RSS Feed
Saturday, February 13, 2010 | 
A while back, I posted a case study write-up that was instructive (hopefully) in dissuading organizations from aligning their business units with IT based on Business Process alone. Thanks to many discussions and posts and articles on the topic, it occurred to me that perhaps alignment is not what most approaches seek. Rather, one of the interesting sub-threads in many discussions around Business/IT alignment is the presumed need for Business/IT unity. That is an assumption that I haven't seen vetted all that much, and perhaps it’s a slogan that may be Orwellian at best. Dealing with both business and technology departments, our practice lives inside the ever-widening gap of understanding between the two communities - a gap continually widened by specialization. They each have their own business operating models, and they each have their pressures. The mismatch between the business operating models of IT and their business stakeholders (or BOMM for short) can provide clues as to why the relationship between business and IT sometimes comes to resemble a cold war.
Consider this: The business comes to the table with the increased pressures of the business cycle, the ever increasing information velocity, and the ever-more demanding client. The other comes to the table with solutions that seem to only increase in complexity bolstered by ever expanding technology disciplines, vendors, and standards, not to mention the baggage of years of suboptimal decisions coming home to roost. One comes to the table from the top down. The other from the bottom up. They each speak a myriad of different 'englishes'. They generally have an issue agreeing on how to define terms of engagement, or even who should own those terms, something we commonly see bubble up to the surface as data governance challenges.
The trouble is that there is a simple problem statement here, and it applies to both sides: lack of effective governance. Business people speak about the need for IT governance as way for business to control IT. IT people speak of various governance mechanisms as a way to reign in runaway business wants. Organizations should take a page from U.S. Constitution - there's a good reason to have multiple branches with oversight over each other. And what we're really missing is the 3rd branch.
So this is really a challenge to the risk management departments - audit, legal, compliance, program/portfolio management, security, privacy, enterprise architecture, et al. Some of them have a reporting relationship with Boards of Directors already. Some of them have influence on how IT budget gets spent already. And they each have their assessment methods. That is perhaps the crux of the problem: if these groups can't get their assessment methods to leverage each other’s strengths, the entire point is moot. Without an effective 'common criteria' like evaluation of both business and technology investments as a whole, effective governance becomes difficult at best.
AAB
16 hours ago
5 comments:
Nice piece. I think having that third branch - the "risk management" organization as a balancing force is an interesting notion.
The question then becomes, "How will the creative forces of the business and IT work to avoid having to engage this?"
As we have seen, having multiple branches doesn't necessarily mean that much gets done. We see groups attempting to accrete power by grabbing it from a different branch. Choose your political poison here - they all do it>
I'm very much a believer in whole of the enterprise architecture vs mere alignment of IT with business. Your post is a real reality check on the difficulties inherent in this more holistic approach. Thanks!
Very good point re the clash of perspectives on governance.
One suggestion would be that this 'third branch' needs to be not just risk-management but risk/opportunity-management - partly because risk and opportunity are flipsides of each other, and partly also because often IT sees only the opportunity whilst business sees only the risk, or vice versa.
The idea of a third branch to create checks and balances is intriguing. But any metaphors to government gives me the picture of politics, bickering, and stalled initiatives. I believe a better approach lies within the structure of common goals and reward systems. It is difficult, and I think you've done a good job of framing the issue. But there has to be a solution within the space of shared objectives.
First, thanks to everyone who commented on this thread. I'm writing the follow up to this post, highlights below:
Chris -
Absolutely true on engagement avoidance techniques. However, the tribal nature of corporate politics will ensure that if one of the three branches becomes too strong vis-a-vis the other two, they will join forces - enemy of my enemy is my friend. Without a third branch, any system is inherently unstable, since power grabs don't just start when third branch shows up.
John -
Nothing worthwhile is ever easy! I, personally, wouldn't want to solve easy problems, there are plenty of people out there doing that already.
Tom -
Also right on. I'm a big proponent of value-based management, rather than simple activity based costing practices.
Bob -
Is that picture so different from a Fortune 500 organization? I'm in full agreement around common goals and rewards approach - we frame in terms of common capabilities with proper incentives to ensure successful delivery and ongoing management. But someone has control over those rewards and incentives. Should that someone be from business or IT? Or neither?
Thanks again to all for great comments,
Aleks
Post a Comment