Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
June 17, 11:30 AM - 12:30 PM U.S./ET (GMT-4)
Larry Bonfante, CIO of the U.S. Tennis Association, will discuss the skills and approaches that your rising IT leaders must learn to be effective in an executive capacity.
How to Handle Your New CEO: Managing Turnover at the Top
June 18, 11:00 AM - 12:00 PM U.S./Eastern (GMT-4)
Turbulent times have increased turnover at the top. Find out what Council CIOs have done to "break in" new CEOs—build relationships, set expectations, educate on the role of IT.
Mid-Market CIO Panel: Tips and Techniques for Improving Vendor Relationships
July 15, 4:00 PM - 5:00 PM U.S./Eastern (GMT-4)
We'll highlight relationship priorities and best practices identified in a Council study, and we'll interact with a CIO panel on the approaches they've used to improve strategic vendor partnerships.
Executive Competencies Assessment Tool
Assess Your Business Leadership Skills with the Council's new benchmarking tool. Rate yourself in change leadership, strategy, customer focus and more.
Learn more about the CIO Executive Council »Apply today for a FREE subscription to CIO Magazine!
August 01, 2003 — CIO —
MIT’s Peter Weill says that "an effective IT governance structure is the single most important predictor of getting value from IT" (from his paper "Don’t Just Lead, Govern: Implementing Effective IT Governance," coauthored with Richard Woodham). If that’s true, how do we explain the fact that many organizations have not set up governance in a way that promotes value?
That question was recently posed to me by one of my clients. Even though she is responsible for her company’s current governance structure, she sees it for what it really is: nothing more than a well-run project approval process, with ROI calculations, business sponsor testimonials and meetings attended by all the usual suspects. At no time has the governing body revisited an approved project in light of new information (also known as change requests), terminated a project or assessed the company’s track record for value realization. Sound familiar?
Let’s be honest. At many companies, governance should be called "govern-once." Although there is broad agreement about what governance should be—"the decision rights and accountability framework to encourage the desirable behavior in the use of IT," as Weill puts it—in reality what passes for governance is often a one-dimensional, checklist-based and attendance-based effort focused solely on project prioritization and approval.
In The Information Paradox, John Thorp writes about full-cycle governance. CIOs must ask themselves four "ares" to reach this ideal state:
1. Are we doing the right things?
2. Are we doing them the right way?
3. Are we getting them done well?
4. Are we getting the benefits?
If you think about these four questions, you can easily see that many companies focus their efforts on the first but never address the other three concerns.
Since most competent IT executives understand what governance should be, it is safe to assume that they have good reasons for not pushing harder for full-cycle governance. In my view, they don’t believe the effort is justified.
Without question, it’s hard work implementing full-cycle governance. Many organizations have immature investment disciplines typified by a "if we build it, the value will come" approach. They will not devote the effort necessary to establish measurement systems that will sustain a focus on projects for years after they have been theoretically implemented. In addition, since the majority of CEOs believes that CIOs should be held accountable for realizing value from IT investments, it takes a lot of rewiring to get the accountability shifted to where it needs to be: the business leaders who own the three P’s of value realization—people, processes and P&L. Finally, a lot of IT types don’t believe that value targeting and monitoring is practical (for example, proponents of the "ROI is dead" position).