By Jacob Lamm
Winter 2007

Just the facts. That’s what CIOs need to manage business demand. That’s the key to changing the nature of the dialogue between CIOs and business executives from a contentious discussion about unmet expectations to a reasonable discussion about trade-offs that can be made to ensure the most business-critical initiatives receive the resources they require. Without facts, there can be no IT governance.

Many CIOs approach IT Governance with a limited perspective. They look at the performance of IT projects—the unit of work that IT thinks about—instead of looking at the performance of IT services, the unit of resources to which the business assigns value. Consider the difference in the following two approaches:

• A CIO tells the general manager of discount retailing that the servers supporting the point-of-sale (POS) application have been up 99 percent of the time and that help desk wait times have been reduced by 25 percent. The CIO also tells the GM to expect to pay $2 million in charge-backs for additional storage and bandwidth.

• A CIO tells the general manager that the current response time delivered to customers using the POS application is six seconds. To cut that response in half, the company would need to invest an additional $2 million.

The second approach reflects IT portfolio management, which the most visionary CIOs are beginning to adopt. IT portfolio management enables CIOs to see the performance of all services offered to the business, understand associated costs and risks, and plan for future requirements. IT portfolio management also enables CIOs to bring the right facts to the table. Namely, facts that business executives can understand and leverage to guide prioritization and trade-off discussions.

Another critical element of IT governance is IT financial management. This provides complete transparency into the costs of IT services. To take advantage of cost-saving opportunities, and to accurately manage to a planned budget, CIOs and their staffs require a holistic view of the cost of supporting services. Consider again our POS service examples. The CIO should have insight into the complete cost, from the infrastructure supporting the service to database platform licensing costs, developers working on projects, and the support staff supporting the application.

CIOs also require cost transparency to realize 100 percent cost recovery. CIOs typically ask business executives to accept being charged for IT services based on staff size and other metrics that reflect neither infrastructure nor service usage. But what if CIOs could present their business counterparts with proof of the percentage of shared services—e-mail storage, for example—being used by each department and then charge accordingly? The nature of the dialogue would change. Perhaps business executives could even be persuaded to take action to rein in their staff’s excessive usage of some resources. Only with complete cost transparency can CIOs effectively govern their IT spend.

Best Compliance
A third aspect of IT governance is ensuring that IT is managed in accordance with best practices and in compliance with regulatory and corporate mandates. Risk and controls governance is an emerging focus for CIOs. They seek efficient ways to ensure that their management processes and systems are compliant with COBIT, HIPAA and Sarbanes-Oxley, as well as with internal mandates.

The three requirements to support IT governance—a portfolio view of IT services, transparency into IT costs, and control of risk and compliance mandates—make up a fact based IT governance process. Armed with the right facts, CIOs can dramatically improve the nature of their engagement with business executives and ensure that the right IT investment decisions are made.

Jacob Lamm is EVP of Products for CA.