Governance: It's all about making good decisions
Governance is a word that many people in the IT industry love to hate, frequently stating that governance is too cumbersome, creates too much overhead, and generally provides little value. Strangely, business people seldom have similar issues; they simply take for granted that business governance is part of running the enterprise. Why this difference of opinion?
A big part of the problem in the IT industry is that governance is often misunderstood, or even "mis-practiced". Simply put, governance is about making good decisions – making sure that the right people make the right decisions, at the right time, for the right reasons, and based on the right information. Consequently, a good, easy to appreciate governance scheme should focus on answering the following questions:
- Who needs to decide?
- What do they need to decide?
- When do they need to decide?
- What are the right reasons?
- What information do they need in order to make good decisions?
Interestingly, the answer to these five questions is fundamentally changing in the context of Systems of Interaction, the holistic approach to integrating Systems of Engagement with Systems of Record in the age of Mobile, Social, Cloud and Big Data analytics.
Who needs to decide?
Classically, enterprise governance has often been split into business governance and IT governance, with each type of governance owned and operated by the business and IT organizations respectively. Even SOA governance, by definition straddling the boundary between business and IT, has historically focused mainly on the engineering artifact, the service, and hence has mainly been done by IT people, albeit in the context of achieving business objectives.
Governance today is very different. No longer is the control point a user interface or an internal IT system, rather it is the edge of the enterprise, the point where the uncontrolled meets the somewhat controlled. Choosing which capabilities to project across that boundary, and how, must be a joint business and IT decision – sometimes even a pure business decision, executed by IT. Consequently IT must reach out to the business organization and establish the proper lines of ownership and responsibilities for business APIs and end-to-end business processes so that development will not be stifled by lack of decisiveness or internal conflict.
What do they need to decide?
A business API is a public persona for an enterprise. It exposes defined assets, data or services for public consumption, for instance product catalogs, phone listings, order status or even twitter feeds. A business API is simple for application developers to use, access and understand. It can be easily invoked via a browser, mobile device, and so on. In this fashion, web APIs extend an enterprise and open new markets by allowing external developers to easily leverage, publicize and aggregate a company's assets for broad-based consumption. Managing business APIs is fundamental to extending enterprise reach to the new channels represented by mobile and software-as-a-service.
In my opinion, perhaps the most important governance decision today is which business APIs to expose to which consumers and for what purposes. Part of that is not only the business API itself, but also the business model (free, licensed, pay per use, and so on) and the go-to-market approach. These business decisions are what, from a governance perspective, differentiates a productized business API from a service being used for internal integration.
The second most important governance decision today is how to drive end-to-end business process excellence. In this context excellence is not primarily about efficiency, rather it is about creating the personalized and relevant experience that modern consumers demand. What are the situations that are important to detect and react to? How can we enrich our understanding of the situation with differentiating enterprise "tribal" knowledge? How do we perceive the dynamics of the interaction in the here and now? And finally what is the best action we can take to promote a relationship of business proposition?
When do they need to decide?
Typically a governance process cannot meet the here and now dynamics of consumer interaction. But a governance process can and should decide in advance who takes action under what circumstances, whether that "who" is a person or an automated system. What is important is that the governance process creates an empowered environment where the point of contact has the right information and authority to drive the business forward. Without losing control of course, but still respecting that the point of contact is the only place where business decisions can be made in a timely enough fashion to meet the expectations of the modern consumer.
What are the right reasons?
This is a tricky one, simply because there is no eternally true definition of what constitutes "right". What is important is to make decisions based on both business strategy and contextual situation.
On the strategy side, the challenge is exemplified by the observation that many SOA initiatives failed simply because there was no SOA business strategy and no definition of the desired business outcome from the investment in SOA. We are already seeing similar occurrences for mobility and digitalization initiatives which, if not rooted in clear business objectives, are likely to fail as well. Good governance must call out explicitly what business change is being enabled and what business outcome is desired. If done properly this provides not only clarity to business and IT alike, but also an appropriate metric for deciding between two different courses of action.
Operationally, once empowered by overall governance decisions, IT and front office resources must combine the strategic imperatives with a solid understanding of the current operational situation. On the IT side this includes guiding the business organization on the art of the possible, whether positive or negative. On the business side, the system of engagement is the only place where the here and now mood and desires of the consumer can truly be understood. Providing a personal experience requires understanding that mood and those desires as part of the reasoning behind any action taken.
What information is needed?
Outcome-based thinking is crucial to maximizing the value of any investment, either business or IT. And by necessity, outcomes have to be understood in a market context, which in turn implies the need to understand not only your own business ecosystem, but the industry as a whole. For example, if your online transactions grow 5%, but there is an overall growth in the industry of 10%, then what at first glance looks like a positive outcome, in reality is not.
Taking control is not sufficient to stay competitive though. Modern enterprises need to be smart, aware, and ensure that the best action is always taken to promote the relationship with a customer, partner or supplier. How do you gain the necessary contextual insight? How do you tap into the operational data already flowing through both the business and the social ecosystem around it? The answer in many cases is simply to instrument the Edge Gateway and the ESB middleware that carries all interactions between systems of engagement and systems of record, siphoning off information from any interaction that includes an endpoint inside the enterprise. Combined with social analytics, this provides a robust foundation for perceiving the dynamics of a business interaction and deciding the appropriate operational actions to take.
Today governance remains relevant, perhaps more so than ever. With that said, governance must evolve to embrace new age business agendas. In practice this means that governance is no longer primarily about compliance, governance has to address the far more important challenge of empowering the organization to drive business growth. Letting go of detailed operational control, while at the same time steering everyone towards well-defined business outcomes, is the governance challenge that modern enterprises must address. Meeting the challenge will require a change in not only governance processes but also the roles and skills that define and enable those processes. And to do that, IT has to firmly step up as a strategic partner to the business rather than continue to be relegated to cost center status. The art of the possible will be the battlefield that determines the winners and losers of tomorrow's business ecosystem.
- Service-oriented design principles - The foundation of new business engagements
- The new business of technology - Extend, transact and optimize (PDF)
- IBM Software Services for WebSphere: Find out how IBM expertise in cutting-edge and proven technologies can help you achieve your business and IT goals.
- developerWorks BPM zone: Get the latest technical resources on IBM BPM solutions, including downloads, demos, articles, tutorials, events, webcasts, and more.
- IBM BPM Journal: Get the latest articles and columns on BPM solutions in this quarterly journal.
Dig deeper into Business process management on developerWorks
Get samples, articles, product docs, and community resources to help build, deploy, and manage your cloud apps.
Experiment with new directions in software development.
Software development in the cloud. Register today to create a project.
Evaluate IBM software and solutions, and transform challenges into opportunities.