Straight Talk on Project Management

ITSM Governance

Share this post


RSS feed

The cornerstones of ITSM Governance. Who, what, why, when and how

I heard a cute joke today from an IT Service Manager friend’s son Benjamin, who is only 10.

Q: Who makes sure everything goes to plan in the anthill?
A: The govern-ants.

Great isn’t?! Made me smile. And well done Benjamin for identifying the value of asking ‘who?’

‘Who’ is one of the most important questions when considering IT Service Management governance. Together with What, Why, How and When, I consider it one of the cornerstones. In this blog let’s briefly explore each of them. Starting with … what.

What is ITSM governance?

Firstly, what is it broadly?

Harvard Business School defines IT governance as “specifying the decision rights and the decision-making mechanics to foster the desired behaviour in the use of IT”. Gartner says IT governance (ITG) is “the processes that ensure the effective and efficient use of IT in enabling an organisation to achieve its goals.”

ITSM governance is where control, performance and compliance sit within your IT estate but it has more than a policing role. Indeed, the most effective governance models provide access to decision-making processes around incident data that allow organisations to respond to events far more quickly.

IT demand governance can allow effective evaluation and selection based on measurable business benefits. It can facilitate prioritisation, for example of funding of competing IT investments.

The second part of the ‘what’ question is more targeted. What IT governance will mean for your specific IT Project or infrastructure can vary dependent on your business needs. A friend who works in banking IT considers the event data aspect to be a governance priority – it has helped bring systems back online when they suffered much-publicised outages a lot quicker than had no governance been in place. Others may consider cost to be the main priority of governance or end user efficiency or customer experience. The point is, although broadly similar, governance varies at operational level and it is important to be explicit when deciding what you want from it.


Why do we need IT governance?

Spend some time with an IT organisation that has no governance structure and you’ll soon see why. Usually, you will they have no consistent approach to decision making, transparency or lines of accountability. Also, when things go wrong, they really go wrong with events spiralling out of control very quickly.

Governance isn’t simply about getting decisions right it’s about creating processes and a culture for decision making.

Things still go wrong, even with the most robust governance in place but it’s easier to identify what happened and decide what action to take.


I’m often asked, who is responsible for IT governance? I usually say everyone in the entire IT organisation. Usually, it’s assumed that it’s the responsibility of senior leaders but when your culture empowers everyone to take ownership (at appropriate times) you find that governance becomes a part of your organisational DNA. This is way better than, for instance, a poster on a wall outlining your approach to governance that soon becomes invisible and ignored. The more you can get everyone to live and breathe governance the more you will benefit from it.

You can achieve this with thorough communication of your governance principles with all relevant staff, but actually involving them, drawing upon their experience and expertise will make governance a living entity.

Finally, and as often assumed, one of the most important ‘whos’ is senior management. When governance fails it is often because of weak leadership. Strong leadership and C-suite endorsement of your governance priorities will usually bolster implementation.


ITSM governance is dependent on effective decision making and behaviours that are aligned with the stated mission of your organisation. So when do you start? It may sound obvious but how governance of your IT Projects will look like must be agreed, documented and communicated at the very earliest opportunity, if possible right at the start.

I often compare governance to checking your car before a journey. It’s really hard to check your tyre pressure when you’re doing 70mph in the fast lane of the motorway but if you were to experience a tyre blowout at this speed the consequences could be catastrophic. Checking that your pressures are right, your lights are working, your screen wash is filled and the car is fully fuelled before you set off can increase the chance of a successful journey. So it is with an IT journey.

For many IT organisations, this horse has bolted. Governance is not a new thing but when you chat to some organisations you’d think it had been invented yesterday – it may explain why failure rates are so high. Even for these organisations, my argument that governance should be implemented as early as possible still stands. You can’t do anything about the past but your future self will thank you for addressing governance now.


Once you’ve decided on what ITSM governance should look like, it is vital that you consider how you are going to design, implement and execute it at an operational level. The ‘as a Service’ market has experts in this field who are passionate about governance. If you’re entering the market choose advice from someone who has ‘been there, done that.’ There is a lot of advice out of textbooks and sometimes it can do more harm than good if not aligned with your IT business strategy and culture.

If you are going it alone and starting from square one, you could benefit from looking into methods that best suit your mission. For example, PRINCE2 for best practice in IT Projects, CMMI for maturity, or ITIL for IT service delivery.

It can be a minefield, though. As one ITSM put it, “Most firms and organisations are not IT organisations, they make sausages or cars or provide council services or health care. The point is, that it is in these areas that they are strong. Unless you are confident that your IT governance can be as good as your sausages getting someone in whose bag this is will be a seriously wise investment.”

Personally, I’d be a rubbish sausage maker … but governance … now that IS my bag.

It is worth considering multisourcing your IT Service Management (ITSM) through a partner who will operate from your business perspective whilst leveraging the benefits of multiple vendor/client relationships. ITSM, buying Project Management as a Service, and multisourcing key IT functions can. Contact us to learn more about how Stoneseed’s IT Service Management can help you to improve the quality and reduce the cost of your ITSM.

Find out more about IT Service Management from Stoneseed