Governance is not management! The governance of an organisation is the responsibility of the ‘governing body’, typically the Board of Directors or their equivalent. This ‘governing body’ is responsible for developing processes and systems to provide oversight of, and direction to, the organisation’s management to ensure the management work to achieve the organisation’s agreed strategic objectives, whilst operating within the moral, ethical and social frameworks set by the ‘governors’. Consequently, the root cause of most management failures can be traced back to a governance failure; either a failure to set the right objectives for management, or a failure to properly oversee the performance of management.
Obviously a Board of between 5 and 20 people meeting every few weeks cannot oversee every aspect of management in a major organisation themselves. Effective governance requires the delegation of appropriate authority to various levels of the organisation’s management but this delegation needs to be planned and properly overseen. You can delegate authority, you cannot delegate responsibility! The interaction of the management and governance systems within an organisation is the subject of a peer reviewed paper available as a pre-publication document from http://authors.elsevier.com/sd/article/S026378631300094X (if you do not have access to an academic library see: WP1084 Governance Systems & Management Systems for an earlier discussion of the subject).
From this perspective, the collection of reports into government IT project failures recently discussed in Mark Toomey’s ‘Infonomics Letter’ is worrying.
The general theme of the reports consistently point to a ‘governance failure’ but none of the reports hold the Department Secretary and/or the relevant Ministers responsible for their failure to ensure the governance systems were working effectively. Almost without exception the reports are rigorous in their analysis of government IT. And whilst every investigation carries its own fascinating stories of who did what, and how things went wrong, it is important to consider the overarching lessons that come from aggregating the findings from the collection of investigations. Mark suggests we look at the 2008 Gershon review into the Australian Government’s use of ICT and the follow-up Reineke Review of 2011, and contrast that with reports from the Victorian Government’s Auditor General and Ombudsman. Add in multiple layers of investigation from the payroll system debacle experienced by Queensland Health, and the parallel failure with the Ministry of Education payroll in New Zealand. Australian Customs‘ effort in closing down the national supply chain in October 2005 produced substantial insight, as did one of the globe’s highest profile and most expensive IT failures – the United Kingdom National Health Service Program for IT, and South Africa has its cases (as illustrated in its plan for governance of IT) and no doubt do many other nations.
Mark’s discussion of these is focused on the need for the ‘governing body’ and senior management to own the business initiatives that drive the need for IT innovation (rather then allowing the IT ‘tail’ to wag the organisational ‘dog’. And this is important.
My question is why the ‘governing bodies’ allowed their management to operate in this way in the first place. Spending $billions on projects and programs that do not have a properly defined management structure with properly assigned personal accountabilities is a fundamental failure of governance. And therefore the ‘governors’ need to be held accountable. How many more years and $billions in failures will go past before accountability is properly assigned?
Project’s involve risk, and sensible ‘light’ systems cannot prevent every failure but if there is properly assigned accountability, the senior managers and directors who are accountable will be encouraged to apply their skills to the challenges sooner rather than later. The reports linked from this post (thanks to Mark’s research) are sobering reading.