Information Technology Governance
Large companies are often complex in themselves, however even with the best of circumstances, influences both internal and external frequently wreak havoc upon the organization itself. Patchwork fixes, quick workarounds and modifications can often leave systems unruly and vulnerable. This more often than not results in unnecessary and cumbersome trials to not only maintain the existing system but also to ensure the add on does not adversely affect the surrounding systems. In addition to this, data is regularly moved from one place to another and consequently may be fractured or corrupted.
In times of volatility such as the recent global financial crisis, companies must put into perspective the necessity of altering their strategies and their long-term goals. Information technology can play a pivotal role in facilitating such changes in the way that the business operates and brings products or services to market. As these companies plan their strategies to weather the difficult period, they should in turn, also consider the possibility of utilising this time for change to amend their information technology infrastructure in a way that can promote innovation and ingenuity targeting new areas for growth.
When being audited, looking solely to the information technology department to cut costs can often
Need essay sample on "Information Technology Governance"? We will write a custom essay sample specifically for you for only $ 13.90/page
Information technology is not mutually exclusive to the core of the business. It should not be considered a separate entity to be controlled and maneuvered by the ‘tech team’. It is a vital component of the business and its operations and as such requires active governance. Just as the dependence on a solid information technology infrastructure increases, so too does the increasing potential for catastrophic failure if not properly managed. Similarly there is evidence to suggest a swelling in the level of investment being injected into the information technology area and as this inflates, accordingly, the potential for financial loss also increases with the threat of a failed investment. Encompassing this, information technology governance practices must be incorporated within the business in order to give effective consideration to both the business targets and the information technology business enabler.
This subsequently demands a degree of privacy, legislation and compliance surrounding the information technology data management and information security processes, which are becoming exponentially more and more complex. The frequency of information technology breakdown continues to increase however it is often found not to be due to flaws with the technology itself, but more often it found to be the lack of due diligence and business regulations surrounding the appropriate accountabilities and answerabilities. increase
Most companies will have information technology architecture implemented, however very few of these companies posses an active control over it. Rather than controlling and guiding the progression of the infrastructure, it is permitted to develop through many bolt-on additions and patches, resulting in tangled webs of systems that often duplicate functionality and are littered with inconsistent data.
To further complicate these matters many information technology systems are built based on short-term improvements rather than being systematically developed with a long term plan as a guide. This is predominantly evident with software application and the subsequent business processes associated to them. Software such as this is usually considered and implemented to suit the needs of a single group or minority within the business. These means there is little to no regard given to the remaining systems and users of whom the new addition may impact. Across an enterprise, the resulting system is often a bulky, detached information technology environment where incompatible hardware and software are coupled together and then merged with other such incompatible pairs propagating further instability as time progresses.
Information technology governance acts as a framework to determine the decision makers within the information technology spectrum and who will inevitably be held accountable for executing them. It allows for both the information technology and the overall business strategies to integrate with each other effectively and efficiently. Throughout the organization, information technology governance functions across a basis of procedures, benchmarks and controllers whilst being observed and quantified to provide accurate feedback to stakeholders.
An information technology governance framework can be implemented utilising a variety of configurations and procedures. When designing information technology governance, it is imperative to consider that it is dependent on a range of factors both internal and external to the business that at times can be quite conflicting. Finding the correct combination of factors to achieve the best result is obviously quite difficult and whilst it may be feasible to look to what others have done before you, it would be prudent to acknowledge that what may have worked for one entity, may not work for another even with substantial similarities between them (Patel, 2003).
What we find within most core management structures is strong fundamental financial governance, which is allowed to progress unencumbered, as the business profit is mostly understood. Most members will have a sufficient level of comprehension to realise the extent any decision will benefit the business. Unfortunately however when these same board members are faced with an information technology related decision, which affects the future of the business, although they care about the outcome, they avoid the topic altogether so as not to be confused by all the technical ‘gobbledygook’. The question then becomes, how does a director effectively and efficiently carry out their duties to lead a business when they struggle to understand both the language and the impact their decisions will have on the future.
Often a by-product of structural changes within an organisation that accumulates over time, complexity can ingrain itself into the everyday tasks undertaken. This process of internal sabotage will often go unnoticed until the complexity itself is so far entangled that to remove it would mean a complete overhaul of the business itself.
Even the simplest of changes such a small colour change on packaging all the way through to an enormous companywide rebranding has an impact that will precipitate throughout the organisation affecting all departments. With every individual change, each department within the organisation must adapt and evolve to not only manage the change the change but to utilise it and prosper from it. This could also lead to a chain reaction in which one small change with a particular department could result in multiple changes across other departments that only exacerbate the complexity.
Unfortunately, this is not the only cause of complexity within an organisation. As stated earlier, most companies will have information technology architecture implemented, however very few of these companies posses an active control over it. Further to this, many information technology systems are built based on short-term improvements rather than being systematically developed using a long-term plan. Even with the best of intentions, often managers do not understand the extent of their request. What may seem a simple request for information to them could lead to a domino effect of reporting and system analysis for multiple people across multiple departments all the while the requestor remains completely oblivious to the level of work involved.
This ambiguity between manager and subordinate can be likened to a game of Chinese whispers. When given direction with minimal context staff will often complete extra unnecessary work creating a further burden not only on themselves but also, on the systems they use and the staff they recruit to assist them. This waste of resources can accumulate and ultimately drag the business to a greater disadvantage than the position they were in prior to the directive being given.
Duplication is the manual repetition of tasks or regurgitation of information in multiple forms especially where the original form was sufficient and the manual tasks could be automated.
One such cause of duplication is the circulation of documents for review and modification, particularly where multiple recipients are included. This form of duplication is then magnified when staff must also abide by document retention standards in order to store and delete company documents. This duplication (and duplication in general) will often lead to increases in complexity where in this case, staff may struggle to coordinate and maintain the most recent edition of the document under review and modifications become difficult to merge. This is not only a waste of time and effort but could lead to potential legal ramifications if misinformation is printed or mishandled.
Just as complexity increases with organisational growth and restructure, duplication can proliferate as organisations expand if the expansion itself is not handled properly. Adding on infrastructure, software and database technology that can handle tasks already handled efficiently by existing infrastructure, will often result in the duplication of stored data, processes and future developments. This can then lead to errors, product development delays, increased running costs, unnecessary red tape and ultimately late to market releases and opportunity losses.
A standardise basis of handling the issues of complexity and duplication in an organisation begin only with the identification and acknowledgement of ineffective, inefficient processes and infrastructure. Without this acknowledgement and identification, any attempt to rectify these issues will often result in extra work but only half the job being completed.
This is where information technology governance frameworks are vital as they determine the roles and responsibilities or the entities involved. Once this have been completed, management are then tasked with communicating clearly to each involved entity their specific roles and responsibilities and ensuring that these are understood by all staff (ITGI, 2005). This responsibility should not fall solely on the CIO but to the entire senior management to ensure that communication is unambiguous, unanimous and consistent with the business prosperity focus (Peterson, 2003).
It is often difficult for staff to identify complexity and duplication within their own organisation as their training and repetition of tasks has been so engrained that the process itself is the only way they have ever known and an alternative is difficult to comprehend. Incentives encouraging staff to find ways of simplifying systems and processes may assist with this however this may not always produce optimal results. Whilst staff can deliberate with others both with higher and lower seniority, as to ways in which they can improve and how changes can be made, this will not often yield the best possible result. It is often the newer, untainted eye of an external party that can more readily offer an objective perspective.
The diversification of technology and expansion of systems often cause greater inefficiencies. A vigilant appraisal of the current systems, their vulnerabilities, short comings and likewise their simultaneous strengths may often reveal out of date, unsupported technology that could possibly be consolidated into standard systems. Whilst providing simpler processes, this will also result in greater support and cost savings through the removal of maintenance expenses of obscure software.
Final endpoints and goals should also be set and adhered to. It is important to keep in mind that although a single change may seem to in theory to improve performance, executing changes singularly over a period of time may often result in existing issues being amplified and in some progressed cases, all new issues arising. Without proper investigation into a change and its affect on surrounding systems, production may be interrupted, unanticipated delays may increase and the business will suffer.
With the correct mindset established, considering existing product lines and their individual performance may show indications of where a particular product or product series is faltering and may suggest an amputation of that product rather than a rescue operation in order to boost performance. Similarly, identifying redundant levels of management and layers of staff that can be consolidated and condensed often enables simplicity. This does not necessarily induce staff redundancies but rather eliminates the distance between staff and CEO promoting better collaboration.
Once the process of expansion or rectification has begun, all senior management should be kept abreast of outcomes regularly with updates of potential risks and their associated benefits to the organisation. Allowing then the opportunity to ask relevant questions with accurate information establishes a safer progression and an understanding by all as to why something has been done and what it will mean to the business as a whole (ITGI, 2003).
Patches and add-ons to systems often demand considerably larger amounts of time and money in order to develop, implement, support and maintain. These resources are primarily taken out of the budget to innovate new ideas and formulate better alternatives to handle the original problem.
By removing these bolt on additions and consolidating systems into standard software, inefficient, ineffective processes and applications are removed as are their costs associated. This also accomplishes an increase in performance and subsequently an increase in satisfaction of the staff using the new process.
This change however cannot be undertaken and implemented by a single person, namely the CIO. Whilst executive support is critical to the successful implementation, it must be a collaboration of not only the management of the organisation but must also take into consideration the input of the staff who will be utilising and experiencing first hand the changes made and its implications.
Through correctly implemented information technology governance, improvements in information technology should become evident and following such improvements, the financial benefits should also become more and more apparent (Weill and Ross, 2004).
It is a key to remember however that just like any other aspect of the organisation, information technology is not a single run, once off process. Just like any other aspect of the business, it must be well maintained and support must be an ongoing process to ensure improvements are easier to implement and inefficiencies are recognised before they become to engrained in the day-to-day processes of the business.
With a clean, clear and concise plan supported by management that is developed dynamically using information technology to promote efficiency, remove ineffectiveness and maintain processes and applications, businesses can reduce unwanted duplication and complexity within the organisation increasing performance and reducing costs.