IT governance is all the more strategic since it applies to the backbone of the business. As a matter of fact, it’s hard to be effective when the strategic line is unknown, when what’s allowed and what’s not is not well defined. Effective companies need well defined rules.
With the emergence of web 2.0, governance took a new dimension with tools that are more people and usages oriented, which needs even more concertation before implementation. That’s how IT departments become center of services instead of center of costs. Notice that it does not only apply to web 2.0 projects.
Anyway, such projects have to comply with the current governance. That’s why things often go wrong. Two situations can be faced :
â€¢ Ensure that new tools comply with the actual governance what is like trying to put squares into circles. Low customization by users, restricted rights depending on people, hierarchical validation needed etc… It can’t work.
â€¢ Improve the current governance according to these new tools. But if this governancre is built upon principles like “limit user’s autonomy”, “users are a threat to the system”, “autonomy depends on position” etc… which are those who led to the current governance, there are many chances the new one will look loke the the old one.
You can’t govern what you don’t understand. Lack of understanding causes fear which leads to strict rules. It’s interesting to see that the best “2.0 compliant” governances were edicted by people who immersed themselves into a new paradigm in order to understand it. On the contrary, those who try to regulate everything are often those who did not try to understand them. They mistake “regulation” and “protection against”.
At first sight this may not be harmful. Everyone is free to miss opportunities because of excessive certainties. This can even be better than letting things go, thinking some questions can wait. But the danger is more insidious : there are many examples of employees who opened workspaces or used general public services for business collaboration. Since everything is made under the radar, governance can’t be enforced. Now every employee, every team, can create and manage his own IT.
In short, an irrelevant governance often leads to ungovernance.
Governing is anticipating. But anticipating is understanding. So, in order to govern wisely, IT depts must take the time to understand.
A last point : exploring the general public web in order to understand can be a good start. But businesses have also to think that what they’ll see on the web is not what will happen inside the firewall, that usages have to be professionalized. Maybe, in the context of a well conceived governance, this call for professionnalization may be the job of an expert team which will be the garantee that the governance will be enforced, explained, and will be perceived as a strategic pattern, not as a coercitive one.
Those who want to read more about governance should read this post by Ross Dawson.
Entreprise 2.0, gouvernance, Social computing, social-software, usages, web-2.0