As organizations face increasing complexity with multicloud and hybrid-cloud environments, integration challenges, and user-developed systems, it is no wonder that enterprise architecture (EA) tops our list of most mature best practices in 2023.
Enterprise architecture is an IT best practice that provides a high-level description of the organization in its desired state. It is increasingly common to find enterprise architects, solution architects, data architects, and various other architects employed by companies to address the common challenges of guiding IT development in a way that encourages innovation within a defined model of the organization now and in the future. While there are various methodologies of enterprise architecture, the discipline has been gaining traction, as more companies seek to establish a common vision for IT. It is good to see this move, but there is still much room for growth.
This is one of many key takeaways from our new IT Management Best Practices study, which analyzes 35 best practices. In this year’s study, we have added two new disciplines: data governance policies and policies for personal use of IT resources.
Figure 3 from our full study shows that enterprise architecture is the most mature practice, with a maturity rating of 30%. IT project portfolio management and user satisfaction surveys tie for second place at 29%.
“Many organizations have complex IT landscapes, which can be a nightmare to manage,” said Tom Dunlap, director of research for Avasant Research, based in Los Angeles. “EA provides a structured approach to identify and mitigate risks. The discipline has grown in maturity, although not enough companies embrace EA.”
What do we mean by practice maturity? It means the percentage of respondents that apply a particular practice formally and consistently. Take enterprise architecture at 30%. Thirty percent of respondents say they apply this best practice formally and consistently. But that means 70% of companies do not consistently and formally align this IT objective with their business needs. Without a robust EA practice, companies are limiting the level of IT innovation and the associated benefits. It is disappointing that most companies do not use this practice formally and consistently. For our analysis of the rest of the most mature practices, see our full study.
Some of the 35 best practices in our full study are well-established disciplines and are widely accepted. Others are gaining traction among leading-edge organizations. Still, other practices are being widely promoted by tools vendors and consultants but are only rarely adopted, and it remains uncertain whether they will endure. Our goal in this study is to provide IT executives with real-world data on how widely each practice is implemented, a basis for comparing their organizations with their peers, and a means of identifying emerging best practices.
This study is now in its 18th year. Each year, we ask IT organizations in our annual survey to what extent they have adopted a selected list of IT management best practices. Survey participants have five response choices:
- No Activity: We are not practicing this discipline in any way.
- Implementing: We are in the process of implementing this best practice.
- Practicing Informally: We do not have formal policies or procedures for this discipline, but we do practice it in an informal or ad-hoc manner.
- Practicing Formally but Inconsistently: We have formal policies and procedures for this discipline, but we do not follow them consistently or to the extent that we should.
- Practicing Formally and Consistently: We have formal policies and procedures for this discipline, and we follow them consistently. This is the maturity level.
The best practices in the study are as follows:
- IT governance practices: IT strategic planning, IT project portfolio management, project management office, organizational change management, enterprise architecture, IT vendor governance, cloud governance, and data governance policies.
- IT financial management practices: IT personnel time tracking, service-based cost accounting, chargeback of IT costs, showback of IT costs, IT service catalog, benchmarking IT spending levels, and monitoring software licenses.
- IT operational management practices: IT Infrastructure Library (ITIL), IT asset management system, bring your own device, user satisfaction surveys, and IT performance metrics.
- IT security and risk management practices: IT security training, two-factor authentication, IT security compliance audits, penetration testing, security incident management, encryption, disaster recovery planning, disaster recovery plan testing, business continuity planning, insider risk assessment, and policies for personal use of IT resources.
- Application development practices: agile development, DevOps, website accessibility, and post-implementation audits.
Our full study is designed to increase the awareness of IT leaders concerning what are the best practices in IT management, provide benchmarks against which an IT organization can compare its own adoption and practice level, and justify investments to improve an organization’s IT management practices.
This Research Byte is a brief overview of our report on this subject, IT Management Best Practices. The full report is available at no charge for subscribers, or it may be purchased by non-clients directly from our website (click for pricing).