What is Governance? Why do we need it? Does it mean the end of fun? Is it all bad? Is it the same as Management? Over the years, I thought about these questions and many more. It’s a journey that started with dislike and fear for Governance and now I accept and embrace it. So, I thought I would share my take on the topic of governance.
I look back over the last 4 years and I see that we have grown from approximately 100 people to over 550 people. Among other things, this growth also meant we needed to change the way the company is run – and how we run the customer projects.
Also, (almost all) our customers are large companies. They chose us and like to work with us not only for what can do for them but also how we work with them. One of the side effects of working with large companies is that they expect a certain level of “maturity” in our governance process – be it how we run our company or how we run our projects.
And nowadays, whenever I am in conversation with project teams – small and big or, the leadership teams of Objectivity, I notice that words like Values, Governance, Innovation, Collaboration, Customer Intimacy are popping up more frequently.
So I thought I’d consider the term Governance a bit more, examine it.
Let’s face it – the term Governance has a bad PR – especially amongst us technical folks. Generally people think of it as bureaucratic, red tape and mostly unnecessary things that kills the fun and creates lots of useless documents. When I was fresh faced – a million years back – I thought like that too.
But now I don’t.
Wikipedia defines it as “the way the rules, norms and actions are produced, sustained, regulated and held accountable”.
Within the context of our company, I translate that into a set of policies – written or unwritten and practices – stated or otherwise – with the goal of providing the strategic intent. And we do that while ensuring various objectives are met, ascertaining the risks are managed and verifying that our resources are used responsibly.
This also means, there are various “levels” of governance. For example, Company governance, Project governance or Architecture governance etc.. But the issues of governance remain the same – clarity and consistency of decision making process. People are generally satisfied, when it is clear who makes what decision and on what basis and how the results are monitored.
When I think about governance a bit more I see broadly, that there are 2 sides to Governance.
“Conformance and Compliance” is one of the sides and this deals with accountability and assurance. For example, at the company level, have we complied with the financial accounting rules or complied with the regulatory needs? Even though (for the type of work we do) there is no “legal or regulatory” requirement for the project governance, there is contractual obligations and our own or customer’s standards & policies demands compliance to certain “rules of engagements”. For example, Project Assurance independently verifying the project review reports containing information on status, progress, impediments, risks and issues is essential for good governance. Regularly reviewing the project with key personnel from the client and giving them a full picture of the project is another step of good governance.
The other side is the “Performance Governance” and it deals with value creation and resource utilisation. In some way, compliance and conformance governance looks back in time and the Performance governance looks to the future. An example of performance governance at the company level is trying to make sure how that our most talents and most able people are engaged with the most complex problems that the company faces. Similarly, the Tribe Master and his/her leadership team ensures the right people are assigned to right problems – be it technical, analytical, developmental etc. – while recognising constraints created by company wide policies for greater good (for example, filling in timesheet information at User Story level).
Governance for companies has been in media spotlight – following a number of well known scandals, And this has led to strengthening of regulations by introducing acts like Sarbanes-Oxley in the US. And now the importance of good governance is recognised worldwide.
I recognise that sometimes, maintaining the “good governance rules” can appear to be too bureaucratic. But the intention of governance has never been to create unnecessary activities. And we should be vigilant to stop the emergence of non value adding, bureaucratic processes.
Very often, we use the term interchangeably and this adds to the confusion.
Broadly speaking, I see that governance deals with policies and determines who makes the decisions. Management is the process of making and implementing the decisions. For example, governance determines who holds the decision rights for how much the company invests in IT. Management determines the actual amount of money invested and the areas in which the money is spent.
In our company, the senior management team designs the IT decision rights and accountabilities to encourage the desirable behaviours. And in a growing company like ours, the goal post can change. For example,one area that is continually in focus is that deals with degree of decentralisation and local decision making.
Problems occur when there is a mismatch between desirable behaviour and governance ethos. And we should be aware of this danger. For example, If a key desirable behaviour was rapid innovation and the governance policies are bureaucratic, then it is easy to see the difficulties that will arise.
So, it is important to keep the feedback loop working so that we avoid traps like these.
All the attention to governance also raises the questions whether the IT used for supporting the business processes is adequately controlled. And that leads to the increased scrutiny for IT Governance that we see in many of our clients.
In my opinion, the Governance can be simplified to specifying the decision rights and accountability to encourage desirable behaviours in the use of resources. The decision rights and accountability are aspects that are easier to deal with. But the “Desirable Behaviour” is different in different companies or circumstances and poses some challenges..
At its heart, governance must address these three questions:
In light of this thinking, if we look at a tribe, we see the Tribe Board has to make decisions on a range of topics that allows for retrospective scrutiny. Are the decisions complying with the “rules and regulations” like our brand of agile/scrum implementation or our established software development and testing practices or client engagement and collaboration practices or our self imposed disciplines to adhere to our values.
Also, the tribe needs to make decisions on the prospective element of the governance – how to be innovative, create value for our client and improve customer intimacy? And how best to deploy our resources – people within and outside the tribe, additional investments to create something new – a process improvement or a innovative technology application to delight our customer or beat the competition or create a new capability within Objectivity.
This is a difficult area to get it right.
However, that doesn’t mean it is not important. Without a good governance framework and its consistent application, our projects will be out of control, customers will be unhappy, decisions made with the tribes, guilds or at the company level will appear random and inconsistent.
“Governance Rules” are not above criticism or questions. A good governance regime, does not mean bureaucracy and red tape. Getting the balance right and ensuring that it’s aligned to our ethos are important.
Do you share some of my opinions? Let me know what you think.