< ? php //If there is analytic campaign data, attempt to get the campaign_guid from that cookie if ( 1 === preg_match( '/pk10mkto-([0-9]+)/', $_COOKIE[ '__utmz' ], $match ) ) { $campaign_guid = $match[ 1 ]; } ?>

What CIOs Need to Know About Governance


Midmarket companies grow to a point where governance becomes important in order to reach next levels of growth and competitive advantage, as well as to drive compliance initiatives. Governance is not just for large companies, and it need not be complex or burdensome. Also, it’s a well-established fact that governance yields significant financial advantages for companies that perform it well.

Practicing governance can help midmarket companies strategically apply limited resources more effectively; focus their companies on mutually agreed upon goals, values, and investment-making criteria; improve organizational measurement and transparency; and accelerate business value creation.

What is governance? Gartner is very clear on the matter:

Governance is the decision framework and process by which enterprises make investment decisions and drive business value. Period. ”(1)

Note that there is no mention of IT in the definition above.  In our experience the most effective IT governance exists only as an extension of corporate governance.

“Management” is not mentioned either. While management and governance often are used interchangeably – with governance being fashionably used in place of management – they are not synonymous. There is a strategic element to both. However governance establishes overarching goals, principles and context that channel investment decision-making and, using that as a touchstone, management creates and drives business value according to an organizationally shared framework.

Governance is the province of executive and board leadership. Company leadership must define the strategic direction and the capabilities necessary to win in the marketplace. Decisions about every investment, not just IT, flow from that. IT investments will create business value because they will be driven by business strategy, and measured for effectiveness. Unlike governance, management is materially carrying out that strategy.

So, then, what is IT governance? Again we turn to Gartner for what turns out to be a multi-faceted definition:


“IT governance (ITG) is the processes that ensure the effective and efficient use of IT in enabling an organization to achieve its goals. IT demand governance (ITDG—what IT should work on) is the process by which organizations ensure the effective evaluation, selection, prioritization, and funding of competing IT investments; oversee their implementation; and extract (measurable) business benefits. ITDG is a business investment decision-making and oversight process, and it is a business management responsibility. IT supply-side governance (ITSG—how IT should do what it does) is concerned with ensuring that the IT organization operates in an effective, efficient and compliant fashion, and it is primarily a CIO responsibility.”(2)

Peak 10 believes that IT governance is about creating value for stakeholders based on the direction given by those who govern … what is to be achieved by leveraging IT resources. IT management (supply-side governance) is about the “how” of planning, organizing, directing and controlling the use of IT resources.

While the CIO may or may not be part of the executive leadership team that defines corporate governance, she/he will certainly be charged with thoroughly understanding it and creating the IT subset in its image.

IT Governance Rules of the Road

Governance aside, the expectations of company leadership for IT to create business value and drive success are palpable. Roles and responsibilities are changing rapidly as IT is called upon to directly interact with all aspects and functions of the organization. In this regard, governance can bring clarity to the task at hand, giving CIOs frames of reference and measurement shared and understood by all, as well as a basis for resolving conflict and negotiating choices.

Being driven by the upper echelons of the company, IT governance initiatives will have strong support initially. It is important that this support is sustained, and that IT governance remains a critical component of the strategic vision of senior managers. IT governance arrangements have substantially better chances for success with this continuous support as evidence by regular follow-up, the availability of resources and C-level endorsement for good IT governance practices during conflict situations.

Introducing or improving IT governance practices requires a well-defined plan. Success can only be achieved if focus is maintained and agreed practices are executed as planned. For example, if standardization of technology is presented as cornerstone of IT governance then it is important to stick to this measure against any resistance. There also may be legitimate cases to be made for non-standard initiatives. This will require a strict, structured and documented exception-management process for stakeholders, such as line of business (Lob) or project managers, to use for stating their case and making requests for exceptions.

Introducing stronger IT governance practices may elicit grumblings to outright resistance. While not a fix-all, a commitment to frequent and substantive communications will go a long way to heading off dissatisfaction or, at the very least, help naysayers understand the business case for what’s happening. Communication has been a key factor in the degrees of success realized by IT governance initiatives.

Introducing or improving IT governance arrangements takes time. Quite often cultural changes or significant changes in procedures (less discretionary power, more centralization, for example) must be introduced. Plan carefully and allow adequate time for the implementation of such measures, as well as allowing sufficient time for the organization to absorb the changes. Start small and set achievable goals that will demonstrate progress. Again, frequent and consistent communications will help. As will clearly stating what the expected benefits are, how they will be measured and following through.

Keep it simple. Avoid over-engineering, complicated processes, report overkill. Not only can an overly demanding solution create more resistance, ultimately be circumvented and consequently less effective. It can also stifle creativity, hobble agility and undermine innovation.

Finally, companies with the best governance constantly assess whether projects are realizing their business case.  Once a project is completed, revisit the business case. Did you spend what you said you would spend? Did you achieve the cycle-time reductions you forecasted? Did you cut the heads you thought you’d cut?  You’re missing the point of IT governance if you bypass the postmortem and fail to report the results.

It’s easy to conclude that effective governance is complex and overly time consuming. It doesn’t have to be, especially for midmarket firms. There are many resources and a great deal of guidance as to how to initiate governance programs sized properly to your company and fitted to its management structure. Being smaller with a flatter organizational structure can work to your favor.

It’s all about knowing where you are going and why, and then marshalling all the resources at your disposal to get you there with fewer missteps, less confusion and ahead of your competitors.

(1)     “Governance Best Practices for Midmarket IT Leaders,” Gartner, Inc., 16 May 2014

(2)     IT Glossary, Gartner, Inc.

Fine tune your content search

About Peak 10

"Our values are the foundation for everything we do at Peak 10, and are ultimately what enable us to earn our customers' business and their trust."
David H. Jones,
Board Member, Peak 10 + ViaWest