Governing and Managing IT in Government. Who’s Responsibility is IT?
Information Technology (IT) over the recent past has significantly changed the way how organisations operate. IT today offers both private and public sector organisations with considerable potential to transform themselves by improving strategic and operational capabilities. Potential benefits offered by IT include enabling processes, improving service delivery, improving customer satisfaction, increasing speed, and improving quality.
Challenge
The challenge of unlocking the value of IT however, requires IT management to understand the business, and for the business management to understand how the use of IT within their business processes and functions could assist them in successfully achieving their business goals and strategies.
Due to the increasing strategic and operational role that IT is playing in public sector organisations, the management of IT can no longer be left in the hands of the IT management and staff only. Management has to protect their interests by assuming responsibility for managing IT investment, IT related risks, ensure business continuity, and to manage Information Security and safeguarding their organisation from today’s threats and cyber attacks.
IT Governance
The South African Government has recognised the increasingly strategic role that IT is playing as an enabler of public service delivery. This importance has been highlighted by among other, the King III Report on Corporate Governance, a Presidential Review Commission (PRC) report and the Findings of the Auditor General (AG).
To enable Political and Strategic leadership to embrace ICT as an enabler of service delivery, the South Africa’s Department of Public Service and Administration, in consultation with the South African Government Information Technology Officers Council (GITOC) and the AG, developed the Corporate Governance of ICT Policy Framework (ICT Governance Policy Framework). The purpose of the ICT Governance Policy Framework is to enable Political and Strategic leadership to embrace ICT as an enabler of service delivery.
Mandatory Compliance Requirement
South African Government Departments, Provinces, Municipalities and other institutions are required to comply with the requirements of the ICT Governance Policy Framework, which has been adopted by the Cabinet in 2012.
Compliance with the requirements of the Framework will be monitored / measured by the Auditor General and Department of Planning and. Government institutions are required to adopt of a phased implementation approach that shall be completed according to strict deadlines.
In order to comply with the requirements of ICT Governance Policy Framework, all South African Government Departments, Provinces, Municipalities and other institutions are required to create an enabling environment for IT Governance in 2014 by implementing an IT Governance framework, achieving strategic alignment between the organization and IT strategies in 2015,
Response
Successful establishment and implementation of the requirements of the ICT Governance Policy Framework will require a change to the status quo in the way that IT is governed and controlled in South African public sector organisations.
The Policy Framework requires the political leadership, executive authority and the Head of Department (HoD) to assume accountability for the IT Governance system. This involves Head of Department (HoD) of a Public Sector organisation to be assume accountability in the development and adoption of various IT related governance and management policies, structures, the allocation of accountability and responsibility for the implementation of ICT Governance.
Implementation Challenge
In implementing the requirements of the ICT Governance Policy Framework, South African Public Sector organisations are needed to establish an IT Governance framework that involves:
- Aligning their IT Governance and IT Management practices to international best practices such as the King III Corporate Governance code, COBIT 5 IT Governance Framework, and ISO 38500, the internation standard for IT Governance
- Defining the relationships between the stakeholders, the strategic goals of the Public Service as a whole and the strategic goals of Departments individually.
- Developing and adopting various ICT Governance Policy, ICT Governance Charter, other ICT Policies, Structures, IT Governance and management Processes, Procedures, Mechanisms & Controls, ICT Strategic Plan andf an ICT Implementation Plan
- Adopting an organizational change management programme to create awareness and buy-in
- Training staff
- Implement an IT Governance Implementation programme
- Creating a an ICT Governance Document Management System for storing and collaborating on documents, version control, searching etc.
Conclusion
When implemented, the enhanced IT Governance systems will assist to facilitate information-sharing and learning across the ICT organisation for better business insight and improved governance and management of ICT in alignment with Public Sector institution’s business requirements.
Analytix offers consulting, training and toolkits to assist South African public sector organisations to establish the necessary ICT Governance and management frameworks and other requirments the DPSA’s ICT Governance Policy Framework’s implementation requirements.
For more information on assistance to implement the DPSA’s ICT Governance Policy Framework’s, contact Analytix.