IT Governance supports the evolution of UQ-wide IT planning, assurance and operations, moving toward a model that best aligns the IT function with the University's Strategic Plan in an environment where planning, investment and priority-setting are transparent and coordinated.

IT Governance adapts to the changing strategic drivers that influence UQ objectives, responding to changes in the business and regulatory environment, and the development of new technologies. IT Governance ensures that stakeholder needs, conditions and options are evaluated.

To achieve this, clear authorities, mandates and visibility of IT delivery are required. These areas are defined by the IT Governance framework (PDF, 1.71MB).

Governance and management areas

Established in November 2016, the role of the Chief Information Officer (CIO) is to ensure that the University's IT environment is fit for purpose and designed for agility and efficiency.

IT Governance is supported by the:

  • Strategic Information Technology Council (SITC), and
  • Information Technology Governance Committee (ITGC).

IT management area flow chart

Governance objectives

  • Provide IT architectural guidelines and principles that underpin the development of IT capabilities at UQ.
  • Align Information Technology with UQ's Strategic Plan and support the advancement of organisational priorities.
  • Enhance and communicate the performance of Information Technology.
  • Maximise the value of Information Technology resources to provide stakeholder value.
  • Ensure compliance, and identify and mitigate Information Technology risk appropriately.

Governance principles

  • Balance of needs: Provide mechanisms to balance short-term local needs with the long-term needs of the whole institution.
  • Federated and integrated: UQ IT services are delivered under a partly federated model. This model effectively uses the Information Technology Services Division for the provision of services and technology of both scale and ubiquity to provide an IT environment that meets the needs of the UQ community.
  • University-driven IT investment: IT investments are prioritised and selected based on the institutional benefit.

Governance priorities

  • Align the IT function with UQ’s strategic direction to meet defined University goals and objectives.
  • Examine IT risks and security objectives across the institution and implement measures that reduce UQ’s risk profile. Compliance with government guidelines and legislation, and with good procurement practice, will also be monitored.
  • Ensure economic and other benefits are realised in all IT investments, from project selection to implementation to ongoing management throughout the lifecycle.
  • Determine and establish performance measures that define the success of IT projects and services. Measurement of alignment with UQ’s strategy, funding allocation and project results are also considered.
  • Optimise IT resource capacity and performance while forecasting future needs, including the appropriate IT staffing profile.

Governance enablers

The ITGC will deliver on the Governance priorities through effective management of Information Technology Functions.

Frameworks, management committees and effective communications to the communities that deliver and use IT are used to monitor, evaluate and improve the IT function performance.


Frameworks are policies, standards and guidance that create a consistent approach to managing each of the Management functions of IT. Frameworks include:

  • IT Reporting Framework
  • IT Architecture Framework
  • Information Management Framework
  • Security Management Framework
  • Project Management Framework
  • Category Management Framework
  • IT Contract Management Framework
  • Change Management Framework
  • Incident Management Framework.

Management Committees

These committees are the collaborative decision-making power that provides assurance over a subset of the management functions of IT. Management committees also provide appropriate prioritisation and direction to ensure the management functions of IT are meeting the needs of stakeholders.

Current Management Committees include:

  • Project Advisory Board
  • Change Advisory Board
  • Information Security Group
  • IT Asset Management Advisory Group
  • IT Service Management
  • Financial Systems Management Advisory Group
  • Student Systems Steering Committee
  • Customer Experience Steering Committee
  • Enterprise Support Systems Portfolio Planning Group.

Effective communication

A number of communities support UQ in delivering on IT functions, following the direction of management in delivering value for the UQ community. They communicate and share information. These communities include:

  • Information Technology Relationship Officers
  • Information Technology Leaders Forum
  • The IT Category Manager
  • Financial Systems Operational Forum
  • Student Systems Operational Forum
  • UQ IT Architecture Community.

Management functions of IT

Management plans, provisions, runs and monitors activities in alignment with the direction set by the CIO to achieve UQ enterprise objectives.

The management of IT at UQ can be categorised into the following five functions in accordance with UQ’s needs and priorities. Management regularly reports on these activities to the appropriate governance body.

Investment management


  • To ensure that IT investments are prioritised to deliver on UQ's strategic objectives, and are based on sound business decision-making investment principles.
  • To ensure intended benefits are derived from investments undertaken.


  • Financial Management
  • Pipeline Management
  • Resource Management
  • Benefits Realisation.

The CIO has tasked the Project Advisory Board in overseeing the responsible allocation of investment for IT programs and projects under the ICT investment plan.

Architecture management


  • To work towards a mature practice where Enterprise Architecture is an enabler of efficient and effective IT capability development and service delivery.
  • To build roadmaps and mechanisms that lead to the desired future state.
  • To ensure alignment of IT to UQ’s strategic direction.


  • Business Architecture
  • Data Architecture
  • Application Architecture
  • Technology Architecture
  • Security Architecture.

The ITGC will oversee the function of Architecture Management.

Risk and security management


  • To enable world-class information technology services while protecting UQ from increasingly aggressive and sophisticated cyber threats.
  • To align information security with the objectives of the University, providing visibility of key risks and issues to enable ownership by the governing bodies of UQ.
  • To manage the risk of uncertainty in delivering objectives through appropriate identification and mitigation of risks.


  • Data Classification
  • Application Security
  • Infrastructure Security
  • Business Continuity Planning
  • Disaster Recovery Planning
  • Project Risk Management
  • Enterprise Risk Management.

The CIO has tasked the Information Security Group in overseeing this function, with regular updates to the ITGC.

Service management


  • To align the delivery of IT services with UQ’s needs, underlining benefits to customers.
  • To monitor the effectiveness of end-to-end services.
  • To improve quality and reliability of IT services offered.


  • Service Support
    • Change Management
    • Problem Management
    • Incident Management
    • Availability Management
    • Release Management
    • Configuration Management
    • Capacity Management
  • Service Delivery
    • Service Level Management
    • Financial Management for IT Services
    • IT Service Continuity Management.

The IT Service Management Committee will monitor the functions of service delivery reporting regularly to ITGC. The Change Advisory Board will oversee the service support discipline of service management.

Category management


  • To provide a strategic IT purchasing and procurement approach that supports the IT Strategic Plan, drives value for UQ and responds to the UQ community’s expectations.
  • To develop an IT purchasing and procurement framework for use consistently across UQ.
  • To establish supply arrangements for commonly purchased items that leverage UQ’s collective buying power.
  • To advise purchasers in relation to meeting custom requirements and provide assistance in preparing and publishing tenders for significant procurements.
  • To maintain the purchasing and procurement lifecycle for IT products and services.
  • To identify, manage and strengthen vendor relationships to support effective contract management and benefits realisation, and to identify future opportunities.


  • Procurement Analysis
  • Procurement Planning
  • Tender Management
  • Vendor Management
  • Asset Management
  • Contract management.

IT Category Management is a new capability being developed at UQ. The ITGC will oversee the function of IT Category Management with the IT Asset Management Advisory Group (reporting to ITGC) continuing to oversee software compliance and asset management.