context/scope

Output: Updated governance bodies and relationships

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Validate your selected governance body structural model.
    • Are there any governing bodies you must maintain that should replace the ones listed? In part or in full?
    • Are there any missing bodies? Look at alternative committees for examples.
    • Document the adjustments.
  2. Are there any governing bodies that are not required?
    • Based on your size and needs, can they be done within one committee?
    • Is the capability or data not in place to perform the work?
    • Document the required changes.

There are five key areas of governance responsibility

A cyclical visualization of the five keys areas of governance responsibility, 'Strategic Alignment', 'Value Delivery', 'Risk Management', 'Resource Management', and 'Performance Measurement'.

STRATEGIC ALIGNMENT
Ensures that technology investments and portfolios are aligned with the organization’s needs.

VALUE DELIVERY
Reviews the outcomes of technology investments and portfolios to ensure benefits realization.

RISK MANAGEMENT
Defines and owns the risk thresholds and register to ensure that decisions made are in line with the posture of the organization.

RESOURCE MANAGEMENT
Ensures that people, financial knowledge, and technology resources are appropriately allocated across the organization.

PERFORMANCE MEASUREMENT
Monitors and directs the performance or technology investments to determine corrective actions and understand successes.

2.1.3 Define the governance responsibilities

Ensure you have the right responsibilities in the right place

45-60 minutes

Input: Selected governance base model, Governance context

Output: Updated responsibilities and activities, Updated activities for selected governance bodies, New or removed governing bodies

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Based on your context and model, review the responsibilities identified for each committee and confirm that they align with the mandate and the stated outcome.
  2. Identify and highlight any responsibilities and activities that would not be involved in informing and enabling the mandate of the committee.
  3. Adjust the wording of confirmed responsibilities and activities to reflect your organizational language.
  4. Review each highlighted “bad fit” activity and move it to a committee whose mandate it would support or remove it if it’s not performed in your organization.
  5. If an additional committee is required, define the mandate and scope, then include any additional responsibilities that might have been a bad fit elsewhere

2.1.4 Validate the governance mandates and membership

30 minutes

Input: Selected governance base model, Updated structure and responsibilities

Output: Adjusted mandates and refined committee membership

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Review the mandate and membership slides in your selected governance model.
  2. Adjust the mandate to ensure that it aligns to and conveys:
    1. The outcome that the committee is meant to generate for the organization.
    2. Its scope/span of control.
  3. Discuss the type of information members would require for the committee to be successful in achieving its mandate.
  4. Document the member knowledge requirement in the mandate slide of the model template.

Determine the right membership for your governance

One of the biggest benefits of governance committees is the perspective provided by people from various parts of the organization, which helps to ensure technology investments are aligned with strategic goals. However, having too many people – or the wrong people – involved prevents the committee from being effective. Avoid this by following these principles.

Three principles for selecting committee membership

  1. Determine membership based on responsibilities and required knowledge.
    Organizations often make the mistake of creating committees and selecting members before defining what they will do. This results in poor governance because members don’t have the knowledge required to make decisions. Define the mandate of the committee to determine which members are the right fit.
  2. Ensure members are accountable and authorized to make the decisions.
    Effective governance requires the members to have the authority and accountability to make decisions. This ensures meetings achieve their outcome and produce value, which improves the committee’s chances of survival.
  3. Select leaders who see the big picture.
    Often committee decisions and responsibilities become tangled in the web of organizational politics. Include people, often C-level, whose attendance is critical and who have the requisite knowledge, mindset, and understanding to put business needs ahead of their own.

2.1.5 Update your committee processes

20 minutes

Input: Selected governance base model, Updated structure and responsibilities

Output: Updated committee processes

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Review the committee details based on the changes you have made in goals, mandate, and responsibilities.
  2. Identify and document changes required to the committee outputs (outcomes) and adjust the consumer of the outputs to match.
  3. Review the high-level process steps required to get to the modified output. Add required activities or remove unnecessary ones. Review the process flow. Does it make sense? Are there unnecessary steps?
  4. Review and update inputs required for the process steps and update the information/data sources.
  5. Adjust the detailed process steps to reflect the work that needs to be done to support each high-level process step that changed.

2.1.6 Adjust your associated policies

20 minutes

Input: Selected governance base model, Updated structure and responsibilities

Output: Adjusted mandates and refined committee membership

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Review the policies associated with the governing bodies in your base model. Identify the policies that apply to your organization, those that are missing, and those that are not necessary.
  2. Confirm the policies that you require.
  3. Make sure the policies and policy purposes (or risks and related behaviors the policy addresses) are matched to the governance committee that has responsibilities in that area. Move policies to the right committee.

2.1.7 Adjust and confirm your governance model

  1. Confirm the adjustment of governance bodies, structure, and input/output linkages.
  2. Confirm revisions to decisions and responsibilities.
  3. Confirm policy and regulation/standards associations.
  4. Select related governance committee charters from the provided set and revise the charters to reflect the elements defined in your updated model.
  5. Finalize your governance model.

Samples of slides related to adjusting and confirming governance models in the Governance Workbook.

Step 2.2

Identify and Document Your Governance Triggers

Activities
  • 2.2.1 Identify and document update triggers
  • 2.2.2 Embed triggers into the review cycle

This step will walk you through the following activities:

Identify scenarios that will create a need to review or change your governance model.

Update your review/update approach to receiving trigger notifications.

This step involves the following participants:

  • Senior IT leadership
  • Governance leads

Outcomes of this step

Downloaded tool ready to select the base governance model for your organization

Select and Refine Your Governance Model

Step 2.1 – Choose and Adapt Your Model Step 2.2 – Identify and Document Your Governance Triggers Step 2.3 – Build Implementation Approach

What are governance triggers

Governance triggers are organizational or environmental changes within or around an organization that are inflection points that start the review and revision of governance models to maintain their fit with the organization. This is the key to adaptive governance design.

A target with five arrows sticking out of the bullseye, 'Operating Model', 'Business Strategy', 'Mandate Change', 'Management Practices', and 'Digital Transformation'.

2.2.1 Identify and document update triggers

30 minutes

Input: Governance Workbook

Output: Updated workbook with defined and documented governance triggers, points of origin, and integration

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Open the Governance Workbook to the “Triggers” slides.
  2. Review the list of governance triggers. Retain the ones that apply to your organization, remove those you feel are unnecessary, and add any change scenarios you feel should be included.
  3. Identify where you would receive notifications of these changes and the related processes or activities that would generate these notifications, if applicable.
  4. Document any points of integration required between governance processes and the source process. Highlight any where the integration is not currently in place.

Sample of the 'Triggers' slide in the Governance Workbook.

2.2.2 Embed triggers into the review cycle

30 minutes

Input: Governance model

Output: Review cycle update

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Identify which triggers impact the entire governance model and which impact specific committees.
  2. Add an activity for triggered review of the impacted governance model into your governance committee process.

Step 2.3

Build Your Implementation Approach

Activities
  • 2.3.1 Identify and document your implementation plan
  • 2.3.2 Build your roadmap
  • 2.3.3 Build your sunshine diagram

This step will walk you through the following activities:

Transfer changes to the Governance Implementation Plan Template.

Determine the timing for the implementation phases.

This step involves the following participants:

  • Senior IT leadership
  • Governance process owner

Outcomes of this step

Implementation plan for adaptive governance framework model

Select and Refine Your Governance Model
Step 2.1 – Choose and Adapt Your Model Step 2.2 – Identify and Document Your Governance Triggers Step 2.3 – Build Implementation Approach

2.3.1 Identify and document your implementation plan

60 minutes

Input: Governance model, Guiding principles, Update triggers, Cultural factors and mitigations

Output: Implementation roadmap

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. As a group, discuss the changes required to implement the governance model, the cultural items that need to be addressed, and the anticipated timing.
  2. Document the implementation activities and consolidate them into groupings/themes based on similarities or shared outcomes.
  3. Name the grouped themes for clarity and identify key dependencies between activities in each area and across themes.
  4. Identify and document your approach (e.g. continuous, phased) and high-level timeline for implementation.
  5. Document the themes and initiatives in the Governance Implementation Plan.

Download the Governance Implementation Plan

Illustrate the implementation plan using roadmaps

Info-Tech recommends two different methods to roadmap the initiatives in your Governance Implementation Plan.

Gantt Chart
Sample of a Gantt Chart.

This type of roadmap depicts themes, related initiatives, the associated goals, and exact start and end dates for each initiative. This diagram is useful for outlining a larger number of activities and initiatives and has an easily digestible and repeatable format.

Sunshine Diagram
Sample of a Sunshine Diagram.

This type of roadmap depicts themes and their associated initiatives. The start and end dates for the initiatives are approximated based on years or phases. This diagram is useful for highlighting key initiatives on one page.

2.3.2 Build your roadmap

30 minutes

Input: Governance themes and initiatives

Output: roadmap visual

Materials: Governance Roadmap Workbook, Governance Workbook

Participants: CIO, IT senior leadership

  1. Open the Governance Implementation Plan and review themes and initiatives.
  2. Open the Governance Roadmap Workbook.
  3. Discuss whether the implementation roadmap should be developed as a Gantt chart, a sunshine diagram, or both.
    For the Gantt chart:
    • Input the roadmap start year and date.
    • Change the months and year in the Gantt chart to reflect the same roadmap start year.
    • Input and populate the planned start and end dates for the list of high-priority initiatives.

Develop your Gantt chart in the Governance Roadmap Workbook

2.3.3 Build your sunshine diagram

30 minutes

Input: Governance themes and initiatives

Output: Sunshine diagram visual

Materials: Whiteboard/flip charts, Markers, Governance Implementation Plan

Participants: CIO, IT senior leadership

  1. Review your list of themes and initiatives.
  2. Build a model with “rays” radiating out from a central theme or objective.
  3. Using curved arcs, break the grid into timeline periods or phases.
  4. Complete your sunshine diagram in the Governance Implementation Plan.

Customize your sunshine diagram in the Governance Implementation Plan

Make Your IT Governance Adaptable

Phase 3

Embed and Automate

Phase 1

  • 1.1 Define Your Guiding Star
  • 1.2 Define Scope and Principles
  • 1.3 Adjust for Culture and Finalize Context

Phase 2

  • 2.1 Choose and Adapt Your Model
  • 2.2. Identify and Document Your Governance Triggers
  • 2.3 Build Your Implementation Approach

Phase 3

  • 3.1 Identify Decisions to Embed and Automate
  • 3.2 Plan Validation and Verification
  • 3.3 Update Implementation Plan

This phase will walk you through the following activities:

Identify which decisions you are ready to automate.

Identify standards and policies that can be embedded and automated.

Identify integration points.

Confirm data requirements to enable success.

This phase involves the following participants:

  • IT senior leadership
  • Governance process owner
  • Product and service owners
  • Policy owners

Step 3.1

Identify Decisions to Embed and Automate

Activities
  • 3.1.1 Review governance decisions and standards and the required level of authority
  • 3.1.2 Build your decision logic
  • 3.1.3 identify constraints and mitigation approaches
  • 3.1.4 Develop decision rules and principles

This step will walk you through the following activities:

Identify your key decisions.

Develop your decision logic.

Confirm decisions that could be automated.

Identify and address constraints.

Develop decision rules and principles.

This step involves the following participants:

  • IT senior leadership

Outcomes of this step

Developed decision rules, rulesets, and principles that can be leveraged to automate governance

Defined integration points

Embed and Automate

Step 3.1 – Identify Decisions to Embed and Automate Step 3.2 – Plan Validation and Verification Step 3.3 – Update Implementation Plan

What is decision automation?

Decision automation is the codifying of rules that connect the logic of how decisions are made with the data required to make those decisions. This is then embedded and automated into processes and the design of products and services.

  • It is well suited to governance where the same types of decisions are made on a recurring basis, using the same set of data. It requires clean, high-quality data to be effective.
  • Improvements in artificial intelligence (AI) and machine learning (ML) have allowed the creation of scenarios where a hybrid of rules and learning can improve decision outcomes.

Key Considerations

  • Data Availability
  • Legality
  • Contingencies
  • Decision Transparency
  • Data Quality
  • Auditability

How complexity impacts decisions

Decision complexity impacts the type of rule(s) you create and the amount of data required. It also helps define where or if decisions can be automated.

  1. SIMPLE
    Known and repeatable with consistent and familiar outcomes – structured, causal, and easy to standardize and automate.
  2. COMPLICATED
    Less known and outcomes are not consistently repeatable. Expertise can drive standards and guidelines that can be used to automate decisions.
  3. COMPLEX
    Unknown and new, highly uncertain in terms of outcomes, impact, and data. Requires more exploration and data. Difficult to automate but can be built into the design of products and services.
  4. CHAOTIC
    Unstructured and unknown situation. Requires adaptive and immediate action without active data – requires retained human governance
  5. (Based on Dave Snowden’s Cynefin framework)

Governance Automation Criteria Checklist

The Governance Automation Criteria Checklist provides a view of key considerations for determining whether a governing activity or decision is a good candidate for automation.

The criteria identify key qualifiers/disqualifiers to make it easier to identify eligibility.

Sample of the Governance Automation Criteria Checklist.

Download the Governance Automation Criteria Checklist

Governance Automation Worksheet

Sample of the Governance Automation Worksheet.

The Governance Automation Worksheet provides a way to document your governance and systematically identify information about the decisions to help determine if automation is possible.

From there, decision rules, logic, and rulesets can be designed in support of building a structure flow to allow for automation.

Download the Governance Automation Worksheet

3.1.1 Review governance decisions and standards and the required level of authority

30 minutes

Input: Automation Criteria Checklist, Governance Automation Worksheet, Updated governance model

Output: Documented decisions and related authority, Selected options for automation, Updated Governance Automation Worksheet

Materials: Whiteboard/flip charts, Governance Automation Worksheet

Participants: IT senior leadership

  1. Identify the decisions that are made within each committee in your updated governance model and document them in the Governance Automation Worksheet.
  2. Confirm the level of authority required to make each decision.
  3. Review the automation checklist to confirm whether each decision is positioned well for automation.
  4. Select and document the decisions that are the strongest options for automation/embedding and document them in the Governance Automation Worksheet.

What are decision rules?

Decision rules provide specific instructions and constraints that must be considered in making decisions and are critical for automating governance.

They provide the logical path to assess governance inputs to make effective decisions with positive business outputs.

Inputs would include key information such as known risks, your defined prioritization matrix, portfolio value scoring, and compliance controls.

Individual rules can be leveraged in different places.

Some decision rule types are listed here.

  1. Statement Rules
    Natural expression of logical progression, written through logical elements
  2. Decision Tree Rules
    Decision tree with two axes that overlap to generate a decision
  3. Sequential Rules
    A sequence of decisions that move from one step to the next
  4. Expression Rule
    A particular set of rules triggered by a particular rule condition being met
  5. Truth table rules
    Combines many decision factors into one place; produces different outputs

What are decision rulesets

Rulesets are created to make complex decisions. Individual rule types are combined to create rulesets that are applied together to generate effective decisions. One rule will provide contextual information required for additional rules to execute in a Rule-Result-Rule-Result-Rule-Decision flow.

A visualization of two separate rulesets made up of the decision rules on the previous slide. 'Ruleset 1' contains '1) Statement Rules', '2) Decision Tree Rules', and 5) Truth Table Rules'. 'Ruleset 2' contains '3) Sequential Rules' and '4) Expression Rule'.

3.1.2 Build your decision logic

30 minutes

Input: Governance Automation Worksheet

Output: Documented decision logic to support selected decision types and data requirements

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. For each selected decision, identify the principles that drive the considerations around the decision.
  2. For each decision, develop the decision logic by defining the steps and information inputs involved in making the decision and documenting the flow from beginning to end.
  3. Determine whether this is one specific decision or a combination of different decisions (in sequence or based on decisions).
  4. Name your decision rule.

Sample of the Governance Automation Worksheet.

3.1.3 Identify constraints and mitigation approaches

60 minutes
  1. Document constraints to automation of decisions related to:
    • Availability of decision automation tools
    • Decision authority change requirements
    • Data constraints
    • Knowledge requirements
    • Process adjustment requirements
    • Product/service design levels
  2. Brainstorm and identify approaches to mitigate constraints and score based on likelihood of success.
  3. Identify mitigation owners and initial timeline expectations.
  4. Document the constraints and mitigations in the Governance Workbook on the constraints and mitigations slide.

Sample of the 'Constraints and mitigations' slide of the 'Governance Workbook'.

3.1.4 Develop decision rules and principles

1.5-2 hours

Input: Governance Automation Worksheet

Output: Defined decision integration points, Confirmed data availability sets, Decision rules, rulesets, and principles with control indicators

Materials: Whiteboard/flip charts, Governance Automation Worksheet

Participants: IT senior leadership

  1. Review the decision logic for those decisions that you have confirmed for automation. Identify the processes where the decision should be executed.
  2. Associate each decision with specific process steps or stages or how it would be included in software/product design.
  3. For each selected decision, identify the availability of data required to support the decision logic and the level of complexity and apply governing principles.
  4. Create the decision rules and identify data gaps.
  5. Define the decision flow and create rulesets as needed.
  6. Confirm automation requirements and define control indicators.

Step 3.2

Plan Validation and Verification

Activities
  • 3.2.1 Define verification approach for embedded and automated governance
  • 3.2.2 Define validation approach for embedded and automated governance

This step will walk you through the following activities:

Define how decision outcomes will be measured.

Determine how the effectiveness of automated governance will be reported.

This step involves the following participants:

  • IT senior leadership

Outcomes of this step

Tested and verified automation of decisions

Embed and Automate

Step 3.1 – Identify Decisions to Embed and Automate Step 3.2 – Plan Validation and Verification Step 3.3 – Update Implementation Plan

Decision rule relationship through to verification

1. Rules

Focus on clear decision logic

Often represented in simple statement types and supported by data:

IF – THEN

IF – AND – THEN

IF – AND NOT – THEN

2. Rulesets

Aggregate rules for more complex decisions

Integrated flows between different required rules:
Rule 1:
(Output 1) – Rule 2
(Output 2) – Rule 6
Rule 6: (Output 1) – Rule 7
3. Rule Attestation

Verify success of automated decisions

Attestation of embedded and automated rules with key control indicators embedded within process and products.

Principles embedded into automated software controls.

3.2.1 Define verification approach for embedded and automated governance

60 minutes

Input: Governance rules and rulesets as defined in the Governance Automation Worksheet, Defined decision outcomes

Output: A defined measurement of effective decision outcomes, Approach to automate and/or report the effectiveness of automated governance

Materials: Whiteboard/flip charts

Participants: IT senior leadership

Verify

  1. Confirm expected outcome of rules.
  2. Select a sampling of new required decisions or recently performed decisions related to areas of automation.
  3. Run the decisions through the decision rules or rule groupings that were developed and compare to parallel decisions made using the traditional approach. (These must be segregated activities.)
  4. Review the outcome of the rules and adjust based on the output. Identify areas of adjustment. Confirm that the automation meets your requirements.

3.2.2 Define validation approach for embedded and automated governance

60 minutes

Input: Governance rules and rulesets as defined in the Governance Automation Worksheet, Defined decision outcomes

Output: Defined assurance and attestation requirements, Key control indicators that can be automated

Materials: Whiteboard/flip charts

Participants: IT senior leadership

Validate

  1. Develop an approach to measure automated decisions. Align success criteria to current governance KPIs and metrics.
  2. If no such metrics exist, define expected outcome. Define key risk indicators based on the expected points of automation.
  3. Establish quality assurance checkpoints within the delivery lifecycles to adjust for variance.
  4. Create triggers back to rule owners to drive changes and improvements to rules and rule groupings.

Step 3.3

Update Implementation Plan

Activities
  • 3.3.1 Finalize the implementation plan

This step will walk you through the following activities:

Review implications and mitigations to make sure all have been considered.

Finalize the implementation plan and roadmap.

This step involves the following participants:

  • Senior IT leadership

Outcomes of this step

Completed Governance implementation plan and roadmap

Embed and Automate

Step 3.1 – Identify Decisions to Embed and Automate Step 3.2 – Plan Validation and Verification Step 3.3 – Update Implementation Plan

3.3.1 Finalize the implementation plan

30 minutes

Input: Governance workbook, Updated governance model, Draft implementation plan and roadmap

Output: Finalized implementation plan and roadmap

Materials: Whiteboard/flip charts, Governance Implementation Plan

Participants: IT senior leadership

  1. Document automation activities within phases in a governance automation theme in the Governance Implementation Plan.
  2. Review timelines in the implementation plan and where automation fits within the roadmap.
  3. Updated the implementation plan and roadmap.

Governance Implementation Plan

Summary of Accomplishment

Problem Solved

Through this project we have:

  • Improved your governance model to ensure a better fit for your organization, while creating adaptivity for the future.
  • Ensured your governance operates as an enabler of success with the proper bodies and levels of authority established.
  • Established triggers to ensure your governance model is actively adjusted to maintain its fit.
  • Developed a plan to embed and automate governance.
  • Created decision rules and principles and identified where to embed them within your practices.

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

Contact your account representative for more information.

workshops@infotech.com 1-888-670-8889

Additional Support

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

Photo of Valence Howden.

Contact your account representative for more information.

workshops@infotech.com 1-888-670-8889

To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

Related Info-Tech Research

Improve IT Governance to Drive Business Results

Avoid bureaucracy and achieve alignment with a minimalist approach. Align with your organizational context.

Establish Data Governance

Establish data trust and accountability with strong governance.

Maximize Business Value From IT Through Benefits Realization

Embed value and alignment confirmation into your governance to ensure you optimize IT value achievement for resource spend.

Build a Better Product Owner

Strengthen the product/service owner role in your organization by focusing on core capabilities and proper alignment.

Research contributors and experts

Photo of Sidney Hodgson, Senior Director, Industry, Info-Tech Research Group. Sidney Hodgson
Senior Director, Industry
Info-Tech Research Group
  • Sidney has over 30 years of experience in IT leadership roles as CIO of three organizations in Canada and the US as well as international consulting experience in the US and Asia.
  • Sid has a breadth of knowledge in IT governance, project management, strategic and operational planning, enterprise architecture, business process re-engineering, IT cost reduction, and IT turnaround management.
Photo of David Tomljenovic, Principal Research Advisor, Industry, Info-Tech Research Group. David Tomljenovic
Principal Research Advisor, Industry
Info-Tech Research Group
  • David brings extensive experience from the Financial Services sector, having worked 25 years on Bay Street. Most recently he was a Corporate Finance and Strategy Advisor for Infiniti Labs (Toronto/Hong Kong), Automotive, and Smart City Accelerator, where he provided financial and mergers & acquisitions advisory services to accelerator participants with a focus on early-stage fundraising activities.

Research contributors and experts

Photo of Cole Cioran, Practice Lead, Applications and Agile Development, Info-Tech Research Group. Cole Cioran
Practice Lead, Applications and Agile Development
Info-Tech Research Group
  • Over the past 25 years, Cole has developed software; designed data, infrastructure, and software solutions; defined systems and enterprise architectures; delivered enterprise-wide programs; and managed software development, infrastructure, and business systems analysis practices.
Photo of Crystal Singh, Research Director, Applications – Data and Information Management, Info-Tech Research Group. Crystal Singh
Research Director, Applications – Data and Information Management
Info-Tech Research Group
  • Crystal brings a diverse and global perspective to her role, drawing from her professional experiences in various industries and locations. Prior to joining Info-Tech, Crystal led the Enterprise Data Services function at Rogers Communications, one of Canada’s leading telecommunications companies.

Research contributors and experts

Photo of Carlene McCubbin, Practice Lead, CIO, Info-Tech Research Group. Carlene McCubbin
Practice Lead, CIO
Info-Tech Research Group
  • Carlene covers key topics in organization and leadership and specializes in governance, organizational design, relationship management, and human capital development. She led the development of Info-Tech’s Organization and Leadership practice.
Photo of Denis Goulet, Senior Workshop Director, Info-Tech Research Group. Denis Goulet
Senior Workshop Director
Info-Tech Research Group
  • Denis is a transformational leader and experienced strategist who focuses on helping clients communicate, relate, and adapt for success. Having developed Governance Model and IT strategies in organizations ranging from small to billion-dollar multi-nationals, he firmly believes in a collaborative value-driven approach to work.

Bibliography

“2020 State of Data Governance and Automation Report.” Erwin.com, 28 Jan. 2020. Web.

“Adaptive IT Governance.” Google search, 15 Nov. 2020.

“Adaptive IT Governance Framework.” CIO Index, 3 Nov. 2011. Accessed 15 Nov. 2020.

“Agile Governance Made Easy.” Agilist, n.d. Accessed 15 Nov. 2020.

“Automating Governance — Our Work.” Humanising Machine Intelligence, n.d. Accessed 15 Nov. 2020.

“Automation – Decisions.” IBM, 2020. Accessed 15 Oct. 2020.

Chang, Charlotte. “Accelerating Agile through effective governance.” Medium, 22 Sept. 2020. Web.

“COBIT 5: Enabling Processes.” ISACA, 2012. Web. Oct. 2016.

COBIT 2019. ISACA, Dec. 2018. Web.

Curtis, Blake. “The Value of IT Governance.” ISACA, 29 June 2020. Accessed 15 Nov. 2020.

De Smet, Aaron. “Three Keys to Faster, Better Decisions.” McKinsey & Company, 1 May 2019. Accessed 15 Nov. 2020.

“Decision Rules and Decision Analysis.” Navex Global, 2020. Web.

“Decisions Automation with Business Rules Management Solution.” Sumerge, 4 Feb. 2020. Accessed 15 Nov. 2020.

“DevGovOps – Key factors for IT governance for enterprises in a DevOps world.” Capgemini, 27 Sept. 2019. Web.

Eisenstein, Lena. “IT Governance Checklist.” BoardEffect, 19 Feb. 2020. Accessed 15 Nov. 2020.

“Establishing Effective IT and Data Governance.” Chartered Professional Accountants Canada, n.d. Accessed 15 Nov. 2020.

Gandzeichuk, Ilya. “Augmented Analytics: From Decision Support To Intelligent Decision-Making.” Forbes, 8 Jan. 2020. Accessed 15 Nov. 2020.

Georgescu, Vlad. “What Is IT Governance? Understanding From First Principles.” Plutora, 18 Oct. 2019. Web.

Goodwin, Bill. “IT Governance in the Era of Shadow IT.” ComputerWeekly, 5 Aug. 2014. Accessed 15 Nov. 2020.

“Governance of IT, OT and IOT.” ISACA Journal, 2019. Web.

Gritsenko, Daria, and Matthew Wood. “Algorithmic Governance: A Modes of Governance Approach.” Regulation & Governance, 10 Nov. 2020. Web.

Hansert, Philipp. “Adaptive IT Governance with Clausmark’s Bee4IT.” Bee360, 25 Oct. 2019. Accessed 15 Nov. 2020.

Havelock, Kylie. “What Does Good Product Governance Look Like?” Medium. 8 Jan. 2020. Web.

Haven, Dolf van der. “Governance of IT with ISO 38500 - A More Detailed View” LinkedIn article, 24 Oct. 2016. Accessed 15 Nov. 2020.

Hong, Sounman, and Sanghyun Lee. “Adaptive Governance and Decentralization: Evidence from Regulation of the Sharing Economy in Multi-Level Governance.” Government Information Quarterly, vol. 35, no. 2, April 2018, pp. 299–305. Web.

ISACA. “Monthly Seminar & Networking Dinner: CIO Dashboard.” Cvent, Feb. 2012. Accessed 15 Nov. 2020.

ISO/IEC 38500, ISO, 2018 and ongoing.

“IT Governance.” Kenway Consulting, n.d. Accessed 15 Nov. 2020.

“IT Governance in the Age of COVID 19.” Union of Arab Banks Webinar, 19-21 Oct. 2020. Accessed 15 Nov. 2020.

Jaffe, Dennis T. “Introducing the Seven Pillars of Governance.” Triple Pundit, 15 Nov. 2011. Accessed 15 Nov. 2020.

Janssen, Marijn, and Haiko van der Voort. “Agile and Adaptive Governance in Crisis Response: Lessons from the COVID-19 Pandemic.” International Journal of Information Management, vol. 55, December 2020. Web.

Jodya, Tiffany. “Automating Enterprise Governance within Delivery Pipelines.” Harness.io, 14 May 2020. Web.

Kumar, Sarvesh. “AI-Based Decision-Making Automation.” Singular Intelligence, 17 June 2019. Web.

“Lean IT Governance.” Disciplined Agile, n.d. Accessed 15 Nov. 2020.

Lerner, Mark. “Government Tech Projects Fail by Default. It Doesn’t Have to Be This Way.” Belfer Center for Science and International Affairs, 21 Oct. 2020. Accessed 15 Nov. 2020.

Levstek, Aleš, Tomaž Hovelja, and Andreja Pucihar. “IT Governance Mechanisms and Contingency Factors: Towards an Adaptive IT Governance Model.” Organizacija, vol. 51, no. 4, Nov. 2018. Web.

Maccani, Giovanni, et al. “An Emerging Typology of IT Governance Structural Mechanisms in Smart Cities.” Government Information Quarterly, vol. 37, no. 4, Oct. 2020. Web.

Magowan, Kirstie. “IT Governance vs IT Management: Mastering the Differences.” BMC Blogs, 18 May 2020. Accessed 15 Nov. 2020.

Mazmanian, Adam. “Is It Time to Rethink IT Governance? ” Washington Technology, 26 Oct. 2020. Accessed 15 Nov. 2020.

Mukherjee, Jayanto. “6 Components of an Automation (DevOps) Governance Model.” Sogeti, n.d. Accessed 15 Nov. 2020.

Ng, Cindy. “The Difference Between Data Governance and IT Governance.” Inside Out Security, updated 17 June 2020. Web.

Pearson, Garry. “Agile or Adaptive Governance Required?” Taking Care of the Present (blog), 30 Oct. 2020. Accessed 15 Nov. 2020.

Peregrine, Michael, et al. “The Long-Term Impact of the Pandemic on Corporate Governance.” Harvard Law School Forum on Corporate Governance, 16 July 2020. Web.

Raymond, Louis, et al. “Determinants and Outcomes of IT Governance in Manufacturing SMEs: A Strategic IT Management Perspective.” International Journal of Accounting Information Systems, vol. 35, December 2019. Web.

Rentrop, Christopher. “Adaptive IT Governance – Foundation of a Successful Digitalization.” Business IT Cooperation Coordination Controlling (blog). May 2, 2018. Web.

Schultz, Lisen, et al. “Adaptive Governance, Ecosystem Management, and Natural Capital.” Proceedings of the National Academy of Sciences, vol. 112, no. 24, 2015, pp. 7369–74. Web.

Selig, Gad J. Implementing IT Governance: A Practical Guide to Global Best Practices in IT Management. Van Haren Publishing, 2008. Accessed 15 Nov. 2020.

Sharma, Chiatan. “Rule Governance for Enterprise-Wide Adoption of Business Rules: Why Does a BRMS Implementation Need a Governance Framework?” Business Rules Journal, vol. 13, no. 4, April 2012. Accessed 15 Nov. 2020.

Smallwood, Robert. “Information Governance, IT Governance, Data Governance – What’s the Difference?” The Data Administration Newsletter, 3 June 2020. Accessed 15 Nov. 2020.

Snowden, Dave. "Cynefin – weaving sense-making into the fabric of our world", Cognitive Edge, 20 October 2020.

“The Place of IT Governance in the Enterprise Governance.” Institut de la Gouvernance des Systemes d’Information, 2005. Accessed 15 Nov. 2020.

Thomas, Mark. “Demystifying IT Governance Roles in a Dynamic Business Environment.” APMG International, 29 Oct. 2020. Webinar. Accessed 15 Nov. 2020.

“The Four Pillars of Governance Best Practice.” The Institute of Directors in New Zealand, 4 Nov. 2019. Web.

Wang, Cancan, Rony Medaglia, and Lei Zheng. “Towards a Typology of Adaptive Governance in the Digital Government Context: The Role of Decision-Making and Accountability.” Government Information Quarterly, vol. 35, no. 2, April 2018, pp. 306–22.

Westland, Jason. “IT Governance: Definitions, Frameworks and Planning.” ProjectManager.com, 17 Dec. 2019. Web.

Wilkin, Carla L., and Jon Riddett. “IT Governance Challenges in a Large Not-for-Profit Healthcare Organization: The Role of Intranets.” Electronic Commerce Research vol. 9, no. 4, 2009, pp. 351-74. Web.

Zalnieriute, Monika, et al. “The Rule of Law and Automation of Government Decision Making.” Modern Law Review, 25 Feb. 2019. Web.

About Info-Tech

Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.

We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.

What Is a Blueprint?

A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.

Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.

Governance isn’t optional, so keep it simple and make it flexible.

Need Extra Help?
Speak With An Analyst

Get the help you need in this 3-phase advisory process. You'll receive 6 touchpoints with our researchers, all included in your membership.

Guided Implementation #1 - Identify your governance needs
  • Call #1 - Confirm your organization’s mission and vision and review your strategy and goals.
  • Call #2 - Identify considerations and governance needs. Develop your guiding star and governing principles.

Guided Implementation #2 - Select and refine your model
  • Call #1 - Select your base model and optimize it to meet your governance needs.
  • Call #2 - Define your adjustment triggers and develop your implementation plan.

Guided Implementation #3 - Embed and automate
  • Call #1 - Identify decisions and standards you can automate and where to embed them.
  • Call #2 - Confirm levels of authority and data requirements. Establish your approach and update the implementation plan.

Author

Valence Howden

Contributors

  • 22 anonymous contributors
Visit our COVID-19 Resource Center and our Cost Management Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019