Enterprise IT Summit Follow-Up: What Is Effective IT Governance?

The "Leading Transformational Change" session at the 2016 EDUCAUSE/NACUBO Enterprise IT Summit generated more audience questions than the panelists could answer in the time allowed. They address two of the outstanding questions through this blog. In this second posting, the panelists consider effective IT governance.

Audience question: Can you give an example of effective IT governance?

Tracy Schroeder

The most important characteristic of effective IT governance is that it's client driven. Apart from the most technical domains of technical architecture and infrastructure, in which client engagement is still desirable to the extent practicable, governance should focus on identifying and prioritizing what IT services should be provided or improved more than how, and the people providing that input should be the faculty, staff, and students who need the services. How the IT organization then allocates current resources or takes forward proposals for new resources should be tied transparently back to that governance input.

Effective governance committee structures vary based on the institutional context. The size, culture, and current situation of the institution are all important to consider in designing or reevaluating the governance structure. For example, a small institution with a highly engaged community and a history of satisfaction with IT services might be well served by a single committee comprising faculty, staff, and students that provides oversight for IT services as a whole. That same institution, however, with a less satisfied, less engaged community might need to have separate committees for academically and administratively focused technologies, as well as a student technology advisory council focused exclusively on student needs. If there is a lack of trust and engagement, the governance structure needs to be more expansive and inclusive to send a stronger message of listening to community members and responding to their voices.

Joseph Sergi

When looking at IT governance, I think the first consideration is how IT is positioned in the organization. Is IT seen as a strategic influencer (which is ideal) and, if so, what role will the IT team play in bringing and managing new technologies and platforms to the organization vis-à-vis the role of the functional teams as strategic goals mature to tactical objectives? It is critical that we leverage these two areas of the organization, keeping them at par with each other and not allowing one group to usurp the role or authority of the other. This isn't always an easy task and, in many ways, an imbalance here can be a major contributing factor to poor IT governance.

Therefore, before establishing the mechanics of an IT governance model, some of the overarching questions that should be addressed include the following:

1. Is the organization prepared to make the distinction between enterprise initiatives owned by IT vis-à-vis platforms that are uniquely the responsibility of the business units? The SaaS model and the general evolution of technology platforms are moving far too rapidity to expect the IT professional to be the "expert" around application selection. Any IT governance structure must recognize this new reality.
2. Does the executive sponsor of a project truly understand his or her role? The role of the executive sponsor is critical to any good IT governance model. That person is there to ensure that all members of the team and all facets of the project are set up for success. An absentee executive sponsor or one who is not equipped to advocate, resource, and help guide a project to success will lead to poor IT governance.
3. Does the organization have the right talent in the key positions associated with various project roles? There are numerous IT governance model options to choose from, but if human capital is not properly aligned with governance structure, any model chosen will be doomed from the beginning. All too often people are thrown into these project roles without any formal training, guidance, or consideration of how difficult IT governance truly is. Sound governance requires teams that have good communication skills and the ability to draft clear and concise documentation that advocates a solid business case for the project. These attributes are necessary in order for the steering committee to make informed decisions.

The mechanics of a good governance model can then be developed if these fundamental concerns are addressed.

Susan Grajek

IT governance is about decision making, plain and simple. But like another plain and simple concept, common sense, good IT governance in higher education is not so common. EDUCAUSE has collaborated with expert members to develop a family of maturity indices to help members gauge their capabilities in 8 areas.¹ IT governance² is one of those areas, and higher education's 2015 IT governance maturity score of 2.6 (out of 5) was the second-lowest score of the 8 areas.

One impediment to good IT governance in higher education is how institutions make IT funding decisions. Five questions in the EDUCAUSE IT governance maturity index assess IT funding—Our IT governance process:

• Prioritizes IT investment in accordance with institutional goals
• Examines full life-cycle costs of projects or initiatives when making investment decisions
• Aids in recommending IT funding models, levels, and funding mechanisms
• Reaches decisions quickly enough to avoid unnecessary delays in projects or initiatives
• Makes authoritative investment decisions and is not easily circumvented

Fewer than one in four institutions report they have effective IT funding governance.

So what can we do? An ECAR working group of members recently collaborated on a framework for IT funding that offers concrete advice on IT funding and governance. ³ They suggest dividing the IT portfolio into three different types of services that benefit from three different kinds of funding governance:

• Core Services are baseline services relevant to institutional operations and mission, and typically account for 60–70% of an institution's IT spend.
• Flexible Services might account for 20–30% of overall IT funding. They extend beyond the Core Services and are more or less relevant to certain users or areas of the institution.
• Experimental Services are the innovation-based part of the IT portfolio and spend (about 5–10%).

Funding governance—including funding allocations, mechanisms, approval, and review—would be adapted to the characteristics of each type of service. With this framework, the seemingly unmanageable becomes manageable and rational decision making becomes possible.

Additional Resources

• Joanna Lyn Grama, "Understanding IT Governance," EDUCAUSE Review, February 22, 2015
• Joanna Lyn Grama, "Questions about IT Governance, Risk, and Compliance Answered," EDUCAUSE Review, October 27, 2014  

Notes

1. See the EDUCAUSE Benchmarking Service Beta.
2. See the IT governance maturity index.
3. Param Bedi et al., Aligning IT Funding Models to the Pace of Technology Change: Enabling Financial Flexibility for Core, Flexible, and Transformative Services, ECAR working group paper (Louisville, CO: ECAR, December 14, 2015).

---

Joseph Sergi is Executive Vice President of Finance and Administration and CFO at Southern New Hampshire University.

Tracy Shroeder is Vice President of Information Services and Technology at Boston University.

Susan Grajek is Vice President of Data, Research, and Analytics at EDUCAUSE.