An overview of technology governanace at non-profits and charities based on organisational maturity, size and use of technology.
First presented at the NZ NFP Finance conference 2014
6. WHAT KIND OF CGO ARE YOU?
THREE LAYER
• Board + GM + Staff
• Team > Board
• Delegated authority
MULTI-LAYERED
• Executive Team
& Departments
• Commercial-ish
Board
TWO LAYER
• Small staff
• Board > Staff
• Board direct
operations
VOLUNTEER
• Volunteer led
• Board = Team
• Single Layer
decisions
7. Role of Technology
Cost
E-mail,
documents
and online
presence
AND
essential
for critical
operational
processes
AND
essential for
organisation
and service
decisions
AND
is part of
the product
or service
AND
is the
product or
service
HOW DO YOU USE TECHNOLOGY?
Fundview,
Disaster
ResponseQuitline,
NZ
NavigatorContract
for
ServicesProviding
Public
Services
Every
Organisation
8. ALL THESE FACTORS ALIGN
CGO STEP
Structure
Use of Technology
SIMPLE
COMPLEX
Minimum AdvancedStandard Complex
technology governance requirements
9. Risk management
Back-ups
Controlled access to organisational files
Continuity and crisis plans – at least in outline
Security for confidential information
Use databases not spreadsheets where possible
Cloud offers far superior security than the “server in the cupboard”
Someone holds responsibility for technology
Watching brief on changes
Targeted research when needed
Agreed technology criteria
Integrate around core applications; e.g. finance
What is in-house, what is outsourced?
Use of social media framework
MINIMUM:
FOR EVERY ORGANISATION – TECHNOLOGY IS NO LONGER OPTIONAL
10. Recognise responsibilities
Cannot “abdicate” compliance to suppliers
Core policies defined
Data management (includes security)
Staff use of technology (BYOD, electronic identities, own interests)
Procurement
Basic technology management
Staff support and training
Risk register, active performance monitoring
Cost monitoring (acquisition, staff time, usage)
STANDARD:
MOST ORGANISATIONS WITH STAFF AND/OR PUBLIC SERVICES
11. Ensure core roles and responsibilities covered
Data quality, maintenance and development
Operationally independent project and change management
IT management is standards based e.g. ITIL, COBIT
Separate technology management from operations
Formal KPI reporting
Value not cost – e.g. triple bottom line or contribution
Breakdown available by service or contract
Technology planning is integral to planning processes
“vision” for using technology
COMPLEX:
LARGER ORGANISATIONS; HOLDS GOVERNMENT SERVICE CONTRACTS
12. Board level technology advisory group
Integrated with or distinct from finance and risk
Guided by ISO/IEC 38500
Active Board development includes technology
External audit
Major project reviews
IT plans and performance
No Technology projects
Only organisational projects that incorporate technology
Investment business case essential
Track project delivery against project promises
ADVANCED:
MATURE BOARD; MISSION GRAFTED TO TECHNOLOGY
13. Everything discussed today assumes evolutionary
organisational growth and maturity.
Technology negates the need for this. So do new ideas.
New operational models (usually technology based) can
be revolutionary
Your technology governance may need to ramp up fast.
A FINAL THOUGHT
14. USEFUL LINKS
My website www.dalejennings.co.nz has an ever developing DIY
toolbox. Ask if you want something added!
The Common Good Organisation Development model is explained in
the book or at a workshop. I recommend a manager and a board
member attend the workshop together for best results.
“Waltzing with the Elephant” by Mark Toomey is possibly the best in
depth guide in plain English. Sample or buy at the Infonomics web site
The NZ Privacy Commissioner has an excellent plain English guide to
cloud computing covering many risk areas as well as compliance. The
IITP Cloud Computing Code has more technical details and questions to
ask suppliers.
Some LinkedIn groups technology governance. My profile links to
several. Please connect.
If in doubt - Google your question and watch the videos!