Developing an Information Strategy

The purpose of an information strategy is to highlight the extent to which a modern, complex organization depends on information, in all of its guises, and to consider how this strategic asset should be managed.

This dependency has always been present and nowhere more so than in universities, whose very purpose is built around information and its conversion into useful knowledge. But it has been felt with ever greater keenness since the advent of the IT revolution thirty years ago and with the catalytic force of the World Wide Web since 1993. During this time, as the complexity of the landscape has increased and the opportunities for sharing information have multiplied, the notion of information management has emerged as both a discipline and an important tool of modern management. This notion should lie at the heart of a university’s information strategy.

Whether improving access to learning resources and research collections, developing management information systems to support decision making, or facilitating better communication, the information strategy seeks to emphasize the importance of good information management. It also strives to relate this causally to the overall success of the organization, whether in terms of academic achievement, financial health, or general efficiency. And therein lies the principal challenge and the main focus of this article: to consider how best to ensure that information management, broadly defined, can both influence and facilitate corporate strategy. The type of information strategy that emerges will depend on local circumstances, but the purpose of this article is to make the case for a strategy that is both assertive of the role of information management and ambitious on behalf of the university.

The Dominant Role of Information Technology

As noted, the purview of the strategy is information in all of its forms. However, the principal focus must be on the enormous potential offered by technology-based information flows and the associated challenges of infrastructure management, information architecture, and integrated services.

There is nonetheless a powerful argument against IT determinism: that we should exploit information technology and not be exploited by it. We indeed wish to avoid this trap, but in practice there is a more subtle distinction between having information technology set the agenda and having information technology follow an agenda.

In a general sense, we would normally require the IT strategy to align with the corporate strategy. The challenge is to recognize that success will come, if at all, through an understanding of the extent to which information technology can, and should, disrupt entrenched processes and facilitate new and better ways of working. In this sense, the vision of what information technology might achieve, through constructive disruption, needs to influence the corporate strategy. This requires leadership and management mechanisms capable of exercising this influence and securing the advantages.

Such is the dominance, then, of information technology that the information strategy must take an inclusive approach that addresses both information and the IT infrastructure that underpins it.

The Planning Process

Vertical and Horizontal Processes

Our normal way of looking at and managing the university is through the main vertical processes of learning and teaching, research, and everyday management. However, we frequently consider horizontal perspectives across the organization as a means of emphasizing the importance or pervasiveness of a particular area of activity. Examples include staff development, the student experience, customer service, health and safety, equality and diversity, and energy efficiency. The information strategy is, in effect, one of these horizontal slices. It seeks to highlight and emphasize the importance of information to all university activities and to recommend an approach to its management.

These horizontal emphases serve a useful purpose by offering a different perspective on the workings of the organization. But their primary purpose is not simply to provide a temporary insight or a topic for a seminar; instead, they seek to ensure that the perspective is embedded in the day-to-day, vertical management processes. The information strategy is no exception. The observations set out below seek not only to influence regular management processes but also to provide a reminder of the horizontal perspective, with its emphasis on interrelatedness, consistency, data quality, data ownership, currency, and integrated management.

A Strategic Matrix

The information strategy is conceived as an enabling strategy, which seeks to ensure better facilitation of the main vertical strategies while bringing some beneficial consistency to the manner in which this happens.

To achieve this objective, the information strategy is designed as a matrix of the horizontal and vertical processes. It cannot and should not be a free-standing, self-contained strategy. It certainly has a separate existence as a set of general principles and a plan for integrated development and good governance (set out below as the General Information Strategy), but it must be present also within the strategies and management processes for learning and teaching, research, communication, and management.

An information strategy, whether broad or narrow in scope, requires a strategic context. We must avoid information requirements planning with no strategic purpose having been defined and no management framework in place. The converse—a strategy that does not consider information resources—is equally unhelpful. Information requires a strategy every bit as much as a strategy requires information.

Thus, one of the principal requirements of the information strategy is to ensure that the strategic plan for each major process area within the university includes a consideration of information resources and their management. These strategic plans should have their own dedicated information strategies (or substrategies), setting out the extent and nature of their dependency on information resources and a consideration of how they are managed. These deliberations are best undertaken in the context of, and as an integral part of, their parent strategy and not as separate processes.

It follows that all semblances and instances of (or urges to create) parallel e-strategies (such as e-marketing, e-administration, or e-learning) should be strongly discouraged, or at least viewed as temporary envisioning or “kick-start” exercises that should immediately feed back into the core process strategy. For example, if there is to be a learning and teaching strategy, it should address all relevant activity, regardless of the tools and techniques used, and it should be owned and driven in its entirety by the owner of that high-level process within a clear strategic and management framework.

A learning and teaching strategy that does not consider e-learning is unthinkable, as is a marketing strategy that does not consider website design and social networking. Research activity without a strategy for monitoring and publicizing outputs or for enabling online, cross-institutional collaboration would be deficient. The list might go on to include the organization’s management and decision-making processes and the potential for improvement through strategic investment in a business intelligence infrastructure or the application of customer relationship management tools to student recruitment and business development.

In this sense, the information strategy is conceived as an overarching and inclusive plan that consists of the broad set of principles along with a range of process-specific strategies. And it follows that the process of developing and managing these parent strategies will require an inclusive approach, with the process owner working with the information services or IT department and any other identified sources of expertise in the matters at hand.

The worlds of business and public service are littered with examples of failed IT projects. And while the reasons for these failures may be many and varied, it is clear that among them is the notion that an IT project is somehow separate from the process that it seeks to automate or improve. In fact, by far the most reliable method of ensuring that a major project will fail is to call it an IT project and leave it to the IT department to manage. The planning process must be inclusive, and it must be led by the process owner. Or, to put it another way, information technology is too important to be left to the IT department!

Information Planning and Strategic Planning

The central argument here is that a business process and its information infrastructure cannot and should not be separated in terms of strategic thinking and planning. This argument applies at the level of individual processes like learning and teaching or research, and it applies also to the development of the overall corporate strategy. It applies to understanding the information requirements of the vertical business process as well as more fundamental questions such as the quality, reliability, and stewardship of data.

The challenge is to integrate this process into corporate strategic planning as a high-level, cross-cutting theme. As the corporate plan seeks to pull the various process-specific strategies together into an integrated whole, so a parallel mechanism would seek to establish an integrated information strategy comprised of the following:

• A “General Information Strategy” addressing the horizontal issues: the information management principles and the governance arrangements
• The information substrategies that are incorporated into the main vertical strategies such as learning and teaching and research

This planning model assumes the existence of a formal strategy in each of the key process areas. If adopting the integrated approach, we might usefully analyze the present situation by means of a “periodic table” of university strategies. Such a table would identify logical gaps where no high-level strategy exists for key areas. Further, in those areas where an overall strategy does exist, the exercise would expose where a consideration of underpinning information requirements has taken place largely through a separate process. This model also assumes an ownership and a set of responsibilities attached to each of these plans, in terms of senior management responsibility and a group charged with policy development and monitoring.

The example table below shows a hypothetical situation regarding strategy development, information requirements planning, and policy ownership for some key university processes. Clearly, there are gaps. Some existing strategies need to be connected with their associated information considerations, and more worrisome, extensive information-related activities require a strategic context and a means of monitoring and adapting the strategy over time.

Table 1. A Periodic Table of University Strategies

A Model for the General Information Strategy

What follows is a model structure and content for the General Information Strategy: those aspects of the information infrastructure that are horizontal in nature and underpin all of the university’s key vertical systems and processes. First are the principles, then governance, followed by IT strategy.

Principles

The overriding principle at the heart of the information strategy is the recognition that the university is a single, integrated organization. It may be large, complex, and collegiate, with a healthy measure of devolved management responsibility, but it is fundamentally one institution and can ill afford to forgo the benefits of behaving as such.

These benefits will manifest themselves in terms of achieving more effective communication and securing greater value for money spent, and they will be realized through more consistent and standardized methods of working, through designing and building the information systems infrastructure as a holistic, interdependent service, and through adopting good practice in information management. Indeed one might see the information strategy as, fundamentally, an argument for adopting a consistent, university-wide culture of and approach to information management. Within such a culture, consistency would be the norm and exceptions would require a strong justification.

A culture of information management is one that recognizes the strategic value of information to the institution and promotes and facilitates good information management practice. As suggested in “Guidelines for Developing an Information Strategy,” published by the Joint Information Systems Committee (JISC) in 1995, this culture might best be understood as a set of attitudes in which any information that is available for sharing (and most will be) is well defined and appropriately accessible (allowing for necessary safeguards), the quality of information is fit for purpose (e.g., accuracy, currency, consistency, completeness), and all staff know and exercise their responsibilities toward information. Or, as expressed in “Future State Vision for Information Management,” an information management culture would “provide a framework for how information is to be shared, captured, stored, modelled and kept reliable across the environment” (http://mike2.openmethodology.org/wiki/Future_State_Vision_for_Information_Management). That is the purpose of the information strategy.

The principles of information management that should underpin the information strategy might include the following:

• Information should be integrated across systems such that managers can model the organization through data and not be constrained by demarcation lines and associated issues of data ownership.
• Corporate data should be owned by the university, not by any single section or department. Stewardship of, and responsibility for, information assets should be clearly established, along with a mechanism for resolving any disputes that arise.
• Data should not be duplicated. There should be a single version of the truth: there is no such thing as postmodern information management, not even in a university.
• Data quality standards should be defined and measurable, with consistent vocabulary and definitions applied to all corporate data and information elements.
• Information should be appropriate and fit for its purpose.
• Information should be openly available and accessible, in a convenient and readily usable manner such that staff and students can do their work and fulfill their roles in the most effective manner possible.
• All information management activity should comply with relevant legal and ethical requirements, including but not limited to data protection, freedom of information, and copyright.
• Data should be secure according to defined levels of sensitivity and confidentiality.
• All staff should have information management roles and responsibilities, and they should be supported in these activities through simple, nontechnical processes, well-designed support arrangements, and the provision of suitable equipment.

Governance

It is often remarked, in the context of governance generally, that “if you don’t get the governance right, it is very hard to get anything else right,” or more optimistically, “if you get the governance right, the rest will follow.” While this might be applied in almost any walk of life, it is particularly true of IT and information management. It is even more apposite when referring to managing information technology in universities, where the balance between the collegiate and the managerial is regarded with particular sensitivity. So we need to ask, what does getting the governance “right” look like in practice?

The general purpose of governance is to ensure that an organization has

• the means to envision its future,
• the means to design that future (i.e., to develop strategies capable of achieving the vision),
• the means to implement the design (i.e., having the management structures and processes in place to ensure that the plans come to fruition), and
• the means to sustain this process over time, as circumstances change.

Expressed simply, a good governance regime is one that succeeds in each of these areas.

Developing the Vision and the Strategies

In a large, complex institution like a university there are significant challenges at all of the stages outlined above, not the least of which is how to ensure that all major areas of activity are aligned to corporate thinking and planning. This is particularly challenging in the area of information technology, which is now so pervasive and so fundamental to so much of what a university does that the corporate plan must be informed by the technology as well as, of course, setting the direction for it.

The specific issues and requirements need to ensure the following:

• There is capacity at the highest levels to envision the future, in terms of technological trends and likely future possibilities in a general, overarching sense that relates to the overall purpose of the university.
• There is capacity, and clear responsibility, in each of the principal activity areas (e.g., learning and teaching, research, marketing, communication, administration) to envision the technology-informed future for the specific area and also in such a way as might contribute to the overall vision for the university.
• There are regular formal opportunities to reflect on future possibilities and to engage in holistic planning exercises, and the plans and strategies that emerge are capable of responding quickly to changing circumstances and new opportunities.

Implementation and Management

Mario Cuomo, the former governor of New York, famously observed: “We campaign in poetry but we must govern in prose.” As many a world-weary leader has observed since, it is to the hard, if prosaic, work of management that we must turn if our visions are to become reality. And the management challenge is greater, if still not quite poetic, when the plans to be implemented require coordination of resources and management support from many different sections of the university.

This is frequently the case with IT-related projects, which, as already noted, are often disruptive; indeed, the better ones tend to be those that are designed to challenge existing processes. An IT project that sets out simply to automate an existing process, rather than to challenge that process, is likely to fail. It is also likely that such projects will have been conceived with the present management structure as a starting point, rather than with the benefit of a broader perspective, which takes us back to vision and strategy. Conversely, any major IT project that has the potential to make a substantial beneficial difference is likely to challenge existing arrangements, and it will require strong leadership and effective, joined-up, management if it is to succeed.

It should be our objective, then, to ensure that management arrangements are genuinely facilitative of high-level plans and are fully capable of achieving the overall vision and strategy. No specific proposal is made here regarding structures, roles, or committees—only the more general observation that, whatever the response, it might be beneficial to focus on addressing broad horizontal themes such as the quality of the student experience, internal communication, and value for money spent. Such a tightening and strengthening of management arrangements may become even more important as universities seek to convince prospective students that they will see a reasonable return on their increased investment.

Specific IT and Information-Related Requirements

In the context of all of the above, the following specific IT and information-related requirements are needed:

• An overarching information strategy setting out the importance of information as a strategic asset, the principles of information management, the overall design of the IT infrastructure, and the integrated data architecture.
• A senior group charged with the responsibility to manage this high-level strategy and to ensure its continued relevance.
• A formal procedure to require all significant proposals for purchasing or developing new information systems, and for developing the overall IT infrastructure, to be considered in the context of the General Information Strategy.
• A formal procedure whereby these projects, once approved, are implemented according to an agreed-upon project management framework and methodology.

IT Strategy

As noted earlier, the concept of an IT strategy cannot be divorced from the broader notion of an information strategy. The former is a necessary component of the latter and has no independent existence from it. It follows that the IT strategy should be designed to facilitate the objectives and requirements of the information strategy in both its vertical and horizontal manifestations, and at both its general and specific levels. It also follows that the information management principles and the governance machinery set out above apply in this inclusive manner.

A Rolling Program

If the purpose of the IT strategy is to help facilitate the objectives and requirements of the information strategy, this would suggest that the latter stands as the relatively fixed statement of principles while the former is somewhat more nimble as it responds to circumstances and opportunities. The IT strategy, then, might take the form of a rolling program, covering no more than three years, based on the broader strategic principles and managed and monitored (reviewed and renewed) through the governance machinery.

Design: The Concept of Enterprise Architecture

Strategies and plans based on the concept of a single, integrated institution need a process, a management framework, to ensure that the IT infrastructure is designed and developed in a manner that will facilitate this. Such a framework is necessary to ensure that the university obtains the maximum return on its investments in information technology. It is also a major component in the information strategy and one that relates strongly to the principles outlined earlier. This framework should take a comprehensive view across the range of roles, processes, and technologies involved in the strategic development of the university’s technical infrastructure. This concept is often referred to as an “enterprise architecture” (EA) approach, emphasizing the importance of the holistic view of technology fully aligned with, and integrated into, corporate strategy.

Without this approach, there is a danger that the university’s investments in information systems and technologies will not generate the required return and will result in increased wastefulness and duplication. An EA approach helps to ensure that all future investment will bring the maximum benefit to the institution, that recurrent costs will be minimized, that development capacity will be enhanced, and that the resulting systems and services will meet the university’s requirements.

The EA development principles might include the following:

• Major IT projects should be led by the process-owning department(s), not by the IT department.
• Individual IT projects must be seen as part of an integrated whole. They must be fit for their intended purpose, but they should also be consistent and interoperable with the existing and planned IT infrastructure.
• Development of the information systems infrastructure should be in accordance with Service Oriented Architecture (SOA) principles. In effect this means the adoption of open industry standards such that different systems can be assured of a reasonable level of interoperability.
• The university should move to fewer, standardized systems, in line with the broader strategic requirement to behave as a single integrated institution.
• Funding of IT projects should recognize the full implications, not just the direct costs. Consideration should be given to the overall budget for developing and maintaining the IT infrastructure.

The university should also establish a systems procurement policy that would address issues such as

• whether to buy systems rather than attempt to build them from within the IT department,
• whether it is important to purchase systems that have a strong presence in the domestic higher education sector and for which there are active user communities through which to share ideas and good practice,
• whether to incorporate outsourcing and/or cloud-based services into the IT strategy, and  
• how best to ensure sustainability and energy-efficiency in all aspects of IT planning and decision making.

The guardianship of these principles would reside within the higher reaches of the governance machinery.

Engagement

Having determined the general purpose of the IT strategy and its relationship with the broader information strategy, and having also determined the principles that should govern the development of the IT infrastructure, we turn finally to the process of engagement with the university community. The challenge is to set the level of discussion according to the interests and requirements of nontechnical staff at all levels.

Certainly the existence of the EA development principles will help, as will the necessary relationship back to the broader principles of the information strategy. But we might also consider a diagrammatic representation of the IT infrastructure along with a nontechnical commentary as part of the process.

There are many ways of representing the IT infrastructure: one very simple one is presented in Figure 1. Such a diagram could form the centerpiece of an annual report or a commentary on the development of the IT infrastructure, showing where and why changes have been approved and relating them back to the principles. The report might also show a destination model as well as a legacy-based starting point to help set the strategy in developmental context.

Vertical Strategies

The process for creating vertical strategies would be set out in relation to the development of the corporate plan, and as noted, the information strategy for that process would be a fully integrated component of the planning and of the resulting plan. The team of staff charged with developing the major process strategies would include a senior member of the Information Services or IT department and would need to have the following elements included within their terms of reference:

• To reflect on the information resources and the information flows that underpin the process in question and to identify any weaknesses, gaps, constraints, or opportunities that may exist
• To review the range of information systems currently in place to support the process and to assess their continuing fitness for purpose
• To assess the extent to which the information infrastructure is consistent with the development principles set out in the General Information Strategy
• To assess the extent to which the information management arrangements are consistent with the principles set out in the General Information Strategy
• To ensure that the team is familiar with the major information systems initiatives that will have an impact on, and provide opportunities for, the process in question

The task of ensuring that this work is undertaken in compliance with the General Information Strategy principles would fall to the governance machinery discussed above.

What It Means to Higher Education

In the modern university, information management is, or should be, at the heart of both strategic and operational management. This is not an argument for the chief information officer (CIO) to run the institution. But the CIO role, or its equivalent, should be conceived with an institution-wide brief to influence corporate vision and strategy and to ensure consistency in planning and implementation of services—in short, to provide leadership.

The implied management/governance model set out above is one that fully accommodates this type of CIO role, with all of its potential for interference and subversion. But though this would be a necessary step, it is not by itself sufficient. The accommodation is not simply to accept a CIO onto the governing cabinet; it is to ensure that the CEO, the COO, and the CFO are on board with the model too. For it is an information management–influenced general management model that is sought—albeit with a powerful leadership role embodied in the CIO—not just a beefed-up IT department.

The central concern, then, is a broad one, related to the capacity for senior management to (pro)actively direct, challenge and coordinate the work of the various silos. Strategic information management implies joined-up planning and administration. Without the latter, the former is devoid of practical meaning.