Scenario

You are now running one of the larger and more complex IT-based operations on the planet, with an annual IT budget of hundreds of millions or billions of dollars. You have thousands of programmers, systems engineers, and IT managers, with a wide variety of responsibilities. IT is in your market-facing products and in your back-office operations. In fact, it’s sometimes hard to distinguish the boundaries as your company transforms into a digital business.

Agile techniques remain important to you, but things are getting complex, and you’re testing the boundaries of what is possible. How can you operate at the scale you’ve achieved and still be Agile? As usual in life, you’re finding that there are always tradeoffs. Decisions you made long ago come back to haunt you, security threats are increasing, and at your scale, there’s no escaping the auditors.

You have scaled up in terms of size, what is less often understood that scaling up in size also means scaling up in terms of timeframes: concern for the past and the future extend further and further in each direction. Organizational history is an increasing factor, and the need to manage this knowledge base can’t be ignored.

But you have great resources at your command, and you’re as well positioned as any of your competitors to meet the challenges ahead. And in the end, that’s all you need.

Chapter 10: Governance, Risk, Security, and Compliance

We need to cope with new layers of enterprise organization, and external forces (regulators, vendor partners, security adversaries, auditors) increasingly defining our options. This chapter sets the frame for the section. Chapters 11 and 12 in many ways are further elaborations of two major domains of governance concerns.

Chapter 11: Enterprise Information Management

We’ve been concerned with data, information, and knowledge since the earliest days of our journey. But at this scale, we have to formalize our approaches and understandings; without that, we will never capture the full value available with modern analytics and Big Data.

Looking inward, we need to measure this massive IT estate and understand it as an overall dynamic and complex system.

Chapter 12: Architecture and Portfolio

We need to understand the big picture of interacting lifecycles, reduce technical debt and redundancy, and obtain better economies of scale. We need to define our investment strategy based on a sound understanding of both business needs and technology limitations.