2.173.1 IT Governance Policy

Manual Transmittal

January 28, 2022

Purpose

(1) This transmits revised IRM 2.173.1, IT Program Governance, IT Governance Policy

Material Changes

(1) See the table below for material changes.

IRM Changes
2.173 Plain Language updates, hyperlink updates, minor edits and improvements to improve clarity throughout.
2.173.1.4 Responsibilities Updated:
  • Governance Board Types and Responsibilities lists

  • Table now includes Advisory Boards (ABs)

  • ABs may make decisions as delegated by the ESC

  • Stakeholder table and added a description column

2.173.1.5 Terms and Definitions
  • Updated the definition of a Project

  • Defined Program

  • Defined Investment

2.173.1.6 Acronyms Added additional acronyms
2.173.1.7 Resources Added the following to the Resources Table:
  • New items found in the IT Governance Charter Guide

  • IT Governance Decision Log

  • IT ESC Information

  • IT GB Information

  • IT Governance Decision Matrix

  • Governance information Group (GiG)

Effect on Other Documents

IRM 2.173.1 dated November 5, 2019 is superseded.

Audience

IRS employees and contractors who support or are members of IT governance boards.

Effective Date

(01-28-2022)


Nancy Sieger
Chief Information Officer

Program Scope and Objectives

  1. This IRM provides the purpose, scope, authority and mandates for Information Technology (IT) governance policy.

Background

  1. This IRM replaced the 2008 Enterprise Governance Authority and Operations Directive and incorporated Interim Guidance IT-02-0319-0008, Reissued Interim Guidance for Internal Revenue Manual (IRM) 2.173 Information Technology (IT) Governance Standards.

Purpose
  1. The purpose of this IRM is to establish the authority, responsibility, processes and procedures for IT governance. IT governance provides a framework of accountability, transparency and decision-making on the IRS IT investment portfolio.

Scope
  1. This policy applies to all IRS IT governance boards, employees and contractors who participate in or support IT governance.

Authority

  1. Investment and Portfolio Governance (IPG) is responsible for developing, implementing and maintaining this IRM. Proposed changes to this IRM must be submitted to IPG. Please share comments and suggestions to improve this IRM via an email to *IT Program Governance Office.

Mandate

  1. Authority for this IRM includes:

    • House of Representatives 1232 - Federal Information Technology Acquisition Reform Act (FITARA)

    • Assignment of Information Technology/Information Resources Management Responsibilities memorandum dated 01/26/2018

    • Applicable OMB and Treasury circulars, directives and memorandums

Responsibilities

  1. A governance board is a chartered body responsible for conducting governance as set out in its governance board charter. Executive Steering Committees, Governance Boards and Advisory Boards are different types of IT governance boards. A governance board’s name, type and responsibilities are identified in its charter. IT governance board charters are located on the IPG SharePoint site accessedhere.

  2. IT governance is hierarchical. ESCs are the top level of governance and supported by GBs and ABs. See the table below for an overview of board responsibilities:

    Governance Board Type Responsibilities
    ESC
    • Oversee its portfolio and subordinate GBs

    • Resolve escalated risks and issues

    • Sponsor GBs and ABs as needed

    • May delegate decisions to a GB or AB

    GB
    • Recommend scope and schedule changes to the ESC

    • Manage portfolio performance and risk

    • Escalate unresolved risks and issues

    • Manage decisions, risks and issues delegated by the ESC

    AB
    • Provide Subject Matter Expertise and advise ESCs and GBs on cost, schedule, risk and technical standards

    • Recommend portfolio selection criteria

    • Make decisions as delegated by the ESC

  3. The table below identifies key IT governance stakeholders and their responsibilities:

    Stakeholder Description Responsibilities
    Chair Sponsoring senior executive Lead meetings, set agendas, delegate as appropriate
    Vice-Chair Supporting senior executive Assist and support the Chair in performing their duties and responsibilities
    Voting Member Key business or IT resource owners responsible for IT investments in the Board portfolio Discuss, evaluate and make decisions. Vote or appoint a proxy to vote. Provide input to agendas.
    Advisor Key functional or process owner enabling sound Governance Provide expertise to support risk and issue discussions. Provide input to agenda.
    Project Manager Manages a project Report on project status, cost, schedule, scope and risks. Responsible for project implementation and execution. Ensure enterprise processes and requirements are followed including registering projects in OPPM (ProSight).
    Lead Supports and delivers effective board meetings Support the ESC or GB and its board meetings. Create, distribute and archive meeting minutes.

Terms and Definitions

  1. IT governance provides a framework for IT investment portfolio decision-making. IT governance identifies the decisions, rights and accountability necessary to track and achieve desired results with IT investments.

  2. Below are key IT governance terms and definitions:

    Term Definition
    Investment A set of projects and programs organized around a mission, business functionality, or an end-to-end process with a business case reported in the Capital Planning and Investment Control (CPIC) process.
    Program A group of related IT projects managed together to maximize benefits and control.
    Project An endeavor to create a unique product or service. It has a start and end date, and specific objectives that when achieved, signify completion. Projects are undertaken to develop, modernize, enhance, maintain or replace an IT asset.
    Portfolio A portfolio is a collection of IT projects. IT portfolios are assigned to an ESC based on the type of investment. For example, the Infrastructure ESC maintains the portfolio of IT infrastructure projects and investments.
    Performance Reviews Performance reviews are reviews conducted to ensure an IT portfolio and its projects are on target to be delivered as forecast. Boards conduct quarterly performance reviews to monitor projects and portfolio performance, ensuring timely and at cost delivery.
    Milestones to Enter and Exit Milestones are used to mark project start and end dates. It can include:
    • Design phase

    • Deployment phase

    • Operations and maintenance

    Boards review and approve project milestones.
    Key Performance Indicator (KPI) KPIs are indicators used to monitor the health of IT projects. The indicators are used to create a KPI scorecard which allows reviewers to determine the health of a project at a glance. Boards use the KPIs to conduct project health assessments.
    Health Assessment (HA) Health assessments are a process used to determine the health of a project. Boards conduct health assessments of IT projects using KPIs.
    Risk Escalation Risk escalation is a process for reporting and escalating risk. Projects trending yellow and red are escalated for attention from the project manager to a governance board and if not mitigated, to an ESC.

Acronyms

  1. Below is a list of IT governance acronyms:

    Acronyms Description
    AB Advisory Board
    ACIO Associate Chief Information Officer
    CIO Chief Information Officer
    DD Data dashboard
    ESC Executive Steering Committee
    FITARA Federal Information Technology Acquisition Reform Act
    GB Governance Board
    GIG Governance Information Group
    GDG Governance Desk Guide
    HA Health Assessment
    I ESC Infrastructure Executive Steering Committee
    ITE ESC IT Enterprise Executive Steering Committee
    ITRAC Item Tracking Reporting and Control
    IPG Investment and Portfolio Governance
    KPI Key Performance Indicator
    MER Milestone Exit Review
    MMD Meeting Minute Decisions
    OPPM Oracle Primavera Portfolio Management
    PM Project Manager
    SD ESC Strategic Development Executive Steering Committee
    SET Senior Executive Team
    SO ESC Sustaining Operations Executive Steering Committee
    UII Unique Investment Identifiers

Resources

  1. Investment and Portfolio Governance (IPG) team supports IT governance with resources on the IPG SharePoint site including:

    Tool Description
    IT Governance Charter Guide Provides tools, templates and step tables describing how to create, update and decommission IT boards and charters.
    IT Governance Decision Log IT ESC and GB decisions are logged and viewable here. Decision data can be sorted and exported to Excel.
    IT GB Information Contains IT GB charters and voting membership information.
    IT ESC Information Contains IT ESC charters and voting membership information.
    IT Governance Decision Matrix Describes the standard IT Governance decision authority.
    IT Governance Desk Guide Provides tools, templates and step tables for supporting IT governance board meetings including:
    • Meeting and agenda management

    • Portfolio changes

    • Meeting minutes

    • Creating presentations

    • Virtual votes

    IT Governance FAQs Shows the current IT Governance framework, roles and responsibilities, decisions boards make, policy, definitions, stakeholders and more. Includes links to governance policy, procedures, tools and resources.
    IT Governance Framework A visual representation of IT governance showing the relationships between ESCs and the GBs that report to them.
    Governance information Group (GiG) A bimonthly, IT Governance information-sharing forum. Members receive invites to each meeting along with a presentation deck. Requests to join the GiG are sent to the *IT Program Governance Office

  2. The IRS Knowledge Management site has a Governance page with an overview of IRS governance, a list of IRS governance boards, and governance resources.