IT Governance Project in Geneva Industrial Services - Essay Example

IT Governance Project in Geneva Industrial Services  Number of words, excluding contents, introduction, conclusion, references and appendices - 2150 Contents Introduction 3 1. Description of organisation 3 2. Why the project was developed 4 3. The project’s IT Governance model 5 4. How the model operates 6 5. Evaluation of the project’s success or failure 8 Conclusion 12 References 13 Appendix A. Distribution Management Domain Model (IEC 61968) 15 Introduction Nowadays the sustainability and the growth of business of many companies strongly depend upon Information Technologies (IT). Researchers and practitioners in the IT area confirm that today it is nearly impossible for executives neither to ignore nor to delegate decisions related to IT, as they were able to do even one decades ago. Needless to say that under such conditions the organisational focus on IT has become more specific. IT is demanded to provide secure, accurate, reliable information and knowledge to the right person, at the right time, at the right place. In addition, IT also has to ensure business values for business and considerable return on investments, as well as to provide assessment and mitigation of IT risks. All of these points make clear the importance of the IT Governance, aimed to support an organisation’s business strategy achievement through taking full advantage of its information. In this paper we discuss the IT Governance case study of the Swiss national energy supplier Geneva Industrial Services. The company has managed in relatively short period of time (about 1.5 years) to organise the successful IT Governance system for it electricity Distribution Management System (DMS), creating sustainable competitive advantages and new opportunities for business development and growth. 1. Description of organisation Geneva Industrial Services (Services Industriels de Genève, SIG) is a state-owned organisation that renders services in electricity, gas, heating, energy and drinking water supplying; as well as in used water and waste processing and improvement, and telecommunications. Geographically the company operates in the Swiss Canton of Geneva. SIG was established in 1895; currently nearly 2’000 employees of the company work to supply the vitally important resources to 250’000 customers, ensuring high quality of its products and services (Glassey 2009). Since 1995 the company’s headquarters is located in Lignon. This IT Governance case study is focused on the innovative electricity Distribution Management System (DMS), introduced in the organisation. The case study is based upon the project presentation of Glassey at the e-CASE International Conference in Singapore (Glassey 2009) and on the report describing the SEAM method, which is laid at the heart of the SIG’s DMS (Wegmann et al. 2008). 2. Why the project was developed Glassey (2009) describes the SIG DMS as a set of software applications, around 30 at a whole, which support and control all business processes, carried out by the company in the electricity distribution area. So, first of all, DMS is an integrated IT system, strategy, informational and functional architectures of which should be analysed and designed thoroughly, aligning with the corporate strategy and business processes. Secondly, as a large electricity distributor, SIG has to comply with the governmental regulations on the electricity market. In 2007 the Swiss Parliament issued a new law on electricity provisioning, LApEI, aiming to make the electricity market more opened. According to the law, in purposes of price transparency energy providers must adhere to the “unbundling” principle, meaning an accounting separation of production, distribution and commercialisation activities. Yet, distribution of energy is regulated by the government (ElCom is the regulatory authority on the Swiss electricity market), which demands periodical reports on tariffs and customers from distributors. However, commercialisation regulation task is fulfilled by other authority, the Swiss Federal Competition Commission. To meet these requirements, the SIG had to redesign its business processes and organisational systems. In terms of IT system a separation of information flows and a redesign of architectures should be ensured. In addition, the customers’ access to the open market had to be provided in 2008. Besides, as any respectable company operated with a complex information system on the international level, SIG must comply with international standards, such as Sarbanes-Oxley Act of 2002. 3. The project’s IT Governance model IT Governance is ‘a framework for the leadership, organisational structures and business processes, standards and compliance to these standards, which ensure that the organisation’s IT supports and enables the achievement of its strategies and objectives’ (Calder & Moir 2009: 11). According to Guldentops (2004), effective IT Governance: Protects shareholder value; Makes clear that IT risks are quantified and understood; Directs and controls IT investment, opportunity, benefits and risks; Aligns IT with the business, influencing strategic opportunities; Sustains current operations and prepares for the future; Is an integral part of a global governance structure. (p.271) Reynolds (2010) agrees that in companies with good IT Governance, ‘the IT organisation is aligned and integrated with business, risks and costs are reduced, and IT helps the company gain a business advantage.’ (p.135) Ross et al (2006) consider Enterprise Architecture as a key component of IT governance, as it helps to achieve IT Governance’s objectives effectively. In a case of SIG, the Systemic Enterprise Architecture Methodology (SEAM) was developed and applied; it enabled to analyse an organisation “As-Is” on four levels (business, company, operation and technology) and to design new organisation “To-Be” (Wegmann 2002). In addition, the IT Infrastructure Library (ITIL), which is widely recognised as the framework, which helps organisations to realise the business value of IT services, was chosen by the SIG IT department to define services and formalise them in Service Level Agreements (SLAs) in relation to the companies’ different stakeholders (Wegmann et al. 2008). 4. How the model operates As it was mentioned above, this IT Governance project in SIG was mostly aimed at the reorganisation of processes and systems in order to separate distribution and commercialisation activities in the company’s electricity distribution management system (DMS). This in its turn would enable the company to comply with the new Swiss law (Glassey 2009). In the area of electrical and electronic technologies the International Electrotechnical Commission (IEC) is the leading organization for international standards. One of its standards, the IEC 61968, was used in the project, as it contains a lot of information that helped to define business functions and sub-functions, architecture elements, interfaces and abstract components of the DMS (see App.A). The SEAM method, used in the SIG project, has involved a formal describing of the company from different perspectives (strategy, structures, resources, processes, technologies) with the objective to answer the question: in what extent our information system is aligned to our business processes that contribute to our strategic objectives (Luftman 2003). On the basis of the description of the current situation (As-Is) the important decisions were made regarding to redesigning and rebuilding a new model (To-Be) on the four major levels, as it is described by Glassey (2009): 1. Business architecture. The analysis of such concepts as strategy, objectives, stakeholders, values and business processes allowed identifying several major business processes that are of great importance for SIG (e.g. asset investment planning or substation and network inventory), as well as the most important IT objectives, such as response to needs, interoperability, availability and quality of information, scalability, performance and specialization. 2. Functional architecture. For each new business process the main business use cases, objects and actors were defined. 3. Software architecture. The main data flows and dependencies between applications were defined. In addition, existing applications were evaluated, and it revealed several significant weaknesses, for example, a lack of integration between applications, or an ad-hoc reporting (e.g. by using Excel sheets). In the latter case many people even did not know that dedicated tools for reporting were available, or they did not know how to use them. 4. Technical architecture. This activity was related to analysis and redesign of networks, equipments layouts, databases structures, etc. As a result of the project today a new SIG DMS is globally aligned with the company’s current business and IT objectives. It is compatible with the IEC standards and serves for the SIG as a basis for compliance with the Swiss law. It also covers stakeholders’ needs, providing a single user interface to all relevant applications and usable standardized reporting tools. Thus, one can conclude that the main goal of the project – to organise good IT Governance for the SIG DMS has been achieved, because the new information system ‘ensures that IT strategy is aligned with business strategy; allocates IT investments budgets in accord with the business objectives; ensures that technology investment decisions are aligned with business goals; [and] provides high-level direction to create competitive advantages that parallel compliance processes’ (Gheorghe 2008: p.5). 5. Evaluation of the project’s success or failure The IT Governance was organised in the SIG Company as an important part of the corporate governance related to electricity distribution. Glassey (2009) emphasises that it is based upon three main pillars: Processes and policies that affect the way an organization is managed; Relationships between shareholders, management, directors, employees, suppliers, customers, regulators, and so on; Accountability and transparency. (p.11) SIG management has concluded that the project’s goal to achieve “good” IT Governance is achieved successfully. First of all, the reorganisation of business and information processes was fulfilled in order to separate distribution and commercialisation. Figure in the Appendix A illustrates the core method, by using of which such separation was provided efficiently. From 2009 SIG manages distribution and commercialisation activities separately, sending periodical reports to the Elcom regulation authority in compliance with the LApEI requirements (Glassey 2009). Moreover, the organised IT Governance gives the opportunity to develop the companys IT infrastructure further in accordance with the company’s needs and in response to business environment’s changes. The IT Governance Institute (ITGI) introduces four important elements against which a success of the IT Governance can be measured. There are two outcomes: value delivery from IT to business and IT risks mitigation, and two corresponding drivers: strategic alignment of IT Governance with an organisational strategy and performance measurement (Grembergen et al. 2004). Relationships between these four focus areas are shown in Figure 1. In order to evaluate success of the SIG project, below we discuss the current achievements in each of these areas: 1. Strategic alignment. According to Duffy (2002), strategic alignment is ‘the process and goal of achieving competitive advantage through developing and sustaining a symbiotic relationship between business and IT.’ (cited in Grembergen et al. 2004: 7). Figure 1. Focus areas of IT Governance. Source: Grembergen et al. 2004: p.19. From our point of view, the maturity level of strategic IT / Business alignment in the SIG Company has increased significantly as a result of the project. Without doubt, as a high-tech company, SIG relies heavily upon IT technologies in its business. But the project enabled executives and managers to recognise a strategic meaning of IT. If earlier IT was understood just as a supporting and service function, now IT Governance makes clear that there is only a single strategy in the company, which can be achieved by united efforts - both business and IT. 2. Business value of IT. In order to ensure maximum business value from IT, the SIG IT Governance is organised so that to meet various expectations from business, for example such as: to fit for business purpose; to be able to adopt future requirements flexibly; to guarantee required throughput and response times of IT systems; to guarantee required ease of use, resiliency and security; to guarantee required integrity, accuracy and currency of information (Guldentops 2004). In addition, such important outputs as technology standardisation of the SIG IT systems; compliance of management practices with national and international standards and laws; increasing of employee productivity and organisational efficiency due to the enhanced business processes and enhanced resource management; and increasing customer satisfaction were also provided as a result of the IT Governance project. 3. Risk Management. The organised IT Governance practice allows the SIG executives to manage possible risks more effectively, ensuring that: all business transactions are trusted; IT risks are analysed and assessed properly; internal risk control is implemented and its efficiency is monitored constantly; procedures to ascertain the transparency about the significant risks and to mitigate them are put in place; competitive advantage is created through a proactive risk management approach applying; IT services can resist attacks and recover from failures without big losses; and appropriate access to information is provided, at that critical information is protected safely. 4. Performance Management. In terms of performance management the SIG IT Governance provides and supports procedures of monitoring and measuring key performance indicators that verify the achievement of business and IT objectives, as well as provides comprehensive usable tools for both business and technological reporting. It is especially important to point out one of the major benefits, which is ensured by the new IT Governance system. These are Service Level Agreements (SLAs) and a supporting Service Level Management (SLM) process, which were based on the ITIL principles in the SIG project. Wegmann et al. (2008) define SLA as ‘an agreement between an IT service provider and a customer.’ (p.2) SLA describes ‘the IT service level, documents service level target and specifies the responsibilities of the IT service provider and the customer’ (Ibid.) The SLM process defines a SLA framework, which is responsible for establishing of SLAs, monitoring, problems encountering, reviewing, reporting and improving of SLAs (Grembergen et al. 2004). The organised SLM process helps the SIG managers to understand better their services’ features and values; customers’ benefits; the company’s responsibilities in delivering services; critical issues related to services. In its turn all of these provide a higher quality level of services, customer satisfaction, and a sustainable competitive advantage of the SIG business. Thus, the IT Governance project was successful; it created a great potential for the SIG Company to make dramatic changes in its business practices, and to create new opportunities for business development and growth. However, as any initiative related to organisational changes, the IT Governance implementation may cause a number of possible challenges, for example: Expenses and costs may be increased with new equipments purchasing and software systems developing, as well as with paying for consultancy and personnel training. Employees may likely show a resistance to reorganising processes and procedures. New technology implementation may cause a necessity to comply with new regulations. Dependence on information and the systems that deliver and process information may be increased significantly. Vulnerabilities and threats, such as cyber threats and information warfare may be also increased dangerously. Conclusion The SIG case study gives a good example of the IT Governance project; it illustrates well that in order to achieve success, companies should make well-founded, well-considered decisions concerning the choice of appropriate methods, processes, polices and relationships within the IT Governance area. The IT Governance should become an integral part of corporate governance, to be aligned with a company’s strategy, and, undoubtedly, it should be a responsibility of the Board of Directors (Grembergen et al. 2004). The SIG case study can be used by many other companies as a benchmarking tool, helping them to achieve business values through IT and use of its information. References Calder, A. & Moir, S. (2009) IT Governance: Implementing frameworks and standards for the corporate governance of IT. Ely, IT Governance Publishing. Gheorghe, M., Nastasey, P., Boldeanuz, D. & Ofelia, A. (2008) IT Governance in Romania: A case study. International Trade and Finance Association, Paper 35. [Online] Available from: http://services.bepress.com/itfa/18th/art35 [Accessed 09 December 2010]. Glassey, O. (2009) An IT governance case study: Distribution management system   In: International Conference on e-Commerce, e-Administration, e-Society, and e-Education (e-CASE), Singapore, January 8-10, 2009. [Online] Available from: http://en.scientificcommons.org/39652539 [Accessed 09 December 2010]. Grembergen, W.V., De Haes, S. & Guldentops, E. (2004) Structures, processes and relational mechanisms for IT Governance. In: Grembergen, W.V. (ed.) Strategies for Information Technology Governance. Hershey, Idea Group Publishing. pp. 1-36. Guldentops, E. (2004) Governing information technology through COBIT. In: Grembergen, W.V. (ed.) Strategies for Information Technology Governance. Hershey, Idea Group Publishing. pp. 269-309. Luftman, J. (2003) Assessing IT-business alignment. In: C.V. Brown & H. Topid (eds.) IS management handbook. New York, Auerbach Publications. pp. 7-19. Reynolds, G. W. (2010) Information technology for managers. Boston, Course Technology, Cengage Learning. Ross, J. W., Weill, P. & Robertson, D. C. (2006) Enterprise architecture as strategy: Creating a foundation for business execution. Boston, Harvard Business School Press. Wegmann, A. (2002) The systemic enterprise architecture methodology (SEAM): Business and IT Alignment for Competitiveness. Technical Report No. 200265. Ecole Polytechnique Federale de Lausanne. [Online] Available from: http://infoscience.epfl.ch/record/52486?ln=en [Accessed 09 December 2010]. Wegmann, A., Regev, G., Garret, G.-A. & Marechal, F. (2008) Specifying services for ITIL service management. Ecole Polytechnique Federale de Lausanne. [Online] Available from: http://infoscience.epfl.ch/record/126295 [Accessed 09 December 2010]. Appendix A. Distribution Management Domain Model (IEC 61968) Source: Glassey 2009, p.5 Read More