Showing posts with label EA Review Board. Show all posts
Showing posts with label EA Review Board. Show all posts

October 31, 2008

IT Governance and Enterprise Architecture

I came across an interesting IT Governance Global Status Report 2008 from the IT Governance Institute.

The study and report was conducted by PriceWaterhouseCoopers (PwC) was the third one of its kind—the first two conducted in 2003 and 2005. In this latest study for 2007, interviews were conducted with 749 CIOs and CEOs in 23 countries.

Here are some interesting findings from the study on how enterprises are fairing on IT governance and my thoughts on these:

Championed by—in most cases CIOs champion IT governance (40%), followed by CEOs (25%), and then by CFOs (9%).

Since CIOs are predominantly responsible for IT governance, they need to step up and elevate governance as well as its complementary function, enterprise architecture, and resource it as a priority for effectively managing IT investments.

Business management engagement—68% of respondents said that business management participates (42%), leads (14%), or is fully accountable (12%) for IT governance.

From my experience, often business managers are more engaged in IT governance than IT managers; we need to work with the all the SMEs (IT and business) to understand the importance of IT governance and encourage and engage them for their active participation.

Positive view of IT—“Non-IT people…have a much more positive view of IT” than do IT people. 72% of general management agree strongly on the value creation of IT investment versus only 46% of CIOs.

We need to explore why IT professionals have a more negative view of IT than our customers on the business side of the house have and to reconcile this. Is it just that we are professionally self-critical or that know more about our dirty laundry?

Importance of IT to overall corporate strategy—“93 percent of respondents answered that IT is ‘somewhat’ to ‘very important’ to the strategy.”

IT is important to the business achieving its strategic goals. We need to ensure sufficient time, attention, and resources are allocated to developing an IT strategy and enterprise architecture that aligns to and support the business strategy.

IT governance implementation—Only 52% are ‘in the process of’ (34%) or ‘have already implemented’ (18%) IT governance; however, another 24% are considering implementing.

We need to pick up the pace of IT governance implementation. IT governance is critical establishing and enforcing the IT Strategic Plan and enterprise architecture, to vetting IT investment decisions and sharing risks with project shakeholders, and providing oversight and due diligence to ensure successfully project delivery.

Current IT governance practices—Some of these include: “IT resource requirements are identified based on business priorities” (80%), “boards review IT budgets and plans on a regular basis” (72%), “IT processes are regularly audited for effectiveness and efficiency” (67%), “Central oversight exists of overall IT architecture (IT Architecture Board or Committee)” (63%), “IT project portfolio is managed by business departments supported by the IT department” (59%), “Some form of overall IT Strategy Committee exists” (58%), Standard procedures exists for investment selection (IT Investment Committee)” (55%).

IT governance best practices are well established through frameworks such as COBIT, ITIL, and ISO20K. We need to leverage use of these frameworks to develop our organization’s IT governance solutions and ensure this vital enterprise architecture enforcement mechanism!


Share/Save/Bookmark

October 3, 2008

Enterprise Architecture Fit

Enterprise architecture helps organizations to ensure strategic business alignment and technical compliance of their systems.

Architecture and Governance Magazine, Volume 4, Issue 3, has an interesting article on “Business Fit vs. Technical Fit” by Larry DeBoever, in which he proposes a mapping of systems to demonstrate their EA fit.

Systems are mapped on a 2x2 grid that has business fit on the y axis and technology fit on the x axis.

The resulting quadrants provide a visualization of how systems map in terms of business alignment and technical compliance. Here is my view on these:

  • Lower left—low business and low technology fit. These are systems that are duds; theydo not meet business requirements or technology standards and should be sunset.
  • Upper left—high business and low technology fit. These are systems that are silos; they meet business needs, but don’t provide technical alignment in terms of interoperability, standardization, component reuse or alignment to the target architecture and transition plan. These systems need a technology waiver or should be retrofitted to comply with the enterprise architecture.
  • Lower right—low business and high technology fit. These are systems that are “toys”. They do not meet the requirements of the business, although they align nicely with the technology standards of the organization. Unless these systems can demonstrate business value, they should be decommissioned.
  • Upper right—high business and high technology fit. These are systems are optimal; they are in the EA sweet spot in that they meet business requirements and technology compliance parameters. These systems are sound IT investments for the organization.

This quadrant view of EA fit for systems is a wonderful tool for planning and also for conducting EA board reviews of proposed new systems or changes to existing systems.

For systems that do have business and/or technology alignment, Larry DeBoever calls for ongoing reviews and enhancements, due to “the problem of regression.” Since business needs and technology standards and plans are constantly evolving, our systems will be under constant pressure being forced to lower levels of business and technology alignment. Therefore, system development, enhancements and modernization is an imperative to remain competitive and on mission.


Share/Save/Bookmark

February 1, 2008

Governance and Enterprise Architecture

Enterprise architecture is critical to effective IT governance. EA establishes the baseline and target architectures and the transition plan and enforces these through the EA Board, who conducts technical reviews of proposed new IT projects, products, and standards. EA guides the organization to performance results, business-technology alignment, information sharing and accessibility, systems interoperability and component reuse, technology standardization and simplification, and security, including confidentiality, integrity, availability, and privacy. In short, EA ensures information transparency of business and technology to enhance organizational decision-making.

But what happens when organizational governance, whether EA governance or corporate boards, that is supposed to ensure transparency, does not?

The Wall Street Journal, 14 January 2008, reports “Why CEOs Need to Be Honest with Their Boards.”

“People who have spent time in corporate boardrooms say honest communication is often lacking between CEOs and their fellow directors. ‘Communication and transparency being a problem is more the rule rather than the exception.’”

Sometimes this makes headlines, such as when CEOs conduct activities without informing or getting permission from their directors, such as:

  1. Backdating stock options
  2. Holding merger and acquisition talks
  3. Trying to solve problems independently that need to be vetted

“‘Many times it’s the thing not said, or overly optimistic positioning that gets CEOs in trouble’…as leaders, they want to take charge and inspire confidence, even when things are turning sour. But that instinct can lead them to be less than forthcoming about problems—which can snowball into severe tensions with directors.”

CEOs who do not keep their board up-to-date do so at their own peril—“In 2006, 31.9% of CEOs who stepped down world-wide did so due to conflicts with the board…the forced departures were ‘nearly always because of transparency issues...[this leads to a] slow deterioration of trust, so the termination is generally packaged as a ‘loss of confidence.’”

Things have definitely changed in the relationship between boards and CEOs─ “‘There used to be a bright, clear line: We, the management made the decision and they, the board, reviewed and approved those decisions”…that bright, clear line has gotten really fuzzy now.”

Why does the CEO resist this transparency with the board?

“It’s the CEO’s job to ‘put a good face on things to mobilize and drive the changes that any company needs going forward…this requires inspiring people and giving them confidence that if you only make this last push you will get there.” CEO’s don’t want to admit that things are not progressing as expected. They don’t want to concede that they don’t have all the answers.

What’s the lesson here for User-centric EA?

We can’t think that we have all the answers. Collaboration, vetting, and information transparency is critical to enabling better decision-making. Whether information transparency is coming from EA to business and technical information stakeholders or from the CEO to his board of directors, information transparency inspires trust and “breeds self-correcting behavior” (as the U.S. Coast Guard Commandant often reminds us). Hiding problems, being overly optimistic or self-reliant, or working in stealth are not the cornerstones for good enterprise governance. Rather, openness and frankness about program, projects, products, and plans (EA or otherwise) enables good governance. Hearing opposing points of views leads to better decision-making. Even if it is sometimes painful to hear or slows down the process some; a little enterprise introspection goes a long way to improving the end result.


Share/Save/Bookmark

November 30, 2007

IT Investment Reviews and Enterprise Architecture

To manage IT, you’ve got to have investment reviews, but when is it too much or not effective?

There are a number of executives (CXO’s) with a stake in the success of IT projects and a responsibility to review and manage them:

  1. Chief Financial Officer (CFO)— is interested in the investment’s alignment to the mission and its return on investment
  2. Chief Information Officer (CIO)—looks at IT projects in terms of technical alignment and compliance with the enterprise architecture, systems development life cycle, IT security, and other areas like privacy, accessibility, records management, and so on
  3. Chief Procurement Officer (CPO)—reviews projects for contractual issues to protect the organization and ensure that “it gets what it’s paying for”
  4. Line of Business (LOB) Program Officials—must review projects in terms of their project management and to control cost, schedule, and performance and ensure that the organization “controls” its investments

Usually, each of these executives has boards to carry out these review functions, and they are redundant, inefficient and drive the end-user crazy answering questions and checklists.

Part of the problem is that the executives and their review boards do not limit themselves to reviewing just their particular domains, but look across the management areas. So for example, EA often not only looks at technical alignment, but also will review business alignment and performance measures.

Moreover, not only are the review boards’ functionality often redundant between CXO’s, but even within the domain of a CXO, there will be duplicative review efforts such as between EA, SDLC, and IT security reviews.

Additionally, when an organizational component of an organization needs to conduct these reviews at their level and then again all the same reviews at a higher overall organization level, then the already inefficient review process is now doubly so.

In the end, with all the requisite reviews, innovation gets stifled, projects hamstrung, and the end-user frustrated and looking to circumvent the whole darn thing.

Obviously, you must review and establish checks and balances on IT investments, especially with the historical trends of people spending extravagantly and wastefully on IT solutions that were non-standard, not secure, not interoperable, did not meet user requirements, were over-budget, and behind schedule.

The key from a User-centric EA perspective is to balance the needs for governance, oversight, and compliance with helping and servicing the end-user, so they can meet mission needs, develop innovative solutions, and manage with limited resources. Asking users the same or similar checklist questions is not only annoying, but a waste of valuable resources, and a great way to spark an end-user revolt!

Remember it’s a fine line between EA and governance showing value to the organization and becoming a nuisance and a hindrance to progress.


Share/Save/Bookmark