HPI633 W5 Discussion
Chapter 8 Governance of the Information Systems Organization
Managing and Using Information Systems: A Strategic Approach
by Keri Pearlson & Carol Saunders
1
Learning Objectives
Define the role of the CIO.
Understand what a manager should expect from the MIS organization.
Describe why a manager must know the organizations particular needs.
Define what a lean, competitive enterprise looks like and how IT plays a role.
Understand how decision rights are allocated.
List alternative structuring approaches.
Identify the risks of a global MIS organization.
2
Chapter 8
2
Real World Examples
When the new CEO of 3M came on board he broke up the Information Systems Steering Committee (ISSC) that decided on major IS directions and projects.
The CIO wanted corporate IT priorities decided at the highest business level, not just by IT.
Now 3M’s IT governance structure starts at the business process level.
Each division is responsible for documenting the productivity of its IT projects.
Must be in line with the divisions cost reduction targets.
Business unit leadership is responsible to top executives.
Business units are more motivated to devote resources to make sure that their IT projects are successful.
3
Chapter 8
3
UNDERSTANDING THE IS ORGANIZATION
4
CIO
The CIO (Chief Information Officer) is at the helm of the IS organization.
CIO’s primary goal is to manage IT resources to implement enterprise strategy.
Provide technology vision and leadership for developing and implementing IT initiatives to help the enterprise maintain a competitive advantage.
As the importance of technology has increased so has the position of the CIO.
Must work effectively with ALL units of the company, not just IS.
5
Chapter 8
5
Twelve Main CIO Responsibilities
The following responsibilities often define the role of the CIO:
Championing the organization.
Architecture management.
Business strategy consultant.
Business technology planning.
Application development.
IT infrastructure management.
Sourcing.
Partnership developer.
Technology transfer agent.
Customer satisfaction management.
Training.
Business discontinuity/disaster recovery planning.
6
Chapter 8
6
CIO
Must have both technical and business skills.
Must see the business vision and how IT can help facilitate that vision.
Is both a strategist and operations manager.
Some organizations do not have a CIO.
They hire someone to “run” their computer systems and do not give them much decision making authority.
7
Chapter 8
7
CTO, CPO, and Other Roles
The CIO, particularly in larger organizations, cannot guide the enterprise toward the future alone.
Other strategic areas require more focused guidance.
The CTO is a critical role.
Works alongside the CIO.
Needs business savvy and communication skills.
Must be able to create an organizational vision.
New positions created to deal with this growing need.
Figure 8.1 shows a list of other IT managers and their responsibilities.
8
Chapter 8
8
| Title | Responsibility |
| Chief technology officer (CTO) | Track emerging technologies Advise on technology adoption Design and manage IT architecture to insure consistency and compliance |
| Chief knowledge officer (CKO) | Create knowledge management infrastructure Build a knowledge culture Make corporate knowledge pay off |
| Chief telecommunications officer (CTO) | Manage phones, networks, and other communications technology across entire enterprise |
| Chief network officer | Build/maintain internal and external networks |
| Chief resource officer | Manage outsourcing relationships |
| Chief information security officer | Insures information management practices are consistent with security requirements |
| Chief privacy officer | Responsible for processes and practices that insure privacy concerns of customers, employees and vendors are met |
Figure 8.1 The CIO’s lieutenants
Chapter 8
9
9
What a Manager Can Expect from the IS Organization
10
Eight Core Activities
Anticipating new technologies.
IT must keep an eye on emerging technologies.
Work closely with management on decisions.
Weigh risks and benefits of new technologies.
Participating in setting strategic direction.
IS can act as consultants to management.
Educate managers about current technologies/trends.
Innovating current processes.
Review business processes to innovate.
Survey best practices.
Developing and maintaining systems.
Build or buy software.
11
Chapter 8
11
Eight Core Activities (continued)
Supplier management.
Carefully manage outsourced IT.
Architecture and standards.
Be aware of incompatibilities.
Inconsistent data undermines integrity.
Enterprise Security
Important to all general managers.
Much more than a technical problem.
Business continuity planning
Disaster recovery.
“What if” scenarios.
12
Chapter 8
12
Business Continuity Plan
Approved set of preparations and sufficient procedures for responding to a variety of disaster events.
What do we do in case of an emergency such as 9/11?
Three major stages of BCP:
Pre-planning - management’s responsibility is defined, possible risks are evaluated, and a business impact analysis is performed.
Planning - alternative business recovery operating strategies are determined.
Post-planning - familiarizes employees with the plan through awareness and training programs.
13
Chapter 8
13
Managing Data, Information and Knowledge
Managing information and knowledge in the enterprise is of particular concern to IS.
Database administration.
Includes the collecting and storing the actual data created, developed, or discovered.
Deciding on format, location, and indexing of stored data.
Knowledge management is covered in detail in chapter 12.
14
Chapter 8
14
Managing Internet and Network Services
Intranets, extranets, Web pages, and e-mail are becoming essential in most business environments.
General managers must interact with the Web master, Web designers, and Web developers.
Networking groups design, build, maintain, and manage the network architecture.
Managers must be concerned with telecommunications and their costs.
15
Chapter 8
15
Managing Human Resources
IS must manage its own resources.
Provide business and technical training.
Hiring and firing of staff.
Tracking time, managing budgets, etc.
Maintain skills inventory.
Individual managers are responsible.
16
Chapter 8
16
Operating Data Center
Houses large mainframe computers or rows of servers on which the company’s data and business applications reside.
Managers rarely have direct contact with data center staff.
Many organizations outsource data center operations.
17
Chapter 8
17
Providing General Support
Providing support for users of IS.
Support requests are normally centralized.
Centralized help desk – first contact point.
Forward requests to knowledgeable staff.
Many companies outsource this function.
Not uncommon to call support and speak to someone in another country.
Figure 8.2 provides a framework for traditional and newer IS activities that are considered the responsibility of the IS organization.
18
Chapter 8
18
Figure 8.2 User management activities
Chapter 8
19
19
WHAT THE IS ORGANIZATION DOES NOT DO
20
What IS Does Not Do
Does not perform core business functions such as:
Selling
Manufacturing
Accounting.
Does not set business strategy.
General managers must not delegate critical technology decisions.
21
Chapter 8
21
IT GOVERNANCE
22
22
Centralized vs. Decentralized Organizational Structures
Centralized – bring together all staff, hardware, software, data, and processing into a single location.
Decentralized – the components in the centralized structure are scattered in different locations to address local business needs.
Federalism – a combination of centralized and decentralized structures.
Figure 8.3 shows the continuum of where these structures fall.
23
Chapter 8
23
Figure 8.3 Organizational continuum
24
The 5 Eras of Information Usage
1960s - mainframes dictated a centralized approach.
1970s - remained centralized due in part to the constraints of mainframe computing
1980s - advent of the PC and decentralization
1990s - the Web, with its ubiquitous presence and fast network speeds, shifted some businesses back to a more centralized approach
2000+ - the increasingly global nature of many businesses makes complete centralization impossible
25
Chapter 8
25
Federalism
Most companies would like to achieve the advantages derived from both centralized and decentralized organizational paradigms.
This leads to federalism – a structuring approach which distributes, power, hardware, software, data and personnel between a central IS group and IS in business units.
26
Chapter 8
26
Figure 8.5 Federal IT
Chapter 8
27
27
Another Perspective on IT Governance
Weill and his colleagues define IT governance as “specifying the decision rights and accountability framework to encourage desirable behavior in using IT.”
The focus is not what, but who.
Good IT governance provides a structure to make good decisions.
The assignment of decision-making authority and responsibility
The decision-making mechanisms
28
Chapter 8
28
| Category | Description | Examples of Affected IS Activities |
| IT Principles | High-level statements about how IT is used in the business | Participating in Setting Strategic Direction |
| IT Architecture | An integrated set of technical choices to guide the organization in satisfying business needs. The architecture is a set of policies and rules for the use of IT and plots a migration path to the way business will be done | Establishing architecture and standards |
| IT Infrastructure Strategies | Strategies for the base foundation of budgeted-for IT capability (both technical and human) shared throughout the firm as reliable services, and centrally coordinated | Managing internet and network services; providing general support; Managing data; Managing human resources |
| Business Application Needs | Specification of the business need for purchased or internally developed IT applications | Developing and maintaining information systems |
| IT Investment & Prioritization | Decision about how much and where to invest in IT including project approvals and justification techniques | Anticipating new technologies |
Figure 8.6 - Five major categories of IT decisions
29
Chapter 8
29
Decision-Making Mechanisms
Policies may be used.
The steering committee is common and works well in the federal archetype.
IT Governance Council – steering committee at the highest level.
Reports to board or CEO.
Comprised of top-level executives.
Provides strategic direction and funding authority.
Lower level steering committees are responsible for effectively allocating scarce resources.
Companies usually have one or the other.
30
Chapter 8
30
Managing the Global Considerations
Large global MIS organizations face many of the same organizational issues as any other global department.
For IS, a number of issues arise that put the business at risk beyond the typical global considerations.
Table 8.9 summarizes how a global IT perspective affects six information management issues.
31
Chapter 8
31
| Issue | Global IT Perspective | Example |
| Political Stability | How risky is investment in a country with an unstable government ? | India, a country that faces conflict with Pakistan |
| Transparency | Domestically, an IT network can be end-to-end with little effort compared to global networks | SAP-R3 can be used to support production processes but only if installed |
| Business Continuity Planning | When crossing borders, it is important to make sure that contingency plans are in place | Concern when crossing boarders is will data center be available when/if needed |
| Cultural Differences | IT systems must not offend or insult those of a different culture | Using images or artifacts may be insulting to another culture |
| Sourcing | Some technologies cannot be exported or imported into specific countries | Exporting it to some countries, especially those who are not political allies is not possible |
| Data Flow across Borders | Data, especially private or personal data, is not allowed to cross some borders. | For example: Brazil |
Figure 8.9 - Global Considerations for the MIS Organization
Chapter 8
32
32
FOOD FOR THOUGHT:CIO Leadership Profiles
33
CIO Leadership Profiles
The work of the CIO has grown in scope and complexity.
1/3 of CIOs manage an additional corporate function
¾ of the CIOs report to the CEO, president or COO
over ½ listed corporate strategy as a top responsibility
Recent study shows four profiles that characterize the CIOs leadership role:
IT Orchestrator (32%) – an effective IS leader involved in strategic decision making.
IT Advisor (18%) – possesses the strategic and IT skills to be effective, but not adequately funded.
IT Laggard (18%) – high-level of decision making authority but doesn’t have business or strategic skills.
IT Mechanic (32%) - low levels of strategic effectiveness, business skills and decision making authority.
34
Chapter 8
34
SUMMARY
35
Summary
The CIO is a high-level IS officer.
There are a variety of key job titles in the IS organization.
IS organizations can be expected to anticipate new technologies, set strategic direction, etc.
Managers must work with IT leaders to develop a lean, competitive enterprise, where IT acts as a strategic enabler.
36
Chapter 8
36