Every IT organization needs governance in order to work properly. What does “working properly” mean? It is meeting its purpose: creating value by supporting business goals, and moreover in this digital age, enabling business goals.

In this series I have been listing the key items required to enable a governance approach in an IT organization and explaining each of them. Here are the last three, yet as important as the previous ones:

7. Have a business case and use it.

As mentioned on item 4 of the list (read previous post), the business case will be an important tool to get people’s commitment to the IT Governance initiative, to have stakeholders actually committed and not only involved. The business case will highlight the need for change, and a well-developed one will be compelling enough to get the engagement from all the involved parties.

There is the common bad practice, though, of using the business case just to justify an initiative, and once the budget is approved, it is sent to the archives. Project management and other IT best practices stress out the importance of using the business case not only for justifying an initiative, but rather to guide the whole initiative. One of the main components of a good business case is the list of benefits that will be achieved through the initiative. Implementation efforts should be driven by these benefits, and an assessment should be made at regular intervals to realize whether these benefits are being achieved.

Spend time building your business case. Identify all the relevant stakeholders and involve them. Discuss and negotiate benefits and identify the resources needed. Get commitment from the sponsor and other key stakeholders. Create awareness on the use of the business case throughout the implementation program and aim all efforts at the realization of benefits.

8. Involve the whole IT organization.

IT transformation requires a shift in organizational culture, and culture is not something that is defined only by a selected group of people. Culture is defined by the behavior of the entire group of individuals in the organization. Therefore IT governance cannot be exclusively applied to a limited segment of people; it has to apply organization-wide.

Start with the top; walk the talk. Get champions and focus on early adopters first; they will help you pass the urgency of the need to act on to other players. Be ready to face resistance to change; it’s normal. Focus on quick wins and demonstrate benefits, using the business case as a guide at all times. Build on improvements and carry on. Remember IT Governance is a continual endeavor and not a one-off project.

9. See the whole picture.

It is impressive to see the high rate of IT organizations that, when undertaking their first IT governance efforts, get stuck in process improvement while forgetting to manage the other pieces of the scenario (culture, organizational structures, people, policies, etc.). Eventually they get discouraged because they see little or no benefit in continuing funding or working on an initiative whose benefits are not really clear. This happens because there is not a holistic approach to IT Governance! Processes are not everything, and neither is culture or people. Every single piece makes its contribution to the successful enablement of business goals through IT, but all components have to be managed holistically.

You could not drive your car with only wheels, right? Or with the transmission or combustion systems alone. A car runs only through the correct functioning of all its systems together, working in collaboration and harmony; and if one fails, the whole car breaks, just like an IT organization fails to meet its objectives when their culture is not aligned with the processes they have defined (or any other discoordination of any of its enablers).

Identify all the required IT governance enablers and the stakeholders of each; define goals for each one; follow the life cycle and apply best practices. Manage all components together and think of the impact a change to one will have on the others. Keep your vision focused on the whole picture and aim at value creation all the time.


All IT Governance initiatives require leadership, planning and a lot of team effort. By listing these items I don’t mean that this is all that you need for making IT Governance possible; there’s much more than that—there’s a full methodology provided by the COBIT framework to enable an implementation of this nature. What I can assure you is that if any of these items listed here is missing, high are the chances of an IT governance initiative to fail, or die after desperate efforts of surviving in the midst of an organization’s resistance to change. Hence the huge importance of having good IT Governance practices in place.

Had you heard about COBIT before as a framework for enabling IT Governance? Would you like to learn more about it?