source of a variety of “extensions” to
everyone’s technology capabilities.
The best example of this is the application programming interfaces (APIs)
published by companies and individuals that make it possible for clients and their providers to extend the
functionality of applications quickly
and cheaply. But are all APIs OK to
use? Governance must extend well beyond the corporate firewall to include
policies and protocols for the use of
externally developed—yet powerful—
APIs and other software widgets that
can be used to enhance functionality. In addition to APIs and widgets,
the crowd can also provide expertise.
We are moving quickly toward a free-agent approach to selected corporate
problem solving. What if a company
must develop a dashboard, a process,
a chemical, or a drug? Should it turn
to the crowd? What if it moved its help
desk to the cloud and paid specialists
when they solved problems? Shared
governance is at least partially assumed by these trends.
Finally, note in Figure 4 the responsible/
RACI, playbook informed by the survey and interview data. The data suggests the participation scale—from
responsible to informed—has shifted.
Of special importance is the addition
of external stakeholders to the governance process.
The RACI playbook suggests the
enterprise is responsible (R) and accountable (A) for operational technology but less so for strategic and
emerging technology. It also suggests
providers are also accountable (A) for
operational delivery because so much
technology is now outsourced from
cloud providers. Partners and suppliers also play an important role in
operational technology selection and
Corporate functions and business
units are accountable (A) and responsible (R) for strategic and emerging
technology. This is a major change
from the governance of the 20th
century, when most if not all strategic and
emerging technology was governed by
the enterprise CIO.
Providers, partners, and the crowd
are now direct participants in tech-
nology acquisition, deployment,
and support through their consulta-
tive (C) and informed (I) roles, with
the exception of providers’ shared
accountability (A) for strategic and
emerging technology, due primarily
to the implications of the integration
and support of new technology. This
structure is new.
These findings and analysis indicate
governance is changing, “control” is a
concept morphing into collaboration
and participation, and participatory
governance will replace both the rigid
conventional governance structures
and processes of the 20th century and
even more-open “federated” structures of the early 21st century. Participatory governance acknowledges
expansion of the number of governance stakeholders, commoditization of technology, consumerization,
and the increasing practice of outsourcing operational, strategic, and
emerging technology. The data also
suggests the new business technology alignment opportunity is through
1. Agar wal, R. and Sambamurthy, V. Principles and
models for organizing the information technology
function. Management Information Systems Quarterly
Executive 1 (Mar. 2002), 1–16.
2. Andriole, S.J. Ready technology. Commun. ACM 57, 2
(Feb. 2014), 40–42.
3. Andriole, S.J. Boards of directors and technology
governance: The surprising state of the practice.
Communications of the Association for Information
Systems 24 (Mar. 2009), 373–394.
4. Brousell, L. IT Reorgs on the horizon. CIO Magazine
(Feb. 26, 2013).
5. Brown, C.V. Examining the emergence of hybrid IS
governance solutions: Evidence from a single case site.
Information Systems Research 8, 1 (1997), 69–94.
6. Brown, A.E. and Grant, G.G. Framing the frameworks:
A review of IT governance research. Communications
of the AIS 15, 38 (2005), 696–712.
7. Brown, C.V. and Magill, S.L. Alignment of the IS
functions with the enterprise: Toward a model of
antecedents. MIS Quarterly 18, 4 (Apr. 1994), 371–403.
8. Chan, Y. E. and Reich, B.H. I T alignment: What have
we learned? Journal of Information Technology 22, 4
9. Demirkan, H., Cheng, H., and Bandyopadhyay, S.
Coordination strategies in an SaaS supply chain.
Journal of Management Information Systems 26, 4
10. Dong, H., XU, S.X., and Zhu, K.X. Information
technology in supply chains: The value of IT-enabled
resources under competition. Information Systems
Research 20, 1 (Mar. 2009), 18–32.
11. Evaristo, J.R., Desouza, K.C., and Hollister, K.
Centralization momentum: The pendulum swings back
again. Commun. ACM 48, 2 (Feb. 2005), 66–71.
12. Feltus, C., Petit, M., and Dbois, E. Strengthening
employee responsibility to enhance governance of IT:
COBIT RACI chart case study. In Proceedings of the
ACM Workshop on Information Security Governance
(Chicago, Nov. 13). ACM Press, New York, 2009, 23–32.
13. McElheran, K. Decentralization versus centralization
in I T governance. Commun. ACM 55, 11 (Nov. 2012),
14. Peterson, R. Crafting information technology
governance. EDPACS: The EDP Audit, Control, and
Security Newsletter 32, 6 (Dec. 2004), 1–24.
15. Peterson R. Configurations and coordination for global
information technology governance: Complex designs
in a transnational European context. In Proceedings
of the Hawaii International Conference on System
Science (Wailea, Maui, Jan. 2–6). IEEE Computer
Society Press, 2001.
16. Peterson, R. Information strategies and tactics for
information technology governance. In Strategies
for Information Technology Governance, W. Van
Grembergen, Ed., Idea Group Publishing, Hershey, PA,
17. Peterson, R., Parker, M.M., and Ribbers, P.
Information technology governance processes under
environmental dynamism: Investigating competing
theories of decision making and knowledge sharing. In
Proceedings of the 23rd International Conference on
Information Systems (Barcelona, Spain, Dec. 15–18).
Kluwer Academic Publishers, Norwell, MA, 2002.
18. Rockart, J., Earl, M., and Ross, J. Eight imperatives for
the new IT organization. Sloan Management Review
(Oct. 1996), 43–55.
19. Sambamurthy, V. and Zmud, R. W. Arrangements
for information technology governance: A theory of
multiple contingencies. MIS Quarterly 23, 2 (Feb.
20. Teo, W.L., Manaf, A.A., and Choong, P.H.L Practitioner
factors in information technology. Journal of
Administrative Sciences & Technology (June 2013), 1–12.
21. Tiwana, A., Konsynski, B., and Venkatraman,
N. Information technology and organizational
governance: The IT governance cube. Journal of
Management Information Systems (Special Issue) 30,
3 ( Winter 2013–2014), 7–12.
22. Topi, H. and Tucker, A. B., Eds. Information Systems
and Information Technology, Volume 2 (Computing
Handbook Set). Taylor and Francis, Boca Raton, FL, 2014.
23. Ullah, A. and Lai, R., Requirements engineering and
business/I T alignment: Lessons learned. Journal of
Software 8, 1 (Jan. 2013), 1–10.
24. Wallace, M. and Webber, L. I T Governance: Policies &
Procedures. Wolters-Kluwer, Alphen aan den Rijn, the
25. Weill, P. and Broadbent, M. Leveraging the New
Infrastructure: How Market Leaders Capitalize on
Information Technology. Harvard Business School
Press, Boston, MA, 1998, 58–62.
26. Weill, P. and Ross, J. IT Governance: How Top Performers
Manage IT Decision Rights for Superior Results.
Harvard Business School Press, Boston, MA, 2004.
27. Weill, P., Subramani, M., and Broadbent, M. Building IT
infrastructure for strategic agility. Sloan Management
Review 44 (Oct. 2002), 57–65.
28. Weill, P. Don’t just lead, govern: How top-performing
firms govern I T. MISQ Executive 3, 1 (Mar. 2004), 1–17.
29. Winkler, T.J. and Brown, C.V. Horizontal allocation
of decision rights for on-premise applications and
software-as-a-service. Journal of Management
Information Systems 30, 3 (Jan. 2014), 13–48.
Stephen J. Andriole ( stephen.andriole@villanova.
edu) is the Thomas G. Labrecque Professor of Business
Technology in the Department of Accountancy and
Information Systems in the Villanova School of Business
at Villanova University, Villanova, PA.
© 2015 ACM 0001-0782/15/03 $15.00