Technology is a key investment in most businesses—including startups, and small or mid-sized companies. Whether it is product development or operations—technology decisions are fundamental to the business model. Regardless, IT Governance takes a back seat as these businesses race to bring the product to market, serve their customers, find investments and scale.
Technology decisions are often guided by owner preferences, and concerns of costs. Monitoring and control do not seem to be priority as owners (and/or key employees) may typically have intimate knowledge and understanding of “everything” in their IT. But as businesses scale such lack of rigour imparts costs. The operational infrastructure can impede growth, poor decisions may lead to costly rebuilding, compliance and security issues may have disastrous consequences.
The most common reasons observed are the lack of awareness, fear of losing flexibility and decision-making styles. The lack of delineation amongst various functions in business and within IT makes it difficult to apply governance principles. Stress on velocity, high regard for immediate team concerns and preferences, apparent ability to patch through multiple systems, and general lack of board’s (or advisors/ mentors) focus on IT Governance also contribute.
Nonetheless, IT Governance is not just beneficial for all stakeholders, it can quickly become an important enabler as businesses grow. It is in the interest of the founders, employees, customers and investors, that the key IT decisions and their implementation is done in a consistent, holistic and comprehensive way which are also aided by an objective oversight. IT Governance frameworks (such as COBIT 5) help to achieve these exact goals. It plays a critical role in ensuring that company continuously delivers benefits while balancing risk and costs.
IT Governance practices can be very different from those in larger enterprises. The various aspects of governance have to be tuned and fitted—and at the same time allow inclusion of increasing rigour as business grows. Any approach to IT governance for a smaller business has to include mechanisms of oversight with focus on company’s objectives, monitored investments and projects, choices driven by larger enterprise architecture concerns, right hiring, and adopting an appropriate level of formalism with documented processes, measurable goals for projects and investments and regular review. At the same time, needs of flexibility, economy and speed must be incorporated.
Right governance bolsters business’s capability to use technology in the most effective manner. It imparts confidence, bring in innovation and reduces risks. Implementing governance principles in a consistent manner can, however, be daunting.
Especially when companies may not find it viable to create and maintain dedicated IT leadership, or where the leadership is stretched thin as technology choices, implementation considerations and operational details require substantial time and consideration. Such businesses would be helped immensely with a trusted technology consultancy, which can understand their unique context and help ensure governance as a virtual CIO.