Industry Coverage icon

Make Your IT Governance Adaptable – Financial Services

Build agility into your governance to stay in pace with change.

Unlock a Free Sample
  • Resource capacity and technological capabilities have not kept in pace with organization growth and expectations.
  • The scale, speed, and complexity of regulatory change is a challenge.
  • Organizations have insufficient data and data-related capabilities to enable more agile and automated governance practices.
  • AI/ML governance and ethics frameworks are immature and cannot support automated decisioning.

Our Advice

Critical Insight

  • IT governance works against you if it no longer aligns with or supports your organizational direction, goals, and work practices.
  • Your governance model should be able to adapt to changes in the organization’s strategy and goals, new risks, your industry, and your ways of working.
  • Governance can be embedded and automated into your practices.
  • Agility in your governance practices requires data agility.
  • The interconnectedness between governance, regulation and achieving business outcomes needs to be considered in your governance design.

Impact and Result

  • You will produce more value from IT by developing a governance framework optimized for your current needs and context, with the ability to adapt as your needs shift.
  • You will create the foundation and ability to delegate and empower governance to enable agile delivery.
  • You will identify areas where governance does not require manual oversight and can be embedded into the way you work.

Make Your IT Governance Adaptable – Financial Services Research & Tools

1. Make Your IT Governance Adaptable Deck – A document that walks you through how to design and implement governance that fits the context of your organization and can adapt to change.

Our dynamic, flexible, and embedded approach to governance will help drive organizational success. The three-phase methodology will help you identify your governance needs, select, and refine your governance model, and embed and automate governance decisions.

2. Adaptive and Controlled Governance Model Templates and Workbook – Documents that gather context information about your organization to identify the best approach for governance.

Use these templates and workbook to identify the criteria and design factors for your organization and the design triggers to maintain fit. Upon completion this will be your new governance framework model.

3. Implementation Plan and Workbook – Tools that help you build and finalize your approach to implement your new or revised governance model.

Upon completion you will have a finalized implementation plan and a visual roadmap.

4. Governance Committee Charter Templates – Base charters that can be adapted for communication.

Customize these templates to create the committee charters or terms of reference for the committees developed in your governance model.

5. Governance Automation Criteria Checklist and Worksheet – Tools that help you determine which governance decisions can be automated and work through the required logic and rules.

The checklist is a starting point for confirming which activities and decisions should be considered for automation or embedding. Use the worksheet to develop decision logic by defining the steps and information inputs involved in making decisions.

Unlock a Free Sample

Make Your IT Governance Adaptable

Modified for Financial Services

Build agility into your governance to stay in pace with change

EXECUTIVE BRIEF

Analyst Perspective

Governance should be part of your organization’s DNA – central to its being yet unique to your organization.

The image contains a picture of Donna Bales.

The dynamic nature of today’s business environment, where consumer, technology, and regulatory change is pervasive, business agility is increasingly indispensable. To stay nimble and responsive to business change, financial services organizations must adapt their governance toward more agile and automated governance practices.

Gone are the days when a check box was enough. Success in modern digital organizations depends on an organization’s ability to adjust to the velocity of business and the evolving risk and regulatory landscape.

Practically, this means shifting from a people- and document-oriented approach to a data-centric approach and leveraging organization data to create decision rules that account for known risks and constraints and embedding governance directly into products, services, or processes.

To stay aligned with business objectives and to avoid poor business outcomes, it is critical to build an approach to IT governance that is effective and suitable today while building in adaptability to keep it relevant for tomorrow.

Donna Bales

Principal Research Director,

Info-Tech Research Group

Executive Summary

Your Challenge

Common Obstacles

Info-Tech’s Approach

  • It is difficult to keep up with the scale, speed, and complexity of regulatory and technology change.
  • Emerging and advanced technologies enable faster, more customized customer experiences, but they come with added complexity in how risks are managed and data is governed.
  • A move to fully automated decisioning is hindered by a lack of mature AI/ML governance and ethics frameworks.
  • Resource capacity and technology availability has not kept pace with organization growth and expectations.
  • Underdeveloped capabilities across the three lines of defense lead to a lack of coordination, duplication of risk areas, gaps, and misaligned or conflicting assurance opinions.
  • Organizational constraints inhibit a move toward a culture of innovation and agility.
  • No single source of truth – data is fragmented and mismanaged.
  • There are funding constraints/balancing against revenue opportunities.
  • Accountability framework is not well understood.
  • Use Info-Tech’s IT governance models to identify a base model similar to the way you are organized. Confirm your current and future placement in governance execution.
  • Adjust the model based on industry needs, your principles, regulatory requirements, and your future direction.
  • Identify where to embed or automate decision making and compliance and what is required to do so effectively.
  • Implement your governance model for success.

Info-Tech Insight

IT governance must be embedded and automated, where possible, to effectively meet the needs and velocity of digital organizations, regulatory requirements, and modern practices to drive success and value.

What is governance?

IT governance is a critical and embedded practice that ensures that information and technology investments, risks, and resources are aligned in the best interests of the organization and produce business value.

Effective governance ensures that the right technology investments are made at the right time to support and enable your organization’s mission, vision, and goals.

5 KEY OUTCOMES OF GOOD GOVERNANCE

STRATEGIC ALIGNMENT

Technology investments and portfolios are aligned with the organization's strategic objectives.

RISK OPTIMIZATON

Organizational risks are understood and addressed to minimize impact and optimize opportunities.

VALUE DELIVERY

IT investments and initiatives deliver their expected benefits.

RESOURCE OPTIMIZATION

Resources (people, finances, time) are appropriately allocated across the organization to optimal organizational benefit.

PERFORMANCE MEASUREMENT

The performance of technology investments is monitored and used to determine future courses of action and to confirm achievement of success.

EVALUATE – DIRECT – MONITOR

Stages of governance

Adaptive (Data-Centric)

Traditional (People- and Document-Centric)

4

Automated Governance

  • Entrenched into organizational processes and product/service design
  • Empowered and fully delegated to maintain fit and drive organizational success and survival
3

Agile Governance

  • Flexible enough to support different needs in the organization and respond quickly to change
  • Driven by principles and delegated throughout the company
2

Controlled Governance

  • Focused on compliance and hierarchy-based authority
  • Levels of authority defined and often driven by regulatory requirements
1

Ad Hoc Governance

  • Not well defined or understood within the organization
  • Occurs out of necessity but often not done by the right people or bodies
The image contains a screenshot of the Thought Model: Make Governance Adaptable and Automated to Drive Success and Value.

Governance Within Financial Services

  • Governance in financial services is fundamental to the smooth functioning of the banking system. As intermediaries and conveyers of economic growth, financial institutions have a crucial role to play in supporting financial stability and the safe functioning of the economy.
  • The use of novel technologies and an array of non-financial risk considerations has altered the risk and governance landscape. Your approach to governance needs to change to address emergent risks, make sound decisions, and maintain effectiveness.
  • To meet the speed of business change and to effectively address regulatory requirements, your IT governance needs to be structured to support optimal decisions in real-time by automating governance and embedding controls directly into products, services, and internal processes.

Info-Tech Insight

Governance should be designed with adaptability in mind to ensure IT remains in alignment to business objectives, continually providing value while effectively safeguarding the organization against potential risks.

Corporate governance is robust and firmly embedded in bank supervisory laws and regulation

  • Corporate governance legislation and regulatory guidelines specify certain matters that must be part of governance programs.
  • The board is responsible for the overall stewardship of the organization and fulfilling two key elements: decision making, and oversight. However, the board is supported and informed by a robust corporate governance committee structure.
  • Board committees assist the board in exercising its responsibilities.
  • Typical board committees include:
    • Audit
    • Governance (may include ESG)
    • Risk
    • Compensation/HR Committee
The image contains an example of a governance framework for financial services.

Risk, Regulation, and Governance are interlinked

The impact of new regulation and the management of new and emerging risk needs to be well understood as they play an intrinsic part in how IT governance is structured to meet business objectives and optimize opportunities.

Legislation, laws, regulation, and guidance

Regulation informs how governance is executed and risk is managed

Board
  • Makes decisions and sets direction by considering strategic opportunity, risk appetite
  • Actively manages the organization’s risk profile relative to its risk appetite
  • Oversees the systems and policies to identify and manage risk to the enterprise
  • Fosters a culture of integrity and good governance
  • Is supported by governance committees
Enterprise Risk Committee
  • Ensure organization’s structure, budget, and resources are in place to manage risks
  • Ensure policies and procedures are in place to manage risk
  • Review and recommend risk appetite framework
  • Assess effectiveness of risk function (e.g. review risk reporting)
Internal Control Functions (Compliance, IT, Risk Committee, Internal Audit)
  • Identify, manage, and report on risks
  • Make recommendations on risk management, control mechanisms and investment mix, talent, and resource capacity
  • Responsible for meeting regulatory obligations

IT Governance plays a critical role in achieving enterprise vision

ENTERPRISE GOVERNANCE AND STRATEGY

IT STRATEGY

  • INFORMATION & TECHNOLOGY GOVERNANCE
    • Support risk management
    • Meet regulatory requirements
    • Achieve business goals and objectives
    • Support product and digital initiatives
    • Protect against threats

Build agility into your governance to stay in pace with change.

About Info-Tech

Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.

We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.

What Is a Blueprint?

A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.

Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.

Need Extra Help?
Speak With An Analyst

Get the help you need in this 3-phase advisory process. You'll receive 6 touchpoints with our researchers, all included in your membership.

Guided Implementation 1: Identify Your Governance Needs
  • Call 1: Confirm your organization’s mission and vision and review your strategy and goals.
  • Call 2: Identify considerations and governance needs. Develop your guiding star and governing principles.

Guided Implementation 2: Select and Refine Your Model
  • Call 1: Select your base model and optimize it to meet your governance needs.
  • Call 2: Define your adjustment triggers and develop your implementation plan.

Guided Implementation 3: Embed and Automate
  • Call 1: Identify decisions and standards you can automate and where to embed them.
  • Call 2: Confirm levels of authority and data requirements. Establish your approach and update the implementation plan.

Author

Donna Bales

Contributors

  • Christine Brick, Executive Advisor, InfoTech Research Group
  • Valence Howden, Principal Research Advisor, Info-Tech Research Group
  • Steven Jurovic, Executive Counselor, Info-Tech Research Group
  • Michele Steele, Executive Advisor, Info-Tech Research Group
  • 22 anonymous contributors
Visit our Exponential IT Research Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019