Governance and management of informational resources: serving the strategic objectives of companies
Informational resources (IR) are an essential tool for the development and growth of companies. There are many clear examples. For example, Couche Tard‘s expansion strategy is based on the use of an ERP that allows it to integrate convenience store chains efficiently, giving the company a significant competitive advantage. It is also well known that Walmart relies on artificial intelligence to fuel its marketing strategy.
For IR to effectively contribute to the achievement of a company’s strategic goals, processes must be adapted to be consistent with digital evolution and transformation. Information resources represent one of the highest expenses for an organization, more than 1.5 billion dollars for the Quebec government departments and agencies alone, not including health, education and Revenu Québec!
As a former CIO, I have seen that IR management is not only about initiating projects, but also about ensuring that investment decision-making processes are aligned with strategic objectives.
"A misalignment between informational resources management and the company's strategic objectives results in poor spending and investment decisions, internal customer dissatisfaction, and ultimately, a loss of confidence in the quality and reliability of IR."
Diagnosis and action plan
All companies carry out strategic planning in a more or less formal way. It starts with a diagnosis that examines the external environment (threats and opportunities) and the internal environment (strengths and weaknesses). From this diagnosis, strategic objectives and an action plan are developed to achieve the company’s vision.
The company objectives resulting from a strategic diagnosis can be classified into different categories. The examples cited above are part of a growth objective. Other companies may adopt very different strategic objectives if, for example, they need to recover from a context that has affected the parameters of their business model. The effect of the pandemic on the tourism industry is a good example.
Tools and approaches
For their part, CIOs must ensure that IR management is in line with the achievement of the company’s strategic objectives. To achieve this, there are several tools on the market. A pragmatic, efficient and scalable approach exploits one of the best known frameworks, COBIT 2019. Known as the “Framework for governance of information and technology in enterprises”, COBIT is a comprehensive repository of generally accepted principles, practices, analysis tools and models that can help any enterprise effectively address critical issues related to the management and governance of information and technology.
The latest version is the result of several years of observation of how companies and their information resources operate. This model describes the interrelationships between the 40 processes performed by an enterprise. All companies that use IR perform these processes in a more or less formal and controlled way.
An academic approach results in a formal implementation of the COBIT model, as it brings together the best practices of IR management in a coherent and integrated whole. On the other hand, this approach raises two important issues with regard to its practical application: the complexity of the model (40 processes) and, as a corollary, the length of time required before producing concrete results. The challenge is to develop an approach that will make it possible to identify the processes on which it is most relevant to intervene as a priority.
Optimal approach
ESI Technologies has developed an approach to efficiently identify and evolve the most relevant management processes to achieve strategic business objectives. Indeed, in order to make the most of its informational resources, the first step for the company is to clearly identify its objectives in order to focus its efforts on the most relevant COBIT processes.
For example, for a company that anticipates significant revenue growth in a short time frame, processes such as “Project Portfolio Management” and “Budget and Cost Management” will receive particular attention because they embody the organization’s IR management decisions.
Such a diagnosis must be conducted by a team of experts who not only master the processes of the chosen framework (COBIT or other), but also have a good understanding of the IRs available to the company. This is how we will be able to identify high-value interventions and classify them to give the company a progressive and realistic timeline to achieve its initial objectives and establish the foundation for the next steps.
Our approach is to produce a gap analysis between the current and desired situation. Through interviews with the various stakeholders, we are able to estimate the current level of control of the processes selected for strategic planning. The desired level of control for each process is then established. The diagnosis of this exercise is accompanied by an action plan to achieve these levels of control and recommendations.
This is a rigorous and effective approach that can be applied to any type of organization and to strategic objectives as varied as revenue growth or the recovery of activities following a major incident, for example.
ESI Technologies has experienced consultants from various professional backgrounds who will be able to support you in your strategic development projects.
Bernard Plante
Strategic Consultant
ESI Technologies
You might also like
Identify and prioritize cybersecurity investments
In order to produce the information security action plan, the initiatives should be carried out over a period of time based on various factors that are well known in project portfolio management, such as the company's strategic orientations, the availability of resources, etc.
What you need to know about IT Governance
Public and private sector organizations need a way to ensure that their IT functions support their strategies and objectives. A formal IT governance program should be on the radar of any organization that needs to comply with regulations related to financial and technological accountability.