sap pi governance - sap ch events po... · slide 4 author: jfjd• approved by: xxxx • version 0a...
TRANSCRIPT
SAP PI GovernanceSecurity, Compliance, Quality and Risk management of
interfaces
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 2
Agenda
IT Governance
Definition
Enterprise Architecture
Enterprise IT Governance
ISO 38500
Governance for SAP PI
Why Governance in SAP PI?
Purpose
Audience
Document Life Cycle
Teasers
When to Apply Governance?
Other Benefits
Key Points and Next Steps
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 3
IT GOVERNANCEIntroduction to
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 4
IT Governance in GxP projects
Definitions
"Specifying the decision rights and accountability framework to encourage desirable
behaviour in the use of IT."[1]
"an integral part of corporate governance and addresses the definition and implementation
of processes, structures and relational mechanisms in the organization that enable both
business and IT people to execute their responsibilities in support of business/IT alignment and
the creation of business value from IT enabled investments"[2]
Keywords:
Accountability, Performance, Compliance, Risk, Sustainability, Behaviour, Operations,
TCO, ROI
We don’t take overship of GxP processes (Validated systems) but we adhere and advice
towards them!
GxP is traceability, in order for have that accountability and responsibility need to be
very clear. Ie. Never miss a code review
1. Weill, P. & Ross, J. W., 2004, IT Governance: How Top Performers Manage IT Decision Rights for Superior Results", Harvard Business School Press, Boston.2, Van Grembergen and De Haes (2009)
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 5
IT Governance in Enterprise Architecture
Business Architecture
What has been done?
Who has done it?
Which information was used?
Where was it done?
Information Architecture
Data
Integration
Applications
Technology Architecture
Security, Management, Platforms,
Networks, etc.
IT Governance assures the support of the accountability framework by the Information and technology resources and architecture.
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 6
Enterprise IT Governance Organization, Human Behavior,
Control
Processes, Business Liason ,
Change Management
Hardware, Infrastructure, Data
and Applications
Regulation, Compliance
Sustainability, Risk, TCO, ROI,
Impact, Health, Environment
IT Governance has a stake in
all enterprise layers
IT Governance is NOT the
same as Good Management
Practice
IT Governance focuses over
stakeholders, accountability
and return over their
investments
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 7
ISO 35800 – A good start
International standard for Corporate governance of
information technology/
Contents:
Scope, application and objectives
Framework for good corporate governance of IT
Guidance for corporate governance of IT
The objectives of the ISO 38500 standard:
Assuring stakeholders that they can have confidence in the
organization's corporate governance of IT
Informing/guiding corporate management in governing the use of IT
in their organization
Providing a basis for objective evaluation of the corporate
governance of IT
Source: <http://www.38500.org/objectives.htm>
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 8
Questions?
How to translate IT and Corporate governance into IT technical
Systems?
How do you control your accountability framework?
Where do Quality documents and Standards fit and who has
ownership?
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 9
Questions?
How to translate IT and Corporate governance into IT technical
Systems?
Compose Guidelines, Preferences and Best practices which are technology specific
but addressed to not only to technical audiences.
How do you control your accountability framework?
Governance as a contractual document for quality and expectations toward
deliverables
Where do Quality documents and Standards fit?
Implementation Standards and procedures are under the umbrella of governance
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 10
GOVERNANCE FOR SAP POTeaser
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 11
Why Governance in SAP PO?
Importance of Integration:
Interfaces supporting critical business processes
Process Integration as tool for optimizing business processes
Integration in all functional areas
High Volume of transactions
Risks
Critical Business Processes halted due to technical issues
Sensitive data in interfaces
Security of Integration Engines
Un-compliance over regulations
Expensive Operations
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 12
Why Governance in SAP PO?
How do we mitigate risk and increase accountability?
Best Practices
Well defined Roles
Well defined Standards
Documentation Processes
Why is different SAP PO?
Is a technical system (no users)
Is a critical system, (ESOA single point of failure)
Supports Open and Industry standards
Very flexible, high implementation volumes
Badly designed interface could jeopardize the whole system stability
Standard IT Governance is not a perfect fit
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 13
SAP PO Governance Purpose
“Define guidelines, standards and expectations for consistent
management of the interface design and build processes in SAP
PO (SAP Process Orchestration)”.
“Determine Best Practices, Roles and Security considerations to
guarantee a controlled growth during the application lifecycle
and manageable operations.“
Always Support Strategic IT Governance
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 14
SAP PO Governance Audience
Chapter 1 – SAP PO Governance is relevant for solution
architects and functional resources and system owners involved
in an interface implementation project or task.
Chapter 1 and 2 are relevant and mandatory for all internal and
external SAP PI Integration Architects and Developers
To any resource or stake holder involved, partner selection,
design, development and operate an integration solution.
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 15
Governance Document Lifecycle during Project
PO Governance is a live document, adapted to the customer/project
organization and needs.
User Requirements
Draft Release
Project Design Phase
1rst Review Corrections Changes Add-ons Release
Project Build Phase
Corrections Add-ons Release
Delivery Review Release Handover
OperationsOperational
ReviewOperational
Release
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 16
SAP PI Governance Chapter 1
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 17
SAP PI Governance Chapter 2
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 18
Integration Scenario Document Requirement Diagram
Third Party SAP PISAP_ECC
Interface TDSSAP_ECC TDS Third Party TDS
Mandatory
Not Mandatory
Integration Scenario FDS
Mapping document
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 19
Governance Use during the Development ProcessDeliverable Use
User Requirement Specification (URS) SAP PI Governance serves as guidelines for those
involved in defining the URS.
Functional Design Specification (FDS) SAP PI Governance serves as guidelines for
consideration during the business choices in relation
to interface design, best practices, standards, and
error handling
Technical Design Specification (TDS) SAP PI Governance provides guidelines and standards
to be used during the technical design, in relation to
for example naming standards, program design,
development patterns and technology choices.
Integration Agreement (IA) SAP PI Governance prepares guidelines for those
involved in the Integration Agreement process, to
identify areas of importance to be included, for End-
2-End support process documentation
Test Documentation SAP PI Governance helps scoping the test
requirement, the roles involved process, and
consideration on terms of Quality of Service and
Security
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 20
SAP PI Interface Implementation Process Flow
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 21
When to apply the governance product?
New Implementations
Bundle in the implementation project
Upgrades/Migrations
Apply during migration
Existing Implementations
Partial application of governance
Roadmap to Governance
Outsourced projects
Guarantee operations and deliverables
Offshore Teams
Harmonize development
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 23
Key points
SAP PI Governance product, out-of-the-box and customizable
SAP PI Governance is now part of NNIT Quality Management
System
SAP PI Governance support IT of corporate governance
Next Steps:
Governance for Cloud and Hybrid Cloud
Agile development methods
“time spend in following standards and best practices, is compensated in the time
saved fixing errors and making corrections” unknown
Author: JFJD• Approved by: xxxx • Version 0a NNIT CONFIDENTIALSlide 24
Questions