Have you heard of the “IT Capability Maturity Model?” During the most recent TAG Conference I attended a session that covered IT planning. Mark Oster of Grant Thornton put on the session. Mark focuses on the non-profit and higher education industry segments and knows the non-profit space well. I attended the session hoping to learn from how Grant Thornton handles IT assessment and planning projects, since that’s a big part of CGNET’s business as well.
I perked up when I saw Mark talk about the IT Capability Maturity Model. It’s something we had informally incorporated into some of our IT assessments. But now I could see a way to be more prescriptive in evaluating IT functions against this model.
Capability Maturity Models
The IT Capability Maturity Model seems to have arisen out of initial Capability Maturity Model work sponsored by the US Department of Defense and directed at the software development industry. From there, the concept has broadened to include capability maturity models for various industries. Here and here are some examples.
IT Capability Maturity Stages
Here are the maturity stages, as Mark outlined them.
Stage 1: Nuts and Bolts
At this stage, IT is viewed as a service organization that handles “basic” IT functions. You often hear expressions like “keep the lights on” and “pipes and plumbing” or “keep the trains running on time” in association with IT organizations at this maturity stage.
Stage 2: Satisfy Requests
At this stage, IT’s role expands to include provision of solutions to the organization. If the organization asks for Zoom video conferencing, IT provides it. Note that functions outside of IT are specifying which solution they want.
Stage 3: Enable Business
At this stage, IT has moved beyond providing solutions that have been directly requested (“we want Salesforce!”). Now, IT is working to understand the problem or opportunity faced by the group that has requested a specific technology. IT then searches to discover the solution that will best solve to group’s problem. Often, this means a solution other than what was requested. For instance, the root issue for a community foundation might be how to manage donors and engage with them on a regular basis. With this as a problem statement, IT can pursue a number of solutions to the problem.
Stage 4: Strategic Partner
At this stage, IT expands from a reactive role to a proactive one. IT is not just satisfying requests or solving problems that are brought to it. Rather, IT is proposing how technology can be leveraged to drive the organization forward. More than the other stages, success at this stage requires that IT understand the business intimately. What drives the organization forward? What are the keys to growth, or impact? What are the enabling technologies that would leverage increased scale, or productivity, or effectiveness?
Thinking about this model, we can make a few observations.
- These capability stages seem to be additive: being at Stage 3 probably implies that the IT organization is already operating against Stage 1 and 2 expectations. I would imagine that’s where the “maturity” component comes in. You can’t get to Stage 3 if you haven’t gone through the earlier stages.
- It’s also important to realize there is no single “correct” stage of IT maturity. We’ve worked with IT organizations who were at Stage 1, to everyone’s satisfaction. We’ve also worked with IT organizations that were at Stage 2 or 3 and were evolving to a higher stage.
- What is important—critical, really—is to ensure there’s alignment between how IT perceives its proper capability stage and how the organization (especially senior management) perceives IT. We have often worked with organizations where IT felt it was executing on its responsibilities, yet the larger organization was dissatisfied. Making sure there’s alignment between IT and the organization has to be one of IT Management’s most important tasks.
Big and Little IT
The capability maturity model focuses on IT as a function within the organization. That’s fine, but it’s important to remember that there is also “little it”—information technology—that is often sourced by operating units directly. For instance, we’ve often seen grants management applications being sourced primarily by the Grants Management function… sometimes with little involvement from IT.
Thus, in thinking through these capability maturity stages, don’t restrict your view to “big IT”—the organization. Think about the application of all significant technology in the organization and ask, “is it being used at the appropriate capability maturity level?”
If it’s not clear to you where your IT organization should be on this capability maturity model, go have a chat with the CEO/President and ask them what they think. That will be a great step toward understanding where you are, where you need to be, and what others are expecting of your organization.
I’m the VP of Global Services at CGNET. I manage our Cybersecurity and Cloud Services businesses. I also provide consulting and handle a lot of project management. I wear a lot of hats. Professionally, I’m a builder of businesses. Outside of work, I’m a hobby farmer, chef, skier, dog walker, jokester, woodworker, structuralist, husband and father.