Minnesota Department of Corrections

 

Policy Number:         105.200

Title:                           Information Technology Governance

Effective Date:           3/5/19

 

PURPOSE:    To ensure standard, consistent, and integrated use of department information resources within the guidelines provided by the state and the department.

 

APPLICABILITY:  Department-wide

 

DEFINITIONS:

Information systems – any system of computer-assisted processes that supports the department's business practices.

 

Information technology (IT) governance – the process of ensuring that appropriate people are involved in decision making regarding IT projects and priorities.

 

PROCEDURES:

A.        Information systems are provided based on the needs and priorities identified by the department as communicated via the information technology (IT) governance committees.  The MN.IT Services at DOC information technology staff (IT) at central office are responsible for developing, implementing, and maintaining department-wide information systems.  IT provides department perspective and leadership for the development of division-specific information systems.  IT is also responsible for monitoring compliance with department and state technology standards and guidelines.  IT establishes an appropriate IT governance structure to align IT and business strategies.

 

B.         IT staff develops standards and guidelines for information systems development, implementation and maintenance, and other computer technology.  This ensures that the department's computer systems are consistent, compatible, and well-managed.  IT staff reviews the standards and guidelines to ensure compliance with best practices and state guidelines.  Standards and guidelines are posted on the IT iShare site.

 

C.         Technology planning and budget information is provided by IT staff at central office to support the department's long-range plans.

 

D.        The IT governance model for the department consists of three main governance groups and several supporting groups (see IT Governance Organization Chart (attached)).  The main groups are the executive IT steering committee, the business advisory council (BAC), and the IT technology committee (see IT Governance Structure (attached)).

1.         Business advisory council (BAC)

The main role of the BAC is to review, evaluate, and prioritize applications development projects so that IT resources are applied to deliver the most business value.  The priorities are recommended to the executive IT steering committee for approval.  The BAC recommends to the executive IT steering committee how IT is to be used to support the business (see IT Principles (attached)) and how and where to invest in IT.  The BAC also provides input to the IT technology committee regarding shared IT infrastructure, as well as policies and rules governing IT architecture decisions.

 

2.         Executive IT steering committee

The executive IT steering committee decides how IT is to be used to support the department’s goals (principles), sets priorities on IT projects or systems to be purchased or built, and provides input to the IT technology committee regarding strategies for shared IT infrastructure and architecture policies and rules.

 

3.         IT technology committee

The IT technology committee determines the strategies for shared IT infrastructure within the department and with other state agencies and develops policies and rules regarding important IT technical decisions.

 

Regular meetings of the IT governance committees include reporting on the progress of major projects, the current status related to the project schedule, unanticipated problems, and expected completion dates.  Reports from committee meetings are posted on the appropriate iShare sites.

 

INTERNAL CONTROLS:

A.        Standards and guidelines are posted on the IT iShare site.

 

B.         Project/committee reports are posted on the IT governance iShare sites by the appropriate governance committee.

 

ACA STANDARDS:            2-CO-1F-01

 

REFERENCES:       Minn. Stat. § 241.01

 

REPLACES:             Policy 105.200, "Information Technology Governance," 8/5/14.

All facility policies, memos, or other communications whether verbal, written, or transmitted by electronic means regarding this topic.

 

ATTACHMENTS:   IT Governance Organization Chart (105.200A)

IT Governance Structure (105.200B)

IT Principles (105.200C)

 

APPROVALS:

Deputy Commissioner, Community Services

Deputy Commissioner, Facility Services

Assistant Commissioner, Operations Support

Assistant Commissioner, Facility Services

 

 

Security Instructions

105.200CO, “Creating and Maintaining User Accounts for DOC Information Systems”

(applicable to all facilities)

105.200-1CO, “Computer Environment Standards” (applicable to all facilities)