1.3 IT Organization, Roles and Responsibilities, and Processes
The IT organization must be defined by considering the requirements of the primary organization it serves. Its placement within the overall structure should be considered based on the scope and breadth of services it is expected to provide to the organization. The organization should have a reporting structure that incorporates IT into planning and decision making at the leadership level.
The CIO should be a regular contributing member of the executive leadership team in order to participate in relevant decision processes of the stakeholder groups in order to adequately anticipate technology resource needs, offer advice on technology enabled opportunities, and respond to emergent requirements. Decisions about staffing levels, skills, functions, accountability, authority, and supervision should be derived from these expectations.
18.104.22.168 Organizational Placement of the IT Function
The CIO should be placed in the overall organizational structure based on the scope and breadth of services the IT unit is expected to provide to the organization. In many complex organizations, a matrix reporting relationship among the most senior executive staff under is not unusual. In smaller and less complex organizations, such hierarchies may not be necessary and a direct reporting relationship to the CEO is feasible. The important point is that it should not matter to whom the CIO reports, as long as the position is adequately incorporated into the organization’s leadership team decision-making processes.
It is also important to distinguish between the role of the CIO and the most senior centralized “line management” function of the centralized IT function (VP, Director, etc.) Regardless of whether the IT functions are managed in a highly centralized or decentralized manner, the role of the CIO must be recognized as that of the Chief Information (technology) Officer. The responsibilities and authority of this role should span any direct reporting structures and cross over organizational boundaries to encompass any and all IT functions of the organization, so that the CIO is responsible for the organization’s total IT footprint as it relates to policy, compliance, security, and risk management of IT-enabled functions regardless of any decentralized line management of departmental IT functions.
22.214.171.124 Management Structure
Decisions about the appropriate balance of a centralized vs. decentralized resource pool of staffing and budget resources is directly related to the expectations of the organization. The centralized IT organization structure must be defined by considering the requirements of the primary organization it serves.
126.96.36.199 IT Continuous Improvement Expectations
As with all administrative and educational support functions in higher education organizations, the Commission on Colleges expects units to engage in systematic planning and assessment processes to assure institutional effectiveness [See SACS Core Requirement 3.3. Processes for planning, assessing, and improving services must be documented. IT processes and services should be periodically and systematically assessed for effectiveness, and opportunities for improvement should be incorporated into the planning process and implemented over time.
1.3.2 IT System Ownership and Responsibilities
Shared governance between a service provider and their customers requires that roles and responsibilities be established and communicated across the organization to appropriately define who is responsible for what.
At the highest level, every IT application and service should have an Executive Sponsor identified. This individual should be the senior person in the organization who “cares” whether the application or service is operable and who champions its use to provide business and/or educational value to the organization. For most infrastructure services, such as the local area network, the CIO is that Executive Sponsor. For most business and educational support systems, the CxO to whom the support function reports is normally the Executive Sponsor. This designation is usually heavily dependent on the organizational structure.
Executive Sponsors should appoint a functionally responsible designee as a primary liaison between the IT service unit and the customers served by the system or service provided by IT. For instance, the VP of Enrollment Management, who is the Executive Sponsor for the Banner Student Information System, might appoint the Registrar as the day-to-day functional liaison between customers of Enrollment Management and IT for provisioning of services and support for the tool.