Paul A. Strassman
02/27/95
Until recently, the dominant model for managing information within an organization was a command and control hierarchy, where the access to and distribution of information was administered by a privileged technical elite. They established a monopoly position over the production and distribution of that information and dictated how information technologies were used.
Of course, the days of rigid hierarchy are over. As information technology becomes more ubiquitous and distributed systems gain wider acceptance, the democratization of information accelerates. To be more responsive to the customer and to become more nimble competitors, companies have driven access to information and decision-making capabilities deep into their organizations. This transition from central hierarchies has resulted in master architectures, standard technological choices and uniform business practices becoming virtually unmanageable.
How information systems managers respond to these chaotic changes will determine, in part, how well their companies perform in the future. To adapt to this new environment, senior IS managers must embrace a new discipline that elevates the politics of information to the status of serious analysis. Specifically, they must create new institutions and processes, including formal "information constitutions," to cope with the fundamental changes in how organizations manage information.
After 20 years of examining the facts, I have concluded that the lack of correlation between computer investments and operating results is largely attributable to differences in the ways organizations govern themselves. The superior performers do not waste people and technology to conduct mostly intraorganizational transactions but instead deploy information technology almost exclusively where it creates customer value.
Therefore, managing IS should be, first and foremost, a matter of governance and only secondarily a matter of technology. Governance describes what information management should be all about: the allocation of control over the creation, distribution and use of information. Without a generally accepted understanding of the complex organizational relationships and a means for resolving internal disputes, an IS manager will divert his energies to dealing with internal coordination instead of focusing on value-creating external opportunities.
This new environment requires organizations to distinguish between information management and information technology management: The former is concerned with governance, while the latter focuses on providing technical solutions for specific business needs. Delivering appropriate information technology is (and should continue to be) the responsibility of the chief information officer. But in the new era of fully distributed systems, the CIO typically is not the person responsible for information management. Instead, every manager must become an information manager with some say over the governance of that information.
The CIO should manage the technical aspects of governance such as establishing standards for open systems or database management. Every manager who is accountable for business results should be responsible for the business aspects of systems design and for the operating performance of information systems.
Note that federation is different from confederation, in which elements unite for a common purpose without giving up any sovereignty. In a confederation, or a league, all authority remains with the units unless they agree to delegate specific roles to a collective body. NATO is a confederation because individual states have retained all rights to decision-making.
Consider IBM's recent vacillation between a federated and confederated form of organization, which exemplifies the damage an organization can suffer. Under the leadership of John Akers, IBM reorganized into independent strategic business units, abandoning the idea of offering corporatewide systems and integration capabilities. The ensuing chaos about roles and missions, especially with regard to the handling of major customer accounts and coordination of geographically decentralized national units, largely paralyzed the entire corporation into competitive unresponsiveness and rapid market share erosion.
Some corporations claim to be federations but actually operate as confederations. A confederation exists when a consolidated corporate information organization is divided among the individual business units while a small corporate staff is retained with a largely undefined and emasculated mission. In this scenario, a CIO with the task of accomplishing federation goals cannot succeed, regardless of how much he can influence the optimization of computer operations.
Federation governance follows the principle that everything not retained under a constitutionlike process is automatically delegated. In a federated structure, computer systems managers at headquarters would concentrate only on those decisions that concern long-term, enterprisewide interests, as defined by the rules of the federation. The accountability for everything else would pass to the next echelon, or layer, which may be a group or division. Likewise, that group or division would delegate lower-level responsibilities to regions, districts, branches and teams. In this way, everyday operations would not be hindered by higher-level interference, and accountability for delivering results would remain unambiguous. Each layer in a federated organization should retain only as much coordinating authority and funds as are necessary to perform the assigned tasks.
I have spent much time preparing organizational charters, conceiving architectural reference models, drafting statements of principles, issuing declarations of information policy goals, preparing statements of responsibilities and generating corporate standards manuals. Most of these approaches cannot adequately resolve lingering corporate conflicts. Organizations can resolve conflicts only through a formal governance structure that ensures a consistency among general organizational pronouncements, measures of performance and the division of budgets to correspond with the proposed work.
We could adapt the federalist thinking of Thomas Jefferson, James Madison and John Adams to make autonomous, knowledge-based organizations viable in an increasingly interdependent world. The founding fathers conceived a master plan to endow a new nation with principles that have endured as the nation has evolved from an agrarian society to a postindustrial global power. This model enabled the U.S. to be transformed from a monarchy into a layered political system that continues to rebalance national, state, local and individual interests. The same model can help IS managers move to a fully distributed information environment.
An information constitution follows the principle of layered governance. There should be formal principles of conduct at each level in the organization. At most, an information governance structure should consist of seven layers: personal, local, application, business, process, enterprise and global (see "The Seven Layers of a Federated Organization," opposite page.)
Of course, every organization is unique, and there is no such thing as a standard information constitution. But the seven layers will likely capture all the important relationships within the organization, from the highest-level intercompany relationships to the relationship between an entry-level employee and his supervisor.
The objective of information governance is to place the maximum re- sources needed for short-term flexibility, adaptability and innovation as close as possible to the local level. Long-term interests - especially those that require a major, sustained commitment of resources - should be near the enterprise level for control and funding. For example, local operators should manage the selection of report formats and training methods. The design of network control, information security policies and standard systems design tools development and data dictionaries should be managed at a higher level.
To establish information governance, companies must do much more than just assign levels of responsibility to businesses, functions or processes. They must create institutions that are in many respects equivalent to those found in the legislative, executive and judiciary branches of the U.S. government to provide a comprehensive system of governance.
In most corporations, the role of the legislative body is best constituted within the corporate operating committee. This committee will most likely appoint a number of subcommittees to deal with particularly difficult issues such as security, standards, outsourcing and long-range planning. The executive body should consist entirely of managers with profit responsibilities who may then choose how they wish to be served. The independent corporate judiciary role should fall to the auditors, who must be able to assess reliability and security as well as standards of performance.
Who gets what data, and who converts that data into information?
Who balances the competing interests of the policymakers and those responsible for implementation?
Who will benefit from the free availability of information?
Who will manage the long-term information management commitments that are essential for delivering information superiority?
Who will make what decisions? Why, how and when?
Here are some more complex questions:
How should my organization deal with the enormous expansion of the capabilities of individuals and autonomous units?
How does this work when each unit or individual is seeking a unique solution to a problem?
If working together requires cooperation and compatibility, how do we avoid excessive coordination costs?
How should my organization stimulate local initiatives while balancing the needs for interoperability and standardization?
How can information be shared when local operators prefer to avoid disruptive interventions from corporate staff or higher levels of management?
How should our staff be encouraged to improvise short-term solutions while preserving the long-term benefits of a vast existing organizational knowledge?
How should our organization establish responsibility and accountability for systems implementation when central control is impractical?
The answers to these questions will result in a new understanding of information governance and the rudiments of an information constitution. Of course, the choice of governance principles requires care and deliberation. Because people will have to commit to live by these principles, the politics of information governance must become the politics of open covenants that are openly negotiated, tolerant of diversity and respectful of staff morale. People, after all, are the only ones who can make information technology productive.
Paul A. Strassmann's 40-year career in IS management has included posts as IS chief at General Foods, Kraft and Xerox. From 1991 to 1993, he was director of defense information for the U.S. Department of Defense. This article is based in part on his 1995 book, The Politics of Information Management, which is available from The Information Economics Press at (800) 800-0448. You can reach Strassmann on the Internet at questions@strassmann.com
As companies move away from a traditional hierarchical structure, IS managers need to rethink the politics of information management.
Governance describes what information management is all about: the allocation of control over the creation, distribution and use of information.
GOVERNANCE PRECEDES ALL ELSE
Governance is the art of exercising power and achieving corporate consensus. Without consensus, IS managers cannot create information superiority, which I define as the capacity to increase economic value faster than the competition.
For instance, before senior IS management can align information technology investments with business plans, it must devise a universally accepted method of resolving disputes, such as how much autonomy a division should have. Without conflict resolution, business units and individuals will persist in competing for funds, resulting in ineffective, redundant and possibly counterproductive information technology projects.
Similarly, business process improvement projects cannot proceed safely if there are too many unsettled questions about authority and business priorities. For example, does a production foreman have the authority to modify production schedules to cope with local irregularities?
Governance allows companies to optimize the allocation of IS resources. And without governance, there can be no operational excellence. Resources will be wasted on nonvalue-added procedures, costs will go up, and productivity will suffer. The simpler the governance framework, the more likely workable systems solutions can be developed.
All organizations have distinct layers similar to the federal, state and local layers of the U.S. government. As in a layered federalist government, a layered organization should have a constitution, laws, policies and a judicial system to provide a framework for how employees should act and interact.
At most, any organization can be represented in seven layers:
A comprehensive system of governance calls for the creation of institutions that are equivalent to those found in the legislative, executive and judiciary branches of the U.S. government.