CITY OF HOUSTON. Executive Order. Information Technology (IT) Governance

Similar documents
Information Technology Governance Overview and Charter

U.S. Department of Education. Office of the Chief Information Officer

Management and Use of Information & Information Technology (I&IT) Directive. Management Board of Cabinet

Health Information Technology Financial Subcommittee

Colorado Integrated Criminal Justice Information System (CICJIS) Program CHARTER and BYLAWS

Enterprise Asset Management Customer Utility Board Charter

A. This Directive applies throughout DHS, unless exempted by statutory authority.

Project Review Board Governance Guide

HUMAN RESOURCES COMMITTEE OF THE BOARD OF DIRECTORS OF THE TORONTO-DOMINION BANK CHARTER

UNITED STATES DEPARTMENT OF THE INTERIOR BUREAU OF LAND MANAGEMENT MANUAL TRANSMITTAL SHEET

U.S. DEPARTMENT OF HOUSING AND URBAN DEVELOPMENT. Issued: September 6, 2002

Section 4 MANAGEMENT CONTROLS AND PROCESSES. Section 4

Office of the Chief Information Officer

Benefits.gov Program Charter

State of Minnesota IT Governance Framework

BYLAWS OF UNIVERSITY OF WEST FLORIDA FOUNDATION, INC. ARTICLE I MISSION

CALIFORNIA GIS COUNCIL CHARTER

ClOP CHAPTER Departmental Information Technology Governance Policy TABLE OF CONTENTS. Section 39.1

Board means the Board of Directors of each of Scentre Group Limited, Scentre Management Limited, RE1 Limited and RE2 Limited.

A. Title 44, United States Code, Chapter 35, Coordination of Federal Information Policy

BYLAWS CALIFORNIA STATE UNIVERSITY, DOMINGUEZ HILLS FOUNDATION A CALIFORNIA NON-PROFIT PUBLIC BENEFIT CORPORATION ARTICLE I CORPORATE SEAL ARTICLE II

IT Governance Charter

HOMELAND SECURITY ACQUISITIONS

Manag. Roles. Novemb. ber 20122

DTCC RISK COMMITTEE CHARTER

Office of the Auditor General AUDIT OF IT GOVERNANCE. Tabled at Audit Committee March 12, 2015

BOARD MANDATE. an Audit Committee, and a Governance, Nominating & Compensation Committee.

U.S. Department of Homeland Security

EXECUTIVE OFFICE OF THE PRESIDENT OFFICE OF MANAGEMENT AND BUDGET WASHINGTON, D. C December 5, 2012

AXA GROUP GLOBAL RESPONSIBLE INVESTMENT POLICY. July 2013

BY ORDER OF THE COMMANDER USTRANSCOM INSTRUCTION UNITED STATES TRANSPORTATION COMMAND 22 JUNE 2015

IT Charter and IT Governance Framework

CHARTER OF THE EXECUTIVE COMMITTEE

SABPP IT GOVERNANCE COMMITTEE TERMS OF REFERENCE

TELESTA THERAPEUTICS INC. BOARD MANDATE AND GOVERNANCE GUIDELINES

COMDTINST JUL 2013 COAST GUARD C4I DATA MANAGEMENT (DM) POLICY

NASCIO Recognition Award Nomination IT Project and Portfolio Management

Revenue and Sales Reporting (RASR) Business Intelligence Platform

Department of Veterans Affairs VA Directive 6004 CONFIGURATION, CHANGE, AND RELEASE MANAGEMENT PROGRAMS

Iman Fund. Identify Theft Prevention Program

Federal Bureau of Investigation s Integrity and Compliance Program

INSTITUTIONAL COMPLIANCE PLAN

Delphi Automotive PLC. Corporate Governance Guidelines

MANDATE OF THE BOARD OF DIRECTORS STINGRAY DIGITAL GROUP INC.

STATEMENT OF CHARLES EDWARDS DEPUTY INSPECTOR GENERAL U.S. DEPARTMENT OF HOMELAND SECURITY BEFORE THE

The State of North Dakota. proudly submits to the NASCIO Awards Committee. Governor s Office Executive Order

ITIL's IT Service Lifecycle - The Five New Silos of IT

Software Licenses Managing the Asset and Related Risks

Department of Psychology Policies and Procedures Revised by Faculty Vote February 8, 2012

COMMONWEALTH OF VIRGINIA

DATA STANDARDS POLICY

Commonwealth of Virginia Information Technology Transformation Initiative

Auditor General s Office. Governance and Management of City Computer Software Needs Improvement

College of Business Faculty Charter. Code of Operating Standards for Academic Policy and Administrative Structure

DTCC BUSINESSES AND PRODUCTS COMMITTEE CHARTER

United States Department of Health & Human Services Enterprise Architecture Program Management Office. HHS Enterprise Architecture Governance Plan

CITY OF BOULDER IT GOVERNANCE AND DECISION-MAKING STRUCTURE. (Approved May 2011)

Evolution of the Data Center

Innovation and Technology Department

IT GOVERNANCE POLICY

Project Governance Plan Next Generation Project Oregon Military Department, Office of Emergency Management, Program (The OEM 9-1-1)

EIB Group Risk Management Charter

Accountability Report. Department of Internal Services

DEPARTMENT OF VETERANS AFFAIRS VA DIRECTIVE 6517 CLOUD COMPUTING SERVICES

ANGLOGOLD ASHANTI LIMITED Reg No:1944/017354/06. Board Charter

State of Minnesota. Enterprise Security Program Policy. Office of Enterprise Technology. Enterprise Security Office Policy. Version 1.

CREDENTIALING OF PROVIDERS

I. Purpose - 1 MD # 0005

Audit of Financial Management Governance. Audit Report

Statement of Danny Harris, Ph.D. Chief Information Officer U.S. Department of Education

FEDERAL CHIEF INFORMATION OFFICERS COUNCIL CHARTER

Criminal Justice Policy Development Committee Policies and Procedures

ITIL 2011 Lifecycle Roles and Responsibilities UXC Consulting

Position Description Questionnaire

Department of Defense INSTRUCTION

USAID Management Operations Council Charter

POSITION INFORMATION DOCUMENT

Comply, Improve, Transform: Regulatory Compliance Management for Software Development. Jim Duggan

Business Plan for the. The Geospatial Platform. September 20, 2012 REDACTED

BOARD OF DIRECTORS MANDATE

CHARTER OF THE AUDIT AND RISK MANAGEMENT COMMITTEE OF THE BOARD OF DIRECTORS OF BLACKBERRY LIMITED AS ADOPTED BY THE BOARD ON MARCH 27, 2014

NUMBER PO EFFECTIVE DATE. July 1, 2015 REFERENCE/AUTHORITY. Procedure: PR APPROVED SIGNATURE

Board Charter. HCF Life Insurance Company Pty Ltd (ACN ) (the Company )

Practical Approaches to Achieving Sustainable IT Governance

Administrative Directive

COMMAND, CONTROL, COMMUNICATIONS, COMPUTERS AND INFORMATION TECHNOLOGY (C4&IT) INFRASTRUCTURE MANAGEMENT POLICY

Victorian Government Information and Communication Technology (ICT) Governance

CORPORATE GOVERNANCE GUIDELINES

Information Management and Protection Policy

The name of this organization is Masters of Library and Information Science Student Council, hereinafter referred to as Council.

CPS SECURITY & INFORMATION RISK MANAGEMENT POLICY CPS SECURITY & INFORMATION RISK MANAGEMENT POLICY

The York Water Company Compensation Committee

MANAGING INFORMATION SYSTEMS: A PRACTICAL ASSESSMENT TOOL

UNITED STATES PATENT AND TRADEMARK OFFICE. Information Technology Investment Review Board. Agency Administrative Order TABLE OF CONTENTS

Information Security Program CHARTER

Capital Improvement Program: Public Input and the Need for a Multi-year Plan

Report via OMB s Integrated Data Collection (IDC), 10

ADOBE CORPORATE GOVERNANCE GUIDELINES

CHARTER OF THE COMPENSATION COMMITTEE OF THE BOARD OF DIRECTORS OF MGM RESORTS INTERNATIONAL OVERALL MISSION

Transcription:

CITY OF HOUSTON Executive Order E.O. No: 1-44 Effective Date: December 20, 2012 1. AUTHORITY 1.1 Article VI, Section 7a, of the City Charter of the City of Houston. 2. PURPOSE 2.1 The City of Houston seeks to provide citizens with the highest quality of service at the lowest possible cost: therefore, optimizing services through the various departments charged with their delivery is of key importance to the public. Information Technology is an important tool which will be deployed to deliver optimized service. IT Governance exists to support the mission of the departments to deliver those public services while ensuring cost effective coordination of large scale IT initiatives and expenditures. This Executive Order defines the scope of IT Governance and respective roles for the City. To further such purpose, this Order establishes: 2.1.1 IT Governance Objectives 2.1.2 IT Governance Committee Structures 2.1.3 IT Governance Principles 2.1.4 IT Governance Roles and Responsibilities 3. OBJECTIVES Approved: 3.1 Establish the approach through which the City will prioritize and guide Citywide and/or multi-department IT investments and services. 3.2 Determine the approach and measures that will be used to determine the efficiency and effectiveness of IT support services. 3.3 Define the scope of accountability for the Chief Information Officer (CIO), the Chief Information Security Officer (CISO), the Deputy CIOs, Chief Technology Officer (CTOs) and Assistant Directors of IT, under the guidance of the governance bodies. 3.4 Create a process through which IT policies and IT standards are developed and approved. 3.5 Establish and implement procedures to ensure that all licensing requirements are complied with. Date Approved: 12/20/2012 Page 1 of 8

4. SCOPE 4.1 All City departments and divisions are required to adhere to this procedure. 5. PROCESS OVERVIEW 5.1 IT Governance is the overall framework within which the City specifies decision rights and accountabilities for large scale IT services and products. IT Governance provides a process for consistent and objective decision making, supporting the mission of the departments. The following are key components of the City s IT Governance process: 5.1.1 Business Alignment: All IT initiatives are prioritized to directly support the business needs of the department(s) and the City s strategic priorities, paying particular attention to prioritization, the capability and capacity of the City. 5.1.2 Investment Management: Investments are prioritized by fund source based on business need, expected benefits, and potential risks. Funding is allocated to appropriate IT operational and capital expenditures, oversight of delivery against approved funds and visibility into the procurement and vendor management processes required to deliver approved projects and services. 5.1.3 Risk Management: The identification, assessment, and prioritization of risks and controls which ensures appropriate visibility and oversight in the management of IT related risks on large scale IT projects (risks will include but not be limited to information security, operational, financial, vendors, and capital projects). 5.1.4 Performance Management: Active monitoring of the leading and lagging indicators that underpin effective, timely, cost effective delivery of large scale IT projects and services, with the evolution of IT capability and capacity. 5.1.5 Compliance Management: Maintains compliance, security and confidentiality of sensitive areas of operations, including but not limited to, law enforcement sensitive information systems, including those which may be driven by federal, state or local regulation or direction. Ensures that all software licensing obligations and requirements are complied with. 6. COMMITTEE STRUCTURES 6.1 The City will establish the following IT governance committees: 6.1.1 IT Governance Board (overall oversight of large scale IT services and spending) 6.1.2 IT Operating Committee (operational governance of IT services) 6.2 IT Governance Board 6.2.1 Purpose 6.2.1.1 Establish priorities for Citywide and shared services IT investment projects. 6.2.1.2 Provide oversight of performance of IT projects and programs. 6.2.1.3 Monitor and establish goals for overall IT service delivery and IT investment performance. E.O. No.: 1-44 Page 2 of 8

6.2.1.4 Oversee development of management action plans related to key IT risks. 6.2.1.5 Review and approve IT recommendations defined by the Operating Committee as appropriate for IT services, policies and procedures. 6.2.2 Attendees (10 total, appointed by the Mayor) 6.2.2.1 Chair - Mayor s office designee. 6.2.2.2 Voting Members Nine, including the Finance & Human Resources Directors, who are standing members. 6.2.2.3 Non-Voting Members Chief Information Officer (CIO). 6.2.3 Frequency 6.2.3.1 Budget cycle (x2) or as needed by the Citywide budgeting cycle. 6.2.3.2 Monthly/Quarterly or as directed by the Chair. 6.3 IT Operating Committee 6.3.1 Purpose 6.3.1.1 Define Citywide IT policies, procedures and standards, including procedures to ensure that software licensing requirements are complied with, to be approved by the IT Governance Board. 6.3.1.2 Define scope of IT services, to be approved by the IT Governance Board. 6.3.1.3 Review IT service delivery standards, large scale project portfolio, and cost performance on a monthly basis. 6.3.1.4 Define IT capabilities required to meet the ongoing needs of each IT department for core and shared services across the City. 6.3.1.5 Oversee asset life-cycle of business applications and technology architecture appropriate for the deployment to the City. Define Citywide IT architectural standards. 6.3.1.6 Define improvement initiatives related to operation of IT services. 6.3.1.7 Approve Citywide IT security policies, standards and processes as proposed by the CISO. 6.3.2 Attendees 6.3.2.1 Chair - Chief Information Officer (CIO). 6.3.2.2 Chief Information Security Officer (CISO). 6.3.2.3 CTOs, Deputy CIOs, Assistant Directors of IT. 6.3.2.3 Non-voting legal advisor appointed by City Attorney. 6.3.2.4 Not to exceed eleven members (plus legal representative). 6.3.3 Frequency 6.3.3.1 Monthly or as directed by the Chair. E.O. No.: 1-44 Page 3 of 8

6.4 IT Governance Committees Voting Principles 6.4.1 The following voting principles will be established: 6.4.1.1 Agenda of topics to be addressed by each meeting will be issued, by the Chair, at least two business days in advance of the meeting; and proposed decisions for the committees will be issued at least two business days in advance of the meeting. 6.4.1.2 Proxies for committee members have the ability to vote proxies for the IT Governance Board must be alternate department directors. 6.4.1.3 No quorum will be required for action to take place as departments are expected to attend. 7. PRINCIPLES 7.1 The City s IT organizations function in a federated model where all departmental IT organizations participate in the governance process with the CIO and governance bodies. In a federated model, the Citywide IT unit has responsibility for architecture, common infrastructure, standards and shared services, while department IT organizations have responsibility for application resources and services that directly impact their business. 7.2 The CIO receives general direction from the IT Governance Board regarding the Citywide and/or multi-department IT business requirements of the City. 7.3 The IT Governance Board drives the decision making around business needs and policies and seeks to maximize the performance of departmental services to the public using IT and other tools. 7.4 The City shall offer IT Services in three distinct models: 7.4.1 Citywide (Core) Services These include information management functions common to the entire City as an enterprise and managed by one department or entity on behalf of all departments. Their performance is overseen by the Governance Board. 7.4.2 Shared Services (multiple departments) These are typically created and maintained by one department to service multiple departments with similar functions to facilitate sharing of applications and data. Their performance is overseen by the departments that utilize the shared service and delivered by the center of excellence. 7.4.3 Departmental Services These are services and process that meet the needs of individual departments. While these services must also adhere to the City policy and standards driven by best practices, they are typically delivered by departments and are overseen by their department director. 7.5 Primary decision making related to IT investment, service and goal priorities will be directed by the IT Governance Board. 7.6 A secondary IT Operating Committee will manage implementation of the policies, investment priorities and operational performance goals approved by the IT Governance Board, and will develop proposed policies, standards and processes for review and approval by the IT Governance Board. E.O. No.: 1-44 Page 4 of 8

7.7 A three year rolling IT Strategic Plan, which will be created by the governance bodies, is mandated that articulates the large scale IT investment strategy and activities for the City. The IT Strategic Plan shall be reviewed annually to reflect changes in departmental objectives. 7.8 Where appropriate IT management standards do not exist, the governance bodies will drive the standard, provided that the standard is reached in accordance with mandatory policies approved by the IT Governance Board and Citywide procurement policy. 7.9 City of Houston departments will seek to leverage existing technology investments when buying additional products, in an effort to move toward Citywide standard and effective reuse of existing acquisitions. 7.10 Where new or additional capabilities are required, package solutions are preferred over building custom solutions. 7.11 Financial transparency will be sought for large-scale IT investments. Allocation of costs must comply with federal regulations (i.e. revenue diversion) and bond covenants. 7.12 Career development and progression programs will be developed for all IT professionals employed by the City; led by the CIO with collaboration from IT departments. 7.13 IT Citywide and shared services will be delivered pursuant to service level agreements entered into by supported and supporting departments and delivery will be continuously assessed against the standards of the agreements and leading practices. These will be implemented on an as needed basis. Structured improvement plans will be agreed as a core component of the IT operational plans. 7.14 Good practice risk and control frameworks will be defined and implemented across the City of Houston IT assets and processes leveraging international standards such as Common Objects for Information and Related Technology (COBIT) and Information Technology Infrastructure Library (ITIL). 7.15 For security and operational purposes, law enforcement technology services and projects, especially those operating with or under Homeland Security, FBI, Texas DPS or other federal, state or law enforcement agencies or affecting the security of police operations, remain under the supervision and control of the Chief of Police. In addition, the Houston Police Department, through the Chief of Police, shall continue to deliver IT products and services to other law enforcement and justice agencies throughout the region in accordance with the security, operational and performance standards applicable. However, the Houston Police Department, through the auspices of its Chief Technology Officer, shall be required to operate wherever possible or feasible within all standards, policies and practices as established by the governance process and shall seek to fully participate in all City of Houston IT related activities. 8. RESPONSIBILITIES 8.1 Information Technology in the City of Houston will be delivered in a federated model under the policies set by the IT Governance Board under the general direction and coordination of the CIO. Alignment between the operational departments and the CIO will be overseen by the IT Governance Board. Each operational department will have an individual (shared in the case of smaller departments) who will be directly responsible for IT delivery in the business department. E.O. No.: 1-44 Page 5 of 8

8.1.1 Department Directors 8.1.1.1 Oversee and prioritize demand for IT solutions and IT services. 8.1.1.2 Ensure the overall alignment of IT solutions with citizen service processes. 8.1.1.3 Oversee the implementation of appropriate controls related to IT delivery and IT investment management. 8.1.1.4 Budget for resources necessary to operate and maintain IT investments throughout the system life cycle, including replacement of assets. 8.1.1.5 Account for the development of IT strategic plans as a component of the overall department business strategy. 8.1.1.6 Assist the CIO in the oversight of IT service delivery performance and IT cost optimization delivered by the central IT department. 8.1.1.7 Oversee departmental IT investments and service delivery across the department. 8.1.2 Chief Information Officer (CIO) 8.1.2.1 Operate under the general direction of the IT Governance Board and in accordance with the IT Governance Principles. 8.1.2.2 Oversee of all large scale IT investment service delivery across the City which central IT may operate. 8.1.2.3 Account for the development of IT strategy for the City, as approved by the IT Governance Board. 8.1.2.4 Account for development of professional IT staff, standards and policies, with input from departmental IT. Recommend standards for IT customer service for IT services across the City. 8.1.2.5 Facilitate planning for innovation and use of IT across the City of Houston. 8.1.2.6 Facilitate cost effective deployment and operation of high performance IT services. 8.1.2.7 Manage Citywide IT risk as directed by the IT Governance Board. 8.1.2.8 Deliver IT Services provided by IT within the federated model to agreed levels of performance, budget and policies. 8.1.2.9 Maintain all Citywide IT policies, standards and compliance. 8.1.2.10 Develop and deliver IT services initiatives across the City as approved by the IT Governance Board. 8.1.2.11 Plan, secure required funding and executes the maintenance and sustainment of the IT products and services. 8.1.2.12 Report on a regular basis to the IT Governance Board on the performance of IT services. E.O. No.: 1-44 Page 6 of 8

8.1.3 Chief Information Security Officer (CISO) 8.1.3.1 Report to the CIO. 8.1.3.2 Develop, coordinate, and implement policies, standards and procedures for the management of Citywide security risks, IT security and compliance in accordance with the IT Governance Board s direction. 8.1.3.3 Propose and maintain IT security standards and controls for approval by the IT Governance Board. 8.1.3.4 Verify compliance with approved IT security controls and software licensing requirements. 8.1.3.5 Provide guidance on IT security and compliance related policies, processes and standards. 8.1.3.6 Work with specific departments which may have specialized security requirements to 1) ensure that conflicts do not arise between specialized security requirements and other security or proposed City policies; 2) coordinate any and all security compliance efforts with all departments before carrying out any verifications that take place within said department facilities or on or with said department equipment, personnel or services; and 3) coordinate with all specialized departments prior to implementation of mitigation efforts or security changes on systems, equipment or services used by specific department. 8.1.4 CTOs, Assistant Directors of IT, Deputy CIOs 8.1.4.1 Collaborate with the CIO, CTOs and Assistant Directors of IT for planning and delivery of cost effective, high performance services to the City. 8.1.4.2 Ensure that their department delivers IT products and services that are in compliance with the IT Governance Board approved citywide policies and processes. 8.1.4.3 Account for and manage IT financial and IT procurement related to their department and ensuring appropriate transparency of IT costs and IT suppliers within their department in accord with the standards and policies and IT Governance principles. 8.1.4.4 Manage departmental IT demand. 8.1.4.5 Develop IT strategy relevant to their function. 8.1.4.6 Develop professional IT staff within their division. 8.1.4.7 Deliver IT services to a level that is acceptable and appropriate to the needs of the department and comply with Citywide policies. 8.1.4.8 Manage cost effective deployment and operation of high performance IT services. E.O. No.: 1-44 Page 7 of 8

8.1.4.9 Provide visibility into large scale IT projects, through the IT Operating Committee for discussion by the IT Governance Board. Visibility should include all large-scale IT projects, but should not limited to only those that require City Council authorization. 8.1.4.10 Guide unique departmental procurement requirements, in compliance with Citywide procurement policy. 8.1.4.11 Protect information and resources within their purview. 9. CONFLICT AND REPEAL 9.1 This Executive Order supersedes Executive Order 1-44, Policy to Direct and Monitor Technology Efforts, signed November 25, 2002, which shall be of no further force or effect. E.O. No.: 1-44 Page 8 of 8

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information