The phrase “necessary evil” may not be the savviest way of describing it, but keeping a handle on IT governance will likely remain a key priority for CIOs in 2006.
That was clear from the discussions at a recent Canadian CIO roundtable in Toronto partly sponsored by Canadian Information Processing Society (CIPS), a professional association for Information Technology (IT) practitioners in Canada headquartered in Mississauga, Ont.
Bob Adams, vice-president of RIS, a Toronto-based applications support and maintenance firm (and primary host of the CIO Roundtable event) said that IT governance is still top of mind, particularly in publicly traded companies these days.
“The reality is the conversation about governance is not new…but the reality is now it is everybody who is a part of the discussion. It’s at the CIO level, the board level…it also involves vendors and sometimes even customers. Collectively, we all need to get it right,” Adams said. “I hesitate to use the term ‘necessary evil’…a lot of this actually makes good business sense.”
At the roundtable, participating CIOs discussed the importance of balancing IT or corporate governance with business objectives. And – related to that goal – they emphasized the need for transparency and accountability in IT and financial reporting.
At least three current models of IT governance were identified: a centralized, shared services model; a decentralized model, where responsibilities are delegated to business units; and a hybrid of the two.
In a post-Enron world, enterprises are already aware of the challenges of weighing IT innovation with regulatory and legislative constraints. But, compared with the rest of the world, Canada is doing quite well when it comes to corporate governance, said David Brown, executive director of Brown Governance, an Ottawa-based advisory firm and also co-host of the event.
Brown said Canadian companies have done a particularly good job of integrating U.S.-style rules-based governance (including the Sarbanes-Oxley Act). At the same time, he said, Canada still maintains a British style principles-based system of governance, which allows us some flexibility around corporate governance. "More and more it’s accepted as the reality of doing business today. But there’s still a sizable minority that thinks this is going to go away and is an [unnecessary] exercise in compliance."
But on the whole, Canadian companies have grasped the reality that this is not an optional undertaking – it’s a mandatory thing, said Brian Chan, CIO for Toronto-based human resource solutions provider Morneau Sobeco.
"I think the whole governance environment – IT included – is getting better and there is more attention given to it. And people no longer treat it as a bureaucracy as opposed to a good business practice," Chan said.