Skip to content
Service Delivery Community

Expert Talk on IT Governance with Suresh GP

Recently we have enjoyed the Expert Talk on IT Governance with Suresh GP. He has been responding all the questions sent by all of you on the interview that follows:

Please, share your comments on the topics covered.
Don’t forget to Subscribe, to receive our next articles and interviews. 

Suresh is a seasoned Business Consultant and Author of several articles on the matter, including two in

Here you can read the interview:

Q: My first question for you, Suresh, is: What is IT Governance and why it is needed? 
A: Right, I think there are a lot of misconceptions today about what is IT Governance. So let us talk about the definition of what COBIT5 says. So if you look it COBIT5, it actually clearly indicates the concept that Governance is “governance and ensures that you meet the stakeholders needs”. Stakeholder could be: your customers, your business users, all your employers as well. In meeting the stakeholders needs one of the thing is imperative – is to make sure that you have a clear direction, so the clear direction comes from the governance setting priorities for direction of that and then making sure that you measure your performance, compliance and regulations to meet your strategic business objectives. So, end to end governance look into the overarching frame to meet your strategic business objectives, meet stakeholders needs and ensure that you get performance, compliance and results. So why is it needed? Now this question, if you look it what we are today, we are in information explosion days. So right from consumerization of IT moving into cloud big data there are so many things that are happening. Now very important, the organization needs to cope with the market demand. So as me trying to cope with the market demand in terms of technology, in terms of competitive advantage, reducing the cost, one of the foremost imperative is: How do you govern the IT, right? When I say about governance of IT I’m talking about what ensures that I meet my strategic objectives, get better return on investment, make sure that I give the splendid performance and make sure that my stakeholders and customers are much happy and I’m able to meet the regulatory and legal complaints. As we get into a lot of these things, the lot of norms in the terms of security, information security thread, risk management and so another stuff. So, Governance is more of making sure that your organization is having the ability to scale up, to meet overall needs of the business.

Q: Our next question has been received from Twitter by Mark Smalley and he says: Information of Technology are intertwined but separate entities that should be govern, managed in their own right. Discuss! Okay, do you Suresh agree with Mark?
A: Yeah. I think it’s a very interesting point that Mark had raised across. One is the Information peace, the other one is Technology. Now, we have been using these terminologies quite often thinking that they all belong to information assets, right? So when I talk about technology lets state that technology about law. We talk about Big Data, right? We talk about mobility. So these are all disruptive technologies. The other ones are in the terms of technology that could also be about Big Data, which is different unstructured way in which information is today. It’s all ought to be the ability to have the aspect of information in various formats. We talk about information available through email, through documents and various other sources. Now Governance per say if you look at it as a broad term of they combine both Information and Technology together. How about if you ask the same question to a security professional. His question is: “Hey, I’m more concerned about information security, I’m look at they ways that my data will get leaked – my data will get protected.” So I’m looking more if you look at what role can you play in terms of understanding information or technology. If I’m a information security professional I look at it more from an information as a data, a data needs to be protected, it needs to be governed, it needs to have proper access privileges. So, you look at that aspects. When we talk about technology that again come, let’s say, I have outsourced my services to a cloud provider. What of the things I need to make sure is that my data is secured. In that case you have a technology layer and within a technology layer you have an information layer underneath. So if you look at as there are different layers but put together they all encompass the overall governance. So it depends clearly from what perspective you look into it. It could be as an information security professional, I’m not looking at beyond information, but if you are looking it as a governance professional, you will need to look at the technology layer, at the information layer and all various layers that are involved. That’s how I make distinction between information and the technology put into the frame of governance.

Q: Imagine we don’t know our business goals, how we can govern IT?
A: Now, this is a good question, Angel. One of the things I always ask is – who is the customer for IT? Now this has a profound meaning in the way we operate governance. For me, the most important customers for IT is business. It cannot exist without business. So, the most important aspect that IT needs to look at is – what is the business goal, the business objective that the organization is embarking because is no longer a cost, I think it is an enabler, it is a kind of value differentiator for all the organizations. So in your case, when you tell that there are no business goals – I’m a little shocked because if you do not know about your business goals your governance/IT will not be able to fulfill the expectations of business. So what are the foremost things we need to do as a part of IT is to sit with the business and understand what is your strategic direction. So if you don’t have a business goals there is no way governance can be implemented. So if I just take a step back. What does COBIT5 say. So it starts with your strategic business objectives which again build on into business goals, from business goals you build down to IT goals, and then from IT goals you go to process level and activities, KPIs, right? So in order to achieve all of these stuff the first and foremost thing I recommend is the balance scorecard. Now this balance scorecard when you look at it has some four quadrants, like: customer, financial, performance and operation efficiency. Now all these four quadrants are primarily determined by business. IT has to align with the business objective. So if I don’t have a business goal then I have a big problem.

Q: What areas involve IT Governance?
A: So if you look at IT Governance to give an important perspective of areas that address IT governance. First and foremost is strategic business alignment. When I mean strategic business alignment is making sure that IT is aligned with business to achieve your strategic objectives. So making sure that business IT alignment and integration happens that is the first most important area when we talk about IT Governance. The second one important area is value delivery. More often I told you there is a lot of investment made on IT. Business has no clue about what IT is doing. So value area is another area where IT governance can be realized. What I mean to say is: Am I investing the right amount of money, am I getting a return on investment, am I providing value to customers and business? The third aspect is performance measurement. Now when I say performance measurement, now we are very good at meeting contraction agreements, service level agreements but we do not have an insight into whether this KPIs are grated to my IT goals, to business goals, to the balance scorecard. So you need to look at performance measurement of making resolution of your incident tickets, my problem tickets, how does it alters my customer’s satisfaction. So that is about performance measurement. The next one is resource management. I think we’ve been struggling heavily on resource management. We have a shared model, we have, off shore onsite models, we have, dedicated full time support. So how do you manage resources? Resources can be human resources, IT resources, IT assets and other stuff. So these are also need to be optimized. So been resource optimization is also an area of governance. So put together all in a nutshell will be a governance framework that will focus on strategic alignment, value delivery, performance measurement and resource management. So these are common areas where you can implement the governance and see value in business as well as for your own entire organization.

Q: What are the resource outcomes for IT governance?
A: In terms of outcomes I think very important is with governance we are focusing on business outcomes. Now when I say about business outcomes all that the business wants today in terms of competitive advantage, taking control of consumerization of IT, distruptive technologies, ability to create, better customers satisfaction that is stakeholder management. All these elements are going to be outcome of governance. Now governance has been increasingly getting important because we are now in an area of information explosion, disruptive technologies and consumerization of IT. So all that needs is better governance in terms of insuring investment that you will attain, getting more track of how we are spending money, are we getting the real value, killing of project that are not making any sense to it. So as we do proper resource optimization, value delivery, strategic alignment, all this will enable us to get better business outcomes. The organization embarks to for a journey you will be able to achieve all that – better control, better management, compliance to legal regulations and much more than customers satisfaction. So that is all about business outcomes. That’s how IT governance has got prefunding parts in terms of the outcomes that can delivers to business and customers.