An Introduction to Governance
Corporate governance structures exist to ensure that executive management act in the best interest of the organisation/shareholders and not merely to maximise their own self interests. For example, school leaders will be familiar with the concept of Financial Governance which ensures that employees know the limits of their authority to commit the organisation’s financial resources. This usually takes the form of policy document which outlines the rules on expenditure, contracts, salary levels etc. Digital Governance works in a similar way.
An organisation’s Digital Governance document is in effect the rule-book outlining
- why the strategy is the way it is (the principles on which the strategy is founded)
- who can make IS/IT decisions;
- how IS/IT decisions are made;
- what is permitted in the organisation.
“[It] is concerned with promoting consistent and coherent decision-making behaviour across an organisation regarding Information Systems (IS) and Information Technology (IT) in order to maximise the value the organisation derives from IS/IT” (Peppard and Ward, 2016, 368).
The ‘Why’ of Digital Governance
Digital Governance allows an organisation to align IS/IT developments to the wider vision and direction for the organisation. For example, Digital Governance enables organisations to standardize systems and processes, which ultimately bring greater efficiency and reduced costs. Digital Governance is a way to break down the ‘silo culture’ of some organisation as it puts structures in place which encourage alignment and collaboration.
The ‘Who’ of Digital Governance
There is significant debate about who should be making IS/IT decisions. There are real dangers in leaving these decisions to IT Network Managers as, too often, decisions are made from self-interest. Equally, there are dangers in allowing enthusiastic administrators/ educationalists who do not understand the technical aspects of school networks to dominate -they are fundamentally responsible for the legacy spaghetti. Instead, it is worth considering two other common models:
- Digital Governance Committees. These groups combine some of the senior team with teachers and the Network team. Together they can evaluate new technologies and put in place the necessary infrastructure to ensure that it is effective. Such a group is well placed to draft the initial Digital Governance Document and to revise it as necessary. Large organisations may like to differentiate between a wider digital governance group, which oversees policy, and a narrower network architecture group, which looks at the technical specification of the network required to deliver that strategy.
- Digital Leadership Roles. It has become quite common for large firms in industry to appoint ‘Chief Digital Officers’ (CDOs) to drive digital change from an executive level. Some schools have appointed Assistant/Deputy Headteachers/Principals to fulfil this role. This is undoubtedly an excellent solution as it means that a single senior leader has time and authority to drive the necessary change. However, the difficulties are cost and finding a candidate with sufficient pedagogical and technical knowledge to be able to do the role effectively.
The ‘How’ of Digital Governance
As with all other areas of school life, there are inevitably good ideas competing for limited resources. The Digital Governance document should define the process by which IS/IT decisions are made and how competing IS and IT priorities should be managed and implemented. It is often helpful to consider these as either ‘demand’ or ‘supply’ decisions:
- ‘Demand’ Decisions include deciding how much to invest in IS/IT and how these decisions are prioritised. (‘We want to be able to . . . . ‘)
- ‘Supply’ Decisions include deciding on required IT capability, how projects and programmes will be managed, and IT services delivered. (‘Here’s how you can do it . . .’) After Peppard and Ward, 2016, 371
The ‘What’ of Digital Governance A Digital Governance document should define the School’s IS/IT policies on the following areas:
- Define the core Information Systems for the organisationAt JESS our core Management Information System is iSAMS and we are endeavouring to consolidate other systems into it.At JESS, we are moving to a Teaching and Learning environment in Office365, migrating away from a locally held Intranet.
- Define the compatibility requirements for new softwareAt JESS we are endeavouring to ensure that all educational software can either be run from remote desktop, or on the Cloud. oWe are endeavouring to ensure than all other administrative systems integrate with iSAMS.
- Set out the rules for procuring Cloud-based services. There is a trend away from making a one-off purchase of a ‘software package’ to contracting for ‘software as a service’ on an annual licence. The same applies to ‘storage as a service’. In many ways these are no different from other contracted services which fall under the remit of financial governance.
- Define the specification for hardware procurement outlining specification requirements and clear expectations in terms of performance. This should include the specifications for Servers, Switches, Cabling, End-user devices, and other Peripherals (especially printers!) o There is much to be said for having an agreed specification for the ‘standard classroom’ – this brings greater reliability to the system, allows for quick and easy replacement if a piece of kit fails, and aids familiarity for teachers moving between classrooms. o For example, at JESS we have a policy of replacing Interactive White Boards (IWBs) with 75” Screens. This means that we will not be replacing like-for-like when IWBs fail. (In practice, we reallocate resources to ensure that the new monitor is installed in the location in the organisation where it will be most effective, which is not necessarily the classroom where the IWB failed.)
- Define BYOD and Guest User Policies. Schools need to have clear policies on Bring Your Own Device and outline the Terms and Conditions under which non-school devices might be connected to the network.
- Define the School’s User Behaviour and Security Policies. It is essential that school have clear policies relating to data access and levels of security, which outline what to do if the event of a failure or breach. These should sit alongside the school’s Acceptable Use Policy (AUP) which defines the way in which all users in the organisation conduct themselves on the network and online.
Given the fast-moving nature of IS/IT, each policy needs to be subject to regular review, at least at six month intervals, although it makes sense to review hardware specifications on a monthly basis, given the rate of change in this area.
Links, References and Further Reading:
- Does your school have a legacy spaghetti network? - Digital Governance Part One
- Peppard and Ward The Strategic Management of Information Systems Fourth Edition 2016, pp.366-389
- Westermann, Bonnet and McAfee Leading Digital 2014, Chapter 7 pp.133-151