Communications of the ACM

source of a variety of “extensions” to everyone’s technology capabilities. The best example of this is the application programming interfaces (APIs) published by companies and individuals that make it possible for clients and their providers to extend the functionality of applications quickly and cheaply. But are all APIs OK to use? Governance must extend well beyond the corporate firewall to include policies and protocols for the use of externally developed—yet powerful— APIs and other software widgets that can be used to enhance functionality. In addition to APIs and widgets, the crowd can also provide expertise. We are moving quickly toward a free-agent approach to selected corporate problem solving. What if a company must develop a dashboard, a process, a chemical, or a drug? Should it turn to the crowd? What if it moved its help desk to the cloud and paid specialists when they solved problems? Shared governance is at least partially assumed by these trends.

Finally, note in Figure 4 the responsible/ accountable/consultative/informed, or RACI, playbook informed by the survey and interview data. The data suggests the participation scale—from responsible to informed—has shifted. Of special importance is the addition of external stakeholders to the governance process.

The RACI playbook suggests the enterprise is responsible (R) and accountable (A) for operational technology but less so for strategic and emerging technology. It also suggests providers are also accountable (A) for operational delivery because so much technology is now outsourced from cloud providers. Partners and suppliers also play an important role in operational technology selection and deployment (As).

Corporate functions and business units are accountable (A) and responsible (R) for strategic and emerging technology. This is a major change from the governance of the 20th century, when most if not all strategic and emerging technology was governed by the enterprise CIO.

Providers, partners, and the crowd
are now direct participants in tech-
nology acquisition, deployment,
and support through their consulta-
tive (C) and informed (I) roles, with
the exception of providers’ shared
accountability (A) for strategic and
emerging technology, due primarily
to the implications of the integration
and support of new technology. This
structure is new.

Conclusion

These findings and analysis indicate governance is changing, “control” is a concept morphing into collaboration and participation, and participatory governance will replace both the rigid conventional governance structures and processes of the 20th century and even more-open “federated” structures of the early 21st century. Participatory governance acknowledges expansion of the number of governance stakeholders, commoditization of technology, consumerization, and the increasing practice of outsourcing operational, strategic, and emerging technology. The data also suggests the new business technology alignment opportunity is through participatory governance.

References

1. Agar wal, R. and Sambamurthy, V. Principles and models for organizing the information technology function. Management Information Systems Quarterly Executive 1 (Mar. 2002), 1–16.

2. Andriole, S.J. Ready technology. Commun. ACM 57, 2

(Feb. 2014), 40–42.

3. Andriole, S.J. Boards of directors and technology governance: The surprising state of the practice.

Communications of the Association for Information Systems 24 (Mar. 2009), 373–394.

4. Brousell, L. IT Reorgs on the horizon. CIO Magazine

(Feb. 26, 2013).

5. Brown, C.V. Examining the emergence of hybrid IS governance solutions: Evidence from a single case site.

Information Systems Research 8, 1 (1997), 69–94.

6. Brown, A.E. and Grant, G.G. Framing the frameworks: A review of IT governance research. Communications of the AIS 15, 38 (2005), 696–712.

7. Brown, C.V. and Magill, S.L. Alignment of the IS functions with the enterprise: Toward a model of antecedents. MIS Quarterly 18, 4 (Apr. 1994), 371–403.

8. Chan, Y. E. and Reich, B.H. I T alignment: What have we learned? Journal of Information Technology 22, 4

(2007), 297–315.

9. Demirkan, H., Cheng, H., and Bandyopadhyay, S.

Coordination strategies in an SaaS supply chain.

Journal of Management Information Systems 26, 4

(2010), 119–143.

10. Dong, H., XU, S.X., and Zhu, K.X. Information technology in supply chains: The value of IT-enabled resources under competition. Information Systems Research 20, 1 (Mar. 2009), 18–32.

11. Evaristo, J.R., Desouza, K.C., and Hollister, K.

Centralization momentum: The pendulum swings back again. Commun. ACM 48, 2 (Feb. 2005), 66–71.

12. Feltus, C., Petit, M., and Dbois, E. Strengthening employee responsibility to enhance governance of IT: COBIT RACI chart case study. In Proceedings of the ACM Workshop on Information Security Governance

(Chicago, Nov. 13). ACM Press, New York, 2009, 23–32.

13. McElheran, K. Decentralization versus centralization in I T governance. Commun. ACM 55, 11 (Nov. 2012),

28–30.

14. Peterson, R. Crafting information technology governance. EDPACS: The EDP Audit, Control, and Security Newsletter 32, 6 (Dec. 2004), 1–24.

15. Peterson R. Configurations and coordination for global information technology governance: Complex designs in a transnational European context. In Proceedings of the Hawaii International Conference on System Science (Wailea, Maui, Jan. 2–6). IEEE Computer Society Press, 2001.

16. Peterson, R. Information strategies and tactics for information technology governance. In Strategies for Information Technology Governance, W. Van Grembergen, Ed., Idea Group Publishing, Hershey, PA, 2003, 37–78.

17. Peterson, R., Parker, M.M., and Ribbers, P. Information technology governance processes under environmental dynamism: Investigating competing theories of decision making and knowledge sharing. In Proceedings of the 23rd International Conference on Information Systems (Barcelona, Spain, Dec. 15–18). Kluwer Academic Publishers, Norwell, MA, 2002.

18. Rockart, J., Earl, M., and Ross, J. Eight imperatives for the new IT organization. Sloan Management Review (Oct. 1996), 43–55.

19. Sambamurthy, V. and Zmud, R. W. Arrangements for information technology governance: A theory of multiple contingencies. MIS Quarterly 23, 2 (Feb. 1999), 261–290.

20. Teo, W.L., Manaf, A.A., and Choong, P.H.L Practitioner factors in information technology. Journal of

Administrative Sciences & Technology (June 2013), 1–12. 21. Tiwana, A., Konsynski, B., and Venkatraman,

N. Information technology and organizational governance: The IT governance cube. Journal of Management Information Systems (Special Issue) 30, 3 ( Winter 2013–2014), 7–12.

22. Topi, H. and Tucker, A. B., Eds. Information Systems and Information Technology, Volume 2 (Computing Handbook Set). Taylor and Francis, Boca Raton, FL, 2014.

23. Ullah, A. and Lai, R., Requirements engineering and business/I T alignment: Lessons learned. Journal of Software 8, 1 (Jan. 2013), 1–10.

24. Wallace, M. and Webber, L. I T Governance: Policies & Procedures. Wolters-Kluwer, Alphen aan den Rijn, the Netherlands, 2012.

25. Weill, P. and Broadbent, M. Leveraging the New Infrastructure: How Market Leaders Capitalize on Information Technology. Harvard Business School Press, Boston, MA, 1998, 58–62.

26. Weill, P. and Ross, J. IT Governance: How Top Performers
Manage IT Decision Rights for Superior Results.
Harvard Business School Press, Boston, MA, 2004.
27. Weill, P., Subramani, M., and Broadbent, M. Building IT
infrastructure for strategic agility. Sloan Management
Review 44 (Oct. 2002), 57–65.
28. Weill, P. Don’t just lead, govern: How top-performing
firms govern I T. MISQ Executive 3, 1 (Mar. 2004), 1–17.
29. Winkler, T.J. and Brown, C.V. Horizontal allocation
of decision rights for on-premise applications and
software-as-a-service. Journal of Management
Information Systems 30, 3 (Jan. 2014), 13–48.

Stephen J. Andriole ( stephen.andriole@villanova. edu) is the Thomas G. Labrecque Professor of Business Technology in the Department of Accountancy and Information Systems in the Villanova School of Business at Villanova University, Villanova, PA.