University-Wide Information Technology Governance Framework Development

Executive Sponsors: M. Dee Childs, Vice President for IT and Chief Information Officer; Joseph Pettibon, Vice President of Enrollment and Academic Services

IT Governance Working Group: Dr. Glenda Musoba - Associate Professor, Educational Administration and Human Resource Development; Dr. Tim Scott - Assistant Provost for Undergraduate Studies; Juan Garza – Assistant Vice President and Director, Academic Services Information Technology; Joshua Kissee, IT Strategy Officer – Texas A&M Information Technology

Department and Project Manager: Office of the Vice President for IT and Chief Information Officer
(IT Strategy Officer - Joshua Kissee)

Project Overview: The Vice President for IT and Chief Information Officer along with the Vice President for Enrollment & Academic Services commissioned the establishment of an IT Governance Working Group (ITGWG). The ITGWG included a group of faculty and staff who analyzed the governance frameworks of several Vision 2020 peer Universities. The group then conducted benchmarking interviews with select peers, resulting in a comprehensive framework that will contain six new committees and an executive council covering university-wide IT issues. The resulting ITG framework is now available for review by University stakeholders.

The finalized version of the framework was submitted to the President and approved for implementation. The framework was also provided to the TAMUS Internal Audit function and acknowledged as fulfillment of the audit recommendation.

A project began on June 23, 2017, to implement the outcomes of the framework through the establishment of the operational procedures, resources, and committees necessary for success of the framework. The project will conclude at the IT Governance event on September 22, 2017. Appointment requests will be generated by the Office of the Vice President for IT and CIO beginning in July, 2017.

Timeline:
Framework Implementation: June 23, 2017 to September 22, 2017

Framework Development: November 15, 2016 to April 28, 2017 (Complete)

Stakeholder Input:
An IT Governance Event was conducted with key stakeholders from across the University on April 6, 2017, along with a survey distributed to the University community for feedback on the proposed framework. Numerous recommendations were received from the event and survey, in addition to direct messages and meetings with committees/councils. An analysis process yielded 34 non-duplicated recommendations for change to the framework.  The recommendations were reviewed by the executive sponsors (Vice President for IT & CIO, and the Vice President for Enrollment & Academic Services) for the project with a decision for each item available via the Incorporation of Stakeholder Input document below.

The Complete Framework document represents the most current IT Governance Framework version and includes the changes from the Incorporation of Stakeholder Input document.  



Background

Texas A&M University currently utilizes a decentralized model for some IT spending and some decision-making. A University-wide IT Governance framework seeks to address IT issues that impact the entire University through a formalized mechanism for input and decision-making in a centralized fashion, while leveraging the autonomous benefits of a decentralized University IT environment.

IT Governance research was conducted in the preceding years to the development of this document. The current framework capitalizes on the most important elements of the previous research offered among the Information Technology Advisory Committee (ITAC), elements of good practices found in the Deloitte-based Texas A&M System IT Governance and Collaboration Framework, and the Texas A&M University System Internal Audit recommendations on IT Governance. External research elements included the Information Technology Infrastructure Library (ITIL) version 3, Control Objectives for Information Technology (COBIT) version 5, the framework for the Governance of Enterprise IT (GEIT), IT Governance by Weill and Ross, the Educause IT Governance aggregation of research, and a comparison against numerous Vision 2020 peer institutions.

Guiding Definition

IT Governance is the assurance that Information Technology aligns with the outcomes required by the University for successful fulfillment of its mission. It ensures that appropriate decision-making activities (prioritization and funding) are done in concert with the University’s strategic priorities, while taking into account input from a broad base of stakeholders.

Mission, Purpose, & Responsibilities

Mission Statement

Ensure holistic alignment of IT resources and services University-wide to support the mission of the university, while becoming more efficient and effective in the focus of attention and time on activities that achieve shared priorities in a decentralized organizational structure.

Purpose Statement

IT Governance at Texas A&M is the essential foundation for a shared IT vision that is agile and responsive. Allowing the entire university Information Technology community to unite on common goals that will serve the university, state, and the citizens of Texas.

Responsibilities

The responsibility of a shared IT vision belongs to all clients, decision-makers, and stewards of IT services across Texas A&M University. It is this shared responsibility that is reflected in the ITG framework, to facilitate a common, thoughtful consideration of the overall needs of the university community. ITG stewards the shared responsibility of the overall governance of IT initiatives across the Academic, Administrative, Research and Technical domains.

Values

We value the ability to be open to multiple perspectives, recognizing that the executive leaders of Texas A&M University drive IT’s overall effectiveness, and respect the uniqueness of the University’s organizational culture. As such, the five tenets that drive the confidence in IT Governance are: Transparency, Accountability, Collaboration, Stewardship, and Agility.

Value 1

We value Transparency by providing information about IT decisions to all stakeholders with clear information on the process for funding, decision-making and strategic dialogues with the appropriate stakeholders, at various levels of the university.

Value 2

We value Accountability by acknowledging that IT is accountable to the governing groups for IT decisions with the subsequent implementation and execution of decisions in a timely manner. Accountability is further exemplified by providing feedback, updates, and reports to all appropriate stakeholders regarding IT Governance outcomes.

Value 3

We value Stewardship through the assurance that IT leadership is efficiently and responsibly using IT resources in the best interest of the University, its stakeholders, and members of the extended Texas A&M community.

Value 4

We value Collaboration in dialogues and decision-making by ensuring that decisions are informed from multiple perspectives and increase teamwork via the implementation of projects across divisions for greater impact and utilization.

Value 5

We value Agility by facilitating the continual service improvement of the IT Governance framework through adaptation and adjustment to succeed in a rapidly changing, ambiguous, and dynamic environment of higher education.

Objectives and Scope

The scope of ITG includes, at the broadest, an alignment of IT outcomes required by the University for successful fulfillment of its mission. ITG encompasses appropriate University-wide IT decision-making activities, IT policy and standards development, IT risk optimization, assurance of IT benefit and value realization, optimization of IT investment and resource management, and the alignment of IT strategy to the overall University mission and strategy.

Objective 1

Establish, maintain, communicate, and continuously improve a campus-wide IT vision that supports the Texas A&M University mission, goals, and outcomes.

Objective 2

Establish, maintain, adjust, report, and continuously re-align an IT investment management program through an IT budget structure for total IT expenditures University-wide, with primary focus on the CIO’s IT organization(s).

Objective 3

Establish, maintain, communicate, and continuously improve IT policies, technical architectures, and technical standards that support strategic, University-wide IT priorities.

Objective 4

Set the direction, exercise decision-making, and prioritize an IT portfolio of University-wide services, programs, and projects for the purpose of aligning IT investment to the University mission and requirements of stakeholder groups.

Objective 5

Enable the utilization and optimization of IT services, programs, and projects for the Teaching, Research, and Learning technology related initiatives at the University-wide level.

Objective 6

Facilitate a formal input structure from a diverse body of stakeholders University-wide on the performance and utilization of existing IT services, as well as the identification of new IT services.

Component Model

Components of IT Governance Framework
Fig. 1 IT Governance Framework Components Diagram Full size image
Simplified Component Model
Fig. 2 Simplified Component Model Full size image

Decision-Making Councils and Committees

Executive IT Council

The University-wide Executive IT Council (EITC, "the Council") approves the University-wide IT vision and overall IT budget structure, sets key IT priorities for the University, endorses IT principles, policies, and standards, resolves University-wide strategic IT issues, and establishes accountability for enacting decisions. The council consists of executive-level positions from across the University, to include the President, Provost, Chief Financial Officer (CFO), and Chief Information Officer (CIO). The EITC is the definitive decision-making body for IT, ensuring IT alignment with the central mission of the University. The decision-making members of the EITC are the President and Provost, where the President has final authority in decision-making.

Meeting Cadence
Two times per fiscal year.

Members
Permanent Voting Members (Decision-Making)
University President and Chief Executive Officer
University Provost and Executive Vice President, Chief Academic Officer

Permanent Attending Members
Vice President for IT and Chief Information Officer, Co-Chair Executive
Executive VP for Finance & Administration and Chief Financial Officer (CFO)

Ex-Officio Members (Non-Voting)
Vice President for Enrollment and Academic Services

Strategic IT Committee

Accountable and transparent to the Texas A&M University community, the Strategic IT Committee (SITC) advises and executes decisions on IT strategies, investments, operations, priorities and services.

The SITC is the direct input body to the EITC among the ITG framework. While overall strategies and priorities are set by the EITC, the SITC defines and recommends approaches to key IT issues requiring decisions. The SITC requests the other ITG framework committees to take the lead in exploring new IT opportunities, resolving IT issues and recommending courses of action. The SITC may launch special‐interest task forces to address and make recommendations on issues that span all ITG committees. The SITC governs IT policy, funding for new University-wide IT services, major projects or IT initiatives, as well as replacement or retirement of IT services and functions. Project priorities, initiative management, and forecasting IT service needs are all important responsibilities of the SITC.

Each committee in the ITG framework is responsible for identifying and drafting IT policies relative to their scope with the intention of routing to the Information Risk, Policy, and Security Committee (IRPSC). The SITC drafts IT policies that do not fit within the scope of the other ITG framework committees (e.g., it will route policies in draft status for review by the IRPSC before submission to the CIO).

Meeting Cadence
4-6 Times per year.

Members
Permanent Members (Voting)
Vice President for IT and Chief Information Officer
Vice President for Enrollment and Academic Services
1 Council of Deans Representative
1 Faculty Senate Representative
2 Faculty Members (Appointed by the Provost)
1 Council of Principal Investigators (CPI) Representative
1 Student Government Association Representative
1 Graduate and Professional Student Council Representative
3 Campus Leaders (By appointment of the President) [1]
1 Staff Council Representative
1 IT Professional (By appointment of the Vice President for IT and CIO)
1 TAMU Galveston Representative [2]
1 TAMU Qatar Representative [3]

Ex-Officio Members (Non-Voting)
Chairperson - Architecture & Infrastructure Committee (AIC)
Chairperson - Enterprise Applications Committee (EAC)
Chairperson - Information Risk, Policy, and Security Committee (IRPSC)
Chairperson - Research and Innovation Technologies Committee (RITC)
Chairperson - Teaching and Transformational Learning Technologies Committee (TTLTC)
Texas A&M IT - Executive Director & Deputy Chief Information Officer
Office of Budget and Planning - Associate Vice President Representative

Teaching and Transformational Learning Technologies Committee

The Teaching and Transformational Learning Technologies Committee (TTLTC) provides input for the teaching and learning mission of Texas A&M University by reviewing, evaluating, and recommending strategies, plans, and policies regarding IT projects and services that support teaching and learning by faculty and students.

Meeting Cadence
Six times per fiscal year/Bi-monthly.

Members
Permanent Members (Voting)
Dean of Faculties for Faculty Development
2 Associate Deans (By appointment of the Provost)
5 Faculty Members (By appointment of the Provost)
1 Faculty Senate Representative
1 Undergraduate Student (By appointment of the Student Government Association)
1 Graduate Student (By appointment of the Graduate and Professional Student Council)

Ex-Officio Members (Non-Voting)
Associate Provost for Undergraduate Studies Representative (By appointment of the Assc. Provost for Undergraduate Studies)
Instructional Media Services Representative (By appointment of the Vice President for Enrollment & Academic Services)
Instructional Technology Services Representative (By appointment of the Dean of Faculties)
IT Professional (By appointment of the VP for IT and CIO)

Research and Innovation Technologies Committee

The Research and Innovation Technologies Committee (RITC) provides input for the research mission of Texas A&M University by reviewing, evaluating, and recommending strategies, plans, and policies regarding IT projects and services that support research by faculty and students. The committee solicits input from key stakeholders and constituencies across the campus to ensure that institutional needs are being met in regards to technologies needed to support campus research activities.

Meeting Cadence
Six times per fiscal year/Bi-monthly.

Members
Permanent Members (Voting)
1 CPI Member (By appointment of the CPI - Executive Committee)
1 University Research Council Member (By appointment of the Vice President for Research) [4]
1 Associate Dean (By appointment of the Provost) [5]
1 Vice President for Research IT Professional (By appointment of the Vice President for Research)
1 High-Performance Computing Representative (By appointment of the Vice President for Research)
1 Texas A&M IT Representative (By appointment of the Vice President for IT and CIO)
1 Executive Advisory Council on Core Facilities Representative
1 Center and Institute Directors Council (By appointment of the Senior Associate Vice President for Research)
4 Faculty Researchers (By appointment of the Provost)
Texas A&M IT - Chief Technology Officer

Ex-Officio Members (Non-Voting)
Vice President for IT & Chief Information Officer

Information Risk, Policy, & Security Committee

The Information Risk, Policy, and Security Committee (IRPSC) provides the ITG framework with institutional governance of information risk. IRPSC is charged with providing oversight and support of Texas A&M University information security by authoring privacy-related policies, procedures, and security initiatives. The committee recommends strategic direction on campus information security and data privacy-related work to ensure that it supports the University mission. IRPSC works in close collaboration with the University Rule Team and Enterprise Risk Management Group within the Office of University Risk and Compliance.

Meeting Cadence
Six times per fiscal year/Bi-monthly.

Members
Permanent Members (Voting)
Texas A&M University - Chief Information Security Officer
1 Division of Student Affairs IT Representative (By appointment of the Vice President for Student Affairs)
1 Texas A&M IT Representative (By appointment of the Vice President for IT and CIO)
1 Vice President for Research Representative (By appointment of the Vice President for Research)
1 Academic Services IT Representative (By appointment of the Vice President for Enrollment & Academic Services)
1 Division of Finance and Administration IT Representative (By appointment of the Vice President and CFO)
4 IT Representatives (By appointment of the VP for IT and CIO)
3 Faculty Members (By appointment of the Provost)
1 Texas A&M Health Science Center Representative (By appointment of the Vice President for IT and CIO)

Ex-Officio Members (Non-Voting)
Texas A&M University Risk and Compliance Representative
Texas A&M University System Office of General Council Representative
Texas A&M IT - Associate Director for Security Operations
Texas A&M IT - Risk, Management and Policy Representative
Chairperson - Architecture & Infrastructure Committee
Chairperson - Enterprise Applications Committee

Enterprise Applications Committee

The Enterprise Applications Committee (EAC) provides strategic oversight for core administrative information systems across the University. The EAC seeks to align enterprise information technology systems based on the prioritized business needs of the university in order to reduce cost, facilitate innovation, and promote efficient communication. They ensure and review the effectiveness of University-wide applications and institutional data management, while promoting compliance and information technology standards.

The EAC ensures that the diverse stakeholder needs of the University are recognized through the assurance that plans and recommendations are evaluated against the impact on the University’s mission, strategic goals, and objectives. This committee increases the role of the existing Enterprise Information Executive Committee, in role and scope, while maintaining student information system oversight as well as other mission critical systems affecting the University as a whole.

An enterprise application or system is robust, scalable, and available to all Texas A&M University stakeholder groups collectively or by group (e.g. faculty, researchers, administrators, staff, undergraduate students, graduate students, etc.). The funding method utilized by the Strategic IT Committee (SITC) is not used to pre-determine which application or system is considered to be enterprise. The EAC, at the SITC’s approval, will manage an active list of systems and applications within IT Governance operations that are recognized as "enterprise."

Meeting Cadence
Six times per fiscal year/Bi-monthly.

Members
Permanent Members (Voting)
Assistant Vice President of Academic IT Services
Texas A&M IT - Chief Technology Officer
1 Division of Finance & Administration Representative (By appointment of the VP & Chief Financial Officer)
1 Texas A&M IT Representative (By appointment of the VP for IT and CIO)
2 Academic Services Representatives (By appointment of the Vice President for Enrollment & Academic Services)
2 IT Representatives (By appointment of the VP for IT and CIO)
1 Division of Student Affairs Representative (By appointment of the Vice President for Student Affairs)
1 Faculty Senate Representative (By appointment of the Faculty Senate)
1 Faculty Member (By appointment of the Provost)
1 Student Government Representative (By appointment of the SGA President)
1 Graduate & Professional Student Council Representative (By appointment of the GPSC President)
1 Undergraduate or Graduate Student (By appointment of the Vice President for Student Affairs)
1 Division of Research Representative (By appointment of the Vice President for Research)

Ex-Officio Members (Non-Voting)
Chairperson - Research Technologies Committee
Chairperson - Teaching and Transformational Learning Technologies Committee
Director - Instructional Technology Services
Director - Enterprise Information Systems

Architecture & Infrastructure Committee

The IT Architecture & Infrastructure Committee (AIC) provides input, recommendations, and architected solutions on IT infrastructure service types including the data and voice network, email, calendar and productivity tools, as well as IT infrastructure services provided at scale, such as networking, database, data center colocation, identity management, storage services, backup services, web applications, and hardware services.

Meeting Cadence
Monthly

Members
Permanent Members (Voting)
Texas A&M IT - Chief Technology Officer (Chairperson)
1 Texas A&M IT Representative (By appointment of the CTO)
1 Academic Services IT Representative (By appointment of the Vice President for Enrollment & Academic Services)
5 IT Professionals (By appointment of the Vice President for IT and CIO)
1 Division of Finance and Administration IT Representative (By appointment of the Vice President and CFO)
1 Vice President for Research Representative (By appointment of the Vice President for Research)
1 Division of Student Affairs IT Representative (By appointment of the Vice President for Student Affairs)
1 Faculty Member (By appointment of the Provost)

Ex-Officio Members (Non-Voting)
Chairperson - Enterprise Applications Committee
Texas A&M IT - Associate Director for Networking
Texas A&M IT - Chief Systems Engineer (or Designee)


[1] One campus leader from among the Presidential appointments must be from the Health Sciences Center.

[2] Selected representative from Texas A&M University – Galveston must be a faculty member.

[3] Selected representative from Texas A&M University – Qatar must be a faculty member.

[4] Appointment is not required to be a faculty member.

[5] Administrative appointment, but considered as a faculty member.