Presentation is loading. Please wait.

Presentation is loading. Please wait.

Orlando Leon • Cynthia Herrera Lindstrom • Joanna Lyn Grama

Published byJonathan Randall Scott Modified over 6 years ago

Similar presentations

Presentation on theme: "Orlando Leon • Cynthia Herrera Lindstrom • Joanna Lyn Grama"— Presentation transcript:

1 Orlando Leon • Cynthia Herrera Lindstrom • Joanna Lyn Grama
IT Governance 2.0 PRESENTED BY: Orlando Leon • Cynthia Herrera Lindstrom • Joanna Lyn Grama [Orlando]

2 Agenda Introductions Learning Objectives What is IT Governance?
UIC and Fresno State IT Governance Models of IT Governance in Higher Education Higher Education IT Governance Checklist Q&A [Orlando]

3 Introductions Orlando Leon – CIO, California State University, Fresno
Cynthia Herrera Lindstrom – Vice Provost for IT and CIO, University of Illinois at Chicago Joanna Lyn Grama – Director of Cybersecurity and IT GRC Programs, Educause [Orlando]

4 Objectives Understand current and future IT shared governance concepts and strategies within Higher Education Understand which IT Governance models may be most effective for particular campus and cultures Understand the processes and structures that are needed to start or revise IT Governance [Orlando]

5 Objectives Understand current and future IT shared governance concepts and strategies within Higher Education Understand which IT Governance models may be most effective for particular campus and cultures Understand the processes and structures that are needed to start or revise IT Governance [Orlando]

6 [Orlando]

7 [Orlando]

8 [Cynthia]

9 What is IT Governance? [Cynthia]

10 2017 LBCIO Survey Results Perceived Importance of IT Governance
[Orlando or Cynthia] LBCIO = Leadership Board for CIOs in Higher Education

11 2017 LBCIO Survey Results Reliance on IT Governance to Make Decisions
[Orlando or Cynthia] LBCIO = Leadership Board for CIOs in Higher Education

12 University of Illinois at Chicago’s Road
In place since 2011 after a campus wide taskforce decided we needed one One governance council – co-chaired by two deans 4 committees Subcommittees as needed Itgc.uic.edu [Cynthia]

13 University of Illinios at Chicago’s Road
Our experience Initially very active and effective Process for proposal submission, by laws, website And then…. [Cynthia]

14 University of Illinios at Chicago’s Road
[Cynthia]

15 University of Illinios at Chicago’s Road
Purpose – Strategic or tactical 40% of IT Spend outside of central IT – what does IT Governance look like? From management control to distributed empowerment Gartner governance traditional Decision rights & Accountability Establish policies that are aligned to business objectives Measurements to monitor adherence to decisions and policies Investments according to policies and supporting BO [Cynthia]

16 [Cynthia]

17 Technology Shared Governance
Previous Institutional Experiences University of California, San Francisco (Public, R1) Stanford University (Private, R1) [Orlando]

18 CSU Fresno – Technology Shared Governance
IT Council ( ) Information sharing Some decision-making Consultants brought in to define IT Governance 1.0 ( ) Without a CIO, governance was the Cabinet minus the President + the senior-most IT leader, chaired by the VP overseeing IT (Provost, VP for Administration/CFO) plus a committee that was mostly in existence for information sharing Strategic IT Budget Oversight Goal was to honor campus culture of consultation and collaboration Arrival of CIO (Summer 2015+) Governance started a shift to a campus-wide represented committee, VPs stepped back, subcommittees formed, PMO created, IT Advisory Group formed Plans are to move toward an agile governance model to encourage prioritization, information sharing, advocacy, and helpful policy IT Governance, Take 2 [Orlando]

19 Models and Frameworks of IT Governance
Ad-Hoc Cabinet/Executive Leadership Team/Other Campus Leadership IT Governance 1.0 Management by Committees IT Governance 2.0 Management by Collaboration Enterprise Digital Governance From Compliance to Digital Literacy From IT Leadership to Enterprise Digital Leadership From Management Control to Distributed Empowerment From IT Governance to Enterprise Digital Governance [Joanna]

20 [Joanna]

21 ITGRC Maturity Models [Joanna]
The EDUCAUSE IT Governance, Risk, and Compliance maturity index consists of four dimensions: process, strategy, investment, and communication and participation. We have found that maturity in GRC activities is so closely related that it does not make sense to consider each element, G-R-C, separately. IT governance is a decision making process that ensures the effective and efficient use of IT in a manner that supports institutional goals IT risk management is the process of identifying, evaluating, prioritizing, and addressing major IT risks in a manner consistent with an institution's business risk tolerance and key objectives. IT compliance is the ongoing process of operating an institution's IT resources in compliance with the laws, regulations, policies, and contract terms applicable to those IT resources. Strategy : How the institution approaches formalized IT GRC programs. Process: How the institution manages IT GRC programs across the institution, including decision-making authority. Investment: How the institution allocates adequate resources to institutional IT GRC programs; creating a full life cycle strategy for IT investment that considers the efficiencies, strategic goals, and funding mechanisms affecting the entire institution. Communication and participation: How IT GRC programs are communicated to campus stakeholders and ensuring that campus stakeholders are committed to and engaged in IT Maturity Scale: 1. Absent: Capability components are largely not achieved. Little to no planning is under way. 2. Initial: Capability components exist either latently or slightly. Early planning and discussions may be under way. 3. Developing: High-priority capability components may be largely or fully achieved, while other components are still maturing. Active planning and strategic attention are under way. 4. Established: Capability components have been developed but may not yet be incorporated into institutional culture and practices. Efforts to improve sustainability or scalability are under way. 5. Optimized: Capability components have been developed with an eye toward sustainability, adaptability, and scalability. Components are fully integrated into institutional practices and culture (and may be influencing both). Around one-third (35%) of colleges and universities have IT GRC scores near the midpoint of the five-level maturity scale. This is indicative of a “developing” status, wherein high-priority components of IT GRC capabilities may be largely or fully achieved, while other components are still maturing. Active planning and strategic attention are under way. Strategy is the most advanced dimension: Three-fifths of institutions have initiated or somewhat established IT GRC structures in place and those structures are regularly assessed for efficacy.

22 Panel Orlando Leon – CIO, California State University, Fresno
Cynthia Herrera Lindstrom – Vice Provost for IT and CIO, University of Illinois at Chicago Joanna Lyn Grama – Director of Cybersecurity and IT GRC Programs, Educause [Orlando]

23 [Orlando]

24 IT Governance Checklist
Produced by the EDUCAUSE IT GRC Program in early 2017 Identify the Goals of IT Governance Review Literature and Other Institutions’ IT Governance Processes Determine the Decisions IT Governance Will Make Identify Stakeholders for IT Decisions Compare Your Organization’s Current State & Goals to Assess the Gap Design Initial Structure Distinguish Advisory Groups from Decision-Making Bodies Assign Responsibility for Actively Managing IT Governance Regularly Review and Refine IT Governance Processes Develop a Continuous Improvement Process for IT Governance [Joanna] IT governance adds value by: Aligning IT decisions with institutional mission and stakeholder needs Improving communication among the IT community & between IT and the rest of the institution Ensuring stakeholder buy-in into policy decisions, IT budget, & project priorities Integrating risk management into IT decision making The checklist is a high level to do list!

25 Thank you! Please fill out your session evaluations!

26

27 Appendix: Project Prioritization Models
Tiered Project Prioritizations Architecture Alignment Alternative Scope Reviews (Loyola IT Rings of Excellence)

Download ppt "Orlando Leon • Cynthia Herrera Lindstrom • Joanna Lyn Grama"

Similar presentations

WCDR Thematic Panel Governance: Institutional and Policy Frameworks for Risk Reduction Annotated Outline UNDP – UNV – ProVention Consortium – UN-Habitat.

WCDR Thematic Panel Governance: Institutional and Policy Frameworks for Risk Reduction Annotated Outline UNDP – UNV – ProVention Consortium – UN-Habitat.
Risk Management at Harvard – Panel Discussion Harvard IT Summit

Risk Management at Harvard – Panel Discussion Harvard IT Summit
Building blocks for adopting Performance Budgeting in Canada Bruce Stacey – Executive Director Results Based Management Treasury Board Secretariat, Canada.

Building blocks for adopting Performance Budgeting in Canada Bruce Stacey – Executive Director Results Based Management Treasury Board Secretariat, Canada.
By Saurabh Sardesai www.starvaluemodel.com October 2014.

By Saurabh Sardesai October 2014.
The Here and Now of Higher Ed IT Governance, Risk, and Compliance Efforts Jacqueline Bichsel, PhD Senior Research Analyst EDUCAUSE AIRI, May 8, 2014.

The Here and Now of Higher Ed IT Governance, Risk, and Compliance Efforts Jacqueline Bichsel, PhD Senior Research Analyst EDUCAUSE AIRI, May 8, 2014.
April 2, 2013 Longitudinal Data system Governance: Status Report Alan Phillips Deputy Director, Fiscal Affairs, Budgeting and IT Illinois Board of Higher.

April 2, 2013 Longitudinal Data system Governance: Status Report Alan Phillips Deputy Director, Fiscal Affairs, Budgeting and IT Illinois Board of Higher.
Alignment in Planning Outcomes from a Focus Session ”Planning for Transformation” Worcester, MA, March 17, 2001.

Alignment in Planning Outcomes from a Focus Session ”Planning for Transformation” Worcester, MA, March 17, 2001.
Presented by: BoardSource Building Effective Nonprofit Boards.

Presented by: BoardSource Building Effective Nonprofit Boards.
University Strategic Resource Planning Council Budget.

University Strategic Resource Planning Council Budget.
IT PMB: Executive Oversight and Decision Authority for Application and Infrastructure Projects at NASA Larry Sweet Chair, IT PMB JSC CIO August 2010.

IT PMB: Executive Oversight and Decision Authority for Application and Infrastructure Projects at NASA Larry Sweet Chair, IT PMB JSC CIO August 2010.
An Integrated Control Framework & Control Objectives for Information Technology – An IT Governance Framework COSO and COBIT 4.0.

An Integrated Control Framework & Control Objectives for Information Technology – An IT Governance Framework COSO and COBIT 4.0.
DRAFT – For Discussion Only HHSC IT Governance Executive Briefing Materials DRAFT April 2013.

DRAFT – For Discussion Only HHSC IT Governance Executive Briefing Materials DRAFT April 2013.
EDUCAUSE 2014 Top Ten IT Issues. Today’s Agenda Introduction to EDUCAUSE IT Issues History & Methodology 2014 Top Ten IT Issues Selected Issues Reviewed.

EDUCAUSE 2014 Top Ten IT Issues. Today’s Agenda Introduction to EDUCAUSE IT Issues History & Methodology 2014 Top Ten IT Issues Selected Issues Reviewed.
University of Idaho Successful External Program Review Archie George, Director Institutional Research and Assessment Jane Baillargeon, Assistant Director.

University of Idaho Successful External Program Review Archie George, Director Institutional Research and Assessment Jane Baillargeon, Assistant Director.
Proventures reconnect session on Project Portfolio Management (PPM)

Proventures reconnect session on Project Portfolio Management (PPM)
Kathy Corbiere Service Delivery and Performance Commission

Kathy Corbiere Service Delivery and Performance Commission
1 Implementation. 2 ‘It ain’t over till it’s over’ … and even then, it’s not over either! Implementation is  the realisation of the stated objectives.

1 Implementation. 2 ‘It ain’t over till it’s over’ … and even then, it’s not over either! Implementation is  the realisation of the stated objectives.
Organizations of all types and sizes face a range of risks that can affect the achievement of their objectives. Organization's activities Strategic initiatives.

Organizations of all types and sizes face a range of risks that can affect the achievement of their objectives. Organization's activities Strategic initiatives.
ForrTel: IT Governance Frameworks

ForrTel: IT Governance Frameworks
1 GR-PBA 22 September 2011. This presentation covers  What does an AC do? ToR & Vision  Work done by AC in the16 months  Assurances to CM on:  internal.

1 GR-PBA 22 September This presentation covers  What does an AC do? ToR & Vision  Work done by AC in the16 months  Assurances to CM on:  internal.

Similar presentations

Ads by Google