IT Governance for SMBs Desiring to Outsource

IT Governance helps align IT activities to best meet SMB’s business requirements.  Most Governance methodologies start with alignment at the top.  This is a reasonable approach for all organizations where the traditional involvement of board-level executives in IT issues was to defer all key decisions to the company’s IT professionals. IT governance helps facilitate decision making across all stakeholders. This prevents IT from independently making and later being held solely responsible for poor decisions. 

From a IT Governance standpoint, Small to Mid-Sized Businesses (SMBs) differ from the larger firms in two important aspects:  One, they are more nimble and need flexibility, and second, they tend to focus on shorter-term issues.  For SMBs, the guiding principle is to deliver value to the business without injecting onerous controls that stifle productivity.   To achieve it, the IT Governance framework should provide complete transparency on IT activities and make it simple for users to make, monitor and prioritize IT requests.  In order to achieve transparency, SMBs will need to establish controls and processes to deliver quality technology solutions on time and within allocated budgets.  From a management perspective, it is critical to effectively allocate and track resources and costs. 

Outsourcing can actually enable effective IT Governance as it provides a scalable resource base to work in conjunction with internal IT resources.  To make outsourcing successful, the outsourcer’s governance framework must work seamlessly with the SMB’s IT Governance.  Mismatches in the Governance frameworks is one the principal causes of outsourcing failures.  Although mismatches can be best reduced by adopting a common process-centric framework, it is far from easy to implement common processes across two organizations.  A less expensive approach is to identify key risk areas in the process and establish clear mitigation strategies.

The Satyam Tragedy

Many of us who run clean IT businesses are no doubt reeling from the Enron-type disaster created by the fourth largest IT firm in India.  It is ironic that the name of this firm is Satyam. It is equally hard to imagine that only one individual is responsible for this mighty collapse. Raju has been brave to shield them, but it is certain that others, perhaps, even a few well placed politicians are involved. What we need is a systemic change in governance, but that is a distant dream in a society bereft with corruption.

Small to Mid-Sized businesses  who were contemplating outsourcing a function or a project, or even those seeking resource augmentation, will rightfully ask searching questions before selecting the vendor.  Credentialing is an approach that will alleviate this risk.  Simply selecting a vendor based on price will not work.  Proper credentialing verifies the IT infrastructure, staff capabilities, relevant experience, customer references, financial strength, and of course the underlying corporate governance.  Not that credentialing guarantees success – success is only achieved with diligence, technical superiority and excellence in project management.  However, credentialing is a necessary first step to eliminate companies that have gaps in Governance.