Strategy and Governance – Significance and Objectives

Strategy and Governance defines the guidelines for managing IT. Its significance increases in global companies and when the company faces a business transformation or aggressively pursues growth and development. Optimally, IT is a core function for implementing changes in a controlled manner. Whereas Enterprise Development selects development initiatives, Strategy and Governance defines how to execute them and IT Operations implements initiatives into solutions and services. IT Operations include Sourcing, Development and Services.


Figure 3.1.1 IT Governance flow.


Strategy and Governance sets several governing frames to guide the whole IT function in operations. The IT Strategy, IT Governance and IT Operating Model are the highest-level frames.

  • IT Strategy defines the vision, mission and targets for the coming three to five years. It also incorporates an execution plan between as-is and to-be states. The answers to the following four questions are the basis for IT Strategy:
    1. What is the role of digitalization in business?
    2. How IT contributes to executing digitalization roadmap?
    3. What are the changes in solutions and services IT is focusing on?
    4. How IT is operating and with whom?
  • IT Governance defines how decisions are made and is therefore closely linked to Enterprise Development.
  • The IT Operating Model defines how IT creates value for the business – how development initiatives are transformed into reliable solutions and services that meet business needs.


Strategy and Governance defines the organizational structure – i.e. what is centralized, decentralized or sourced. It determines the Enterprise Architecture, which sets guidelines for solutions and their interoperability. It also provides policies and procedures for IT Security, Quality Assurance and Risk Management. Budgeting and cost control is one of the governing frames with the most impact.

Key Objectives of Strategy and Governance

  • Ensure that IT strategy, the operating model, and competence support the achievement of corporate objectives.
  • Define and maintain mutually agreed principles, procedures and architecture.
  • Make sure IT costs are well-managed and allocated appropriately, fairly, and transparently.
  • Ensure that risks are under control, and that risk management is considered in all streams of the IT Standard.

Strategy and Governance – Roles and Competence Requirements

The Chief Information Officer (CIO) is responsible for organizing IT and developing how IT creates value for the business. As digitalization and agile development gain ground, it is increasingly important for CIOs to create a culture of business-minded innovation and continuous improvement. The CIO ensures that IT management is performed in line with company strategy and good governance. The CIO can be accompanied by a Chief Digital Officer (CDO), who drives the company’s digital development in customer products and processes. The role is sometimes given to the Chief Technology Officer (CTO).

In addition to the CIO, the key roles in Strategy and Governance are those of Development Manager, Enterprise Architect, Quality Manager, Information Security Manager and IT Controller. The roles are typically organized as a CIO Office.

The Development Manager is responsible for developing the IT Operating Model and the related best practices and competence. As these define how IT creates value for the business, the Development Manager is one of the most important roles in the IT organization. Typically, the Development Manager is the head of the CIO Office.

The Enterprise Architect defines the technology, applications and information (which together become solutions) required to execute business architecture and processes. The Enterprise Architect, together with business, defines the current and target state of architecture, and then steers the development of business capabilities towards the business strategy.

The Quality Manager is responsible for the quality of IT solutions. In a digitalized world, user experience is one of the most important measures of solution quality, so each business solution must be easy to use, provide correct information and function properly. The Quality Manager is responsible for this throughout IT operations.

The Information Security Manager ensures that solutions and information are available only for intended users and user groups. The Information Security Manager defines practices and policies for information security and oversees that these instructions are followed.

The IT Controller is responsible for IT budgeting, financial planning and monitoring in cooperation with the company’s financial and IT management. The IT Controller also takes care of internal invoicing and pricing, ensuring IT costs are allocated accurately.


Strategy and Governance – Functions

Strategy and Governance, along with Enterprise Development, steers all IT activities. The stream of Strategy and Governance consists of the following functions:

  • Business Relationship Management
  • Governance, Objectives and Communication
  • Strategy and Operation Model
  • Organization and Competence Development
  • Enterprise Architecture
  • Security, Risk Management and Quality Assurance
  • Financial Planning and Control
Contact us IT for Business as PDF


Looking for answers to your questions about IT Standard? Get in touch.