logo
Creating Enhanced Enterprise Information Technology Governance for New York State

Abstract

Executive Summary

Chapter 1 - Laying the Foundation for Value-Generating Change in New York State

Chapter 2 - Enterprise IT Governance in Practice: A review of the States

Chapter 3 - The Evolution of Enterprise IT Governance in New York State

Chapter 4 - Recommendations for an Enhanced Enterprise Information Technology Governance Structure

Appendices

Appendices


Appendix A. Companion Documents

Enterprise IT Governance in State Government: State Profiles
Enterprise IT Governance in State Government: State Profiles
Jana Hrdinová, Natalie Helbig, and Anna Raup-Kounovsky
August 2009

Over the last fifteen years, the role of IT in state government has grown in prominence, which has drawn attention to how IT is governed at the state level. This report reviews enterprise IT governance arrangements in thirteen states (California, Florida, Georgia, Kansas, Kentucky, Maine, Michigan, Minnesota, New York, North Carolina, Pennsylvania, Texas, and Virginia). This resource provides one of the most comprehensive reviews of public sector IT governance currently available.

http://www.ctg.albany.edu/publications/reports/itgov_profiles

Enterprise IT Governance in State Government: Lessons Learned from the States.
Enterprise IT Governance in State Government: Lessons Learned from the States.
Donna S. Canestraro, Jana Hrdinová, and Anna Raup-Kounovsky
Forthcoming

Governments, at all levels, continue to face pressure to contain costs and demonstrate performance. Traditionally, IT operations evolved based on agency missions and existing ways of making decisions about IT. However, as programmatic boundaries become less fixed and technologies change, new ways of organizing across organizations and program areas are needed to realize the value from information resources and IT investments. This briefing paper presents lessons learned drawn from information collected from a total of 18 states as well as from the work with New York State on the Creating an Enterprise IT Governance Framework for New York State Government project.

Couture Governance - Like high fashion design, IT governance gets its value from a custom fit.
Couture Governance - Like high fashion design, IT governance gets its value from a custom fit.
Theresa A. Pardo and Jana Hrdinová,
Public CIO; June 2009

Reduce costs, increase transparency and improve service quality -- these goals are on the minds of CIOs across the country. Consolidation, centralization and integration are recognized strategies for achieving these goals, but as CIOs are learning, these strategies require coordinated action across organizations' boundaries. Making IT decisions in this way, through coordinated action, often requires new IT governance capability.

http://www.govtech.com/pcio/638032

IT Governance: A Threshold Capability for Creating Government Interoperability.
IT Governance: A Threshold Capability for Creating Government Interoperability.
Theresa A. Pardo and G. Brian Burke
A CTG White Paper; Forthcoming

Interoperability in the governmental context enables partner organizations to share information and other resources as necessary to serve the needs of citizens and society. Creating this interoperability requires government leaders to take responsibility for improving the capabilities of government agencies to effectively partner with other agencies and governments as well as the private sector, non-profit groups, and research institutions. This paper will outline the key elements, as well as the context characteristics of greatest interest in governance design and implementation decision making. The paper will present a set of strategies for identifying and assessing current governance capabilities and using that assessment data to guide new government investments in capability development.

Academic Papers, Presentations, and Journal Articles
Senem Güney and Anthony M. Cresswell. (Forthcoming). IT Governance as Organizing: Playing the Game. Paper to be presented at the Hawaii International Conference on System Sciences (HICSS-43), Kauai, Hawaii.

Anna Raup-Kounovsky, Jana Hrdinová, Donna S. Canestraro, and Theresa A. Pardo. (Forthcoming). Public Sector IT Governance: From Frameworks to Action. Poster to be presented at the 3rd International Conference on Theory and Practice of Electronic Governance (ICEGOV2009), Bogota, Colombia.

Natalie Helbig, Jana Hrdinová, and Donna S. Canestraro. (2009). Enterprise IT governance at the state level: An emerging picture. Proceedings of the 10th Annual International Conference on Digital Government Research (dg.o 2009).

Appendix B. Project Approach and Methodology


Project Approach
In partnership with the NYS CIO Council and the NYS Office of the Chief Information Officer and Office for Technology (CIO/OFT), the Center for Technology in Government initiated a project to generate a set of recommendations for enterprise IT governance for NYS government. The recommendations in this report relate to the components of the enhanced enterprise IT governance structure and the implementation of those components, which were collaboratively developed with key stakeholders within NYS, including state and local government CIOs, state control agencies, and CIO/OFT. The project drew on insights gained within NYS, as well as IT governance experiences nationwide, lessons from the private sector, and frameworks developed in the academic literature. The project was divided into 4 phases:
  1. Project kickoff and agreement on the project goals and plan. CTG launched the project at the joint session of the New York State CIO Council quarterly meeting and the 2008 spring conference of the New York State Local Government IT Director’s Association.
  2. Current practice research. In this phase, CTG conducted an environmental scan of enterprise IT governance practices in the public and private sector in NYS and nationwide. The scan of current practices describes the processes used to create enterprise IT governance structures and the capabilities necessary to make such endeavor successful.
  3. Needs Assessment and Framework Drafting. NYS government currently employs some elements of enterprise-level IT governance. This phase elicited information as to the best methods to enhance these existing practices in order to achieve the desired value connected with state-wide enterprise IT governance. The assessment also explored the extent of changes needed to realize the desired value.
  4. Draft Model. The last phase tested the feasibility and effectiveness of the necessary changes related to state planning and procurement processes if the new structure is to be effective.

Methodology
The data to inform the prototype model was gathered through multiple methods: a review of the literature and current best practices, interviews, and facilitated workshops. Each phase of the project relied on different data gathering methods to engage different stakeholders in the model development process. The primary data collection events were a series of four workshops held with chief information officers and IT directors from state agencies and local governments between October 2008 and April 2009. The facilitated workshops ranged in attendance from approximately 20 to 30 participants. The first workshop was designed to provide a baseline understanding of the value proposition for enhancing enterprise IT governance in New York State and each successive workshop built upon the results of the previous one. Throughout the workshop timeline, additional information was gathered from the NYS stakeholder community via semi-structured interviews with participants in current IT governance, such as CIO/OFT, NYS budgetary and procurement agencies, and existing governance bodies (both formal and informal) already in operation within the state.

The final workshop provided the participants with an opportunity to review and comment on an early draft of the governance model. Following that final workshop, multiple draft versions of the recommendations were reviewed with the New York State CIO, CIO/OFT senior staff, the CIO Council Action Team Co-chairs, the CTG Standing Committee, and key stakeholders in the New York State Legislature to gather their insights regarding the recommendations and model with each new iteration of the model. Consistent with CTG’s approach the input received from these facilitated discussions were then incorporated into the final version of the recommendations and the report.

Following the completion of the workshop series, CTG was asked to facilitate the development of a new charter for the NYS CIO Council. Through weekly face-to-face meetings between March and May 2009, CTG staff worked with the CIO Council Action Team Co-Chairs to create a draft charter. These meetings also allowed the CTG team to take a deep dive into one of the critical governance bodies; the knowledge gained during that process directly influenced the model development. The draft charter as completed on May 20, 2009 is included in Appendix E of this document.

The current practice research for the project was conducted in two phases. The CTG team began with a review of literature in the academic and practitioner fields about enterprise IT governance in both the private and public sector. Web searches identified organizations, in the United States and internationally, (e.g., research centers, government agencies, consulting firms, etc.) with IT governance expertise. This phase relied heavily on the use of Internet search engines and keywords commonly used to describe IT governance. Sources during this phase included items such as journal articles, conference papers, books, case studies, white papers, and popular press articles.

The second phase consisted of an environmental scan of IT governance in the public sector. This phase began with Web site reviews of publicly available documents from thirteen U.S. states that were selected based on the following three criteria: (1) states with publicly available information about IT governance efforts posted on their Web Site; (2) states ranging in the total size of government (i.e., size of IT budget and IT workforce); and (3) states at various stages of IT governance implementation. The selected states were California, Florida, Georgia, Kansas, Kentucky, Maine, Michigan, Minnesota, New York, North Carolina, Pennsylvania, Texas, and Virginia. Following the document analysis, the next segment of work was to conduct a series of semi-structured interviews with IT executives in eleven states: California, Indiana, Kansas, Kentucky, Michigan, Minnesota, Mississippi, New York, Oregon, South Dakota, and Tennessee. The results of this research are available in two documents: Enterprise IT Governance in State Government: State Profiles and Lessons Learned from the States.

Table B1. Environmental Scan: Overview of States
State
 
Phase 1:
Structural
Profiles
 
Phase 2:
Interviews
 
California
 
X
 
X
 
Florida
 
X
 		 
Georgia
 
X
 		 
Indiana
 		 
X
 
Kansas
 
X
 
X
 
Kentucky
 
X
 
X
 
Maine
 
X
 		 
Michigan
 
X
 
X
 
Minnesota
 
X
 
X
 
Mississippi
 		 
X
 
New York
 
X
 
X
 
North Carolina
 
X
 		 
Oregon
 		 
X
 
Pennsylvania
 
X
 		 
South Dakota
 		 
X
 
Tennessee
 		 
X
 
Texas
 
X
 		 
Virginia
 
X
 		 

Appendix C. Participant List


New York State Agencies

State Interview Participants

Appendix D. NYS IT Governance Framework

View larger image
NYS IT Governance Framework

Appendix E. NYS Enterprise IT Governance: Membership

Entity
 
#
 
Members
 
Role
 
Appointment
 
EEGB
 
5 + Deputy Secretaries
 
Deputy Secretaries
 		 
Ex-officio
 
Director of State Operations
 
Chair
 
Ex-officio
 
One representative from the Assembly
 		 
By the Speaker of the Assembly
 
One representative from the Senate
 		 
By the President of the Senate
 
State CIO
 
Non-voting
 
Ex-officio
 
Chair of CIO Council
 
Non-voting
 
Ex-officio
 
ITIB
 
11
 
Director of State Operations or their designee
 
Chair
 
Ex-officio
 
Chair of the CIO Council
 		 
Ex-officio
 
1 representative from OGS
 		 
Selected by the Commissioner of the Office of General Services
 
1 representative from DOB
 		 
Selected by Budget Director
 
2 representatives from Senate
 		 
Selected by the President of the Senate
 
2 representatives from Assembly
 		 
Selected by the Speaker of the Assembly
 
2 members of the CIO Leadership Committee
 		 
Selected by the CIO Leadership Committee
 
1 member from NYSLGITDA
 		 
Selected by the President of NYSLGITDA
 
CIO Council Leadership Committee
 
13
 
1 representative from CIO/OFT
 		 
Selected by the State CIO
 
5 members from the CIO Council
 		 
Selected by the State CIO
 
7 members from the CIO Council
 
Chair - selected from the 7 elected members by a simple majority of the
 
Selected by CIO Council membership
 

Appendix F. NYS CIO Council Draft Charter

New York State CIO Council Charter

Section I – Background

The State Chief Information Officer position was established by Governor Pataki in January, 2002 under Executive Order No. 117, and James Dillon was appointed as New York State’s first CIO. The current New York State Chief Information Officer Council (the CIO Council) was first convened by CIO Dillon early in his tenure and has continued under succeeding State CIOs. Over this time span, the CIO Council has become a valuable resource for communication and collaboration with the Office of the State CIO (OCIO), and among the agency CIO community. In its current form, however, the CIO Council has neither formal status as a New York State government entity nor an official description of its mission and relationship with the State CIO. This charter provides that description with an outline of the mission, objectives, organization, procedures, and functions of the New York State Chief Information Officer Council.

Section II – Establishing Authority

The CIO Council is established under the authority of the New York State Chief Information Officer.

Section III: Purpose & Scope

The CIO Council has three primary purposes: (1) to provide a mechanism for the New York State agency CIO community to advise and inform the New York State CIO and the Office of the CIO on matters of information technology policy, management, and operations, (2) to provide a forum for the NYS CIO community to address issues of mutual concern and make recommendations on IT issues, and (3) to promote information sharing and cooperation.

The role of the CIO Council with respect to advising and informing the State CIO includes matters related to the responsibilities of the State CIO as established by Executive Order 117, items 2-6. Namely:
  2. “Overseeing, directing and coordinating the establishment of information technology policies, protocols and standards for State government, including hardware, software, security and business re-engineering;”
  3. “Overseeing and coordinating the development, acquisition, deployment and management of information technology resources for State government;”
  4. “Developing strategies to improve the State workforce’s ability to employ needed information technologies, and overseeing and coordinating the implementation of such strategies;”
  5. “Coordinating and facilitating information sharing among State government, local governments, other states, the federal government and institutions of higher learning to promote the use and deployment of information technology that will improve the delivery of government services; and”
  6. “Working with State government, local governments, the federal government, institutions of higher learning and private enterprises to further the State Technology Strategic Plan.”
Section IV– Responsibility of the State CIO

The State CIO’s responsibilities as they relate to the CIO Council are:
  1. To establish a regular schedule for the CIO Council meetings.
  2. To designate a senior staff member of OCIO to be a member of the CIO Council Leadership Committee.
  3. To develop and maintain procedures for responding to recommendations from the CIO Council Leadership.
  4. To review and respond to formal recommendations when so identified by the CIO Council.
  5. To appoint OCIO staff to provide administrative support to assist the Leadership Committee Chair in carrying out its responsibilities.
  6. To establish agenda items in conjunction with the CIO Council Leadership.
  7. To establish, in conjunction with the CIO Council Leadership, an annual strategic roadmap for the CIO Council.
Section V – Authority of the CIO Council

The authority of the CIO Council is to:
  1. In the absence of the CIO calling the quarterly meeting, the Leadership Committee may formally request to do so.
  2. Create and disband subcommittees as needed to respond to requests for advice and information from the OCIO and to address issues of concern to the CIO Council.
  3. Establish agenda items, in conjunction with the CIO Leadership Committee, for the CIO Council meetings.
  4. Formally convey recommendations to the State CIO regarding issues raised by the OCIO or members of the CIO Council.
  5. Provide recommendations for input to the State CIO’s strategic roadmap for the CIO Council.
Section VI – Responsibility of the CIO Council

The CIO Council is hereby charged with the following responsibilities:
  1. To provide advice and recommendations to the State CIO on issues related to the State CIO’s responsibilities as outlined in E.O. 117 items 2-6.
  2. To provide advice and recommendations to the State CIO regarding the IT-related business needs of the CIOs respective agencies.
  3. To meet on a regular basis, no less than four times per year.
  4. To provide a forum for CIO Council members that supports discussion of topics of mutual concern and fosters cross-agency collaboration.
  5. To develop and maintain procedures for fulfilling the CIO Council’s responsibility to advise and inform the State CIO.
  6. To provide feedback to the Leadership Committee on pending draft recommendations.
  7. To formulate such bylaws and rules for CIO Council activities that will support the fulfillment of these responsibilities.
  8. To be actively engaged in the meetings and activities of the CIO Council.
Section VII – Membership
  1. General Membership
    1. Membership of the CIO Council shall consist of:
      1. The CIO (or equivalent) of each state agency, all other entities over which the Governor has executive authority, the State University of New York, City University of New York, and all public benefit corporations, the heads of which are appointed by the Governor;
      2. The CIO (or equivalent) from the New York State Assembly and New York State Senate;
      3. The CIO (or equivalent) from the New York State Unified Court System;
      4. The CIO (or equivalent) from the Office of the New York State Comptroller;
      5. The CIO (or equivalent) from the Office of the Attorney General;
      6. Local and Regional Government CIOs (up to 10 members) including:
        1. The President and Vice President of New York State Local Government Information Technology Directors Association (NYSLGITDA).
        2. One representative from New York City as designated by New York City’s Chief Information Officer.
    2. The State CIO serves as ex-officio member of the CIO Council.
  2. Additional members
    1. The State CIO may appoint additional members of his or her executive leadership team to be members of the CIO Council. These members will be ex officio members.
    2. The CIO Council may appoint additional members on a temporary basis as needed to support specific subcommittee efforts.
  3. Alternate Members
    1. Members may designate alternate members to act on the behalf of the state or local entity. Alternate members shall have the same rights as regular members to participate in CIO Council matters and decide on CIO Council policy decisions on behalf of the agency, authority, or local entity they represent.

Section VIII - CIO Council Leadership

The CIO Council shall have a leadership committee, hereafter known as the Leadership Committee.
  1. Membership
    1. The Leadership Committee will consist of 13 members; 7 elected by the general membership, 5 CIOs appointed by the State CIO, and one senior member of the OCIO staff appointed by the State CIO.
    2. Those appointed to the Leadership Committee by the State CIO, serve at the pleasure of the State CIO.
    3. Those elected to the Leadership Committee are elected to serve a two- year term except as noted in Section VIII.A.4 below.
    4. To establish a staggered election schedule for those members elected to the Leadership Committee, for the 2009 election, 4 committee seats are designated for a two-year term and 3 committee seats are designated for a one-year term. Committee members selected for a two-year term are those who received the highest number of votes from the membership.
    5. The officers of the Leadership Committee will be the Chair and Vice Chair and shall be elected for a one-year term by a simple majority of the Leadership Committee membership present at the first monthly meeting of the Leadership Committee each year.
    6. The term of office for leadership committee members and officers shall start the first day of January and end the thirty-first day of December.
  2. Responsibilities of the CIO Council Leadership Committee Chair and Vice Chair
    1. Duties and responsibilities of the Chair shall include:
      1. Act as convener and organizer of the Leadership Committee and preside over the quarterly membership meetings.
      2. Appoint a nominating subcommittee to present a slate of candidates for the annual leadership committee elections.
      3. Communicate regularly with the State CIO regarding progress on findings, recommendations, and advisement as it relates to the work of the CIO Council.
      4. Communicate regularly with the CIO Council membership and provide advance notification prior to any submission of recommendations to the State CIO.
      5. Design and implement a process for sending and receiving communications from the general membership.
      6. Collect feedback from the general membership and the State CIO as to agenda topics for each meeting and set and distribute agenda prior to each meeting.
      7. Provide transparency to its members regarding all CIO Council activities
    2. Duties of the Vice Chair shall include
      1. Serve as Chair in the absence of the Chair.
      2. Fulfill duties as assigned by the Chair to assist him or her in the fulfillment of his or her duties.
  3. Filling Vacancies
    1. Vacancies created by elected members of the Leadership Committee will be filled by nomination of CIO Council members based on a majority vote of the members present at the next meeting of the Leadership Committee to complete the term of the vacating member.
    2. Vacancies created by those members of the Leadership Committee who are appointed by the State CIO will be filled by State CIO, whether on a permanent or temporary basis.

Section IX – CIO Council Meetings
  1. General
    1. General Membership Meetings will be held on a quarterly basis (January, April, July, and October) on a consistent schedule as decided upon by the State CIO in consultation with the CIO Council Leadership.
    2. An annual review and planning session will be conducted for each coming year, which includes a review and affirmation of the charter and subcommittee assignments
    3. The Leadership Committee shall meet as often as it deems necessary, but at least once monthly. All Leadership Committee meetings will be open to the general membership. The Chair or the State CIO may call special meetings of the Leadership Committee or of the CIO Council as he or she deems necessary.
    4. A written record of proceedings shall be maintained and made available to the membership by the OCIO staff member assigned to provide administrative support to the CIO Council.
  2. Subcommittees
    1. Subcommittees may be established by the Leadership Committee in consultation with the State CIO as determined necessary to perform the duties of the CIO Council.
    2. Subcommittees shall be disbanded following the completion of the work for which they were formed as directed by the Leadership Committee in consultation with the State CIO.
    3. Subcommittee Co-chairs shall be elected by a simple majority of the membership present at a previously announced meeting of the subcommittee or may be appointed by the Leadership Committee Chair in consultation with the State CIO.
    4. Members of the subcommittees will be designated by the subcommittee Co-Chair, the Leadership Committee in consultation with the State CIO, or through solicitation of volunteers from the general membership of the CIO Council.
    5. CIO Council members may nominate other agency staff to subcommittees based on the nominee’s areas of expertise.
    6. Subcommittee Co-chairs shall report subcommittee findings to the general membership at the quarterly meetings and to the monthly Leadership Committee meeting as requested by the Leadership Committee Chair.

Section X – CIO Council Recommendations
  1. CIO Council recommendations to the State CIO shall be submitted for approval to the membership at regular meetings and shall require a majority vote of the members present at that meeting for approval. When approved, they are designated as formal recommendations and submitted by the Leadership Committee to the State CIO for response.
© 2003 Center for Technology in Government