Contributed by: Christian Weichelt
A yearly health check-up does not improve your physical constitution – it only gives you an idea of where you are. The same is true for the efforts many organizations have to undergo when it comes to compliance with IT related regulations – be it external or internal. Testing for compliance can be very expensive but still does not improve it.
In real life it takes a healthy lifestyle to get good and predictable results at the medical check-up. For organizations the equivalent to a healthy lifestyle is a sound IT governance – which means clear guidelines and rules on how to run, grow, and transform the IT landscape. The Gartner EA Summit in London showed that when it comes to EA governance, it is all about the processes that are in place to produce a favorable outcome called compliance. Speaking to one of the analysts personally we called this: compliance by design. This is comparable to manufacturing: You cannot test quality into a product, you can only produce it.
Now what does it take to implement compliance by design? From my perspective it takes an EA approach that focuses rather on the design and the support of processes than solely on the data. This requires to understand, reflect, and coordinate the tasks and responsibilities that belong to a specific process. By doing so, organizations will gain process transparency which does not only help them to forecast the outcome of the next compliance health check but lets them take adequate and planned action beforehand if needed.
This is why time matters – or how Gartner puts it: The times of stateless models in EA are over. For enterprises the issue is not so much their current compliance. The issue is: What is the impact of today’s IT investment decisions on my future compliance and future risk. And how to get there?
Therefore, a health check is a good way to start to get insight into the current constitution. But more important is to plan where and how to take it from there. This ultimately transforms the behavior into a healthy, sustainable lifestyle. This is why the processes are so important when it comes to Business IT Management and why their sensible transformation will lead to better results than sporadic health checks.
Recent Comments