A Manager’s Guide to Successful Governance

Everywhere you look someone is writing or talking about something that needs to be governed in your business: your business process, your application portfolio, your data, your data warehouse, your application architecture, and on and on. In one sense this is correct—governing these things is a good idea. However, how you choose to approach governance will determine whether or not it is successful.

In many companies, the manner in which governance is implemented is enervating. Governance in these instances is associated with bureaucracy, aggravation, and wasted time. Governance focused on procedures and technical considerations can and often does take on these negative characteristics. Yet replace the term “governance” with “management” and a more positive set of associations comes forth, such as necessary, important, and problem-solving.

Making governance a management concern is critical for making it successful. After all, if there were no problems with our application portfolio, our data, our data warehouse, our application architecture, or other aspects of our business, governance wouldn’t be an issue at all because it wouldn’t be needed. Governance, implemented as a business-focused management mechanism, should be an extension of management that is necessary, important, and problem-solving. This requires focusing on the why, what, who, when, where, and how of governance for business success.

Regardless of the reasons for it, governance is ultimately used to make decisions about the business and operations that support it. There is but one fundamental reason for establishing governance: to improve business effectiveness. Successful governance requires identifying the aspects of the business governance is to improve and establishing the desired outcomes and success measures.

Too often governance is established to regulate the decision process for IT activities. This kind of governance can improve IT processes but at the cost of instituting bureaucracy rather than improving business operations. The critical questions to ask before instituting your governance program are: What business purpose is the governance process to serve? What outcomes will governance produce? How will you know that your governance process is successful? The why of your governance program should be represented in a mission statement with a list of desired, specific, and measurable outcomes and objectives.

Desired outcomes and measures provide a basis for a governance dashboard for monitoring your governance program’s effectiveness and avoiding bureaucratic tendencies that do not improve the business. While enforcing compliance, driving business value, controlling IT costs, and risk management are important reasons for governance, using governance as a tool to improve the business is the primary reason for management to invest in it.

Business processes

Governing business processes ensures compliance, control, consistency, and management of core processes used in the business;

Architectures

Governing architectures addresses the design ‘blueprint’ that binds business processes, applications and services, and data, together;

Data

Governing data addresses master data, metadata, data quality, and data access in applications, analytics, reporting, B2B, and self-service for customers, suppliers, and employees;

Applications and services

Governing business processes for consistency requires governing the applications and web- and SOA-services that support them;

IT portfolio

Governing the IT portfolio addresses the combination of applications and services, data, and architectures IT manages at the application and service level and the technology level to ensure interconnectivity and interoperability;

Security

Governing security manages the risks associated with a world of business interconnectivity and application interoperability;

Service-level agreement (SLA)s

Governing SLAs establishes and monitors the performance expectations for the data center and IT responsiveness.

While this list can be expanded, it is important to recognize that a program which governs one element of IT won’t necessarily address the governance needs of the others. Individual governance programs often result in competing or incompatible governance processes, creating a problem for effective governance overall.

Organizations confronting the demands of governance, whether they are driven by compliance, risk management, improved effectiveness, or simply best practices, are learning that a holistic approach is required to govern effectively. What to govern is determined by which aspects of business operations and management are critical to improving your business. Don’t establish governance for its own sake; focus on those areas that will deliver business value for your company.

Every part of the company can be affected by a governance program because a governance program will cross organizational lines, address important aspects of the business, and affect many people.

First and foremost in governance is the role for those at or near the top of the organization chart. This is important because the governance program needs to be designed to improve the business. Top management sets the governance mission, goals, objectives, and direction, ensures that corporate policies for governing are established, the governance process is defined and established, roles and responsibilities are specified, participants in the governance process are identified, and cross-organizational issues that require their involvement are resolved. The effectiveness of the governance program will be determined by the level of management that sponsors and is accountable for its success.

Next, governance requires hands-on management and decision making. This is typically done by a governance committee of next-level managers from the various departments, divisions, or lines of business affected by the governance process. The management factor critical for success here is: these managers must fully accept the mission and accountability for running the governance program and achieving its desired outcomes. Governance will be less than successful when managers participate simply as representatives of their department, division, or line of business and look out for their narrow interests. 

The bulk of the work in any governance process is done by supporting groups versed in the business and technical issues being governed. Governance in many instances is driven from a technical perspective, becoming the means to enforce technical approaches and standards. This is unfortunate because the emphasis for governance must be on support of the business.

Governance needs to be informed by technical findings, such as “we have these particular (specific and quantified) data problems that contribute to errors in order fulfillment,” and others which the governance committee will use to decide how and when to address the problem, that is to govern. Statistics, operational, financial, and business impact are data required to govern effectively that should be assembled by these groups, but neither the data nor a support group determines the actions that need to be taken. That is the job of the governance committee.

This element of permanence hides another important aspect of governance: when to apply it to maximize its effectiveness. Usually governance is employed as a mechanism to identify and address problems as they crop up. This is a necessary component of the governance process, however successful governance also can prevent problems from occurring, combining proactive and reactive components for greater effectiveness overall.

Proactive governance occurs during planning and design, not simply after operational actions are taken. In this mode, governance is like a town planning board making its goals, objectives, and requirements clear up front. As new town projects are conceived, the board reviews them and presents the requirements which the town project must include. Acting similarly, the governance committee during a business project’s planning and design informs the project of requirements the project must satisfy for governance compliance.

Reactive governance identifies problems as they occur and then determines what is required to resolve them. In this manner governance acts like a building inspector inspecting a building once it is constructed—too late to change the way the building was built. Inspecting operations to see if problems exist is a necessary component of governance; it should not be the only one.

Looking at governance holistically, the rate at which problems crop up and trends of the quantity of them found, which are elements of reactive governance, are measures of how successfully proactive governance prevents problems from occurring. Governance is most effective when it prevents problems from occurring, not when it corrects them.

It is what happens where work is done. After all, work performed is either creating problems, meaning governance is ineffective, or it isn’t and governance is being effective. When a project’s plan and design have been reviewed by the governance committee, governance requirements must be embedded into the project delivery process. This requires involvement with projects as work is being performed.

Of all the elements of governance, this is the one missed most often. Governance is viewed as meetings and decisions rather than directing projects and how project work is performed. Seen under this lens, then governance can come clearly into focus: it focuses on project work; it must be proactive with projects rather than simply reactive; it is a management activity requiring time and resources; it addresses business operations and management aspects that project work affects; and it eliminates problems and improves the business.

Governance effectiveness is best determined by the amount of corrective actions it requires—the most effective governance has the least problems to correct because work doesn’t create them.

Building on the why, what, who, and where of it, this is the guide for how to achieve effective governance:

Planning for Governance

Identify business reasons for governance and set business improvement targets—this is the first step toward using governance as a method to improve the business. Without this, governance is being established for its own sake.

Establish the governance charter and name the executive sponsor—this builds on the business focus by chartering the governance program and naming the senior executive who will be responsible for it and its results.

Define the governance mission, goals, objectives, and measurements—this formalizes the governance program’s purpose and expected results. With these, the governance program is positioned to become an ongoing process.

Activating Governance

Establish one governance committee to perform all governance—the charter may cover more than one aspect of business operations and management such as business processes, architectures, data, applications and services, the IT portfolio, security, service-level agreements and so forth. However many of these are being governed, it is essential that only one governance committee is responsible for governance so that.

This is not meant to imply that there cannot be specialized sub-committees; there likely will be because of the unique nature of each area being governed. However, having one committee responsible for the success of all governance requires processes be put in place to resolve conflicts that will arise from the narrow focus arising from specialization.

An important by-product of resolving conflicts will improve the decision processes used in planning projects and elevate the importance of architectures in improving the business, both of which will help prevent problems from occurring and improve the effectiveness of the governance process.

Establish a governance process with proactive and reactive components—this requires identifying existing problems that need to be corrected and developing an approach that will prevent problems from being introduced through work activities. This is one of the most important elements for using governance as a problemsolving mechanism.

Establish the governance of projects—once the governance aspects are determined they need to be made a part of the project planning and review process. Governance will affect how project business and technical decisions are made and should be formalized in project management and systems development practices.

Controlling Governance

Govern work performed—this is where governance succeeds or fails. Either work is done in a manner that demonstrates the positive influence of governance or it is not. If governance is management policies and processes that don’t affect work practices, the governance program will have limited success.

Technically-oriented governance tends to focus on stewardship and ownership as the means to address problems. Stewardship and ownership are abstract like citizenship. Of course if everyone acted as a steward and owner many problems would disappear but, like citizenship, day-to-day life requires many competing demands to be met and satisfying all of them is often impossible.

So effective governance governs work performed through policies, processes, practices, and penalties. Even though good, law-abiding citizenship is expected, breaking the law results in fines and incarceration. While this analogy is a stretch regarding business projects, when a project fails to comply with governance requirements those involved need to face some sort of consequence or penalty or governance will not be effective.

Provide the ongoing support required by the governance process—effective governance needs expertise and information. Support staff is an important element of governance and needs to be included to ensure that expertise and information are part of the governance process.

This does not mean that the governance committee has a permanent support staff of its own, although in a very large company this may be the case. It does mean that the expertise necessary to govern effectively is identified and the people identified are made available to perform appropriate governance tasks. Often, these are matrix relationships between existing technical and architectural groups and the governance committee.

Monitor a governance dashboard—you can’t manage what you can’t measure and this activity is where governance, as with other management activities, demonstrates its effectiveness. Measurements need to demonstrate how well the governance program is meeting its objectives.

Make adjustments as required to eliminate problems and improve effectiveness—it is important to recognize that new business demands, technologies, regulations, and other factors will impact governance. Adjustments will be required for each of these as well as to respond to measurements and other data points that give insight into governance and its effectiveness.

It requires addressing costs, investments, quality, the decision process for projects and work, measuring effectiveness, and determining the effect of governance on the business. Governance is ongoing and, if these guidelines are followed, can be managed to become an asset to the business.