Professional Documents
Culture Documents
Governance and Strategic Management of Digital Business (G&SM of DB) TJS8 (UTU/TSE) - 457655 (ÅA)
Governance and Strategic Management of Digital Business (G&SM of DB) TJS8 (UTU/TSE) - 457655 (ÅA)
2
Alueellisen tietohallintoyhteistyömallin
TJS8-457655 Fall 2021
suunnitteluprojekti
Lecture 2 - Contents
1. Introduction: From strategic objectives to IT governance
2. IT governance executed by an (IT) governance body means the
“management of IT management”
3. The six best practice principles of IT governance (ISO/IEC
38500)
4. Structures, processes and relational mechanisms - the
implementation of IT governance
5. The past, present and future of IT governance research and
practise
Fall 2020
2 ©Tomi Dahlberg
G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
1
10/27/21
ü Digital strategy means that IT, OT and digital data strengths and weaknesses are
amalgamated into business strategy – IT not considered afterwards with a separate process
– IT, OT and digital data (technology) are the enablers for the activities that an enterprise carries out combine with
workforce and capital, and the means to transform enterprises
ü So-called Resource Based View (RBV) with its variations, e.g. blue ocean strategy, is
currently the dominant strategy approach
– What are the rare, difficult to imitate and difficult to migrate resources and capabilities that create value to
customers so that they distinguish our enterprise from our competitors in the eyes of our stakeholders and by
doing that establish competitive advantage
3 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
2
10/27/21
Vision &
Values & Oparative
Drivers Results are
Business Business Model &
short of
strategy model Strategic
Corporate targets
choices
strategy
Revise,
Revise,
change Revise & improve
change
Renewal of How we ways to operate
Business
vision and make money
strategy
businesses
5 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
ü Corporate governance can be seen as a contract between owners and the management
on how to implement the strategy of the enterprise in order to achieve the strategic
objectives and how to divide the benefits of achieved benefits between owners and the
management
6 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
3
10/27/21
7 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
8 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
4
10/27/21
9 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
10 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
10
5
10/27/21
Business
Orientation
External
IT Governance
IT
Internal Management
Time
Present Future
Orientation
11 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
11
Governance
Body:
EDM
Evaluate
Direct
Monitor
Management
Body: PDCA
Plan
Do
Check
12 Act
© Tomi Dahlberg
12 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
12
6
10/27/21
Model
Directors (=governance body) should govern IT through three main
tasks:
13 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
13
ü Enterprises which have aligned their business and IT and also run IT
efficiently on the basis of a solid architecture (Sphilberg &alia, 2006, n=503)
use less money and receive more value from IT:
– Enterprises where IT is aligned to business without solid architecture suffer from so called
”IT alignment trap”. They use more money to receive less
14 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
14
7
10/27/21
1. Responsibility: Individuals and groups within the organization understand and accept
their responsibilities in respect of both supply of, and demand for IT. Those with
responsibility for actions also have the authority to perform these actions.
2. Strategy: The organization’s business strategy takes into account the current and
future capabilities of IT; the strategic plans for IT satisfy the current and ongoing
needs of the organization’s business strategy.
3. Acquisition: IT acquisitions are made for valid reasons, on the basis of appropriate
and ongoing analysis, with clear transparent decision making. There is appropriate
balance between benefits, opportunities, costs, and risks, in both the short term and
the long term.
15 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
15
6. Human Behaviour: IT policies, practices and decisions demonstrate respect for human
behaviour, including the current and evolving needs of all the ‘people in the process’.
16 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
16
8
10/27/21
ü ISO/IEC 38500 and 38505 accepted as CEN (European) and SFS (Finnish) standards and translated
into Finnish
17 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
17
18 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
18
9
10/27/21
IT Principles Decisions
High-level statements of how It is used in the business
IT Infrastructure
IT Architecture Decisions IT Investment and
Decisions Centrally coordinated, IT Prioritisation
Organising logic for data, shared services that pro- Decisions
applications and infra- vide the foundation for theDecisions about how
structure captured in a setenterprises IT capacity much and where to invest
of policies, relationships, in IT, including project
and technical choices to Business Application approvals and
achieve derired business Needs justification techniques
and technical standard- Specifying the business
isation and integration need for the purchased
or internally developed
IT applications
19 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
19
In the Finnish SteerIT process model (2005), six IT governance process areas are
used to share the responsibility between corporate, business and IT executives and
measure the maturity of each of the 28 process task
20 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
20
10
10/27/21
21 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
21
Structures Processes:
Examples: IT organization, CIO’s Examples: strategic IT planning, (IT)
role, IT steering groups, … balanced scorecard SLA, COBIT,…
Alignment
Relationship mechnisms
Examples: discussions between most
important stakeholders, job rotations,
premises,…
22 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
22
11
10/27/21
23
Structure, processes and relational mechanism
practices – with the concepts of a layman
ü Relational mechanisms describe how the skills and competencies of people with
different education, experiences, values and beliefs are brought together to execute a
governance process within a governance structure
23 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
23
On-site lecture
The article of De Haes and Van Grembergen (1)
124 De H
ü The (research) ideas of the article
QUESTIONS:
1. What was interesting in the article? Valuable?
issues. During the interviews, three out of four organisa- Recommendations for Practitioners
Whatinvolvement
2. board
tions stated that do you think in ITof these baseline
governance is IT governance practices?
not feasible and
3. probably not required. The
Did It governance representa-
practices improveA recommendation to practitioners resulting from these
business-IT alignment?
tives of the shareholders are more concerned with the findings is that the best approach to implement IT gover-
core financial Could
4.services this approach
activities be used
and less worried in other
about contexts?
nance is to start with setting up these seven key mini-
(operational) IT issues. Another IT governance practices mum baseline IT governance practices. This core set of
that was indicated as not being relevant for alignment practices should be supplemented with other key prac-
purpose25was “COSO/ERM.”
G&SM of DB ÅA:While
457655 the latter
& TSE: TJS8 /was recogn- ©Tomi
Fall 2021 tices that are highly effective and relatively easy to imple-
Dahlberg
ised as probably a very good framework for general inter- ment. At the initial stages of such IT governance project,
nal control, the value for governance or impact on
25 sufficient attention should be given to relational mecha-
alignment did not appear at all. nisms to ensure commitment of all the involved people
in the process. Once the “governance culture” is embed-
ded in the implemented structures and processes, these
Conclusions relational mechanisms require less attention.
13
10/27/21
27 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
27
IT
Mea
mitigated
men
Governance
orm
Risk
s
28 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
28
14
10/27/21
ü Currently, for example, in finance industry IT governance as the means to manage and
mitigate operational risks is included in the Basel regulatory framework (banks) and in
the solvency risk management framework (insurance companies)
29 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
29
30 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
30
15
10/27/21
31 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
31
32
16
10/27/21
33
Why cooperate in ICT (cooperation is prerequisite
to inter-organizational IT governance
ü Why do organizations, in this case municipalities, cooperate? What are their economic and
other expectations about the outcomes / benefits?
– Are we better of by cooperating with others than by doing things ourselves?
ü Transaction costs economy (TCE) theory (e.g. Coase, Williamson)
– Predominant theoretical framework for explaining organizational boundary decisions
(make, buy, ally)
– Describes that if services are similar, their volume is large or very low and it is possible to
lower uncertainty then buying or cooperation is beneficial (market or network governance)
– Benefits are received through lower transactions costs (economic and non-economic)
ü Resource based view (RBV, e.g. Penrose, Barney)
– Often seen to supplement TCE since enterprises aim also to achieve more value
– Describes that if an enterprise is able to better create through cooperation unique, non-
transferrable and difficult to imitate resources then it if beneficial for the enterprise to so as
resources available to the enterprise define the value potential of the enterprise
– Benefits are received through increased value of services (revenues, fees, quality,…)
-> What benefits do municipalities expect to receive and receive?
33 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
33
34
How to implement ICT cooperation and
governance in municipalities
ü IT governance research (e.g. De Haes and Van Grembergen)
– Describes that IT cooperation and its governance is implemented with structure, process and cooperation
practices. In a single organization typical “best” practices are:
– Structure:
• IT strategy committee at the level of executives
• IT steering committee on IT investment prioritization, evaluation, …
• IT project steering committee
• CIO (Chief information officer) on executive committee
• CIO reporting to CEO (Chief executive officer) or COO (Chief operating officer)
– Process
• IT strategy process
• IT budget control and reporting process
• Projects executed by following a project management methodology
• Portfolio management process (business case, ROI, payback, stage gating)
– Cooperation mechanism
• IT leadership coordination
-> How do municipalities cooperate? Are practices the same as those used in single enterprise contexts?
34 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
34
17
10/27/21
35 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
35
tomi.dahlberg@utu.fi
+358 50 550 5718
3636 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
36
18
10/27/21
MANAGE
operate
The PDMA (or PDMCA) model is applied in most IT management methods and frameworks
The PDMA/PDMCA model is known as the management cycle in organizational research
The Deming cycle Plan-Deliver-Compare-Act follows a similar cyclical process model
37 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
37
2. IT builds on corporate governance. The purpose of corporate governance is to ensure - with a contract –
between the investor and the management how the funds provided by the investor are used so that the
investor gets back her/his funds and that proceeds are divided. What do you think of the usefulness of
this approach within IT?
3. Another idea is to involve corporate level executives and business unit executive into the management of
IT by using language that is familiar to them such as business objectives of IT, accountabilities, IT
business value delivery. What do you think of the usefulness of this approach?
4. The maturity of IT governance – and in the reviewed article business-IT alignment maturity – was
measured with the generic CMM maturity model. What do you think about the usefulness of this
approach?
38 G&SM of DB ÅA: 457655 & TSE: TJS8 / Fall 2021 ©Tomi Dahlberg
38
19