it governance overview
Post on 19-Oct-2014
297 views
DESCRIPTION
TRANSCRIPT
uGovernIT™, Inc. Confiden2al ©
Subbu Murthy
IT Governance
uGovernIT™, Inc. Confiden2al ©
Information technology governance is a subset discipline of corporate governance focused on information technology (IT) systems and their performance and risk management. The rising interest in IT governance is partly due to compliance initiatives, for instance Sarbanes-Oxley in the USA and Basel II in Europe, but more so because of the need for greater accountability for decision-making around the use of IT in the best interest of all stakeholders.
Wikipedia
uGovernIT™, Inc. Confiden2al © 3
The scope of IT Governance includes all technology components (IT infrastructure, telecommunications, software applications) and resources (IT personnel, user-IT teams) necessary to effectively develop and manage technology initiatives and resources within the Enterprise. The principal objective of the governance process is to enable the Enterprise achieve its business objectives.
A CIO View
uGovernIT™, Inc. Confiden2al ©
The Big IT Challenge
4
Customers (users) always have issues/changes that require IT technical resources.
Business changes, technology changes, regulatory changes and new ideas constantly create new project requests.
Budget challenges, backlogged work requests and the need to incessantly innovate make resource alloca2ons challenging.
uGovernIT™, Inc. Confiden2al ©
Three Certain7es In Life
5
We know the first two certain2es, the third is known to every IT professional! Marke2ng
HR
Opera2ons
Internal IT Projects
Finance
There is always more work than available $
Compliance
uGovernIT™, Inc. Confiden2al ©
Goal of IT Governance
6
Verifying that I.T. dollars are spent on the right projects, and just as importantly, at the right 2me
uGovernIT™, Inc. Confiden2al ©
CIOs are faced with 3 Concurrent Ac7vity Streams
7
Business As Usual
Innovate Op7mize
“Keep it running”
“Increase Revenues” “Do More With Less”
Changes to opera2ons/problems are managed via service requests
These are typically your strategic ini7a7ves implemented to get the best value
These projects are typically improvements that drive efficiency to the way business operates
uGovernIT™, Inc. Confiden2al ©
How do BIG CIOs cope with this?
8
Customer Support
Technical Services
Project Management
Asset Management
Resource Management
Budge2ng & Planning System
They spend Mega $ on
tools and staff: not just one-‐
2me costs but high recurring
expenses
Tools for managing customer support,
services, projects and a separate tool for Integra2ng Data
& Building Analy2cs
PMOs to manage projects, support staff to analyze performance and generate reports
uGovernIT™, Inc. Confiden2al ©
These solu7ons are not prac7cal for the innova7ve SMB CIOs
9
• The tools are expensive to acquire and expensive to maintain 1
• The tools and the associated Governance processes are complex and onerous 2
• The tools need custom integra2on to get the whole picture 3
• The tools are complex and need the services of specialized staff 4
uGovernIT™, Inc. Confiden2al © 10
SMB IT Governance From a Change Agent Perspec7ve
uGovernIT™, Inc. Confiden2al ©
Who manages IT for SMBs?
11
<$500K < $3M $3M+
10 to 500 employees
100 to 5000 employees
S M
I.T. Director CIO CFO COO
IT Expenditures
Who manages IT?
uGovernIT™, Inc. Confiden2al ©
On-‐Demand CIO Services are gaining Trac7on
12
There is a large pool of experienced CIOs who area ready to bring their expertise to help SMBs
Retainer models ensure that there is a fixed cost but CIOs understand the workload fluctuations typical of SMB needs
Strategy and developing the IT Blueprint for a SMB, and managing it does not require a full-‐time CIO
Costs are typically a fourth of the cost of captive full-‐time CIO
uGovernIT™, Inc. Confiden2al ©
On-‐Demand CIO/CTO Services Model
13
uGovernIT™, Inc. Confiden2al © 14
SMB IT Governance From a Process Perspec7ve
uGovernIT™, Inc. Confiden2al ©
The Keep IT Simple Approach
15
SERVIC
E
REQUESTS
PROJE
CT
REQUESTS
RESOURCE
MANAGEM
ENT
How do I?
I have a problem
I need something
Review & Approval Process
Problem Management
Service Management
Service Fulfillment
Change Management
New Project Request
Task Management
Project Management
IT Steering Commijee
New Project Request
Project Implementa2on & Delivery Process
PMO User-‐IT Governance
IT Steering Commijee
Asset Management
Resource Management
Budget Management
Analy2cs & Dashboards Resource
Management
Asset Acquisi2on
Asset Alloca2on
Asset U2liza2on
Asset Disposi2on
Asset Catalog
Asset Management
Budget Review
Budget Approval
Budget Alloca2on
Variance Tracking
Es2mate Budget
Budget Management
uGovernIT™, Inc. Confiden2al ©
IT Governance Framework (1)
16
Efficiency Effec2veness Transforma2onal
Design, develop and deliver IT Services
Con2nuously evolve services to meet user needs
Develop and meet SLAs to improve performance
Design, develop and deliver technology ini2a2ves
Triage and sequence projects to meet business needs
Con2nuously evolve capabili2es to deliver innova2on
Align resource priori2es to business needs Plan and budget with focus on effec2ve resource u2liza2on
Con2nuously evolve to innovate and add business value
Maturity Level
Technology Management
User Benefit
Business Benefit
uGovernIT™, Inc. Confiden2al ©
Another Maturity Framework (2)
17
Reduces Risk Increases Efficiency
Increases Revenues
I
R E
M
Laggards
Trailblazers
Thrims
Leaders
IT is focused on gaining a compe22ve edge. IT Investments are focused on revenue enhancements while minimizing risk.
Efficiency may sacrificed leading to higher budgets than necessary.
IT is focused on just maintaining systems and reducing exposure. Typically IT is limited to back-‐office opera2ons.
User projects do not get priority. IT is rarely used to build a compe22ve edge.
IT is mature and provides the enterprise compe22ve advantage and opera2onal efficiencies.
Smaller projects which can produce high value can get lost in the priority shuffle. IT is innova2ve but could add more risk.
IT is focused on saving costs by enabling the enterprise to be efficient.
IT tends to innovate less and could lead to obsolescence. IT is rarely used to build a compe22ve edge.
uGovernIT™, Inc. Confiden2al © 18
SMB IT Governance From a Tool Perspec7ve
uGovernIT™, Inc. Confiden2al ©
Tool Perspec7ve: Need for an Integrated Solu7on
19
A complete solution that is fully integrated and costs a lot less
Out of the box, it should have the features, content and reports CIOs need
It should be based on best practices such as ITIL and other standards but must be simple to use and practical
It must be flexible and configurable to meet the needs today and grow to meet the needs tomorrow
uGovernIT™, Inc. Confiden2al ©
Governance Architecture
20
Configurator
Workflow Processor
Content Manager
Analy7cs
This component helps configure the Governance to enterprise specific needs.
Pre-‐built Work flows can be configured and adapted to enterprise business process.
Pre-‐built policies, procedures, rules, service levels can be customized to meet enterprise specific requirements.
Analy2cs can help managers and execu2ves measure and manage resource u2liza2on, efficiency and effec2veness.
uGovernIT™, Inc. Confiden2al ©
Mar Apr May Jun Jul Aug
Service Requests (past 6 months)
4 3 2 1
Open Service Requests 233
121 168
Low Medium
High
Open Request Types 145 329
38
Issues Services Changes
Closed (past month) 160 229
18
Issues Services Changes
Project Status 23
14 8
On Track Minor Issues Major Issues
Pending Review Pending Approval
New Project Requests
Pending Start
7 4 3
Task Lists 45
19 7
Open New
Closed
Project Costs (past 6 months)
21
Resource Management 93
54 179
Employees Consultants
Vendors
Project A Project B
Top 3 Resource Centric Projects
Project C
25 14 13
Resource Hours 385
619 Infrastructure
Resource U2liza2on
19% 34% 29% 18%
Infra-‐ Apps Projects Other Structure Support
Apps Support Projects Other
548 368
Budget Management $2463K $2445K $18K
Budget Actuals
Variance
Selected Budget Costs
IT Costs (past 6 months)
Costs (current month) $400K $522K
Infrastructure Apps Support
Projects Other
$748K $468K
PC Purchases Consultant Costs Somware Maintenance
$120K $85K $55K
CIO View
uGovernIT™, Inc. Confiden2al © uGovernIT™, Inc. Confiden2al © uGovernIT™, Inc. Confiden2al © uGovernIT™, Inc. Confiden2al ©
Tool should provide integrated dashboards
uGovernIT™, Inc. Confiden2al © 22
Services Lens Project
Lens
Ops Lens
Tool should provide three lenses
uGovernIT™, Inc. Confiden2al © 23
Priority 1 Priority 2 Priority 3
Priority 2 Priority 3 Defer
Priority 3 Priority 3 Defer
High
Med
ium
Low
Low Medium High
Project Cost
Busine
ss Value
Project ABC
Project AVG
Project BI
Project PMM
Project XYZ
Tool should provide assessment frameworks
uGovernIT™, Inc. Confiden2al © 24
Information Systems Audit and Control Association (ISACA) is a set of guidelines and supporting toolset for IT Governance that is accepted worldwide. It’s used by auditors and companies as a way to integrate technology to implement controls and meet specific business objectives.
Control Objec7ves for Informa7on & related Technology (CoBIT)
ITIL from the government of the United Kingdom offers eight sets of management procedures in eight books: service delivery, service support, service management, infrastructure management, software asset management, business perspective, security management and application management. ITIL is a good fit for organizations concerned about operations.
The Informa7on Technology Infrastructure Library (ITIL)
uGovernIT™, Inc. Confiden2al © 25
This model for evaluating internal controls is from the Committee of Sponsoring Organizations of the Treadway Commission. It includes guidelines on many functions, including human resource management, inbound and outbound logistics, external resources, information technology, risk, legal affairs, the enterprise, marketing and sales, operations, all financial functions, procurement and reporting. This is a more business-general framework that is less IT-specific than the others.
Commihee of Sponsoring Organiza7ons (COSO)
The Capability Maturity Model Integration method, created by a group from government, industry and Carnegie-Mellon’s Software Engineering Institute, is a process improvement approach that contains 22 process areas. It is divided into appraisal, evaluation and structure. CMMI is particularly well-suited to organizations that need help with application development, lifecycle issues and improving the delivery of products throughout the lifecycle.
Capability Maturity Model Integra7on (CMMI)