IT governance is about determining WHO systematically makes and contributes to decisions, not about making specific IT decisions (Management does that). Since IT planning processes have changed over the last few years (There are virtually no static multi-year plans left. Planning and executions happen simultaneously.), a clear and smooth operating Governance structure is needed for allowing well informed information and technology decisions to be made effectively, transparently and quickly.
What is the decision domain of IT Governance?
- Defining role of IT in the organization. (Defining the underlying Principles. Define how we use IT to our advantage)
- Decisions involving infrastructure strategies.(How and by whom)
- Decisions involving systems and services architecture (Compatibility and Integration)
- Defining who is responsible and accountable for what?
- Decisions regarding business applications (How, by whom and at what level)
- Defining Investment and Priorities (How much, how and by whom
‘Effective governance processes are characterized by both methodological comprehensiveness and social interventions, involving strategic integration of business and IT decisions and building collaborative relationships and shared understanding among key stakeholders.
Toward Good Governance
Good governance and decision making in higher education institutions is impacted by (Source: Educause Material):
- Institutional characteristics
- Culture and Climate
- Private vs. Public institutions
- Research Intensive, comprehensive vs. Liberal Arts and Sciences. (Research demands a diverse and robust IT infrastructure. Standards are less likely to be in place.)
- Size does matter
- Sources and level of funding
- In well funded institutions the leveraging of resources is less of an argument
- Needed is a predictable stream of operational and capital funds (Need to understand the degree of risk the institution is willing to take)
- Leadership style
- Leadership style of the CEO and other exec officers
- Vice Provost vs. Vice President
- o In academic institutions the CIO needs to report to the academic leadership
- * Formality of planning
- IT planning should align with the institutional planning mode
- Organizational culture
- For most day to day activities, culture determines how things get done.
- Mistrust and silos make good governance difficult, if not impossible. (Too much time is spent on politics)
- Decision making style
- Decision making style of the CEO and other exec officers. Highly centralized decision making structures are less likely to be effective
- Type of IT leadership structure
- Having a seat ‘at the table’ is crucial
Elements of good governance
- Well defined governance bodies (base them on items listed above)
- Well defined roles of the decision making groups
- Well defined interrelationships with various other IT groups (Understand central and Unit roles)
Other elements impacting IT Governance:
- Top Level Understanding and Support:
- CEO understands importance of IT to all sectors of the institution
- CEO understands that changes in IT organization and decision making are needed
- CIO receives significant executive power
- CEO concurs with concept of using a formal IT planning and management model linked to budget and personnel evaluations
- Type of CIO
- CIO needs to be ‘at the table’
- CEO needs to be personally involved with the CIO helping designing and implementing the governance structures
- Clearly defined CIO position and role: CIO involved in general decision making, not just IT
- * Definition of Policy and Decision Making Roles
- Desirable to have a IT Policy group made up of key decision makers from across the institution. Responsible for: Deriving policies, approving major institutional IT initiatives, approve the IT plan, make detailed recommendation regarding the allocation of IT resources, both central and distributed.
- Establish advisory committees for areas such as:
- Academic issues
- Administrative issues
- Student issues
- Definition of Central and Distributed IT Unit Roles
- Central Unit Roles clearly delineated and defined
- Distributed IT Unit Roles clearly delineated and defined
- Relationship between Central and Distributed components clearly delineated and defined
- Definition of IT Planning Style
- Link strategic planning with management, have objectives tied to budget, and have assigned personal responsibilities to managers.
- Refresh plan every year, with a 3 year rolling planning cycle.
- All distributed IT Unit plans are part of the final plan and all segments of the client community were involved.
Critical Success Factors:
- Ensure there is a philosophical fit between the CIO’s style and the CEO’s
- CIO position is a the cabinet level and CIO establishes relationships within the group
- Match Governance structure to decision making style of the Institution
- Align IT Planning with Institutional Planning. Link it to budget and Unit and individual performance
- Build processes into governance that focus on alignment and trust development between all Units and their clients
- Carefully develop role definitions and care for them over time
- Build various and continuous feedback loops in all processes
- Asses results fro processes and report them to all IT constituents
- Remain open to adjusting processes and have a methodology defined to do it
- Educate constituents; communicate to them the vision, opportunities for involvement, annual objectives, and results
IT Decisions Domains
The five key decision domains they identified to define the scope of IT are:
- IT principles; High level statements on what the role is of IT and how IT will be used. E.g. Utilize industry standards, Rapid deployment of new applications, Reuse before buy; buy before build.
- IT infrastructure strategies: Strategies for the base foundation, centrally coordinated services; how should these be priced; how to keep these up to date. e. g., network, shared data, etc.
- IT architecture; Set of technical choices to guide the organization. The architecture is a set of policies and rules that direct the use of IT, including technology, data, applications, etc.
- Business application needs; Specifying the needs for purchased or internally developed systems.
- IT investment; Decisions about how much and where to invest in IT including project approvals.