Here’s something you don’t want to hear. If you have an awesome IT management strategy, but your IT governance sucks, you’re not going to achieve your business objectives as well as you could. It works the other way round, too. Great governance but weak management? Nope.
Like Batman and Robin working together for the benefit of Gotham City, IT governance and IT management work together for the benefit of your business. They’re the yin and yang of business IT. They need each other, and you need both.
But if you’re thinking they sound kind of similar, we feel you. They can blur at the edges a bit. Sometimes the terms are used interchangeably. So here’s our quick and dirty guide to what they are and why you need them both.
IT Governance vs IT Management: What’s the Difference?
Put very simply; governance is leadership and strategy. Management is operations and tactics.
In IT terms, IT governance provides the direction, policies, and strategy that makes sure that what you do with your IT supports your business objectives.
IT management provides the planning, operating, and monitoring of your IT to align with what is set by IT governance. Both are critical to reaching business goals. IT governance gives direction, and IT management makes it happen.
If IT governance is the what, IT management is the how.
IT Governance: An Overview
IT governance is a thing, and there are official frameworks for it, such as COBIT. Because it aligns IT strategy with your business strategy, governance usually sits somewhere high up in an organization. In big enterprises, it’ll be board level, as a part of the overall enterprise governance.
But IT governance is not just for large corporations. It’s just as relevant to smaller businesses, and it’s usually the IT manager responsible for governance AND management. That’s not an easy task.
Some of the responsibilities of IT governance include:
- Horizon-scanning: understanding where technology is going, but also where the business is going, and linking the two.
- Setting priorities, policies, and procedures for IT management.
- Talking to stakeholders, including staff and customers, to discover their needs and issues and how IT might address them.
- Compliance with regulations, and accountability to regulatory bodies.
- Deciding appropriate risk levels, and managing that risk.
- Defining roles and responsibilities for both IT governance and management.
- Evaluating and monitoring progress and performance against objectives.
- Creating disaster recovery plans.
- Taking action on issues flagged up.
How do you know when something comes under IT governance? Or doesn’t?
To determine if an issue is an IT governance or an IT management concern, ask yourself:
- Is it big?
- Does it relate to the future?
- Is someone (e.g., the media or a regulatory body) watching you?
- Does it relate to business policy?
- Is it at the center of business mission or values?
- If it goes wrong, does something terrible happen?
If the answer is yes, it’s governance.
IT Management: An Overview,
In theory, IT management is IT governance in practice. IT management manages the IT operations and services of a business to fulfill the requirements of IT governance. It’s the stuff you do every day. Things like:
- Implementing, managing, and maintaining the systems and services for your colleagues and customers.
- Managing data security protocols.
- Developing new services for colleagues and clients.
- Managing third-party IT vendors, such as the SAAS you use.
- Working with external auditors.
- Monitoring and reporting for the CTO, COO, CFO, and all the other acronyms.
Great IT managers recognize the importance of robust IT governance and its purpose. They know that having good IT governance maximizes the value of a company’s investment in IT. Good governance gives IT management the guidance, tools, and freedom to do the right things in the right way.
But what happens to IT governance if you’re a kitchen table start-up of five people and a dog? What happens to IT governance if you’re a tired IT manager with one underling and a very busy CEO?
Bootstrapping IT Governance: A Guide for Tired IT Managers
Separation of duties between IT governance and IT management is good practice. But if you’re short on personpower or influence, here’s a practical way to address elements of good governance:
1. Create a Governance Framework
Create a simple framework that prioritizes from the ground up. Focus on the basics before moving up to the nice-to-haves. Your priorities might look like this:
- Priority 1: Ensure continuation of services
- Priority 2: Plan and organize
- Priority 3: Optimize
2. Create Policies for Each Priority
Policies shouldn’t be a bunch of words that gather digital dust in a folder on the Z Drive in the basement. Policies are living, breathing “this is how we operate” agreements, and might look like this:
- Priority 1: To ensure the continuation of services, create policies relating to operational continuity, data protection, security, compliance with regulations, and disaster recovery.
- Priority 2: To plan and organize, create policies relating to configuration management, and horizon-scanning.
- Priority 3: To optimize, develop policies relating to continual improvement, and stakeholder feedback.
You can derive your tasks (IT management) and the metrics to measure success or failure from your policies.
3. Get Independent Help
Once you’ve put governance in place, it can be helpful to hire an independent expert to help with aspects of governance—for instance, with monitoring or with optimization of services.
Self-monitoring isn’t easy, especially if you’re the only IT expert in the office. And, of course, there’s the principle of separation of duties to consider, so it makes business sense to outsource this aspect especially. Third-party help can streamline your IT governance by monitoring, fixing, and reporting issues.
If you’d like to talk through some quick and effective ways of improving IT governance in your organization or want to learn more about IT governance vs IT management, give us a call. We’re here to help.