Keys to Successful IT Governance

A tidal wave of competing initiatives top hospital executives’ priority lists. Initiatives like Meaningful Use, ICD-10 and Accountable Care Organizations are just a few items that compete for IT resources, budget and the organization’s attention. A strong IT governance model must be deployed to prioritize initiatives, align projects and determine capital spending. And appropriate champions and sponsors must be established to successfully drive the top projects forward and measure results.

Not having an IT governance process, or having one that never seriously involves clinicians and other stakeholders, can lead to a haphazard endeavor that results in late, over-budget projects and, ultimately, many disparate systems that do not function well together.

Finite Resources
IT governance is needed because there’s an almost infinite need for IT and finite resources available to the organization. CIOs and their staffs cannot and should not set priorities by themselves. Senior executives and clinical staff need to be involved. Essential to IT governance are demand management and project prioritization. Results also need to be certified by an oversight group to assure that the technology and processes work as planned and that projects are completed on time and on budget.

Effective IT governance addresses three questions:

1. What decisions must be made to ensure effective management and use of IT?
2. Who should make those decisions?
3. How will these decisions be made and monitored?

A strong governance process should:

  • Shape expectations, standardize processes and confer legitimacy on decisions
  • Hold project sponsors accountable for achieving project benefits and ROI
  • Align IT spending with the strategies of the organization
  • Suggest priorities for capital spending on IT
  • Manage the demand for IT

If you don’t have an effective IT governance process, here is a quick start guide to help you get started:

1. Create a governance or steering committee
2. Define a governance process
3. Create advisory committees
4. Define the role of the governance or steering committee
5. Define the role of the CEO
6. Require that project sponsors be accountable
7. Create a PMO or hire a project manager

Five Keys to Strong IT Governance
As you set up or enhance your governance process, keep in mind the five keys to strong IT governance:

1. Communicate. The CEO needs to communicate the governance process to the organization, underscore that the process must be followed and that projects are not to be submitted to the CEO or the board directly.

2. Meet regularly. The governance committee needs to meet regularly and follow the finance committee calendar for submission of proposals. Do not be afraid to cancel meetings when no decisions need to be made. Committee members will stop coming if they believe they lack real authority and that meetings are just for updates or presentations. Meetings are for considering new projects, setting priorities and reviewing existing and completed projects.

3. Do not be afraid to rotate members. Senior managers and clinicians do not have to serve on every committee for every term. Allow them to nominate others to the committee, but do not allow substitutions for individual meetings. Explaining the committee’s tasks and processes to one-time attendees would waste too much time.

4. Do not allow gaming. As stated earlier, the CEO needs to communicate that the process will be followed and that no IT project will be allowed to proceed unless it has gone through the governance process. Moreover, it should be impossible to skirt the governance process by breaking a project into pieces, each of which falls below the threshold for submission. To avoid this, the threshold for review can be set at a very low level (e.g., 40 hours of work for IT or $10,000). Some project sponsors may also try to circumvent the governance process by underestimating their budgets. For example, they may include the cost of software but not the data conversion or hardware costs. To avoid this, the project managers in IT who review smaller projects need to carefully consider each proposal to identify needed components and a realistic budget. The facts of a proposal may be verified by speaking directly to vendors.

5. Have an expedited process for smaller projects. The governance committee should establish an expedited review process for smaller projects. Doing so will reduce the concern that the governance process will cause significant delays. It will also help to trim the workload created by setting thresholds low enough to discourage gaming. When an expedited small-project process is in place, the governance committee will not feel they are wasting time looking at insignificant projects.

Good governance, when properly executed, provides project managers with a clear understanding of the priority of projects, the resources available and who is accountable for project implementation. This moves the organization toward the achievement of a single, unified vision of how IT will develop. It also increases the support of key stakeholders by giving them a voice in formulating that vision. And it assures that IT projects support the strategy of a hospital or health system and are completed on time and on budget.

Roger Kropf is a professor in the Health Policy and Management Program at New York University’s Robert F. Wagner Graduate School of Public Service. More information on his work can be found at: Guy Scalzi, MBA, is a principal in Aspen Advisors, a professional services firm that works with healthcare organizations to enhance processes and streamline operations through the strategic and effective use of technology. He can be reached at g[email protected]. Kropf and Scalzi co-authored the book IT Governance in Hospitals and Health Systems, published in February 2012 by HIMSS. The book is available at:

About The Author