The global skills and competency framework for the digital world

#1348 GOVN – consider making governance skills applicable across many domains change request accepted

Governance is applicable in a number of business and technology domains. At first glance the name of the skill and some of the description may get in the way of wider adoption.

Governance is a broad concept which has some universal principles as well as some specifics according to the context in which it is being applied.

Feedback suggest that for some users…

  • The prefix Enterprise IT can be a barrier to adoption - i.e. they don't look further than the skill name
  • The descriptors could be more generic to focus on the common elements of governance needed  across different domains

In SFIA’s overall capability model the skill of “governance” can be separated from the specific domain knowledge needed to implement governance processes and tasks. For example - Enterprise IT governance, service management governance, security governance 

An alternative approach is creating additional, specialised governance skills. This option should be considered.  

The impact on the Information governance (IRMG) skill should also be reviewed.

UPDATE - Draft wording below and attached

Governance GOVN

The management of an overall strategy and approach to direct, evaluate and monitor an  organisation’s activities.

The identification of relevant internal and external stakeholders and their requirements.

The development and operation of strategic and operational frameworks, policies, decision-making, business processes and plans to meet stakeholder requirements.

Guidance notes
Governance can be applied to specific activities or a single integrated framework across an organisation. Specialisms include– but not limited to – security, information, technology, enterprise IT, service management.  An organisation’s obligations may be external or internal – such as, but not limited to, legislative, regulatory, contractual and adherence to agreed standards/policies. Governance is also specifically referenced in many SFIA skills.  

Governance: Level 7

Directs the definition, implementation and monitoring of the organisation’s governance framework.

Provides leadership, direction and oversight for an organisation’s governance activities.

Secures organisational resources to execute governance activities.

Provides assurance to stakeholders that the organisation can deliver its obligations with an agreed balance of benefits, opportunities, costs and risks.

Governance: Level 6

Implements the governance framework to enable governance activity to be conducted with appropriate and sufficient independence from management activity.

Within a defined area of accountability, determines the requirements for appropriate governance.

Leads reviews of governance practices.

Acts as the organisation's contact for relevant regulatory authorities and ensures proper relationships between the organisation and external parties.

Governance: Level 5

Manages implementation and adoption of governance frameworks to meet agreed requirements.

Provides specialist advice to resolve compliance issues within a specified area of expertise.

Reviews current and proposed policies, decision-making, business processes and plans for compliance with the organisation's obligations and adherence to overall strategy.

Contributes to the development of governance practices.

 

Download: SFIA 8 GOVN - made generic.docx (25.2KB)

Proposed change applies to Governance

Current status of this request: accepted

What we decided

This change request has been reviewed alongside other SFIA skills in the area of Governance, risk and compliance.

What we changed

Skill and skill level descriptions for GOVN have been updated. Skill re-named.

Ian Seward (General Manager)
Dec 31, 2020 10:10 PM

Supported: Governance is an essential component and any restriction (intended or otherwise) doesn't make sense ... recommend just call it Governance and review wording as suggested.

Carol Long
Mar 08, 2021 12:26 PM

Governance is the system of rules, practices, and processes by which an organisation is directed and controlled. In simple terms, it is the framework in which decision-making happens, shapes reporting to stakeholders, and identifies legitimate powers. It is not the “management of strategy” (that is another skill) as governance frameworks and strategy are not tightly coupled and the same strategy will could be implemented under different governance frameworks (e.g. delivery of IT systems into education market by NFP or PLC or private small company) or the same governance framework (e.g. PLC with international cloud IT) can deliver a series of different strategies.

In IT, there is a specific approach that tends to make IT staff behave as if IT Governance was separate technical discipline. This approach is erroneous when it gives the impression that IT 'best practice' does not have any relationship with company values, strategy, ethics, or law. Interaction with governance is required at all levels and across all skills to enable compliance and predictable practice (quality, efficiency of resources and effective performance). Even a Sales Support level 1 needs to know their limits of authority and who has the delegated powers to change standard practices, pricing or data policy.

The current wording does not help us do that: GOVN 7 suggests a free choice "Directs the definition [...] of the organisation’s governance framework". It is also difficult to see why GOVN 7 is different from ITSP 7 (both look at management/decision frameworks). Add that to the universal engagement in governance in some form or another (e.g. SSUP 1 limits of authority) and it starts to become difficult to justify a separate skill.

There are often overlapping "governance framework" in play: e.g. corporate, project/team management (which may equate to method/standards/tools), and IT (systems and data). These need to be integrated. For that reason, there does need to be a governance skill at levels 7 and 6. It could be argued that the level 5 specialist is in ITMG 5, SCAD 5, SCTY5, TECH 5, one of the audit skills or other professions (e.g. accountancy, law, corporate governance) as appropriate to the question being asked.

The current wording does not explain what governance means in a way that an HR person could use to judge the difference between levels. For Corporate Governance may be decided well above the CTO/ CIO, while they may appear to have a level 7 position in the IT hierarchy, their powers are limited to GOVN 6 or less (no-one has autonomy over the Governance definition except perhaps the regulator or a private company board).

Governance is intricately linked to compliance with corporate governance codes, laws, and regulations. The proposed wording removes most of those references (and completely from the role definitions which means they will be removed from any constructed JDs).


Recommendations:
a) remove GOVN 5 as adding no value
b) reword definition and guidance notes as below
c) reword GOVN 6 and GOVN 7 as below


Governance GOVN
Governance is the system of rules, practices, and processes by which an organisation makes decisions, manages stakeholders’ relationships, and identifies legitimate authority.
The approach to direct, evaluate and monitor an organisation’s activities.
The development and operation of strategic and operational frameworks, policies, decision-making, business processes and plans to meet stakeholder requirements.

Guidance notes
Governance can be applied to specific activities or a single integrated framework across an organisation. Specialisms include – but not limited to – security, information, technology, enterprise IT, service management. An organisation’s obligations may be external or internal – such as, but not limited to, legislative, regulatory, contractual and adherence to agreed standards/policies or ethical frameworks. Governance is specifically referenced in many SFIA skills and is the framework within which all SFIA skills are used. Professionals in any skill area at level 5 and above may be tasked to contribute specialist knowledge to governance reviews and developments.

Governance: Level 7
Directs the definition, implementation, and monitoring of the organisation’s governance framework to meet the organisation’s obligations under regulation, law, or contracts.
Provides leadership, direction, and oversight for an organisation’s governance activities.
Secures organisational resources to execute governance activities to achieve the organisation’s governance goals with effective transparency.
Provides assurance to stakeholders that the organisation can deliver its obligations with an agreed balance of benefits, opportunities, costs, and risks.

Governance: Level 6
Implements the governance framework to enable governance activity to be conducted communicating delegated authority, benefits, opportunities, costs, and risks.
Within a defined area of accountability, determines the requirements for appropriate governance to reflect the values and ethics of the organisation and wider governance frameworks.
Leads reviews of governance practices with appropriate and sufficient independence from management activity.
Acts as the organisation's contact for relevant regulatory authorities and ensures proper relationships between the organisation and external stakeholders.