Governance Visualization

Reading Enterprise Architecture -creating value by informed governance.   The one take-away I’ve gotten so far from the book has been confirmation of Stafford Beer VSM’s concepts: the recognition that management and control within an enterprise need to be designed with the same discipline and rigor or more that are used for products and services.

Designing effective governance directly effects an enterprise’s ability.  In an environment and economy that demands that enterprises be flexible, adaptive, efficient and effective, having the appropriate governance system is a critical enabling factor.  Some of the spectacular business failures of the past decades have not been failures of product, production process or services.  These failures have been lapses of effective governance.  This goes beyond the financial and ethical scandals that have brought about SOX legislation.   One only needs to look at the issues that the US Government is going through.  Almost everyone is looking towards the government with frustration and wondering why it does not appear to be working or unable to get things done.  A simple look indicates a failure of governance by the very body that has been delegated that responsibility.   I bring these circumstances and events up as proof-points to my original premise; management and control have gotten complex enough in today’s environment that governance needs to be designed and built.

If I haven’t lost you reading this you’re asking now what?  What do I do if I buy your premise?  As an Enterprise Architect, the next step appears simple but is quiet hard: recognize that governance is a subsystem in the enterprise which is a system in the environment.  Usually Enterprise Architects spend significant time articulating how the value creation process is exposed by a product or service system.   Or Infrastructure Architects focus on creating the information system that enables or embodies this creation process.   However, the sub-discipline and practice of governance creation is still emerging as a practice within Enterprise Architecture.

The diagrams below are but one visualization method on how governance can be displayed.  While overly simplified, I find this method clear and concise to communicate in a less jargon filled discussion.  The first diagram illustrates how the management system aka governance reacts with both the environment and operations.  The management senses the environment and operations and sends control instructions to operations to adjust to environmental needs.  In this context environment is the ecosystem that the business operates within.

In this second illustration the system is diagramed in more detail showing how the management system is partitioned is to sub-control activities and the mechanisms (triangles) used to coordinate activities.   This does not take the place of business rules, charters, and other textual representations of governance, however, it does enable visualization on how the components interact as well as help identify gaps in governance.


EA Governance Modeling

One of the issues about governance topics that seems to come up all the time is just how to visually represent it.  Often governance seems to be displayed as a set of rules and responsibilities some body or person is held accountable for.  However, that seems to only address the legal or accountability aspects of governance, not the process or system to govern.  Nor does a text based document effectively relate how various components interact with each other to provide and support governance.

During 1996 I was introduced to Viable Systems Models created by Stafford Beer.   I used VSM during that year to model various forms of governance models. Later these models were converted to dynamic systems models to simulate in ITHINK to determine consequences both long and short term of various alternatives.  The simulation results provided justification for picking a particular alternative.   Of more importance the various models provided a means of dialog between decision makers to explore the alternatives based upon various priorities and other potential effects.

This has yield the need to evaluate alternatives using some form of multi-variant analysis.  Bayesian analysis appears to be able to address this requirement.

SharePoint Salon: I.T. and SharePoint Governace

Last night friends and colleagues gathered at the Hilton during the SharePoint 2011 conference in Anaheim for 2nd SharePoint Salon.  During the event several topics were brought to the table to discuss.  It was, as the last Salon, exhilarating to engage in exchanges of ideas and opinions.   Many of the participants were just as passionate in their opinions and conversation engagement as I am. 

The conversations while initially meant to focus on a few key issues in greater depth: I.T. and SharePoint Governance; Information Management/Taxonomy Creation; to name two.  During the rolling conversation group members chimed in with various perspectives:

Owen Allen brought forth the question if governance is to be effective it has to be more than a single ten letter word meaning permissions.  It needs to be divided into several more buckets.  This generated an interesting discourse between the strategic and tactical sides of the issue.  What is governance?  From the tactical perspective or what End Users see, it appears as what I would label enforcement.  “Just tell me what I can and cannot do” Susan Hanley,Essential SharePoint 2011, would say.   I, taking what could be viewed as an opposing view, strongly advocated governance needs to be more than just the rules of the road.  Having authored the framework for Microsoft’s I.T. in the mid to late 90s, put forth that the process of how and who makes those rules is the major part of governance which is often ignored in an effort to get to something practical that people can do. 

I see the cause for shortcutting governance creation has a lot to do with domain expertise and knowledge boundary gaps.  To build an effective I.T. or SharePoint governance two knowledge domains are needed or fused together; Business and Technology.  During the mid-90s the Microsoft CIO put forth a vision of the organization being Business Technologists.  The problem was then that most of the organization was populated by technologists and very few business oriented staff.  As such the results of asking to put forth a governance from prior staff always resulted in a set of permissions or rules, not a process on how to actively determine, deploy, enforce, monitor and adjust those rules. 

The model I put forward –which Peter Weil later described as one type of governance strategy in a brilliant book on IT Governance–is based on what I’m proud to credit America’s Framer’s work the United States Constitution.  I spent several weeks translating governance of the country concepts to governance of Information in an Enterprise.  This insight came to me years prior during my tenure at IBM as one of the underpinning concepts in an AIAA White Paper I presented “Enterprise Linguistics”.  During that time I used discipline jargon in a lose analogy to languages throughout the world.  Within an enterprise you have many countries: Executive Suite, Finance, Manufacturing, Engineering, IT, HR, etc.  This aha had me relate these countries or states to a federated model that enabled local decisions within the local domain and central decisions at a central domain.  [I am grateful to my high school social studies teacher, Mr. Frogue, for engaging me in several active discussions on governance decades ago.  You never know what knowledge you’ll pick up and apply in the future]. That had me see the relationship between the constitution and I.T. management in a clear light.

Below, is a snapshot of the model presented years ago.  Owen here is my suggestion for the buckets you seek.


Governance Framework: Mechanisms for Information Management and SharePoint

Much of the Governance Models I’ve seen as of late still focus heavily upon how to set permissions in SharePoint.  In previous blog post I stated I don’t believe this is governance but rather the enforcement end of governance.  It this posting I’ll address some of the aspects of establishing a governance.

 For me the initial question of governance boils down to what are your objectives for governing.  Sounds a bit of circular logic, hopefully I can clear that up.  There is a business reason for having SharePoint deployed unless it’s just a technical toy, a let’s see what it can do pilot or a use it because we have it for free.  These are variations of a solution looking for a problem.  My recommendation is to go get some coffee, put your feet up with several other and brainstorm what and why you want to use it, if not go to a technology briefing to see the technologies possibilities and then brainstorm.

 When I look at SharePoint I see features that could enable two key organizational capabilities:

  •  Information Management
  • Workflow

 Information Management is a broad topic and there are various aspects to it.  SharePoint is not and out of the box solution for such.  It has some new features in 2010 that are still, for lack of a better word, primitive.  However, so too are the organizational competencies that SharePoint would help to address.  Information Storage and Retrieval is only slightly better that desktop search as implemented in most companies that I’ve surveyed.  The rational for such is that companies are still trying to figure out how to organize their information.  While many companies have librarians, most of them are focused on hardcopy management or external searching not establishing information management policies and procedures.   Only recently have a seen job titles for taxonomists and information architects that are described in terms other than application UI/UX responsibilities.                  

 Workflows are another broad area, but most efforts I’ve been seeing are towards automating desktop procedures or routing documents for approvals.  It seems that all the value stream and process knowledge that corporations had built up in the past decade has been filed away or discarded mid-stream before benefits could be achieved.  We know seem to be on a path of bottom up vs. top down.  I believe either extreme is wrong.   Workflows or process automation and tracking has the possibility of integrating the silos that companies have had so much problem breaking down.  However, that takes effort to follow the value streams across the departmental boundaries.  Something I.T. organizations have been assumed to have the charter, but often end up structured as the departments working with resulting in becoming silo’d themselves.  Think about your I.T. organization most seem to be structured into Infrastructure and then application areas (finance, marketing, engineering, manufacturing, etc.)  This is a counterforce to breaking the silos corporate executives would want to have happen.  This is not however and I.T. problem so much as a corporate governance problem.

 Having set the content here are a few of the mechanisms I had implemented that over time have put some organizations on the path.

 First, Information Management governance is not about permissions as previously stated.  IM Governance and its implementation in SharePoint is about having an executive decision function that determines the policies and procedures on how information is to be managed.  Issues like what is a record, who is responsible for creating them –though most people create them without knowing.  How and where information should be storage throughout its lifecycle, cradle to grave.  Policies and procedures such as this eventually drive SharePoint permissions.  Some of these issues require both Human Resource and Legal department input to help develop as well as procedures/processes to ensure compliance.

 Next Workflow issues should be looked upon from a broader perspective.  How should smaller workflows and the information they carry be joined together.  I recently witnessed an organization that had several workflows automated, sounds great so far.  Upon inspection, much of the information was not only overlapping but feed the next departments process.  Sounds like a great candidate to link together right?  However, the structures that carry the information and the representations of that information were incompatible.  However, the results from one department’s work were get this manually rekeyed into another similar but different workflow.  Thus what could have been a streamlined process is human bridged multiple times resulting is all the issues with manual transcriptions.

 The governance mechanism I used is some other organizations was to have workflows (processes) diagramed and cataloged, along with the data, purpose and context of the information.  This became the role of the Business Architecture Group and the review board.  While it may seem like a bottleneck and it could become one.  The Business Architecture Group was a meta-data management function about corporate information as well as an advisory function for application development.  They did not have the authority to stop development from building applications, but they could advise as well as recommend to the CIO that applications be revised or changed based upon reviews.  This prevented Business Architecture from holding up development until they approved any plans.

 Through publishing the catalog and information library, having a policy that developers should check the catalog while designing applications this created a system where common information elements where continually developed and exploited. 

 These few mechanism have put some organizations ahead of their competitors in using information as a competitive edge.

I.T. Governance / SharePoint Governance

Had great discuss with my friend Owen Allen, last night that help me remember and crystalized some the concepts and principles I remember putting together when I developed the IT Governance in the mid-90s at Microsoft as part of establishing an internal Enterprise Architecture Practice.  Some of the points I was making back then and today when I’m speaking at SharePoint Saturdays is about the difference between governance and enforcement. 

Today most of the discussions around governance are addressing how to set permissions and access to sites.  Who can access, who can update, who can delete.  In my perspective, activities around setting these permissions are the enforcement end.  The analogy is to say that the police govern us.  As far as I know that isn’t the case.  Police enforce the laws that the governance produces. 

 With that premise, the model I put forth to Microsoft back then was to use the US Constitution as a model for governance.  Most of my peers back then were intrigued on how I would merge what they called politics with Information Technology.  However, when you look at how businesses operate there are a lot of politics around setting strategy and operating agendas, so too with how to manage the I.T. function.

 Questions like who should decide who has access?  Where should money be invested?  Who should information be managed? And how to make these decisions are all the real content of governance.  The end result of putting together the systems and processes to support these types of decision-making is what I would call governance.  When I proposed some of these structures, I was initially met with some skepticism and questions about complexity.  My reply was look at how you handle money decisions in corporations, should information, the corporation’s means to control itself be managed any less seriously.  Fast forward a few years Pete Weil releases his book on I.T. Governance confirming much of what I had proposed, but the effort remained a slide note in I.T. maturity.  Enter the InforGlut, AIIM, SharePoint, Cloud, and other information management issues–despite the diversion of switching technologies; shared drives to project sites, on-premise to cloud, etc.- and now governance.  As I continue outlining my chapters for my Enterprise Architecture book, the methods and tools I kept internal to my EA practice seem to be more important to codify and distribute in the coming months.  

I’ll be at SharePoint 2011 October in Anaheim, the Sunday before, with friends and peers at what we’ve called a SharePoint Salon working to explore and codify these ideas