Implementing an IT governance program for the campus is a significant endeavor and needs to be understood as a collection of tactical projects that will require investment from the institution to complete. The investment of people into the IT governance process, from those who actively manage the process to those who provide input, is perhaps one of the most significant investments of all.
While the idea that everyone involved on campus is an IT governance stakeholder might be overly broad, higher education institutions are nevertheless different from normal businesses because much of the population is involved with campus life. It is important to understand that this context sets higher education apart and makes the IT governance process more than having executive or presidential sign-off.
Assess Stakeholder Buy-In
Before drafting any documentation or assembling any panels or work groups, make sure IT leadership has champions in all campus groups. Focus on individuals who present well and have length of service or department clout to help sell the idea of investing in IT governance. For example, CFOs are an excellent candidate from the campus executive group. If they understand that the benefit to service delivery can justify the cost of framework enactment, then they can be a great proponent. As the institution undertakes forming an IT governance process, ascertain the following:
- Appropriate stakeholder inclusion: Have the stakeholders in the underlying function(s) been identified? Who are the decision makers? Who are the funders and budgetary authorities? Have business units, as well as IT operations, been consulted? What is the institutional hierarchy and how can it be included in the IT governance process?
- Incorporation of existing groups: Rather than reinventing the wheel, are there existing groups that could be brought into the governance process to provide efficient feedback regarding campus IT services (e.g., perhaps a faculty senate computing committee could provide comprehensive feedback for academic IT services)? Are there business process or data governance committees that could provide feedback on activities using administrative IT systems?
Keeping stakeholder buy-in is just as important as building it. This can be part art and less skill but several items can assist in maintaining buy-in:
- Set and meet expectations: This includes commitments of stakeholders' time and timetables for progressing through assessing the IT governance program.
- Find strength in numbers: As you bring individuals into the project, ensure they have fellow team members with whom they can communicate and continue to develop thought.
- Clarify responsibilities: The IT governance team is the program owner; it doesn't set the ultimate IT objectives. Conversely, the institution's leadership is not the program owner; leadership is included to set strategic objectives for IT.
Identify Appropriate Stakeholders
The most critical factor in developing IT governance is identifying the appropriate stakeholders who should be included in this process. It is important that each stakeholder group listed below has a voice in this strategic endeavor:
- IT governance development team
- Institutional leadership
- Academic units
- Business units
- IT operations
- Users
IT governance development team: This cross-functional team will act as the point for the development of the policies and coordination of resources across the other functional teams. This group owns the program. This team must not be simply IT leadership — this cannot be stressed enough. If this team consists only of IT members, it will be extremely difficult to justify the business case for the adoption of an IT governance framework. This team should consist of members from both IT leadership and college/department deans if the business case is going to be properly justified to institutional leadership.
Institutional leadership: Leadership is the second set of stakeholders important to the IT governance project. The buy-in of the executive team is essential in order for IT governance to succeed. Ultimately, key executives should participate in IT governance as members, such as the chief academic and financial officers, as well as the CIO. Some institutions include leaders responsible for other important areas of the university, such as research or engagement. These executives should be consulted as IT governance is developed. IT governance has a monetary cost associated with it, and institutional leadership needs to understand the cost impact of implementing IT governance, regardless of framework. Ultimately, institutional leadership has to give direction to IT operations on what they hope to accomplish by green-lighting an IT governance project.
College/department deans: Deans are the first line of defense when IT governance change begins. IT leadership has to have the support and buy-in from the direct management of various colleges/departments. This support will help guide interaction with the users under their direction and ease implementation of changes as IT governance is put in place. The buy-in is especially important because this stack of the process is a primary tool for IT leadership in managing expectations and perception of IT delivery.
IT operations: The IT governance project requires buy-in from the IT ops team. This team needs to have champions who understand that the upfront work of making significant business change and implementing appropriate structure is being done for the health of the department and the ability to deliver a better class of service to the end user. Without that buy-in, the structure will be perceived as additional controls that are unnecessary to deliver the existing IT service.
Users: Any IT governance project should include a group of standard users who will be impacted by many of the IT governance changes. It is extremely important to include this group's voice to make sure their concerns are addressed. Managing perception is one of the most difficult aspects of implementing IT governance, and this group's inclusion helps shape positive perception of framework changes and ensures that everyone has a seat at the table.
Conclusion
In higher education, effective IT governance requires stakeholder involvement at all levels, not just leadership. Investing in stakeholders is key to success and requires assessing and maintaining buy-in and identifying appropriate group engagement.
EDUCAUSE IT GRC Resources
EDUCAUSE provides resources that help you define and implement IT governance, risk, and compliance (GRC) activities on your campus. Learn more and view additional resources the IT GRC website.
Hector Molina is director of the central project office for East Carolina University.
© 2017 Hector Molina. This EDUCAUSE Review blog is licensed under Creative Commons BY-NC-SA 4.0.