By RV Raghu, director at Versatilist Consulting India Pvt Ltd, and member of ISACA Emerging Trends Working Group
Not so long ago, someone said every company was going to become a technology company. Then, someone else followed that comment with a pithier quip that all companies are going to be software companies. Over the years, both these statements have become true–and even more so with the rise of SaaS, no code development, DevOps, and other such advances which are enabling easy and quick adoption of the latest and the greatest technologies.
Enterprises are doing all this and much more in operating expenditure (opex) mode without having to consider pesky things like ongoing support, ease of use, and obsolescence. Digital transformation has become so much the rage that the global digital transformation market is projected to grow from $469.8 billion in 2020 to $1,009.8 billion by 2025, at a compound annual growth rate (CAGR) of 16.5% during this period (Research & Markets, 2020) with research also indicating that over 70% of enterprises are committing to digital transformation or are already on the path to transformation. But the widespread and rapid adoption of technology is not all roses, with research also indicating close to 70% of digital transformation projects failing. While there are a host of factors that contribute to this failure, in my opinion, the number one reason is poor governance.
Now, if you are a governance professional in the field, I am sure you occasionally feel like a deer in the headlights considering how challenging and complicated technology governance is and how difficult it is to properly address the problem of poor governance and deciding where to focus efforts.
Here are five things that I recommend you can prioritize to make the biggest governance impact this year.
1. Align technology and business
Ensuring alignment between technology and the business is going to be key. This requires a clear and well-articulated strategy both on the business side and the technology side. Alignment is critical especially when technology is no longer just a supporting tool for business, but the way the business itself is carried out. Alignment is not a one and done and needs continued focus. A key aspect of ensuring this ongoing alignment is to ensure that all stakeholders are on the same page when it comes to managing related risks. Managing technology risk effectively supports alignment and ensures continued funding of technology initiatives which is also critical for continued success.
2. Bridge the skills gap
Another important component when it comes to technology governance is understanding and managing the skills gap that exists and has the potential to single-handedly derail your initiatives. While enterprises would do well to take a multi-pronged approach to managing the skills gap, it is also important for you as the governance professional to take the initiative to equip yourself better. When it comes to technology, enterprises should build programs to reskill/upskill existing personnel apart from looking outside for help, including through education and credentials. ISACA’s CGEIT certification is a great resource that can arm you as a professional with best practices, tools and even a peer group if helpful, on your technology governance journey. Apart from CGEIT, ISACA offers several certificates relating to emerging technologies such as IoT and cloud, that can also go a long way in ensuring the success of digital transformation efforts while also keeping your team skilled in line with evolving technology.
3. Manage technology debt
No enterprise operates with a clean slate when it comes to technology. This means that to have successful technology governance, it is imperative to not only manage all existing technology and but to also include a roadmap for the future of existing technology. It is important to understand the interfaces between the new and the old, because this is where risks and threats abound. Often, the focus on the new and shiny technology leads to enterprises ignoring existing technology related risks and threats, which affects on-going performance.
4. Leverage frameworks and best practices
A key aspect for effective governance is ensuring uniformity, repeatability and consistency across what is being governed, be it business or IT processes. This may seem counterintuitive, especially when it comes to some of the cutting-edge technologies out there, such as IoT or quantum computing, where best practices and frameworks are evolving along with the technology itself. But without underlying frameworks and best practices, it may not be possible to implement technology robustly, which itself may be a failing. Frameworks such as COBIT or ISACA’s Capability Maturity Model Integration (CMMI) can also be adopted for the governance aspect itself, as they can provide helpful guidelines, tools and techniques to drive effective governance and implement practices for effective IT implementation and success.
5. Focus on cybersecurity
From my perspective, cybersecurity is another key focus area for governance professionals and critical for the successful use of technology. While the position and relative importance of cybersecurity on this list may be debatable, its criticality is not. Cybersecurity, or the lack of it, is expected to be a $10 trillion+ business by 2025, which means governance professionals would do well to pay attention without fail. Effective cybersecurity will require, among other things, having a seat at the table and the buy-in of all the stakeholders involved. To effectively do this, the governance professional should communicate with each stakeholder in a language they understand while also relaying to the board of directors the importance of cybersecurity and how they can be an effective partner in helping the enterprise achieve the right cybersecurity posture. This will go a long way in ensuring effective operational cybersecurity, which is critical not just from a pure technology perspective but also required for the continued delivery of value from IT to the business.
As a governance professional, focusing on these key priorities will go a long way in strengthening governance as well as building skilled teams and advancing both technology and business goals.