>IT Governance and Enterprise Architecture

>I came across an interesting IT Governance Global Status Report 2008 from the IT Governance Institute.

The study and report was conducted by PriceWaterhouseCoopers (PwC) was the third one of its kind—the first two conducted in 2003 and 2005. In this latest study for 2007, interviews were conducted with 749 CIOs and CEOs in 23 countries.

Here are some interesting findings from the study on how enterprises are fairing on IT governance and my thoughts on these:

Championed by—in most cases CIOs champion IT governance (40%), followed by CEOs (25%), and then by CFOs (9%).

Since CIOs are predominantly responsible for IT governance, they need to step up and elevate governance as well as its complementary function, enterprise architecture, and resource it as a priority for effectively managing IT investments.

Business management engagement—68% of respondents said that business management participates (42%), leads (14%), or is fully accountable (12%) for IT governance.

From my experience, often business managers are more engaged in IT governance than IT managers; we need to work with the all the SMEs (IT and business) to understand the importance of IT governance and encourage and engage them for their active participation.

Positive view of IT—“Non-IT people…have a much more positive view of IT” than do IT people. 72% of general management agree strongly on the value creation of IT investment versus only 46% of CIOs.

We need to explore why IT professionals have a more negative view of IT than our customers on the business side of the house have and to reconcile this. Is it just that we are professionally self-critical or that know more about our dirty laundry?

Importance of IT to overall corporate strategy—“93 percent of respondents answered that IT is ‘somewhat’ to ‘very important’ to the strategy.”

IT is important to the business achieving its strategic goals. We need to ensure sufficient time, attention, and resources are allocated to developing an IT strategy and enterprise architecture that aligns to and support the business strategy.

IT governance implementation—Only 52% are ‘in the process of’ (34%) or ‘have already implemented’ (18%) IT governance; however, another 24% are considering implementing.

We need to pick up the pace of IT governance implementation. IT governance is critical establishing and enforcing the IT Strategic Plan and enterprise architecture, to vetting IT investment decisions and sharing risks with project shakeholders, and providing oversight and due diligence to ensure successfully project delivery.

Current IT governance practices—Some of these include: “IT resource requirements are identified based on business priorities” (80%), “boards review IT budgets and plans on a regular basis” (72%), “IT processes are regularly audited for effectiveness and efficiency” (67%), “Central oversight exists of overall IT architecture (IT Architecture Board or Committee)” (63%), “IT project portfolio is managed by business departments supported by the IT department” (59%), “Some form of overall IT Strategy Committee exists” (58%), Standard procedures exists for investment selection (IT Investment Committee)” (55%).

IT governance best practices are well established through frameworks such as COBIT, ITIL, and ISO20K. We need to leverage use of these frameworks to develop our organization’s IT governance solutions and ensure this vital enterprise architecture enforcement mechanism!

>IT Project Failures and Enterprise Architecture

>Based on a number of studies done in the last 10 years (such as The KPMG Canada Study, The Chaos Report and others), it has been established that more than 50% of IT projects fail outright!

Why do IT projects fail? More often than not, it’s because managing IT has become a by the seat of the pants proposition—where things get decided by gut, intuition, politics, and subjective management whim. And we know that is not how to manage IT.

The way to make order out of IT project chaos is through enterprise architecture and IT governance.

EA is how we plan IT, synthesizing business and technology information, and driving business process reengineering, improvement, and the introduction of new technologies.

Governance is how we administer structured, consistent, and collaborative decision making, so managing IT is no longer a black box affair.

Together EA and IT governance provide for sound IT investment decision making, where EA serves as a strategic information asset to guide and influence capital planning and investment control activities of select-control-evaluate to ensure more successful IT project delivery.

Interestingly enough, Federal Times, 4 August 2008, corroborates the true high failure rate of IT projects.

According to the GAO, “Baseline adjustments hide the truth on OMB’s IT projects.”

“OMB considers a project to be over budget and off schedule [i.e. at risk] if it is projected to miss its targets by more than 10 percent.”

The reason though that all the IT projects missing the mark don’t show up on the OMB high-risk list is that “nearly half of the 180 IT projects surveyed by GAO have been rebaselined at least once. Of those, half were rebaselined twice and 11 percent were rebaselined four or more times,” according to David Powner GAO’s director of IT management issues.

What exactly does rebaselining mean?

“Nearly all of the rebaselined projects altered their cost and schedules because of changes in requirements or funding,” according to Karen Evans, OMB’s IT administrator.

So, if your changing the projected IT cost and schedule to match the actual—well then guess what? Naturally, more of your IT projects magically seem to meet their cost and schedule goals, and the true IT project failure rate is obscured.

Note that OMB is only looking at cost and schedule overruns and that doesn’t even take into account missing the mark on IT project in terms of performance parameters—one of the most important aspect of IT projects true success.

Perhaps, if we focus more on truly investing in better enterprise architecture and IT governance, then organizations wouldn’t need to rebaseline their cost and schedule projections to make for faux IT project success.

>IT Project Engineering and Enterprise Architecture


Architecture and Governance Magazine, Volume 4, Issue 1, has an article called “The Secrets of IT Success: Transforming Companies” that identifies three critical architectural elements necessary for successful IT project execution, or as I see it, project initiation.

These critical IT project elements are as follows:

  • Community Analysis—“It must understand the needs of the customers, the supply chain, and the transactions necessary for the day-to-day running of the business…generate understanding on both the business and IT sides of the equation, to capture organizational goals comprehensively, and to enable effective training and buy-in, IT analysts and engineers must identify with and embrace the community to be transformed.”
  • Operations Analysis—“A deep understanding of the operational activities, capabilities, and business processes…Here work activities are identified, captured, and catalogued so that information flows, technologies, roles, and other processes and elements can be accurately mapped. The analytical results from this phase give a clear perspective to move from the business’s needs to the requirements of the new technology that will need to be implemented.
  • Technology Analysis—“technical needs are defined and blueprinted, and their intersections with business rules are specified…A multidimensional analytical view encompassing user workflow, technologies, data, security, business rules, and interfaces can greatly enhance the pure IT view of transformation.”

To me this translates in simple terms to the following:

  • Business needs
  • Functional and technical requirements
  • Technology solutions

While these IT project elements factor into the development of the enterprise architecture, they are more the domain of segment and solutions architecture that work toward business and operational outcomes, rather than strategic-level outcomes.

The article also calls for the use of visual tools to aid in IT project analysis:

  • In all three phases, a key ingredient is supplying a visual tool as part of the universal language that will be used throughout the project to facilitate clear communications between members of the community affected by it. Consistent and unambiguous visual expressions of the operational need and intent immeasurably enhance the likelihood of a successful IT implementation.”

This call for the use of visual tools is similar to and supportive of the use of information visualization in User-centric EA, where information visualization is especially helpful in the high-level, strategic profile views of the architecture as well as in modeling business, data, and systems. In all areas of User-centric EA, the principles of communication and design are critical for developing useful and usable information products and governance services for the end-user.

>IT Governance –Value Creation and Accountability


IT governance is something people tend to have a love/hate relationship with. They love it because they know they need it and will benefit from it; but they hate it because they don’t want to do it and be bound by it.

It sort of reminds me of the old TV show, The Little Rascals, when the mother “makes” her kid take the spoonful of awful tasting castor oil because it was good for him. And what a face the kid would make as that spoon glided into his mouth, and then a big smile would emerge.

DM Review, 8 February 2008, reports that enterprises are “Getting Serious about IT Governance.”

Here’s why IT governance is growing in importance:

  1. Growing IT expenditures—“Worldwide IT spending has grown 5 percent to 8 percent in recent years and will approach $3 trillion for 2007”
  2. IT project troubles—“IT project failures, security breaches, and compliance snafus are still abundant. Gartner estimated that more than $600 billion has been squandered on ill-conceived or poorly executed projects. And according to Standish Group, only 30 percent of projects are considered successful.”
  3. Money won’t solve the problem—“Simply pouring more money into IT won’t necessarily fix a company’s problems or mitigate its risks.”

IT governance is a two-fold endeavor:

  1. Value creation—“IT governance is about balancing the interests of investors and stakeholders by focusing resources on the creation of value…if the mission of IT is to provide systems the business wants, it is equally important to provide systems the business actually needs.”
  2. Accountability—“IT governance is the system by which IT is directed and controlled. It should address the roles and responsibilities of groups and individuals…articulate the rules and procedures for making IT decisions, and provide a structure through which IT objectives are set, attained, and monitored.”

In the Federal IT Investment Management (ITIM) process for Capital Planning and Investment Control, value creation and accountability align well with the phases of Select-Control-Evaluate for IT investments.

  • The Select phase supports value creation. It involves the selection of projects based on a combination of the following factors: alignment with mission/business strategy, highest return on investment, lowest risk, and alignment to and compliance with the enterprise architecture.
  • The Control phase supports accountability. It involves monitoring and managing IT projects for cost, schedule, and performance parameters. Projects that deviate from their targets risk being reorganized, downsized, or entirely phased out.
  • The Evaluate phase supports both value creation and accountability. It is the evaluation of whether IT projects meet their intended performance goals. This provides lessons learned for future IT project selections and for controlling their steady progress, as well as holding accountable the project sponsor and team for their IT project.