A Practical Approach for IT Governance

Archive for January 2015

A Framework for studying different CIO Archetypes

leave a comment »

Blogs are usually concise and anchor around one salient point. However, the theme for this blog is such that it will be a narrative, perhaps a prelude to a book. While my product helps CIOs manage the business of IT, one challenge was how should the tool change for the different types of CIOs. The old school taxonomy was to classify CIOs into two basic groups: back-office who were focused on operational efficiency and cost, and front-office who were focused on innovation and helping IT provide the competitive edge to the Enterprise. There are some social frameworks for classifying the different types of CIOs. A popular one is from our partner CEC which identifies the three types:

  1. Operational/Functional (Business relationship: Service provider)
  2. Transformational (Business relationship: Partner)
  3. Business Strategist (Business relationship: Peer)

While this framework is very useful, I feel we need a more contemporary taxonomy for classifying CIOs. The taxonomy I am proposing is based on the background where the CIOs come from.

Imagine a three dimensional grid with one axis being business background, the other being technology background, and the third being the leadership skills. Since it is difficult to show a three dimensional grid in a blog, I have broken it into two 2×2 grids. The two grids are separated by leadership skills – those who have it and those who do not. CIOs who exhibit leadership skills run IT like a business. They feel that their role is no different than that of a CEO of a IT company.

While it is highly desirable to have leadership skills, many CIOs do not have this skill set.  I will argue that they can still play an important role in the organization. Organizations that leverage technology to run their businesses efficiently, may find CIOs who have strong business skills and technology skills the right fit.  These CIOs are labeled “Mature Geeks”.  it is difficult to imagine a CIO with weak technology skills and weak business skills.  However, you will find these “Trainee CIOs”  since some organizations use the CIO position as a place-holder for leaders for the future (or for their favorite cousins).  With over 50,000 CIOs in the US alone, there are many you run into who have just either strong technical skills “Geeks” or strong management skills “Process Reengineers”.  Geeks have a place, specially if they bring in a strong skill set needed. You have probably come across many an ERP implementation expert get the CIO title simply because the organization feels that ERP is their lifeline.  The same holds true for strong vertical experts as well.  Expertise in retail may get a person the CIO title despite having a weakness in the other dimensions.

If the organization is attempting to leverage technology to create a competitive edge, they will prefer CIOs with strong leadership skills.   If the CIO is also blessed with a strong business background and has strong technology skills (“Entrepreneurs”) ,  the organization is best giving the CIO significant business responsibilities – not just IT. Without this added challenge, it will be hard to retain these entrepreneurial CIOs.  In many cases, probably more so in larger firms, organizations will prefer “Change Agents” who possess exceptional business skills to implement significant changes.  Less frequent, but not uncommon, organizations which may need team building may prefer “Healers” who possess exceptional leadership skills, but lack business and technical skills.  Startups that are developing disruptive technologies may prefer CIOs with exceptional technical skills (“Innovators”).

The framework is designed to help organizations understand the type of CIO they need.  IT alignment to business cannot be achieved without having the right type of CIO that meets the organization’s needs.

Written by Subbu Murthy

January 31, 2015 at 9:01 pm

Posted in IT Governance

CoBIT as it applies to IT Governance

leave a comment »



Cobit At A Glance 1Control Objectives for Information and Related Technology (CoBIT) is a framework created by ISACA for information technology (IT) management and IT governance. At the top level,  CoBIT recommends alignment of IT to business.  COBIT defines IT activities in a generic process model within four domains. These domains are Plan and Organize, Acquire and Implement, Deliver and Support, and Monitor and Evaluate. The domains map to IT’s traditional responsibility areas of plan, build, run and monitor.  CoBIT 5 actually covers a lot more than IT Governance it includes five major components: Audit and Assurance, Risk Management, Information Security, Regulatory and Compliance, and of course, IT Governance.

CoBIT identifies four tracks in implementing IT Governance:

  1. Strategic alignment focuses on ensuring the linkage of business and IT plans; defining, maintaining and validating the IT value proposition; and aligning IT operations with enterprise operations.
  2. Value delivery is about executing the value proposition throughout the delivery cycle, ensuring that IT delivers the promised benefits against the strategy, concentrating on optimizing costs and proving the intrinsic value of IT.
  3. Resource management is about the optimal investment in, and the proper management of, critical IT resources: applications, information, infrastructure and people. Key issues relate to the optimization of knowledge and infrastructure.
  4. Performance measurement tracks and monitors strategy implementation, project completion, resource usage, process performance and service delivery, using, for example, balanced scorecards that translate strategy into action to achieve goals measurable beyond conventional accounting.

CoBIT asks that we gather management information that is presented as dashboards, scorecards and benchmarks.  CoBIT relies on four frameworks:IT Analytics 2

  • ITIL for service delivery
  • CMM for solution delivery
  • ISO 17799 for information security
  • PMBOK or PRINCE2 for project management

One of the challenges in implementing CoBIT is the enormous costs involved in purchasing different tools and integrating them.  Tools like uGovernIT  help provided an integrated solution to manage all aspects of CoBIT.  Another drawback is that CoBIT only focusses on running IT efficiently – true alignment requires not just efficiency but how IT can bring innovation and competitive edge to the enterprise.

Written by Subbu Murthy

January 15, 2015 at 11:27 pm

Portfolio Management: A Strategic Approach

leave a comment »

Portfolio ManagementI am pleased to have contributed to Portfolio Management, a book compiled from articles contributed by practitioners. This book takes a look at how to Govern projects using analytical and portfolio practices. The purpose is to marry technology strategy with business strategy using effective but not onerous IT Governance practices. This book may be purchased at CRC Press.  Following are some of the excerpts from CRC Press.

Recognizing the importance of selecting and pursuing programs, projects, and operational work that add sustainable business value that benefits end users, the Project Management Institute (PMI®) issued its first Standard on Portfolio Management in 2006. In 2014, it launched thePortfolio Management Professional (PfMP®) credential—which several of the experts who contributed to this book earned—to recognize the advanced expertise required of practitioners in the field.

Presenting information that is current with The Standard for Portfolio Management, Third Edition (2013); Portfolio Management: A Strategic Approach supplies in-depth treatment of the five domains and identifies best practices to ensure the organization has a balanced portfolio management that is critical to success. Following PMI’s standard, the book is organized according to its five domains: strategic alignment, governance, portfolio performance management, portfolio risk management, and portfolio communications management.

Each chapter presents the insight of different thought leaders in academia and business. Contributors from around the world, including the Americas, Europe, the Middle East, Africa, and Australia, supply a global perspective as to why portfolio management is essential for all types of organizations. They provide guidelines, examples, and models to consider, along with discussion and analysis of relevant literature in the field. Most chapters reference PMI standards, complement their concepts, and expand on the concepts and issues that the standards mention in passing or not at all.

Overall, this is a must-have resource for anyone pursuing the PfMP® credential from PMI. For executives and practitioners in the field, it provides the concepts you will need to address the ever-changing complexities that impact your work. This book is also suitable as a textbook for universities offering courses on portfolio management.

Written by Subbu Murthy

January 13, 2015 at 9:23 pm

The Top Four IT Priorities!

leave a comment »

Top Four IT PrioritiesIt is easier to create the top ten but the four identified below are part of our IT assessment methodology we use to identify the state of IT. While innovation is critical, we still feel that the number one priority is a secure and world class IT that runs the enterprise smoothly. The second is innovation i.e. generating possibilities and leveraging IT to create revenues. The third priority is replication and scaling up i.e. bringing efficiencies across the Enterprise, and the fourth is transparent IT Governance.   Sadly this is the missing leg in managing IT.  The ability to communicate and articulate the IT strategy is critical.  Implementing transparent IT Governance is just about the the best way to analyze, learn and align IT to meet the Enterprise needs.

IT Governance helps leadership run IT like a business.  Then it is easier run the business with IT.  As a leader, you cannot forge ahead if you have to constantly look over your shoulder. IT Governance helps you manage budgets, services and projects, your team’s workload and resources more effectively.  With tools like uGovernIT to help you, you can also configure services and project management processes to help your business units see the benefits of workflow automation and project portfolio management. IT Governance helps build trust with your business users, management and leadership by providing transparency in prioritizing and sequencing IT activities.  Analytics, benchmarks, dashboards and reports help you align IT to business needs by providing you a 360 degree view of your department performance.  IT Governance is best implemented by a change agent/CIO  who not only ensures that leadership team sees the benefit of IT Governance, but equally important, ensures that the IT team sees the value of transparency.

Written by Subbu Murthy

January 12, 2015 at 9:59 am