IT Governance Arrangement

Federated/hybrid

Central IT Office

Office of Enterprise Technology (OET)
OET was established in 2005 as part of an overall project of reforming government services and processes in the state. It is led by the State CIO and, within the founding statute, its roles and responsibilities are defined as follows: “provide oversight, leadership, and direction for information and telecommunications technology policy and the management, delivery, and security of information and telecommunications technology systems and services in Minnesota.”

It provides the state enterprise services in three critical areas: technical services, oversight services and planning services.

• Technical services consist of IT infrastructure and applications that are "shared services" (available to and used by more than one agency), or "utility services" (common to and used by all agencies). Examples include the state's primary data centers, telecommunications networks, and security services.
• Oversight services focus on those functions that assist the State CIO in prudently and effectively managing all of the state's IT assets and include such activities as enterprise architecture, agency planning and budget reviews, program and portfolio management. Other support functions such as measurement, financial management, and reporting are part of this functional area.
• Planning services include statewide strategic information master planning, development and dissemination state information policies on a variety of issues, and management of IT asset standards and processes.

OET reviews and approves state agency and intergovernmental IT efforts and provides information to the legislature regarding projects reviewed and recommend projects for inclusion in the Governor's budget. OET also ensures cooperation and collaboration among state and local governments in developing intergovernmental IT systems and services; defines the structure and responsibilities of a representative IT governance structure: and identifies, sponsors, develops, executes, and maintains shared IT projects.

State CIO

State CIO
The State CIO is appointed by the Governor to a commissioner-level role and reports directly to the Governor. The CIO is responsible for the following tasks:

• management of enterprise and shared services operations,
• obtaining feedback from a broad array of governmental entities to ensure enterprise-wide collaboration and consideration of broader needs in devising statewide strategies, and
• leading a collaborative IT planning and strategy process with agency CIOs.

The State CIO has the power to determine when the use of shared IT systems is desirable and to require state agencies to use such systems. He or she also coordinates, reviews, and approves all IT projects over $1,000,000 and oversees the state's IT systems and services, as well as establishing and enforcing compliance with standards for IT systems and services. The State CIO submits to the legislature an explanation of any IT project included in the Governor’s budget that involves collaboration between state agencies and an explanation of how the budget requests of the several agencies collaborating on the project relate to each other. The State CIO also prepares a biannual state inventory of IT, including information on how the technology fits into the state's IT architecture. For any project approval, the State CIO must ensure the following: the project is compatible with the state information architecture; the agency is able to accomplish the goals of the phase of the project with the funds appropriated; and the project supports the enterprise information technology strategy.

Roles of other agencies in state IT management

State Agencies
State agencies have budget execution authority for approved agency-specific IT initiatives and are accountable for execution of projects within the enterprise IT strategy. Certain agencies will be in charge of creating and maintaining “shared” services and any projects over $1,000,000 must be divided into distinct phases, which are subject to individual review by OET; unless OET issues an approval of each phase, the project will not receive further funding.

Department of Finance
The Department appropriates funding for individual IT projects. When notified by the State CIO that a project has not been approved, the commissioner of Finance must cancel the unencumbered balance of any appropriation allocated for the project.

Coordination Mechanisms

Commissioners Technology Advisory Board (CTAB)
CTAB is an advisory body of cabinet-level commissioners, including seven rotating members to ensure continuity and congruence of IT strategies with the Governor's vision, along with agency business perspectives. CTAB is chaired by the State CIO and it provides review, consultation, and feedback to the State CIO about enterprise IT strategies and policies. It also reviews the budget and performance metrics of enterprise and OET systems.

Technology Business Advisory Council The Council is made up of private sector CEOs, CIOs, COOs, and senior executives from innovative companies in industries such as IT, banking, insurance, health care, manufacturing, and venture capital management. They advise the State CIO on technology and information management strategies and suggest areas of emphasis and process improvement for state agency processes impacting the business community. The members are appointed by the State CIO.

Agency CIO Advisory Council
The Council is constituted by seven state agency CIOs appointed by the State CIO with the State CIO acting as chair. It provides advice to the State CIO on issues of IT policy and practices and it can sponsor ad hoc subcommittees and subject matter expert teams to address special interest topics. In addition to the small CIO advisory council, the State CIO also conducts quarterly meetings with the entire group of CIOs or equivalents from all agencies and boards comprising state government.

Information Security Council (ISC)
ISC is comprised of appointed representatives from state agencies who are responsible for recommending enterprise security policies, procedures, and standards. They monitor enterprise security policies, procedures, and standards for continued applicability and appropriateness. They also discuss and recommend for approval or disapproval exceptions to enterprise security policies, procedures, and standards. ISC is chaired by the Enterprise Chief Information Security Officer.

Enterprise IT Governance Components

In its planning document, Minnesota identified three types of IT functions in the state system:

• Utility services are the responsibility of the central IT office, including information management common to the entire enterprise, such as establishing the state architecture and technology standards, information management policies, setting of enterprise strategies and priorities, and operation of state enterprise common functions like data centers, networks, security, and planning.
• Shared services are created and maintained by one agency, usually an existing center of excellence, to service multiple agencies with similar functions to facilitate sharing of applications and data, based on the enterprise foundation of architecture, policies, and programs. This permits leveraging of investments, supports efficient operation of systems, reduces the administrative burden on citizens, and promotes interchange of data.
• Agency-specific processes and systems meet the unique needs of agencies for customized programs to support their missions. While these applications must adhere to the state architecture, policies, standards, and best practices, their functionality is so individual in nature that sharing is unlikely to add value.

Minnesota’s governance strategy has six key components: