As much as IT governance has made great progress over the last 15 years, changes in the role of business technology have outstripped its development to the extent that it is only partially fit for purpose.
Data has become the linchpin of business operations, and all aspects of its management should be fundamental components of the governance agenda.
For most organisations, IT governance has two perspectives that often exist at arm’s length. The first is a board-level view concerned with managing risk and investment, developing strategy and capability, and security and regulatory compliance.
The second is that of operational governance, focused on managing resources, service and solution delivery (plan, build, run), and performance management.
Current governance standards and frameworks represent these perspectives well: ISO 38500 for board level governance; COBIT 5 now addresses the full span of enterprise IT governance; and there is reasonable integration with other IT management frameworks such as ITIL.
However, this view still treats IT as a supporting service to the overall goals of an organisation, rather than as a fundamental part of strategy.
For many organisations, this is precisely what it has become. The role of data is a prime example of that disparity; whether it is about engaging customers, optimising performance, calculating risk, or any of a plethora of similar use cases, data is a core business asset.
The effective management of that data - including data acquisition, data quality, data security, and data integration - has become a fundamental requirement from a business perspective, rather than from a technical perspective.
The rapid growth of business analytics and the demand for data scientists and chief data officers are evidence of this happening on the ground, but data management is not sufficiently recognised within the existing governance environment.
Forward-thinking organisations are ensuring that data, and the wider domain of business technology, have a place on their strategic agendas, often as part of digital transformation initiatives.
Regulation and governance will always lag behind business practice, but this is a time for organisations to be proactive and update their approaches to governance, rather than to wait for formal guidance to catch up.
By Tim Jennings - Research Analyst, Ovum