What does a good IT governance structure look like?

Over the last several months I’ve been asked by many organizations, companies and industry experts about my opinion on what the perfect governance structure looks like.  I have good and bad news for you.

The bad news first.  There’s no single blueprint that can be copied and pasted into your organization.  I believe this expectation is the result of a misconception that industry frameworks, models and best practices can literally be applied directly to an organization and somehow governance magically appears.

Now for the good news.  Governance structures are a key component to any governance system.  Most guidance you see today makes it very clear that the board of directors (or its equivalent in your organization) is THE governing body, and everything below that structure is management.  I couldn’t disagree more.  There are multiple governing bodies in an organization.  The challenge is figuring out where they are, why they exist, what they do, and what value they provide to your organization.

Organizations consist of multiple governing bodies.  These start at the top and work their way down to what I call the street view.  They can include formal chartered bodies or temporary groups charged with a specific focus area for a specified amount of time.  Of course, the board receives and disseminates information through committees, but there are more to a governance structure than just committees that report to the board. Enterprises have a huge collection of committees, boards and groups who are charged with governing something.  The problem I see is that all of these assemblies are governing bodies, but do not behave as governing bodies and do not understand the distinction between governance and management.  Governance sets the rules and boundaries for the scope in which they are chartered to govern.  Management, on the other hand, plans, builds, runs and monitors the processes, practices and activities required to implement the governing bodies’ guidance.

There are many examples of these governing bodies:  executive committees, architecture boards, risk and audit committees, steering (IT, program, project) committees, change advisory boards, the list goes on.  Each of these governing bodies sets the rules and direction for the management charged with implementing their decisions.  Here is where I see the confusion:  I can be a member of one (or several) governing bodies where I participate in determining rules and boundaries.  Outside of that governing body, I am considered management and have to implement and abide by the rules that I just endorsed.  This means that as an executive I am part of multiple governing bodies and in some cases they contradict each other.  Therefore, when I do my “day job” I have to determine which guidance I’m supposed to be following.

Let’s take a recent example.  I worked with a global organization who asked me to assess and provide feedback on their governance structures.  My first goal was to look into their fractured governing bodies. Here’s a snapshot of what I found:

  • 37 global committees, a 31% increase in the last 12 months
  • 81% of these governing bodies had no charters
  • 43% created policies that violated policies from other committees
  • 37% were deemed no longer required by the members
  • 23% were “ad hoc” and have been for over 2 years
  • 19% are no longer addressing the issues they were originally designed to address
  • 51% were considered a “waste of my time” to the members
  • 23% of committee members claimed that they did not follow the rules they endorsed in the committees they sat on
  • Here’s the best part…this organization assessed their governance practices at maturity level 4

Now that you’ve listened to me rant about the issues, let’s get to my suggestions.

Wherever you are in an organization, there is always a governing body (or several) that guide your actions. 

No organization or individual can manage their operations without rules.  What governing bodies guide your decisions?  For example, as a CIO of a very large organization there were essentially two governing bodies that guided my management decisions:  the board of directors and the executive steering committee.  Now, let’s say you are a new project manager in the same organization.  Who are your governing bodies?  The board?  The executive steering committee?  Likely not.  As a new project manager, your governing bodies would likely be along the lines of a project steering committee or review board.

Get an inventory of all your governing bodies and understand their relationships with other governing bodies. 

Look at the statistics above about my recent client.  Committees, boards and decision-making bodies are routinely created that go undocumented, unchecked and ungoverned.  Do your enterprise a favor and identify all  these bodies.  You might find that you have redundancies, misuse of resources, or worse, a waste of valuable resource, time and effort.  I was talking this week with a colleague and mentor of mine on this subject, and he gave me some great advice, “Ideally, board and committee groups, roles and members should be managed in a system in a manner similar to assignment groups in leading service platforms.   Using a common system provides opportunities to inventory groups, relationships, manage charters, meetings agendas and minutes.  And, cascade objectives, decisions and hierarchical escalations when needed.”  -John E. Jasinski  https://www.linkedin.com/in/johnejasinski/

Charter EVERY decision-making body in your organization so its members understand their role in governance. 

The goals for the organizational structures include having proper mandates, well-defined operating principles and application of good practices. The outcome of proper organizational structures should include a number of good activities and decisions.  At a minimum, each of your governing bodies should identify:

  • Name, purpose statement and goals
  • Operating principles—The practical arrangements regarding how the structure will operate, such as frequency of meetings, documentation and housekeeping rules
  • Composition/membership—Structures have members, who are internal or external stakeholders and their roles
  • Span of control—The boundaries of the organizational structure’s decision rights
  • Level of authority/decision rights—The decisions that the structure is authorized to take
  • Delegation of authority—The structure can delegate (a subset of) its decision rights to other structures reporting to it
  • Escalation procedures—The escalation path for a structure describes the required actions in case of problems in making decisions.

 

Periodically assess the value contribution to each governing body. 

Ad hoc committees are OK, but you should be clear on their charters.  There is a lifecycle to a committee and the charter should clearly identify when their value contribution is complete.  An organizational structure has a life cycle.  It is created, exists, is adjusted, and finally can be disbanded when its value is no longer demonstrated.

Assess the maturity level of your organizational structures. 

Don’t get into the antiquated thinking that only processes can be assessed.  Organizational structures are key components of your governance components and can be assessed.  If you don’t buy that, check out my blog on assessing policy frameworks here.  Stay tuned.  I have some examples on how to do this in an upcoming blog.

As always, your thoughts and opinions are welcome.

 

 

 

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *