I recently interviewed Bill Godfrey, CIO at Dow Jones, for a story I\u2019m writing. Smart guy. We started talking about enterprise architecture and governance and he mentioned that he had developed a set of "Big Rules" for managing IT. \n\nI was intrigued by the idea of creating a document that describes how IT is purchased, developed, installed and run. Seems like an impossibly complex task. But Bill did it. He generously agreed to share it with you. \n\nImagine being able to give businesspeople a single document that explains how IT works and what they need to do to get a project approved. Could be a great tool for building relationships with the business. Bill is looking for feedback on it, so please post comments. \n\nINFORMATION TECHNOLOGY SERVICES GOVERNANCE\u2018THE BIG RULES\u2019 \n\nSTRATEGIC PLANNING \n\n\n\nAll technology divisions will have a documented Technology Plan. \n\nAll technology divisions will have published goals and objectives. PRODUCTION PRIORITIZATION \n\n\n\nSeverity One production problems take resource precedent over all else. Management and staff will work on Severity One problems immediately and continually until resolved. ENTERPRISE ARCHITECTURE \n\n\n\nAll technology divisions will have a documented high level architecture. \n\nAll technology divisions will adhere to infrastructure standards or seek exception approval. \n\nAll technology projects over $250K in total cost must be approved through the Early Look Architecture Zoning process prior to capital approval submission. PROJECT MANAGEMENT \n\n\n\n100% adherence to the DJ Project Management process for all non-trivial development projects (projects estimated to take more than two weeks of staff time). \n\nAll development projects will have a specifically identified business sponsor and a specifically identified technology project leader prior to initiation. \n\nAll development projects requiring infrastructure support will directly involve infrastructure support staff during project initiation, giving the infrastructure staff an opportunity to directly participate in the design of systems solutions. TIME MANAGEMENT \n\n\n\nAll staff time will be appropriately entered into the IT Time Reporting system on a weekly basis. TECHNOLOGY BUSINESS MANAGEMENT \n\n\n\nAs represented in approved budgets, technology costs will not exceed plan unless explicit approval is granted by the CIO. \n\nTechnology contracts will be managed and approved through Business Management services. \n\nAll 3rd party contractors\/consultants will sign NDA\u2019s, managed under the non-employee security policy, and managed through the DJ preferred vendor program. CAPITAL APPROVAL MANAGEMENT \n\n\n\nAll projects will adhere to corporate Expenditure Authorization processes (EAF). \n\nAll projects are required to have appropriate ITLST sign-offs prior to business line submission. \n\nFor all projects requiring CIO approval, all staff work and ITSLT approvals will be complete prior to seeking CIO approval. \n\nAny project with a total cost of > $250K will be submitted to Finance for formal business case review. REQUESTING PROPOSALS FROM 3RD PARTIES \n\n\n\nAll requests for proposals from 3rd parties will be reviewed and approved by the CIO prior to execution. \n\nAll requests for proposals from 3rd parties which could have DJ infrastructure implications will be reviewed and approved by Technology Engineering Services prior to execution. RELATIONSHIP MANAGEMENT \n\n\n\nBusiness Technology Directors are 100% accountable for all technology, direct and indirect, in support of the business lines they support. \n\nBusiness Technology directors \u2018own\u2019 all business application vendor relationships. \n\nEnterprises Technology directors \u2018own\u2019 all infrastructure vendor relationships. INFRASTRUCTURE MANAGEMENT \n\n\n\nEnterprise Infrastructure Services is 100% accountable for the DJ global infrastructure. \n\nEnterprise Information Services is the only organization that makes infrastructure decisions. \n\nEnterprise Information Services owns and manages all infrastructure capital. COMPLIANCE WITH AUDIT, REGULATORY, LEGAL \n\n\n\nInformation Technology Services will comply will all audit, regulatory and legal requirements. \n\nThe IT senior leadership team is accountable for compliance. OPERATIONS PROCEDURAL COMPLIANCE \n\n\n\n100% compliance with Enterprise Change Control policy and procedure. \n\nAll production applications will be supported by a Service Level Agreement. INFORMATION SECURITY \n\n\n\nAll technology staff will comply with the Dow Jones Information Security Policy. \n\nInformation Security approval must be secured prior to implementing new technology or making major enhancements to existing technology. This review and approval is to take place before any informal or formal obligations are made between DJ and a supplier. \n\nAll credential and access management to a financially significant application will be managed and controlled through Information Security. SARBANES-OXLEY COMPLIANCE \n\n\n\n100% compliance to all Sarbanes-Oxley controls \n\nAll IT leaders will be thoroughly familiar with the IT General Control Policies; governance, project management, operations, access control and data management. \n\nAll IT leaders, supervisor and above, are responsible and accountable for SOX compliance across their respective areas of control.