A cry for full-cycle governance

MIT’s Peter Weill says that “an effective IT governance structure is the single most important predictor of getting value from IT,” (from his paper “Don’t Just Lead, Govern: Implementing Effective IT Governance,” coauthored with Richard Woodham). If that’s true, how do we explain the fact that many organizations have not set up governance in a way that promotes value?

This question was recently posed to me by one of my clients. Even though she is responsible for her company’s current governance structure, she sees it for what it really is: nothing more than a well-run project approval process, with ROI calculations, business sponsor testimonials and meetings attended by all the usual suspects. At no time has the governing body revisited an approved project in light of new information (also known as change requests), terminated a project or assessed the company’s track record of value realization. Sound familiar?

Let’s be honest. At many companies, governance should be called “govern-once.” Although there is broad agreement about what governance should be–“the decision rights and accountability framework to encourage the desirable behavior in the use of IT,” as Weill puts it–in reality what passes for governance is often a one-dimensional, checklist-and attendance-based effort focused solely on project prioritization and approval.

In “The Information Paradox,” John Thorp writes about full-cycle governance. CIOs must ask themselves four “ares” to reach this ideal state:

1. Are we doing the right things?

2. Are we doing them the right way?

3. Are we getting them done well?

4. Are we getting the benefits?

If you think about these four questions, it’s easy to see that many companies focus their efforts on the first, but never address the other three concerns.

Since most competent IT executives understand what governance should be, it is safe to assume that they have good reasons for not pushing harder for full-cycle governance. In my view, they don’t believe the effort is justified.

Without question, it’s hard work to implement full-cycle governance. Many organizations have immature investment disciplines typified by a “if we build it, the value will come” approach. They will not devote the effort necessary to establish measurement systems that will sustain a focus on projects for years after they have been theoretically implemented. In addition, since the majority of CEOs believe that CIOs should be held accountable for realizing value from IT investments, it takes a lot of rewiring to get the accountability shifted to where it needs to be: the business leaders who own the three Ps of value realization–people, processes and P&L. Finally, a lot of IT types don’t believe that value targeting and monitoring is practical (for example, proponents of the “ROI is dead” position). They don’t want to promote a direction that seems largely theoretical.

What’s more, from a payoff perspective, the link between full-cycle governance and CIO success is hard to see. CIOs understand that as long as they ensure that the right projects are selected and successfully delivered, they will not only survive but thrive. The effort required to achieve full-cycle governance is just too much for most CIOs. As a result, they limit their project management to “govern-once.” These CIOs believe they can make most any project succeed as long as they have enough business sponsors, subject matter expertise and money.

This belief is wrong. Business sponsorship is a weak substitute for leadership. Many CIOs don’t understand that full-cycle governance is an industrial-strength solution to the eternal problem of getting the most value out of IT projects.

Full-cycle governance significantly improves project success because it transforms a business project sponsor into a business project leader. Using a parenting analogy, full-cycle governance forces business leaders to raise the project as one of their own rather than send it to the IT boarding school. The promises made by business leaders on value, cost and time frames are monitored and affect future decisions about who should receive IT capital, and who should not. This increased accountability motivates business leaders to assign their top talent, establish baseline measurement systems, manage risks, manage project scope and see changes through. Full-cycle governance induces business leaders to cascade project accountability throughout their organization rather than leaving accountability to the CIO.

It’s time for CIOs to reassess full-cycle governance. It can be made practical by extending the definition of project value beyond financial metrics to encompass operational metrics. Put your CEO and CFO on notice that project value is not solely the purview of the CIO. The “govern-once” mechanisms in place at most companies are only a first step–a necessary but not sufficient first step–in realizing value from IT-enabled business investments.