IT Governance
Overview
IT Governance at the University is a collaborative framework that ensures alignment between the university’s strategic goals and its information technology initiatives while ensuring stakeholder equity. This process delivers measurable value by:
- Aligning IT strategy and projects with the University’s mission, vision, and stakeholder needs
- Promoting transparent communication and collaboration across academic and administrative departments
- Ensuring that adequate resources are available to achieve desired project outcomes
- Establishing a structured approach for prioritizing initiatives and managing risk effectively
Through this governance model, the University fosters accountability, strategic decision-making, and the efficient use of technology resources to support institutional success.
Approach
- Equitable Representation: Commitment to equitable representation of university stakeholders in decision-making processes.
- Leadership Engagement: Involving administrative heads and academic leaders enhances shared governance.
- Decision Making: Inclusive approach fosters equity among university stakeholders in IT governance.
- Objectives: The committee aims to optimize IT resources to fulfill strategic business outcomes while prioritizing People, Process, and Technology.
- Strategic Guidance: Provides essential strategic direction for IT initiatives aligning with university goals and institutional needs.
- Cross Departmental Relations: Facilitate collaboration among departments ensures broad support for key initiatives approved by the committee. Advocating key initiatives across the campus
Joshua Merchant - Chief of Staff (COS) - Chair
Bhavani Koneru - Chief Information Officer (CIO) - Coordinator
Amy Thompson - Executive Vice President for Academic Affairs & Provost
Stephen Mackey - Senior Vice President of Finance & Administration
Boyd Farnam - Vice President of Legal Affairs
Joi Cunningham - Vice President of Human Resources
Dawn Aubry - Vice President of Enrollment Management
Chris Pilsner - Chief Marketing & Communication Officer (CMCO)
Mike Westfall - Vice President of Advancement
Purpose
Establish an IT governance framework ensuring alignment with strategic university initiatives, assess and reduce institutional risk, and optimize value delivered through technology.
Mission
IT Governance is a decision-making and evaluative process regarding the optimal use of IT resources to realize business outcomes. Established IT policies, principles, and standards guide decisions regarding university technology investments, prioritization of projects, and effective involvement of the university community and its stakeholders.
Scope
IT Governance focuses on achieving results from strategic choices, enhancing value creation by performing the following:
- Strategic Alignment with University Objectives: Ensure University IT is included in all facets of the institution by reviewing and approving technology roadmaps and significant university investments with technology components.
- Performance Management: Monitor (Dashboard) the effectiveness of IT Operations, service levels, and performance against established metrics.
- Security and Risk Oversight: Informed of cybersecurity threats, compliance requirements and status, and audit preparation, results, and remediation status.
- IT Policies, Standards, and Procedures: Oversee the development and implementation of IT governance documentation.
- Data Governance: Assure successful management and protection of institutional data.
- Integration: Provide guidance for integration and collaboration with other university-wide governance practices.
It includes an overarching focus upon:
- People: Staffing levels, skill sets, training, and continuous improvement.
- Process: Change Management, Project Management, and Service Level Monitoring.
- Technology: Security, Network and Infrastructure, and Application monitoring.
The Governance Structure consists of the Information Technology Governance Committee, supported by the following working committees:
- IT Security and Risk / Compliance
- Information Systems Management
- Data Governance
The working committees are responsible for implementing the priorities and vision set forth by the IT Executive Committee. They are also expected to identify, propose, prioritize, and provide advice on additional IT initiatives.
The working committees’ membership may be modified in response to changing technological trends.
Information Technology Governance Committee
Membership
- Chief of Staff (COS) - Chair
- Chief Information Officer (CIO) - Coordinator
- Provost
- Senior Vice President of Finance & Administration
- Senior Vice President of Student Affairs
- Vice President of Legal Affairs
- Vice President of Human Resources
- Vice President of Enrollment Management
- Chief Marketing & Communication Officer (CMCO)
- Vice President of Advancement
Responsibilities
- Strategic Alignment
- Creation of IT Operating and Investment Principles (simplification, end-user usability, integrated workflows, single source of data, cloud first emphasis, research support, return on investment, etc.).
- Ensure IT initiatives are aligned with the University goals and priorities.
- Risk Management
- Identify risks to the University resources
- Establish governance standards for data management
- Ensure budget alignment to support necessary risk management tools
- Make decisions on significant IT risks, including, but not limited to, security and compliance
- Performance Management
- Review and approve IT Technology Roadmap
- Monitor IT Operations effectiveness against established metrics
- Governance Framework
- Develop and maintain governance policies, standards, and procedures.
- Ensure compliance with all relevant standards and best practices.
- Decision Making Authority
- Make decisions on significant IT Investments, policy changes, and risk mitigation strategies.
- Provide Investment prioritization and investment proposal process.
- Ensure business/operational needs are addressed using business case analysis and delivery using project management processes.
- Reporting and Communications
- The CIO updates on IT performance, key initiatives, and risk assessments to the governance board
- The governance board provides a yearly assessment on the status of IT to the University Community
- Members actively engage with other stakeholders to align IT initiatives with other Business objectives
- Meeting Procedures
- Quarterly meetings (may change depending on the need)
- COS chairs the committee
- CIO coordinates the meetings and provides the agenda
- CIO presents the PMO report that contains the strategic projects requested by the campus community to ITGC
- CIO reports on the working committee’s proposals, findings, recommendations and actions
- The meeting minutes are published and communicated to the university community
Membership
To be proposed
Responsibilities
- IT Risk Governance
- Identify, enumerate, and communicate risk to allow the IT Governance Committee and applicable stakeholders and the University to make risk-informed decisions
- Periodic review of the university's cyber risk exposure.
- IT Security Governance
- Ensure IT security aligns with university objectives, industry standards, and regulatory compliance.
- Review major security incidents and approve remediation plans
- Ensure periodic review of university compliance with applicable information security and data protection laws and industry standards
- IT Compliance Governance
- Oversee compliance assessments, work with Internal Audit to aid in technology and compliance audits and approve corrective actions
Membership
To be proposed
Responsibilities
- Enterprise administrative technologies
- Identify potential risks associated with the enterprise information systems (Banner, etc.)
- Oversee IT Budget allocation and resources to support key projects and initiatives
- Compliance monitoring regarding data privacy laws
- Monitor access privileges for systems.
- New and Emerging Technologies
- Identify and assess new technologies as they apply to teaching and classroom work (Generative AI, etc.)
- Review and support New Technology Business Cases
- Provide budget proposals to support New Technology
- Academic Tools and Applications
- Review academic application infrastructure and access controls.
- Develop application roadmap in support of new requirements and needs
- Provide guidance on new and emerging risks associated with Academic Applications.
Membership
To be proposed
Responsibilities
- Data Stewardship
- Oversee the management, access, and use of all institutional data
- Ensure data quality, consistency, and security
- Review data collection processes, methods, and retention policies
- Monitor access privileges for systems
- Data Governance Policies and Procedures
- Create comprehensive policies, standards, and guidelines, including data quality, classifications, access controls, and storage methods
- Review and monitor data defining elements, formats, and definitions to ensure consistency in data reporting and usage
- Data Security processes and compliance monitoring
- Ensure Data Policies are consistent with overall University Policies and goals
- Data Support Tools and Support
- Review proposals for data infrastructure tools in support of Identity Management, Reporting, and Community Access needs.
- Develop data tools and roadmap in support of new requirements and needs.
- Provide guidance on new and emerging risks and data handling strategies (Cloud vs. On-Premises).
- September 2025
- December 2025
- March 2026
- June 2026
- September 2026
OU Tech Center
312 Meadow Brook Road
Rochester, MI 48309-4479
(location map)
(248) 370-4357 (HELP)
Fax: (248) 370-4863
Office Hours: M-F 8:00am - 5:00pm
support.oakland.edu
