Self-assessment
Results – The Borland BriefingsSelf-assessment
Results – The Borland BriefingsDuring March & May 2006, Borland held a series of market briefings throughout Australia and New Zealand, at which Infonomics Principal Mark Toomey discussed the intent of the Australian Standard for Corporate Governance of ICT (AS8015).
During the session, Mark asked participants to briefly assess the IT Governance performance of their own organisations, using 12 high level indicators of good governance performance. The indicators reflect behaviour and performance. The test assertions are:
G1 Governance system: You have a system for governance of ICT.
G2 Management compliance: Everybody understands and complies.
G3 Effective protection: It protects you from ICT failures in operations and projects.
G4 Inform & engage: It keeps management and directors properly informed of ICT status.
G5 Dependence understood: Ongoing business dependence on ICT is well understood.
G6 Continuity & sustainability: ICT adequately protects business continuity and sustainability.
G7 Business alignment: ICT capability matches business needs and forward plans.
G8 Resource allocation: ICT resource allocation matches the needs of the organisation.
G9 Business innovation: Use of ICT balances business innovation against risk.
G10 Investment value: ICT investments deliver results as per a formal business case.
G11 Deployment capability: Demonstrated capability to deploy ICT initiatives matches aspiration.
G12 Acceptable risk: The business risk of serious ICT failure is understood and managed.
The indicators were ranked on a simple scale that translates into colours on the charts:
4 - n “Absolutely!” (Very well). 3 - n “Yes…” (Reasonably well) 2 - n “Sort of” (A little)
1 - n “No” (Definitely not) 0 - n “huh?” (The organisation generally does not understand this concept)
The 23 completed responses give some insight into IT Governance effectiveness in a number of diverse organisations. Organisations providing input included local government (LG), state government department (Gov), telecommunications providers, transport/services companies and consulting/IT Services companies. Three responses identified their industry but not their company.
History shows that many IT initiatives are technically
successful, but fail to deliver business outcomes. Recent research by
world-renowned Australian Academic Peter Weill confirms a link between the
extent of management awareness of and compliance with the organisation’s system
of IT Governance, the organisation’s success with the use of ICT, and bottom
line business performance. 
The “thematic map” above ranks performance from best (left) to worst (right). Its design provides a quasi 3 dimensional profile where lower scores appear as red and orange peaks and ridges, while higher scores appear as yellow and green valleys. Most attendees at these sessions agreed that they had a system of IT governance (G1) and scored it on average as a 2 - see green ellipse.
Similarly and (consistent with Weill’s research), they ranked management compliance (G2) as being low (average 1.3) - see blue ellipse. Resource allocation (G8) received the next lowest score at average 1.5 – see red ellipse.
The next group – see pink ellipses - by average scores each also less than 2, for assertions G4, G7, G9, G10 and G11 are consistent with organisations in which IT governance is typically poor and also with the findings in KPMG’s biennial Global IT Project Management Survey, released in September 2005, which highlights a lack of confidence in business innovation and whether IT investments always deliver value.
It might be thought that because smaller organisations have fewer managers who could generally be presumed to be across most of what’s happening and that formal and informal links would ensure that IT governance should be successful. However smaller organisations often experience limitations in areas other than day to day operations. Note the weak scores around Dependence understood (G5) deployment (G11) and particularly Management Compliance (G2)and Resource allocation (G8), for small and medium organisations.
A quick scan across the chart will show that they are not alone.
Diverse scores across the rest of the assertions as shown on the thermal chart, indicate that organisation size probably has little to do with IT Governance performance. Most organisations appear to have uneven performance – good in some areas, not so good in others. What does appear to be consistent is that the areas we highlighted to demonstrate problems for smaller organisations are similarly consistent across all groups. Not surprisingly, based on our experience to date, there are consistently low (poor) scores across most groups for; Management compliance with IT Governance (G2), keeping management and directors properly informed of ICT status (G4)Business alignment(G7) and Resource Allocation (G8).
In this chart the data is clustered according to the industry from which the response emanated. Each individual response is plotted, and there is no levelling to reflect that several people may have responded in respect of a single organisation.
Similar plots were developed (but are not presented due to space restrictions) for IT reporting lines, the use of packages vs custom solutions for the main IT systems, and insourcing vs outsourcing. Across all of these views, the patterns remained quite scattered, with high and low scores in all categories.
The results of this mini-survey are consistent with prior surveys and broad industry understanding of IT Governance performance. Relatively few organisations can claim persistent long term success with ICT – and poor governance is a hallmark of failures. If you honestly assess your organisation with the 12 indicators, where will you rank? If you can’t score a solid 36 of the possible 48 points, you may have an unacceptable risk, and you should consider a more formal assessment of your IT Governance performance.