The principles of a true leader must be integral skills that are adhered to uncompromisingly. Forefront of those discussed in Snedaker’s leadership are governance, risk, and strategy.
Governance is ensuring the outlined policies and procedures for a certain task are followed. The level and complexity of IT governance is dependent on the complexity of the organization. This can be office documents such as spreadsheets going back-and-forth or the faxing between floors that is the lifeline of a healthy bureaucracy. In using their specific methodology with the assigned tools, task and policy can be governed with an appropriately amount of interference.
Figure 1: COBIT 5 Data Governance
Risk is very broad, multi-faceted, yet consensually agreed upon as something to eliminate, if not, minimize. Asking a dozen different people to define the significant risks to an organization will net twenty different answers. The goal of a leader guided by Snedaker’s principles would be performing Enterprise Risk Management, a realistic vision about the competence of a company to mitigate risk.
Enterprise Risk is multi-categorical, each requiring differing policies and procedures. Unique examples of such risk the HIT leader encounters are third-party risk (is outsourcing worth it?), regulatory risk (will lobbying efforts drastically change and shakeup the order of things?), and risk introduced via operations (holes in security/data reaches). Defining the accepted tolerance for any risky venture, establishing contingency plans (“what is your Plan B/Plan C…”) are how a leader supersedes the qualities of a manager as the administrative buffer. Governance establishes checks-and-balance on the risk factor but determining the efficacy of governance it is the both the organization’s and leader’s determination to be effective.
Figure 2: Dilbert by Scott Adams
Therefore, an HIT leader’s strategy first deals with the tolerable level of risk an organization will accept vs cost of measures needed to lessen the risk. The surest skill tactic for risk is a proactive strategy. For this reason, governance and strategy are about putting in the work to take the risk out of the risk; the primary aggregate skill of an HIT leader.