It may just be the biggest buzzword in government IT today, but for many IT leaders, the concept of “governance” still has them scratching their heads.
“Governance is simply a way for IT to make sure it is closely aligned with the business side of the house,” says Ted Ritter, a research analyst at The Nemertes Research Group in Mokena, Ill. “It’s a mix of people, process and technology to increase operational efficiency, accountability and transparency.”
One of the most popular frameworks that government agencies are using to achieve this goal is the Information Technology Infrastructure Library (ITIL), which outlines a systematic approach to the management and provisioning of IT services. Fred Broussard, research director for the enterprise software group of IDC in Framingham, Mass., calls ITIL “a guiding hand for government CIOs.” He has seen a 40 percent adoption rate of ITIL among private and public organizations with more than 10,000 employees. “ITIL and other governance frameworks give you visibility into your whole organization,” he says.
To understand the best way for state agencies to approach IT governance, we sought the advice of three IT executives from across the country:
Agency information officer for the California Department of Food and Agriculture in Sacramento
Chief operating officer for the Delaware Department of Technology and Information in Dover
Customer services director for the North Dakota Information Technology Department in Bismarck
What’s the Driver?
The best way to undertake an IT governance project is to understand what’s driving the need for change.
Ghods “There were many drivers for us. We had stovepipe approaches, a lack of confidence in IT among users and a decentralized environment — all of which led to poor service delivery. When I came on board in September 2006, we engaged with Gartner to do an assessment. I wanted a third-party entity to show executive management how we were doing IT, what were the best practices in the industry, what the gaps were and how we could fill those gaps.”
Hickox “State agencies used to do their own thing regarding IT. For example, I came from a state agency that had a separate e-mail system. We had Novell GroupWise; others had Banyan. There was no standard naming convention or management. In 2001, legislation was passed saying we had to centralize IT and we had to establish governance.”
Vetter “In 2003, the North Dakota legislature mandated that certain services be hosted with IT. Instead of having 50 or more agencies purchasing and deploying their own unique solutions, the state opted for consolidation. ITD needed formal processes in place to ensure that agencies would receive service that was equal to or better than what they had on their own.”
Build Your Governance Organization
To succeed at governance, you have to get away from silo-like IT flow charts and introduce checks and balances.
Ghods “In the past, divisions worked on their own to start an IT project. Now I have what’s called Davood’s Kitchen Cabinet Meetings once a month where I meet with all the program directors and look at all the initiatives in front of IT. That way, we can see what applications and projects can be shared across the whole agency.”
Bill Hickox Delaware Department of Technology and Information
Hickox “No technology project in the state happens without an approved business case from our team. This goes for all major projects from the three branches of government. Even if the Secretary of State’s office wants to purchase an application that affects only them, they have to go through us. This helps us make sure that all funding and resources are accounted for. Otherwise, you wind up with a bunch of multimillion-dollar solutions that can’t be managed properly.”
Vetter “In the boardroom, executives knew that IT service management was important. Yet when they returned to their operational areas, other strategic projects would take priority. So three years ago the Customer Service Division was created to lead our IT service- management initiatives. We took the service desk, a software analyst and a product manager to form our team. As director, I report to the deputy CIO, which gave our efforts the commitment and credibility they needed to get off the ground.”
Start With Small Successes
To gain momentum and support for your governance project, establish a few wins that show you’re headed in the right direction.
Ghods “The first thing we did was address incident management. There was nothing in place before to tell us what types of calls were coming into the help desk. We evaluated different products and settled on Computer Associates’ Unicenter Service Desk to address combined in-house and remote support, because we wanted to centralize IT, and individual offices would no longer have an on-site help desk. By centralizing help-desk support, I was able to free up resources and refocus them on other projects. We also implemented CA’s Clarity for product and portfolio management.”
Hickox “We focused on change and release management. Before, an agency would make a change without thinking of the impact to other agencies that might also access that application or information. Now anything that requires change has to be approved. All nonemergency changes and releases are communicated to users within two weeks. System outages are only done at certain times and are also communicated to users. We plan to standardize releases around Serena Software’s ITIL products. It’s true that this has limited our change and release windows. However, we have also seriously minimized the overall impact of changes on the agencies.”
Gary Vetter North Dakota Information Technology Department
Vetter “ITD has a slogan: Setting expectations, delivering results. One of our biggest achievements has been to embed that philosophy into our incident-management process. Today customers are told exactly what to expect each and every time an incident is logged. Based upon impact and urgency, incidents are assigned a priority and customers are given an estimated resolution time. For instance, our goal is to resolve Priority 1 incidents within two hours, Priority 2 within four hours, Priority 3 within one day, and so on. ITD’s goal is to hit that objective 90 percent of the time, and so far we’ve been able to do that.”
Live Among Your Customers
The best way to guarantee that you’re meeting the business requirements of your customers is to work among them.
Ghods “Although there are efficiencies to be gained through centralization, you have to understand the business needs of your users. We will hire account managers who will work with each division to understand the business needs of that division and where they spend their time and resources. We tell our users: IT needs to be involved in your day-to-day business.”
Hickox “We have budgeted to have customer-care agents assigned to each agency. They reach out and work with the agencies to create their business cases for new projects or to realize possibilities for existing solutions.”
Vetter “We’ve created roles for product managers and business consultants to be more proactive with our customers. These positions are among the most strategic in our organization. Customers don’t want someone who talks tech to them. They want someone who understands their business and helps them to be more efficient and effective.”
Set Goals and Seek Feedback
The only way to know if you’re succeeding at the goal of governance, which is to improve accountability and efficiency, is to solicit feedback from your customers.
Ghods “I have not stopped communicating with users, staff or executive management. I always show them the IT maturity curve, which goes from chaotic firefighting mode to reactive to proactive to service-oriented and then value-add. I’ll know we’ve hit value-add when my agency secretary asks, ‘Why isn’t IT at the table?’ every time they’re making major decisions. Until then I measure success by how many times I’m stopped in the hallway and told what a great job IT is doing. I also measure it by the change in my staff’s attitude to be more customer-service- oriented. It’s not scientific, but it is genuine.”
Hickox “We have formal service-level agreements with all of our customers. We also have a clear business-case approval process. They may think it’s painful but by identifying the risks up front, they’ve been saved a lot of embarrassment and failed projects. They may not say they love the process, but they will acknowledge that it works.”
Vetter “It’s easy to overwhelm your customers and your staff with too many metrics; you need to measure what really matters. To strike this balance, we’ve incorporated a brief survey into our incident-management process. When an incident is closed, an e-mail is sent to the customer stating, ‘We hold ourselves accountable for a positive customer experience. Please let us know how we are doing. Without your feedback, we can only assume you were very satisfied with the service and support you received.’ Last year our ratings were 99.88 percent positive and the customer comments we received helped to identify key areas for improvement.”