A Cry for Full-Cycle Governance

MIT’s Peter Weill says that “an effective IT governance structure is the single most important predictor of getting value from IT” (from his paper “Don’t Just Lead, Govern: Implementing Effective IT Governance,” coauthored with Richard Woodham). If that’s true, how do we explain the fact that many organizations have not set up governance in a way that promotes value?

That question was recently posed to me by one of my clients. Even though she is responsible for her company’s current governance structure, she sees it for what it really is: nothing more than a well-run project approval process, with ROI calculations, business sponsor testimonials and meetings attended by all the usual suspects. At no time has the governing body revisited an approved project in light of new information (also known as change requests), terminated a project or assessed the company’s track record for value realization. Sound familiar?

Let’s be honest. At many companies, governance should be called “govern-once.” Although there is broad agreement about what governance should be—”the decision rights and accountability framework to encourage the desirable behavior in the use of IT,” as Weill puts it—in reality what passes for governance is often a one-dimensional, checklist-based and attendance-based effort focused solely on project prioritization and approval.

In The Information Paradox, John Thorp writes about full-cycle governance. CIOs must ask themselves four “ares” to reach this ideal state:

1. Are we doing the right things?

2. Are we doing them the right way?

3. Are we getting them done well?

4. Are we getting the benefits?

If you think about these four questions, you can easily see that many companies focus their efforts on the first but never address the other three concerns.

Since most competent IT executives understand what governance should be, it is safe to assume that they have good reasons for not pushing harder for full-cycle governance. In my view, they don’t believe the effort is justified.

Without question, it’s hard work implementing full-cycle governance. Many organizations have immature investment disciplines typified by a “if we build it, the value will come” approach. They will not devote the effort necessary to establish measurement systems that will sustain a focus on projects for years after they have been theoretically implemented. In addition, since the majority of CEOs believes that CIOs should be held accountable for realizing value from IT investments, it takes a lot of rewiring to get the accountability shifted to where it needs to be: the business leaders who own the three P’s of value realization—people, processes and P&L. Finally, a lot of IT types don’t believe that value targeting and monitoring is practical (for example, proponents of the “ROI is dead” position).

What’s more, from a payoff perspective, the link between full-cycle governance and CIO success is hard to see. CIOs understand that as long as they ensure that the right projects are selected and successfully delivered, they will not only survive but thrive. The effort required to achieve full-cycle governance is just too much for most CIOs. As a result, they limit their project management to govern-once. These CIOs believe they can make most any project succeed as long as they have enough business sponsors, subject matter expertise and money.

That belief is wrong. Business sponsorship is a weak substitute for leadership. Many CIOs don’t understand that full-cycle governance is an industrial-strength method of improving the success of IT projects. By driving project success, IT value becomes more than a projection—it becomes reality.

It does so by transforming a business project sponsor into a business project leader. Using a parenting analogy, full-cycle governance forces business leaders to raise the project as one of their own rather than send it to the IT boarding school. This increased accountability motivates business leaders to assign their top talent, establish baseline measurement systems, manage risks and manage project scope, and see changes through. Full-cycle governance induces business leaders to cascade project accountability throughout their organizations rather than leaving accountability to the CIOs.

It’s time for CIOs to reassess full-cycle governance. The govern-once mechanisms in place at most companies are only a first step in realizing value from IT-enabled business investments.