Download presentation
Presentation is loading. Please wait.
1
CIGFARO ANNUAL CONFERENCE 2017 09 – 11 OCTOBER 2017
BY SALGA
2
Contents Introduction and Background Municipal ICT Governance Overview
Legislative Framework Benefits of Good Governance of ICT Corporate Governance of ICT Good Practice and Standards Layered Approach to Corporate Governance of ICT in Municipalities Municipal ICT Governance Policy Unpacked Performance and Conformance Measurement against the Municipal ICT Governance Policy
3
Introduction and Background
Many definitions of IT governance are offered, with a focus on a number of objectives and principles IT governance is the organised capacity to guide the formulation of IT strategy and plans, direct and/or control the development and implementation of initiative, and oversee IT operations in order to minimize risk, maximise return and build current and future value. IT governance is a subset discipline of corporate governance, focused on information and technology and its performance and risk management. IT governance is a board or senior management responsibility, in relation to IT, to ensure that: 1. IT is aligned with the business strategy, or in other words, IT delivers the functionality and services in with the organisation’s needs, so the organisation can do what it wants to do …. What is clear from the definitions is that IT Governance is about how IT decisions are made, not about the technology choices to be made, which is something that is left in the hands of the IT management.
4
Introduction and Background
IT Governance Value Chain: Organisational Goals IT Governance Goals Essential Components Establish and enforce Accountability for Business and IT Operational Performance Establish and enforce Accountability for Business and IT Projects Targets and Results Build current and future stakeholder value Align IT investment to Business Performance Improvement Align IT investment to Business Strategy and Objectives Authorities, Structures, and Accountability An Acceptable level of risk Manage IT Related Risks Targets and Results Engaging and aligning business leadership Involve Key Business Stakeholders Build Decision-Making Transparency and Understanding Process, Participation, and Timing
5
Municipal ICT Governance Overview
On the 12 March 2015 , the Director-general of DCOG approved the Municipal Corporate Governance of ICT Policy to be implemented by Municipalities The policy adapted the principles and practices defined in the DPSA Corporate Governance of ICT Policy Framework which was approved by Minister of Public Service and Administration on the 19th December 2012. The Municipal Corporate Governance of ICT Policy translated into a municipal operating environment the corporate governance of ICT from the DPSAPF by placing a specific responsibility on the Municipal Council and Management to ensure that the decision making process for ICT related investments and operational efficiencies of the municipal ICT environments remain transparent and are upheld. This accountability enabled municipalities to align the delivery of ICT services with the municipality’s Integrated Development Plans and strategic goals. To enable a municipality to implement this Municipal Corporate Governance of ICT Policy, three-phase approach is to be followed, namely: (a) Phase 1 – Enabling Environment: The corporate Governance of ICT environments will be established in Municipalities through the adoption of this Municipal Corporate Governance of ICT Policy and its associated policies through Council resolution; (b) Phase 2 – Business and Strategic Alignment: Municipalities will plan and implement the alignment between IDP’s, strategic goals and ICT strategy; and (c) Phase 3 – Continuous Improvement: Municipalities will enter into an on-going process to achieve continuous improvement of all elements related to the Governance of ICT.
6
Legislative Frameworks
The policy was developed with the following sections of legislation in mind that relate to municipal governance: In terms of the Municipal Systems Act, Act 32 of 2000, Section 55(1): “The Municipal Manager of a municipality is, subject to the policy directions of the municipal council, responsible and accountable for: (a) The formation and development of an economical effective, efficient and accountable administration: (i) equipped to carry out the task of implementing the municipality’s integrated development plan in accordance with chapter 5: (ii) operating in accordance with the municipality’s performance management system in accordance with Chapter 6; (2) In terms of the Municipal Finance Management Act, Act 56 of 2003, Section 62: “The accounting officer of a municipality is responsible for managing the financial administration of the municipality, and must for this purpose take all reasonable steps to ensure – (a) that the resources of the municipality are used effectively, efficiently and economically; (b) that full and proper records of the financial affairs of the municipality are kept in accordance with any prescribed norms and standards (3) In terms of the Municipal Finance Management Act, Act 56 of 2003, Section 78 of the Municipal Finance Management Act stipulates that: Each senior manager of a municipality and each official of a municipality exercise financial management responsibilities must take all reasonable steps within their respective areas of responsibility to ensure- (a) that the system of financial management and internal control established for the municipality is carried out diligently; (b) that the financial and other resources of the municipality are utilized effectively, efficiently, economically and transparently (c) that any unauthorized, irregular or fruitless and wasteful expenditure and any other losses are prevented
7
Benefits of Good Governance of ICT
The envisaged benefits with the implementation of the Municipal Corporate Governance of ICT Policy are as follows: (a) Establishment of ICT as a strategic enabler in a municipality (b) Improved achievement of municipal integrated development plans (c) Improved effective service delivery through ICT-enabled access to municipal information and services (d) Improved ICT enablement of a municipality (e) Improved delivery of ICT service quality (f) Improved stakeholder communication (g) Improved trust between the municipality and the community through the use of ICT (h) Lower costs (for ICT functions and ICT dependent functions) (i) Increased alignment of ICT investment towards municipal integrated development plans (j) Improved return on ICT investments (k) ICT risks managed in line with the ICT priorities and risk appetite of the municipality (l) Appropriate security measures to protect both the municipality’s and its employees information (m) Improved management of municipal-related ICT projects (n) Improved management of information as ICT is prioritized on the same level as other resources in municipalities (o) ICT pro-actively recognizes potential efficiencies and guides municipalities in timeous adoption of appropriate technology (p) Improved ICT ability and agility to adapt to changing circumstances (q) ICT executed in line with legislative and regulatory requirements
8
Corporate Governance of ICT Good Practice and Standards
In recognition of the importance of ICT Governance, a number of internationally recognized frameworks and standards, are also consulted and referenced to ensure the right institutionalization of governance of ICT: King III Code Corporate Governance of Information Communications Technology – ISO/IEC Control Objectives of Information and related Technology (COBIT) IT Infrastructure Library (ITIL) Projects in Controlled Environments (PRINCE2) Project Management Body of Knowledge (PMBok) Managing Successful Programmes (MSP) The Open Group Architecture Framework (TOGAF) Capability Maturity Model Integration (CMMI) Risk IT Framework for Management of IT Related Business Risks
9
Layered Approach to Corporate Governance of ICT in Municipalities
Establish Enabling Environment Business aligned ICT Strategic Planning Achieve Continuous Improvement Phase 1 to be Completed by June 2017 Phase 2 to be Completed by June 2019 Phase 3 to be Completed Beyond 2019 CGICT Policy CGICT Charter Define CGICT Principles and Practices Defines Stakeholder’s Roles and Functions i.r.o ICT governance Defines Prescriptive Landscape (Enabling Legislation governing ICT services) Defines Governance Structures Clarifies governance of ICT-related roles and responsibilities Business and ICT Strategic Alignment Risk Assessment and Mitigation Process CGICT Monitoring and Evaluation Appointment of a Governance Champion
10
Municipal ICT Governance Policy Unpacked
Phase 1 Deliverables Phase 2 Deliverables Phase 3 Deliverables Municipal Corporate Governance ICT Policy adapted and approved by Council Appointment of a Governance Champion Appointment of a duly qualified ICT Manager Approved and Implemented Risk Management Policy Approved and Implemented Internal Audit Plan Approved and Implemented ICT Management Framework Approved and Implemented Municipal Portfolio Management Framework Approved ICT Disaster Recovery Plan Approved Data Backup and Recovery Policy Approved ICT Service Level Agreement Management Policy Approved ICT User Access Management Policy Approved ICT Security Controls Policy Approved ICT Operating System Security Controls Policy Approved ICT Strategic Plan Approved Enterprise Architecture Approved ICT Migration Plan Approved ICT Performance Indicators Corporate Governance of ICT measurable business value Governance of ICT
11
Performance and Conformance Measurement against the Municipal ICT Governance Policy
In order for Municipalities to be able to assess and monitor the implementation of the Municipal CGICT Policy, the DPME Assessment Standard will have to be adapted by COGTA to ensure measurement conformance and performance by municipalities. Currently the Standard has the following Criteria: According to the Standard, self-assessments based on the Conformance and Performance Levels (as contained in the Standard) are to be done by the HoD and Exco and the minutes should be submitted as evidence on the DPME MPAT tool. Assessment Evidence No.1: Departmental CGICT Policy (as informed by the CGICT Policy Framework as published by the DPSA): The policy must show departmental interpretation of how the principles and practices of the CGICT Policy Framework will be implemented. Assessment Evidence No.2: Departmental CGICT Charter (as informed by the CGICT Policy Framework as published by the DPSA): The charter should show accountability for corporate governance of ICT is allocated Assessment Evidence No.3: Departmental Information Plan: Mapping of the information plan in the ICT Plan Assessment Evidence No.4: Departmental ICT Strategy: Departmental business assurance that ICT understands the business and its processes
12
Performance and Conformance Measurement against the Municipal ICT Governance Policy
According to the Standard, self-assessments based on the Conformance and Performance Levels (as contained in the Standard) are to be done by the HoD and Exco and the minutes should be submitted as evidence on the DPME MPAT tool. Assessment Evidence No.5: ICT Implementation Plan: Detailed ICT implementation roadmap that reflects annual milestones as derived from high-level roadmap Assessment Evidence No.6: ICT Operational Plan: Covers ICT Operational policies, management of ICT related business risk and IT assets management Assessment Evidence No.7: Continuous Improvement Roadmap
13
Thank You
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.