Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Technology Governance questions for NGOs,NFPs and Charities
1. Technology Governance Questions
Page 1 of 4
Dale Jennings Associates
www.dalejennings.co.nz
BACKGROUND
The original questions are from a McKinsey and company article published online at
http://www.mckinsey.com/insights/business_technology/the_do-or-die_questions_boards_should_ask_about_technology
You will need to register (for free) before getting access to this useful resource site.
The original questions are designed for larger commercial organisations but they are re-framed for a New
Zealand Common Good Organisation
A Common Good Organisation is any NGO, non-profit, more than profit, charity or other socially focussed
organisation. The term is taken from the Common Good Organisation Development model from Judith
McMorland and Ljiljana Erakoviƈ.
This development model is a useful tool for development and organisational design
More information and the book can be found at CGO transitions
http://www.cgotransitions.co.nz/
2. Technology Governance Questions
Page 2 of 4
Dale Jennings Associates
www.dalejennings.co.nz
McKinsey
Question
Common Good
Questions
McKinsey
Sub-questions
Common Good
Sub-questions
Thoughts
1: How will IT
change the basis
of competition in
our industry?
1: What do our
stakeholders
(separately and
collectively) expect
of our use of IT?
Who are our emerging
competitors?
How is technology helping us win
against traditional and new
competitors?
How can we use our technology to
enter new markets?
How does our technology
compare to that being used by
other agencies?
Are new players emerging
through effective technology use?
How can we use our technology to
offer new services? Obtain further
funding or contracts?
o If you seek contestable funding you have
competitors
o Will individualised funding bring more
competitive pressures to services?
o Three “customer” perspectives to
consider; contract funders, donors and
clients.
o Does technology have a role in supporting
the collaboration Government wants to
see?
2: What will it
take to exceed
our customers’
expectations in a
digital world?
2: What will it take
to meet or exceed
our client (or
donor)
expectations in a
digital world?
How does our customer
experience compare with that of
leaders in other sectors?
What will our customers expect in
the future, and what will it take to
delight them?
Do we have clear plans for how to
meet or exceed their
expectations?
How does our client and/or donor
experience compare to that of
What will client (or donor) needs
and expectations be in the future?
What will it take to meet them?
Do we have clear plans for how to
meet needs and exceed
expectations?
o How will the use of mobile phones change
the communication needs and
expectations of clients?
o Is our clients’ lack of access to the internet
an opportunity or a threat?
3: Do our business
plans reflect the
full potential of
technology to
improve our
performance?
3: Do our plans
reflect the full
potential of
technology to
reduce operational
costs and improve
client outcomes?
Has the P&L opportunity and
threat from IT been quantified by
business unit and by market?
Will our current plans fully
capture the opportunity and
neutralise the threat?
What is the time horizon of these
plans and have they been factored
into our future financial
projections for both business and
IT?
Has the financial opportunity and
threat from technology been
considered by organisational
function and by client service?
How do our current plans fully
capture the opportunity and
neutralise the threat?
What is the time horizon of these
plans and have they been factored
into our future financial
projections for services,
operational functions and
technology?
o Do all services or divisions the face the
same opportunities and threats?
o Different types of investment have
different lifetimes.
o How will we engage with the financial
challenge of moving to cloud - capex
funding to opex funding?
3. Technology Governance Questions
Page 3 of 4
Dale Jennings Associates
www.dalejennings.co.nz
McKinsey
Question
Common Good
Questions
McKinsey
Sub-questions
Common Good
Sub-questions
Thoughts
4: Is our portfolio
of investments
aligned with
opportunities and
threats?
4: Is our portfolio
of investments
aligned with
opportunities and
threats?
How well is our IT investment
portfolio aligned with business
value with regard to opportunities
and threats?
How well does the IT portfolio
balance short-term and long-term
needs?
Do we have effective value
assurance processes in place to
mitigate execution risk?
How proportional is our It
investment aligned with our
revenue sources?
How well does the IT portfolio
balance short-term and long-term
needs?
How does our change
management framework the
mitigate risks inherent in new
technology projects?
How do we “experiment” with
technology to maximise
opportunities and minimise risks?
o Balancing the short and long term needs is
critical. Rather than delay spending when
money is tight plans should be
reconsidered.
o Partnerships and grant funding are vital
when experimenting with technology
5: How will IT
improve our
operational and
strategic agility?
5: How will IT
improve our
capacity and
capabilities?
How does our business and IT
agility measure up with that of our
competitors?
How do our IT plans increase our
business and IT agility?
Are our sourcing relationships
increasing or reducing our agility?
How does our capacity and
capability compare to that of
other agencies?
Do our IT plans increase our
capacity and capabilities?
How fast can we recognise and
realise new opportunities from
technology?
o What does agility mean to you?
o Can you make use of cloud provisioning
for trails, testing etc.
o Suppliers provide both technical capacity
and capability. Is the Trust limited by
either?
6: Do we have the
capabilities
required to
deliver value from
IT?
6: Do we have the
capabilities
required to deliver
what we need from
IT?
Do we have the capabilities we
need to drive full value from our
existing IT systems?
What are the weakest links in our
capabilities?
Do we have enough IT literate
executives?
What is our plan for upgrading our
capabilities?
Are we getting the most from our
existing IT systems?
How could we get more value
from them?
Do our managers use technology
appropriately?
What is our ongoing staff
development plan for technology?
o Capability improvements need a
development programme. Look for
funding e.g. MSD funding under ISO CIR
o A significant improvement would be
moving to simple databases rather than
using spreadsheets as the data tool of first
resort.
o Capability is needed at individual,
management and governance level
4. Technology Governance Questions
Page 4 of 4
Dale Jennings Associates
www.dalejennings.co.nz
McKinsey
Question
Common Good
Questions
McKinsey
Sub-questions
Common Good
Sub-questions
Thoughts
7: Who is
accountable for IT
and how do we
hold them to
account?
7: who is
accountable for
technology
development and
how are they held
to account?
What is our operating model for IT
and how is it aligned with our
business priorities?
Who is accountable for delivering
business value from It – both
overall and by activity?
Are those accountable being
measured using business-friendly
scorecards that create the right
incentives?
What is our IT operational
framework? Is it clearly
articulated and understood by
suppliers and service managers?
How do we measure IT value
beyond cost? What are our
targets for IT value?
o The board need to see the framework
exists and have confidence it is
appropriate. They do not develop it
themselves although policy can shape it.
8: Are we
comfortable with
our level of IT
risk?
8: Are we
comfortable with
our level of IT risk?
Do we have a comprehensive
understanding of the IT risk
factors we face?
How is our level of IT risk
measured, and is it aligned with
the company’s overall risk
appetite?
How are we reducing our IT risk
on an ongoing basis?
Who is responsible for overseeing
the level of IT risk?
Are the IT risk factors understood
for each funding source and
service we provide?
Is the level of risk aligned with the
consequences of event?
Who is responsible for measuring,
reporting and mitigating the level
of IT risk?
o The setting of acceptable risk levels is a
governance issue. Compliance assurance is
management.
o Different services and functions can have
different risk types and (impact) levels
Operational failure
Reputational
Financial
Compliance
9. Are we making
the most of our
technology story?
9. Are we making
the most of our
technology story?
What are the key messages we
should communicate?
How when and to whom should
they be communicated?
What are the key messages we
should communicate?
How when and to whom should
they be communicated?
o Communication needs vary by stakeholder
group
Government
Competitive agencies
Collaborative agencies
Donors
Philanthropic funders
Clients
Staff