BOTTOM LINE: IT Governance starts with relationships and is supported by good policy.
IT Governance is an area of practice that many CIOs in for-profit businesses struggle to get movement on. This may be because when pushed up against a deadline, most staff just want to get things done and forget the “arbitrary rules” they don’t understand the benefit of. In some ways, this is our American culture pushing us to conquer our enemy with whatever method is necessary so long as it isn’t illegal or immoral.
Recognizing that most ministries have no less pressure to perform than what is found in enterprises, I pondered if it is even practical to request staff to live within boundaries which are hard to define and harder to nicely, kindly enforce. After all, most executive staffs do not even understand the legal and security risk of not governing IT well. None the less, the world of IS is chaos without direction and management.
What I knew from the beginning was that we couldn’t create respect by waving a thick policy around and carrying a large stick. Church IT Governance has to look a lot more like relationships than yet another religion, so I did my best to prepare our staff for the rules by building trust and respect in my first six months here. Then, we rolled out this Information Systems Policy (PDF) as a section within our larger Employee Handbook.
Feel free to download it and use whatever is applicable to your context. I wrote about 40% of this, took 20% from another church (they offered), and the remaining 40% is a remnant of what was here before I arrived. Our HR Director also provided editing services. One of our goals was to make it as brief as possible without sounding harsh. Hopefully we struck a balance, but I would love feedback and comments on how we did.
Tony Dye also made The Perimeter Church generic manual available for download a few years back and it seems to be a bit more conversational.