A lot of CIOs ask me how they can find out if corporate governance rules are being flouted in their organizations, and the ways in which they can guard themselves.
For this to happen, CIOs must ensure that the ticketing system in the organization is intact. Everything that goes into the production system must pass through the process, even if it comes from the CEO. If the CEO says that certain work needs to be done quickly, bypassing the process. Then, this must be entered into the process document itself.
For example, data that has been entered by the Finance function can also be deleted and overwritten. But the delete should be a logical one. This means that when somebody looks into the logs, he should be able to figure out the mistake, which was later corrected. This would also help people who audit the documents.
Most of the time, CIOs are requested to get applications developed for business functions. They do a complete technical analysis once the requirement comes in but do not carry out business impact assessment. For instance, by implementing a request from the HR, may be the Finance group would be adversely affected. This could lead to inter-departmental conflicts. But a CIO cannot gauge this because he focuses more on technology than on business.
Same is with HR. They also think their data is confidential. They don't want to share anything with Finance. And most of the time they are at loggerheads.
To amicably resolve this, there should be proper corporate governance in place, in the form of a function that permeates all departments in the organization. Also, CIOs must understand the business quite well because they work in a very heterogeneous and complex environment where data needs to move seamlessly across functions.
Hi, Rahul, thanks for sharing. In the era of digitization (or post), governance is even more critical and paradoxical than ever, since effective governance is all about bridging many silos which were built at the industrial age, for efficiency.
Now enterprise governance should ponder all perspectives of convergence, such as the cross-functional data, let it flow freely; the consumerization of IT and enterprise IT GRC., etc. EA could be the right tool for high-mature governance.