This is the MIT CIO Symposium blog. We invite participation from speakers, sponsors, attendees, and interested parties.

IT Governance – Issue 6

By donflinn | March 21, 2010

What’s in this issue

We’ll now turn to a somewhat more familiar aspect of IT, business applications.  In truth these are what most people think of when discussing what IT does and while they are not the be all of IT they are an important output that must be controlled and directed.

Since the users of IT see its applications as the visible output, a good deal IT’s budget is spent on them.  These very characteristics create a tendency for management to devote more time and money to applications at the expense of the other five parts of IT governance.  As we said in our last blog, balance is an important consideration in having a well functioning and productive technology arm of the company.

We spend time in the last blog distinguishing between infrastructure and applications, so we should have a good handle on where business applications fall in the scheme of the work and output of IT.  Nevertheless the importance of applications, especially to the users, demands that they be clarified in their own right.

Business Applications

Business applications usually are shorter lived and directed to a solving a particular business problem or delivering a particular service.  Consequently they usually come under the purview of the business unit, which has the more direct concept of what is required of the applications.  However, following the model of good governance that we have been discussing in this series of blogs, these important pieces of the IT story must be controlled and given direction through the same structure and hierarchy as other aspects of IT. 

Why do we emphasize that good governance principles must be followed by business applications?  Because they are often allowed to exist as the “Lone Ranger” in many companies, i.e. the business unit alone decides what applications to acquire or build.  Being shorter term and very specific, companies often rationalize that there is an immediate need thus they should just be completed without the baggage of the governance process.

There are number of incorrect assumptions and conclusions in this attitude.  We’ll examine these through three aspects of a company’s business applications:

  1. Culmination of business strategy
  2. Cost
  3. Business use trumps technical expedience

Culmination of business strategy

While the individual business unit manager looks at a business application as a way to perform some task in their section, the task itself is part of the larger corporate strategy and should support that strategy.  Therefore, each cog in the machinery that is the company must enhance and fit smoothly into the overall corporate purpose and goals.

Business Applications comes to fruition by means of a complex lineage as shown in Figure 1.

Business Application

Figure 1

Management is the primary influence on, in this case, the corporation’s applications, by establishing control and direction as described in our previous blogs.  Control and direction is filtered through the various management layers meaning that at each layer it is primarily determined by interpreting the decisions from layers below.  For example, the influence of corporate strategy on an application comes from the business unit, but the BU has interpreted the strategy, which it received from the chain below in terms of its own and its dependants responsibilities and goals.  Obviously the decisions about a particular application are not within the concerns of the BoD.  However, the strategy laid out by the BoD must be comprehensive enough so that it can be interpreted by each level in the management chain according to their domain of responsibility.  Each link in the chain is accountable for not only for its domain but for making it’s direction and control encompassing enough to be applicable to those above it.  This is hard.

With apologies to John Dunn “No app is an island”.  It must interact well with other applications not only in the same business unit but those in other BUs.  Results from the application in question might be used by an application in another BU and vice-a-versa.  A modification to application A might be necessary to satisfy the requirements of another business requirement even though it may make the application somewhat less attractive to the originating BU.

Further, turning to the technology leg, the application should interact with and use the capabilities of the infrastructure.  For example, the infrastructure might support a company-wide database of customers, which the application should use.  Again, there might be push back from the business unit that a specifically designed data base would more readily meet their needs.  This is not a legitimate argument – the overall benefit to the company should rule.

The third leg of influence is that of the users of the application.  Not just the immediate users are important, but consideration must be given to the desires and effect on other users, who may be outside the unit or even outside the company.

All this may seem overload for *just* a business program, but if you look at it as a specific instance whose purpose is to support and actualize the business’ goals, then it becomes clear that this is critical part of your business.  Going further, if a particular business application does not supply or support a useful service for the company, then serious consideration should be the acquisition of that application.


Business applications are a significant part of IT costs, especially when you include maintenance, personnel to support them as well as their original cost, whether purchased or built in house.  In fact, when looked as a tangible service, then it and its other functions, such as training, security, hardware and software infrastructure, only exist to support the service supplied.

Given that IT costs revolve around their business applications, then directing and controlling application costs can be seen as a high level activity, which we will address in our next blog.

Business Use Trumps Technical Expediencies

This is a theme that we have hammered on throughout this series.  When it comes to building or buying applications, too often the dream of technical excellence overwhelms practical, mundane requirements and we wind up with an application in which 80% is never or, at best, rarely used. Note that this figure has been verified by a number of sources.  Think over your own applications and ask your users what functionality they are using and how often.  You’ll be surprised at the answers you get.

This prejudice for the technically perfect over the good enough is understandable when you realize that those most intimately involved with an application are the technical people, whose training and pride are based on great code.  Those in charge, many of whom at this level are technical people, must fight this tendency and rely on the chain of direction that is available and make every effort to interpret this direction in the light of its business implications.  Top management can help by making the inclusion of governance in decisions an unequivocal requirement not a suggestion.

Business applications are the visible product of IT and will be used to judge how well the technical arm of the company supports and forwards business goals.  An IT section that follows a well constructed governance system will not only give them the appearance of doing what is best for the company as a whole, but will give substance to their actions.

While applications are the visible product, one should be aware that it is not the applications themselves that are really used to judge IT, but the services offered, which are the net result of applications, infrastructure, training, ease of use, etc. and most importantly, satisfy a need of  the user.

How are the decisions made

Most of the leading companies use a combination of their corporate executives and business unit management combined with their technical management when it comes to setting direction for what applications are chosen.  In many situations it is the business unit that initiates the request for a particular service, with the unit CIOs contributing with the technical requirements.  However, since the effect of these decisions may be corporate wide, even if the application is only for one business unit, the corporate executive team must get involved so that solutions take into account corporate imperatives and integration across all units.

Business managers and IT leaders in the business units carry out the nity gritty work, e.g. determining functionality required, such as build/buy, choosing applications and functionality with the corporate level executives making the broad investment decisions and assuring compliance with corporate wide strategy and coordination

In order for this to work effectively the reward system must incentivize the BU managers to put corporate-wide benefits before their unit benefits.   Most reward systems and people’s natural tendencies result in the opposite effect, so this is a significant change.  But, unless you want top management making all the decisions in this area, it is necessary.

Next Blog

Our next blog will look at the governance process for investment decisions related to IT.

Topics: IT Governance | No Comments »

Leave a Reply