An Enterprise 2.0 Governance Framework – looking for input!


From a couple of months before the Enterprise 2.0 Executive Forum held last week, I had been hoping to create some kind of governance framework or implementation framework for Enterprise 2.0 that would be useful at the event.

Last year I created our Web 2.0 Framework, which has now been downloaded around 40,000 times and I gather been used by quite a few organizations in their planning and strategy. This time I wanted to create something that would be useful to help organizations understand and address both the risks and business value of Enterprise 2.0 approaches.

What I have seen in most large organizations is that senior executives’ amorphous understanding of the risks in Enterprise 2.0 has overwhelmed their equally fuzzy grasp of their potential to create business value. A governance perspective articulates and responds to the risks to the business, and also ensures that value is not left on the table – a very important aspect of executive accountability.

In the end I didn’t have time to do the task justice, but quickly pulled together a rough framework to use in my kick-off presentation for the Forum, as below.


First comment is that this is an early effort, and certainly needs considerably more work. I have labelled this “Beta 0.7” to indicate that more development needs to go into this to be useable, though probably the basics are in place.

On the value side, these items are clearly context-specific, and these or other benefits need to be assessed within a particular business. However I think in most cases it would be a major mistake to attempt to quantify the business value, largely because there are no meaningful ways of doing so, except possibly for efficiencies and reduced IT costs.

The risks can in some cases be fairly assessed relative to existing risks. For example, almost every technology security expert says that network penetration risks (malicious access to the organization’s IT systems) are no different using Web 2.0 technologies if appropriate measures are already in place. Other risks are more amorphous. I find it interesting that productivity impact (i.e. goofing off on Facebook and Digg) is probably the most-cited risk by executives. Let’s discuss that in more detail elsewhere. Culture risk is another interesting one – the way I would put it is that it is possible that more open discussion will have a negative impact if you already have a toxic culture. However if the overall trends in culture and attitude in an organization are positive, then openness is likely to facilitate greater employee engagement.

The actions listed are high-level, and these need to be made more specific in the next versions of the framework. For this to be a rigorous governance framework, the actions should match up with the risks and value, though most of them contribute to a number of these.

I’ll endeavor to refine this framework a little further. Please provide input, or feel free to use this as inspiration to do something you think is more useful. I absolutely believe that creating an effective governance framework will greatly facilitate the uptake of these approaches in organizations, by clarifying what are perceived to be highly amorphous risks and business value, and specifics actions to take.

6 replies
  1. Vishal
    Vishal says:

    Hi Ross,
    This is a timely article on this topic as i have been working on a whitepaper on enterprise 2.0.
    I’m nost sure whether you want to call it as Governance framework or just Enterprise 2.0 frameowrk.
    Its looks to me you are putting together a framework on what Enterprise 2.0 offers. Governance is just once aspect of it or another vertical of it, like value, risks, actions.
    At a mcro level governance is –
    Who defines and modifies the organization’s systems?
    What quality of service must be provided?
    Who is responsible for service/applications development?
    Who is responsible the service/applications ecosystem?
    Who is allowed access to the services/applications
    How are services/applications exposed to external consumers
    How will success of the Enterprise2.0 be measured?
    How will the inter dependencies among apss/services be managed?
    I presume you might want to add another vertical and rename this Framework.
    I hope this helps

  2. Ross Dawson
    Ross Dawson says:

    Thanks Vishal!
    I do think it is useful to focus specifically on governance, which ultimately is a macro issue, though aspects of it are implemented at a micro level. From an executive perspective, governance underlies all large organisation activity, and defines their accountability. As such, governance is absolutely about senior executives being responsible for ensuring that business value is maximized and risk is understood, mitigated, or minimized. The way you have defined governance is both IT-focused/ highly technical, and mainly issues that are dealt with below executive level.
    So, I am absolutely looking to create a *governance* framework relevant to senior management, not technology management. Perhaps I haven’t gone about it the right way, but governance is not a subset of what I am trying to create her. This needs to help senior executives who are accountable to the organization’s stakeholders deal with the emergence of Enterprise 2.0 tools and approaches.
    Governance is however a term used in many ways, so perhaps I need to clarify the term within the framework.

  3. Ross Dawson
    Ross Dawson says:

    Salut Vince!
    Thanks for your feedback. My simple way of thinking of Enterprise 2.0 is:
    * The application of Web 2.0 tools and approaches inside organizations (see for what I think Web 2.0 is.
    * The next version of how organizations will need to work in a hyper-connected, open economy.
    J’ai lu votre blog et pensees avec interet – merci! Je parle et lis Francais, mais mon orthographe est pauvre, et j’ai jamais appris ecrire les accents sur un ordinateur :-(

Comments are closed.