Always start with the foundation: Governance is never optional

After previously dividing the realm of IT problems and projects into broad, high-level categories (the classic who/what/where/when), it’s a good time to dive into just one of these -- the question of “who.”  Specifically, “who” is empowered and has the authority to manage and solve certain kinds of problems -- or, put another way, who “owns” it and where precisely does the “buck stop?”

Over the years, I have seen confusion and contention in this area cause more problems and chaos (and often, massive failure) than any other category of problem, and it is sometimes surprising how little institutional energy and effort is devoted to the basic questions of governance.

For one example, I was brought in as the Director of Internet Strategy and Web Operations for a large regional healthcare organization. At the time, governance for web policy and operations had historically resided with the IT organization, but was in the process of moving to the Communications side of the house (and many of you may recognize this common scenario).  IT still felt that it “owned” the intranet and inward-facing systems, though was willing, in theory, to allow the Communications group governance over the public-facing websites and systems – but even there, some confusion and disagreement was present, over who owned content decisions versus who owned infrastructure and technology.  Add to this picture the usual complex internal politics, and you can imagine what a mess this can be, and was.

In the end, it took over three years to finally navigate both a political and policy path to clarifying the governance issue.  The first concrete accomplishment was the creation of a high-level governance document that clearly stated that in the web-technology realm, for both inward and outward-facing sites, there would be institutional policies, and those policies would be followed.  This may seem obvious, but it is incredible how many organizations, small and large, do not have this basic step in place.  Prior to this, for instance, there was no clear policy foundation to support the assertion that institutional groups could not host their own web servers and sites ... not good. Once you have a foundation of clear governance, everything else, from high-level policy to low-level process and implementation, can rest on that solid base. Without it, you’re building on sand.

Here is the core paragraph of the high-level governance policy that we ultimately crafted -- and the entire document was less than two pages long, in the interest of being clear, concise and easily understandable. Lower-level policies can hash out the details.

All web presences (including Internet, Intranet, Extranet and Social Media) which present themselves as official and legal representations of [organization] or its internal legal and organizational entities, shall adhere to the established standards, practices and policies of [organization].  These policies and standards include branding, logos, appearance, privacy and data security issues, use of intellectual property, hosting, web content, and technical standards.  Detailed policies and standards will be defined in accordance with the policy framework and process described in this document.

Simple-seeming, and utterly essential, but also, often, incredibly complex from an organizational point of view.  Further paragraphs in this document made clear who had responsibility and authority, and defined how policies would be created. I’ll write more on this in future posts, but in the meantime, I would love to hear your experiences -- how has governance, or lack of it, affected your efforts, and how have you grappled with this fundamental and universal issue?

Copyright © 2012 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon