Company size matters: Perspectives on IT Governance

Similar documents
Maximizing Your IT Value with Well-Aligned Governance August 3, 2012

Enabling IT Performance & Value with Effective IT Governance Assessment & Improvement Practices. April 10, 2013

COMMUNIQUE. Information Technology (IT) Governance Guidance

How To Transform It Risk Management

IT Governance. What is it and how to audit it. 21 April 2009

Driving Business Value. A closer look at ERP consolidations and upgrades

The IT Infrastructure Library (ITIL)

Domain 1 The Process of Auditing Information Systems

Maximize potential with services Efficient managed reconciliation service

fs viewpoint

IT Governance Regulatory. P.K.Patel AGM, MoF

IT consulting Advice into action

State of Michigan Department of Technology, Management & Budget

Cybersecurity in the States 2012: Priorities, Issues and Trends

IT Service Management tools - Acquisition and implementation

Real Property Portfolio Optimization

Enterprise Architecture: A Governance Framework

IT risk management discussion 2013 PIAA Leadership Camp May 15, 2013

ERP Survey Questionnaire

The Changing IT Risk Landscape Understanding and managing existing and emerging risks

Maximizing Business Value Through Effective IT Governance

Exposing the hidden cost of Payroll and HR Administration A total cost of ownership study

IT Governance. Key Initiative Overview

COBIT 5 For Cyber Security Governance and Management. Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE)

The Keys to Successful Cloud Migrations

Managed Hosting: Best Practices to Support Education Strategy in the Career College Sector

Advisory Consulting. Maintain and support critical business applications with Managed Services

Setting goals and measuring the value of Enterprise IT Architecture using COBIT 5 framework

Industry Engagement Event. CLOUD COMPUTING SOLUTIONS CONSULTATION EN /A November 13 th, 2014 Delta Hotel, Ottawa.

State of the States: Priorities, Trends and Issues NCSL Fall Forum December 6, 2013

Mobile and BYOD Strategy

Data analytics Delivering intelligence in the moment

Revised October 2013

Alex Beath and Jody MacIntosh

Public Sector Chief Information Officer Council

ARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION.

Office of the Auditor General AUDIT OF IT GOVERNANCE. Tabled at Audit Committee March 12, 2015

Unlocking value from your ERP service organization*

Table 1 Question Answer Explanation Next Question 1. Sensitive data?

IT Risk Closing the Gap

EXECUTIVE SUMMARY...5

The Role of Internal Audit in Risk Governance

IT Transformation for Health Care

IT Transformation. Moving Beyond Service Management to a Strategic Business Role. August kpmg.com

Managing the Shadow Cloud

Driving performance and value through strategic vendor management

Simplify And Innovate The Way You Consume Cloud

IT Governance Charter

HR IN THE CLOUD. Basil Sommerfeld Partner Operations Excellence & Human Capital Deloitte

How To Understand Cloud Computing

ISSA Guidelines on Master Data Management in Social Security

Stepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM

IT Infrastructure Audit

iworks healthcare Managed IT services

Trends in Managed Services in Tax Administration

Beyond Mandates: Getting to Sustainable IT Governance Best Practices. Steve Romero PMP, CISSP, CPM IT Governance Evangelist

Designing and Implementing Cloud Governance: Cloud, and Cloud Governance, are Emerging Capabilities

IT Governance isn t one thing, it s everything. Steve Romero PMP, CISSP, CCP

Our Services. We offer the following services to our clients: IT Strategy and Planning. Value Management. Business Continuity Planning

CLOUD EXECUTIVE PERSPECTIVE Edition. Cloud Computing: Changing the Role and Relevance of IT Teams

Right-Sizing Electronic Discovery: The Case For Managed Services. A White Paper

Infrastructure consulting. Global Infrastructure

Hosting and cloud services both provide incremental and complementary benefits to the organization

Global Technology Audit Guide. Auditing IT Governance

Information and Communication Technology

Project Management Best Practice Benchmarks

Understanding SOC Reports for Effective Vendor Management. Jason T. Clinton January 26, 2016

W H I T E P A P E R I m p a c t o f C y b e r s e c u r i t y A t t a c k s a n d N e w - A g e S e c u r i t y S t r a t e g i e s

IT Governance: framework and case study. 22 September 2010

Italy. EY s Global Information Security Survey 2013

TERMS OF REFERENCE (TORs) OF CONSULTANTS - (EAG) 1. Reporting Function. The Applications Consultant reports directly to the CIO

IT GOVERNANCE PANEL BRING VALUE BY AUDITING IT GOVERNANCE GET THE

Financial services. Julie Chaidron Manager Advisory & Consulting Deloitte. Elias Pankert Analyst Advisory & Consulting Deloitte

SSC Operations IT Transformation in Motion

CLOUD ERP AND ACCOUNTING: SELECTION AND PLANNING GUIDE

At the Heart of Virtualizing Insurance

CONSULTING SERVICES Managed IT services

A Changing Commission: How it affects you - Issue 1

ERP Challenges and Opportunities in Government

Challenges & Trends. Differentiate & Innovate the Business Model. Optimize and streamline the Operations

SESSION 709 Wednesday, November 4, 9:00am - 10:00am Track: Strategic View

A Final Report for City of Chandler Strategic IT Plan Executive Summary

Building an effective stay back team to gain maximum value from an outsourcing agreement

The Directors Cut. The power of data: What directors need to know about Big Data, analytics and the evolution of information.

Blue Fire Thames Court 1 Victoria Street Windsor SL4 1YB enquiries@bluefire-uk.com

How To Design A Cloud Based Infrastructure For Spera

California Enterprise Architecture Framework

Validating Enterprise Systems: A Practical Guide

COBIT 5 ISACA s new framework for IT Governance, Risk, Security and Auditing. An overview

Cloud Computing in Banking

Why Consider Cloud-Based Applications?

Insurance Industry Expertise

Third-Party Cybersecurity and Data Loss Prevention

Bringing Together the Essential Elements of Private Cloud

Can Cloud Database PaaS Solutions Replace In-House Systems?

POSITION LOCATION REPORTING RELATIONSHIP

SDLC- Key Areas to Audit in IT Projects ISACA Geek Week /21/2013. PwC

From cost center to spearhead

Increasing IT Value and Reducing Risk. More for Less with COBIT5. IT Governance and Strategy

Transcription:

www.pwc.com/ca/technology-consulting Company size matters: Perspectives on IT Governance versus large Canadian organizations and IT Governance

PwC conducted research for the 4th edition of the IT Governance Institute s (ITGI 1 ) Global Status Report on the Governance of Enterprise IT (GEIT) published January 20. Comparing the results of global and Canadian data sets, PwC s research found that Canadian organizations need to focus on two areas of IT governance: enterprise architecture and cost reduction. The PwC report, Canadian business perspectives on the governance of enterprise IT (GEIT) can be found at: www.pwc.com/ca/technology-consulting. In April 20, PwC prepared a sub-section of data from the Canadian respondents that reviewed the differences in how Canadian small businesses (less than 00 employees) approach IT governance compared to larger firms (more than 00 employees). The results from the sub-section of data showed that smaller firms in Canada have lower IT maturity and require more formal structure and improved IT governance. 1 ITGI is the research affiliate of ISACA, a global non-profit, independent membership association with,000 consultants in 0 countries. The full report is available as a free download at www.isaca.org/itgi-global-survey-results).

The contribution of IT to the business IT s value contribution to the business is generally perceived more positively by respondents from larger organizations. All respondents from larger organizations agreed or strongly agreed that IT investments create value for the business, compared to 8% of respondents from smaller organizations. At the same time, smaller companies are more satisfied with IT service levels than larger companies. Almost half of respondents from small companies strongly agreed that IT service levels meet their business needs, as compared to only 18% of larger company respondents. Ensuring that IT service levels meet business needs may be easier to achieve in smaller organizations as IT requests are typically less complex and IT service providers may have fewer conflicting demands. r companies view their IT departments as being more agile than smaller firms, with 82% of large company respondents agreeing or strongly agreeing that IT enables rapid business change compared to 48% of smaller company respondents (see Figure 1). An organization s enterprise architecture (EA) is a key determinant of agility and flexibility. er organizations have a lower overall maturity in governing EA (see page 2) which may contribute to the lower levels of agility. This is an important improvement area for smaller organizations, where the right GEIT mechanisms can ensure that there is a focus on agility and flexibility in IT decision-making (see Figure 1). Figure 1: The contribution of IT to the business IT s value contribution to the business is generally perceived more positively by respondents from larger organizations IT investments create value for the business 64 3 IT service levels meet the business needs 18 23 47 42 IT supports the business strategy 41 41 14 47 21 IT enables rapid business change 14 4 47 IT supports business regulation and compliance 41 3 21 Strongly agree Agree Neither/nor Strongly disagree/ Disagree/ Don t know Company size matters: Perspectives on IT Governance 1

The governance of enterprise architecture (EA) Overall, the maturity of smaller organizations in the governance of EA is lower, with fewer respondents using or planning to use most governance mechanisms. Interestingly, very few smaller company respondents operate with a formal framework in place to govern enterprise architecture. Only % of small companies use a framework for the governance and management of architecture (such as The Open Group Architecture Framework i.e. TOGAF) compared to one-third of larger company respondents (see Figure 2). 63% of business respondents from small organizations describe the IT role as proactive In addition to frameworks, specific focus areas for smaller organizations that want to improve the governance of Enterprise Architecture include enterprise architecture principles, defined architecture processes and defined technology standards. Figure 2: The governance of enterprise architecture A framework for the governance and management of EA, such as The Open Group Architecture Framework (TOGAF) 33 20 73 Enterprise architecture principles with which all IT initiatives need to comply 40 33 7 18 Structures such as an architecture review board or committee 33 20 10 Defined architecture processes 60 13 13 4 Defined technology standards 73 13 4 28 Exists Planned Does not exist 1.00 2 PwC

The head of IT as a member of the senior management team The head of IT (CIO, IT manager or equivalent) was more frequently mentioned as a member of the senior management team by respondents from larger Canadian organizations (86% compared to 74% of small organizations); see Figure 3. Since smaller companies have fewer executives on their senior management team, there may be a lower probability for the Head of IT to be included. The role of IT in the organization Both business and IT respondents from smaller companies described IT s role as proactive (68%). Business respondents, particularly from smaller organizations take a more positive view to IT s role than their counterparts in larger organizations (see Figure 4). Business respondents from smaller companies may be closer to their IT departments and might have more insight into their activities. In larger companies, transparency could be improved between the business and IT. Having the right GEIT mechanisms, such as governance structures and processes is a key enabler for transparency. Figure 3: Head of IT as a member of the senior management Figure 4: Role of IT in the organization Member of senior management team 74 86 Business respondents describing the role as proactive 43 63 Heads of IT describing the role as proactive 67 73 All respondents describing the role as proactive 68 Company size matters: Perspectives on IT Governance 3

Planned IT initiatives Most planned IT initiatives were more frequently mentioned by respondents from larger Canadian organizations. Drastic respondent differences were seen in green IT/sustainability initiatives (0% for large organization compared to % for small organizations), major IT system implementations or upgrades (64% for large compared to 37% for small) and the outsourcing of IT service (% for large compared to % for small). The main initiatives planned by smaller organizations are data or information initiatives, IT cost reduction initiatives and major system implementations or upgrades (see Figure ). These are complex initiatives that often involve multiple stakeholders from business and IT and which reinforce the need for the right governance mechanisms. IT-related issues experienced in the past 12 months In general, respondents from smaller Canadian firms cited IT-related issues as less of a concern than larger companies i.e. larger companies faced more challenges than smaller ones in areas such as return on investment not as expected (23% for large companies; % for small) and IT security or privacy incidents (23% for large companies; % for small), concerns relating to an insufficient number of IT staff (almost half of large companies; % for small), and insufficient IT skills (% for large companies; % for small). See Figure 6. Figure : Planned IT initiatives Figure 6: IT-related issues experienced in the past 12 months Green IT/ sustainability initiatives 0 Increasing IT costs 3 Outsourcing IT services Return on investment not as expected 23 Changing internal IT costing arrangements Serious operational IT incidents Data or information initiatives IT supported compliance initiatives IT risk management initiatives IT cost reduction initiatives 21 4 4 42 8 IT security or privacy incidents Problems with external IT service providers Insufficient number of IT staff Insufficient IT skills Problems implementing new IT systems 23 21 42 4 Major IT system implementation or upgrades 37 64 IT disaster recovery or business continuity issues Major IT infrastructure initiatives 4 4 PwC

er company respondents indicated that increasing IT costs, problems implementing new IT systems, as well as IT disaster recovery or business continuity issues, are more frequently experienced. Major system implementations may be especially challenging for smaller companies that have fewer resources at their disposal and that may take a less structured approach to aspects such as change management and training. The right governance over these initiatives can ensure the involvement of all the required stakeholders and an adequate focus on change management, communication and training. Figure 7: Prematurely-ended IT projects Percentage of respondents mentioning the premature termination of an IT-related project Figure 8: Drivers for GEIT activities 14 Prematurely-ended IT projects Respondents from smaller Canadian organizations mentioned the premature termination of an IT-related project less frequently. This may be due to less complex projects in these environments, and therefore a lower probability to fail or have significant enough scope or requirement changes to be prematurely terminated (see Figure 7). Drivers for Governance of Enterprise Architecture (GEIT) activities Ensuring that current IT functionality is aligned with current business needs was the driver for GEIT activities for both small and large companies, but was more a concern for 0% of larger company respondents compared to almost 33% of smaller company respondents. Often, larger companies experience greater alignment challenges given the complex nature of their environments. er company respondents cited avoiding negative incidents as a driver for GEIT activities (% compared to only 14% of larger company respondents). It was seen earlier that increasing IT costs have been an issue for 3% of smaller organizations in the past 12 months, yet it is mentioned as a driver for GEIT activities by only % of respondents from these organizations (see Figure 8). er organizations need to understand the role that GEIT mechanisms can play in managing IT costs, for example ensuring that the total cost of ownership is considered during investment decisions, driving re-use, and making decisions that consider the needs of the whole organization versus individual business units or functions. Avoiding negative incidents Managing costs Ensuring that current IT functionality is aligned with current business needs Increasing agility to support future changes in the business Achieving better balance between innovation and risk avoidance to improve return Complying with industry and/ or governmental regulations 14 8% of small companies (vs 4% of large companies) plan data or information initiatives 0 Company size matters: Perspectives on IT Governance

Level of GEIT measures in place Figure : Level of GEIT measures in place The governance of IT is a higher priority in larger Canadian organizations as demonstrated through higher maturity profiles. Eighty-six percent of respondents from larger organizations have at least some ad hoc GEIT mechanisms in place or higher level of maturity; only 37% of respondents from smaller organizations claim this level of maturity or higher (see Figure ). None of the respondents from small organizations reported that they have a performance measuring system in place or that they are continuously optimizing IT governance processes. Many of the respondents from smaller organizations understand that IT governance is an issue and are starting to define what needs to be done (42%). er organizations need to ensure that they have the right level of governance in place for their unique circumstances and needs. This should start by defining key decisions in different domains and require involvement of both business and IT stakeholders. This decision-making model can be used to drive the design of optimal IT governance structures and processes. We do not think that this is important We understand that this is an issue but are just starting to assess what needs to be done We are well aware that this is important and we have a number of ad hoc measures in place We have well-defined governance of IT measures and processes in place We have well-functioning governance of IT processes and a performance measuring system in place Our processes relating to governance of IT are continuously optimized Don t know 0 0 0 0 21 42 41 Factors that influence the implementation of GEIT practices The culture of the organization, its way of working and human factors influence GEIT implementations in large Canadian organizations. This may be the result of larger organizations often having more intricate cultural dynamics, which are an important consideration during GEIT implementations. For 63% of respondents in smaller organizations, business objectives or strategy play the most significant role, compared to 41% of respondents in larger organizations (see Figure 10). Figure 10: Factors that influence the implementation of GEIT practices The culture of the organization, its way of working and human factors The regulatory environment and specific compliance requirements The business objectives or strategy 41 3 63 Industry or market forces 21 6 PwC

86% of respondents from larger organizations have at least some ad hoc GEIT mechanisms in place or higher level of maturity; only 37% of respondents from smaller organizations claim this level of maturity or higher. Company size matters: Perspectives on IT Governance 7

Outcomes of GEIT practices Perceptions on the outcomes of GEIT practices are fairly similar for both small and large organizations, with the exception of improved communication and relationships between business and IT, which is more frequently experienced in larger organizations (4% compared to % for small companies); see Figure. In smaller organizations, it may be easier to maintain relationships, which is why this may not be a significant GEIT focus area and therefore, a less frequently experienced outcome. The most frequently experienced outcome in smaller organizations is improved management of IT-related risk and improved IT delivery of business objectives. The challenges of implementing GEIT Since smaller companies operate in less complex environments than larger ones, issues concerning change management (41% for large companies; % for small), communication issues (half of large companies; % for small), and high levels of organizational complexity (41% for large companies; % for small) are relatively easier to manage during governance of enterprise IT implementations (see Figure 12). er companies may face more difficulty demonstrating value and benefits since the case for governance is usually easier to make in the more intricate environments of larger organizations (multiple role players in different business units and/or territories, often with conflicting interests). The top challenge for smaller organizations is trying to do too much. er organizations should ensure that IT governance implementations are viewed and managed as any other initiative, including the development of a business case that defines the envisioned values and benefits, properly scoping the initiatives and ensuring that the benefits are achievable. Figure : Outcomes of GEIT practices Figure 12: Challenges implementing GEIT Improved management of IT-related risk 42 0 Change management 41 Improved return on IT investments Communication issues 0 Lower IT costs 23 Lack of senior management commitment and support Improved transparency of IT and its activities 23 Difficulty demonstrating value and benefits 37 Improved communication and relationships between business and IT 4 Getting required business participation Improved tracking and monitoring of IT performance 21 Ineffective current enterprise governance 14 Improved IT innovation High levels of organization complexity 41 Improved IT delivery of business objectives 37 4 Trying to do too much at once 0 47 Improved business competitiveness 18 8 PwC

Outsourcing of IT activities According to the results, smaller organizations indicated they use full outsourcing more frequently, whereas partial outsourcing is more common in larger firms. organizations typically retain some IT services or activities in-house, while smaller organizations may find it easier to fully outsource in their less complex environments (see Figure 13). Infrastructure maintenance, the IT help desk and end user support in particular, are more likely to be fully outsourced by smaller Canadian organizations. Outsourcing is an important focus area in IT governance. Mechanisms such as Vendor Management Offices (VMOs) can add significant value by ensuring the proper oversight over and management of contracts, service level agreements and vendor performance. The top challenge for smaller organizations is trying to do too much when implementing GEIT. Figure 13: Outsourcing of IT activities Infrastructure provisioning 47 47 7 4 Infrastructure maintenance 47 47 7 64 18 Application development and/or maintenance 67 64 IT help desk End user support 67 7 73 67 13 20 73 Fully outsourced Partially outsourced Not outsourced Company size matters: Perspectives on IT Governance

Current and planned use of cloud computing er Canadian companies are less likely than larger firms to be currently using or planning to use cloud computing. None of the respondents from smaller organizations indicated that they are currently using cloud computing for mission-critical IT services and only 18% are planning to use cloud in the future. In contrast, 13% of larger company respondents are currently using cloud, and % are planning to use it. For non-mission critical IT services, only % of small companies are currently using cloud computing with a further 18% planning to use cloud computing, compared to large companies with 20% currently using and 47% planning to use (see Figure 14). Forty-five percent of small company respondents indicated that they are not planning to use cloud computing for nonmission critical IT services. Respondents from both small and large organizations who are not planning to use cloud computing, listed data privacy and security as their main concerns. The adoption of cloud is a complex decision where governance is critical. Governance can be an enabler for cloud computing adoption by ensuring that the right stakeholders are involved in addressing concerns around security and data privacy. Figure 14: Current and planned use of cloud computing For mission-critical IT services 13 3 18 For non-mission critical IT services 20 47 18 4 Currently using Not planning to use Planning to use 10 PwC

Initiatives implemented in response to the economic downturn Figure 1: Initiatives implemented in response to the economic downturn Respondents from larger Canadian organizations mentioned the reduction of staff numbers (both permanent and contract) as a response to the economic downturn more frequently than smaller Canadian companies. The use of contract employees is likely lower in smaller firms as the organization is often much leaner, providing less opportunity for reducing staff numbers. Infrastructure consolidation, a reduction in application licenses and the centralization of IT procurement were also more likely in larger than smaller organizations (see Figure 1). er organizations were more likely to implement stricter investment evaluation mechanisms and were also more likely to invest in technologies that can reduce process or business cost. Investment evaluation is a key IT decision-making area and reinforces the need for optimal governance mechanisms. Reduced permanent staff numbers Reduced contractor staff numbers Consolidated sites/ data centres Consolidated infrastructure (servers, networks, etc.) Reduced application licenses Consolidated the application portfolio Optimized the project portfolio Implemented stricter investment evaluation measures 18 21 18 21 Centralized IT procurement Only % of small organizations implemented centralized IT procurement in response to the economic downturn, compared to % of large organizations. Redefined service level agreements (SLAs) with external service providers Redefined service level agreements (SLAs) with the business to better manage demand Invested in technologies that can reduce process or business cost 14 23 37 Changed sourcing arrangements 14 Changed approach to governance of IT 18 None of the above Don t know Company size matters: Perspectives on IT Governance

Mechanisms to promote IT innovation IT respondents IT respondents from smaller Canadian organizations indicated the assignment of responsibilities for monitoring emerging technologies far less often than their counterparts from larger organizations (only % for small compared to 47% for large). There may be a less significant focus on emerging technologies in smaller organizations since they are sometimes later adopters once technologies have further matured. They are also less likely to have special investment appraisal mechanisms (% for small companies compared to 20% for large). See Figure. er organizations are more likely to allocate time for employees to spend working on experiments or trying out new ideas as a mechanism to promote IT innovation. This may be easier to implement in the less structured HR environments of smaller versus larger organizations. Figure : Mechanisms to promote IT innovation Training for IT managers to better understand how IT innovations can create business opportunities Assigned responsibilities for monitoring emerging technologies and their potential business application Special investment appraisal and funding mechanism to perform pilots with emerging technologies Allocation of time to spend working on experiments or trying out ideas Collaborative programmes where IT and business staff can work together on innovation 20 20 33 47 IT innovation is an area with the potential of significant value-add to the business. er organizations need to ensure that they have the right evaluation and selection mechanisms in place to ensure there is an optimal balance between innovation and operational activities and initiatives. Other Don t know 0 7 18 18 Views on employee use of social networking Respondents from smaller firms are more risk averse than those from larger organizations regarding employees using social networking. For the most part, they considered social networking risky with only % of respondents from small companies agreeing that the benefits of employees using social networking outweigh the risks, as opposed to 8% of small companies agreeing that the risks of employee use of social networking outweigh the benefits (see Figure 17). It is likely that small firms will have a lower risk appetite to other emerging technologies as well. GEIT mechanisms can ensure a greater level of communication and education about emerging technologies so that a balanced view of risks and benefits can be taken. None of the above 7 Figure 17: Views on employee use of social networking The benefits of employees using social networking outweigh risks The risks of employees using social networking outweigh the benefits 18 4 8 The risks and benefits of employees using social networking are appropriately balanced 21 Don t know 12 PwC

Key IT governance focus areas for smaller Canadian organizations The survey emphasizes a number of key focus areas for smaller Canadian organizations from an IT governance perspective: The value contribution of IT is perceived lower in smaller organizations than in larger organizations, with IT enabling rapid change as a key area for improvement. This is related to a lower level of maturity in the governance of enterprise architecture in smaller organizations. Specific governance mechanisms, that smaller organizations could consider, include enterprise architecture principles that all IT initiatives need to comply with, defined architecture processes and defined technology standards. The most important initiatives planned by smaller organizations are data or information initiatives, IT cost reduction initiatives, and major systems implementations or upgrades. It is critical to ensure that the right business and IT stakeholders are involved in the decision-making process for these complex initiatives. This can be facilitated through the right set of GEIT mechanisms. The main issues experienced by respondents from smaller organizations in the past 12 months are increasing IT costs, problems implementing new IT systems, as well as IT disaster recovery or business continuity issues. It is interesting to note that while 3% of respondents mentioned increasing IT costs as an issue, it is reported as a driver for GEIT activities by only % of respondents. er organizations need to recognize the role that GEIT mechanisms can play in managing IT costs, such as ensuring that total cost of ownership is considered during investment decisions and driving re-use. Governance mechanisms can ensure that there is an adequate focus on change management, communication and training during major system implementations in smaller organizations. The overall GEIT maturity profile of smaller organizations is much lower than larger ones. er organizations need to ensure that they have the right level of governance in place for their unique environment. They should start by defining key IT decisions and the required involvement of different IT and business stakeholders. The use of full outsourcing is more prevalent in smaller organizations, than in larger ones. GEIT mechanisms such as a vendor management office or function can add significant value by ensuring proper oversight and management of contracts, service level agreements and vendor performance. In response to the economic downturn, smaller organizations were more likely to implement stricter investment evaluation mechanisms and to invest in technologies that can reduce process or business cost. Investment evaluation is a key IT decision-making area that reinforces the need for optimal governance mechanisms. It is critical to ensure that the right business and IT stakeholders are involved in the decision-making process Company size matters: Perspectives on IT Governance 13

How PwC can help Organizations looking to improve their governance of enterprise IT should start by defining key IT-related decisions that need to be made. Various domains should be considered such as enterprise architecture, sourcing, emerging technologies, investment evaluation and applications. A decision model should then be formulated that defines which business and IT stakeholders should be involved in each decision and in what way. Stakeholders could include individuals such as the CFO, IT manager, business unit leads, as well as current structures e.g. the executive committee. This will enable the right governance structures to be defined. Outputs may include changes to the mandates or compositions of existing structures or the definition of new required structures, such as a vendor management office or committee. The right governance of IT structures needs to be supported through effective processes, policies, standards and principles. These enablers will guide the execution of decisions made by the structures. Taking a holistic approach to these different enablers and dimensions of GEIT can help smaller organizations achieve the governance objectives of value delivery, risk management and resource optimization. PwC Technology Consulting team At PwC Canada, our dedicated team of Technology Consulting professionals has experience in helping a wide-range of companies develop, implement and manage their technology strategies. Combining deep technical knowledge, with expertise in business transformation, stakeholder engagement, and business strategy, we find the right solutions for all of your business needs. Gert du Preez, Author 403 0 77 gert.du.preez@ca.pwc.com Philip Grosch 4 814 8 pgrosch@ca.pwc.com Tony Balasubramanian 403 0 6607 tony.r.balasubramanian@ca.pwc.com Richard Jhang 4 814 80 richard.jhang@ca.pwc.com PwC Technology Consulting Services www.pwc.com/ca/technology-consulting 20 PricewaterhouseCoopers LLP. All rights reserved. In this document, PwC refers to PricewaterhouseCoopers LLP, an Ontario limited liability partnership, which is a member firm of PricewaterhouseCoopers International Limited, each member firm of which is a separate legal entity. 128-01-08

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information