Presentation on theme: "IT Management Evolves — IT Governance Becomes a Critical Enabler"— Presentation transcript:
0 IT Governance – Executives are from Mars, IT management is from Venus The New View of IT GovernanceIT Governance – Executives are from Mars, IT management is from VenusPeter HidasConference Name Michael GerrardMonth XX, 2007VenueCity, STThese materials can be reproduced only with written approval from Gartner.Such approvals must be requested via
1 IT Management Evolves — IT Governance Becomes a Critical Enabler Strategic Imperative: Recognize how, and at what pace, your business is evolving, and how IT governance must change and evolve to keep pace. Prepare IT management with the skills and competences to make IT governance effective by becoming "business management with a functional responsibility for IT" as opposed to "IT management supporting business management."Business managers with a functional responsibility for IT2012HighIT Leadership FocusIT Governance ImpactIT managers supporting business management2006LowInternal Efficiency and ControlPartnerships, Agility, Global Business EcosystemCompany Leadership FocusFinding a way through the global economy and achieving growth by forming effective partnerships between business units and, increasingly, enterprises, will be a critical enterprise differentiator for surviving tough times. This is one of the major forces reshaping the context away from internally oriented value sources, such as efficiency and control or technology asset optimization, toward externally oriented, IT-enabled business models and processes for IT organizations. These value sources are themselves more complex for the IT organization, because they engage processes, stakeholders and activities over which the IT organization has little or no direct control. In this environment, IT governance will be a critical success factor as the "glue" that holds these complex relationships together and maintains strategic direction between internal and external participants. IT management should have a legitimate and necessary role in setting the enterprise vision and strategy, as well as in delivering internal efficiency. If it cannot assume both roles, it will be marginalized out of existence, and the enterprise will be unable to leverage technology and manage its own complexity and will therefore increase its risk, while unnecessarily constraining the value it derives from its IT investments and internal IT services. This requires new IT leadership behaviors, business skills and IT governance processes for ensuring coordinated visions, strategies and tactics between the IT organization and the wider enterprise and the business environment beyond. This, in turn, will drive change in IT organization structure and composition and place an increasing premium on business knowledge and understanding for IT management as they share in business management and guide the development of more-comprehensive and effective IT governance processes and structures.Governance = styringManagement = få utført det som er bestemt
2 Key IssuesHow can IT governance be described pragmatically in terms of its scope and application?How do I develop the best IT governance strategy for my organization?What are best practices for implementing IT governance effectively?
3 IT GovernanceIT governance is made up of processes with activities, inputs, outputs, roles and responsibilitiesIT's role is identified as "ensuring" as opposed to "executing"The goals of IT governance are business goalsKey performance measures are effectiveness and efficiency"The processes that ensure the effective and efficient use of IT in enabling an organization to achieve its goals"Making IT governance work in your organizationMany of the common definitions and explanations of IT governance tend to reflect the perspective of the observer and not necessarily the practical needs of practitioners, in particular the CIO. Up to this point, Gartner has used the following definition: "the specification of decision rights and accountability framework to encourage desirable behavior in the use of IT." However, this has not proved to be broad or inclusive enough to match the intent of common CIO usage and issue areas. An extension of this definition is: "the processes that ensure the effective and efficient use of IT in enabling an organization to achieve its goals."This might not be the only effective way of wording a definition, but it does contain certain key concepts: 1) IT governance is made up of processes with the inputs, outputs, roles and responsibilities that are inherent in a process definition (however, the definition does not talk about how these processes might be implemented and proceduralized); 2) the role of IT governance is identified as "ensuring" as opposed to having a primary role of "executing"; 3) the goal of IT governance is defined as a business goal, not just IT-related; and 4) key performance measures are identified as effectiveness and efficiency, together representing business value. These concepts represent an operational view of IT governance; defining IT governance as processes leads to a more pragmatic review of IT governance processes for practicality and culture fit. It will also force an implementation approach that can be more readily understood by all participants, rather than a narrower focus that, for example, envisions IT governance as just the implementation of a steering committee with a charter to resolve IT-related issues.
4 IT Demand Governance: The CIO's View … IT governance, broad in scope, a high-impact issue, a senior management operating responsibilityHowever, business doesn't understand its responsibilities; therefore, it isn't committed, accountable or fully engagedIT governance is getting better, but going only from bad to neutralBusiness management's lack of understanding is a key inhibitor, but no compelling change is plannedBusiness management and IT management each see IT governance as a way to control the otherHow do you make IT governance a more practical challenge to solve?The issues with IT governance as expressed in a Gartner survey of CIOs were concentrated on IT demand governance, which is where this presentation will, therefore, focus. They point out an apparent major disconnect between how important CIOs believe it is for business management to be in involved in IT governance and the importance that business managers apparently attach to their involvement. The CIOs believe that business management "doesn't understand" IT governance and relegates it to a relatively low priority. However, there was no reported focused efforts planned to try to bridge this communication gap.If business managers see IT governance largely as a mechanism to control IT and IT-related activities, then it's not surprising they only turn to it when they perceive underperformance by the IT organization. On the other hand, CIOs see IT governance as the mechanism to manage business investments involving significant IT expenditures, and they look to it to remove business ambiguity and conflict to better enable IT management to do its job.In short, CIOs and business managers see IT governance as a way to control the other so that they can do their jobs more effectively. If this is so, then it begins to clarify the fact that the effectiveness of IT governance depends on a joint understanding of the role of IT governance and its importance to both IT management and business management in enabling each to do its job.Action Item: Ensure that business stakeholders understand the scope and impact of the business benefits from effective IT governance.Source: Gartner CIO IT Governance Survey, 2005
5 … Of a Persistent Challenge "To what extent is each of the following a priority for you in 200X?"200420052006Delivering projects that enable business growthDelivering projects that enable business growthDelivering projects that enable business growthLinking business and IT strategies and plansLinking business and IT strategies and plansLinking business and IT strategies and plansDemonstrating the business value of IS/ITBuilding business skills in the IS organizationImproving the quality of IS service deliveryApplying metrics to IS organization and servicesDemonstrating the business value of ITAttracting, developing and retaining IS personnelTightening security and privacy safeguardsAttracting, developing and retaining IS personnelDemonstrating the business value of ITImproving business continuity readinessApplying metrics to the IS organization and IT servicesProviding new types of information (for example, analytics)Improving the quality of IS service deliveryImproving the quality of IS service deliveryDeveloping or managing a flexible technologyConsolidating the IS organization and operationsFlexible technology infrastructureImproving IT governanceDeveloping leadership in the senior IS teamImproving IT governanceBuilding business skills in the IS organizationMaking IT governance work in your organizationImproving IT governance has been reported by CIOs in their "top 10 issues," as reported by the Gartner Executive Programs' Annual CIO Survey for, at least, the past three years. As IT moves into an increasingly strategic role in many organizations, IT governance will be required to become more effective to deal with complexity, external relationships and greater physical dispersion that is forecast for many businesses. To this point, IT governance has not been particularly effective in many organizations, largely because it has been perceived as something necessary to help the CIO and IT organization do their job and because it is not generally implemented as a process with a set of discrete steps to achieve a defined business goal. This situation leads to all the necessary participants not being sure what their role is, what the deliverables are that are passed from participant to participant and what should be done at each stage to ensure overall success. This survey also points to other CIO issues that are closely associated with effective governance: linking business strategies and IT plans, demonstrating the business value of IT, and the need to develop business skills in the IT organization. These would all be largely off the CIO's radar if IT governance were working effectively across the organization.Consolidating the IS organization and operationsLeading change initiatives (involving moreImproving IT governanceSource: Gartner Executive Programs' Annual CIO Survey
6 IT Governance — What Are the Components? Strategic Imperative: Separate IT governance into demand and supply to more effectively understand the issues, responsibilities and alternatives for improving performance.IT Governance StrategyIT GovernanceGoalsDomainsPrinciples and PoliciesDecision and Input RightsIT Governance OperationsWhat Should IT Work On?Demand GovernanceBusiness Primary ResponsibilitySupply GovernanceHow Should IT Do What It Does?IT Management Primary ResponsibilityHow do you make IT governance a more practical challenge to solve?• IT governance strategy — To implement effective IT governance, several key elements must be agreed on and put in place. First, organization goals and strategies must be used to drive the definition of principles and policies to guide the usage of IT in the organization. Second, the domains of IT governance (that is, areas of activity and responsibility subject to IT governance) must be identified. Third, management must have clear and agreed-upon goals for IT governance. Fourth, the organization structure and style must be clearly identified and defined, including who has the responsibility and accountability to make the appropriate decisions consistent with the agreed-upon principles for each domain.• IT governance operations — IT governance can be seen as addressing two main sets of issues:Demand governance — What should IT work on? Where should the organization's IT resources be invested to produce the greatest return, and how do we ensure that these returns are actually achieved?Demand governance is primarily a business management responsibility, although one in which the CIO may play a major role, as a business executive.Supply governance — How should IT do what it does? What are the constraints, policies, rules and standards that IT must comply with in delivering what the business needs? Supply governance is primarily a CIO responsibility.
7 IT Governance Strategy Strategic Imperative: Establish the goals, domains, decision rights and policies for IT governance and the use of IT in the organization.Goals: Why?What do we want to achieve through IT governance?Domains: What?Which areas need to be governed?Principles/Policies: How?How should we view the use of IT in the business?Decision Rights: Who?Who makes what decisions? And who has input rights?How do you make IT governance a more practical challenge to solve?To implement effective IT governance, several key elements must be agreed on and put in place.• First, management must have clear and agreed-upon goals for IT governance.• Second, the domains of IT governance (that is, areas of activity and responsibility subject to IT governance) must be identified.• Third, the organization structure and style must be clearly identified and defined, including who has the responsibility and accountability to make the appropriate decisions consistent with the agreed-upon principles for each domain.• Fourth, organization goals and strategies must be used to drive the definition of principles and policies to guide the usage of IT in the organization.
8 Example Domains and Decision Rights Decision Framework: Use a domain and decision rights framework as a basis for collaboration with business management to agree on. What areas need governance oversight? Who has input to key decisions? And who has decision authority and accountability?GoalsBus. App.RequirementsCompanyArchitectureIT Investmentand PrioritizationDomainPrinciplesStakeholdersInputDecisionInputDecisionInputDecisionInputDecisionInputDecisionExec.CommitteeSteeringCommitteeLOBManagersITLeadershipBus. Proc.OwnersIT Rel.ManagersExec. Committee — Executive committee (C-level executives)IT Leadership — CIO, CIO Office and BU CIOsSteering Committee — IT steering committee (representatives from executive and LOB management and senior IT management)Bus. Proc. Owners — Business process ownersIT Rel. Managers — IT/business relationship managersHow do you make IT governance a more practical challenge to solve?Developing a decision rights matrix is useful for business and IT management to determine what areas of decision making are relevant, what key decisions are required, who has a right to have their concerns taken into account in the making of a decision, and who has the ultimate decision authority and accountability for the consequences of that decision.In the example illustrated above, IT governance decision rights provide for joint rights between the executive committee and IT leadership in IT principles and enterprise architecture, between the steering committee and line of business (LOB) manager for business application requirements, between the executive and steering committees for goals, and executive committee decision rights for IT investment and prioritization. This example reflects a somewhat collaborative management style with senior business executives playing key decision roles in investment decisions and the enterprise architecture. A steering committee brings together a consolidated business view, but direct appeal is still possible by LOB managers if they feel their interests are not being sufficiently served by the steering committee.Action Item: Use a decision matrix to clearly identify who/what has decision rights and, equally important, who has the right to provide input for consideration in that decision.Bus. App. Requirements — Business application requirementsLOB Managers — Business unit (BU) heads/presidentsNote: This chart is adapted from MIT Sloan Center for Information Systems Research and Gartner drawing on the framework of Peter Weill and Richard Woodham, 2002.
9 Example IT Principle/Policy — Investment Decision Making Tutorial: Principles/policy statements are useful tools to communicate the guideline or policy and the rationale for it, as well as for identifying who is expected to be affected by the guideline or policy, and how.Example IT Principle/Policy — Investment Decision MakingPrinciple/Policy:Business unit leaders and department heads are responsible for determining IT investment and prioritization decisions to maximize the business value of ITRationale:IT is the organization's largest capital investment, and we need to manage the investment of technology expenditure to maximize the return on that assetImplications:Business units (project sponsors) are responsible for benefits realization of IT expenditure; IT is responsible for IT cost managementIT is a critical functional component of the business unit, and business unit leaders are expected to understand and articulate how to achieve business value from this functionIT is responsible for providing the right information to educate the business on the value, cost and risk of its investmentHow do you make IT governance a more practical challenge to solve?This presentation, throughout, refers to "principles/policies." For the purposes of this presentation, a statement meant to act as a guideline to inform decision-making or action is a principle, and a statement that is a rule, which must be followed by being applied as it may relate to any individual's actions, is a policy.The implications of principles/policies must be clearly stated, not open to distorted interpretations, and be broadly communicated and shared to be effective. Structure these statements into:• Principle/policy — What specifically is the rule or guideline?• Rationale — Why it is necessary and with what goal? The rationale provides context to remove any ambiguity.• Implications — Each affected stakeholder can be identified and the consequences for them clearly articulated.Communicate the principles and policies in multiple forums, employing presentation modes tailored to the audience. Relationship managers must be able to articulate the principles and policies in ways that are meaningful to their business clients. They should also be able to propose modifications to support changing client needs.Action Item: Develop a communications plan for the approved set of principles and policies. Tailor the messaging and presentation, depending on the target audience.
10 IT Supply Governance Domains IT Governance — The Operational ViewDecision Framework: The Gartner IT Governance Demand/Supply Model identifies the organizational processes and elements that are necessary for good IT governance execution.IT Governance OperationsSupplyGovernance(How Should IT Do What It Does?)IT Management Primary ResponsibilityDemand(What Should IT Work On?)Business Management Primary ResponsibilityIT Governance StrategyGoalsDomainsPrinciplesDecision RightsStylesITGovernanceBusiness/ IT StrategyValidationOverallIT Investmentand ExpenseDevelop DemandGovernanceProcessesBusiness/ IT OperationalPlanningPortfolios(PPM)InvestmentEvaluationCriteriaIntraenterprise/InterenterprisePrioritizationDemandImplementationBoard ITIT GovernanceEffectiveness(Metrics, etc.)IT ValueAssessmentITServiceChargebackIT ServicesFundingSpending/ProjectOversightCouncils/CommitteesIssue Escalation/ResolutionBusinessBenefitsRealizationBusiness UnitPlanImplementManageMonitorArchitecturePlanImplementManageMonitor ComplianceSecurityCorporateComplianceProjectManagementSourcingProcurementEtc.IT Supply Governance DomainsHow do you make IT governance a more practical challenge to solve?In the "plan" cycle for IT demand governance (ITDG), business and IT strategic planning are used to determine the goals and strategies that will guide operational planning. Business and IT operational planning determines what IT has to deliver, and when, and the budgets for both the business and IT. In the "implement" cycle, ITDG processes are designed to support the goals of ITDG, consistent with the management style and decision-making culture of the organization. Financial control and oversight can be facilitated by using such tools as IT investment portfolio analysis. ITDG also establishes the policy for chargeback for the use of IT services and assets. The "manage" cycle of ITDG focuses on the allocation of resources and the resolution of issues to support the business most effectively. (This is seen as an ITDG responsibility, even though it "blurs the line" between governance and management in more-conventional definitions of the two.) The "monitor" cycle ensures the following: approved investments yield the bottom-line benefits that were proposed; the IT organization provides IT services responsively and cost effectively; IT department leverages its position as the organization's IT solutions provider by making contributions to optimize business opportunity from IT; and the value and effectiveness of ITG is assessed and optimized. The behavior and practices of IT supply governance are governed by policies, practices, monitoring and enforcement across a wide range of IT responsibilities and disciplines. In the planning stage, the policy to govern IT in the chosen area is determined or developed. Policy implementation includes specific procedures and practices for compliance for each affected area. Manage and monitor encompass the oversight, compliance enforcement and escalation/appeal process to deal with requests for waivers or other exceptions that might be allowable.Action Item: Use the Gartner IT Governance Demand/Supply Model to identify areas for action to implement or improve your IT governance operations.
11 Business/IT Role Segmentation Model Decision Framework: The Gartner Business/IT Role Segmentation Model uses characteristics of strategic positioning and management strategies, in combination with the leveragability of IT for business value, to predict the expected role of IT by business management.Business: Market Leader/Risk Taker/High GrowthThe ButlerThe Entrepreneur"IT provides supporting services but is not strategically important""IT is a vital component of our business model"Expected IT Role: Tactical/ UtilityExpected IT Role: Strategic/ TransformationalThe GrinderThe Team Player"We are totally dependent on IT systems in our business operations, so we give IT as much time as we can afford""IT is a cost of doing business; costs should be as low as possible"Does one size fit all, or should it be tailored to your organization?Companys have different characteristics that affect the meaning of "effective IT" for that enterprise and the role that IT is expected to play. Two dimensions can play a significant role in determining the meaning of effectiveness, and the resulting success of the CIO for a given enterprise. One dimension is a continuum of the strategic positioning of the enterprise from a high-growth, risk-taking market leader to one that is a risk-averse, mature-growth market follower. The other dimension is an objective assessment of the degree to which this business and its business model can be leveraged by IT for improved effectiveness and performance. This is on a continuum from the IT personnel playing a strategic and transformational role in business performance through being expected to play a tactical role, providing utility services that support business operations. We have used this combination of characteristics to place the business's expected role for IT in one of four quadrants. Examples shown in this slide are illustrative comments that characterize the view of enterprises in their respective quadrant. For CIOs with more than one business customer, it is possible that different business customers have different role expectations for IT, requiring IT to have the skills and competencies to behave and communicate differently with each customer.Action Item: Ensure that the behavior and communications of IT match the role that the business expects IT to play.Business: Market Follower/Risk- Averse/Mature
12 IT Governance vs. IT Role Decision Framework: The Gartner Business/IT Role Segmentation Model uses characteristics of strategic positioning and management strategies, in combination with the leveragability of IT for business value, to predict the expected role of IT by business management.Business: Market Leader/Risk Taker/High GrowthThe EntrepreneurNo time for IT governancePrinciples for speed/quality balanceClear domain responsibilityThe ButlerMinimized governanceAnticipate business needsPortfolios for focusLow governance overheadExpected IT Role: Tactical/ UtilityExpected IT Role: Strategic/ TransformationalThe GrinderGovernance as self- protectionPrinciples for focusBenefits realization for valueStrong ROI criteriaThe Team PlayerFormal collaborative governanceClear decision rightsFocus on benefits realizationAgile governance processesDoes one size fit all, or should it be tailored to your organization?High-performing businesses with a tactical and supporting role for IT require informed and responsive support from the "butler;" however, they are generally not prepared to invest much time in IT governance because it is perceived to have little strategic opportunity. The IT butler should use IT governance to ensure IT/business alignment and provide periodic visibility of IT's contribution and value.In high-growth, market-leading companies, governance for the IT "entrepreneur" is integrated with business management. IT is expected to require no more governance and attention than any other aspect of key business activities.Mature, market-following enterprises have an expectation that IT will be highly aligned with business objectives, using formal IT governance practices, and culturally compatible with the business decision-making style and management culture (the "team player"). The team player uses IT governance as a mechanism for systematic interaction between the business and IT.In mature businesses where IT plays a tactical, supporting role as the "grinder," cost containment and risk minimization are priorities. The CIO should use IT governance and benchmarking as "defense mechanisms" to maintain the IT budget at an appropriate level to continue providing adequate and reliable service levels. The grinder should make the business aware of the importance of investing in IT and how IT is delivering value, and provide assurance that the business can understand and control IT spending.Action Item: Use the Business/IT Role Model to determine the expectations of IT by each of your business customers to establish a relationship management and engagement plan for each customer.Business: Market Follower/Risk-Averse/Mature
13 Example Effective IT Governance — Implement Processes to Achieve Goals Tactical Guideline: Implement an effective governance structure by defining a decision process tailored to your organization and culture to achieve specific governance goals.Adding a New IT Shared ServiceRoles and ResponsibilitiesActivitiesEvaluate FeasibilityOperating Management and Governance BoardRoles and ResponsibilitiesActivitiesPrepare Detailed Product Development and Operational Deployment PlanProduct Manager and Service Delivery ManagerGo/No Go DecisionRoles and ResponsibilitiesActivitiesOperating Management and Governance BoardRoles and ResponsibilitiesActivitiesPrepare Proposal for New ServiceRelationship and Product ManagersGoodInvestmentDecisionWhat are best practices for IT governance implementation?To implement an effective governance capability, governance is best seen as a series of process steps to achieve a specific goal. Goals might include a decision on whether a new service should be developed as one shared among multiple business units or specific to an individual business unit (as in the example above); how to fund the creation and implementation of this new service; the pricing strategy and structure for IT services; or the relative priorities of change requests. To define how a governance decision would be reached in your organization and management culture, define (for each of the decision goals) a series of process steps with defined inputs, outputs, activities, roles and associated responsibilities, and authority. This is often best accomplished by starting with who and how the final decision should be made and working backward to identify all the precedent steps required to make the decision possible.Action Item: Implement governance as a process to establish roles and responsibilities.
14 Effective IT Governance — Governance via Stakeholder Collaboration Tactical Guideline: To ensure the effective and efficient use of IT, enterprises should create a governance mechanism that provides the forums, processes and tools to allow stakeholder groupings to collaborate and be effectively integrated with organizational decision making.Company business visionOverall fundingInfrastructure investmentIssue resolutionCEO, CxO, CIO andLOB managerStrategy CouncilBusiness Initiative CouncilInitiative managementProject prioritiesResource allocationFunding allocationMeasurement criteriaTrading partner liaisonProject manager, business manager, BU process manager and IT managerTechnical CouncilTechnical architectureProject management practicesTools and standardsVendor criteriaTechnical manager, BU process manager and IT managerWhat are best practices for IT governance implementation?Rather than the traditional "IT steering committee" approach, IS organizations should implement councils focused on different stakeholder groups with common interests in IT-related issues. These council roles must use the enterprise's strategy and its supporting plans, including IT, as the common elements on which to base their charters and agendas.We believe enterprises require at least three committee types with different roles: 1) a business/IT strategy council, which is most interested in whether IT can support the organization's long-term strategies, affordably, and which looks at strategy, policy and aggregate funding issues; 2) a business initiatives council, which is interested in executing the organization's annual operating plan and which deals with conflicting priorities and escalation issues from IT and the business units; and 3) a technical council, which develops guidelines and principles for technology standards, and practices and performs oversight and exception escalation resolution.As a practical matter, decision making cannot be allowed to be slowed by a more inclusive and complex change process. Therefore, we recommend that each council should be tied into the existing decision-making process rather than be forced to be an additional decision-making entity "grafted on" to the organization's existing decision-making processes.Action Item: Identify your IT stakeholder groups, and ensure they have a forum that focuses on their interests.
15 IT Governance Pitfall! 'Common Good' or 'Common Reality' Tactical Guideline: For sustained effective governance, design your governance process to accommodate the varied self-interests of key stakeholders."Common Good"Based on a collaborative corporate culture and shared needsBU management sets individual BU prioritiesBU management collaborates to decide overall priorities and allocate resourcesSteering committees as major forum for all stakeholdersSteering committees have decision-making role"Common Reality"BUs do not normally collaborate, and each demands an individual relationship with ITBUs are IT's customers (some are more important than others)Relationship management and product management are used to drive serviceSteering committees serve as stakeholder forums linked to decision makingSenior business management acts as the IT "board" and oversees demand managementWhat are best practices for IT governance implementation?IT demand governance should reflect the organization's decision-making culture and style. If IT's business customers share common business goals and are dependent on each other for success, a collaborative governance style can be effective. However, if priorities are to be decided between business units that have no dependence on each other or day-to-day interaction, it will be difficult for them to collaborate on IT-related investment decisions that to them are a zero-sum game on who loses to whom. This is particularly important if business unit management remuneration is driven by the performance of the individual business unit more than the overall achievement of the organization. In this situation, it is better to elevate investment decision making to a level above business unit management to implement a clear process for demand management and to use tools such as relationship management to develop an overall view of customers' needs and a consolidated delivery strategy.Action Item: Match your governance structure for the allocation of scarce resources and issue a resolution to the collaborative and decision-making style of your organization.
16 Understand Your Customer(s) Implement Processes, Not Committees RecommendationsImperative: Start to make IT governance more effective now. First, focus on establishing common business goals for IT governance with the business. Only then move to develop and implement improved IT governance processes.Understand Your Customer(s)Common GoalsIT GovernanceImplement Processes, Not CommitteesClearPrinciplesWhat are best practices for IT governance implementation?Establish common business goals for IT governance with business management (for example, ensuring the prioritization, execution and benefits realization from IT-related business investment projects). Without these common goals, business management is unlikely to perceive the value of what it sees as "dealing with IT issues" and prioritize its time appropriately (the biggest single complaint from CIOs about demand governance). Develop a common agenda that the business sees as adding value but also addresses IT concerns (for example, the review and approval of key personnel assignments to critical projects). Implementing effective IT governance requires defining IT governance as a decision-making process with well-defined outputs, process steps, and roles and responsibilities. IT governance will be more successful on a sustained basis the more it can be integrated into the current business decision-making processes. Where additional steps, participants or components (for example, steering committees) are required, the more compatible they are with the decision-making style and culture of business management, the more likely IT governance will be successful. Ensure that investment project goals are related to "changing the business" — not just implementing technology — and develop plans that share responsibility for business outcomes between IT and the business. These steps should create a common self-interest between the business and IT to ensure that governance is seen as valuable for both business and IT management and worth the business's prioritization of commitment of management time and attention.