Governance in the Cloud and the role of IT

The debate of the role of IT in the Cloud landscape has been ongoing for some time. My view is that IT has a role to play, but it is not the same role that it plays today. IT is required to manage the vendor relationship, negotiate contracts, support and administer the system, design and deliver integration, migrate and protect data, ensure compliance, and provide governance. It is the protector of the system, the business adviser, and the procurement expert.

Governance is not just about rules, regulations, and order; it is about ensuring that the system is used correctly, responsibly, and with a technical understanding for each business decision or action. This point refers to enabling business users to understand the impact of their actions. IT has to ensure that the business does not have a siloed view when making design decisions. For example, introducing something “simple” like a new object or field may seem trivial because of the ease in which it can be done, but this still requires a technical impact study – even if only small – to understand how this modification will impact the wider system and also other systems that are inter-dependent.

Even something as minor as the password policy should require input from IT. This is not an option – IT sets the overall standards and is a valuable adviser to aligning practices across the organization. Activities like leveraging Single Sign-On (SSO) and integration are not standalone activities and will absolutely necessitate the involvement of IT. Administration may become partly centralized functions in instances where a system provides business users with administration activities.

This is even more critical when the organization has a global landscape. Any organization that is mitigating against risk needs to ensure that it effectively manages all aspects of its practices. Having a global reach into almost every aspect of the organization gives IT valuable insight and perspective when designing globalized systems with localized characteristics. This is especially significant when replacing an existing system that was designed with the input of IT.

Although this is not entirely new, it is something that may have been lacking when a legacy system was implemented but is rendered significant when implementing a Cloud system. In addition to revisiting your business processes, this is another opportunity to enhance the way that things are done while also protecting against problems down the line. The expertise of IT can prevent activities from having unwelcome repercussions in the future. How many times has a problem been caused as a result of bad practice in the past? Often it occurs because of a siloed view – someone doing something without understanding of or thinking about the bigger picture – and as mentioned earlier IT can provide that overarching perspective and provide sound assessment.

In the past IT has often had a role in system selection and this can often be to the detriment of what the business wants. This is something that will change – and must change – in the Cloud era. Businesses must not make the same mistake of letting IT choose a business system. With many of the complexities of managing and operating a system gone, it doesn’t make sense for IT to call the shots any longer.

Cloud systems are often business systems. IT is there to hold the hand of the business when they need to do something. IT is there to ensure that the system remains operationally optimized and users understand what impact their actions can and will have. In traditional projects IT was an influencer in terms of budget, technology selection, and architecture – but in the Cloud they need to add value through their support of business initiatives and activities, rather than just systems. Managing expectations is of great value – IT folks will know the technical limitations of SaaS software versus the almost limitless scope of on-premise systems. However, protectionist views might also be enough to scare off HR from using a Cloud system if they feel it is very limited in its extensibility. If IT wants a role in the Cloud landscape it needs to understand the true possibilities of Cloud.


IT is by no means excluded from the table. On the contrary, they are needed to play a pivotal role in ensuring that Cloud technology is integrated, managed, and governed within the business to meet the required outcomes. Just because there is no on-site hardware administration does not mean the end of IT. The bottom line is that IT still has a role to play, but the boundaries are changing. IT needs to work hard to stay relevant and become a true business partner. They can force positive change in the business, but must adjust to the demands of Cloud and how they can deliver value.

The biggest risk for the exclusion of IT comes from IT itself. Protectionist agendas and scaremongering against the views of the rest of the business will only alienate them – which is dangerous for both parties. Proactive engagement and supporting the business will add value to both sides. Anything else leaves daunting consequences when entering the new era of the Cloud.


What are you thinking? Why not let Luke know your thoughts on this?

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.