Agenda. Introduction to IT Governance Swinburne s IT Governance suite Working under IT Governance IT Architecture

Transcription

1 IT Governance

2 Agenda Introduction to IT Governance Swinburne s IT Governance suite Working under IT Governance IT Architecture

3 Agenda Introduction to IT Governance

4 Why do we need IT Governance policies? Risk Management Without control or coordination, the Information Technology assets of the University may fail to meet the needs of the University into the future Siloed and sometimes ad-hoc approach to IT project selection and implementation

5 IT Governance What is an IT Governance framework? IT Governance specifies the authorities, accountabilities and management frameworks that will ensure that the University s IT investments are correctly prioritised and deliver desirable outcomes, consistent with its strategic goals. It reduces the risk that the IT investments made will not meet the university s needs into the future by reducing the risk of poor project selection and execution

6 IT Governance Is organisation-wide in perspective Takes account of financial and non-financial factors such as business needs, usability and educational outcomes Covers hardware and software Compliance is mandatory, but has provision for exemptions Prioritises effort and expenditure

7 Agenda Swinburne s IT Governance suite

8 Governance Suite Policy and procedure IT Applications and Infrastructure Governance Policy IT Architecture Policy Terms of Reference IT Governance Committee Terms of Reference Supporting artefacts Project definition and justification templates Standardised templates available to all staff Swinburne IT Reference Architecture (SITRA) A public document that defines the standards, technologies and tools in use at Swinburne. Administrative documents Project Requests, Authorisation and IT project summary templates IT Project Management Methodology templates Multiple versions tailored for different project sizes and complexities

9 IT Governance Policy Ensures consistent approach to submission, selection, prioritisation and execution of IT Projects Requires that proposed IT changes and projects receive appropriate approvals and compliance check before beginning

10 IT Governance Committee (ITGC) Has a University-wide perspective Assesses IT Project proposals and either approves or rejects them Prioritises projects and assigns IT resources Monitors the delivery and success of projects Has authority to suspend or terminate projects Does not fund projects

11 IT Governance Committee (ITGC) Approach to selecting projects for implementation Is based on consistent information presented in a standard format (IT Project Planning Report/Business Case) Considers a number of factors

12 IT Governance Committee (ITGC) Membership Chief Information Officer (Chair) Chief Financial Officer Director Student Operations PVC International and Development or Nominee DVC TAFE and PVC Industry Engagement or Nominee PVC Research or Nominee DVC Academic or Nominee

13 Agenda Working under IT Governance

14 Information Strategy Committee (ISC) Responsibilities for managing operations (e.g. ITSAC) and development of IT standards (e.g. ITSAG) have been transferred to CIO ITGC able to establish and coordinate working groups as necessary Separate paper addressing ISC s future

15 IT Governance Supporting documents Business Cases IT Project Management Methodology Bureaucratic and overly detailed? Possibly, but deliberate Necessary to understand full implications of projects Level playing field for comparing projects Have tried to construct to be as broadly applicable as possible Review scheduled for September 2008 with some streamlining expected

16 Agenda IT Architecture

17 IT Architecture Policy Ensures Swinburne has a reliable and cost effective IT environment where future change can be delivered in a timely and cost effective manner, better enabling ITS to be responsive to emerging business requirements. Is enforceable and compliance can only be waived by CIO. ITS via the CIO now sets technical standards across the organisation. Requires that hardware and software purchases will be made through IT Procurement. The technical detail of the architecture is defined and maintained in a separate document, the Swinburne IT Reference Architecture (SITRA)

18 What is the purpose of IT Architecture? Promotes consistent use of standard IT methodologies, tools, configurations and products, both hardware and software Prevents use of technologies and tools that would increase risk or negatively impact the organisation s flexibility or efficiency Minimises the proliferation of similar applications and solutions that could be consolidated by encouraging re-use of existing IT investments Minimises the duplication of data preventing re-keying and increasing data integrity by adhering to known, supported data structures and re-use of existing data sources.

19 Architectural Principles of the SITRA In order to support flexible, secure, sustainable and supportable IT systems, the following principles have been adopted Making use of existing systems in preference to the introduction of new systems Making use of core systems in preference to the use of non-core systems Use of open standards Use of packaged and configurable solutions in preference to solutions requiring the custom development of software Products for which vendor support is available Use of a standard operating environment Systems which are compliant with relevant legislative or regulatory requirements related to non-functional aspects such as privacy, security and resilience