IT Service Catalog - The Central Component Of IT GovernanceBy Boris Pevzner IT Governance is now widely recognized as a critical success factor for managing today's complex enterprise IT environments.
IT Governance is now widely recognized as a critical success factor for managing today's complex enterprise IT environments. It has become one of the most popular buzzwords among IT executives and company boards alike. But, like many buzzwords, this one is far easier to recite than it is to understand, let alone apply.
The most commonly encountered types of uncoordinated silos are "project governance," "outsourcing governance," "architecture governance," "data security and access governance," and "governance around change." In most cases, these governance silos are created as a reactive mechanism to address a particular need, for example, architecture problems or overspending or duplication. Adding to the confusion, a variety of point-solution product offerings addressing each of these silos are marketed by the vendors under the general "IT Governance" umbrella.
Complicating the picture even further is that there is no single IT Governance standard. Rather, the topic of IT Governance falls at the intersection of three popular frameworks, which are contemporary buzzwords extraordinaire in their own right: ITIL (from the IT delivery and support point of view), CobiT (from the financial auditing and control point of view), and SOX (from the US regulatory compliance point of view).
IT governance is the responsibility of the board of directors and executive management. It is an integral part of enterprise governance and consists of the leadership and organizational structures and processes that ensure that the organization's IT sustains and extends the organization's strategies and objectives.
- Business-IT Strategic Alignment, with a focus on aligning with the business and collaborative solutions.
- Value Delivery, concentrating on optimizing expenses and proving the value of IT.
- Risk Management, addressing the safeguarding of IT assets, disaster recovery and continuity of operations, and risks associated with regulatory compliance.
- Resource Management, optimizing knowledge and IT infrastructure.
- Performance Measurement, tracking project delivery and monitoring IT services, which provides feedback to the governing body and enables decision making, objective setting, and policy adjustment.
Every successful IT Governance framework intended to address these five areas needs to include an organizational component and a technology component.
The organizational aspects are neatly summarized by Peter Weill and Jeanne Ross in their the IT Governance book (published by HBS) as "Ten Principles of IT Governance": involve senior managers, ensure clear exception-handling, provide the right incentives, assign ownership and accountability, provide transparency and education, etc.
At the technology level, the key question is: How to identify the concepts that need to be defined to enable effective IT Governance, and how to implement the processes and tools that make these concepts actionable? The answer is guided by the old "DMMI" maxim "