5.4.3 Reviewing ICT Governance
ICT Governance provides the management framework for harmonising institutional strategy and structures with performance goals, measures and accountabilities.
Institutions deploy a number of different ICT management and service structures which have been determined by the structure and management of the institution. The key institutional models include federal, epitomising the collegiate institutions and the unitary model providing for centralised institutions. In addition, centralised or devolved ICT services are used. ICT governance is key in ensuring that all ICT organisational structures and ICT service structures are integrated in the formulation and delivery of institutional ICT strategy.
The self-assessment seeks to identify how strongly the ICT governance is supporting the formulation of strategy and the delivery of ICT services across the institution.
The key indicators of good ICT governance include:
- ICT governed within a single integrated governance framework
- all ICT services, centralised or devolved are included
- all ICT is subject to business case formulation and approval
- The existence of an ICT strategy, or equivalent document:
- formulated from the institutional strategy and with consultation from senior management across the institution
- approved by a governance group or committee that includes senior management who represent all institutional ICT stakeholders and the CIO or equivalent senior ICT management. This supports institution wide awareness and buy-in.
- approved by the SMT and institutional governing body
- The ICT strategy includes:
- institutional objectives for ICT
- architectural requirements for integration and standardisation
- infrastructure requirements for ICT capability
- institutional application needs
- Approved investment prioritisation and budgets
- All investment proposals are subject to approval but exception processes exist for the approval and management of some specific ICT investments. If an institution is using EA a Development Without Architecture approval process is available to maintain visibility and the integrity of an institution’s architecture
- ICT strategy is aligned with institutional strategy development and review
- Projects and services are subject to clear objectives, performance criteria and service levels
- Implementation of strategy is overseen by the Chief Information Officer, reported to the ICT governance committee and the SMT.
More information is available within the knowledge base with particular reference to Section 2.6 ICT Governance.
Good Practice
The following are considered good practice in ICT Governance:
- The formulation of a documented and approved ICT strategy. (In some cases an institution may formulate institution-wide IT and IS strategies)
- The scope of the ICT strategy is institution-wide
- The ICT strategy is cross-referenced to reinforce alignment to the institutional strategy
- ICT strategy formulation includes consultation with institutional senior management
- ICT strategy and investment is approved and implemented by an ICT Strategy Group made up of senior management, Chief Information Officer or an equivalent role together with representative management from across the institution.
- All ICT investment is approved by an ICT Strategy Group, Senior Management Team and governing body
- Capital and operational budgets are allocated and approved by an ICT Strategy Group and approved by the Senior Management Team
- A Development Without Architecture process is in place
- Definition, principles, policies and standards are in place to assist in better decision making and management.
- The Chief Information Officer, or equivalent ICT professional has overall responsibility for ICT. Definitions for ICT service levels, and project progress reporting are in place with project and operational reporting to the ICT Steering Group and the Senior Management Team
- Effective communications and engagement between senior institutional management, the Chief Information Officer, ICT Services and the SMT are in place to enhance governance
- Performance measures based on the contribution of ICT to meet institutional objectives and measures of success are being developed
- ICT governance is reviewed as appropriate for institutional change