A high level view of the ADapT Strategic Governance and Management Cycle

When AS 8015 (later ISO/IEC38500) was published, it dawned on many people for the first time, that Governance was about Strategy more than anything else. That also implies that the oversight role of boards over time got overemphasised and became disproportionate! Boards started spending more time on what organisations cannot do, than what they should do. If that’s the case in your organisation – you need to reconsider the role of the board seriously!

We will NEVER talk about GOVERNANCE and STRATEGY as separate activities in ADapT.

Governance is the job of the governing body (usually the board of directors or what we normally call leadership). A Governing Body needs to understand the context of the organisation before defining a strategy. They then need to define a strategy, and ensure that that the management of the organisation act on the strategy, by taking actions to bring the strategy to fruition. They then need to evaluate the outcomes from these actions to see of the strategy is effective!

Immediately I hear you say but what about the board’s role to keep the organiation and shareholders safe?

Well, let’s look at it this way, one way of giving direction is through policy, and I have already said the governing body needs to ensure that action followed the direction given.

But please note that not all policy in organisations should be the concern of the board, policy, like goals cascade down the organisation!

For us, the main achievement of ISO/IEC38500 was not defining principles for the governance of enterprise IT, but a succinct way to describe the job of the board of directors (governing body), namely:

  1. Evaluate – the context in which the organization operates to enable an in-depth understanding of the organizational context – thus informing the strategic direction to be taken by the organization
  2. Direct – devise and provide strategic direction to the organization and ensure that direction given is executable by making the correct resources available to act on the direction given
  3. Monitor – the organizational response to the direction given to:
  4. Ensure the direction given is acted upon and Intervene when issues present themselves
  5. Make resources available that may be required to fulfil the strategy of the organization, and
  6. If necessary, adjust the strategic direction if required.

These responsibilities of a governing body became known as the EDM governance triangle.

With EDM a distinct line is drawn between the work of the leadership (governing body) of the organisation and the management (who’s job are to act on strategic direction given).

In the graphic here, you will see EVALUATE and MONITOR are sitting in the background of all of the Governance activities. Monitoring and evaluating needs to be done first and then continually, to ensure that the governing body’s direction is based on the current reality the organisation is facing. In a digital age, the importance of continuously keeping your hand on the pulse of your macro and competitive environment of the utmost importance. Strategy in a digital age is much more fluent.

Keeping your hand on the pulse of the organisation always was (but in most organisations this feedback reached the governing body far too infrequently) part of the job of the board!

The real work of a governing body happens in the foreground of the graphic, and that is the DIRECT activities.

You will notice the absence of familiar strategic words like Vision and Mission – the omission of these words are on purpose! We feel that these terms carry so many different interpretations (and associated bad habits) that we will not use these terms from now on in ADapT.

The EXTRACT phase of ADapT would rather concentrate on newer, more progressive terms lately used to replace these words. Words like PURPOSE, CAUSE and AIMS.

You will also notice that CULTURE and VALUES are core themes that drive strategy and the execution of strategy by defining ORGANISATIONAL PRINCIPLES.

We first highlighted the importance of Service Management Principles in VeriSM as guard-rails for everything the organisation is doing. The difference here is that we have not limited principles of one specific domain (Service Management in the case of VeriSM) but are now talking about ORGANISATIONAL PRINCIPLES that should act as guardrails or safe-boundaries for all organisational decisions and actions!

Another important role of the governing body is to ensure that the organisation can operate in a sustainable manner. Sustainable can mean two things, and in ADapT we mean BOTH of these concepts.

  1. Work in a sustainable manner from a macro context – that means environmentally friendly, sensitive to the needs to all stakeholders, as a responsible and law-abiding corporate citizen.
  2. But also ensuring that if the organisation pursue a specific direction or strategy, that they can achieve, and continue to achieve the intended strategic outcomes within the environmental and organisational constraints. Sustaining performance is just as important as performing sustainably.

In the following sessions progressively work though the activities highlighted here – but maybe just for clarity sake, here is a picture that zooms into DIRECT and what management typically do as a result of direction given.

As this is not a course in governance we will not go through the graphic in detail, its intent is as a reference that you can come back to as we go through the steps in ADapT EXTRACT, and you may ask – how does this relate to that – that’s all.

Slightly off topic, but it needs to be said!

We will not delve deeply into the topic of governance and what a good and cohesive governance framework looks like, there are many texts out there that can be consulted. We do however draw a parallel between Strategy and Governance in ADapT and ask that you redefine what is meant by Governance in your organisation.

A good governance framework will address three key issues listed in COBIT®:

  • Ensure benefits delivery to stakeholders
  • Ensure the optimization of risk, and
  • Ensure the optimization of resources.