Information Systems Governance Mark Roman CIO | UVic People Process Organization Technology

Why Did UVic Need I.S. Governance? Universities are managed by a vast array of interwoven matrices. Enrolment management transitioning from traditional gatekeeping to marketing. On campus, I.T. = mainframe in terms of both technology and attitude.

Why Did I.S. Need Governance? CONTINUOUS CHANGE Why Did I.S. Need Governance? Data centre expansion Strategic planning Operational process improvement Legacy Glow Enterprise Collaboration Strategy Access management Learning systems strategy $20,000,000 ERP implementation 20 projects @ $2,000,000 & 2,858 PD’s Project management office VoIP implementation Service oriented culture

Framework Challenge Opportunity Objectives Result Lots of decisions to be made Lots of decision makers involved. Challenge Define the terms of reference & structure for I.S. governance @ UVic Opportunity End-to-end process defining roles & ownership Practical & actionable mechanism for institutional decision-making Objectives A governance process that works within the framework of UVic cultural needs Result

Why use the name Systems? A system is composed of regularly interacting or interrelating groups of activities/parts which, when taken together, form a new whole. An information system includes more than just technology … People Processes Organization Technology

Governance Context Aligned Inclusive Educated Engaged Connected I.S. governance will ensure our information systems investments align with the strategic directions and priorities of UVic Aligned These investments apply to the broad university and include academic, research, and administrative computing Inclusive For I.S. governance to be effective it must provide timely and well informed decisions Educated The governance process is designed to build a robust and broadly informed dialogue about key issues Engaged Governance is creative debate amongst all stakeholders in the UVic community & is socialization of new ideas and changes Connected Well understood decisions with shared contributions leads to better success for all information systems initiatives Informed

Definition of Governance Formal UVic definition: Process by which we endorse institutional decisions about information systems, People who are assigned the responsibility for endorsing those decisions and have the accountability for the results of those decisions, and Organizations that meet to debate those decisions. Pragmatic definition: Engage the rest of campus in I.S. decision-making What decisions need to be made and who should make them

Four P’s of I.S. Governance Policies Identifying I.S. policies affecting all campus Examples: security, ecommerce Plans Strategic planning for information system department Strategic planning for University’s information systems Projects Investment portfolio Benefits realization Priorities Ranking importance of I.S. activities Creating criteria for setting priorities Policies Plans Projects Priorities

UVic Principles of Governance Strategic Alignment Align information systems decisions to University’s Vision for the Future Investment Portfolio Manage the full portfolio of UVic’s information systems investments in a prudent and balanced manner Champion Commonality Create and champion common university processes and practices Leverage Capital Leverage intellectual capital across the organization Optimize Utilization Optimize utilization of UVic’s information systems resources Ensure Compliance Ensure regulatory and legal compliance Support Currency Does not interfere with existing organization structures & mandates e.g. LMSs

UVic Principles of Governance Strategic Alignment Align information systems decisions to University’s Vision for the Future Build University strategic planning connection into project charters Use University strategic plan to prioritize Engage senior campus administration (Deans, VP’s, & AVP’s) in the I.S. governance process Customer service orientation Create strong and deep relationships across campus Build credibility across campus Plans Projects Priorities

UVic Principles of Governance Investment Portfolio Manage the full portfolio of UVic’s information systems investments in a prudent and balanced manner Treat all projects as an investment portfolio Governance allows University to optimize balance of investments in its future Projects Priorities

UVic Principles of Governance Champion Commonality Create and champion common university processes and practices Enterprise Data Access Protocol University Security Policy Recommended platforms Policies Thin clients

UVic Principles of Governance Leverage Capital Leverage intellectual capital across the organization Engage campus community in thinking about I.S. issues collectively Enterprise Collaboration Strategy example: Governance process debated project charter & project plan Achieved broadly based buy-in Formerly independent email systems joining new system Policies Projects Priorities

UVic Principles of Governance Optimize Utilization Optimize utilization of UVic’s information systems resources For every initiative, the governance process needs to answer the following stakeholder questions: Will this new initiative impact existing support? What does is mean to me? How do you control usage of a shared resource? What benefits do you measure? How do you measure benefits? Projects Priorities

UVic Principles of Governance Ensure Compliance Ensure regulatory and legal compliance External scrutiny: Privacy impact assessments Externalization of information systems Senate-driven changes Policies

UVic Principles of Governance Support Currency Does not interfere with existing organization structures & mandates Play nice Develop links to key governance bodies across campus Cross-membership New kid on the block Policies Plans

UVic Principles of Governance Policies Plans Projects Priorities Strategic Alignment  Investment Portfolio Champion Commonality Leverage Capital Optimize Utilization Ensure Compliance Support Currency

Governance Structure Information Systems Steering Council Fit, utility, and balance Strategic Issues Operating Issues Permanent Standing Committees Project Leadership Committees Task Force Committees Get the job done

Governance Mandates Information Systems Steering Council Mandate: Administer I.S. governance process Represent all stakeholders Recommend priorities Assess degree of fit with Vision for the Future Provide advice for resourcing & funding Monitor progress Assess benefits realization Recommend policies and standards Link to other senior committees Guide I.S. strategic planning Permanent Standing Committees Each committee formed to focus on specific enterprise I.S. topics Provide federated leadership for cross-campus I.S. issues Project Leadership Task Force Create for processes Provide input and feedback Guide operational decisions Ensure policy is followed Recommend new policy Create for unique issues Temporary cross-functional teams Solve one specific issue Dismantled after resolution achieved Create for projects Provide strategic guidance Ensure objectives are met Resolve issues Review risk Approve schedule, budget, and scope changes

Examples Project Leadership Task Force Permanent Standing Information Systems Steering Council Strategic Issues Operating Network Management Nova Leadership Workstation Standards CASS Project Review Reporting Committee Enterprise Messaging Faculty Forum I.T. Security Student Web Services

ISSC Role Portfolio management Governs the governance process Information Systems Steering Council Portfolio management Governs the governance process Pipeline up the organization for strategic I.S. issues Sets business objectives for information systems Determines institutional criteria for prioritizing I.S. initiatives Creates terms of reference for operating committees

ISSC Committee Membership VP Academic VP Finance and Operations AVP Academic Planning AVP Research Dean of Engineering Dean of Social Science Dean of Business Dean of Continuing Studies AVP Human Resources AVP Financial Planning and Operations Director, External Relations Registrar University Librarian Director, Institutional Planning and Analysis Executive Director, Financial Services Director, Teaching and Learning Centre Chief Information Officer Information Systems Steering Council

Governance Issues List Information Systems Steering Council Data stewardship Enterprise data access policy Learning management systems Web services & strategy Boundaries Desktop standards Portal & document management Document imaging Security policy Externalized content technology Post-Nova organization structure Faculty CV’s Identity management Chargebacks Site licensing Enterprise Data Centre Growing interest across campus for a system to manage Faculty CV’s ISSC approved project charter to plan a potentially risky but important initiative How should we be organized to leverage the ERP systems after the project winds down? How can we maintain momentum? How should we be structured to tackle new opportunities? Hold open discussion at the ISSC about potential changes Moving towards a single identity for access to all information services at UVic Several challenges Secondary identities Legacy identity management systems ISSC review of the non-technical issues and potential resolutions Software licensing vigilance Vendors changing licensing policies ISSC discuss processes to be developed Look at new opportunities for leveraging site licenses for improved economies of scope and scale Mission statement and role definition for the campus Enterprise Data Centre (EDC) 950 processors, a terabyte of data and a tripling growth curve Central to the success of information systems at UVic ISSC engagement & guidance Policy issues related to content created on university sponsored wikis, blogs, & ad supported free products ISSC to have informed debate about potential vs. issues Chargebacks create inappropriate behaviours Migrate away from chargebacks but recognize the need to carefully plan the change. How do we evolve away from chargebacks & engage the campus appropriately? New imaging software Integrate with our administrative systems Non-trivial investment in software & associated processes and technologies Engage ISSC in scope, breadth, & depth discussions Several in use on campus Trends in the industry How UVic should be positioning itself What do students & faculty want? How to integrate with other teaching, learning, & research technologies Policy for managing access to centralized data Shadow database prevention Process to approve or reject Single source for all administrative data Who owns the data How they are expected to manage the data How we share the data Federated model for integrating the work of several Web Services units across campus ISSC shaped the design of the model and contributed to setting goals Where should central I.S. set standards? Where should central I.S. recommend standards? Where should central I.S. keep out? Set the guidelines for central I.S. involvement in University affairs Implementing portal & content management Deep impact to web strategy Impacts constituents throughout campus ISSC informed & engaged about value created and change transformation Need a desktop standards policy for computers, printers, & PDA’s Evergreening policy TBD “Recommended Platforms” task force ISSC shaped the terms of reference Need an information systems security policy for UVic I.S. security audit emphasized demand for security processes and policies ISSC contribution includes content contributions & diplomatic support

What does I.S. Governance Deliver? Facilitates strategic planning Engages key decision-makers Creates forum to discuss, debate, and analyse issues Socializes ideas across University community Introduces change concepts strategically and early Creates key milestones for I.S. initiatives Increases profile of I.S. across campus Develops an era of trust and confidence in I.S. Creates a profound understanding of the complexities of information systems Makes your clients feel like they are part of the I.S. team Any I.S. decision is a University decision, not just an I.S. decision I.S. organization no longer operates in splendid isolation

Governance and I.S. Strategic Planning Vision We will be the very best provider of information systems in the entire Canadian university community. Information systems exist to enable the Vision for the Future The university’s core missions of teaching, learning, and research are supported by dynamic, agile, & dependable information systems. Unified information systems environment People, process, organization, and technology are blended together to deliver information systems and services. Sustainable path to the future Optimised cost is balanced with acceptable risk to make strategic choices for new information systems. Bridge the technology chasm Strategic integration will deliver information systems and services in understandable ways. Mission

Strategic Choices Client service Systems governance Strategic planning We will create positive relationships and experiences with all our clients by working collaboratively across the institution. Systems governance CASS will help the university to create a decision-making process for information systems projects, policies, and plans that engages key decision-makers from across campus. Strategic planning We will understand our strategic choices in the post-Nova world, decide on the appropriate choices, and plan for their execution. Nova is #1 CASS will deliver Project Nova on time, on schedule, on budget. Project management discipline We will implement a flexible project management process that ensures governance needs for fit, utility, and balance are met. Leadership CASS will create clarity in our decision-making processes and we will have the courage to make decisions and live up to those decisions. Process driven organization We will organize CASS by processes that make sense to our clients and we will continuously improve our operational processes. Unify security, privacy, & identity Security, privacy, and data stewardship will be emphasized and strengthened by developing mutually supportive processes. Standardize services We will create a cohesive and understandable set of services to deliver to our clients. Competitive market In areas of our choosing, we will compete successfully with all non-CASS internal and all external providers of information systems. In all other areas where mutuality of interest exists we will partner with non-CASS service providers. “Information Services” not “I.T.” CASS’s role is not about just technology – our information systems are implemented and managed through a successful merging of people, process, organization, and technology. Best & brightest people We will recruit and retain the best information systems staff and we are dedicated to continuously growing them to be the best and brightest in the industry.

Impacts Governance drives or influences: Organization structure Key projects Architecture Project & portfolio management Access management

Governance & Organization Project Nova Infrastructure Services UVic Online Office of the CIO Client Services Network Services CASS Processes

Governance & ERP Portal Single Sign On New Vendor Products Canadian Universities UVic Enhancements 3rd Party Basic Services Security Groups Content Channels Integrator Core Admin Services Finance Facilities HR Student Advance Support Services Workflow Imaging Reporting Data

Governance and Architecture Desktop multiculturalism Anyplace desktop Enterprise messaging Identity management Student lifecycle services Single point of contact Service catalog

Governance & Project Lifecycle Initiation Planning Execution Closure Asset Maintenance Project Flow Implement Plan Revisions Progress Develop Project Charter Document Needs Plan Project Document Shutdown Project Final Product Maintain Asset Initiate Next Phase New Project Work Support Work Benefit Realization Reject Approval Not Needed Review Charter Reject Not Sufficient Review Plan Approval Cancel Not Successful Monitor Status Approval Steering Committee Role Continue Execution Not Accepted Accepted Review Deliverable Control Mechanisms Status reporting Fiscal budget Risk plan Scope Resource plan Schedule Quality plan Communication plan Vendor management Base budget Support resources Benefit measures Portfolio assessment Priorities Risk Strategic fit Issue log Change control

Faculty Forum Deliverables Informat ion sharing through collabor ative discussi on Issue log: - Description - Responsibility - Resolution Socialize change by creating awareness in academic units. Deliverables

Web Services Committee Provide guidance to ongoing web services functions & processes Recommend policy and ensure policy is followed Ensure standard processes for building and delivering web services Provide linkages amongst multiple partners Resolve issues amongst constituents & escalate issues to the ISSC Develop an architecture plan for institution-wide web services Initiate, recommend, monitor, and close web services projects Develop strategies on how to keep our web presence up-to-date Web Services Library Faculties UVic I.S. Communications Marketing Research Registrar & Enrolment Services Continuing Studies

Network Management Committee Decentralized culture + autonomy Many I.S. organizations Shared heating system Shared network

Student Information Systems Forum Listen to our customers

ERP Leadership Committee $20M ERP project On budget On time In scope

Project Review Committee The governance router

History @ UVic Prior to formal governance Ad hoc committees created after realization that you need them to help with your ERP implementation No formal inter-relationships No links to other I.S. issues No plan for post-ERP world

Evolutionary Milestones Benefits Realization Strategic Planning First Policy M a t u r i t y First Project First Meeting Review Committee White Paper Proposal New CIO T i m e T i m e

Future @ UVic Information systems governance at the University of Victoria is an evolving process We have introduced formal governance processes and organizations to facilitate the evolution We will: Continuously leverage those processes where we have demonstrated success Stop those process that do not contribute to continuous growth, and Constantly develop next steps in our evolution of information systems governance.

Key Lessons Develop a roadmap Keep the roles clear Educate first, ask for decision later Cross-campus, cross-discipline engagement Opportunity to socialize change Encourage active debate – challenge everything I.S. organization thinks differently about itself University thinks differently about I.S. organization Tremendous commitment of time & effort