New levels of capability for coordinated action across organizational boundaries are required for government to realize the transformative potential of technology and cope with new economic imperatives. This report outlines five recommendations for change developed through a collaborative, consensus-driven process conducted by CTG on behalf of the New York State CIO community. These recommendations are targeted at building new capability for enterprise information technology investment decision making for New York State. The recommendations extend existing enterprise information technology (IT) governance capability by introducing a new level of transparency in decision making, increasing the opportunity for alignment of IT investments with New York State’s strategic priorities, and fostering the development of policies and standards to guide those investments.

The recommendations are a result of a year long project organized to ensure active partnership from key actors in New York State government. They are grounded in the results of numerous workshops, meetings, and discussions focused on IT investment decision making held over the past year with stakeholders at all levels in the state. Multiple draft versions of the recommendations were reviewed with the New York State CIO, CIO/OFT senior staff, the CIO Council Action Team Co-chairs, the CTG Standing Committee, and key stakeholders in the New York State Legislature. The feedback from these various facilitated discussions was incorporated into the final report and recommendations.

These stakeholders identified five areas where enhanced enterprise IT governance capability would deliver new value for the state at all levels: Throughout this process most participants agreed that while there are many strengths in the current IT governance structure, New York is not realizing the full potential of technology due to limitations in the state’s current enterprise IT governance capability. The strengths of the current environment relate to existing coordination and knowledge sharing mechanisms: While the strengths in the current environment are notable, the lack of support for the status quo was considered a consequence of a number of relatively specific issues related to the current IT governance structure:

• Lack of clear roles and responsibilities. Many in the community stated this lack of clarity created difficulties in communication, consultation, and engagement efforts among the stakeholders.
• Lack of clear and consistent engagement in policy making. Participants noted frustration both in terms of the level of openness of the policy making process on one hand, and the seeming lack of interest from the community in participating actively in policy making processes on the other.
• Lack of an established process to openly and consistently examine agency versus enterprise as an implementation option. Throughout the project stakeholders expressed frustration about the lack of clarity surrounding the use of the term enterprise. They noted little consistent use of any process or guidance for making determinations in a clear and consistent way about what might be an enterprise effort and implications of such a designation.

No one involved in the project argued for the status quo, indicating that time is ripe for change, with the caveat that the changes embrace and build on the acknowledged strengths. The challenge New York State faces, together with many other governments and private sector organizations, is how IT governance is done best in a large, complex, and multi-unit, multi-level organization like state government.

The recommendations will collectively create the governance capability the state needs to realize these value propositions by outlining new structures related to three primary areas of decision making: IT investments, alignment of IT investments with the overall strategic plan of the state, and IT policies and standards. The recommendations assign responsibility for these three categories of decision-making among four entities: the Executive Enterprise Governance Board (EEGB), the Information Technology Investment Board (ITIB), the Office of the State Chief Information Officer (CIO/OFT), and the New York State Chief Information Officer Council (CIO Council).

The decision making processes for these three areas are linked on several levels through overlapping membership in the governance bodies. Information exchange among those involved in these decisions ensures transparency and checks and balances in the system.

The four recommended entities have specific roles and responsibilities with respect to the three decision making areas and their individual oversight responsibilities. The primary responsibility for each is described below, followed by the recommendations designed to create new value for the state through more coordinated, open, and transparent IT investment decision making at the enterprise level and throughout state government.

• Executive Enterprise Governance Board (EEGB). This Board has responsibility for ensuring alignment of IT investments with overall state plans and priorities. The EEGB carries out this responsibility through semi-annual reviews of the IT investment portfolio for its alignment with the overall state strategic plan.
• Information Technology Investment Board (ITIB). This Board has responsibility for review of final decisions about state agency IT investment requests and related analyses submitted by CIO/OFT. In this role, the ITIB receives and responds to the investment analysis from CIO/OFT and assumes oversight responsibility for enterprise initiatives.
• Office of the Chief Information Officer and the Office for Technology (CIO/OFT). Among its other duties, CIO/OFT is responsible for the development of information technology related policy and standards. CIO/OFT would carry out this responsibility through collaboration with the CIO Council as outlined in the recommendations.
• The Chief Information Officer Council (CIO Council). The main responsibility of the CIO Council is to provide a mechanism for the New York State agency CIO community to advise and inform CIO/OFT on matters of information technology policy, management, and operations.