Your Client’s Business Asset, “Information”, Is it Under Control?
How important is information for their organization? How crucial is information to their survival? How crucial is information for their success? Is information “just” an internal resource that supports their primary processes, or is it (part of) their product/service? The answers to these questions will inform how much time and money your client can justify spending on managing information as a valuable business asset.
Taking a high-level governance perspective, I’d suggest two major questions that your client’s board of directors should consider:
- Are they spending an appropriate amount of time and money on information (as opposed to other business assets, such as people?
- Is this time and money well spent?
Assuming that these questions have been answered satisfactorily, let’s drill down to the next level and quiz their business managers on time and money well spent… by asking them:
- How well do you identify the information that your business needs?
- How well do you acquire and manage IT services that fulfill (part of) your information needs?
- How well do you implement and manage the non-automated part (e.g., manual procedures) of your information systems?
- How well do you use your information systems?
The fourth question is often the weakest link in the chain. By this time, they have spent gazillions on creating information systems, with plenty of potential, but the actual value of this potential is only realized when their information systems are used effectively and (hopefully) efficiently. But, who is responsible for ensuring effective and efficient use? Has this, and the other three topics, been left to chance? Or, have they been organized? Can the board of directors and top management demonstrate that they are governing and managing information appropriately?
If their business managers—yes, information management is their responsibility—struggle to come up with the right answers, then they might like to take a look at the following three standards and frameworks to identify which areas need attention.
- ISO/IEC 38500 helps define standards for corporate governance of information technology in order to “promote effective, efficient, and acceptable use of IT in all organizations.”
- COBIT® 5 helps “create optimal value from IT by maintaining a balance between realizing benefits and optimizing risk levels and resource use.” It addresses demand, supply and use of information and related technology.
- BiSL® helps “organizations to adopt a professional approach to the management of their business information.” Whereas, COBIT 5 is an overarching framework that addresses demand, supply and use of both information and related technology, BiSL focuses on information rather than technology. And on demand and use, rather than supply.
Used selectively and in combination to address specific needs, these standards and frameworks help demonstrate that the organization has its valuable business asset… information under control.
Need more information? Please contact ITpreneurs.