IT governance

What is IT governance?

IT governance refers to the management framework within which IT project, program and/or portfolio decisions are made. At Waterloo, an IT portfolio, program or project governance group is most often referred to as a steering committee and less often referred to as a management team, board or executive team. Project teams produce expected business or technical outcomes, while governance activities include management and leadership responsibility for portfolio management; and project and/or program issues, changes, resources (human and fiscal), communications, status/progress reporting, risks, quality, procurement and project closure.

The project/program sponsor works with the governance group(s) of which they are a member, typically assisting with matters such as project funding, clarifying scope, monitoring progress and influencing others in order to benefit the project.

The IST portfolio manager and/or director works with the IT governance groups, typically to provide information which aids in decision support and prioritization of projects or programs.

Why governance?

Adapted from Prince2, http://www.projectsmart.co.uk/project-governance-prince2-project-management.php.

"No large scale, complex or business critical project should ever be managed on a standalone or isolated basis. The need to involve and secure buy-in, and ensure the work is the right work being done at the right time, and being done well using best practices, by functions across two or more business units/departments, means that a governance approach is needed. While project management is a key discipline within this, project/program/portfolio governance is broader in scope and has six interlinked objectives:

1. "Ensuring real business value through project, business and strategic alignment.
2. "Controlling costs to reduce financial risks.
3. "Maximizing resource allocation, particularly of high value resources.
4. "Management of risks through portfolio management.
5. "Uniform application of best practice.
6. "Organizational coherence."

How do I define or know who is part of project/program/portfolio governance?

At UWaterloo, there are existing governance groups which may or may not have a defined or published terms of reference (e.g. University Committee on IST (UCIST), Computing Technology Services Committee (CTSC), Student Information Systems (SIS) Management Committee, Finance Steering Committee, Web Advisory Committee (WAC), Campus Network Services Committee (CNSC), Learning Environment Operations (LEO) Group, Instructional Technologies Advisory Committee (ITAC), etc.). Existing, standing committees are often in place when a portfolio of IT work is being managed. The scope of work for these governance groups is often along business lines – all IT work related to Student Information Systems, or all IT work related to Human Resources, etc. When outcomes of a new project or program has broader impact than the existing scope of a committee and the existing committee needs to revise its membership to accommodate decisions regarding the project or program, a new steering committee may be struck for the duration of that project or program (e.g., online expense claims project governance).

A governance committee is typically comprised of:

• The project sponsor;
• The project owner, as lead or champion of the project;
• Representative stakeholders who are significantly impacted by the change the project or program brings and provide leadership for the representative group (e.g. president of the faculty association might be involved when a change significantly affects all faculty);
• The functional managers (i.e., business owner) who has management responsibility/authority for the functions affected by the project deliverables;
• The functional managers within a business unit/department with direct supervision over one or more resources on the Project Team;
• Managers who are responsible for the delivery of the project or program (e.g. CIO, IT Director) and can enable benefit delivery and manage escalated risks;
• Executives/senior management who are responsible for the delivery of the project or program or (sub-)portfolio (e.g. CIO, IT Director) and can enable benefit delivery and manage escalated risks;
• Resources or working groups with specific expertise can be named to the governance group (e.g. usability expert, subject matter expert, project manager) to inform, influence (i.e., through analysis and recommendations) and support decision making, but may not be a decision maker.

What are the responsibilities of IT project/program/portfolio governance?

• Approve project or program intake, manage the (sub-)portfolio of programs/projects within terms of reference and adjusting or, in extreme circumstances, pulling the plug on any under-performing projects
• Ensure that every project proposal uses the intake process, and contains a business case for medium and large projects or programs, stating alignment to UWaterloo, department and IT strategic plans, the objectives of the project and specifying the in-scope and out-of-scope aspects, a fully-costed (i.e., total cost of ownership) estimate and clearly stated assumptions
• Provide input to, review and ensure appropriate approval of the business case
• Ensure management of all related projects as part of governance’s group portfolio and/or scope
• Assess compliance of the completed project to its original objectives
• Review changes in scope and prioritization, and ensure appropriate approval
• Contribute to identification of all stakeholders with an interest in the project
• Assist with communication to stakeholders, as per agreed upon communications plan
• Ensure a set of business-level requirements are defined and align with strategy & objectives, as agreed by all stakeholders
• Ensure an agreed upon specification for the project deliverables
• Appointment of a project manager and project team members, when necessary
• Ensure clear assignment of project roles and responsibilities
• Review a current, published project plan that spans all project stages
• Ensure and enable accurate status- and progress-reporting
• Use the central document repository for the project
• Ensure appropriate management and resolution of issues that arise during the project
• Ensure appropriate management, communication and resolution of risks identified during the project
• Periodically review quality of key governance documents and of project deliverables