The document discusses IT governance challenges at Chisholm Institute and strategies for improvement. It summarizes frameworks like COBIT, ITIL and PRINCE2 that can help with governance. It then details how Chisholm restructured its IT department and implemented an ICT Governance Committee aligned with the AS8015 standard to better link IT with organizational strategy and priorities.

1. Successfully using standards to engage the relevant people in the organisation Chris van der Weyden CIO & Director, Technology and Educational Development OZeWAI 2007

2. Presentation Outline Chisholm Institute and the TAFE Sector ICT Management Has a Problem Standards and Frameworks Best Practice Frameworks from the OGC Governance Theory Applied: Case Study

3. Seven Campuses

4. Chisholm Institute Annual Operating Budget No. Staff (EFT) No. Students International Students On-shore Off-shore $94,300,000 1,000 36,500 2,027 827 1,200

5. Sources of Funding 2006

6. Student Delivery

7. The Skills / Jobs Mismatch Job Pathways University pathway VET pathway No qualifications Current 20% 30% 50% Future 24% 62% 14% Figures from the Centre for the Economics of Education and Training website http://www.education.monash.edu.au/centres/ceet/CEET

8. Enthusiastic ICT Hype: ICT transforms educational opportunities… the tsunami of e-learning products... adopt XXX or our students will miss out... Senior Management Response: fiercely scrutinise ICT budgets rationalise ICT departments grow impatient with IT rhetoric & hype believe IT is oversold & under-delivered outsource everything in sight

9. Why? Lack of knowledge about IT at a Snr Mgt? Requires more technical expertise? Created as separate entity? Complexity (increasing)? IT strategy gets less scrutiny at a high level than other dimensions of business

10. What research suggests… Weak strategic links with IS investment Misalignment between IT and org’n Inappropriate mgmt of IT-related change Lack of formal benefits mgmt approach Inability to leverage existing infrastructures Relationship gap between IT & Snr Mgt Poor use of sourcing Poor process innovation: Paving the cowpaths!

11. ICT Project Failure (From John Thorp http://www.thorpnet.com/2005)

12. Project Success Measures Commonly cited PM metrics are: On time On budget To specification, quality Good measures for delivery of business value from IT investments? NO! NO! NO!

13. POOR IT Governance???

14. Definition of Governance Dictionary.com defines “Governance” as “government; exercise of authority; control” or further, “a method or system of government or management.” A simply and open definition from The Australian Concise Oxford Dictionary is “the act, manner, fact, or function of governing, sway, control.” So therefore, Governance is the process by which control is exercised and management of a domain undertaken.

15. Governance of ICT What decisions must be made? Who should make these decisions? How will we make and monitor decisions? (Weill & Ross 2004)

16. Governance of ICT “ consists of leadership and organisational structures and processes that ensure that the organisation’s IT sustains and extends the organisation’s strategies and objectives” (ITGI: Board Briefing on IT Governance 2001:9) “ system by which the current and future use of ICT is directed and controlled. It involves evaluating and directing the plans for the use of ICT to support the organisaition and monitoring this use to achieve plans. It includes the strategy and policies for using ICT within an organisation AS8015 Corporate Governance of ICT

17. The Governance Question Are we managing our investments in ICT such that: we are getting optimal value; at an affordable cost; and with an acceptable level of risk? ITGI, Val IT Framework

18. Is evidenced through with the aim of monitoring & controlling IT investments & associated activities to ensure the delivery of business value from IT Effective ICT Governance Effective IT Governance Maxims Structures Processes Capabilities

19. “ Enterprises that actively design their top-level IT governance arrangements make and implement better IT-related decisions” Gartner “ Effective IT Governance is the single most important predictor of the value an organization generates from IT” Peter Weill and Jeannie W. Ross, IT Governance “ Firms with focused strategies and above average IT Governance had more than 20% higher profits than other firms following the same strategies” Peter Weill and Jeannie W. Ross, IT Governance (Gillies 2005)

20. Theory of Action Theories-in-Use vs Espoused Theory Chris Argyris & Donald Schön Organisational Learning II 1996

21. Theory of Action Single-loop & Double-loop learning

22. Values of Model I are: Win, do not lose Suppress negative feelings Emphasize rationality Control environment and task unilaterally Protect self and others unilaterally Advocating courses of action which discourage inquiry e.g.. "Lets not talk about the past, that's over." Treating ones' own views as obviously correct Face-saving moves such as leaving embarrassing facts unstated Defensive relationships and Low freedom of choice Reduced production of valid information Little public testing of ideas

23. Values of Model II are: Valid information Free and informed choice Internal commitment Sharing control Participation in design and implementation of action Attribution and evaluation illustrated with relatively directly observable data Surfacing conflicting view Encouraging public testing of evaluations Minimally defensive relationships High freedom of choice Increased likelihood of double-loop learning

24. Standards & Frameworks AS 8000-2003, Good Governance Principles Standard AS 8015-2005, Governance of ICT Standard ISO/IEC 20000, IT Service Management Standard AS/NZS 27001:2006, Information Security Mgt Standard MSP, Programme Management Framework PRINCE2, Project Management Framework M_o_R Management of Risk Framework ITIL, IT Service Management Framework Val IT, IT Investment Framework COBIT, IT Management Framework

25. Standards & Frameworks AS 8000-2003, Good Governance Principles AS 8015-2005, Governance of ICT ISO/IEC 20000, IT Service Management AS/NZS 27001:2006, Information Security Mgt MSP, Programme Management Framework PRINCE2, Project Management Framework M_o_R Management of Risk ITIL, IT Service Management Framework Val IT, IT Investment Framework COBIT, IT Management Framework

26. AS8015 Governance of ICT

27. Establish clearly understood responsibilities Plan ICT to best support the organization Acquire ICT validly Ensure the ICT performs well when required Ensure ICT conforms with formal rules Ensure ICT use respects human factors AS8015 Principles

28. Val IT

29. OGC Best Practice Guidance MSP: Managing Successful Programmes PRINCE2: Projects in Controlled Environments ITIL: IT Infrastructure Library M_o_R: Management of Risk

30. Managing Successful Programmes Vision Driven Bounded vs Unbounded Change Outcomes rather than Outputs

31. Managing Successful Programmes Programme Project One Project Three Project Five Project Four Project Six Project Two

32. PRINCE2 Business Case and benefits focused Integrated suite – Org’nal change Range of implementation materials Product focused and therefore tangible Evolved over 30 years by practitioners Crown Copyright & IP is free of royalty

33. PRINCE2 Disadvantages Framework (What) not a Method (How) Can be seen as an overhead PRINCE2 can be compliance driven Scaling is important, Small vs Large project

34. ITIL Characteristics Non Proprietary Applicable to any organization without royalty Non-prescriptive Mature practice framework not methodology Best Practice Continuously refined by practitioners v2 to v3 Good Practice Yesterdays Best Practice is today’s Common Practice

35. M_o_R Risk Cause and Ownership Likelihood or Probability Impact Value Countermeasures Residual Risk Risk Status

36. M_o_R Strategic Risks Programme Risks Operational Risks Project Risks Change Management Objectives Day-to-Day Management Objectives

37. Governance Theory Applied at Chisholm Institute

38. Organisational Strategy * prospector * analyser * defender Dimensions of the Organization ALIGNMENT Role of IS/IT in organisation * opportunistic * comprehensive * efficient Sourcing of IT * insourcing * selective sourcing * outsourcing IS Structure * decentralised * federal/shared * centralised View of IT infrastructure * enabling * dependent * utility

39. Strategy Structure & Systems Technology Processes People & Culture Dimension of the Organization

40. IT Governance Archetypes Subhead Text (Weill & Ross 2004) Each individual user. Anarchy IT executives and one other senior manager working together. IT Duopoly Senior Management and organisational groups may also include IT executives. Federal Organisational unit leaders and/or key process owners. Feudal Individual or groups of IT executives. IT Monarchy A group of senior management or individual executives and excludes IT executives acting independently. Executive Monarchy Who Has Decision or Input Rights? Style

41. DEPUTY CEO EXEC. DIRECTOR PROGRAMS 1 Strategic & Profile Planning Regional Campuses: Rosebud & Bass Coast Berwick TEC Centre for Professional Education & Training Practice ( Frankston ) DIRECTOR CENTRE FOR INTEGRATED ENGINEERING & SCIENCE Manufacturing Engineering & Logistics Computer Engineering & Applied Science Electrical, Electronics Engineering NATA Lab, CNC (Dandenong/Berwick) DIRECTOR CENTRE FOR SERVICES & ARTS SERVICES Hospitality Design, Multimedia & Arts Hair & Beauty Food Processing Unit (Frankston/Dandenong) DIRECTOR CORPORATE SERVICES DIVISION (CFO) 2 Financial Services Built Environment Office of Students ( Dandenong ) DIRECTOR CENTRE FOR ADVANCED BUSINESS SKILLS Business & Management Administration & Customer Service Business IT Customer Service ( Berwick/Cranbourne) DIRECTOR CENTRE FOR VOCATIONAL PATHWAYS Language & Cultural Studies inc Indigenous Studies ELICOS ( Dandenong ) DIRECTOR CENTRE FOR SUSTAINABLE TECHNOLOGIES Automotive Technology Building & Furniture, Plumbing Horticulture & CLM Water Operations/ISU ( Frankston/Cranbourne) DIRECTOR TECHNOLOGY & EDUCATIONAL DEVELOPMENT DIVISION (CIO) 3 Educational Development Services Library & Information Management IT Services ( Cranbourne ) DIRECTOR CENTRE FOR INTEGRATED HEALTH & COMMUNITY WELL-BEING Health & Community Care Children’s & Community Services Advanced Professional Studies (Berwick/Frankston) DIRECTOR INTERNATIONAL & ENTERPRISE DIVISION Continuing Education/Short Courses International Student Programs International Projects ( Dandenong ) DIRECTOR ORGANISATIONAL CULTURE & COMMUNICATIONS DIVISION 4 Marketing & Corporate Communications Learner & Community Engagement Human Resource Development ( Frankston ) CEO Board responsibilities 1 Exec Officer, Strategic Development & Monitoring Committee 2 Exec Officer, Resource Management Committee 3 Exec Officer, Audit & Risk Management Committee 4 Board Secretary Italics indicates a commercial business unit – at least one per Centre Campus/LGA responsibilities to be assigned to the Six Centre Directors Chisholm Structure

42. Priorities Areas for Technology and Educational Development ICT Governance – AS8015 Links between ITS, EDS and L&IM Leadership of Educational Support Leadership of IS and IT Services ICT Operations and Projects Integration of Business Systems

43. Chisholm Institute Board Resource Management Committee Audit & Risk Management Committee Strategic Development & Monitoring Committee Executive Committee Strategic Business Development Committee (SBDC) ICT Governance Committee (IGC) Board of Studies Chisholm Directors Group (CDG) School / Divisional ICT Steering Committees Quality Management Committee Occupational Health & Safety Committee Council Committees Institute Committees Chief Executive Officer Functional relationship Monitoring relationship Institute Committee Structure

44. IT Services Restructured IT Services Manager Team Leader Change & Procurement Team Leader Information Systems Team Leader Infrastructure Team Leader Client Services Snr Incident Support Officer x 3 Incident Support Officers x 4 Systems Engineer Network Engineer Web Developer .NET Developers x 3 Desktop Engineer Change & Procurement Officer Departmental Assistant 0.4 Training Coordinator

45. PRINCE2 Governance Structure ICT Governance Committee Project Board Senior User Executive Senior Supplier Team Leader Project Manager Project Support Project Assurance Lines of authority Assurance Lines of guidance From the supplier From the customer

46. AS8015 Governance of ICT

47. AS8015 Governance of ICT

48. AS8015 Governance of ICT Chisholm ICT Governance Committee School/Division ICT Steering Committees

49. References OGC Frameworks www.best-management-practice.com IT Governance www.itgi.org Val IT and Cobit www.isaca.org Service Mgt User Group www.itsmf.org.au IS Development www.dsdm.org Governance Consultancy www.infonomics.com.au

50. Thank you Questions? [email_address]