For most organizations, the reality is setting in that alignment of IT and corporate strategies is no longer sufficient. Across various industries, banking, retail, energy, health care and other sectors, organizations are adopting and adapting IT governance frameworks, in particular COBIT 5. Their goals include pursuing the integration of the governance and management of enterprise IT (GEIT) with the overarching enterprise governance to drive value. The Bank of England indicated that such endeavors will enable IT function to more clearly demonstrate value to business across the bank.1
Here are some tips to implement effective GEIT initiatives in a sustainable manner:
Leverage organizational asset: Find and leverage key strengths in existing organizational assets, i.e., policies, infrastructure, processes, structures and/or other resources. These are called enablers in COBIT 5. Initiatives to improve these assets could be quick wins to gain credibility and allow stakeholders to embrace both the GEIT framework and initiatives.
Adopt and adapt: Tailor the GEIT framework to the context and needs of the organization to make the framework and related initiatives relevant. Implementers need to assess the organization’s pain points and/or the trigger events (i.e., business problems/opportunities to be solved/seized) and identify benefits to be realized. Otherwise, stakeholders could see GEIT as an initiative in search of real problems.
Tools and techniques: Use the goals cascade, a powerful tool in COBIT 5, to integrate goals/needs from stakeholders to the enterprise, IT and enabler goals. Clear linking of such IT goals to the overarching enterprise goals fosters common language and clear, strategic direction and alignment.2
Be people focused: Focus on the people side of the initiative, including identifying change agents, human and behavioral impacts, sponsorship, implementation teams, roles and responsibilities, as well as developing communications to convey the vision and outcome. Change enablement activities must be addressed throughout the GEIT implementation cycle to ensure successful outcomes.3
Keep score and report out: One can neither manage nor improve what cannot be measured. COBIT 5’s integration with the balanced scorecard (BSC) and ISO/IEC 15504 Process Capability Assessment makes it holistic. Customize the 17 enterprise and IT goals. Measure and take corrective actions based on results. Determine the most efficient process improvement based on current-state assessment.
Keep in mind that GEIT is concerned with IT value delivery to the business and the mitigation of IT-related risk.4 Its implementation should be in phases to ensure continuous improvements where subsequent phases improve on the previous ones.
Okanlawon Zachy Olorunojowon, CISA, CGEIT, PMP
Has more than 15 years of experience spanning systems development, network and database administration, enterprise information systems implementation, strategic planning and project management, governance and management of enterprise IT. He is currently a project director with the Ministry of Health, British Columbia, Canada, and has been a chief information officer and a head of IT with financial institutions in Nigeria. An accredited COBIT 5 Instructor, Olorunojowon has delivered Risk IT courses in Nigeria, COBIT 5 courses in Canada and at ISACA training weeks. He has conducted on-site COBIT 5 training across North America. He is a past president of the ISACA Victoria (British Columbia, Canada) Chapter and has been a member of ISACA since 2004.
1 Bernard Marr*, Chris Piper and Iain Parker; “Getting a Handle on IT Governance: Experiences of Using Strategy Maps at the Bank of England,” Advanced Performance Institute (*Strategy map was integrated with COBIT)
2 ISACA, COBIT 5: Implementation, USA, 2012, chapter 7
3 Ibid, chapter 5
4 Ibid, chapter 2