IT Projects Review Process & Prioritization
Review Process
The IT Project review process begins with defining “What is an IT Project?” KU IT will use the following definition:
Projects are temporary endeavors that have unique outputs, and are considered “one-time” efforts. Projects differ from operational efforts, which are ongoing activities that happen with regular occurrence, and are considered repetitive.
Information Technology projects are as defined above which meet any of the following criteria:
- Service
- Implements a new technology-based service
- Changes an existing technology-based service
- Replaces an existing technology-based service
- Use of technology resources (hardware / software / network)
- Effort that connects to or integrates with KU data
- Effort that uses the KU network infrastructure
- Integrates with KU technology systems or services in general
- Efforts where the end user or system / service administrator is KU
- Use of IT staff resources
- Efforts which require IT staff resources to be utilized for non-operational work
This includes any KU purchases of software, applications, licenses, and SaaS (Software as a Service) cloud solutions.
All IT projects as defined above, will enter the KU IT Project Governance intake process. Smaller efforts (less risk, non-service impacting) will exit early from the IT Project Governance process, but still be reviewed by KU IT. Larger projects, which require more careful review, will proceed through the KU IT Project Governance process, and be prioritized at the conclusion of review with the other non-Governance projects which exited earlier.
IT projects will follow this general process
- Project information is entered into the project intake form in ServiceNow
- For those projects meeting the Service-level criteria above, a Business Case will be developed to justify the project (KU IT can assist with creating the Business Case)
- The Vendor will be asked to supply information for the IT Vendor Questionnaire (access and integrations) and complete the HECVAT documentation (IT security)
- All submitted project information (Business Case, IT Questionnaire, and HECVAT) is reviewed by IT Operations
- IT Operations meets weekly to review feasibility, impacts to other systems, IT resource needs, and security.
- Membership of this group includes KU Procurement Office, and internal IT staff
- Project documentation is then sent to the appropriate Service Council for campus feedback and recommendations
- The final step is an IT Leadership review (to be replaced by an IT Strategic Council), who will review all of the project documentation, recommendations from IT Operations and Service Councils, to determine the prioritization and sequence of projects. They will formally approve the project and commit resources for the project to move forward. As additional projects move through the process, they will be responsible for reviewing new projects and current projects, and making adjustments as necessary.
The overall process should take no longer than one-to-three weeks, once the project is entered into the system until formal approval. Most of the delay is dependent upon the requestor submitting appropriate information at the start, and vendor responses to the IT Vendor Questionnaire and HECVAT. This estimate does not include estimated time for an RFP (request for purchase) to be completed, which may be required. Currently any purchase over $50,000 will require an RFP. KU IT and the KU Procurement Office can assist with RFPs
Prioritization Levels
Level of priority will be assigned in the final stage of IT Project Governance, based on best practices at peer institutions. The labels are matched with the levels identified in our tool, ServiceNow. Projects will not be prioritized until they have been fully reviewed by the appropriate groups in the IT Project Governance process.
- Critical Priority
- Any IT Projects that are mandated by Federal or State regulatory issues, a need for immediate compliance, or pose a high risk or vulnerability to KU security or data. KU IT resources will be removed from any other priority to work on Critical Priority projects until completed.
- High
- Any IT Projects that carry significant impact to enrollment, student success, instruction, research, or revenue. This also includes implementing strategic initiatives identified by the Chancellor or Provost. These projects may have firm deadlines driven by the academic calendar, or by contract expiration. High Priority projects usually implement new services which drive the core mission of KU, improve data quality, or implement efficiencies within departments. High Priority projects likely have benefits for the entirety of KU, and are usually considered ‘enterprise’ projects. KU IT resources will first be applied to these projects over any other lower priority.
- Moderate
- Any IT Project which does not directly impact the core mission of KU, and is not directly tied to a strategic initiative. These projects are still important to the continued success of KU, and likely provide benefits to one or multiple units or departments requesting the project. The timelines are more flexible. KU IT resources will be applied to these projects when not working on Critical or High Priority efforts.
- Low
- Any IT Project which can be considered a ‘maintenance’ or ‘nice to have’ project, which does not impact core mission of KU, or strategic initiatives. These projects may have fewer benefits to KU as a whole, and may only benefit one unit or department. KU IT resources will work on these projects as time permits, and around higher priority efforts.
- Planning
- Any IT Project which has been submitted into the IT Project Governance process, however does not include enough information to formally approve for prioritization or KU IT resourcing. This could include efforts that require an RFP (Request for Purchase), LoE (Level of Effort), or to determine funding needed to purchase. In each of these scenarios, the project will be approved to gather this additional information, and be returned to an earlier step in the process to be reviewed and appropriately prioritized with a level described above.
At any time during the project, Executive Sponsors may request that a project be re-evaluated for prioritization if they believe the status has changed. IT Project Governance will consider the project and new scope documentation at the following meeting.