IS/IT Governance


— tags:

Link to course:

Credit: Images and notes are from the Coursera course, however, they are summarised by me, which can’t guarantee the accuracy.

Trong trang này có summarise của bài: nên sẽ bằng tiếng Anh lẫn tiếng Việt.

IT Alignment

Lession 1: IT Governance

An Introduction to the IS Specialization

An Introduction to the Information Systems Specialization

Specialization covers key principles, policies, and best practices in information systems management

Focus areas: identifying valuable information systems projects, modeling and describing systems, enterprise system capabilities, and infrastructure options

Broad goals of the specialization:

  • aligning IT strategies with organizational goals,
  • formally evaluating IT investments,
  • assessing portfolios of IT investments,
  • encouraging prudent use of IT dollars,
  • ensuring value from new information systems

IS/IT Governance: Aligning IT strategies, evaluating investments, portfolio assessment, user incentives, and system adoption strategies.

Analysis for Business Systems: Focus on SDLC, translating needs into requirements, and building/buying the right system.

Enterprise System Class: Role of enterprise systems, selecting systems, and managing ERP-related organizational change.

IT Infrastructure and Emerging Trends: Technical foundation for Cloud Computing, Mobile Communications, Cyber Security, and Blockchains.

Course Project Introduction

This summary focuses on the projects included in the four courses of the Information Systems Specialization:

1. IS/IT Governance Project:

  • Defines a business problem and conceptualizes an IT system to address it.
  • Describes how the system supports organizational goals and strategies.
  • Performs a cost-benefit analysis with risk assessment.
  • Discusses how the system fits within the organization’s IT portfolio.
  • Defines user payment models and strategies for user adoption.

2. Analysis for Business Systems Project:

  • Applies the Systems Development Life Cycle (SDLC) to a small project.
  • Prepares analysis phase deliverables like requirements, process models, and data models.
  • Follows industry standards and best practices.

3. Enterprise Systems Project:

  • Develops an execution plan for selecting and acquiring an ERP system.
  • Aligns with the system analysis course, building upon requirements gathering.

4. IT Infrastructure and Emerging Trends Project:

  • Identifies a company using innovative IT solutions (cloud, mobile, blockchains, etc.).
  • Researches the company’s challenges, how the IT solution helped, and their IT strategy refinement.
  • Applies technical concepts and examples to real-world settings.

1.1-1 Personal Introduction

Prof introduction

1.1-2 Course Overview

ROI thường thấp hơn expectation. Cho nên IT/IS Governance is used to address the question: “How to make good IT investment decisions and realise the value from those investments?”

4 Modules:

  1. IT Alignment: align with the company goal.
    • Addresses aligning IT investments with business goals and strategies.:
      • What decisions need to be made?
      • Who makes those decisions?
      • How they make those decisions?
    • Operation Model: Business process standardised across divisions in business, how much data shared across divisions in business
    • Maturity of the enterprise architecture
  2. Evaluation of IT Investments:
    • Explores three estimate categories: order of magnitude, budget, and definitive estimates.
    • Covers budget estimation. Operational/tactical are tangible vs. strategic benefits: intangible.
    • Risk incorporation using the options approach: Risk can be resolved by: waiting or a small experiment.
    • A framework for Evaluating IT Investment: Based on Strategic Objective and Technology Scope
  3. Portfolio Evaluation and IT Chargeback:
    • Examines how to select the right set of IT investments using the IT investment portfolio concept.
    • Discusses IT chargeback models (cost centers, service centers, profit centers) to allocate costs effectively.
  4. Change Management: make sure user use the system
    • Focuses on ensuring user adoption for the new system.
    • Explores 2 models of adoption of Innovation: demand-driven (benefit > cost) and supply-driven (due to knowledge barriers).
    • Discusses five levers for managers to influence innovation adoption and strategies for different types of system implementations.

1.1-3 IT Alignment Part 1

Module on IT Alignment Goals:

  • First goal: Define IT governance and emphasize its significance.
  • Second goal: Provide a framework for IT governance, involving decision-making structures and processes.
  • Third goal: Introduce the operating model and enterprise architecture maturity to align IT with business strategy.

Significance of IT Governance:

  • Graph illustrates that US organizations spend around 6% of revenue on IT, with increasing investments.
  • McKinsey study highlights challenges: projects 45% over budget, 7% behind schedule (due to Missing focus,…), and a 56% shortfall in expected benefits.
  • Consistent industry concern, as revealed by the Society for Information Management survey, is the alignment of IT with business objectives.
  • Alignment issues identified as a major contributor to project performance shortfalls.

IT Governance Definition:

  • IT governance is a strategic response to ensure IT investments align with and contribute to organizational goals and strategies.
  • Defined by the Institute of Internal Auditors: “Leadership, organizational structures, and processes ensuring IT supports organizational strategies”
  • Gartner defines IT governance: “a set of processes ensuring effective and efficient IT use to achieve organizational goals.”

1.1-4 IT Alignment Part 2

Leadership Role in IT Governance:

  • Leadership includes board directors responsible for governing IT, CIO, and board-level committees.
  • Two key roles: oversight/monitoring and providing expertise to the organization and access to external IT specialists

Leadership Failure:

  • Study by Michael Benrock shows that operational failures in financial services firms lead to stock price drops.
    • Impact: Changes on the board include an increase in directors with IT competence and turnover in the CIO/CTO role.
    • Example: Target’s data breach led to a 6% drop in share price, resulting in the resignation of the CIO and CEO.

Significance of IT Governance

  • IT Governance -> IT-business alignment -> firm performance.
  • IT Governance measured through mechanisms:
    • steering committees
    • IT investment prioritization processes.
  • IT-business alignment: lead to
    • Business and IT Strategy Alignment for products, processes, and markets
  • Firm Performance:
    • Financial performance
    • Operational excellence
    • Customer satisfaction.

1.1-5 IT Alignment Part 3

  • Six Key Questions for IT Governance Leadership:
    1. How will IT change the basis of competition in our industry? (Understanding IT’s role and leveraging opportunities)
    2. Do our business plans reflect the full potential of IT to improve performance? (Balancing operational efficiency and strategic agility)
    3. Do we have the capabilities required to deliver value from IT? (Assessing human capital for leveraging IT opportunities)
    4. Is our IT investment portfolio aligned with opportunities and threats? (Balancing short-term and long-term needs)
    5. Who is responsible for realizing value from IT? (Establishing accountability in the IT organization)
    6. Are we comfortable with our level of IT risk? (Understanding and managing risks associated with IT investments)

The IT Governance Umbrella

  • Strategic Focus of IT Governance:
    • Alignment of organizational and IT strategies.
    • Realization of IT opportunities.
  • Tactical Elements of IT Governance:
    • Realization of IT project and operations value.
    • Effective management and responsible use of IT resources.
    • Management of IT-related business risks.
    • Compliance with IT-related laws and regulations.


  • IT governance involves both strategic and tactical elements.
  • Strategic focus includes alignment of organizational and IT strategies, as well as realizing IT opportunities.
  • Tactical elements encompass realizing value from IT projects, responsible use of resources, managing IT-related risks, and ensuring compliance with laws and regulations.

IT Governance Framework

1.2-1 A Framework for IT Governance

Key Decisions in IT Governance:

  • IT Principles:
    • Define IT’s role based on business objectives.
    • Example: Standardizing business processes for operational efficiency.
  • IT Architecture:
    • Identify key business processes, applications, data elements, and supporting technologies.
    • Determine standardization and data integration levels.
  • IT Infrastructure:
    • Define computing power, networks, storage services, and common applications.
    • Decide central vs. local provisioning of infrastructure services.
  • Business Applications:
    • Software applications serving business needs.
    • Decide corporate vs. local applications based on business requirements.
  • IT Investment:
    • Determine how much the firm’s IT investment? Which specific IT projects to fund?.

Nature of Decisions:

  • Technical decisions: IT infrastructure and IT architecture, made by senior IT executives.
  • Managerial decisions: IT principles, IT investment, and prioritization.
  • Hybrid decisions: Business requirements involve both user preferences and technological feasibility.

1.2-2 Who Makes the Decisions

  1. Business Monarchy:
    • Business executives (with/without CIO) make decisions.
    • Centralized approach, suitable for efficiency-focused organizations.
  2. IT Monarchy:
    • Senior IT executives make key IT decisions.
    • Centralized approach, focuses on IT efficiency.
  3. Feudal Approach:
    • Business unit leaders or Line Managers make IT decisions.
    • Decentralized approach, suitable for differentiation or responsiveness.
  4. Federal Approach:
    • C-Level executives and business units make decisions.
    • Hybrid: Balances efficiency and responsiveness, may include IT participation.
  5. IT Duopoly:
    • IT and business executives jointly make key decisions.
    • Hybrid: Collaborative approach, aiming for balanced decision-making.
  6. Anarchy:
    • Each individual user makes their own IT decisions.
    • Highly decentralized, may lead to autonomy but lacks coordination.

Centralization Trends in US Economy:

  • Society for Information Management survey reveals a high level of centralization in IT governance.
  • Centralization persists in decisions related to IT architecture, infrastructure, applications, and purchasing.
  • Increasing trend toward more centralization.

CIO Reporting Structure:

  • 40% of CIOs report to the CEO, and 30% report to the CFO.
  • Banker et al. study suggests CIO reporting should align with organizational strategy.
  • CIO reporting to CEO for differentiation and innovation, to CFO for efficiency.

1.2-3 How IT Decisions are Made

Decision-Making Structures: what structures are used to align IT decisions with business decisions

Decision-Making Processes: what processes are followed to align IT decisions w business decisions.

  1. IT Investment Approval Process:
    • Standardized IT Investment approval evaluates alignment with business strategy, financial analysis, and risk.
  2. IT Architecture Exception Process:
    • Assess whether a new project follows to defined IT standards or requires an exemption.
  3. Service Level Agreement and Chargeback Process:
    • Defines IT services, their cost, aligns pricing with market standards, assesses IT organization’s efficiency.
  4. Project and Business Value Tracking Process:
    • Tracks project development, ensures benefits align with expectations.

Best IT Governance Approach:

  • No universal model, depends on business goals.
  • Decision-making structures and processes align with business objectives.
  • Considerations include synergy and autonomy trade-offs.

Common IT Governance Approaches:

  • Profitability Focus:
    • Business monarchy for IT principles, infrastructure strategies, architecture, and IT investment.
    • Federal approach for business applications (corporate-level decisions for enterprise-wide, local decisions for business units).
  • Growth Focus:
    • IT duopoly for IT principles and IT investment prioritization.
    • IT monarchy for infrastructure strategies and IT architecture.
    • Federal approach for business applications (corporate-level decisions for enterprise-wide, local decisions for business units).

Lesson 3: Operating Model and the Maturity of Enterprise Architecture

1.3-1 Key Principles and Practices

Operating Model“: the degree to which a company standardises its core processes and integrates its data.

  • Processes: There is a central body that coordinate all business processes.
  • Data: data is shared across different business units
Data – HiCoordinationUnification
Data – LowDiversificationReplication
Process – LowProcess – Hi

1.3-2 Operating Model and Enterprise Architecture

“How operating model relates to enterprise architecture?”

Enterprise Architecture: organising logic for business processes, applications, data, and infrastructure technologies that enable a firm’s business strategy.

  • It’s like a city plan (blueprint)…

4 IT Architecture Stages:

  1. Application Silo: The architecture of individual application. Diversification operating model.
  2. Standardized Technology: enterprise-wide standards for IT infrastructure. Follow standard for infrastructure component (the above 1 doesn’t follow any). Not yet data or processes. Diversification operating model.
  3. Rationalized Data/Optimized Core: Enterprise-wide standards include standardization of data and process. Coordination, Replication, Unification operating model.
  4. Modular Architecture: org allows local differentiation. In addition to having standard, enterprise allows BU to modify the standards to meet local needs. Coordination, Replication, Unification operating model.

1.3-3 Application Silo Stage

Application Silo

  • Business of a function, a BU or geography.
    • Data closely tie to each application
    • Biz users focus on the value of their apps
  • Benefit and risk:
    • Local optimization: no constraint on others.
    • Can be funded easily on a simple cost-benefit analysis. System benefits are often predictable and easily measured.
    • Risk: unconnected app, no integration
    • High cost of maintainance

Standardised Technology stage:

  • IT efficientcy
  • Increase maintainablity, security.
  • Conflict between users desires vs IT desire
  • Funding infrastruture is harder.

Rationalized Data/Optimized Core

  • Data is centralised and available to other apps
  • Core business processes: standardise using apps.
  • Benefit:
  • Business process efficiency
  • Standardisation enables innovation.
  • Risk: Business standardization harder to sell to managers than technology standardization

Modular Architecture

  • Meet local meets.
  • Successful experiments: standardised and made available to others.
  • Benefit:
  • Oppor for strategic agility, innovation and responsiveness
  • Risk: flexibility without rationalized and optimized core may lead to application silo

1.3-4 Implications of Enterprise Stages

Key Governance Mechanism in the Business Silo Stage:

  • Business Case
  • Standardised project methodology: a disciplined approach to converting an approved project into an improved process.

Standardized Tech Stage:

  • IT Standards Committee: senior IT executives define tech standards and recognize when to retire and when to update standard
  • Infrastructure Funding and Renewal Process
  • A formal architectural compliance and exception process

Rationalised data Stage:

  • Enterprise wide process owner
  • Enterprise wide data standard

Modular Stage

  • Define boundaries for business experiments
  • Component funding and approval processes: when succeeded or failed

Module Wrap up

1.4.-1 Module 1 Summary

Q: Why is IT governance important?

A: IT governance helps ensure that IT investments align with organizational goals, leading to improved performance.

Q: What are the key components of IT governance?

A: IT governance includes decisions about what, who, and how IT decisions are made, covering technical, managerial, and hybrid aspects.

Q: What are the different types of IT governance models?

A: Models can be centralized, decentralized, or federal, with the choice influenced by factors like firm size and strategy.

Q: Who should the CIO report to?

A: The best reporting structure depends on the organization’s strategic positioning.

Q: How are IT decisions made?

A: Various decision-making structures and processes are used to align IT decisions with organizational goals.

Q: Is there a one-size-fits-all IT governance approach?

A: No, the best approach depends on the organization’s specific goals and needs.

Q: What is the relationship between operating models and enterprise architecture?

A: The operating model (process, application, data, and infrastructure standardization) determines the organization’s enterprise architecture.

Q: How does enterprise architecture evolve?

A: It typically progresses from individual application silos to standardized technology, rationalized data, and finally modular stages allowing for customization and continuous improvement.

Q: What are the key governance mechanisms for each stage of the architecture evolution?

A: They vary depending on the stage, from business cases for individual applications to IT standards committees, process ownership, and experiment boundaries in the modular stage.

Quiz: Note: I don’t share password.


Leave a Reply

Your email address will not be published. Required fields are marked *