This is the third installment of the IT Governance posts.
In implementing an IT governance model, the creation of policies, processes and strategy is generally the first toolsets implemented. In its most basic form, this concept covers areas such as information security policies, defining acceptable employee usage of applications and systems and establishing appropriate process and procedures needed to support the policies.
This includes processes for escalating and resolving discovered IT risk. Once the basic enterprise-wide IT policy and process infrastructure has been created, the next step is for executive leadership and the rest of the IT organization to develop a short-term IT strategy. The key thrust of this strategy should be enabling IT to provide maximum organizational flexibility to adapt to a changing environment. This is especially true in designing processes to support network infrastructure as a market for different networking products will change on an annual basis. Successful execution of an IT strategy will ultimately require senior management involvement and potentially even Board of Directors, Board of Governors or School Boards to ensure that IT investments are being made appropriately to support the key strategic educational objectives.
A typical outsourcing engagement to assist in creating policies, processes and strategy can range from 12 to 15 weeks depending upon the complexity.