It Governance: How Top Performers Manage It Decision Rights for Superior Results

The authors of IT Governance are academics at the Center for Information Systems Research (CISR), a research group at top business school, the MIT Sloan School of Management. Unlike a lot of articles and papers on IT governance (ours included!), this book builds directly on hard evidence gathered from scientific projects and case studies of more than 250 organizations including well-known major-league players such as JPMorgan Chase, DuPont, UNICEF, UPS, Old Mutual and Motorola. Paradoxically, though, that is simultaneously the book's strongest and weakest point: the studies give tremendous authority and credibility to the material, but also restrict the scope of the book somewhat to that of the underlying research. There is no mention of Sarbanes-Oxley, for instance. Chapters 2 and 3 expound a theoretical model explaining the choices ("the five key IT decisions") organizations have in how to manage and control IT as an integral part of their general business management, and a blueprint for organizational design ("IT governance archetypes"). Later chapters use the model to analyze organizations using real-world data from the research projects, and presents numerous case studies to illustrate the range of options available and the choices made. This approach encourages business and IT executives to take a long hard look at their own day-to-day IT governance arrangements, and think about the higher-order design of their IT management systems. The case studies and other research data build a compelling value case for sound IT governance. Comments in the preamble, back cover flaps and first chapter such as "firms with superior IT governance have at least 20 percent higher profits than firms with poor governance" are hooks to spark a manager's interest in the book. However, the academic style and length of the book restricts the potential readership considerably. Reading it demands concentration and time to think over the implications. MBA students and business/IT consultants seem more likely to read the book cover-to-cover than the stated target audience of CEOs, CFOs, COOs CIOs and other senior managers. Chapter 8 is written in a much more accessible, pragmatic and action-oriented style than the rest. Even if you are a busy executive, make time to read chapter 8! It starts by describing common symptoms of ineffective IT governance, and then moves on to describe an action plan for reviewing and (re)designing your IT governance framework. The "top ten leadership principles of IT governance" are an excellent checklist for the steps involved bringing your framework up to best practice. Being information security awareness professionals (see www.NoticeBored.com), we particularly liked the 9th principle: "Provide transparency and education ... Communicating and supporting IT governance is the single most important IT role of senior leaders. The person or group who owns IT governance has a major responsibility for communication. Firms in our st

This is the book that corporations have needed since the Dotcom bust. Having painfully learned that throwing copious amounts of money at IT professionals does not always result in effective information systems, many companies are confused as to the next plan of attack. Not a simple "how-to-run-your-IT" cookbook, Weill and Ross have studied how over 200 corporations manage their IT. There is no quick fix, no "silver bullet" that will solve all managerial angst. What emerges instead is a deeper understanding of the strategic role of IT for a wide range of large companies. By classifying IT decisions into 5 types, and then classifying the way decisions are made into several catchy "pop-psych" groups (such as IT Monarchy, Business Monarchy, Duopoly, and Federal) the authors have formulated a very succinct framework. This framework could act as a touchstone for those companies whose current governance is ineffective or unclear. Companies who are struggling with IT, and those of us who advise them, really need to read this book and consider the research conducted. Whether or not you are as enamoured of the framework as I, you should certainly be aware of it because it will be very important in future work.

This is an excellent book on the topic of IT governance. There are no answers to be found, only a compass to finding the answers that are right for your company. It goes to the heart of the painful question of what part of the corporate IT function should be handed to the corporate geeks and to the bean counters in accounting. The book expands on an article in Harvard Business Review by the same authors. The book is well written, although overly droning and long in some parts. Overall, it is one of the most original and understandable discussions of the topic. Highly recommended if your interest is in controlling IT expenditures without losing sight of the strategic opportunities that it offers. Buy--don't borrow--a copy. You'll want to dogear some pages that alone justify the thirty dollar price tag.

It is rare that you find a detailed and pragmatic guide to something subject to such mis-understanding and debate. Governance in general and IT governance in particular is often left to the realm of politics, personality and perception. Weill and Ross's book takes a look at how to make IT governance matter and function properly. The tools allow you to show governance on a page and align governance decisions with business strategy and metrics -- all good things. Why should you care about IT governance, well because good IT governance is related to good business performance. Also as information and technology handle more business, making decisions about these assets becomes critical. This book is not a white wash over the issue -- it is practical, specific and filled with case studies of people who are doing it well. The recommendations here are backed by real data and results. For those looking at corporate governace, the frameworks and practices developed here apply to other realms of governance. If you are a CIO, then governance is how you get things done with other executives -- a must read. Finally data and proven practices on a topic where they are needed most.

This book is not consistently aligned to CObIT (Control Objectives for IT), which is an IT governance standard set forth by the IT Governance Institute (paste the ASIN, B0001F8V14, into the search all products box on this page). However, it does provide a realistic approach to governance that reflects successful practices developed and employed by 250 companies surveyed by the authors. The key differences between CObIT and the approach in this book is the stakeholder model presented versus the control model CObIT incorporates. More importantly, the authors approach more effectively aligns IT to business goals and objectives, with IT in a supporting role more than as the primary decision maker.Among the points the authors make is that IT is a strategic asset, and effective governance links IT to strategy and performance. I fully agree with this approach, and especially like the recommendations the authors make for implementing and managing IT governance, as well as the resources in the appendix which show which companies were surveyed.If you are following CObIT you may have issues with this book; however, if you read through it with an objective mind you will find that the approach will work effectively, and does come closer to IT-business alignment than the CObIT approach.