IT that delivers business value

3. Professional IT Governance: From Responsibility to Delivery

Large light bulbs hanging from the ceiling

Value-creating IT governance requires order and structure

IT governance is not primarily a question of technology – it is a question of structure, responsibility and control. Without clear roles, governance documents and follow-up, IT risks becoming an uncontrollable cost and a security risk - instead of a proactive force that helps businesses become more efficient and work smarter. A model for IT governance needs to be based on strategy, but be operationally concrete - to ensure that IT truly supports business goals.

Three steps to better IT governance

IT governance is a broad concept that includes everything from requirements to follow-up in order to ensure the success of all types of IT deliveries. We list some of the most important areas below with practical tips on what is required.

1. Clear roles and responsibilities

Effective IT governance starts with everyone knowing what they are responsible for. Above all, ensure that:

Establish responsibility matrices for IT management and change management.
Create structure for role-based access and authorization control.
Streamline on-/offboarding processes with clear routines and controls.

Tip: Visualize the distribution of responsibilities in a simple RACI matrix – it creates clarity and reduces the risk of duplication of work or gaps in responsibility.

A RACI matrix clarifies who is responsible, involved and informed in each issue.

2. Steering documents and planning

Governance requires clear rules of the game – but also that governance documentation is up to date and used. Make sure you have:

Updated IT policies, instructions and system matrices.
A continuity policy to manage interruptions and incidents.
A realistic 12-month IT plan that is aligned with budget, resources and business goals
(Read about a key prerequisite for maintaining an up-to-date IT plan in our first theme in the series: 1. Achieve value-creating proactivity.)
Establish a realistic budget and pragmatic budget follow-up(Read more about IT costs in the second part of the series: 2. Take control of IT costs.).

Common mistake: Many people have control documents – but they are outdated or unknown in the organization. Make sure they are continuously updated and that they are applied in everyday decisions.

3. Risk analysis and supplier management

IT management is also about preventing problems – not just managing them:

Establish a continuous risk analysis process for cyber threats, data leaks and operational disruptions.
Manage suppliers through requirements setting, follow-up and improvement work.
Ensure access to the right case statistics to enable analysis with the aim of eliminating incidents and automating inefficient orders.
Negotiate important contract terms as standard agreements often mean that the majority of risks end up on the customer's side.

Insight: Many are in a situation where suppliers control more than they do. With the right structure and follow-up, you can turn this around – and become a demanding customer. Then the suppliers will also succeed better.

Want to know more about how we can help you establish a professional IT governance function?

Book a consultation

Back to IT that delivers business value