Roles and Accountabilities
Define roles and responsibilities, and delegate authority and accountability for aspects of the governance of IT. Establish mechanisms to hold such individuals or groups accountable for decisions, actions, and performance.
Improvement Planning
Practices-Outcomes-Metrics (POM)
Representative POMs are described for Roles and Accountabilities at each level of maturity.
- 2Basic
- Practice
- Define basic roles and a limited set of responsibilities for IT governance.
- Outcomes
- There is growing understanding of the importance of IT governance, with some key decision makers involved at the outset.
- There is some ability to set targets and measure progress against them.
- Metrics
- # of IT governance roles defined.
- % of IT employees fulfilling allocated IT governance responsibilities.
- % of business unit employees fulfilling allocated IT governance responsibilities.
- Practice
- Establish some delegation of authority and accountability for a limited set of IT governance activities, as is appropriate to the organization's context.
- Outcome
- Some high priority delegated decisions are performed in a transparent manner.
- Metrics
- % of IT employees with delegated authority for IT governance.
- % of business unit employees with delegated authority for IT governance.
- Practice
- Establish a basic set of mechanisms to hold individuals to account for key aspects of IT governance (e.g. decisions, performance, actions).
- Outcome
- Some individuals to whom authority and accountability for key aspects of IT governance have been delegated may be held to account, but not always in a consistent manner.
- Metric
- % of individuals with delegated authority/accountability who are held to account.
- 3Intermediate
- Practice
- Formalize and document roles and responsibilities for IT governance.
- Outcome
- There is clarity on where responsibility lies, and there is ability to make appropriate business judgements, and set and monitor goals and targets in respect of the responsibilities of individuals, IT, and other business units.
- Metrics
- # of IT governance roles defined.
- % of IT employees fulfilling allocated IT governance responsibilities.
- % of business unit employees fulfilling allocated IT governance responsibilities.
- Practices
- Delegate authority and accountability for IT governance to appropriate IT and business stakeholders as required.
- Document this in a charter and via industry mechanisms (e.g. RACI matrices).
- Outcome
- Most delegated decisions are performed in a transparent manner.
- Metrics
- % of IT employees with delegated authority for IT governance.
- % of business unit employees with delegated authority for IT governance.
- Practice
- Define, use, and act upon a detailed set of mechanisms to hold individuals to account for key aspects of IT governance in most instances (e.g. performance and conformance evaluations).
- Outcome
- Individuals to whom authority and accountability have been delegated for key aspects of IT governance are held to account in most instances.
- Metric
- % of individuals with delegated authority/accountability who are held to account.
- 4Advanced
- Practice
- Ensure that roles and responsibilities for IT governance are staffed by competent individuals across the organization.
- Outcome
- Organization-wide clarity on roles and responsibilities ensures that IT can be governed consistently and effectively across the entire organization.
- Metrics
- # of IT governance roles defined.
- % of IT employees fulfilling allocated IT governance responsibilities.
- % of business unit employees fulfilling allocated IT governance responsibilities.
- Practice
- Delegate authority and accountability for IT governance to appropriate stakeholders across the organization as required, who are enabled to work with appropriate autonomy and responsiveness to the changing business environment.
- Outcome
- All delegated decisions are performed in a transparent manner.
- Metrics
- % of IT employees with delegated authority for IT governance.
- % of business unit employees with delegated authority for IT governance.
- Practice
- Use and act upon the mechanisms to hold individuals to account for key aspects of IT governance in all instances.
- Outcome
- Individuals to whom authority and accountability have been delegated for key aspects of IT governance are held to account in all instances.
- Metric
- % of individuals with delegated authority/accountability who are held to account.
- 5Optimized
- Practice
- Continually review and improve the roles and responsibilities for IT governance based on lessons learned and insights from business ecosystem partners.
- Outcome
- Dynamically adjusting roles and responsibilities to reflect new learnings and insights enables IT to always be governed consistently and effectively.
- Metric
- Frequency of review and update of roles and responsibilities.
- Practice
- Continually review the delegation of authority and accountability for IT governance for its effectiveness, and improve it as appropriate.
- Outcome
- Delegation of authority and accountability is always appropriate and effective.
- Metric
- Frequency of review and update to authority/accountability delegation.
- Practice
- Continually review and improve the mechanisms to hold individuals to account for key aspects of IT governance based on lessons learned and insights from business ecosystem partners.
- Outcome
- Accountability mechanisms are kept up-to-date and relevant, and are based on new learnings and insights.
- Metric
- Frequency of review and update to accountability mechanisms.