2.173.1 IT Governance Policy 2.173.1.1 Program Scope and Objectives 2.173.1.1.1 Background 2.173.1.1.1.1 Purpose 2.173.1.1.1.2 Scope 2.173.1.2 Authority 2.173.1.3 Mandate 2.173.1.4 Responsibilities 2.173.1.5 Terms and Definitions 2.173.1.6 Acronyms 2.173.1.7 Resources Part 2. Information Technology Chapter 173. IT Program Governance Section 1. IT Governance Policy 2.173.1 IT Governance Policy Manual Transmittal January 28, 2022 Purpose (1) This transmits revised IRM 2.173.1, IT Program Governance, IT Governance Policy Material Changes (1) See the table below for material changes. IRM Changes 2.173 Plain Language updates, hyperlink updates, minor edits and improvements to improve clarity throughout. 2.173.1.4 Responsibilities Updated: Governance Board Types and Responsibilities lists Table now includes Advisory Boards (ABs) ABs may make decisions as delegated by the ESC Stakeholder table and added a description column 2.173.1.5 Terms and Definitions Updated the definition of a Project Defined Program Defined Investment 2.173.1.6 Acronyms Added additional acronyms 2.173.1.7 Resources Added the following to the Resources Table: New items found in the IT Governance Charter Guide IT Governance Decision Log IT ESC Information IT GB Information IT Governance Decision Matrix Governance information Group (GiG) Effect on Other Documents IRM 2.173.1 dated November 5, 2019 is superseded. Audience IRS employees and contractors who support or are members of IT governance boards. Effective Date (01-28-2022) Nancy Sieger Chief Information Officer 2.173.1.1 (11-05-2019) Program Scope and Objectives This IRM provides the purpose, scope, authority and mandates for Information Technology (IT) governance policy. 2.173.1.1.1 (11-05-2019) Background This IRM replaced the 2008 Enterprise Governance Authority and Operations Directive and incorporated Interim Guidance IT-02-0319-0008, Reissued Interim Guidance for Internal Revenue Manual (IRM) 2.173 Information Technology (IT) Governance Standards. 2.173.1.1.1.1 (11-05-2019) Purpose The purpose of this IRM is to establish the authority, responsibility, processes and procedures for IT governance. IT governance provides a framework of accountability, transparency and decision-making on the IRS IT investment portfolio. 2.173.1.1.1.2 (11-05-2019) Scope This policy applies to all IRS IT governance boards, employees and contractors who participate in or support IT governance. 2.173.1.2 (11-05-2019) Authority Investment and Portfolio Governance (IPG) is responsible for developing, implementing and maintaining this IRM. Proposed changes to this IRM must be submitted to IPG. Please share comments and suggestions to improve this IRM via an email to *IT Program Governance Office. 2.173.1.3 (11-05-2019) Mandate Authority for this IRM includes: House of Representatives 1232 - Federal Information Technology Acquisition Reform Act (FITARA) Assignment of Information Technology/Information Resources Management Responsibilities memorandum dated 01/26/2018 Applicable OMB and Treasury circulars, directives and memorandums 2.173.1.4 (01-28-2022) Responsibilities A governance board is a chartered body responsible for conducting governance as set out in its governance board charter. Executive Steering Committees, Governance Boards and Advisory Boards are different types of IT governance boards. A governance board’s name, type and responsibilities are identified in its charter. IT governance board charters are located on the IPG SharePoint site accessedhere. IT governance is hierarchical. ESCs are the top level of governance and supported by GBs and ABs. See the table below for an overview of board responsibilities: Governance Board Type Responsibilities ESC Oversee its portfolio and subordinate GBs Resolve escalated risks and issues Sponsor GBs and ABs as needed May delegate decisions to a GB or AB GB Recommend scope and schedule changes to the ESC Manage portfolio performance and risk Escalate unresolved risks and issues Manage decisions, risks and issues delegated by the ESC AB Provide Subject Matter Expertise and advise ESCs and GBs on cost, schedule, risk and technical standards Recommend portfolio selection criteria Make decisions as delegated by the ESC The table below identifies key IT governance stakeholders and their responsibilities: Stakeholder Description Responsibilities Chair Sponsoring senior executive Lead meetings, set agendas, delegate as appropriate Vice-Chair Supporting senior executive Assist and support the Chair in performing their duties and responsibilities Voting Member Key business or IT resource owners responsible for IT investments in the Board portfolio Discuss, evaluate and make decisions. Vote or appoint a proxy to vote. Provide input to agendas. Advisor Key functional or process owner enabling sound Governance Provide expertise to support risk and issue discussions. Provide input to agenda. Project Manager Manages a project Report on project status, cost, schedule, scope and risks. Responsible for project implementation and execution. Ensure enterprise processes and requirements are followed including registering projects in OPPM (ProSight). Lead Supports and delivers effective board meetings Support the ESC or GB and its board meetings. Create, distribute and archive meeting minutes. 2.173.1.5 (01-28-2022) Terms and Definitions IT governance provides a framework for IT investment portfolio decision-making. IT governance identifies the decisions, rights and accountability necessary to track and achieve desired results with IT investments. Below are key IT governance terms and definitions: Term Definition Investment A set of projects and programs organized around a mission, business functionality, or an end-to-end process with a business case reported in the Capital Planning and Investment Control (CPIC) process. Program A group of related IT projects managed together to maximize benefits and control. Project An endeavor to create a unique product or service. It has a start and end date, and specific objectives that when achieved, signify completion. Projects are undertaken to develop, modernize, enhance, maintain or replace an IT asset. Portfolio A portfolio is a collection of IT projects. IT portfolios are assigned to an ESC based on the type of investment. For example, the Infrastructure ESC maintains the portfolio of IT infrastructure projects and investments. Performance Reviews Performance reviews are reviews conducted to ensure an IT portfolio and its projects are on target to be delivered as forecast. Boards conduct quarterly performance reviews to monitor projects and portfolio performance, ensuring timely and at cost delivery. Milestones to Enter and Exit Milestones are used to mark project start and end dates. It can include: Design phase Deployment phase Operations and maintenance Boards review and approve project milestones. Key Performance Indicator (KPI) KPIs are indicators used to monitor the health of IT projects. The indicators are used to create a KPI scorecard which allows reviewers to determine the health of a project at a glance. Boards use the KPIs to conduct project health assessments. Health Assessment (HA) Health assessments are a process used to determine the health of a project. Boards conduct health assessments of IT projects using KPIs. Risk Escalation Risk escalation is a process for reporting and escalating risk. Projects trending yellow and red are escalated for attention from the project manager to a governance board and if not mitigated, to an ESC. 2.173.1.6 (01-28-2022) Acronyms Below is a list of IT governance acronyms: Acronyms Description AB Advisory Board ACIO Associate Chief Information Officer CIO Chief Information Officer DD Data dashboard ESC Executive Steering Committee FITARA Federal Information Technology Acquisition Reform Act GB Governance Board GIG Governance Information Group GDG Governance Desk Guide HA Health Assessment I ESC Infrastructure Executive Steering Committee ITE ESC IT Enterprise Executive Steering Committee ITRAC Item Tracking Reporting and Control IPG Investment and Portfolio Governance KPI Key Performance Indicator MER Milestone Exit Review MMD Meeting Minute Decisions OPPM Oracle Primavera Portfolio Management PM Project Manager SD ESC Strategic Development Executive Steering Committee SET Senior Executive Team SO ESC Sustaining Operations Executive Steering Committee UII Unique Investment Identifiers 2.173.1.7 (01-28-2022) Resources Investment and Portfolio Governance (IPG) team supports IT governance with resources on the IPG SharePoint site including: Tool Description IT Governance Charter Guide Provides tools, templates and step tables describing how to create, update and decommission IT boards and charters. IT Governance Decision Log IT ESC and GB decisions are logged and viewable here. Decision data can be sorted and exported to Excel. IT GB Information Contains IT GB charters and voting membership information. IT ESC Information Contains IT ESC charters and voting membership information. IT Governance Decision Matrix Describes the standard IT Governance decision authority. IT Governance Desk Guide Provides tools, templates and step tables for supporting IT governance board meetings including: Meeting and agenda management Portfolio changes Meeting minutes Creating presentations Virtual votes IT Governance FAQs Shows the current IT Governance framework, roles and responsibilities, decisions boards make, policy, definitions, stakeholders and more. Includes links to governance policy, procedures, tools and resources. IT Governance Framework A visual representation of IT governance showing the relationships between ESCs and the GBs that report to them. Governance information Group (GiG) A bimonthly, IT Governance information-sharing forum. Members receive invites to each meeting along with a presentation deck. Requests to join the GiG are sent to the *IT Program Governance Office The IRS Knowledge Management site has a Governance page with an overview of IRS governance, a list of IRS governance boards, and governance resources. More Internal Revenue Manual
