Proceedings of Annual South Africa Business Research Conference
advertisement
Proceedings of Annual South Africa Business Research Conference 11 - 12 January 2016, Taj Hotel, Cape Town, South Africa, ISBN: 978-1-922069-95-5 The Missing Link: An Innovation Governance Framework for Large Organisations Yosheen Padayachee* and Mlungisi Duma** Continuous innovation is key to modern business management. A number of studies show that even though these innovations are funnelled through a structured innovation process they still fail to deliver the business value as promised. This paper attempts to understand the root cause of this failure, to uncover this missing link and suggests the way forward to bridge the gap. The research looks at well established governance frameworks i.e. CoBit, ITIL, ISO 9000 and PMBok and at related work in an attempt critically looks to unravel the secret of the missing link. The research involved surveying responses from various stakeholders across Financial Services Organisations (FSO) to uncover the missing link. The results show that despite the existence of a number of governance and innovation management frameworks there is an absence of an Innovation Governance Framework to elevate the success rate of innovation delivery. Keywords: Innovation, Governance, CoBIT, ITIL, PMBok 1. Introduction Historically, there has not been a structured framework for introducing and sustaining innovation. Neither was there a structure to oversee the implementation once the innovation ideas were approved. A 2012 survey conducted Accenture shows that executives of large organizations are comparatively dissatisfied with the returns on innovation comparative to 2009. However, organizations that have a “holistic, formal innovation system” indicated more successful results and rated higher levels of satisfaction on innovation returns. However, there is clearly more that needs to be done to ensure organization maximized returns on innovation and ultimately grow profits to remain sustainable. Financial institutions in South Africa face the pressures to comply with legislation and regulation by the South African Government, Financial Services Board (FSB), Central Banks and other regulatory boards. Despite the adoption of good practices for innovation, ICT Governance and Risk Management organizations find themselves in a position where a number of ICT innovations, even after following the well governed innovation process, are released as mainstream business service or product that have failed to comply with governance standard. This introduces unnecessary risk, re-work, loss on return on investment (ROI), loss of productivity and jeopardizes the ability to be competitive. *Mrs. Yosheen Padayachee, Masters Student, Technology and Innovation, The Da Vinci Institute, South Africa. Email: ypadayachee@fnb.co.za **Dr. Mlungisi Duma, Technology and Innovation, The Da Vinci Institute, South Africa. Email:mlungisi.duma@fnb.co.za 1 Proceedings of Annual South Africa Business Research Conference 11 - 12 January 2016, Taj Hotel, Cape Town, South Africa, ISBN: 978-1-922069-95-5 The consensus across organizations for the failures is common; the basic governance and risk controls are compromised. The supply of good practice frameworks, standards and guidelines are readily available for innovation, risk management and ITC Governance i.e. ISO, CoBit5, ITIL, PMBok. This research paper aims to answer if these frameworks, standards and guidelines are currently being used to achieve successful innovations, with little or no re-work maximum ROI, enhanced productivity, competitive advantage, profitability and sustainability. The aim of this paper is to determine if a governance framework for innovation can contribute to improving the success rate of innovations. The rest of the paper is organised as follows: section 2 gives a defining innovation and its related concepts followed by a discussion on ICT Governance and Governance Frameworks. Section 3 is a discussion on the research methodology and model followed by a detailed discussion on the findings in section 4. The summary and conclusions to the paper are discussed in section 5. 2. Literature Review Innovation Innovation is a process to bring new ideas, new methods or new products to an organization. The need to innovate supports the goal of organisations to attain competitive advantage, remain profitable, relevant and sustainable. According to O’Sullivan and Dooley (2010), “innovation is the process of making changes, large and small, radical and incremental, to product, processes and services that result in the introduction of something new for the organisation that adds value to customers and contributes to the knowledge store of organisations.” An engaged workforce is required to support the delivery of innovation in accordance to embedded innovation culture. Sorrels (2013) describes culture as a common interpretation on how society views, experiences, and engages with all aspects of life and the world around them. An innovation culture extends this definition by relating this cultural orientation to the purpose of rendering products and services that organisations offer to the market to improve customer satisfaction and promote profits and global sustainability (Humble & Jones, 1989). The survival of organizations relies on a sound innovation strategy and value delivery of innovative solutions. An innovation strategy is ‘a vision directed, organization-wide reliance on entrepreneurial behaviour that purposefully and continuously rejuvenates the organization and shapes the scope of its operations through the recognition and exploitation of entrepreneurial opportunity.’ (Ireland et al., 2009). Innovation management is the development and execution of organization practices, structures and processes which are description and aids business organisations to attain their goals effectively (Birkinshaw et al., 2008). The key to delivering success innovation is a well established innovation culture, a well thought through innovation strategy and a structured process for innovation management. Figure 1: Success Rate of Implemented Innovations (Action Research Results) 2 Proceedings of Annual South Africa Business Research Conference 11 - 12 January 2016, Taj Hotel, Cape Town, South Africa, ISBN: 978-1-922069-95-5 Success Rate of Innovation Implementation 5.6% 16.7% 11.1% 0 - 10% 10% - 20% 20% - 40% 22.2% 22.2% 40% - 60% 60% - 80% 80% - 100% 22.2% Despite organizations, adopting these practices, the study showed that over 81% of organizations invested 0-30% of the annual turnover on innovation. Only 5.6% of these organizations yielded a success rate of between 80 – 100% on implementing these innovations. ICT Governance and Governance Frameworks ICT Governance is the selection and use of relationships such as strategic alliances or joint ventures to obtain key IT competencies. It bears similarity with business governance, in the sense that it involves making choices in business strategy, which covers a multidimensional array of inter-organizational relationships, including strategic alliances, joint ventures, marketing exchange, technology licensing, and outsourcing. (Becker,1996). 3 Proceedings of Annual South Africa Business Research Conference 11 - 12 January 2016, Taj Hotel, Cape Town, South Africa, ISBN: 978-1-922069-95-5 Figure 2: Adapted: Implementation Best Practices IT Governance (Stephenson, 2004) COSO CoBit Risk Management Framework Global Control Objectives (KPI’s) Processes ITIL ISO PMBOK/Prince 2 •IT Governance Architecture •Security Framework •Project Management Framework There are a number of governance frameworks, models and standards readily available (Hill et al., 2009). ICT governance is not constrained by the need to follow a distinctive model in execution but uses good practices in this area: COSO, CoBit, ITIL, ISO (Mireila, 2005), Prince 2 and PMBok. Committee of Sponsoring Organizations of the Treadway Commission (COSO) is a voluntary body that is committed to enhancing organizational performance and governance. It aims to achieve this through the use of appropriate and efficient internal control, enterprise risk management, and fraud avoidance (COSO, 2013). This framework focuses on the enterprise risk management framework for organizations. The Control Objectives for Information and Related Technology (CoBit) framework was created by the ISACA for ICT management and governance. This framework is based on established frameworks which include Software Engineering Institute’s Capability Model, ITIL, ISO 9000 and ISO 17799. CoBIT’s focus is on what organizations need to do and does not cover the execution of how organizations should implement this good practice. Due to this fact, CoBIT is recognised as a control and management framework instead of a process framework. (ISACA, 2014) The Information Technology Infrastructure Library (ITIL) is a best practice framework that focuses on the definition of good practices for ICT service management. It details how ICT resources should be ordered and optimized to deliver business value, documenting the processes, functions and roles of IT Service Management (ITSM). (ISACA, 2014) 4 Proceedings of Annual South Africa Business Research Conference 11 - 12 January 2016, Taj Hotel, Cape Town, South Africa, ISBN: 978-1-922069-95-5 The International Organization for Standardization (ISO) 17799 and 9000 classifies, institutes, and maintains an effective quality assurance system for manufacturing and service industries. These standards help organizations ensure that they meet the needs of customers and other stakeholders while meeting statutory and regulatory requirements related to a product. (ISO, 2014) The Project Management Body of Knowledge (PMBok) is a framework developed by the Project Management Institute in the USA and details processes, tools and techniques that encompasses the practice of project management. The PRojects IN Controlled Environments (PRINCE2) is a process-based method for effective project management. Both these frameworks provide good practices for project management (ISACA, 2014) Related works Skarzynski et al. (2008) researched why not many enterprises have been able to achieve and sustain the competencies for innovation. Large enterprises that have shown tremendous success in innovation have chosen a structured approach to tackle the challenges of innovation. General Electric (GE) and Proctor and Gamble (P&G) are typical examples where a systematic approach to innovation has yielded tremendous success. Skarzynski et al. (2008) also questioned why most organisations still have nothing that resembles a systematic enterprise method to deliver innovation. Weill (2004) discussed the needs for ICT governance and its contribution to ROI. His study on IT governance, showed a positive relationship between governance and financial performance. The study showed that organizations had an “above-average IT governance performance” attaining a 20% higher profitability than organizations with weak governance. Weill and Ross (2004b) considered ICT governance as a toolset to assign the correct decision responsibilities and accountability framework to influence and promote the correct IT outcomes. They also continue to discuss the correlation between organizations with established, effective ICT governance and generate higher profits than other organisations with similar strategic goals but ineffective ICT governance framework. Weill and Ross (2004a) explain that the adoption of an ICT governance framework is the game changer. The Basel Committee on Banking Supervision (BCBS) published key areas that formed the compliance score card: supervised implementation requirement definition, adequate resourcing, and tailoring ICT Risk Governance Frameworks, detailed delivery plan milestones, urgency and time-boxed responses. This compliance framework focuses on 4 key themes, of which 2 focus around managed assurance and governance and infrastructure around managing ICT delivery as a strategic business asset. This regulation helps one understand how globally the awareness for structures approach is required to mitigate ICT challenges. (Peihani, 2015) In 2012, Accenture conducted a survey with 519, American, English and French executives, from large enterprises. 93% of respondents indicated that the long-term survival and sustainability of their enterprises was reliant on their capability to innovate; however, less than 18% believe their own innovation strategy provides an actual competitive advantage (Koetzier et al., 2013). Despite, the adoption of good practices for innovation, ICT Governance and Risk Management, Organizations find themselves in a position where a number of ICT innovations, 5 Proceedings of Annual South Africa Business Research Conference 11 - 12 January 2016, Taj Hotel, Cape Town, South Africa, ISBN: 978-1-922069-95-5 even after following the well governed innovation process, are released as mainstream business service or product that has failed to comply with governance standard. This introduces unnecessary risk, re-work, and loss in productivity and jeopardizes the ability to be competitive. The theme, across the enterprise, for the failures is common; the basics governance and risk controls are compromised. The motivation for this study is based on exactly this issue: Getting back to basics to achieve operation excellence, increase customer satisfaction, grow profits and remain globally sustainable. There is an urgency and need to do the following to solve this work-based challenge: (1) Understand the good practices that have been adopted for innovation, ICT governance and Risk Management by large, preferably multinational, enterprises. (2) Understand the position and challenges faced by other multinationals with innovation, governance and risk management. (3) Conduct the analysis on the data. (4) Introduce and propose a governance framework for innovation. The rest of the paper is organised to explain the methodology and model, to present the findings, interpret the results and concludes with a summary and conclusion. 3. The Methodology and Model A qualitative approach is used to support the collection of data that depict facets rather than the statistical deduction with regard to innovation and governance. The paper aims to use an unstructured exploratory research method to subjectively analyse the facets of character, attitude, behaviour, opinion, etc. to address the research problem that was earlier discussed. Large enterprises use numerous strategies, risk tools and frameworks to manage Innovation, ICT Governance and Risk. These enterprises also have good innovation processes, mature innovation cultures, a seasoned ICT governance model; comprehensively documented and well executed risk management practices. However, many of these enterprises struggle to create environments that enable them to reach their goals. The profitability and sustainability of these enterprises are threatened. Organizations are struggling to successfully deliver innovations. These organisations follow a structured innovation process, release process, product and service innovations into mainstream business environment, that are still non-compliant with the corporate ICT governance standards, leaving them exposed unnecessary reworking, unplanned costs and risks resulting in unsatisfactory returns on innovation, compromising their ability to be competitive and ultimately jeopardizing the organisation’s sustainability. Data Collection Method A quantitative survey was designed to ascertain the perception of relevant stakeholders in the ICT and Risk Management discipline on innovation, governance and good practices. The data obtained through these research instruments will be analysed to ascertain the key components of an innovation governance framework. A qualitative methodology approach will be applied to enable in-depth interviews with relevant stakeholders in the industry. This will be be necessary in corroborating the survey responses and in documenting original thought with the scope of the research. 6 Proceedings of Annual South Africa Business Research Conference 11 - 12 January 2016, Taj Hotel, Cape Town, South Africa, ISBN: 978-1-922069-95-5 The researcher will, through the use of secondary data collection techniques, investigate good practice frameworks used for Innovation, ICT Governance and Risk Management. It will ascertain how the research problem can be solved to establish “systematic corporate wide approach to ICT innovation”. Assumptions The research assumes that the selected research methodology is appropriate to gather analysis and solve the work-based challenge. The theoretical framework of the research is assumed to be an accurate reflection of the phenomena being studied. Therefore, the results of the research study are limited by the accuracy of the theoretical framework to reflect the phenomena under study. There is an assumption that the variables under investigation are measurable. It is also assumed that the instrument being used is a valid and reliable instrument to measure these variables. In order to achieve validity the participants will be representative of the population, will be willing to participate in the study, and respond to questions honestly or participate without biasing the study results. The study assumes that all enterprises are multinational organizations and large in size. It also assumes that these enterprises have well established innovation management and a mature innovation culture, with a formal innovation process. Upon completion of the study the assumption is that the results will be applicable beyond the sample being studied. Finally, it is assumed that the results of the study will be relevant and meaningful to all stakeholders and can be utilized by all enterprises independent of it size. Research questions and sub-questions A number of innovations that follow the innovation process are released into mainstream business service, only to find that there is non-compliance with governance standards when complied with. This introduces unnecessary risk and re-working to get the basics right which costs a lot of money. This paper will attempt to research and answer the following questions: (1) What challenges are organisations with formal, established innovation processes facing? (2) What frameworks, methodologies and good practices do large organizations use for innovation management, ICT Governance and Risk Management? (3) What are the key reasons that cause failures of success implementation of innovation? (4) Will a proposed ICT Innovation Governance framework, which includes all types of innovation, achieve faster delivery and better quality innovation solutions? Limitation of Scope of Research The scope of this study will be limited to investigate the research problem in the context of large enterprises, even though the research problem is applicable to all enterprises of all sizes. The scope will be further limited to enterprises that have a mature innovation culture and process. By doing this, the sample size is reduced considerably. The information and governance framework produced might not be generalized to other enterprises or other 7 Proceedings of Annual South Africa Business Research Conference 11 - 12 January 2016, Taj Hotel, Cape Town, South Africa, ISBN: 978-1-922069-95-5 settings as the findings might be unique to the relatively few enterprises included in the research study. The research study attempts to reduce the chances of failure and attempts to provide a structured approach to solve the research problem. The research provides a guide on future behaviour. The research design uses both qualitative and quantitative research approaches. A qualitative research is not an exact science, even though it uses a few scientific techniques. In the case where secondary data collection research techniques were engaged, the limitation may be that the information collected may be old and obsolete and therefore results of analysis may cause a level leadership practice of inaccuracy in this paper. This study will take a crosssectional time horizon approach (refer to research methodology and Design Section in this paper for definition), coupled with the sheer size of the 3 domains under investigation and the probability that there are bound to be aspects of Innovation, ICT Governance and Risk Management that will not be revealed during the research process. 4. The Findings The aims of this paper are to determine existing ICT governance frameworks that are being used to yield the best returns and success innovation implementation or if there is a need to introduce a ICT governance framework for Innovation that will contribute to improving the success rate of innovations. The study looked at large organizations, with a targeted focus in the Financial Services Industry. This section analyses the frameworks utilized, the size of the organization, the delivery methodology used, the spend and the success rate of innovations. Results Analysis Consideration The organizations contacted a number of large organizations in the public and private sector. The researcher contacted more than one individual per organization; this included CEO’s, Executive Managers, CIO’s, CRO’s, Senior Managers, IT Team Members, Business and Risk Team Members. Out of 50 participants in the experiment only 45 responded to the survey. A response rate of 90% was achieved. Percentages and percentage distribution were used to interpret the data. According to Zikumund (2003), response bias can take place when respondents tend to answer, consciously or unconsciously, in a certain way and misrepresent reality. The design of the questionnaire facilitated that respondents conduct a self-assessment of innovation and governance practices in their organizations. owing to this there is an expectation of some degree of bias with reference to the responses. 8 Proceedings of Annual South Africa Business Research Conference 11 - 12 January 2016, Taj Hotel, Cape Town, South Africa, ISBN: 978-1-922069-95-5 Industry Participation Figure 3: Industry Participation 2.3% 4.7% 0.0% 0.0% 4.7% The Industry 0.0% 0.0% 9.3% 0.0% 0.0% 0.0% Healthcare Non-profit Technology Energy & Utilities Transportation Materials Consumer Finance Education Government 79.1% Professional Services Manufacturing 79.1% of the total responses received were from respondents that belong to the Financial Services; 4.7% of respondents were in government organizations and professional services respectively; 9.3% of respondents belonged to the Technology sector and the remaining 2.3% were in the Health Care Industry. Over 73% of these organizations were large organizations that employed over 15000 people. Over 95% of these organizations yielded an annual turnover of R1 million. Job Functions Table 1: Summary of Respondents’ Job Roles Answer Options Response Percent Executive/Chief Executive Office Chief Information Officer (CIO) Chief Risk Officer (CRO) Risk or Business Team Member IT Team Member Senior Manager Other (please specify) 0.0% 2.2% 0.0% 8.9% 33.3% 31.1% 33.3% Success Rate of Innovation 9 Proceedings of Annual South Africa Business Research Conference 11 - 12 January 2016, Taj Hotel, Cape Town, South Africa, ISBN: 978-1-922069-95-5 Only 5.6% of these organizations yielded a success rate of between 80 – 100% on implementing these innovations. Innovation Process The responses showed that only 11.9% of organizations used an informal innovation process, with 42.9% of organizations functioned using a well-established process and the remaining 45.2% used a mature innovation process. Reasons for failure to Implement Innovations Respondents cited incorrect scoping (59.46%) and lack of governance (37.84%) as the top two contributors that cause the implementation of innovations to fail. The lack of funding only contributes to 13.51% and the remaining 21.62% was cited under the other category. After further analysis of the other category show that the scoping, process and governance is a contributor to failures. Governance Frameworks Used Table 2: Governance Frameworks used by Organizations Answer Options ITIL COBIT ISO 9002 Other (please specify) Response Percent 51.7% 44.8% 34.5% 31.0% ITIL (51.7%) and CoBIT are the top two good practices being used by these organizations followed by ISO 9002 with a combination of one or more good practice frameworks. Implementation of a Governance Framework for Innovation 10 Proceedings of Annual South Africa Business Research Conference 11 - 12 January 2016, Taj Hotel, Cape Town, South Africa, ISBN: 978-1-922069-95-5 Figure 4: Implementation of a governance framework for innovation Governance Framework for Innovation 14.7% Yes No 85.3% 85.3% of respondents agreed that implementing a governance framework for innovation will improve the success rate to implement innovation. 5. Summary and Conclusions The findings suggest that large organizations with well-established or mature innovation process managements face huge challenges with the success rate of implementing innovation. These organizations have adopted the use of one or more good practice frameworks like ITIL, CoBIT and ISO 9002 to manage innovation delivery, but still fall short, with less than 6% of these innovations being delivered successfully. The findings also suggest that the main contributors to the failure of this implementation lie in the lack of understanding the scope of the innovation being delivered and lack of governance. After further analysis, the findings also show that the scoping, fit for purpose, resource management, capacity planning and control processes are also contributors to failures. The findings also show 85.3% of respondents agreed that by implementing a governance framework for innovation the success rate to implement innovation will improve. This research paper shows that despite the use of best practice frameworks, standards and guidelines are currently being used to implement innovations that are failing. Owing to the low success rate of implementation of innovations, large organizations do lots of re-working, and in 11 Proceedings of Annual South Africa Business Research Conference 11 - 12 January 2016, Taj Hotel, Cape Town, South Africa, ISBN: 978-1-922069-95-5 turn reduce turnover, lose productivity, slow down competitive advantage, reduce profitability and threaten their sustainability. Figure 5: Discreet Use of Frameworks Project Management Best Practice Initiation ICT Governance Frameworks Risk Management Frameworks CoBit Planning Analysis and Design ITIL COSO Execution Implementation ISO The missing link is a governance framework for innovation. The use of ITIL, CoBIT, ISO and project management best practices are required to be used with more integration and collaboration. Figure 6: Use of Frameworks Integrated Frameworks 12 Proceedings of Annual South Africa Business Research Conference 11 - 12 January 2016, Taj Hotel, Cape Town, South Africa, ISBN: 978-1-922069-95-5 INTEGRATION This solves the problem of scoping and governance in the execution phase. An innovation governance framework that guides the execution and delivery of the innovation contributes to the improving the implementation success rate of innovation. References Becker, S. 'Competing In The Information Age: Strategic Alignment In Practice By Jerry N. Luftman. New York: Oxford University Press, 1996. 411 + Xvii Pages. $Dollar;35.00'. Journal of Product Innovation Management 14.2 (1997): 154-155. Web. Birkinshaw, J., Hamel, G. & Mol, M. J. (2008). Management innovation. Academy of Management Review, 33(4), 825-845. Hill, P., Liell-Cook, S. & Grahan, J. (2009). IT Governance aligned to King III. Cape Town: IT Governance Network Humble, J., & Jones, G. (1989) 'Creating A Climate For Innovation'. Long Range Planning 22.4: 46-51. Web. Ireland, P., O'Kelly C. & Wheeler, S.(2009). Corporate Governance. ISACA, 2014. A Business Framework for the Governance and Management of Enterprise IT. Available at: http://www.isaca.org/COBIT/Pages/default.aspx?cid=1003566&Appeal=PR. Isaca, A.N., Series, C. & Paper, W., 2014. Relating The Coso Internal Control — Integrated Framework And Cobit. :1–22. Koetzier, W. & Alon, A. (2012). Why “Low Risk” Innovation is Costly. Article. Accenture Mirella, G. (2005). IT Governance Principles. Information System Journal, 1-5 O'Sullivan, D., and Dooley, L. 'Collaborative Innovation For The Management Of Information Technology Resources'. International Journal of Human Capital and Information Technology Professionals 1.1 (2010): 16-30. Web. 13 Proceedings of Annual South Africa Business Research Conference 11 - 12 January 2016, Taj Hotel, Cape Town, South Africa, ISBN: 978-1-922069-95-5 Peihani, M.. 'The Basel Committee On Banking Supervision: A Post-Crisis Assessment Of Governance And Accountability'. (2015). Canadian Foreign Policy Journal, 21.2: 146-163. Web. Skarzynski, P. & Gibson, R. (2008).The New Innovation Challenge. Weill. P. (2004). Don’t just Lead, govern: How IT Performing Firms govern IT. MIS Quarterly Executive. : 1-17 Weill, P. & Ross, J.W. (2004a). IT Governance – How top performers manage IT decisions rights for superior results. Boston: Harvard Business Press, Weill, P. & Ross, J.W. (2004a). IT Governance in one page. MIT Sloan: 1-20 Zikumund, W. (2003). Business Research Methods. Ohio: Thompson Learning . Appendix 14
