The ANAO highlights the importance of governance

A recently published review on the management of Commonwealth web sites by the ANAO has in my mind confirmed many of the themes raised in this blogg. From my initial reading the majority of the findings and recommendations are tied closely to how agencies approach governance of their web activities. Summarising the summary, the report suggests that Commonwealth agencies:

1. Clarify the purpose of their web sites, ensure these align with business goals, and review this periodically
2. Extend risk management planning to include web sites
3. Improve the management content through a combination of; periodic review, better defining responsibilities and implementing supporting business process
4. Monitor and report on the cost of websites

The full details of the report

Government Agencies’ Management of their Websites, The Auditor General - Audit Report No.13 2008–09, Australian National Audit Office, 2008

Some examples of Web Governance

The site webcontent.gov has a section on web governance. I’ve discussed their definition of governance in an earlier post. Another useful resource is the sub-section of sample governance model. The most interesting of these is the International Trade Administration’s approach to web governance. What is strong about this particular model is it clearly establishes the notion of a web channel that encompasses both web content and web based applications.

Governance - more than just a policy manual

David Schatsky, in his first-rate article, Recipe for Web Site Governance, makes a strong case for were possible radically simplifying governance. The other powerful concept presented by David is governance is more than just a manual of standards and guidelines. He neatly introduces some very useful concept including:

1. Effective governance covers too many areas to be easily assigned to one team or areas
2. Codify expertise and rules into business process
3. Use an evidence based approach to decision making

3. Does the organisation have rogue sites or business units running there own sites or applications?

Another common governance challenge is caused by individual business areas working independently of the web team and developing their own web applications or publishing sub-sites. These rogue sites are generally easy to spot as they are characterised by quality issues such: poor non-standards compliant coding, accessibility and useability issues, inconsistent branding and “look & feel”, etc. This is because these rogues sites are often able to by-pass the rules (policies, standards, guidelines) and processes which help to ensure the organisation’s web activities meets recognised ‘good practice’.

Governance is not just about roles and ownership; a key aspect is being able to control how the environment is run. The most obvious issue with different areas doing their own thing is the organisation’s web activities become fragmented and difficult to manage. However, this by-passing may be evidence that the existing web governance mechanisms are seen as irrelevant or more alarmingly as a bottleneck to getting an outcome. For governance to be effective it needs to be both viable and relevant.

Good
There are accepted conventions which guide the day-to-day operations of the internet and intranet. Theses are typically comprised of a combination of: recognised guidelines and standards, processes and procedures, and assigned responsibilities. On the whole these conventions are followed regardless of which business area is involved because they are seen having value such as making the things easier or more reliable. Critically, in situations where it is important that rules are strictly followed it is difficult for these to be by-passed, for example; accessibility, branding, security and disaster recovery.

There is probably a fair degree of reliance on individuals with specialist expertise who know the recognised good practises. This allows a degree of flexibility to adapt to emerging business requirements. However, this approach is unlikely to workable in situations characterised by rapid change, complexity or high risk.

Better
Rather then just relying on expert knowledge and accepted good practices much of the control aspects of governance is built into the organisation’s systems and business processes. This approach can take several forms. For example to enforce rules around publishing and web site content changes a CMS with good workflows and access controls is used. Business processes are used to guide other aspects of the environment, for examples ‘change control’, ‘disaster recovery and continuity planning’.

Finally, expert know-how is codified into standards, guidelines and procedures to define rules for managing parts of the environment not covered by systems or processes. Where possible these are kept simple and orientated to managing practical activities. This is not about having a weighty policy manual that attempts to document every aspect of the web environment as these tend to be an end in themselves rather than a practical resource.

Best
The organisation combines all of the above and builds on this further by using recognised methodologies to direct and guide the development of the web environment. Again, this can take a number of forms. For example; a UCD development process can be used to help keep developments focus on user’s needs along with recognised project management methodologies to help focus on business requirements.