- Resource capacity and technological capabilities have not kept in pace with organization growth and expectations.
- The scale, speed, and complexity of regulatory change is a challenge.
- Organizations have insufficient data and data-related capabilities to enable more agile and automated governance practices.
- AI/ML governance and ethics frameworks are immature and cannot support automated decisioning.
Our Advice
Critical Insight
- IT governance works against you if it no longer aligns with or supports your organizational direction, goals, and work practices.
- Your governance model should be able to adapt to changes in the organization’s strategy and goals, new risks, your industry, and your ways of working.
- Governance can be embedded and automated into your practices.
- Agility in your governance practices requires data agility.
- The interconnectedness between governance, regulation and achieving business outcomes needs to be considered in your governance design.
Impact and Result
- You will produce more value from IT by developing a governance framework optimized for your current needs and context, with the ability to adapt as your needs shift.
- You will create the foundation and ability to delegate and empower governance to enable agile delivery.
- You will identify areas where governance does not require manual oversight and can be embedded into the way you work.
Workshop: Make Your IT Governance Adaptable – Financial Services
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Module 1: Develop Your Guiding Star
The Purpose
- Establish the context for your governance model.
Key Benefits Achieved
- Core understanding of the context that will enable us to build an optimal model
Activities
Outputs
Confirm mission, vision, and goals.
Define scope and principles.
- Governance principles
Adjust for culture and finalize context.
- Governance context and goals
Module 2: Define the Governance Model
The Purpose
- To select and adapt a governance model based on your context.
Key Benefits Achieved
- A selected and optimized governance model
Activities
Outputs
Select and refine governance model.
- IT governance model and adjustment triggers
Confirm and adjust the structure.
- IT governance structure, responsibilities, membership, and cadence
Review and adapt governance responsibilities and activities.
- Governance committee charters
Validate governance mandates and membership.
Module 3: Build Governance Process and Policy
The Purpose
- Refine your governance practices and associate policies properly.
Key Benefits Achieved
- A completed governance model that can be implemented with clear update triggers and review timing
- Policy alignment with the right levels of authority
Activities
Outputs
Update your governance process.
- IT governance process and information flow
Align policies to mandate.
- IT governance policies
Adjust and confirm your model.
- Finalized governance model
Identify and document update triggers and embed into review cycle.
Module 4: Embed and Automate Governance
The Purpose
- Identify options to automate and embed governance activities and decisions.
Key Benefits Achieved
- Simply more consistent governance activities and automate them to enhance speed and support governance delegation and empowerment
Activities
Outputs
Identify decisions and standards that can be automated. Develop decision logic.
- Selected automation options, decision logic, and business rules
Plan verification and validation approach.
Build implementation plan.
- Implementation and communication plan
Develop communication strategy and messaging.
Make Your IT Governance Adaptable
Modified for Financial Services
Build agility into your governance to stay in pace with change
EXECUTIVE BRIEF
Analyst Perspective
Governance should be part of your organization’s DNA – central to its being yet unique to your organization.
The dynamic nature of today’s business environment, where consumer, technology, and regulatory change is pervasive, business agility is increasingly indispensable. To stay nimble and responsive to business change, financial services organizations must adapt their governance toward more agile and automated governance practices. Gone are the days when a check box was enough. Success in modern digital organizations depends on an organization’s ability to adjust to the velocity of business and the evolving risk and regulatory landscape. Practically, this means shifting from a people- and document-oriented approach to a data-centric approach and leveraging organization data to create decision rules that account for known risks and constraints and embedding governance directly into products, services, or processes. To stay aligned with business objectives and to avoid poor business outcomes, it is critical to build an approach to IT governance that is effective and suitable today while building in adaptability to keep it relevant for tomorrow. |
|
Donna Bales Principal Research Director, Info-Tech Research Group |
Executive Summary
Your Challenge |
Common Obstacles |
Info-Tech’s Approach |
---|---|---|
|
|
|
Info-Tech Insight
IT governance must be embedded and automated, where possible, to effectively meet the needs and velocity of digital organizations, regulatory requirements, and modern practices to drive success and value.
What is governance?
IT governance is a critical and embedded practice that ensures that information and technology investments, risks, and resources are aligned in the best interests of the organization and produce business value.
Effective governance ensures that the right technology investments are made at the right time to support and enable your organization’s mission, vision, and goals.
5 KEY OUTCOMES OF GOOD GOVERNANCE |
||||
---|---|---|---|---|
STRATEGIC ALIGNMENT Technology investments and portfolios are aligned with the organization's strategic objectives. |
RISK OPTIMIZATON Organizational risks are understood and addressed to minimize impact and optimize opportunities. |
VALUE DELIVERY IT investments and initiatives deliver their expected benefits. |
RESOURCE OPTIMIZATION Resources (people, finances, time) are appropriately allocated across the organization to optimal organizational benefit. |
PERFORMANCE MEASUREMENT The performance of technology investments is monitored and used to determine future courses of action and to confirm achievement of success. |
EVALUATE – DIRECT – MONITOR |
Stages of governance
Adaptive (Data-Centric) ↑ Traditional (People- and Document-Centric) |
4 |
Automated Governance
|
3 |
Agile Governance
|
|
2 |
Controlled Governance
|
|
1 |
Ad Hoc Governance
|
Governance Within Financial Services
- Governance in financial services is fundamental to the smooth functioning of the banking system. As intermediaries and conveyers of economic growth, financial institutions have a crucial role to play in supporting financial stability and the safe functioning of the economy.
- The use of novel technologies and an array of non-financial risk considerations has altered the risk and governance landscape. Your approach to governance needs to change to address emergent risks, make sound decisions, and maintain effectiveness.
- To meet the speed of business change and to effectively address regulatory requirements, your IT governance needs to be structured to support optimal decisions in real-time by automating governance and embedding controls directly into products, services, and internal processes.
Info-Tech Insight
Governance should be designed with adaptability in mind to ensure IT remains in alignment to business objectives, continually providing value while effectively safeguarding the organization against potential risks.
Corporate governance is robust and firmly embedded in bank supervisory laws and regulation
|
Risk, Regulation, and Governance are interlinked
The impact of new regulation and the management of new and emerging risk needs to be well understood as they play an intrinsic part in how IT governance is structured to meet business objectives and optimize opportunities.
Legislation, laws, regulation, and guidance |
Regulation informs how governance is executed and risk is managed |
Board |
|
Enterprise Risk Committee |
|
||
Internal Control Functions (Compliance, IT, Risk Committee, Internal Audit) |
|
IT Governance plays a critical role in achieving enterprise vision
ENTERPRISE GOVERNANCE AND STRATEGY
IT STRATEGY
- INFORMATION & TECHNOLOGY GOVERNANCE
- Support risk management
- Meet regulatory requirements
- Achieve business goals and objectives
- Support product and digital initiatives
- Protect against threats