APPENDIX B
CHARTER EXAMPLE
The aim of a charter between IT and the rest of the business is to ensure that there is a clear understanding of what will be delivered, and how and when it will be delivered. There is a growing trend to make IT systems configurable such that end users in the business can make changes to how their applications work, without the need to involve the IT team members. This all sounds good and empowering for the business users, but this practice can leave some grey areas around who trains the business users to make configurations. When do the IT team need to get involved? Who is responsible for documenting how the application works?
A charter helps here by bringing the expectations of the business users and IT support staff together in one document. Again, the format and layout and level of detail in your charter will depend on the complexity, size and nature of your business. As a general rule, you will want to include the following:
- a list of business IT services provided by the IT team, together with an expectation of service levels;
- an explanation of processes for issue and problem management handling;
- a statement on capacity and performance;
- some reassurance around disaster recovery and business continuity measures that are in place.
For each business application, you will need to document:
- responsibilities of the IT team in providing the application;
- responsibilities of the business users in using the application.
You will also need:
- a change management process for business users to document application configuration changes;
- a change management process for the IT team to make system and service changes.
It is also worth capturing expectations of how training will happen, how service upgrades will be applied and when, and how conflicts will be addressed.
And, finally, there needs to be a written record that the charter has been understood and is accepted by the business users and the IT team. This can be in the form of dated signatures at the bottom of the charter.
Here is an example for an imaginary business service that we will call Kazaz. Kazaz is a financial services tool that helps me as a business user to work out a share portfolio for my investment customers. My customers are located in Europe and Asia, and I need high availability. From the charter, I am expecting to see processes for incident, change and problem management so that I know who to call and how to call them if I cannot get Kazaz to run. I expect to see some details on the business continuity processes that will keep my application up and running in a disaster. I expect my maintenance times to be during hours when my European and Asian customers are asleep. I will sign to take ownership for all configurations of Kazaz and to provide training for my staff and any other staff in the business who want to use Kazaz. I want to be given two weeks’ notice of all planned maintenance on the platform that hosts Kazaz or on any application that integrates with Kazaz. However, I expect to test new versions of Kazaz myself and to inform the IT team if I want them to upgrade my application. In the case of an emergency outage, I would like to be notified of what is happening and when I can expect a return to normal service, within half an hour of the start of the outage.
I expect to see a change management process to show how and when changes will be applied that might affect my application, and to detail how I will be consulted as the application owner. If an emergency change needs to be applied to the hosting platform, I expect to be informed within four hours of the change being applied.
Exactly how information is captured in your charter is up to you – you know your audience well. Most of your services (email, Internet, file storage and so on) will be common across all business users, will sit on the same platform with common maintenance and support times and common processes for dealing with change, incidents, problems, updates, retirements and replacements, and for providing general support, information and training. These services can be summarised in one table. It is only your business unit specific services, such as the Kazaz example, that will need to be documented separately.
The production of a charter might seem an unnecessary or difficult process. However, in capturing the deep and meaningful communication between IT providers and business users, it results in an acknowledgement of working practices neceessary to meet organisational goals. It can be the first step towards an alignment that will enable the governing body to fully govern IT across your organisation.