The information and technology (I&T) industry has operated in a changing environment for decades, but it wasn’t until the recent convergence of many disruptive events that forced us to rethink our governance models. Today’s I&T environment is like nothing we have ever experienced before: a global pandemic, cyber threat sophistication, increasing regulatory constraints, social and political pressures, and digital transformation. Combined with a drive for high-velocity deployments, these dynamics have not only changed the rules, but created more vulnerabilities in the process.
For businesses that have relied on IT over the past several years (and who hasn’t?), you likely already know the frustration that comes from watching your IT team struggle to operate complex systems, much less deliver new capabilities. Businesses running on old operating and governance models won’t cut it anymore–the traditional organization is dead. Now comes the birth of a new type of organization: customer-centric, connected, and collaborative.
There is no surprise that good practices and frameworks are becoming increasingly important as the years progress. The future of our work will require more integration with the business, flatter organizations with more authority delegation and the emergence of new roles and skills. Having a framework can help create a blueprint to enable a governance system that offers consistency and stability. There are many frameworks to choose from – so many, in fact, that most of us suffer from framework overload and fatigue. When I was a CIO, I cannot tell you how many times someone came to my office with a framework proposal that was going to save us. My response every time was – show me how the value is created. There were two frameworks that seemed to come up repeatedly: COBIT and ITIL. Once I did my research on them, I was hooked.
Both frameworks have undergone significant updates recently to accommodate these changes to our rapidly changing environment. Although they have different purposes and perspectives, they are both excellent models to help create value in service-oriented IT organizations, if adopted correctly. ITIL focuses on value co-creation through service management. COBIT focuses on governing and managing enterprise I&T to create value for stakeholders.
For example, from an ITIL perspective, service consumers receive value when using IT services that are seamless and not constrained by IT. From a COBIT point of view, an enterprise should be confident that the governance components enable service performance while ensuring that risks are addressed, and the cost/benefit ratio is favorable.
ISACA and Axelos have released a joint paper on these complementary frameworks that describes how they can be leveraged together to create a holistic and tailorable system that encompasses governance and service value. Adopting these frameworks can be difficult. There are many internal and external factors involved and they can quickly add up. Below are my top ten 10 tips to adopting and adapting multiple frameworks in your governance system:
Tip 1 – Remember that no single framework can satisfy everything the enterprise needs to enable value creation. Use multiple models in your system and select the most appropriate parts.
Tip 2 – Understand that performance and conformance are key to framework adoption. Don’t get into the trap of being so overly conformant to every requirement that your performance suffers.
Tip 3 – Use the adoption guidance that each framework offers. Both are principles-based and offer excellent time-honored tips to enabling a successful framework adoption.
Tip 4 – Don’t “Implement” frameworks, “Adopt and adapt” frameworks. Implementing anything assumes that at some point you are finished. You will always be in a continuous improvement mode with framework adoption.
Tip 5 – Be aware of the silent killer to any framework adoption: culture. Gain stakeholder support through continuous engagement, leadership visibility and transparency.
Tip 6 – Training is key to the successful adoption of any new model or way of doing business. Educate all stakeholders on the frameworks you choose in your system. Both of the ITIL and COBIT communities have multiple avenues to achieve this.
Tip 7 – Develop a strategy on how to continually monitor and adjust a tailored system. As internal and external factors change, so should your governance and management objectives.
Tip 8 – Remember that ITIL and COBIT are not the only frameworks that can add value to your enterprise. Consider using multiple frameworks, models and bodies of knowledge in your overall framework ecosystem.
Tip 9 – Address risk in all decisions. Remember there’s a positive and negative risk, and this forms the basis of decision-making in framework adoption.
Tip 10 – Download and read the joint ISACA and Axelos paper on these two frameworks. You may find that they will form the core system required to create and maintain value in your enterprise.