It boils down to who should be responsible for what, and where accountability lies.
I wonder if when CEOs, CFOs and CIOs get together, they have the same kind of discussion. And as information systems become more intertwined with business processes, are there also disagreements over who should be responsible for what, and who takes ownership?
It will be interesting when executives gather in Victoria, B.C., from May 28-31 at Informatics 2006 to discuss this and a number of other issues around how IT can build better relationships with business units.
The Canadian Information Processing Society (CIPS) is doing a good thing here by bringing these groups together. One highlight promises to be an executive roundtable and reception for CEOs and CIOs to be held May 29.
Ostensibly, the discussion will be about the usual issues: How to better align IT and business; how to build relationships with business units; and how to find ways to get IT departments to stop working in isolation.
But one item needs to be added to this agenda and that has to do with the issue of ownership and jurisdiction, especially in an era of compliance.
No doubt, by now, most CIOs have grasped this simple truth: They must focus also on process and architecture, and not just on technology. But who is responsible for what when IT and business collaborate on these systems?
I have had more than one CIO complain to me that business units will quite often abdicate their responsibility for these merged IT-business systems, if only because these systems become too complex to understand. Nowadays, our plates become full very quickly, and the temptation is to offload as much as is possible. And can somebody in the business unit be blamed if they don’t always understand the implications of a software upgrade or a source code modification?
Governance in the age of compliance is also an issue. If IT indeed becomes the gatekeeper, who owns the keys?
What processes do you have in place to oversee your IT if it has free rein to make whatever change it would like to any of these systems? And who ensures these systems are properly tested and documented?
A year or two ago, compliance was not only viewed as a requirement, it was considered an opportunity for CIOs and especially CFOs to work together. Now, however, IT departments and business units are only beginning to appreciate how much work compliance really is, and what it takes to sustain this effort.
It will be interesting to hear what CIOs and CEOs have to say about this topic. Are they ready to go beyond the usual IT- needs-to-co-operate-with-business discussion and tackle these questions? And who will step forward and take ownership of these systems?
Perhaps it may even be time to take it one step further and borrow a page from the politicians. They may want to take the fruits of this discussion and turn it into a written agreement and form some policies. If they do, they may even want to call it the Victoria Accord.