14 February 2006

System governance: deciding what is important

By Andrew Clifford

Defining criteria for system governance involves looking widely to get a long list of possible criteria, and then filtering to focus on what is really important to your organisation.

System governance needs a set of criteria that reflect what is important to your organisation about IT systems. There are four ways to identify possible criteria: collation; value-driven; decision-driven; and organisation-driven. You need to consider all four.

Collation involves gathering existing lists of criteria and requirements. Look at the questions you ask during system selection, such as in a request for information document. Analyse IT strategy documents and list aspects that are mentioned as important.

Value-driven involves directly asking "what makes a good IT system?" There are some things that jump out at you. For example, in my standard list of criteria the three most important ones are: how closely the system matches the users' tasks; how well the users accept the system; and whether the underlying technology is viable.

Decision-driven involves considering what changes may be required to your IT systems, and then analysing what information you need to make these decisions. For example, one change is to provide a dedicated test environment for a system. When would you do this? When it is an important system with lots of changes and a complicated environment that can not be easily shared. So system importance, frequency of change and share-ability of environment are possible criteria because they impact management decisions.

Organisation-driven involves considering what people like to know. These include management questions, such as "who is responsible for support?" and "when will the system be replaced?". It also include very basic questions like "what is the system called?".

These different methods will give you a long list of possible criteria. Next you need to combine and filter them to get a short list of really important criteria. There are no hard and fast rules for this. You just have to keep going until you have a short list you are happy with.

Overall you want a set of significant, non-specialist criteria that cover the breadth of IT management at a consistent level of detail. So reject criteria that are too detailed, too specialist, or just plain trivial. Make sure that each criterion deals with only one subject. Combine overlapping criteria.

Criteria have to make a difference. If you would give all your systems the same answer to one criterion, or you do not care about the answers, reject the criterion.

Consider where each criterion came from. If it is widely used, a good indicator of value, important for making decisions, and highly relevant to the organisation, it is a good criterion. If it only appeared on one list, it is perhaps best dropped.

When we went through this process at Metrici, to define a set of criteria for our commercial offer, we ended up with 30 measurable criteria. Our list is in the appendix of the paper at http://www.metrici.com/whitepaper_missing_link.html.

Once you have your list of criteria you need to define them in detail. Next week I will cover the additional information you need to capture before you can use your criteria as the basis for effective system governance.