BKITGOVR.RVW 20070105 "IT Governance", Peter Weill/Jeanne W. Ross, 2004, 1-59139-253-5, U$35.00 %A Peter Weill %A Jeanne W. Ross %C 60 Harvard Way, Boston MA 02163 %D 2004 %G 1-59139-253-5 %I Harvard Business School Press %O U$35.00 617-495-6700 800-545-7685 http://www.hbsp.harvard.edu %O http://www.amazon.com/exec/obidos/ASIN/1591392535/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/1591392535/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/1591392535/robsladesin03-20 %O Audience a- Tech 1 Writing 1 (see revfaq.htm for explanation) %P 267 p. %T "IT Governance" The preface promotes IT (Information Technology) governance, but is vague on what that might be. It also talks about decision rights (who gets to influence or make the decision), IT architecture (though the book only later notes that this involves integration and the creation of standards), and business strategies. Chapter one does give (and repeats in different places) the definition that IT governance specifies the decision rights and accountability framework that will encourage proper behaviour in using IT. Thus, governance is not about specific decisions as such, but entails the factors regarding who determines and contributes to decisions. (The OECD (Organisation for Economic Co-operation and Development) provides that corporate governance is a structure for determining organizational objectives and monitoring performance and progress towards them. The book suggests that effective governance arises from factors involving what decisions ensure effective management, who makes those decisions, and how the decisions are made and monitored.) Concerning the encouragement of proper behaviour, certain management structures will suit certain activities. For example, the need for innovation is not supported by a requirement that business units carry the entire capital cost of infrastructure demanded by new technologies, whereas assistance from the corporation as a whole (plus the ability to charge other departments that come to use the new tools) encourage such developments. There is frequent confusion in regard to the term governance and what differentiates it from management. Chapter two notes that management might be said to increase direct performance, while governance may, through analysis, redirect activities to great effect. (In a sense this only moves the question back one level: this simply seems to be the distinction between strategic and operational management.) The text also notes that five basic classes of decisions must be made in IT: principles, architecture, infrastructure, business application needs, and the priorizing of investment. However, the examples given are not particularly helpful: it is clear why one set of IT principles and policies might support certain given business objectives, but not why they might be chosen over others. Principles should, according to the book, clarify the desired operating model, IT's support for the model, and the IT funding structure: the examples given definitely don't illuminate financial support. Infrastructure is defined as the common (long-term) services supporting an activity: whether utilities, data, or human capital. There is little of use in the discussion of business needs, and most of the investment material is quite generic. Chapter three lists six governance archetypes, where decisions are made by executive management, IT management, business unit management, a consensus of executive and business unit management, a consensus of IT and business unit management, and anarchy. A grid is created noting (from survey data) which of these archetypes has input to, or decision power over, five IT decision areas. There is little useful analysis, and a few case studies. Types of decision-making mechanisms are catalogued and discussed in chapter four. Three basic types are the basis for the outline, decision-making structures (such as committees and teams), alignment processes (policy audits), and communications. Chapter five is an attempt to assess what type of IT governance works best, but the means are questionable and the appraisal is weak. The raw data seems to indicate that it is best to obtain input from executive management and the business units, but that decisions are best left to IT management. As this runs counter to common business practice, the text tries to suggest alternative models. Case studies in chapters six are presented as linking strategy, IT governance and performance. The links are weak, and similar stories in chapter seven do little to explain distinctive governance issues for government and not-for-profit organizations. The leadership principles suggested for IT governance in chapter eight are generic, and unrelated to the research or analysis cited in the prior material. Some of the figures and illustrations (such as the governance arrangements matrix) are helpful and explanatory while others (like the governance design framework) are of little use. The writing in the book is not engaging. The material presented is true, but not compelling, and is slow to develop. Content is repeated in later chapters or sections, usually with expansion, but the lack of initial development leaves the reader wondering if anything of value is going to be said or done. There is some merit in the deliberation that this work makes on management, decisions, and sources of input, but there would have been greater worth in compressing the few ideas into fewer pages. copyright Robert M. Slade, 2007 BKITGOVR.RVW 20070105