হোম >
লেখক পরিচিতি
লেখকের নাম:
ফরহাদ হোসেন
মোট লেখা:১৪
লেখা সম্পর্কিত
পাবলিশ:
২০১৬ - মে
তথ্যসূত্র:
কমপিউটার জগৎ
লেখার ধরণ:
আইসিটি
তথ্যসূত্র:
ইংরেজি সেকশন
ভাষা:
বাংলা
স্বত্ত্ব:
কমপিউটার জগৎ
Information Technology Governance in the Public Sector of Bangladesh
Farhad Hussain
Technical Specialist, Leveraging ICT for Growth, Employment and Governance is a project of Bangladesh Computer Council
Building a Digital Bangladesh is an election pledge of the present government of Bangladesh. This idea has captivated the minds of the millions and inspired them in an unprecedented way. It is considered as a key driver of national development. The Government of Bangladesh has attached priority to achieving desired growth at faster pace by investing heavily in IT sector.
Today, government organizations in Bangladesh are investing in IT systems and services more than ever before. Time has come for boards and senior executives to understand that IT is a key enabler in transforming governance, increasing efficiency, enhancing effectiveness, and improving the quality of service. At the same time, they should understand that IT investments, like any other investments, need to be directed and managed by the senior management. Decisions on how much to spend and on what aspects of IT need to be made by the senior management. The senior executives must ensure that IT investments create and deliver real value.
The overarching goal of IT Governance in the public sector is to derive maximum value from the IT investments and to ensure the best use of taxpayers’ money. In addition further improvements to operational efficiencies and streamlined IT projects will be achieved. Major benefits will be realized. First, cost containment, which is critical when dealing with other people’s money - the taxpayers! Second security, which is becoming more and more important, especially as it relates to citizen privacy and third operational efficiency.
In the light of the above, at this stage of the nation’s journey towards Digital Bangladesh, the Government needs to establish good IT governance to centralize decision-making and coordination mechanisms to guarantee right IT investment at the right area, at the right time and in the right way.
IT Governance in Public Sector
In an era when IT has become indispensable for enabling governments to provide better services to the public more effectively, efficiently, and sustainably. IT governance has come to the forefront as a critical capability for public-sector leaders seeking to create and capture IT value. While the basic design of IT governance in any given instance will always depend on the government’s overall strategy, a subset of proven IT governance principles is particularly essential for any well-functioning transformational program in the public sector organizations. This is because public-sector IT leaders and projects are often complicated by more extensive requirements and goals than occur in the private sector, including not only economic but political objectives. Proper IT governance in the public sector involves five value-driving dimensions, building on a supply and demand organizational model. These five dimensions are:
Leadership mandate. This refers to the authority accorded an IT leader (whether a CIO, CTO, COO, or director of IT) and the scope of his mandate throughout the organization. This will range from stimulating IT demand (by defining, green-lighting, and managing the project portfolio, representing the business’s strategic interests, and, sometimes, managing outside providers) to matching that demand to IT supply (for example, technical design, application development, application testing, and deployment).
Organizational structure. These are the structural components of the IT organization, which should balance the quest for IT scale advantages (achieved through centralization and rational reporting relationships) with the closeness to the users that results in usability and project success.
Decision-making processes. These are the ways by which the various IT demands that compose the project portfolio are identified, prioritized, and met by IT supply. It also prescribes how users and providers of IT services will interact.
Mindsets and skills. These are the attitudes and capabilities needed in order to carry out IT management tasks.
Performance metrics and incentives. It is axiomatic that management is impossible without measurement. Metrics must be defined to allow performance to be assessed and rewarded.
IT Governance Must Be Relevant
The Digital Bangladesh vision has meant a need for greater alignment of business goals and priorities with IT investments at the Whole-of-Government level. Technical complexities of exchanging data and integrating systems across multiple technology platforms highlight the need for technical standards across government agencies. Tight budgets demand that IT investments be properly evaluated and prioritized. A method for allocating budget requires IT costs to be properly managed. So IT Governance framework of the Government has to strike a proper balance between allowing for local innovation and autonomy and central coordination and control. Making the right decisions on IT at the right time for the whole-of-government context and not for an individual organization is the essence of IT Governance. It is important that the form of IT Governance meets the needs, context and culture of Bangladesh.
Benefits of IT Governance in Public Sector
IT Governance enables public sector organizations to identify the institutional design model most appropriate to its specific circumstances, and it also provides a useful diagnostic tool for understanding the root causes of poor IT performance. It enables an entity to create a baseline to calculate the potential value that can be gained from right IT governance. Through following a proper IT Governance model it is possible to ensure effective functioning of IT sector and ultimate realization of its value to the government organizations.
The following main areas of benefit likely to arise from good IT Governance:
Transparency and Accountability. Improved transparency of IT costs, IT process, IT portfolio (projects and services). Clarified decision-making accountabilities and definition of user and provider relationships.
Return on Investment/Stakeholder Value. Improved understanding of overall IT costs and their input to ROI cases. Combining focused cost-cutting with an ability to reason for investment. Stakeholders allowed seeing IT risk/returns. Improved contribution to stakeholder returns. Enhancement and protection of reputation and image.
Opportunities and Partnerships. Provide route to realize opportunities that might not receive attention or sponsorship. Positioning of IT as a strategy partner (and clarifying what sort of business partner IT is). Facilitate more businesslike relationships with key IT partners (vendors and suppliers). Achieve a consistent approach to taking risks. Enables IT participation in strategy formulation (which is then reflected in IT strategy) and vice versa. Improve responsiveness to challenges and opportunities.
Performance Improvement. Achieve clear identification of whether an IT service or project supports ‘day to day operations’ or is intended to provide future added value. Increased transparency will raise the bar for performance, and advertise that the bar should be continuously raised. A focus on performance improvement will lead to attainment of best practices. Avoid unnecessary expenditures — expenditures are demonstrably matched to business goals. Increase ability to benchmark.
External Compliance. Enables an integrated approach to meeting external legal and regulatory requirements.
Enterprise Architecture (EA) Governance. EA governance primarily revolves around decisions that will influence the future design of the IT environment. Enterprise Architecture Governance encompasses leadership, implementation and controlling of Business Architectures, IT Architectures (Information, Application, and Technology architectures) and Solution Architectures including organizational structures (organizational units as well as processes and roles) to ensure that architecture sustains and extends the business strategy and objectives. When implementing an EA Governance, it is necessary to consider defining Architecture Review Board that will decide when a change in the architecture is needed, and prioritizes initiatives.
Relationship between EA and IT Governance. Enterprise Architecture (EA) is one of the pillars of IT Governance and EA with its associated Governance structure is a sub-domain of IT Governance.
An Example of IT Governance Organizational Model
A sample IT Governance organization model for Government of Bangladesh could be considered as follows. This model has been defined based on leading countries’ IT Governance framework like Germany. Such models have been observed to have helped countries achieve significant governance and control on managing significant number of IT initiatives and establish a harmonized whole-of-government philosophy.
Cabinet committee for e-Government transformation: Ensures political support; Enables senior leadership buy-in; Takes final decisions regarding IT investments and Provides sense of direction and vision.
IT Governance board: Ensures strategic controls; Manages alignment towards national ICT strategy and vision; Initiate or review new IT initiatives and Formulates IT related policies.
IT audit and compliance team : Performs IT audit; Submits observations and deviations to IT Governance Board.
Project and program management board : Manages, monitors, tracks and evaluates IT initiatives under Government of Bangladesh; Coordinates activities with IT governance board, IT audit and compliance team and enterprise architecture board and Reports progress status to IT governance board.
Enterprise architecture board : Review enterprise architecture of projects and provides suggestions and points out non-compliances.
Ministry – ICT Wing : Manages IT projects – design, plan, execution, implementation and operations.
IT Governance Best Practices
To be successful an organization should consider the following factors, which lead to best practices: high-level framework, independent assurance, performance management reporting, resource management, risk management, strategic alignment, value delivery and regular audit:
High-level framework – including defining leadership, processes, roles and responsibilities, information requirements, and organizational structures – ensures the IT investment is aligned with the overall strategies of the organization, maximizing the application of available IT opportunities.
Independent assurance, in the form of internal and external audits (or reviews), can provide timely feedback about compliance of IT with the organization’s policies, standards, procedures, and overall objectives. These audits must be performed in an unbiased and objective manner, so that managers are provided with a fair assessment of the IT project being audited.
Resource management, through regular assessments, ensures that IT has sufficient, competent, and efficient resources to meet the organization’s demands.
Risk management embedded in the responsibilities of the organization, ensures that the organization and IT regularly assess and report IT-related risks and organizational impact. Exposures of any problems are followed up, with special attention paid to any potential negative effects on the overall objectives of the organization.
Strategic alignment – a shared understanding between the organization’s management and the IT department enables the board and senior management to understand strategic IT issues. IT strategy demonstrates the organization’s technology insights and capabilities and ensures that the IT investment is aligned with the overall strategies of the organization, maximizing the use of available IT opportunities.
Value delivery demonstrates the benefits that can be achieved from each IT investment. Such investment should always provide value to the organization and be driven by the needs of the investing entity.
Performance management reporting, including accurate, timely, and relevant portfolio, program, and IT project reports to senior management, provides a thorough review of the progress being made towards the identified objectives of the IT project. Through this review, the organization can assess IT performance in terms of which deliverables have been obtained, and what shortfalls need to be addressed. Performance metrics is a good way to get some of the data needed for performance.
Regular IT Audit assists in the development of effective IT governance; IT auditors contribute to performance metrics, ensure IT Governance is on the agenda and promote IT Governance strategies.
Managing IT Governance for Government
The three arms for IT Governance management are : Program and project management board; IT audit and compliance team and Enterprise architecture board. It is necessary for these three arms to follow specific principles, best practices and existing standards in their respective domain.
Program and project management board
Most programs and projects are currently management, monitored and tracked by the Planning and development wings under respective ministries or divisions under Government of Bangladesh. However, the necessary controls and tools may help achieve a significant breakthrough in the operations for this board within each ministry. Some of the common project management frameworks are : PMI – PMBOK; PRINCE2 and ISO 21500:2012.
IT audit and compliance board
IT audit and compliance board helps review it initiatives against standard, accepted and pre-defined control statements which are required to be complied to by different organizations to ensure standardization, optimization, interoperability, availability, reliability and robustness. Some of the best practices are: i. Ensure IT policies are documented and shared with all stakeholders ii. Maintain up-to-date asset inventory iii. Manage information security from a non-conflicting role iv. Use controls to protect information v. Automate detection and prevention of unauthorized changes vi. Monitor IT risks and impacts for critical assets and vii. Conduct periodic assessments of critical IT controls.
Enterprise architecture board
Most organizations have a dedicated enterprise-architecture (EA) department that oversees the entire systems architecture, including business processes and IT infrastructure, and helps establish technology-enabled processes across business units so organizations can deliver goods and services effectively. But not all organizations agree on what constitutes best practice in EA management. Some are focused on continually measuring IT performance and adjusting business processes and systems as needed. Others publicize the importance of aligning the overall IT architecture with those of the individual business units. And some experts say good governance can happen only if they have empowered EA leaders who promote collaboration and accountability among teams in IT and business functions. However it has been observed that organizations realize performance improvements when implementing the following ten principles.
i. The structure of EA department should reflect the structure of the organization. ii. The organization should be clear about who is accountable for EA decisions. iii. The EA department should collaborate closely with the business and the IT departments. iv. The EA department should keep strategy-related tasks separate from operational ones. v. The organization should give the EA department approval rights. vi. The organization should keep accountability for elements of the EA in one group. vii. The organization should analyze and measure the effects of EA on the business. viii. The EA department should keep it simple. ix. The organization should use a single tool to rule all elements of the EA. x. The organization should invest in EA leaders.
Conclusion
IT governance is needed to ensure that the investments in IT generate value-reward-and mitigate IT-associated risks. IT is central to organizational success – effective and efficient delivery of services and goods – especially when the IT is designed to bring about change in an organization. This change process, commonly referred to as ‘business transformation,’ is now the prime enabler of new business models both in the private and public sectors. Business transformation offers many rewards, but it also has the potential for many risks, which may disrupt operations and have unintended consequences. The dilemma becomes how to balance risk and rewards when using IT to enable organizational change.
In summary, IT is an integral part of the public sector program delivery. IT governance is an integral part of corporate governance. IT governance ensures that IT goals are met and IT risks are mitigated such that IT delivers value to sustain and grow the organization. IT governance drives strategic alignment between IT investment and programme delivery and judiciously measure performance.
Public owned entities, public enterprises and public services are very important to the general governance and essential for any government. They serve as a vehicle to execute the public sector strategy. Good governance standards provide transparency, clear decision making; authority and responsibility structure in public sector. Good governance of public assets must also include good governance on Information Technology (IT)
An Example of IT Governance Organizational Model
A sample IT Governance organization model for Government of Bangladesh could be considered as follows. This model has been defined based on leading countries’ IT Governance framework like Germany. Such models have been observed to have helped countries achieve significant governance and control on managing significant number of IT initiatives and establish a harmonized whole-of-government philosophy.
Indicative sample for IT Governance model
Cabinet committee for e-Government transformation: Ensures political support; Enables senior leadership buy-in; Takes final decisions regarding IT investments and Provides sense of direction and vision.
IT Governance board: Ensures strategic controls; Manages alignment towards national ICT strategy and vision; Initiate or review new IT initiatives and Formulates IT related policies.
IT audit and compliance team : Performs IT audit; Submits observations and deviations to IT Governance Board.
Project and program management board : Manages, monitors, tracks and evaluates IT initiatives under Government of Bangladesh; Coordinates activities with IT governance board, IT audit and compliance team and enterprise architecture board and Reports progress status to IT governance board.
Enterprise architecture board : Review enterprise architecture of projects and provides suggestions and points out non-compliances.
Ministry – ICT Wing : Manages IT projects – design, plan, execution, implementation and operations.
IT Governance Best Practices
To be successful an organization should consider the following factors, which lead to best practices: high-level framework, independent assurance, performance management reporting, resource management, risk management, strategic alignment, value delivery and regular audit:
High-level framework – including defining leadership, processes, roles and responsibilities, information requirements, and organizational structures – ensures the IT investment is aligned with the overall strategies of the organization, maximizing the application of available IT opportunities.
Independent assurance, in the form of internal and external audits (or reviews), can provide timely feedback about compliance of IT with the organization’s policies, standards, procedures, and overall objectives. These audits must be performed in an unbiased and objective manner, so that managers are provided with a fair assessment of the IT project being audited.
Resource management, through regular assessments, ensures that IT has sufficient, competent, and efficient resources to meet the organization’s demands.
Risk management embedded in the responsibilities of the organization, ensures that the organization and IT regularly assess and report IT-related risks and organizational impact. Exposures of any problems are followed up, with special attention paid to any potential negative effects on the overall objectives of the organization.
Strategic alignment – a shared understanding between the organization’s management and the IT department enables the board and senior management to understand strategic IT issues. IT strategy demonstrates the organization’s technology insights and capabilities and ensures that the IT investment is aligned with the overall strategies of the organization, maximizing the use of available IT opportunities.
Value delivery demonstrates the benefits that can be achieved from each IT investment. Such investment should always provide value to the organization and be driven by the needs of the investing entity.
Performance management reporting, including accurate, timely, and relevant portfolio, program, and IT project reports to senior management, provides a thorough review of the progress being made towards the identified objectives of the IT project. Through this review, the organization can assess IT performance in terms of which deliverables have been obtained, and what shortfalls need to be addressed. Performance metrics is a good way to get some of the data needed for performance.
Regular IT Audit assists in the development of effective IT governance; IT auditors contribute to performance metrics, ensure IT Governance is on the agenda and promote IT Governance strategies.
Managing IT Governance for Government
The three arms for IT Governance management are : Program and project management board; IT audit and compliance team and Enterprise architecture board.
It is necessary for these three arms to follow specific principles, best practices and existing standards in their respective domain.
Program and project management board
Most programs and projects are currently management, monitored and tracked by the Planning and development wings under respective ministries or divisions under Government of Bangladesh. However, the necessary controls and tools may help achieve a significant breakthrough in the operations for this board within each ministry. Some of the common project management frameworks are : PMI – PMBOK; PRINCE2 and ISO 21500:2012.
IT audit and compliance board
IT audit and compliance board helps review it initiatives against standard, accepted and pre-defined control statements which are required to be complied to by different organizations to ensure standardization, optimization, interoperability, availability, reliability and robustness. Some of the best practices are: i. Ensure IT policies are documented and shared with all stakeholders ii. Maintain up-to-date asset inventory iii. Manage information security from a non-conflicting role iv. Use controls to protect information v. Automate detection and prevention of unauthorized changes vi. Monitor IT risks and impacts for critical assets and vii. Conduct periodic assessments of critical IT controls.
Enterprise architecture board
Most organizations have a dedicated enterprise-architecture (EA) department that oversees the entire systems architecture, including business processes and IT infrastructure, and helps establish technology-enabled processes across business units so organizations can deliver goods and services effectively. But not all organizations agree on what constitutes best practice in EA management. Some are focused on continually measuring IT performance and adjusting business processes and systems as needed. Others publicize the importance of aligning the overall IT architecture with those of the individual business units. And some experts say good governance can happen only if they have empowered EA leaders who promote collaboration and accountability among teams in IT and business functions. However it has been observed that organizations realize performance improvements when implementing the following ten principles.
i. The structure of EA department should reflect the structure of the organization. ii. The organization should be clear about who is accountable for EA decisions. iii. The EA department should collaborate closely with the business and the IT departments. iv. The EA department should keep strategy-related tasks separate from operational ones. v. The organization should give the EA department approval rights. vi. The organization should keep accountability for elements of the EA in one group. vii. The organization should analyze and measure the effects of EA on the business. viii. The EA department should keep it simple. ix. The organization should use a single tool to rule all elements of the EA. x. The organization should invest in EA leaders.
Conclusion
IT governance is needed to ensure that the investments in IT generate value-reward-and mitigate IT-associated risks. IT is central to organizational success – effective and efficient delivery of services and goods – especially when the IT is designed to bring about change in an organization. This change process, commonly referred to as “business transformation,” is now the prime enabler of new business models both in the private and public sectors. Business transformation offers many rewards, but it also has the potential for many risks, which may disrupt operations and have unintended consequences. The dilemma becomes how to balance risk and rewards when using IT to enable organizational change.
In summary, IT is an integral part of the public sector program delivery. IT governance is an integral part of corporate governance. IT governance ensures that IT goals are met and IT risks are mitigated such that IT delivers value to sustain and grow the organization. IT governance drives strategic alignment between IT investment and programme delivery and judiciously measure performance.
Public owned entities, public enterprises and public services are very important to the general governance and essential for any government. They serve as a vehicle to execute the public sector strategy. Good governance standards provide transparency, clear decision making; authority and responsibility structure in public sector. Good governance of public assets must also include good governance on Information Technology (IT).
Technical Specialist, Leveraging ICT for Growth, Employment and Governance is a project of Bangladesh Computer Council
Building a Digital Bangladesh is an election pledge of the present government of Bangladesh. This idea has captivated the minds of the millions and inspired them in an unprecedented way. It is considered as a key driver of national development. The Government of Bangladesh has attached priority to achieving desired growth at faster pace by investing heavily in IT sector.
Today, government organizations in Bangladesh are investing in IT systems and services more than ever before. Time has come for boards and senior executives to understand that IT is a key enabler in transforming governance, increasing efficiency, enhancing effectiveness, and improving the quality of service. At the same time, they should understand that IT investments, like any other investments, need to be directed and managed by the senior management. Decisions on how much to spend and on what aspects of IT need to be made by the senior management. The senior executives must ensure that IT investments create and deliver real value.
The overarching goal of IT Governance in the public sector is to derive maximum value from the IT investments and to ensure the best use of taxpayers’ money. In addition further improvements to operational efficiencies and streamlined IT projects will be achieved. Major benefits will be realized. First, cost containment, which is critical when dealing with other people’s money - the taxpayers! Second security, which is becoming more and more important, especially as it relates to citizen privacy and third operational efficiency.
In the light of the above, at this stage of the nation’s journey towards Digital Bangladesh, the Government needs to establish good IT governance to centralize decision-making and coordination mechanisms to guarantee right IT investment at the right area, at the right time and in the right way.
IT Governance in Public Sector
In an era when IT has become indispensable for enabling governments to provide better services to the public more effectively, efficiently, and sustainably. IT governance has come to the forefront as a critical capability for public-sector leaders seeking to create and capture IT value. While the basic design of IT governance in any given instance will always depend on the government’s overall strategy, a subset of proven IT governance principles is particularly essential for any well-functioning transformational program in the public sector organizations. This is because public-sector IT leaders and projects are often complicated by more extensive requirements and goals than occur in the private sector, including not only economic but political objectives. Proper IT governance in the public sector involves five value-driving dimensions, building on a supply and demand organizational model. These five dimensions are:
Leadership mandate. This refers to the authority accorded an IT leader (whether a CIO, CTO, COO, or director of IT) and the scope of his mandate throughout the organization. This will range from stimulating IT demand (by defining, green-lighting, and managing the project portfolio, representing the business’s strategic interests, and, sometimes, managing outside providers) to matching that demand to IT supply (for example, technical design, application development, application testing, and deployment).
Organizational structure. These are the structural components of the IT organization, which should balance the quest for IT scale advantages (achieved through centralization and rational reporting relationships) with the closeness to the users that results in usability and project success.
Decision-making processes. These are the ways by which the various IT demands that compose the project portfolio are identified, prioritized, and met by IT supply. It also prescribes how users and providers of IT services will interact.
Mindsets and skills. These are the attitudes and capabilities needed in order to carry out IT management tasks.
Performance metrics and incentives. It is axiomatic that management is impossible without measurement. Metrics must be defined to allow performance to be assessed and rewarded.
IT Governance Must Be Relevant
The Digital Bangladesh vision has meant a need for greater alignment of business goals and priorities with IT investments at the Whole-of-Government level. Technical complexities of exchanging data and integrating systems across multiple technology platforms highlight the need for technical standards across government agencies. Tight budgets demand that IT investments be properly evaluated and prioritized. A method for allocating budget requires IT costs to be properly managed. So IT Governance framework of the Government has to strike a proper balance between allowing for local innovation and autonomy and central coordination and control. Making the right decisions on IT at the right time for the whole-of-government context and not for an individual organization is the essence of IT Governance. It is important that the form of IT Governance meets the needs, context and culture of Bangladesh.
Benefits of IT Governance in Public Sector
IT Governance enables public sector organizations to identify the institutional design model most appropriate to its specific circumstances, and it also provides a useful diagnostic tool for understanding the root causes of poor IT performance. It enables an entity to create a baseline to calculate the potential value that can be gained from right IT governance. Through following a proper IT Governance model it is possible to ensure effective functioning of IT sector and ultimate realization of its value to the government organizations.
The following main areas of benefit likely to arise from good IT Governance:
Transparency and Accountability. Improved transparency of IT costs, IT process, IT portfolio (projects and services). Clarified decision-making accountabilities and definition of user and provider relationships.
Return on Investment/Stakeholder Value. Improved understanding of overall IT costs and their input to ROI cases. Combining focused cost-cutting with an ability to reason for investment. Stakeholders allowed seeing IT risk/returns. Improved contribution to stakeholder returns. Enhancement and protection of reputation and image.
Opportunities and Partnerships. Provide route to realize opportunities that might not receive attention or sponsorship. Positioning of IT as a strategy partner (and clarifying what sort of business partner IT is). Facilitate more businesslike relationships with key IT partners (vendors and suppliers). Achieve a consistent approach to taking risks. Enables IT participation in strategy formulation (which is then reflected in IT strategy) and vice versa. Improve responsiveness to challenges and opportunities.
Performance Improvement. Achieve clear identification of whether an IT service or project supports ‘day to day operations’ or is intended to provide future added value. Increased transparency will raise the bar for performance, and advertise that the bar should be continuously raised. A focus on performance improvement will lead to attainment of best practices. Avoid unnecessary expenditures — expenditures are demonstrably matched to business goals. Increase ability to benchmark.
External Compliance. Enables an integrated approach to meeting external legal and regulatory requirements.
Enterprise Architecture (EA) Governance. EA governance primarily revolves around decisions that will influence the future design of the IT environment. Enterprise Architecture Governance encompasses leadership, implementation and controlling of Business Architectures, IT Architectures (Information, Application, and Technology architectures) and Solution Architectures including organizational structures (organizational units as well as processes and roles) to ensure that architecture sustains and extends the business strategy and objectives. When implementing an EA Governance, it is necessary to consider defining Architecture Review Board that will decide when a change in the architecture is needed, and prioritizes initiatives.
Relationship between EA and IT Governance. Enterprise Architecture (EA) is one of the pillars of IT Governance and EA with its associated Governance structure is a sub-domain of IT Governance.
An Example of IT Governance Organizational Model
A sample IT Governance organization model for Government of Bangladesh could be considered as follows. This model has been defined based on leading countries’ IT Governance framework like Germany. Such models have been observed to have helped countries achieve significant governance and control on managing significant number of IT initiatives and establish a harmonized whole-of-government philosophy.
Cabinet committee for e-Government transformation: Ensures political support; Enables senior leadership buy-in; Takes final decisions regarding IT investments and Provides sense of direction and vision.
IT Governance board: Ensures strategic controls; Manages alignment towards national ICT strategy and vision; Initiate or review new IT initiatives and Formulates IT related policies.
IT audit and compliance team : Performs IT audit; Submits observations and deviations to IT Governance Board.
Project and program management board : Manages, monitors, tracks and evaluates IT initiatives under Government of Bangladesh; Coordinates activities with IT governance board, IT audit and compliance team and enterprise architecture board and Reports progress status to IT governance board.
Enterprise architecture board : Review enterprise architecture of projects and provides suggestions and points out non-compliances.
Ministry – ICT Wing : Manages IT projects – design, plan, execution, implementation and operations.
IT Governance Best Practices
To be successful an organization should consider the following factors, which lead to best practices: high-level framework, independent assurance, performance management reporting, resource management, risk management, strategic alignment, value delivery and regular audit:
High-level framework – including defining leadership, processes, roles and responsibilities, information requirements, and organizational structures – ensures the IT investment is aligned with the overall strategies of the organization, maximizing the application of available IT opportunities.
Independent assurance, in the form of internal and external audits (or reviews), can provide timely feedback about compliance of IT with the organization’s policies, standards, procedures, and overall objectives. These audits must be performed in an unbiased and objective manner, so that managers are provided with a fair assessment of the IT project being audited.
Resource management, through regular assessments, ensures that IT has sufficient, competent, and efficient resources to meet the organization’s demands.
Risk management embedded in the responsibilities of the organization, ensures that the organization and IT regularly assess and report IT-related risks and organizational impact. Exposures of any problems are followed up, with special attention paid to any potential negative effects on the overall objectives of the organization.
Strategic alignment – a shared understanding between the organization’s management and the IT department enables the board and senior management to understand strategic IT issues. IT strategy demonstrates the organization’s technology insights and capabilities and ensures that the IT investment is aligned with the overall strategies of the organization, maximizing the use of available IT opportunities.
Value delivery demonstrates the benefits that can be achieved from each IT investment. Such investment should always provide value to the organization and be driven by the needs of the investing entity.
Performance management reporting, including accurate, timely, and relevant portfolio, program, and IT project reports to senior management, provides a thorough review of the progress being made towards the identified objectives of the IT project. Through this review, the organization can assess IT performance in terms of which deliverables have been obtained, and what shortfalls need to be addressed. Performance metrics is a good way to get some of the data needed for performance.
Regular IT Audit assists in the development of effective IT governance; IT auditors contribute to performance metrics, ensure IT Governance is on the agenda and promote IT Governance strategies.
Managing IT Governance for Government
The three arms for IT Governance management are : Program and project management board; IT audit and compliance team and Enterprise architecture board. It is necessary for these three arms to follow specific principles, best practices and existing standards in their respective domain.
Program and project management board
Most programs and projects are currently management, monitored and tracked by the Planning and development wings under respective ministries or divisions under Government of Bangladesh. However, the necessary controls and tools may help achieve a significant breakthrough in the operations for this board within each ministry. Some of the common project management frameworks are : PMI – PMBOK; PRINCE2 and ISO 21500:2012.
IT audit and compliance board
IT audit and compliance board helps review it initiatives against standard, accepted and pre-defined control statements which are required to be complied to by different organizations to ensure standardization, optimization, interoperability, availability, reliability and robustness. Some of the best practices are: i. Ensure IT policies are documented and shared with all stakeholders ii. Maintain up-to-date asset inventory iii. Manage information security from a non-conflicting role iv. Use controls to protect information v. Automate detection and prevention of unauthorized changes vi. Monitor IT risks and impacts for critical assets and vii. Conduct periodic assessments of critical IT controls.
Enterprise architecture board
Most organizations have a dedicated enterprise-architecture (EA) department that oversees the entire systems architecture, including business processes and IT infrastructure, and helps establish technology-enabled processes across business units so organizations can deliver goods and services effectively. But not all organizations agree on what constitutes best practice in EA management. Some are focused on continually measuring IT performance and adjusting business processes and systems as needed. Others publicize the importance of aligning the overall IT architecture with those of the individual business units. And some experts say good governance can happen only if they have empowered EA leaders who promote collaboration and accountability among teams in IT and business functions. However it has been observed that organizations realize performance improvements when implementing the following ten principles.
i. The structure of EA department should reflect the structure of the organization. ii. The organization should be clear about who is accountable for EA decisions. iii. The EA department should collaborate closely with the business and the IT departments. iv. The EA department should keep strategy-related tasks separate from operational ones. v. The organization should give the EA department approval rights. vi. The organization should keep accountability for elements of the EA in one group. vii. The organization should analyze and measure the effects of EA on the business. viii. The EA department should keep it simple. ix. The organization should use a single tool to rule all elements of the EA. x. The organization should invest in EA leaders.
Conclusion
IT governance is needed to ensure that the investments in IT generate value-reward-and mitigate IT-associated risks. IT is central to organizational success – effective and efficient delivery of services and goods – especially when the IT is designed to bring about change in an organization. This change process, commonly referred to as ‘business transformation,’ is now the prime enabler of new business models both in the private and public sectors. Business transformation offers many rewards, but it also has the potential for many risks, which may disrupt operations and have unintended consequences. The dilemma becomes how to balance risk and rewards when using IT to enable organizational change.
In summary, IT is an integral part of the public sector program delivery. IT governance is an integral part of corporate governance. IT governance ensures that IT goals are met and IT risks are mitigated such that IT delivers value to sustain and grow the organization. IT governance drives strategic alignment between IT investment and programme delivery and judiciously measure performance.
Public owned entities, public enterprises and public services are very important to the general governance and essential for any government. They serve as a vehicle to execute the public sector strategy. Good governance standards provide transparency, clear decision making; authority and responsibility structure in public sector. Good governance of public assets must also include good governance on Information Technology (IT)
An Example of IT Governance Organizational Model
A sample IT Governance organization model for Government of Bangladesh could be considered as follows. This model has been defined based on leading countries’ IT Governance framework like Germany. Such models have been observed to have helped countries achieve significant governance and control on managing significant number of IT initiatives and establish a harmonized whole-of-government philosophy.
Indicative sample for IT Governance model
Cabinet committee for e-Government transformation: Ensures political support; Enables senior leadership buy-in; Takes final decisions regarding IT investments and Provides sense of direction and vision.
IT Governance board: Ensures strategic controls; Manages alignment towards national ICT strategy and vision; Initiate or review new IT initiatives and Formulates IT related policies.
IT audit and compliance team : Performs IT audit; Submits observations and deviations to IT Governance Board.
Project and program management board : Manages, monitors, tracks and evaluates IT initiatives under Government of Bangladesh; Coordinates activities with IT governance board, IT audit and compliance team and enterprise architecture board and Reports progress status to IT governance board.
Enterprise architecture board : Review enterprise architecture of projects and provides suggestions and points out non-compliances.
Ministry – ICT Wing : Manages IT projects – design, plan, execution, implementation and operations.
IT Governance Best Practices
To be successful an organization should consider the following factors, which lead to best practices: high-level framework, independent assurance, performance management reporting, resource management, risk management, strategic alignment, value delivery and regular audit:
High-level framework – including defining leadership, processes, roles and responsibilities, information requirements, and organizational structures – ensures the IT investment is aligned with the overall strategies of the organization, maximizing the application of available IT opportunities.
Independent assurance, in the form of internal and external audits (or reviews), can provide timely feedback about compliance of IT with the organization’s policies, standards, procedures, and overall objectives. These audits must be performed in an unbiased and objective manner, so that managers are provided with a fair assessment of the IT project being audited.
Resource management, through regular assessments, ensures that IT has sufficient, competent, and efficient resources to meet the organization’s demands.
Risk management embedded in the responsibilities of the organization, ensures that the organization and IT regularly assess and report IT-related risks and organizational impact. Exposures of any problems are followed up, with special attention paid to any potential negative effects on the overall objectives of the organization.
Strategic alignment – a shared understanding between the organization’s management and the IT department enables the board and senior management to understand strategic IT issues. IT strategy demonstrates the organization’s technology insights and capabilities and ensures that the IT investment is aligned with the overall strategies of the organization, maximizing the use of available IT opportunities.
Value delivery demonstrates the benefits that can be achieved from each IT investment. Such investment should always provide value to the organization and be driven by the needs of the investing entity.
Performance management reporting, including accurate, timely, and relevant portfolio, program, and IT project reports to senior management, provides a thorough review of the progress being made towards the identified objectives of the IT project. Through this review, the organization can assess IT performance in terms of which deliverables have been obtained, and what shortfalls need to be addressed. Performance metrics is a good way to get some of the data needed for performance.
Regular IT Audit assists in the development of effective IT governance; IT auditors contribute to performance metrics, ensure IT Governance is on the agenda and promote IT Governance strategies.
Managing IT Governance for Government
The three arms for IT Governance management are : Program and project management board; IT audit and compliance team and Enterprise architecture board.
It is necessary for these three arms to follow specific principles, best practices and existing standards in their respective domain.
Program and project management board
Most programs and projects are currently management, monitored and tracked by the Planning and development wings under respective ministries or divisions under Government of Bangladesh. However, the necessary controls and tools may help achieve a significant breakthrough in the operations for this board within each ministry. Some of the common project management frameworks are : PMI – PMBOK; PRINCE2 and ISO 21500:2012.
IT audit and compliance board
IT audit and compliance board helps review it initiatives against standard, accepted and pre-defined control statements which are required to be complied to by different organizations to ensure standardization, optimization, interoperability, availability, reliability and robustness. Some of the best practices are: i. Ensure IT policies are documented and shared with all stakeholders ii. Maintain up-to-date asset inventory iii. Manage information security from a non-conflicting role iv. Use controls to protect information v. Automate detection and prevention of unauthorized changes vi. Monitor IT risks and impacts for critical assets and vii. Conduct periodic assessments of critical IT controls.
Enterprise architecture board
Most organizations have a dedicated enterprise-architecture (EA) department that oversees the entire systems architecture, including business processes and IT infrastructure, and helps establish technology-enabled processes across business units so organizations can deliver goods and services effectively. But not all organizations agree on what constitutes best practice in EA management. Some are focused on continually measuring IT performance and adjusting business processes and systems as needed. Others publicize the importance of aligning the overall IT architecture with those of the individual business units. And some experts say good governance can happen only if they have empowered EA leaders who promote collaboration and accountability among teams in IT and business functions. However it has been observed that organizations realize performance improvements when implementing the following ten principles.
i. The structure of EA department should reflect the structure of the organization. ii. The organization should be clear about who is accountable for EA decisions. iii. The EA department should collaborate closely with the business and the IT departments. iv. The EA department should keep strategy-related tasks separate from operational ones. v. The organization should give the EA department approval rights. vi. The organization should keep accountability for elements of the EA in one group. vii. The organization should analyze and measure the effects of EA on the business. viii. The EA department should keep it simple. ix. The organization should use a single tool to rule all elements of the EA. x. The organization should invest in EA leaders.
Conclusion
IT governance is needed to ensure that the investments in IT generate value-reward-and mitigate IT-associated risks. IT is central to organizational success – effective and efficient delivery of services and goods – especially when the IT is designed to bring about change in an organization. This change process, commonly referred to as “business transformation,” is now the prime enabler of new business models both in the private and public sectors. Business transformation offers many rewards, but it also has the potential for many risks, which may disrupt operations and have unintended consequences. The dilemma becomes how to balance risk and rewards when using IT to enable organizational change.
In summary, IT is an integral part of the public sector program delivery. IT governance is an integral part of corporate governance. IT governance ensures that IT goals are met and IT risks are mitigated such that IT delivers value to sustain and grow the organization. IT governance drives strategic alignment between IT investment and programme delivery and judiciously measure performance.
Public owned entities, public enterprises and public services are very important to the general governance and essential for any government. They serve as a vehicle to execute the public sector strategy. Good governance standards provide transparency, clear decision making; authority and responsibility structure in public sector. Good governance of public assets must also include good governance on Information Technology (IT).
পত্রিকায় লেখাটির পাতাগুলো
লেখাটি পিডিএফ ফর্মেটে ডাউনলোড করুন
লেখাটির সহায়ক ভিডিও
পাঠকের মন্তব্য
২০১৬ - মে সংখ্যার হাইলাইটস
চলতি সংখ্যার হাইলাইটস
অনুরূপ লেখা