GOVERNANCE OF INFORMATION TECHNOLOGY IN HIGHER EDUCATION



Similar documents
An IT Governance Framework for Universities in Spain

EVALUATION FRAMEWORK FOR SERVICE CATALOG MATURITY IN INFORMATION TECHNOLOGY ORGANIZATIONS

IT Governance. What is it and how to audit it. 21 April 2009

Pilot Project for Implementing Corporate Governance of IT

IT Governance (Worthwhile Exercise?) January 10, 2013 Presented by Chad Murphy, CISA

IT Governance Charter

IT Charter and IT Governance Framework

IT Governance Regulatory. P.K.Patel AGM, MoF

IT Governance: framework and case study. 22 September 2010

Measuring IT Governance Maturity Evidences from using regulation framework in the Republic Croatia

Beyond Mandates: Getting to Sustainable IT Governance Best Practices. Steve Romero PMP, CISSP, CPM IT Governance Evangelist

S11 - Implementing IT Governance An Introduction Debra Mallette

ASSESSMENT OF THE IT GOVERNANCE PERCEPTION WITHIN THE ROMANIAN BUSINESS ENVIRONMENT

Based on 2008 Survey of 255 Non-IT CEOs/Executives

Govern IT! Possible ways for R+D+i on Computer and Management Sciences, together

Recommendation for IT Governance Using the COBIT 4.1 Framework

Practical Approaches to Achieving Sustainable IT Governance

IT Governance isn t one thing, it s everything. Steve Romero PMP, CISSP, CCP

The Role of the Board in Enterprise Risk Management

Information Technology Governance: Key Success Factors

COBIT 5 For Cyber Security Governance and Management. Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE)

Process-Based Business Transformation. Todd Lohr, Practice Director

Enabling IT Performance & Value with Effective IT Governance Assessment & Improvement Practices. April 10, 2013

The Proposed Quality Competency Framework for the Future Quality Professional

Proceedings of the 34th Hawaii International Conference on System Sciences

Chayuth Singtongthumrongkul

Office of the Auditor General AUDIT OF IT GOVERNANCE. Tabled at Audit Committee March 12, 2015

Applying Integrated Risk Management Scenarios for Improving Enterprise Governance

Balanced Scorecard; a Tool for Measuring and Modifying IT Governance in Healthcare Organizations

Making Data Work. Florida Department of Transportation October 24, 2014

State of Michigan Department of Technology, Management & Budget

CSR / Sustainability Governance and Management Assessment By Coro Strandberg Principal, Strandberg Consulting

Solution Overview Better manage environmental, occupational safety, and community health hazards by turning risk into opportunity

How To Understand The Role Of Enterprise Architecture In The Context Of Organizational Strategy

DEPARTMENT OF LOCAL GOVERNMENT AND COMMUNITY SERVICES. Performance Indicators Information Paper

Digital Asset Manager, Digital Curator. Cultural Informatics, Cultural/ Art ICT Manager

The following is intended to outline our general product direction. It is intended for informational purposes only, and may not be incorporated into

IT governance in Brazil:

Global Process Innovation Value Proposition

Maximizing Your IT Value with Well-Aligned Governance August 3, 2012

NHS Procurement Dashboard: Overview

Driving Business Value. A closer look at ERP consolidations and upgrades

Principled Performance & GRC

ITAG RESEARCH INSTITUTE

CORPORATE INFORMATION AND TECHNOLOGY STRATEGY

Global Technology Audit Guide. Auditing IT Governance

IIA Global Strategic Plan

Gobierno de TI Enfrentando al Reto. IT Governance Facing the Challenge. Everett C. Johnson, CPA International President ISACA and ITGI

JOE MOROLONG LOCAL MUNICIPALITY IT GOVERNANCE FRAMEWORK

COBIT 4.1 TABLE OF CONTENTS

The ICT Strategic plan execution toolbox

RSA ARCHER OPERATIONAL RISK MANAGEMENT

Creating a Business Intelligence Competency Center to Accelerate Healthcare Performance Improvement

Workshop agenda. Data Quality Metrics and IT Governance. Today s purpose. Icebreaker. Audience Contract. Today s Purpose

IT Governance Committee Charter

IT PROJECT GOVERNANCE GUIDE

Revised October 2013

Linking Risk Management to Business Strategy, Processes, Operations and Reporting

ENTERPRISE RISK MANAGEMENT POLICY

Information Security Risk Management

IT GOVERNANCE WITH ROBERT GOODSELL, MANAGING DIRECTOR JOE BRUTSCHE, DIRECTOR

SITA Service Management Strategy Implementation. Presented by: SITA Service Management Centre

Welcome to ICMI s Leadership and Business Management. ICMI Study Course

Procurement Programmes & Projects P3M3 v2.1 Self-Assessment Instructions and Questionnaire. P3M3 Project Management Self-Assessment

WEST COAST DISTRICT MUNICIPALITY IT GOVERNANCE FRAMEWORK IT CHARTER

Managing Organizational Performance: Linking the Balanced Scorecard to a Process Improvement Technique Abstract: Introduction:

MODEL FOR IT GOVERNANCE ASSESSMENT IN BANKS BASED ON INTEGRATION OF CONTROL FUNCTIONS

Project Portfolio Management: James C. Brown Sr. Manager, Research PMO Pioneer Hi-Bred International

Using Measurement to translate Business Vision into Operational Software Strategies

Baldrige Excellence Builder

Strategic Plan

Whitepaper Data Governance Roadmap for IT Executives Valeh Nazemoff

Assessing Your Information Technology Organization

Auditing IT Governance Steve Hunt October 11, 2012

Strategic Plan. Valid as of January 1, 2015

What you need to know about PMOs

Guidance for Industry. Q10 Pharmaceutical Quality System

Balanced Scorecard: linking strategic planning to measurement and communication Gulcin Cribb and Chris Hogan Bond University, Australia

Dr. Gad J. Selig, PMP, COP Managing Partner, GPS Group, Inc., Director, Technology Management & Dual Graduate Business Degree Programs & Associate

How To Improve Your Business

IT Governance in Financial Services and Manufacturing

Principles for An. Effective Risk Appetite Framework

Measuring Continuity Planning Program. Performance

PHARMACEUTICAL QUALITY SYSTEM Q10

The South Staffordshire and Shropshire Health Care NHS Foundation Trust Digital Strategy

How quality assurance reviews can strengthen the strategic value of internal auditing*

IT Risk Management Life Cycle and enabling it with GRC Technology

Business Logistics Specialist Position Description

How To Manage A Vet

IT and Business Process Performance Management: Case Study of ITIL Implementation in Finance Service Industry

TOGAF. TOGAF & Major IT Frameworks, Architecting the Family. by Danny Greefhorst, MSc., Director of ArchiXL. IT Governance and Strategy

EMC PERSPECTIVE. Information Management Shared Services Framework

Implementation of a Quality Management System for Aeronautical Information Services -1-

Enterprise Architecture: A Governance Framework

Transcription:

GOVERNANCE OF INFORMATION TECHNOLOGY IN HIGHER EDUCATION SPANISH ASSOCIATION OF UNIVERSITY RECTORS CONFERENCIA DE RECTORES DE LAS UNIVERSIDADES ESPAÑOLAS

Information Technology (IT) has become critical in all aspects of universities (teaching, researching and administration). IT is a tactical component that provides support to all main university services, and in the future is set to become a strategic tool for universities. IT must form part of an institution s strategy. Strategic objectives must be established and decisions on where, when and how investment in IT is going to take place must be made, in order to achieve the objectives in such a way that competitiveness and effectiveness of the university are improved. 2

What is IT Governance? All of the definitions of IT Governance share some fundamental aspects: IT Governance is the board of directors and executive management s responsibility. The main objective of IT Governance is to align business strategy with IT strategy. IT Governance includes strategies, policies, responsibilities, structures and processes for using IT within an organization. There is a clear difference between IT Governance and IT Management. IT Governance is an integral part of Corporate Governance. IT GOVERNANCE Decision Making BOARD OF DIRECTORs IT MANAGEMENT IT Architecture IT DIRECTOR IT OPERATIONS IT Infrastructure IT TECHNICIANs Corporate Governance of IT is the system by which the current and future use of IT is directed and controlled. Corporate governance of IT involves evaluating and directing the use of IT to support the organization and monitoring this use to achieve plans. It includes the strategy and policies for using IT within an organization. ISO IEC 38500:2008 Corporate Governance of Information Technology Effective IT governance must address three questions: 1. What decisions must be made to ensure effective management and use of IT? 2. Who should make these decisions? 3. How will these decisions be made and monitored? Weill & Ross, 2004 Main IT Governance domains: Strategic alignment focuses on ensuring the linkage of business and IT plans; defining, maintaining and validating the IT value proposition; and aligning IT operations with enterprise operations. Value delivery is about executing the value proposition throughout the delivery cycle, ensuring that IT delivers the promised benefits against the strategy, concentrating on optimizing costs and proving the intrinsic value of IT. Resource management is about the optimal investment in, and the proper management of, critical IT resources: applications, information, infrastructure and people. Key issues relate to the optimization of knowledge and infrastructure. Risk management requires risk awareness by senior corporate officers, a clear understanding of the enterprise s appetite for risk, understanding of compliance requirements, transparency about the significant risks to the enterprise and embedding of risk management responsibilities into the organization. Performance measurement tracks and monitors strategy implementation, Project completion, resource usage, process performance and service delivery, using, for example, balanced scorecards that translate strategy into action to achieve goals measurable beyond conventional accounting. IT Governance Institute, 2003 3

How will IT Governance gain importance for higher education institutions? The implementation of an IT Governance system in a university will help it to: Establish a clear IT strategy and align it with the university s global strategy. Determine who is responsible for IT strategic planning, decision making and the exploitation of IT. Make cost savings in IT investment due to the introduction of project management and prioritization of investments. Reduce the risks associated with IT due to adequate management. Always have at its disposal the evaluation and monitoring of IT-based processes and services by means of the right indicators. Achieve regulatory compliance, implement international standards and acquire quality certification relating to IT governance more easily. Ultimately, the university obtains a return value on its investment in the form of cost savings but also by improving its global internal organisation, user satisfaction, corporate image and outreach. If designed and implemented competently, IT Governance should: Strengthen IT/business unit working relationships. Improve accountability (IT and business) for results. Reduce operational risks/inefficiencies. Enrich IT service quality and effectiveness. Lead to a more efficient use of internal and external resources. Attend to statutory/legal mandates necessary for funding approval and credibility (which can lead to less onerous oversight). Focus IT spending on business drivers, value, needs and priorities. Avoid problems or project overruns/failures stemming from false starts, scope creep and reactive reprioritization. Lead to lower IT complexity and greater enterprise systems integration. Give rise to a more effective IT strategic planning process. Gartner, 2006 4

What is the current situation of IT Governance in HE? Maturity Levels of IT Governance in HE 60% 50% 40% 30% 20% 10% 0% 55% 45% 35% 25% 15% 5% 56% 35% 28.8% 29.7% 23.7% 10.5% 6% 5.7% 3% 1.8% 0% 0% Nonexistent Initial Repeatable Defined Measurable Optimized spain World The participants spent the summit in structured discussions of five aspects of IT Governance, designed to gather their wisdom, creative ideas, and advice: 1. Alignment and Strategic Planning. Good IT governance must ensure that IT contributes effectively to strategic organizational goals. Institutions must build alignment into the ITG process, and IT must be at the table in shaping institutional goals, however they are articulated ( ). 2. Executive Responsibilities and the Role of the CIO. CIOs should accept the opportunity and responsibility to participate in enterprise level strategic discussions, not only those limited to IT. They should encourage other executives to understand the critical role and impact of IT and take joint responsibility with other campus executives for making decisions about IT ( ). 3. ITG usually works differently in practice than in theory. ITG works, or does not work, because of relationships between people, not because of structure or process. At the same time, good processes and structures can insulate ITG from obstructionism or the loss of key individuals ( ). ITG fits into the institution s broader planning processes. If campus governance works in general, ITG has a higher probability of success. Institutions should identify the best non IT governance models and integrate ITG in the models that work best with the campus culture. 4. Governance Internal vs. External to the Institution. Governance relationships between central and distributed resources on campus are affected by external consortial agreements. Collaborations can strain ITG; however, institutions must be diligent in picking the right partners ( ). Participation in an external collaboration can create cohesion among internal competitors. A new ITG structure may be needed to deal with collaborations. 5. IT Governance Processes and Mechanisms. ITG must be well integrated into the institutional culture and provide mechanisms such as steering committees, process teams, and service level agreements for stakeholders to influence the process ( ). Effective ITG must be sustainable and involved in linking budgets to strategic priorities. Report on the EDUCAUSE IT Governance Summit, 2007 5

IT Governance Framework for Universities Using these previous experiences as a starting point, Fernández developed a University-oriented IT Governance Framework (ITG4U) for the Spanish Association of University Rectors (CRUE in Spanish), published in December 2008, which is based on the Joint Information Systems Committee model and describes the principles and characteristics of the new international standard ISO 38500:2008. The ITG4U framework is divided into three levels: 1. 1. The upper level contains the six ISO 38500 principles. 2. The middle level includes seventeen IT goals and their relationship with each of the ISO principles. 3. The lower level consists of three types of metrics (maturity indicators, qualitative evidence indicators and quantitative evidence indicators) that will be used to measure whether IT goals have been achieved. IT Governance Framework for Universities (ITG4U) IsO 38500 ISO PRINCIPLES Responsibility Strategy Acquisition Conformance Performance Human Bahaviour 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 IT GOALS 1 2 IT INDICATORS 16 17 6

IT Goals 1. Have a very clear idea of the vision and IT strategy for the whole university. 2. Align the IT strategy with the institutional strategy (business strategy). 3. Reach IT objectives using an integral IT Governance system. 4. Have a decision making structure aligned with the IT strategy. 5. Provide high level IT policies and procedures which comply with external laws and regulations and support international standards. 6. Make IT decisions that are correctly reasoned and effective. 7. Know and achieve the return value on IT investment. 8. IT projects must achieve the planned goals. 9. Define an IT architecture that will include process definition and system integration. 10. Acquire the necessary technology to fulfil the requirements of the institution. 11. Guarantee that the established IT systems are working according to plan. 12. IT-based services must meet the level required by the users. 13. Know and manage IT associated risks. 14. Ensure that IT systems are flexible and agile in responding to future changes. 15. Have adequate and sufficiently trained staff who can govern IT efficiently. 16. Incorporate respect for people and social and environmental values within the IT strategy. 17. Exchange IT experiences with other organizations and with society as a whole. Besides the ITG4U framework, a series of toolkits has been designed which will facilitate the implementation of the framework in each university: Maturity Model, with values between 0 and 5, in such a way that, when carrying out the self-assessment process, each university will have to determine the status of each of the seventeen IT goals within this model. Self-Assessment Toolkit, for each of the seventeen IT goals, there will be a series of questions (that include all the indicators), the answers to which will indicate whether the characteristic elements of each of the maturity levels have been fulfilled. As the Universities carry out their self-assessment processes, they will be sending information to a central system which will be responsible for analyzing this information and determining the average level of each IT goal for the SUE (Spanish University System), along with other results of interest for IT managers. Good Practice Guidance. Once the selfassessment has been completed, each IT manager will have to plan their own improvement actions. To facilitate this planning, we will offer a guide containing a collection of good practices relating to each of the IT goals. CRUE will analyze the results obtained and will publish an annual report which will help the universities to understand the global maturity of the HEI and carry out benchmarking processes. ITG4U FRAMEWORK TOOLKITS MATURITY MODEL SELF-ASSESSMENT TOOLKIT GOOD PRACTICE GUIDANCE BENCHMARK ANALISYS kti WEB SOFTWARE 7

Implementation of an IT Governance system TRAINING THE senior MANAGEMENT TEAM AND IT MANAGERs IN IT GOVERNANCE self-assessment OF THE MATURITY OF THE IT GOVERNANCE selection OF IMpROVEMENT ACTIONs WITH THE HELp OF THE GOOD practice GUIDE DEsIGNING A plan FOR IMpLEMENTING IT GOVERNANCE CARRYNG OUT THE IMpROVEMENT ACTIONs EsTABLIsHED IN THE plan Steps when implementing an IT governance system in an organization: training the IT managers in IT Governance, analyzing and understanding the initial situation of IT Governance (self-assessment) and designing a plan for implementing IT governance in the organization. Van Grembergen & De Haes, 2008 Once the IT Governance system has been implemented, it should not be inflexible to changes in its surrounding environment, but rather should be characterised by anticipation (the ability to plan for and tackle unexpected change), agility (the ability to respond quickly to change) and adaptability (the ability of the organisation to learn from itself and organise itself based on previous experiences). The ITG4U Framework proposed by CRUE will be very useful in establishing improvement actions that may be implemented in each university to achieve a higher IT Governance maturity level. CRUE is promoting the implementation of the ITG4U in Spanish universities. The first universities to implement this IT governance model will do so in the second semester of 2009. The Spanish Higher Education System will now have common tools to provide information in order to compare universities and to help design global improvement actions. On the other hand, as long as the model is reasonably general, other European universities will be able to use it without having to make significant changes. At least it will serve as a good point of reference and the experience gained through its implementation may be taken into account in the design of their IT Governance frameworks. 8

GOVERNANCE OF INFORMATION TECHNOLOGY IN HIGHER EDUCATION GOVERNANCE OF INFORMATION TECHNOLOGY IN HIGHER EDUCATION SPANISH ASSOCIATION OF UNIVERSITY RECTORS SECTOR COMMITTEE FOR INFORMATION AND COMMUNICATION TECHNOLOGY TIC For more information about the IT Governance Framework for Universities, please contact: The Working Group on the Analysis, Planning and Governance of IT of the Sector Committee for ICT (Information and Communication Technology) of the CRUE (Spanish Association of University Rectors) gti@crue.org www.crue.org/gti Design: Unit for Design and Visual Communication for the University of Alicante Texts: Antonio Fernández and Faraón Llorens

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information