I recently had the pleasure of attending a power lunch with several chief information officers (CIOs) when one of them looked at me, knowing I have been a strong advocate of IT governance for years, and threw this issue on the table: ‘What do you do if the chief executive officer (CEO) tells you to “get it done and forget the governance”? You probably go away and just do it, no?’
I should have been faster on my feet to say then and there that there are four good reasons why that is not necessarily the best response. The reasons are:
The company in question is, on an international scale, a small to medium-sized enterprise (SME). Originally (and, to some extent, still) a family business, it produces and distributes food products, a field in which IT plays, comparatively, a less significant role than in other similarly sized enterprises.
The CEO took the position that he was the sole authority on governance. In this enterprise, the balance of executive and ownership power rests in one person, who probably thinks more as an owner than as an executive.
The CIO accepted that he was the major effectiveness tool. It is true that leadership is a major governance mechanism, even more so in small organizations with short, effective spans of control. The CIO did have a problem with the situation, which reminds me of a similar case a friend of mine related to me: His advice was sought by a CIO about strong differences of opinion at the management level within his company, and my friend suggested the CIO seek another job. This illustrates another version of the CIO acronym: Career Is Over!
However, there is one more version of the acronym that I am reminded of because of the emerging role of the CIO as an influencer and educator. The CIO has to educate executives not only on the intricacies of technology and how it creates value for the enterprise, but also about the necessary governance mechanisms that help make that happen. Therefore, CIO also stands for: Communication Is Obligatory!
So, forget the governance? Yes, but only if more than one of these conditions are true: The enterprise is small, IT is not important and the CEO is the owner.
A version of this article previously appeared in CIONET Belgium. It is reprinted by permission.
Erik Guldentops, researcher and lecturer in governance of enterprise IT, has been an executive professor at University of Antwerp Management School for many years following a career at SWIFT.
Enjoying this article? To read the most current ISACA Journal articles, become a member or subscribe to the Journal.
The ISACA Journal is published by ISACA. Membership in the association, a voluntary organization serving IT governance professionals, entitles one to receive an annual subscription to the ISACA Journal.
Opinions expressed in the ISACA Journal represent the views of the authors and advertisers. They may differ from policies and official statements of ISACA and/or the IT Governance Institute and their committees, and from opinions endorsed by authors’ employers, or the editors of this Journal. ISACA Journal does not attest to the originality of authors’ content.
© 2013 ISACA. All rights reserved.
Instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. For other copying, reprint or republication, permission must be obtained in writing from the association. Where necessary, permission is granted by the copyright owners for those registered with the Copyright Clearance Center (CCC), 27 Congress St., Salem, MA 01970, to photocopy articles owned by ISACA, for a flat fee of US $2.50 per article plus 25¢ per page. Send payment to the CCC stating the ISSN (1526-7407), date, volume, and first and last page number of each article. Copying for other than personal use or internal reference, or of articles or columns not owned by the association without express permission of the association or the copyright owner is expressly prohibited.