ECU Technology Governance Guidelines

Transcription

1 ECU Technology Governance Guidelines These guidelines must be read in conjunction with the ECU Technology Governance Policy. Intent Organisational Scope Definitions Objectives of Technology Governance Guideline Content Accountabilities and Responsibilities for Guidelines Related Documents Contact Information Approval History 1. INTENT 1.1 The aim of the Technology Governance guidelines is to provide detail on the operation of Technology Governance across the University. The guidelines outline how the framework, governing bodies, processes and controls integrate with ECU s annual planning cycle and how they will be used to enable ECU to meet its strategic objectives. 1.2 Any change or modification to ECU s, information, application and infrastructure architectures will be required to comply with ECU technology governance processes and controls as described in these guidelines and associated processes 2. ORGANISATIONAL SCOPE ECU Technology Governance encompasses all areas of ECU. 3. DEFINITIONS ii

2 TERM/ABBREVIATION DEFINITION Information Technology Roadmap Information Technology Architecture Information Technology Architecture Principles ITIL FBSC PMO RASC SAMF AAB CAB ITGC SAB SLA SAMF Explains the path of the current state to the desired state and is the basis for planning and decision-making for Technology investment. A structured multi-layered approach to the design of Information Systems. The guiding principles to inform investment in Technology decisions. Information Technology Infrastructure Library a set of practices for IT service management that focuses on aligning IT services with the needs of the business. Finance and Business Service Centre Program Management Office Risk Assurance Service Centre Strategic Asset Management Forum Architecture Advisory Board Change Advisory Board IT Governance Committee Service Advisory Board Service Level Agreement Strategic Asset Management Forum For consistency all acronyms will be used throughout the document iii

3 4. OBJECTIVES OF TECHNOLOGY GOVERNANCE ECU technology governance encompasses all areas of ECU and supports the strategic, operational and technical decision-making processes required to make sure technology enables the University to deliver its objectives. The key objectives of technology governance are: 4.1 At the Strategic Level: Appropriately skilled people make decisions; Technology decisions guided by enterprise architecture principles; Proposals will reflect the total cost of ownership; Technology related risks managed within the University's risk framework. 4.2 At the Change Delivery Level: Technology projects will be managed as one, i.e. people, business process, technology; The ITSC Program Management office will have oversight of technology related projects; Appropriate project methodologies will be applied, including checkpoints and controls for effective monitoring. 4.3 At the Operational Level: Services delivered in accordance with policies; The defined services delivered to the agreed service levels; Controls and process in place to minimise the risk of business disruption; Information assets are secure. iv

4 5. GUIDELINE CONTENT Technology at the University is governed through a collection of tools, templates, committees, processes, decision delegations and controls at the strategic, change and operational levels across the University. This guideline seeks to provide a summary view of these. 5.1 ECU Technology Governance Framework and Governing Bodies The ECU governance framework and governing bodies incorporates input to technology requirements by all areas of the University. 5.2 Responsibilities for Technology Governance The University Strategic Plan, the target technology architectures and roadmap together with the University technology architectural principles will inform Technology Governance at all levels. The following provides further direction to key stakeholders in respect of Technology Governance IT Governance Committee The objective of the ITGC is to make sure that University wide compliance to technology governance is addressed in a structured manner and recommendations made to the SAMF are based on sound governance practices that have been designed to deliver the University s objectives for Information Technology. The ITGC will meet bimonthly or as required, with additional meetings in the July/August timeframe to accommodate the investment prioritisation process and make decisions on competing priorities Project Board The role of the Project Board is to make sure that the project is delivered to the specifications set out in the Business Case Office of the CIO On behalf of the ITGC, the Office of the CIO is custodian of the University s technology governance and monitors compliance to all aspects including: Implementing and maintaining effective and relevant reporting for all levels of Governance; Acting as custodian of the architectures and roadmap; Negotiation and approval of all technology related contracts; The primary contact for all vendors who provide technology related services or products. A number of Boards operate within the Office of the CIO with specific responsibility for governance for the three areas of service provision. These are: The Architecture Advisory Board - The role of the AAB is to make sure ECU wide compliance to the ECU enterprise architecture and roadmap and to make recommendations to the BIG on technology investments. The Change Advisory Board - The role of the CAB is to minimise negative impacts of change to ECU s production environment through the use of change governance processes and controls. The Service Advisory Board - The SAB monitors the performance of the ECU production environment against the service levels established through the Service v

5 Catalogue and makes recommendations to the ITGC on areas for service improvement. 5.3 Technology Governance Processes and Controls Strategic Technology Governance process The strategic technology governance process defines the decision-making rights and controls that take place between the business idea and the decision to fund and initiate the work as a project. The process is underpinned by a number of detailed processes and controls to enable effective Technology Governance. These include: Enterprise architectures and roadmaps; Policies and Guidelines; Technology risk profile; Planning cycle and prioritisation process; ECU procurement guidelines; Monitoring, measurement and reporting. The planning cycle and prioritisation process is an important aspect of Governance as it identifies those investments that best support the achievement of ECU s strategic goals in a resource constrained environment Change Delivery Technology Governance Process The change delivery process commences once work has been approved, funded and scheduled. A high level process flow described below is supported by a number of detailed Governance processes and controls which include: PMO; Defined Project Methodology; Project stage gate reviews and project audits; Monitoring, measurement and reporting; ITIL Change Management Operational Technology Governance Process The Operational process commences once the production warranty period has been completed. A high level process is supported by a number of governance processes and controls which include: Service Catalogue and Service Level Agreements; ITIL processes and controls; Operational Policies and Standards; Disaster recovery plans and tests; Monitoring, measurement and reporting. vi

6 6. ACCOUNTABILITIES AND RESPONSIBILITIES FOR GUIDELINES Guidelines Owner The Chief Information Officer is custodian of the University s governance over technology and on behalf of the ITGC, has overall responsibility for the content of this guideline and its operation in ECU. 7. RELATED DOCUMENTS: 7.1 The Guideline supports the following Policy: ECU Technology Governance Policy 7.2 Other documents which are relevant to the operation of this Guideline are as follows: Information Technology Architecture Guiding Principles Strategic Procurement Policies, Guidelines and Procedures. Terms of References covering the following Advisory Boards AAB, CAB and SAB. Terms of Reference covering the Project Board. 8. CONTACT INFORMATION For queries relating to this document please contact: Guideline Owner Chief Information Officer All Enquiries Contact: Manager IT Strategy & Planning Services Telephone: address: ITSCStrategy&PlanningServices@ads.ecu.edu.au 9. APPROVAL HISTORY Guidelines Approved by: Date Guidelines First Approved: Date last modified: Revision History: Next Revision Due: TRIM File Reference vii