Presentation is loading. Please wait.

Presentation is loading. Please wait.

IT GOVERNANCE: WHAT LIBRARY BOARDS NEED TO KNOW NOW Karen Dubeau Board Member, Newmarket Public Library Board

Similar presentations

Presentation on theme: "IT GOVERNANCE: WHAT LIBRARY BOARDS NEED TO KNOW NOW Karen Dubeau Board Member, Newmarket Public Library Board"— Presentation transcript:

1 IT GOVERNANCE: WHAT LIBRARY BOARDS NEED TO KNOW NOW Karen Dubeau Board Member, Newmarket Public Library Board

2 AGENDA 1.What is IT Governance? 2.Why is it Important for Libraries? 3.How Does it Apply to Board Responsibilities Strategic Planning Financial/Legal issues Risk Management Advocacy Staff Retention and Recruitment 4.What You Can Do Now 5.Key Resources 6.Questions and Answers

3 IT GOVERNANACE What Is IT Governance? IT Governance is "a framework for the leadership, organizational structures and business processes, standards and compliance to these standards, which ensure that the organizations IT supports and enables the achievement of its strategies and objectives." IT Governance Institute If Information Technology is a part of your business, governance now extends to and includes information and the IT infrastructure that supports your business.

4 IT GOVERNANACE What Is IT Governance? The overall objective of IT governance is to: understand the issues and the strategic importance of IT, so that the organization can sustain its operations and implement the strategies required to extend its activities into the future. IT governance aims at ensuring that expectations for IT are met and IT risks are mitigated.

5 IT GOVERNANACE Why Is It Important? IT Governance is the term used to describe how those persons entrusted with governance of an entity will consider IT in their supervision, monitoring, control and direction of the entity. How IT is applied within the entity will have an immense impact on whether the entity will attain its vision, mission, or strategic goals. Robert S. Roussey, CPA, Professor, University of Southern California

6 IT GOVERNANACE Components of IT Governance Strategic Alignment Value Delivery Resource Management Risk Management Performance Measurement

7 IMPORTANCE TO LIBRARIES Strategic Planning The right IT investments can save costs, improve productivity, provide robust services How IT can support the organizations achieving its goals - understanding the costs and benefits Setting guidelines for management Assessing capability to take advantage of IT Assessing skills sets required to realize objectives Framework for budget planning and capital investments

8 IMPORTANCE TO LIBRARIES Relevance of IT Governance to Libraries Impacts all areas of Library operations and service delivery Increasingly critical regarding deployment of WiFi and RFID services Tremendous opportunity for Libraries, but: Impacts: Strategic Planning Financial Planning Brings legal and regulatory issues Introduces risk and requires risk management Advocacy components pertinent to Libraries

9 STRATEGIC PLANNING Board Responsibilities Board needs to extend governance to IT and provide the leadership, organizational structures and processes that ensure the enterprises IT sustains and extends the strategies and objectives. -Align IT strategy with business strategy -Cascade IT strategy and goals down into the organization -Ensure that an IT governance framework be developed -Measuring IT performance

10 FINANCIAL Governance Issues Scale of Investment will grow Increasing focus on using technology for: - reducing costs, expanding services, reaching new audiences - upgrading IT infrastructure (communications, servers, applications, and related skills) Will become one of the largest capital expenditures and running operational costs (second only to staffing) Directors are responsible for overseeing assets of the organization and for financial planning, therefore, they need to know about the IT costs and potentially the biggest investments

11 LEGAL ISSUES Board Responsibilities FIPPA, MFIPPA Ensuring compliance with relevant statutes Protection and privacy of patron information - especially on integrated or distributed networks - issue when services are hosted remotely - RFID carries potential for patron privacy to be compromised Licensing Agreements Digital Rights and Digital Rights Management

12 RISK MANAGEMENT Board Responsibilities Duty of Care - to clients, to funders - to asset management Network Security Issues - effective security is a spectrum from desktops to firewalss - public access to Internet and WiFi – need to be able to identify breaches and have policies in place for account suspension Protection Failure Response Protocols - public relations component - failure to respond effectively could significantly impact future services and potential funding Business Continuity/Service Interruptions

13 ADVOCACY Board Responsibilities Bridging the digital divide – appropriate resources provided to the community Promoting information literacy Ensuring equitable access Mitigating increased costs for all types of content (CRTC ) Discussion of Net Neutrality and current CRTC positions Downstream effects on Libraries Emerging Issue of Green IT

14 FINANCIAL ISSUES Green IT An increasingly relevant subject requiring consideration within the sphere of IT Governance is the issue of Green IT. In the same way that IT Governance is a critical component within the Corporate Governance of an organisation, Green IT has become an essential aspect within the decision making, framework building, and business processes, of IT Governance. Find further information on Green IT here and a selection of cutting edge texts, support manuals, and standards on both Green IT and the Environmental Management Standard ISO Green IThereGreen ITISO 14000

15 WHAT YOU CAN DO NOW Next Steps: Understand emergence of CIO function in private sector Find out more about issues of concern - Learn You dont have to be able to program or trouble shoot your PC, but it does help to have a high level understanding of technology Ask pertinent questions Consider implementing security audit processes Review existing policies – update where necessary, create where not present Bring in Expertise – 2 methods

16 FINANCIAL ISSUES Regulatory Frameworks ISO/IEC The world's formal international IT Governance Standard, IS/IEC 38500, was published in June the standard is a key resource for IT governance professionals everywhere in the world.formal international IT Governance Standard, IS/IEC ITIL ®, CobiT ® and ISO17799 ITIL ®,ITIL ®, or IT Infrastructure Library ®, was developed by the UK's Office of Government Commerce as a library of best practice processes for IT service management. Widely adopted around the world, CobiT CobiT ®, or Control Objectives for Information and related Technology, was developed by America's IT Governance Institute. CobiT is increasingly accepted as good practice for control over information, IT and related risks. ISO17799ISO17799, now renumbered as ISO27002 and supported by ISO 27001, (both issued by the International Standards Organization in Geneva), is the global best practice standard for information security management in organizations.ISO Joint Framework ISO 17799ISO (ISO27002), ITIL and CobiT are all, potentially, part of any best-practice approach to regulatory and corporate governance compliance. The challenge, for many organizations, is to establish a co-ordinated, integrated framework that draws on all three of these standards. The recently released Joint Framework, put together by the ITGI (owners of CobiT) and the OGC (owners of ITIL) is a significant step in the right direction. Here is a webinar that describes how to leverage this best- practice framework to simplify your regulatory compliance.ITILCobiTJoint FrameworkHere is a webinar


18 Organizations: IT Governance Institute: it Governance Company: Information Systems Audit and Control Association (ISACA):


Download ppt "IT GOVERNANCE: WHAT LIBRARY BOARDS NEED TO KNOW NOW Karen Dubeau Board Member, Newmarket Public Library Board"

Similar presentations

Ads by Google