IT governance provides strategic leadership and establishes institution-wide IT priorities and policies in accordance with the University Strategic Plan.
It defines the strategic, operational, and technical decision-making processes necessary to ensure innovative, efficient and effective use of information technology, at the enterprise level, within the University.
The key elements of the IT Governance include:
- Strategic Business Alignment
- Value Delivery
- Organization Structure and Management
- Responsibility and Control
- Processes and Accountability
- Risk Management
- Performance Monitoring
IT Governance framework is overseen by the Vice-Provost and Associate Vice-President (Information Services & Technology) and is administered by Steering Committees and Change Advisory Boards as shown in the figure below:
The IT Governance framework is composed of a series of representative bodies that work together to coordinate the strategic, operational and technical decision-making processes needed for IT efforts to excel at the University of Alberta. Within this framework, the following areas are represented: Strategic, Advisory, Policy and Standards, Steering, Operational and Project.
Each Governance area may be comprised of its own committees, change advisory boards (CABs), councils or additional stakeholders to ensure appropriate representation and a structured flow of information:
The Strategic layer is comprised of the Information Technology Enterprise Committee (ITEC) and the President’s Executive Committee - Operations (PEC-O). ITEC overseas core IT initiatives in the University, including funding, directly approving major projects, and receiving updates from the steering committees. ITEC goals include reducing duplication, realizing economies of scale, raising the range and quality of IT services, adopting best practices, and complying with audit requirements. PEC-O guides and receives input from ITEC, and serves as interface to the University’s senior leadership.
The Advisory function spans the governance layers and is comprised of Executive Boards & Councils, including the Information Technology Advisory Committee (ITAC), Faculties & Departments, Advisory Committees and the University Community. Their focus is to bring the insights, viewpoints and priorities of their constituents to bear onto the governance process. The Advisory layer is representative of the university community and includes stakeholders at appropriate levels of the University of Alberta. They provide advice and receive ongoing reporting of project progress from the Strategic layer. They also feed project ideas to the Steering layer for consideration.
The Policy and Standards area drives compliance with external and internally established regulations and standards, particularly with respect to information security, privacy and risk management. The Information Governance Committee establishes standards for the creation, maintenance and disposition of records as University assets, including but not limited to digital records. The University Information Privacy Office and the Chief Information Security Officer work together to proactively address information security and privacy issues.
The Steering governance layer is comprised of a series of IT Steering Committees that work in conjunction with ITEC on implementing strategies, prioritizing and authorizing initiatives (or recommending to ITEC, as appropriate), and overseeing implementation. The committees collaborate to ensure each given area is appropriately represented and drive direction and funding down to the Project Teams. Throughout the project life cycle, the Steering layer feeds regular reporting up to the Strategic layer to ensure project timelines are met, and any escalations addressed.
The Operational governance function includes a series of Change Advisory Boards (CABs), which are responsible for oversight of changes to IT systems in the University. In this role the CAB’s have a gating function with respect to project deployments - to ensure operational readiness of the solution including the deployment plan, and to coordinate timing of deployments with other business, operational and project activities.
The Project area is comprised of the Portfolio Management Office, Project Steering Committees and individually assigned Project Teams. They are responsible for the execution of projects, where project governance and management of each project is the responsibility of the Project Steering Committee and Project Manager, respectively.