Tuesday, June 18, 2013

Is CIO a Cloud Governance Champion?

Governance is definitely relevant for CIO role, he/she is at the right position to orchestrate Cloud solution with strong GRC discipline.


Cloud Computing is growing at about three times the rate of traditional, on-premises software. According to industry survey, CIOs appreciate the flexibility that SaaS solutions provide for companies that want to quickly set up and scale a new application, Cloud should be the initiative the CIO takes to transform their organization into the next level (more agile and optimized infrastructure & application). 

Although IT decision makers voiced legitimate reasons, including the need for security and reliability, do you regard cloud governance as relevant for CIO?

1. Cloud Governance is Subset of IT Governance 

At mature organizations, The CIO is the business executive to participate in strategy planning. Cloud Computing is a delivery mechanism, Cloud governance would be a subset of IT governance without doubt,  it’s critical piece of the overall IT GRC, and business governance as well.

  • In order for a cloud initiative to succeed, a clear governance model must be in place and tied to the greater IT risk management and controls regimen, which should certainly be within the CIO's sphere of control. If the goal is to expand the extent to which the cloud is utilized within an organization, the manner in which these controls are implemented take on an even greater importance. In fact, forward-looking CIOs will be more focused on SLA management and creating better IT-enabled business models.   
  • IT plays critical role in governing innovation, financial resource and risk management. IT as mature business function would be expected to drive business innovation. This is one aspect which would be most difficult to govern but would be essential part of business goals. Second would be governance of financial resources from perspective of effective chargeback & transparency in terms of cost of IT services for each business services. Third would be governance of risk management since IT becomes more part of strategic initiative of the companies. The risk management would have completely business case focus rather than IT focus. Don't confuse the same with contract, legal & compliance rather, it’s integrated with the way you do business. 
  • Establish holistic governance across disciplines spanning the entire IT value chain: IT strategy, architecture, project and portfolio, application lifecycle, infrastructure and data, vendor and sourcing, service lifecycle and modern SMAC technologies. Technologies within organizations could be one of the agendas for many big organizations to collaborate their geographically dispersed structure and talents. As a result,  governance principles need to be assessed, evaluated and modified to address these trends

2. CIO as the Right Role to Manage Cloud/IT Vendor Relationship

So who actually "owns" the relationship with the Cloud Application vendor? Is it IT or the business function that is consuming or responsible for delivering the service? Certainly the cloud apps need to meet security and scalability standards, but after that has been defined, who selects the vendor and ultimately manages that relationship?

  • CIO should be the right role to manage the IT vendor relationship in high mature organization, since most of the cloud applications (Usually the IT leaders hand pick the first tier of applications to move to the cloud by leveraging the cost, security and speed) are the subset of IT application portfolio, on the other hand, many SAAS applications such as marketing automation tools maybe purchased by functional department, so who would be the real owner of them. Well, it may need to have collaboration between functional silos. Overall, centralized IT (including cloud) management delivery could improve the usage, cost efficiency, build up the standard, and reduce the duplicate.  
  • The CIO's main job will revolve around vendor/provider management, project management, championing the art of the possible, and the successful contributing technology to business ROI. This is going to be increasingly critical to the success and operations of the future IT infrastructure and operations such as risk & security management, compliance, SLAs, etc. 
  • Cloud solution and vendor relationship is ‘structural” management effort: IT Professionals are good at solving problems related to structure like the pumps and pipes of information (Process/Technology)....but also other professional who focus on other type of problems, have capabilities which are not purely structural. Note that each business function have a distinct set of capabilities going from process care to .... seduce the customer. IT needs to streamline cloud management to optimize overall business capabilities.  
Thereof, governance is definitely relevant for CIO role, he/she is at the right position to orchestrate Cloud solution with strong GRC discipline, manage cloud vendor relationship with long term strategy to help organization gain competitive advantage.  

0 comments:

Post a Comment