In 2020, the challenges for effective IT governance are different than at any time in the past. The rate of change of technology, threats and the shifting world of governance can be challenges to developing and maintaining good IT culture.
So, what is good IT culture in 2020? I’m glad you asked.
The key issues are:
- A strategic, rather than technical, focus
- Governance: information governance; security governance; operational governance
- Accountability and transparency.
Maintaining a Strategic Focus
It’s a common problem. You likely see it occur across your organisation: people who are focused on the technical rather than the strategic.
The draw for people to get down into the technical layer is very strong. To continually tinker – but at what cost? Continuous change can have detrimental outcomes when someone is fixated on ‘just getting something to work’ and resists following change management procedures. It is invariably on these occasions that a second set of eyes will point out the subsequent glaring risk that has just been created – a typical example is to give a standard user full network Administrator access over their local computer…. Yes, they finally got that program installed, however, the computer is now vulnerable to any level of malicious virus infection! Another illustration of this is when an organisation falls in love with a solution and unwittingly loses understanding for the originating business problem at hand.
Keeping that strategic focus is an everyday challenge. It keeps you looking at the organisation’s broader goals and how IT supports them:
- What are the strategic imperatives of the organisation?
- What are the challenges to achieving those imperatives?
One major challenge is ensuring that there is a clear IT roadmap that aligns the strategic focus to the operational. In turn, that roadmap should be underpinned by governance.
Governance, Governance, Governance
Governance is a set of authorisations, policies and processes to ensure that your organisation’s IT operates as it should.
There are three aspects to governance:
Information governance is a framework for how data is secured and handled within your organisation. Indeed, it needs to balance the security of information and its use. Information governance is not records management – at least, not in isolation. It is a coordinated approach to managing information across an organisation to support outcomes.
The National Archives of Australia produced an excellent table that highlights why information governance is important:
Benefits of Information Governance
- Enhances information quality and authenticity
- Improves integrity and reliability
- Improves findability and accessibility
- Improves accountability and reduces risk
- Enables appropriate controls
- A holistic approach for information needs that encourages opportunities and efficiencies
- Enables whole-of-government collaboration and innovation
Consequences of Poor Information Governance
- Data quality issues
- Unreliable information
- Information is difficult to find and interpret
- Non-compliance with regulations and legislation resulting in reputation damage
- Security breaches
- Information silos, which exposes the agency to risk and limits opportunities
- Difficult to implement machinery of government change and stifles
See Part Two on security governance, operational governance and the importance of accountability and transparency.