IT Governance

Overview

During the past few years, there has been increasing attention on how Information Technology (IT) is governed. One reason is the significant impact that IT systems have on how the Federal Motor Carrier Safety Administration (FMCSA) work gets done. As an enabler of institutional excellence, IT requires extensive collaboration among stakeholders, which is complicated by the growth of the scope of IT and the accompanying competition for funds. Many factors in Government challenge the requirements to set and align institutional IT strategic decisions. Our goal is to create a transparent governance framework to prioritize work done by the Office of Information Technology that instills trust and commitment.

IT Governance describes who makes the decisions; who provides input and analyzes the issues; who sets priorities; and who settles disputes when there is no clear consensus. Good governance processes are actively designed and well-understood by participants and foster timely decisions that are communicated effectively. Ultimately, desirable behavior in using IT means behavior that is aligned with and helps achieve FMCSA's strategic goals. It is concerned with the entire enterprise IT function, not just the central IT organization. Day-to-day operations fall within IT management, outside the scope of governance.

The more IT Governance reflects FMCSA's culture and decision-making style, and the more it is integrated with existing decision-making and operational management processes, the greater its chance of success. The diagram below depicts the IT Governance structure:

This diagram shows the organizational layers that participate in the governance process. At the top is the Executive Steering Committee (ESC), FMCSA’s senior governance board that provides strategic direction and oversight for major IT investments. Below the ESC is the Investment Review Board (IRB), FMCSA’s board that receives direction from the ESC and provides oversight for IT investments. These two boards are the FMCSA Governance Boards. Supporting their activity are several working groups that are responsible for the analysis and the implementation of governance decisions. For example, the Production Application Change Control Work Group (PACCWG)’s primary functions are as an advising committee focused on FMCSA’s production systems from an EA, technical, and planning perspective, and controlling the rate and pace of change in the IT environments. The Enterprise Architecture Council is a working group whose primary functions focus on organizing business processes and IT infrastructure to reflect the integration and standardization requirements of the Agency’s operating model. The Field IT Steering Group (FITSG) is a working group whose primary focus is providing FMCSA field employees input for IT investments and related prioritization. Information Management Authority (IMA) is a working group focused on data management and data quality issues. Below the working groups are communities of practice that indirectly provide input and reference standards to the FMCSA governance process. For example the CVISN’s primary function is to review, analyze, and make recommendations about proposed changes to the CVISN architecture and generate top-level designs. The CVSA Information Systems Committee is a group that serves the needs of the CMV safety program and supports the CVSA Mission. The DOT CIO Council includes the DOT CIO, DOT Associate CIOs, Operating Administration (OA) CIOs, Staff, and other interested parties. The focus is on DOT wide IT Infrastructure, cross cutting initiatives, and DOT IT Policy. Core CIO Group includes the DOT CIO, DOT Associate CIOs, OA CIOs and sub-committee chairs. The work of this group is more focused on the specific needs of the OAs. Two tools support the governance process: eReqs, a Web-based tool to submit and track system MRs and technical interventions, and WorkLenz, a capital planning and portfolio management tool.

Objectives

FMCSA needs to address the needs of many constituencies; therefore it is complex in both its organization and its technology. This complexity requires that competing Information Technology (IT) needs be carefully evaluated to ensure optimal use of limited resources and alignment with institutional strategic goals. IT Governance must aim for a balance of:

IT principles should define desirable behavior for both IT professionals and IT users. The main objectives are:

• Effective IT Investments: FMCSA will manage its IT as an investment, utilizing IT industry standards, recommending best practices, and maximizing the value of its resources. Safety priorities will drive IT strategies and investments, allocating resources appropriately and accountably to support FMCSA's mission and strategic goals through the IT Governance Model.
• Practical IT Standards: IT should be guided by a clear set of policies, procedures, standards, and guidelines to promote a healthy, efficient IT environment in support of the Agency's mission and strategic goals.
• Field Activities Support: IT resources should work collaboratively to provide a responsive IT environment that enhances Field and Enforcement work.
• Integration and Inclusion: IT should help FMCSA fulfill its safety mission by allowing stakeholders to communicate and collaborate across multiple organizations.
• Security and Reliability: Increasingly, the correctness, integrity, and availability of data must be ensured by a stable, safe, and secure IT infrastructure.
• Ubiquity: IT should ensure essential connectivity for users with basic lines of support for all, and should provide recommendations and standards for architecture, infrastructure, enterprise solutions, and any other IT service that supports standardization deployment. 
• Ease of Use: Safety applications, systems, communication devices, and technologies will be integrated and easy to use.