Conversations from the Mirror42 Team

“There’s a lot of talk these days about key performance indicators (KPIs). They are the backbone of scorecards and dashboards, which have become an irresistible way for organizations to present performance information to executives and staff. Unfortunately, BI developers seem to focus more on creating visual metaphors (dials, gauges, arrows, etc.) than understanding what constitutes a good KPI that delivers long-term value to the organization. Part of the problem is that people use the terms “KPI” and “metric” interchangeably. This is wrong. A KPI is a metric, but a metric is not always a KPI. The key difference is that KPIs always reflect strategic value drivers whereas metrics may represent the measurement of any business activity. When developing KPIs for scorecards or dashboards, you should keep in mind that KPIs possess 10 distinct characteristics. Although metrics may exhibit some of these characteristics, good KPIs possess all of them.”

Read more in this overview of characteristics of Key Performance Indicators from TDWI.

This nice overview of 7 steps toward SOX compliance, is in my opinion valid for any type of “governance”:

1. Framework / Foundation
2. “Governance” Office
3. Visibility / Dashboards
4. Automate
5. Embed
6. Test
7. Monitor

“To make sure they are getting the most from their multiple outsourcers, CIOs need to dedicate staff to oversee each vendor relationship and establish regular reviews of vendor performance with measurement applications such as dashboards or vendor scorecards. In contract negotiations, CIOs need to spell out that vendors should cooperate and refrain from blaming, or else risk losing the job. They need to find qualified staff with financial as well as technical skills to help run a project management office or some other body that can track all outsourcing agreements. “

Read more in this article from CIO.com.

I am attending the HP OpenView Software Forum in Denver this week. The buzz word, if any, this week is “governance”. Customers, software vendors and consulting seem to struggle with the implications of governance i.e. Sarbannes-Oxley. HP OpenView, for example, launched a new product called Compliance Manager. The tool is said to specifically address SOX Section 404, which requires corporate annual reports to include a review of management’s internal control over financial reporting. The tool integrates, of course, with OpenView IT management products. Although this product may give insight in the SOX compliance, it is limited to the OpenView managed world. In my view, SOX controls should also take into account other areas that are not managed by the OpenView suite, and further more it should look at the impact of IT programs and project on SOX controls.

But even in the bigger picture, governance is not only SOX. Governance is about creating transparancy, also for IT departments. Therefore, it should include controls for e.g. performance, business alignment, (information) security, etc. Some of these controls are (also) necessary in the compliance with SOX, others (including some SOX controls) provide essential IT transparancy.

A collegue today commented as follows: “Governance is like eating in a restaurant with an open kitchen. Guests feel assured of the quality of the food being able to watch the preparation process, while for the cooks, the openess is a natural part of their job”.