Results from this survery will be shared and discussed at the Sept 2018 IPATHE meeting. To assist in data collection, please only ONE (1) submission per organization. Questions regarding this survey should be directed to pfleming <at> siumed.edu. Organization - Select -Chicago State UniversityEastern Illinois UniversityGovernors State UniversityIllinois State UniversityNortheastern Illinois UniversityNorthern Illinois UniversitySouthern Illinois University CarbondaleSouthern Illinois University EdwardsvilleSouthern Illinois University School of MedicineUniversity of Illinois at ChicagoUniversity of Illinois at ChicagoUniversity of Illinois at Urbana–ChampaignWestern Illinois University Do you have formal IT governance mechanism? Yes No What are the main drivers for developing or wanting to develop formal IT governance? [select all that apply] Audit/Compliance/Risk More Efficient management of resources Align IT with organizational goal/objectives Develop/enforce standards/best practices/policies Identify & leverage common needs/solutions Resolve/arbitrate resource demands Other… Enter other… What are the main barriers/challenges to developing/maintaining IT governance? [select all that apply] Lack of top mgmt. support Lack of middle mgmt. support Resistance to change Complexity Low priority Organizational politics Lack of knowledge and skills Lack of resources Lack of awareness Lack of mandate Lack of comprehensive documentation Unsuitable IT org. structure Mobility of management Receptivity to int./ext. mandate Other… Enter other… Information about your organization IT governance Overall Governance Structure Single monolithic committee Hierarchical / Distributed committee structure Distributed Structure How is your distributed governance body organized? [select all that apply] mimics school/university organizational chart leverages existing non IT governance structures is comprised of smaller distributed IT governance committees / groups by functional area is comprised of smaller distributed IT governance committees / groups by mission Other… Enter other… Main Committee / Group Membership Senior Leadership (VP, C-Suite, Chancellor, etc) IT Leaders/Directors IT Staff Deans Department Chairs Faculty Staff Students Describe the membership of main governance committee to which distributed committees report [select all that apply] Distributed Committee / Group Membership Senior Leadership (VP, C-Suite, Chancellor, etc) IT Leaders/Directors IT Staff Deans Department Chairs Faculty Staff Students Describe the membership of various committees that report to the main governance body. [select all that apply] Monolithic Structure Committee Membership Senior Leadership (VP, C-Suite, Chancellor, etc) IT Leaders/Directors IT Staff Deans Department Chairs Faculty Staff Students Describe the membership of the central governance committee [select all that apply] Governance Details Which of the following are permanently represented, directly or through delegates, within the IT governance structure? [select all that apply] Board of regents/trustees President/chancellor Cabinet-level executives Institution"s senior IT leader Senior central IT managers Local IT managers Business unit leaders Deans/academic unit leaders Faculty Staff Students Who leads the IT governance body? CIO or equivalent Deputy CIO or equivalent Chief information security officer (CISO) or equivalent Chief risk officer (CRO) or equivalent IT policy director Other IT director/manager Legal counsel Internal audit officer Other… Enter other… To whom is the IT governance lead accountable? [select all that apply] Chancellor CIO or equivalent CISO or equivalent CRO or equivalent Chief financial officer (CFO) Provost President / Vice President Board / Board committee Not applicable Other… Enter other… The IT governance body formulates policy prioritizes projects controls the budget influences the budget aligns IT strategy with institutional strategy guides IT risk management advises on service levels advises on service improvement priorities reports to institutional leadership (president’s/chancellor’s/CEO’s office) influences institutional leadership Process & Standards Which standards are used for IT governance? [select all that apply] Control Objectives for Information and Related Technology (COBIT) Information Technology Infrastructure Library (ITIL) International Organization for Standardization (ISO) Hybrid / modification of one of the above Locally developed standard No formal standards Other… Enter other… Does IT governance involve formal review and approval of IT projects? Yes No Formal Project Review How are projects chosen for review? All projects. Non operational requests. Decision to review is made case by case. Projects meeting a certain cost threshold. Projects meeting a certain impact threshold. Other… Enter other… Indicate whether the project review process ... [select all that apply] Evaluates projects for alignment with institutional strategic goals Evaluates projects for alignment with institutional IT goals Evaluates projects for compliance with IT architectural standards Evaluates projects for resource requirements (personnel, fiscal, etc) Typically involves more than a single review (e.g., concept, full proposal, milestones) Requires tracking the status of projects once approved Requires assessing the results of completed projects Is formal and consistent across all types of project requests Examines project compliance, risk or security factors Other… Enter other… Is a software system used to manage IT governance? Agiliance RiskVision ARIS Risk & Compliance Manager IBM OpenPages GRC MetricsSteam GRC Platform Navex Global Protiviti RSA Archer GRC SAP GRC Suite Thomson Reuters GRC Suite (Accelus) Homegrown Other… Enter other…
