Models for Global IT Governance

When CIOs think about the global expansion of their enterprises, the G-word quickly comes to mind: governance. Their fear is that without carefully constructed governance, decision making, oversight and even simple visibility into the IT organization will quickly become muddled. When CIO Executive Council members last year created the Globalization Playbook, governance was a significant section. (Managing global teams was another aspect of the playbook; go here for an excerpt.)

Central Versus Local Versus Distributed

The fundamental consideration in global governance is the control model. Should IT authority reside centrally, locally or incombination? There’s no perfect model; one that works at one stage in a company’s lifecycle may be a poor fit in another. However, most of the CIOs interviewed for the Council’s playbook use a centralized model. That means the corporate CIO and the senior leadership team are responsible for decisions such as IT strategy, project prioritization, system selection and application development methodologies.

Danger Signals

How do you know when you don’t have enough governance?

• You see costs rise due to duplication of effort.
• The time and money required to maintain any particular local system exceed what it would cost to maintain a global one.
• You discover “surprise” systems running in remote locations.
• Local business units are not following governance processes or guidelines when initiating projects.
• Your local business partners grow dissatisfied and stay dissatisfied.
• You have consistent difficulty hiring top talent in remote locations.
• High employee turnover or low morale exits in the remote locations.
• Staff complain that they can’t get things done or that they feel caught up in bureaucracy and constantly changing priorities.

-R.P.

When significant local control is granted, the model becomes a hybrid in which enterprise standards and global systems are controlled centrally, but local IT management is responsible for selecting and managing some systems. A distributed model places nearly all authority at the local level, perhaps with some financial support systems or e-mail provided by headquarters. Purely local, decentralized control was the least-used governance model among the Council sources, although it gains traction as companies grow into diverse regions.

How to Choose

One simple way to think about your governance model is “centralize for efficiency, decentralize for effectiveness,” says Michael Pilkington, former CIO of Brussels-based Euroclear. When considering a governance model, it’s important to understand the operating mode of the business you’re supporting. For example, does the company care about alignment across regions? At Motorola, alignment is critical, says Cathie Kozik, corporate vice president of supply chain IT. Given that, Motorola has gravitated toward centralized IT governance.

Focusing on IT processes can also point to the optimal governance model. Which processes are truly core to your business? Could they be controlled centrally? Could they be executed according to local needs? For Claudio Abreu, CIO of corporate and business services for Bayer North America, strategy and core processes must the same globally. However, the strategy should always be executed in a way that makes sense for the location—a trademark of the hybrid model.

The enterprise’s decision-making culture must also be figured into your thinking. Where does thought leadership come from? Local autonomy may be a good fit for a culture that welcomes input from outside HQ.

Universal Best Practices

While there are best practices and pitfalls associated with each model, there are must-dos that apply to all.

Involve senior leadership. Senior leadership from all your regions should be part of governance-model decision making, advises Bayer’s Abreu. That will encourage better acceptance of the final model.

Be flexible. Organizations often doom their model by going to extremes, says Abreu. Push too much customization and costs skyrocket. Or, force a standard or practice without taking the local market or culture into consideration and you get backlash.

How to Structure Reporting Relationships

Q: We’re moving from a hybrid to a more centralized global governance model. How would you adjust IT staff reporting structures?

A: At ON Semiconductor, local IT managers have a hard reporting line to corporate IT managers at our world headquarters in Phoenix, and a dotted line to their local business/functional manager. This structure is the reverse of what was in place in 2000, when it became evident that the local hard-line reporting structure was enabling the “reprioritization” of corporate-mandated projects in local units, leading to missed deadlines. Once we realized this, we knew it was necessary to change the reporting structure to reflect more centralized authority.

-David Wagner, CIO, ON Semiconductor

Maintain visibility. Within FedEx’s IT organization, Beth Galetti, CIO and VP of IT for Europe, the Middle East and Africa, holds quarterly best-practice forums in each region for each IT function. Galetti also relies on boards made up of business function heads from each region to gain visibility into major projects. The boards examine all IT projects that require more than 40 hours of development work.

Leverage tools for communication and collaboration. Simple applications such as time reporting and project tracking can provide insights into local IT resources. Communication and collaboration tools are also helpful when staff are spread across many time zones and continents. ON Semiconductor adopted NetMeeting and SharePoint to enable its IT staff of 325 to keep initiatives moving globally.

Technology can facilitate collaboration, but not without defining collaboration processes first, warns Hess CIO Pete Walton. “Rolling out collaborative technologies in a company culture that doesn’t know how to collaborate is a recipe for CIO failure,” he says. To achieve a better understanding of collaboration and how it best can be implemented within Hess’ centralized environment, Walton created a collaboration technologies group that is involved in all meetings held on global business unit collaboration and can serve as a resource for how to make collaboration work.

Don’t be afraid to change. Few companies choose a model that works perfectly and works all the time. (See “Danger Signals” sidebar.) Several companies that grew up with local IT control, such as FedEx and Procter & Gamble, have moved toward either a more hybrid or a more centralized model, having decided that local control was providing diminishing returns.

Richard Pastore is Managing Director of Content Development for the CIO Executive Council.