Web Governance
Patricia Benoit, CISA, CIA
April 2002
Southern California Edison 2
In a Phased Approach
General Governance Principles
Why Govern?
At the Community
Level
What is Governance? Where?
In collaborationwith the Business,IT Infrastructure &IT Appl Services
Who? When?
Rules & TheirEnforcement
To Improve an Environment
via Planning
By Establishing & Monitoring adherence
with Standards, Guidelines & Processes
How do we Govern?
Southern California Edison 3
City Governance Analogy – Why Govern?
To help communities and regions grow in harmony with the natural environment and in
tune with public concerns.
1. Solving a community’s problems
2. Protecting important features
3. Guiding community growth in the future
Southern California Edison 4
Web Governance – Why Govern?
Web Governance’s helps portals and sites grow in harmony with a common
environment that is in tune with business concerns.
1. Solving a community’s problems
2. Protecting important features
3. Guiding community growth in the future
Southern California Edison 5
More Reasons for Web Governance
1. Automating business processes has created an environment that has evolved without Proper Safeguards
2. Companies make large Investments in the Web
3. Increased Vulnerabilities from Exposure to Outside World
4. Regulatory Issues Requiring Compliance (i.e. Privacy)
5. The Web is an Environment of Continuous Change
Southern California Edison 6
In a Phased Approach
General Governance Principles
Why Govern?
At the Community
Level
What is Governance? Where?
Who? When?How do we Govern?
To Improve an environment
via Planning
Rules & Their Enforcement
In a Phased Approach
In collaborationwith the Business,IT Infrastructure &IT Appl Services
When?
By Establishing & Monitoring adherence
with Standards, Guidelines & Processes
Southern California Edison 7
Web Governance Definition
Why Governance?
Governance improves Web Communities by providing Order and Predictability
around Outcomes
Expected Outcomes
Consistent and Reliable Web Communities that sustain and extend IT and Business Unit
Strategies & Initiatives
What is Governance?
Governance is the Development and enforcement of Standards,
Policies and Guidelines
Southern California Edison 8
Web Governance Major Areas
Security, Reliability &
Infrastructure
Web Application Processes &
Standards
Content Management
Web GovernanceRisk Risk
Safeguards
Branding/Logo Standards Content Look & Feel Standards Legal Compliance Reviews Corporate Content Reviews BU Content Reviews Portal Metrics Reviews
Security Standards Architecture & Tool Standards Service Level/Performance Stds Web Production Monitoring Infrastructure Standards Web Change Management
Development Process Standards Maintenance Process Standards Technical Stds & Guidelines “Best Fit” Technology Standards
Southern California Edison 9
Web Governance Major Area - Benefits
Security, Reliability &
Infrastructure
Web Application Processes &
Standards
Content Management
Web GovernanceRisk Risk
Benefits
+ Appropriate Branding/Logo+ Consistency Across a Portal+ Prevention of Legal Issues+ Approved Corporate Content + Approved Business Unit Content + Improved Quality of Portals
+ Reduced Development Costs + Consistent Deployment+ Reduced Maintenance Costs+ Appropriate Technology+ Consistent Web Environment+ Reduced Cost for Replacement
+ Protection of Assets+ Alignment with I*Net Architecture+ Alignment with Infrastructure + Reduced Downtime Costs+ Improved Portal Reliability+ Approved Web Applications
Southern California Edison 10
In a Phased Approach
General Governance Principles
Why Govern?
At the Community
Level
What is Governance? Where?
Who? When?How do we Govern?
To Improve an environment
via Planning
Rules & Their Enforcement
In a Phased Approach
In collaborationwith the Business,IT Infrastructure &IT Appl Services
By Establishing & Monitoring adherence
with Standards, Guidelines & Processes
Southern California Edison 11
Unplanned Web Governance Landscape
Company.com
MyHR Site
Employee Site
eProcurement
B2C
B2B
B2E
Parent.com
BU 1Shared Services
ITBU 2Corp
CenterBU 3
Business Unit Governance
Board
• Look & Feel Standards• Application Technology Decision Matrix
• Style Guide• Web Master Manual• Standards & Guidelines for Communications
• Buysite Customization Standards & Guidelines
Portals
• Style Guide• Standards & Guidelines for Communications
• Style Guide• Application Technology Decision Matrix
Business Unit Governance Board
Business Unit Governance Board
Southern California Edison 12
Governance Boards
Planning works well when community members recognize how the parts of the community fit
together.
Southern California Edison 13
Web Governance Boards
Business UnitBoards
Web GovernanceBoards
Executive Level
BU 1Shared Services
IT
B2CPortal
B2BPortal
B2EPortal
ETC
BU 2Corp
Center
How do web communities fit together to align Business and IT Plans?
BU 3
Southern California Edison 14
Governance Boards
Good planning considers the needs of the entire community.
Once planners have helped the community create its plan, they work with many people and groups to carry out the plan.
They work with neighborhood groups, the mayor, the police, engineers, and business people, as well as many others to
make the community the best place to live.
Southern California Edison 15
BU 1Intranet
Governance Board
Systems Engineering
IT Security
Web Production Support
Application Services
eBusiness
Enterprise Architecture
BU 2Intranet
Governance Board
IT Intranet
Governance Board
BU 3 Intranet
Governance
Corporate Center Intranet
Governance
Shared Services Intranet
Governance
System Quality Assurance
B2E Governance Board
BU 1Internet
Governance
BU 2 Internet
Governance
Public Affairs
Human Resources
SafetyCommunityInvolvement
B2C Governance Board
Corporate Finance
IT Support/Alignment
Law
Corporate Communications
Corporate Alignment
Web Governance Boards
Southern California Edison 16
In a Phased Approach
General Governance Principles
Why Govern?
At the Community
Level
What is Governance? Where?
Who? When?How do we Govern?
To Improve an environment
via Planning
Rules & Their Enforcement
In a Phased Approach
In collaborationwith the Business,IT Infrastructure &IT Appl Services
By Establishing & Monitoring adherence
with Standards,Guidelines & Processes
Southern California Edison 17
Governance Board Responsibility
As the population increases and becomes more concentrated in certain areas of the country,
carefully planned development is the only way to ensure that the quality of life in those areas is
maintained and enhanced.
Much of the responsibility for promoting and maintaining the good life in a community belongs
to the city and regional planners.
Southern California Edison 18
Web Governance Roles & Responsibilities
Web Governance Responsibilities
• Define Guiding Principles for Web Content & Design • Define Responsibilities of Content Owners• Establish Content Management / Approval Process• Perform Best Practice Research & Knowledge Sharing
IT Role:
Business Unit Role: Corporate Role:
IT
Web Governance
Corp.BusinessUnits
• Standards Establishment / Updates• Project Compliance Reviews & Quality Control Gate• Web Production Monitoring • Web Governance Knowledge Sharing & Communications
CONTENT MANAGEMENT
TECHNICALARCHITECTURE &
SUPPORT
WEB SITE&
CONTENTAPPROVAL
Southern California Edison 19
Governance Planning
Professional planners prepare comprehensive plans for development projects, neighborhoods, cities,
states and regions… a vision.
And they're responsible for developing a plan of action to turn their paper plans into reality - into
roads, buildings and open spaces.
Southern California Edison 20
Change Management
Processes/Standards
TechnologyContent
Organization/Strategy
• Advocacy/Funding• Education/Promotion• Communication Strategy
-Web Governance Site• Best Practices• Architecture Standards• Branding/Logo Standards• Look/Feel Standards• Development/Maintenance• Technical
Standards/Guidelines• Security Standards• Service Level Agreements
• Web Change Management• Standard Tools• Mobility Strategy• Developer’s Pool• Search Engine Enhancement• Single Sign-on• Personalization
• Strategic Alignment Plan• Operations
-Mission Statement of purpose-Objectives-Membership-Voting-Roles & Responsibilities-Decision Matrix for work-Meeting Manager
• Shared- Common Taxonomy- Usability- Search Intelligence- Design- Corporate Content Reviews- BU Content Reviews- Portal Metrics - ACT Compliance- Approval - Quality Control &
Monitoring• Business Unit
- Governance Boards- BU Content Review/Clean-up- Business Requirements
Portal Governance
Strategic Alignment – A Collaborative Vision
Southern California Edison 21
EDNA Actions - Improvement Initiatives
1. Governance Operations
2. Organizational Change Management / Common Vision
3. Intranet Site Clean-up
4. Intranet Organization & Search
5. Functional Design (Usability) and Style Guide Update
6. Web Content Management
7. Standard Automated Business Processes, Applications & Tools
8. Mobility Standards
9. Release Management
10. Governance Communications - Web Site
Southern California Edison 22
In a Phased Approach
General Governance Principles
Why Govern?
At the Community
Level
What is Governance? Where?
Who? When?How do we Govern?
To Improve an environment
via Planning
Rules & Their Enforcement
In a Phased Approach
In collaborationwith the Business,IT Infrastructure &IT Appl Services
By Establishing & Monitoring adherence
with Standards, Guidelines & Processes
Southern California Edison 23
Web Governance Processes
Standards Establishment
Development Standards
Technical Standards & Guidelines
Content Management Standards
Architecture Standards
Security Standards
Maintenance Standards
Project Reviews
Development & Maintenance Standards Compliance Reviews
Technical Guidelines/Standards Reviews
Content Reviews
Architectural Alignment Reviews
Security Alignment Reviews
Web Production Monitoring
Security Monitoring
Service Level / Performance Metrics Monitoring
Web Applications Migration Monitoring
Web Tools Migration Monitoring
Trending & Improvement InitiativesQuality Control
Web Governance Approval Gate
Web Production Change Management
Content Approval Gate
Southern California Edison 24
Outputs:
Standards Road Map
Standards Development Plan
New/Updated Standards
Standards Deployment
Entry Criteria:
A need for a standard, or to update a standard, is Identified via a change in Web Strategy, Technology, Best Practices orRisk.
Inputs:
Industry Best Practices
Existing Strategies
Existing Standards
Business Unit Initiatives
Standards Establishment Function
Standards Establishment Function
Development Standards
Technical Standards & Guidelines
Content Management Standards
Architecture Standards
Security Standards
Maintenance Standards
Resources
Web Governance
Process Management
Application Services
Systems Engineering
IT Security
Infrastructure
Corporate Communications
Exit Criteria:
Standards Road Map & Development Plan Approval
Standards are Deployed
Dependencies:
Architectural StrategyWeb Strategy
Southern California Edison 25
Project Review Function
Resources
Web Governance
System Quality Assurance
Systems Engineering
Corporate Communications
Project Reviews Function
Development & Maintenance Stds Compliance Reviews
Technical Guidelines/Standards Reviews
Content Reviews
Architectural Alignment Reviews
Security Alignment Reviews
Entry Criteria:
A project requires a review to verify compliance with standards.
Inputs:
Web Development Projects
Development Standards
Maintenance Standards
Technical Standards & Guidelines,Architectural and Security Standards
SQA Review Checklists
Dependencies:
Established StandardsWeb Projects
Outputs:
Exit Criteria:
Deviations identified and addressed prior to migration tothe Production Environment
Web Content Issues Log
Application Development Project Issues Log
Findings & Recommendations Report
Action Plans for Issues requiring resolution for Project Implementation
Southern California Edison 26
Web Production Monitoring
Resources
Web Governance
Web Production Support
IT Security Management
Corporate Communications
Application Services
Web Production Monitoring Function
Security Monitoring
Service Level / Performance Metrics Monitoring
Web Applications Migration Monitoring
Web Tools Migration Monitoring
Trending & Improvement Initiatives
Entry Criteria:
Reports are published and it istime for scheduled Governance Monitoring activities.
Inputs:
Security Reports
SLAs & Metrics Reports
Web Content Issues Log
Governance Board Issues Log
Web Governance Reports
Dependencies:
SLAs Issues Log & Reports
Outputs:
Web Governance Monitoring Summary including an Issues Logwith Recommended Actions
Web Content Issues Report
Improvement Initiatives
Exit Criteria:
Web Governance MonitoringSummary and Improvement Initiatives published
Issues are addressed
Southern California Edison 27
Quality Control Function
Quality Control Function
Web Governance Approval Gate
Web Production Change Management
Content Approval Gate
Resources
Web Governance
Web Production Support
Corporate Communications
Application Services
Entry Criteria:
A Web Application requires migration to production.
Inputs:
Web Migration Request
SDM & Client Approval (UAT) forRelease to Production
Web Production Content Approval for Release to Production
Inventory of Web Applications in Production
Web Migration Activity Reports
Dependencies:
Change RequestApproval for Migration Web Production Reports
Outputs:
Approved Application is Migrated toWeb Production
Approved Content is Migrated toWeb Production
Inventory of Web Applications in Production
Archived Web Content History
Exit Criteria:
Application or Content is successfully migrated to the Web Production Environment
Southern California Edison 28
In a Phased Approach
General Governance Principles
Why Govern?
At the Community
Level
What is Governance? Where?
Who? When?How?
To Improve an environment
via Planning
Rules & Their Enforcement
In a Phased Approach
In collaborationwith the Business,IT Infrastructure &IT Appl Services
When?
By establishing & monitoring adherence
with Standards, Guidelines& Processes
Southern California Edison 29
Web Governance in a Phased Approach
Standards Establishment
Development Standards
Technical Standards & Guidelines
Content Management Standards
Architecture Standards
Security Standards
Maintenance Standards
Governance Establishment
Develop Governance Model
Communications Plan
Standards Gap Analysis
Implementation Plan
Governance Boards
Obtain Sponsorship & Mgt Support
Identify Content Owners
Develop Charter & Vision
Define Roles & Responsibilities
Define Board Structure & Operations
Web Production Monitoring
Security Monitoring
Service Level / Performance Metrics
Monitoring
Web Applications Migration Monitoring
Web Tools Migration Monitoring
Trending & Improvement Initiatives
Project Reviews
Development & Maintenance Stds
Compliance Reviews
Technical Guidelines/Standards Reviews
Content Reviews
Architectural Alignment Reviews
Security Alignment Reviews
Quality Control
Web Governance Approval Gate
Web Production Change Management
Content Approval Gate
Phase 1
Phase 5*Phase 4Phase 3
Phase 2
* - Note: Dependencies on a Security Framework, SLAa and a controlled Web Production Environment exist in this area.
Southern California Edison 30
Web Governance Operations
1. Annual Planning - Risk Assessment & Review of Industry Trends
2. Alignment of IT & BU Strategies
3. Develop/Refine Safeguards to Eliminate Risk
Web Policies Standards & Processes Development Project Reviews Production Environment Monitoring Change Control Gate
4. Measure Performance / Compliance
5. Report on Results & Create Improvement Initiatives
6. Educate, Communicate and Inform IT & BUs in Web Governance Practices
7. Continuously Improve Web Governance
Southern California Edison 31
Web Governance Key Success Factors
1. Ensure that Executive Management supports Governance
2. Ensure that well defined Business & IT Strategies exist
3. Ensure alignment of Strategies at the Portal Level with Boards that represent the appropriate individuals in each portal community
4. Ensure that Standards are Comprehensive, Developed by Subject Matter Experts and are Approved
5. Ensure that reviews are conducted at High Risk points in the SDLC (i.e. Requirements, Design, Testing, etc.)
6. Ensure that Web Production is monitored for security risks & reliability and proper escalation processes & recovery plans exist
7. Ensure that well defined processes for Web Change Management exist
Southern California Edison 32
Web Governance
"Never doubt that a small group of thoughtful committed citizens can change the world; indeed, it's the only thing that ever has. "
~Margaret Mead