ICT governance is an emerging topic. As the fusion between business and ICT develops, ICT is no longer just about service provision, what we’d call ICT management. Instead, ICT governance is much broader and concentrates on transforming ICT to meet the demands of the business and its customers. We also believe, good ICT governance is the foundation for delivering strategic ICT.
But what does ‘good’ look like when it comes to ICT Governance? Whilst the National Housing Federation has recently rewritten its Code of Governance to reflect best practice on issues affecting the sector, ICT governance was a conspicuously absent chapter!
For the last Breakfast Briefing of the season, Steve Dungworth, Director and founder of Golden Marzipan, and Colin Sales, CEO of technology and data advisors, 3C Consultants join forces to not only share their concerns about the lack of governance in ICT, but they also announce some exciting news about a brand-new ICT governance framework.
The Importance of ICT Governance
Back in 2020, Golden Marzipan’s Steve Dungworth was trying to define what “good ICT” looked like. After discussions with clients and other specialists, it became evident that current social housing frameworks didn’t mention business-critical functions such as cybersecurity and data or indeed any standards relating to ICT governance. Quite astonishing given the growing interest from the social housing regulator on governance breaches that lose sight of ICT investment costs or rely on good quality data for compliance processes. It was this that triggered a conversation with Colin Sales on ICT governance.
ICT governance is an integral part of good corporate governance and should be addressed like any other strategic agenda item. Colin adds “data governance is now the cornerstone on which all the other types of compliances are based”. He continues “you cannot have good governance unless you also have good ICT”.
The New ICT Good Governance Framework
Standards provide people and organisations with a basis for mutual understanding, they can be used as tools to aid conversations, establish value for money, service standards and good governance and they play an important role in the social housing sector.
Initial conversations suggest there is an appetite for standards that relate to the governance of information and communications technology activities within the housing sector. Many people believe that they would enable clear and visible decision making at the appropriate level of senior management. They would help embed ICT across an organisation, encouraging more responsible and accountable business management. Standards would create focus, understanding and improved delivery against goals. And finally, improved alignment would deliver cost reductions and enhance customer experience.
Over the last six months, Steve and Colin have worked collaboratively with a group of leading ICT housing sector professionals in the form of a consultative good governance group, to develop an ICT governance framework and an assessment tool for providers.
Intended to be only a voluntary standard, the simplified framework is aimed at ICT stakeholders, so boards, execs, business change managers, champions etc. – but it is written for a non-technical audience. These are the six standards within the ICT Good Governance Framework:
1. Strategy, business alignment and value for money.
2. Programme and project management
3. ICT service management.
4. Resources, partnerships and procurement.
5. Data Management.
6. Risk management and business continuity.
Risk Management and Business Continuity
At the Breakfast Briefing Colin emphasised the importance of the data governance section of the framework. He commented that there’s a lot of work going on in the sector like having the HACT data standards and he is also leading a group of influencers to raise the profile, which mainly focuses on running a data quality group, improved standards, and emphasis on more on regulation. He added, “With the Information Commissioners Office having the power to apply large fines for breaches following a loss of data, providers need to aim to a standardised ICT risk management.”
“The ICT Good Governance Framework contains a detailed section on risk management and business continuity”, added Steve. It covers key aspects including audit and assurance, ICT operational risks and risk profiles (including cybersecurity and risk mitigation), business continuity planning and internal controls. All of this is “in the language of the sector”, affirmed Steve, “and it can be used to engage, educate, and get everybody to understand how technology can be an enabler and not a distraction or a risk.”
If you are interested in understanding more about your organisation’s ICT Governance, then get yourself tested with the Golden Marzipan Assessment Tool, you can read more about it here or email Steve at Golden Marzipan for an informal chat. Contact Steve at firstname.lastname@example.org.