[Note: This story originally ran on the Swell Investing blog back in April 2019. The site is shutting down and, hey, this is good stuff.]
To paraphrase the legendary Green Bay Packers coach Vince Lombardi (unless you’re a Bears fan, then he was just so-so): Information technology governance is not a sometime thing; it’s an all-the-time thing.
In other words, companies need to improve how they track and install technology to further their business goals and strategies. As technology continues to integrate more and more with operations — from HR software to mobile-commerce — companies must govern how they use these tools.
This comes at a time when companies are understanding that they need to put a greater emphasis on IT governance. Take, for example, a rather small and innocuous company like Facebook.
Last month, the world’s largest social media platform announced that it would discontinue its practice of letting advertisers in key categories deliver ads to people of a certain race, gender or age group. This also extends to Facebook affiliates Messenger and Instagram.
But, as Chris Rock once said: “That’s what you’re supposed to do!”
According to the U.S. Equal Employment Opportunity Commission, advertisements regarding housing, jobs, or credit are prohibited from aiming their messages at people based on those characteristics, yet Facebook continued to allow such ads to target its users.
The Facebook changes come as a part of the settlement between the company and several groups, including NGOs like the American Civil Liberties Union and the National Fair Housing Alliance along with the Communications Workers of America, a powerful labor union.
“We think this settlement is historic and will go a long way toward making sure that these types of discriminatory practices can’t happen,” Sheryl Sandberg, the company’s chief operating officer, told The New York Times. Facebook said it would carry out the changes by year’s end and would pay out less than $5 million to settle lawsuits brought by the groups.
So who should take the lead in IT governance?
First, they need to understand that the scope of IT governance means more than making sure no one’s wildin’ out on the company’s Twitter account. It should include “ethics, resource-management processes, accountability, and management controls,” writes N. Dean Meyer, a consultant, and columnist for business CIO.
Moreover, Meyer writes, IT governance needs to move away from corporate officers who see setbacks as an excuse to butt in and put more of a focus on how chief information officers are using those resources ethically. “In many cases, governance has been implemented in a narrow and often harmful way — as oversight through steering committees and auditors. The results are generally bureaucratic, imposing convoluted approval processes on already-burdened organizations. Heavy-handed, top-down controls squelch entrepreneurship, bog organizations down and drive administrative costs up.”
This falls in line with Swell Investing’s approach to choosing companies. Swell evaluates thousands of companies and builds diversified, solutions-focused portfolios based on the marriage of revenue made in alliance with the UN SDGs and ESG (environmental, sustainable and governance) impact.
“Every internal decision and product or service offered is influenced by a company’s governance structure,” says Lily Bowles with Swell’s impact team. “From our research, social and environmental issues actually arise more frequently and with greater severity at companies with weaker governance practices. With this, Swell’s investment team does not invest in companies that show meaningful signs of weak governance.”
So what steps can chief information officers take to ensure that their governance is as comprehensive as it tech-focused? Meyer has some ideas:
Operate with ethics and integrity
Unlike technology, culture is easy to change, which ethics and integrity fall under. By focusing on behaviors and practices, CIOs can change a company’s culture toward IT governance through education and modeling, all while tracking progress through metrics and documentation.
“When the right behaviors are well defined and widely practiced, then even when one person slips, others around him or her are there to catch the organization before it falls into dangerous practices,” Meyer writes.
Provide IT governance with resources
Regardless of whether it’s part of the product or service, IT interacts with customers. In this context, Meyer writes, both the governance processes within companies and the resources they require can be considered an “internal economy.”
“Most of us believe in market economics outside the office,” Meyer writes. “The same principles can be applied within organizations. Instead of bureaucratic hurdles, market economics provide the most effective approach to resource governance.”
IT budgets should be treated as accounts that belong to clients (or, in this case, CIOs) allowing them to buy the products and services they need to maintain operational compliance. When CIOs hold the purse strings, Meyer writes, their expectations are more likely to match available resources.
CIOs are also empowered to manage their side of the business without bureaucratic meddling, deciding cost structure, including setting aside time and money for sustenance activities like training and product research, as long as its prices remain competitive. They can also focus on investing in infrastructure, Meyer writes, “to provide reliable services now and in the future.”
Structure accountability along business goals
Accountability only works when there’s a structure in place, Meyer writes. And a sound organizational structure in IT defines jobs based on the lines of business.
“Structuring around lines of business establishes individual accountability for results — the products and services delivered to customers both in the business units and within IT itself,” according to Meyer.
And much like ethics, culture can reinforce accountability. “An organization’s culture can define the behaviors of empowerment that manage people by results rather than by telling them what to do,” Meyer writes.
Realize control means being human
Despite the cold calculations of technology, those behind its governance are still human, Meyer reminds us. And keeping control of that governance means centralizing processes. “Again, the best form of governance is systemic,” Meyer writes.
Also, remember that human bit. “The answer is not to demand altruism (self-sacrifice for the greater good) and then attempt to enforce it (a losing battle). Instead, business units should benefit from corporate coordination,” he adds.
Just don’t be mad when corporate starts wanting those TPS reports in triplicate, okay?
“It’s reasonable for corporate executives to demand that business units submit data (such as financials) in a standard format,” he writes. “With this as a management requirement, standardizing IT protocols becomes the most cost-efficient way to get the job done.”
With a methodical mindful approach to IT governance, companies can leverage their technology assets and set themselves up for more productivity and bigger gains.