It Governance OC CIO Nov,2013


Published on

Published in: Business, Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

It Governance OC CIO Nov,2013

  1. 1. Establishing Key IT Governance Processes in the SMB Client Space Orange County CIO Round Table November 14, 2013 Jeff Crowell EVP, UGovernIT, Inc. uGovernIT™, Inc. Confidential ©
  2. 2. Establishing Key IT Governance Processes • Agenda • • • • • 2 CIO View of IT Governance The need for IT Governance Review of the IT Governance frameworks and processes as it applies to process maturity Implementing IT Governance: Focus on specific company examples of governance process development (Case Studies) • Portfolio management and project prioritization • IT demand management • IT analytics capture and reporting Lesson learned and ideas for improvement uGovernIT™, Inc. Confidential ©
  3. 3. A CIO View 3 uGovernIT™, Inc. Confidential ©
  4. 4. Who is responsible for IT Governance? 5 to 20 IT Staff S IT Expenditures 20 to 50 IT Staff m $1M $3M $3-$10M 50 to 250+ IT Staff M $10-25M+ Who manages IT? CFO COO 4 I.T. Director CIO Helped by Directors CIO Helped by PMO, CTO and VPs uGovernIT™, Inc. Confidential ©
  5. 5. CIOs are faced with 3 Concurrent Activity Streams “Keep it running” Business As Usual Innovate Changes to operations/problems are managed via service requests Optimize “Increase Revenues” 5 “Do More With Less” These are typically your strategic initiatives implemented to get the best value These projects are typically improvements that drive efficiency to the way business operates uGovernIT™, Inc. Confidential ©
  6. 6. The Big IT Challenge for all firms: Small or Big or In-Between Users/Market Forces Staff/ Vendors 1 1 Prioritizing Activities & Demand Management 2 Service Requests • • • Right Balance In Build/Buy & In-house/Outsource 3 Enterprise Architecture (Cloud, Mobility, Social Media) 2 Keep Lights On Improve Efficiency Innovate Project Requests 3 Restraining Force Business 1 •Example text •Fill in your own Changes & •Example text Compliance Unlike the Federal Government, CIOs have to balance the books This implies tying all activities to Budgets, Resources and Assets 6 uGovernIT™, Inc. Confidential ©
  7. 7. Frameworks for IT Governance (CoBIT, ITIL) Control Objectives for Information & related Technology (CoBIT) Information Systems Audit and Control Association (ISACA) is a set of guidelines and supporting toolset for IT Governance that is accepted worldwide. It’s used by auditors and companies as a way to integrate technology to implement controls and meet specific business objectives. The Information Technology Infrastructure Library (ITIL) ITIL from the government of the United Kingdom offers eight sets of management procedures in eight books: service delivery, service support, service management, infrastructure management, software asset management, business perspective, security management and application management. ITIL is a good fit for organizations concerned about operations. 7 uGovernIT™, Inc. Confidential ©
  8. 8. Frameworks for IT Governance (COSO, CMM) Committee of Sponsoring Organizations (COSO) This model for evaluating internal controls is from the Committee of Sponsoring Organizations of the Treadway Commission. It includes guidelines on many functions, including human resource management, inbound and outbound logistics, external resources, information technology, risk, legal affairs, the enterprise, marketing and sales, operations, all financial functions, procurement and reporting. This is a more business-general framework that is less ITspecific than the others. Capability Maturity Model Integration (CMMI) The Capability Maturity Model Integration method, created by a group from government, industry and Carnegie-Mellon’s Software Engineering Institute, is a process improvement approach that contains 22 process areas. It is divided into appraisal, evaluation and structure. CMMI is particularly wellsuited to organizations that need help with application development, lifecycle issues and improving the delivery of products throughout the lifecycle. 8 uGovernIT™, Inc. Confidential ©
  9. 9. Evolution of IT Governance IT Governance processes evolve over time and become either more or less embedded into the cultural and operational fabric of the company • The introduction and use of a set of IT Governance processes is a journey • It starts when it becomes clear that something needs to be done • Deciding how to introduce the requirement and how much - how fast to implement and improve IT Governance Processes is key to success • Need to consider the 5 level Capability Maturity Model as it applies to process maturity 1) Initial (chaotic, ad hoc, individual heroics) - the starting point for use of a new or undocumented repeat process. 2) Repeatable - the process is at least documented sufficiently such that repeating the same steps may be attempted. 3) Defined - the process is defined/confirmed as a standard business process, and decomposed to levels 0, 1 and 2 (the last being Work Instructions). 4) Managed - the process is quantitatively managed in accordance with agreed-upon metrics. 5) Optimizing - process management includes deliberate process optimization/improvement. • Many organizations start well and then digress • A strong change agent (Executive Leader) is usually required to get the process started • The IT organization has a key role in initiating the implementation uGovernIT™, Inc. Confidential ©
  10. 10. How do I? I have a problem New Project Request RESOURCE MANAGEMENT PROJECT REQUESTS SERVICE REQUESTS Typical IT Governance Workflows I need something Review & Approval Process Asset Management Project Implementation & Delivery Process Budget Management Resource Management 10 uGovernIT™, Inc. Confidential ©
  11. 11. Evolution of IT Governance Maturity Level Efficiency Design, develop and deliver analytics based insights Continuously evolve services to meet user needs Service Management, Project Management Triage and sequence projects to meet business needs Competitive advantage and motivated Enterprise Portfolio Management IT Analytics Develop and meet SLAs to improve performance Continuously evolve capabilities to deliver competitiveness Continuously evolve to innovate and add business value Design, develop and deliver IT Services User Benefit Business Benefit 11 Transformational Design, develop and deliver technology initiatives Technology Management Tools Effectiveness uGovernIT™, Inc. Confidential ©
  12. 12. Early Benefits of IT Governance (Efficiency) Maturity Level Efficiency ce t rvi men Se ve ro mp I Effectiveness Transformational Se Str rvic at e eg y Ser v Des ice i gn ice Serv ion rat Ope Service Transition 12 uGovernIT™, Inc. Confidential ©
  13. 13. IT Process Overview For Design, Develop and Deliver IT Services Manage IT Enterprise … * Follows 13 ITIL V3 framework uGovernIT™, Inc. Confidential ©
  14. 14. ITIL V3 Process Detailed View 14 uGovernIT™, Inc. Confidential ©
  15. 15. Services Architecture Components Overview Architecture Implementation • • • • • • • • • • • • • • • 15 Policies/Procedures Roles/Responsibilities Work Flows Tasks Change Management Automation agents Monitors and alerts Dashboards Reports Escalation/SLAs Application(s) Interfaces Content data Infrastructure Trained IT and End Users uGovernIT™, Inc. Confidential ©
  16. 16. Matured Benefits of IT Governance (Effectiveness) Maturity Level Efficiency Transformational Po rtf Pro oli jec oS t tr a te gy folio Port ment a ge Man Pro & A ject R ppr e ova quest l Pr oce ss lio t tfo men r Po ve pro Im Effectiveness Project Management 16 uGovernIT™, Inc. Confidential ©
  17. 17. IT Process Overview For Design, Develop and Deliver Technology Initiatives Manage IT Enterprise … * Follows 17 ITIL V3 framework uGovernIT™, Inc. Confidential ©
  18. 18. Detailed Process View for IT Governance (Effectiveness) 18 uGovernIT™, Inc. Confidential ©
  19. 19. Today’s Demand from IT Governance (Transformational) Maturity Level Efficiency th e fy nti of IT a Qu alue V Effectiveness Transformational Eff Reso ec ur tiv ce en es s KPIs Cor r Bus elation ine ss t of o IT ving Evol Benchmark Analytics 19 uGovernIT™, Inc. Confidential ©
  20. 20. IT Process Overview For Analytics Based Transformation Manage IT Enterprise … * Follows 20 ITIL V3 framework uGovernIT™, Inc. Confidential ©
  21. 21. Detailed Process View for Analytics Based Transformation 21 uGovernIT™, Inc. Confidential ©
  22. 22. Case Study 4: Large Retailer Maturity Level (Starting Point) Efficiency (Later) Effectiveness Transformational • Company (situation a few years ago - currently a very successful company) • $Billion plus revenue • 90 Employee IT group • Less than 1 % IT expense to revenue ratio • The primary mandate for IT was to minimize expense (use equipment as long as possible, minimize maintenance and keep IT resource cost low) • Very unstable IT infrastructure (respond to problem environment) • Very entrepreneurial IT management (do lots with little - part of company culture) • Very immature IT leadership skills • No IT career path management/investment • Ad Hoc IT project prioritization based on influence of key business executives • IT Leadership basically left alone to do what they think is best • Nothing in the way of formal IT governance processes - no IT Steering Committee • Initially no documented business strategy with goals and objectives – strategy developed and the IT governance process was adjusted to accommodate the strategy 22 uGovernIT™, Inc. Confidential ©
  23. 23. Case Study 4: Large Retailer Maturity Level Efficiency Effectiveness Transformational • Initial focus was on Efficiency with no documented strategic plan to work from. A series of core IT governance processes were developed including the IT Governance framework • A method to quantify and evaluate IT projects was developed • A process was developed for prioritizing these projects within the IT organization was instituted (multi voting by IT managers with a summarized result) • A collaboration approach was developed to share and discuss the results of the IT led prioritization approach with the key business executive stakeholders • The business executives then took the IT prioritization as input to their own group discussion and agreed on a prioritization of projects • A subsequent exercise of IT Load vs. capacity was performed to determine the projects that would be released for that quarter 23 uGovernIT™, Inc. Confidential ©
  24. 24. IT Project Selection and Approval Process Without A Formal Strategic Plan  A subset of the Executive Leadership (EL) members will review and approve IT projects from the presented list of candidate projects  This group will consist of the Senior Executives and the IT leadership and the EL project sponsor  The CEO will decide on the order of the projects to be reviewed and request the review from the project sponsor  The project sponsor will present their project at a session that will typically be held on the day of an EL meeting  The project disposition will have three potential outcomes:  approval to proceed  not approved  needs more clarity (return with answers to key questions)  Once a project is approved it will be processed through the remaining stages of the 5 stage justification process and released into the SDM process on its own schedule based on priority set by the CEO  The actual IT project start date (kick off meeting) is dependent on the IT load capacity situation and the availability of key resources  Any project behind timeline or over budget will be subject to cancellation or deferral at each SDM milestone by the CEO  ITSC monthly meeting will recap project status 24 uGovernIT™, Inc. Confidential ©
  25. 25. IT Project Justification/Review Session Agenda  Overview of the Selection/Approval process  Review of IPJ by Business Sponsor  Sponsor walks through the IPJ summary (10 min each)  Clearly articulates how the benefits are derived  Discusses the cost estimates  Discusses risks  Talks to the project position on the strategic matrix  Discusses readiness  Questions and comments by group for each IPJ  EL provides determination (or asks for more information/analysis)  Review and discussion of new ideas not included in the current list of projects  Sponsor presents idea/concept  Questions and clarifications by group  Sponsor action items identified 25 uGovernIT™, Inc. Confidential ©
  26. 26. Consensus IT Project Ranking Project # Project Name Project 1 Project 2 Project 3 Project 4 Project 5 Project 6 Project 7 Project 8 Project 9 Project 10 Project 11 26 Project Type Revenue Foundational Foundational Maintenance Revenue Revenue Cost Control Cost Control Maintenance Cost Control Maintenance IT Process Project Ranking by team 1-11 (1 - Lowest:Total Owner R Jeff J D 11 11 11 8 41 10 9 10 5 34 9 10 8 6 33 8 6 7 11 32 4 8 6 10 28 5 7 5 9 26 7 3 9 7 26 6 5 4 4 19 3 4 2 1 10 2 1 3 3 9 1 2 1 2 6 Confidential Information - Do Not Distribute uGovernIT™, Inc. Confidential ©
  27. 27. Case Study 4: Large Retailer Maturity Level Starting Point Efficiency Effectiveness Transformational The company launched a formal initiative to develop a strategic business plan • All key managers and executive leadership were involved • Several off sites were conducted • The plan objectives and goals were decomposed into various actions and projects • The plan goals and objectives were prioritized as to their importance •Strategic value could now be used as a key dimension for IT Projects • The PMO function was strengthen as part of the overall approach • Increased fidelity was introduced around project costs, risks benefits • A basic Enterprise Architecture and project Road Map was developed and introduced into the process • The following slides review the Effectiveness phase in more detail 27 uGovernIT™, Inc. Confidential ©
  28. 28. The IT Project Portfolio Management Process Was Now Based on the Newly Available Business Strategy Objective and intended outcome • Develop a set of prioritized IT projects for the 1st quarter of FY • Use our documented business strategy as a key factor in the prioritization process • Use a set of parameters to describe each project •Used the portfolio evaluation matrix (bubble chart) as a key visualization tool • Each project was positioned in the evaluation matrix to understand its value compared to similar projects • The evaluation matrix considers key parameters including project size, strategic value financial benefits, risk, and project readiness 28 uGovernIT™, Inc. Confidential ©
  29. 29. Process Overview - Progress to Date • • • • • Completed two IT project prioritization sessions in each area: • Distribution/Transportation • Stores • Merchandising/Planning • Finance/HR/Admin Evaluated load vs. capacity constraints Looked at the readiness condition for each project Settled on a top priority list for a subset of the projects Defined a follow on course of action • Further discussion/clarification of projects where the 1st QTR scope was still somewhat unclear • Assessing ways of resolving remaining resource issues • Shift internal resources • Outsourcing • Staff augmentation (perm or contract) 29 uGovernIT™, Inc. Confidential ©
  30. 30. Case Study Results • • • • • • • • • Executive leadership now part of the IT Project definition/prioritization process Formal documentation as how the IT project process really works Company better prepared to take on major IT initiatives (SAP ECC 6.0) Much more realistic grasp of what can be done in a given timeframe Realization that some projects would never get done Greater willingness to outsource some functions More cohesion around what is important to the company Platform, governance roles and process to resolve IT – business conflicts Organizing the IT Steering Committee and discussion agenda was a key part of the new process • Developing a first order Enterprise Architecture and including a process architecture was needed to support the process • The overall process was viewed favorably by the financial entity that acquired the company 30 uGovernIT™, Inc. Confidential ©
  31. 31. Appendix 31 uGovernIT™, Inc. Confidential ©
  32. 32. Portfolio Management using Strategic Objectives and Correlation Matrices (like QFD) for large established companies uGovernIT™, Inc. Confidential ©
  33. 33. Portfolio Management using Strategic Objectives and Correlation Matrices (like QFD or House of Quality) Business Processes Business Applications Business Processes Strategic Objectives uGovernIT™, Inc. Confidential ©
  34. 34. How this Process Was Performed • An initial session with the executive leadership team to prioritize the objectives • The time frame needed to be considered • Used a multi voting session with the executive leadership team • Significance differences in opinion were discussed and reconciled • The discussion was perhaps the most valuable part of the session • A second session was held to “correlate” the objectives to their business processes • The nuisances of the house of quality were discussed but not all resolved • The second correlation between the business processes and the applications was performed in a subsequent session by the IT leadership group • Even with the process shortcomings the executive team was more aligned • The executive team and the CEO specifically gave the process a high rating uGovernIT™, Inc. Confidential ©
  35. 35. A Lot of Business Assets Are Required to Make this Type of Process Function Well Within the Organization • Objectives with quantitative measures (when how much) • A method to prioritize the objectives • Multi voting session with the executive leadership team • Produces a ranked list of objectives or at least a grouping by priority • A process architecture with decomposed business processes to at least level 3 • An understandable business process description so that everyone is on the same page • An application architecture that describes the business domain of specific enterprise applications • Subsequent implementations of this process are often know as Catchball (A management process that aligns—both vertically and horizontally—an organization’s functions and activities with its strategic objectives) uGovernIT™, Inc. Confidential ©
  36. 36. But How Can the Portfolio Process Work effectively in Companies without a Formal Strategic Plan • Many SMBs do not have a documented business strategy • It may be a work in process • Members of the executive team may have a vision that they share and understand • This vision may have been communicated to the organization • Business updates may be provided in the context of the vision • How the company has grown may be part of the vision and how the employees view the company • IT is viewed as a necessary component of the business but its leverage on the business has not been formally discussed and agreed to by the leadership • This situation leaves a lot of room for interpretation by the middle management layer of the company and the IT leadership and requires some form of Executive Leadership prioritization process. uGovernIT™, Inc. Confidential ©
  37. 37. Demand Management Case Background • Company (recent situation – suffered significant business down turn- now stabilizing) • Approximately $100 Million in revenue with high growth aspirations • 12 person IT department with operations in 4 countries • Less than 1 % IT expense to revenue ratio • IT infrastructure (Windows server environment) not well supported • VP of IS resigned suddenly over frustration with lack of IT resources • CEO recognized the need to quickly get some help in the IT area • 30 % of IT staff resigned in a 6 month time frame • Annual IT project plan with time phased expenditures in an approved budget • No IT Steering committee • No formal governance processes • Big time company implementation of SAP ECC 6.0 • Also trying to fully implement SAP Business Objects • Used SAP BPC for financial consolidation/reporting • Put great strain on IT group uGovernIT™, Inc. Confidential ©
  38. 38. A Demand Management Approach Was Required to help Alleviate the IT Stress Level and Improve Relationship with the User Community Recommended Approach for the Demand Management Process: •Define projects in a way understandable to the Leadership Team • Size, stage, risk, expected outcome • Review and understand any project to project dependencies or other dependencies •Decide on a review time frame (probably quarterly) •Perform a group review on a company wide basis (the group has general understanding of business priorities and needs) • Multi vote • Summarize results • Discuss major differences • Agree on a prioritized companywide list • Reconcile with already established priorities/in process work and adjust as necessary •Compute load/capacity view over the quarterly time frame •Adjust start dates to roughly match capacity and or • Discuss actions to adjust capacity for specific project needs uGovernIT™, Inc. Confidential ©
  39. 39. The load Capacity Analysis was Completed for the SAP Area and Reviewed with the COO for his concurrence and communication with the Executive Committee uGovernIT™, Inc. Confidential ©
  40. 40. A Simple IT Portfolio Process Was Started Within IT and Reviewed with the COO The recommended Portfolio Management approach was initially performed by the IT organization for IT Infrastructure Projects IT Infrastructure Project ID Ensure Enterprise Wide Backup and restore Create VM and server environment for BOBJ 4 Ent BU BOBJ Serv Exchange server upgrade and email retention policy Exchange Disaster Recovery Capability DR WAN/LAN Network Performance for Engineering data transmission W/L Perf Omnify Remote Access Performance SharePoint site Maintenance SQL database performance and monitoring PADS files version control WAN connectivity assurance (failover circuit) Finish Recommended VM actions Omnify S/P SQL DB PADS Failover VM Cost $ Value Qtr Hrs 54.7 8 10 14 83.35 165.2 11 17 50.8 1.8 0 6.04 0.9 10.8 4.08 11 6 8 13 12 10 9 180 0 150 180 40 40 80 20 20 0 40 uGovernIT™, Inc. Confidential ©
  41. 41. A cost to value Quadrant was Used to Understand the Infrastructure Projects. Key IT personnel participated in a multi voting session to agree on Value To the Business uGovernIT™, Inc. Confidential ©
  42. 42. Results of the Demand Management Approach • The COO became a key defender of the IT situation and helped manage user expectations/demand with the company • IT projects are prioritized by IT and reviewed with the COO for concurrence • IT has begun IT updates with the user organization • IT Infrastructure projects are now launched with better IT business user understanding of need • Some rudimentary IT service desk weekly performance reporting was initiated • However there is more work to be done: • IT metrics and performance reporting needs to be expanded within the company • SAP projects vs. capacity needs to be reviewed beyond the COO uGovernIT™, Inc. Confidential ©
  43. 43. Overview of IT Spend Alignment IT-Business Alignment model developed by Carnegie Mellon’s Software Engineering Institute has six criteria: 1. Communications Maturity Effective exchange of ideas and a clear understanding of what it takes to ensure successful strategies are high on the list of enablers and inhibitors to alignment. Too often there is little business awareness on the part of IT or little IT appreciation on the part of the business. Given the dynamic environment in which most organizations find themselves, ensuring ongoing knowledge sharing across organizations is paramount. 2. Competency/Value Measurement Maturity Too many IT organization cannot demonstrate their value to business in terms that the business understands. Frequently Business & IT metrics of value differ. Service levels that assess IT’s commitments to the business often help. However, the service level must be expressed in terms that the business understands and accepts. The service levels must be tied to criteria that clearly define the rewards & penalties for surpassing or missing the objectives. Frequently, organizations devote significant resources to measuring performance factors. However, they spend much less of their resources on taking action based on these measurements. For example, requiring a return on investment (ROI) before a project begins, but not reviewing how well objectives were met after the project was deployed, provides little value to the organization. It is important to continuously assess the performance metrics criteria. 3. Governance Maturity The considerations for IT governance include how the authority for resources, risk, conflict resolution, and responsibility for IT is shared among business partners, IT management, and service providers. Project selection and prioritization issues are included here. Ensuring that the appropriate business and IT participants formally discuss and review the priorities and allocation of IT resources is among the most important enablers (or inhibitors) of alignment. This decisionmaking authority needs to be clearly defined uGovernIT™, Inc. Confidential ©
  44. 44. Overview of IT Spend Alignment Con’t IT-Business Alignment model developed by Carnegie Mellon’s Software Engineering Institute 4. Partnership Maturity The relationship that exists among the business and IT organizations is another criterion that ranks high among the enablers and inhibitors of alignment. Giving the IT function the opportunity to have an equal role in defining business strategies is obviously important. However, how each organization perceives the contribution of the other, the trust that develops among the participants, ensuring appropriate business sponsors and champions of IT endeavors, and the sharing of risks and rewards are all major contributors to mature alignment. This partnership should evolve to a point where IT both enables and drives changes to both business processes and business strategies. Naturally, this demands having a clearly defined vision shared by the CIO and CEO. 5. Technology Scope Maturity This set of criteria assesses the extent to which IT is able to go beyond the back office & front office of the organization and its ability to assume a role of supporting a flexible infrastructure that is transparent to all business customers & partners . The ability to evaluate and apply emerging technologies effectively, enable or drive business processes & strategies and provide solutions customizable to customer needs. 6. Skills Maturity This category encompasses all IT human resource considerations, such as how to hire and fire, motivate, train and educate, and culture. Going beyond the traditional considerations such as training, salary, performance feedback, and career opportunities, there are factors that include the organization’s cultural and social environment. For example, is the organization ready for change in this dynamic environment? Do individuals feel personally responsible for business innovation? Can individuals and organizations learn quickly from their experience? Does the organization leverage innovative ideas and the spirit of entrepreneurship? These are some of the important conditions of mature organizations. uGovernIT™, Inc. Confidential ©
  45. 45. Value Of IT Metric - EBITDA / IT Headcount • • • The numerator of Earnings before Interest, Tax, Depreciation and Amortization (EBITDA) is a common measure of the health of your operations. It is also the metric most frequently used for measuring senior executive performance from an earnings perspective. It defines your core earnings potential and IT is an essential part of the processes, work, collaboration etc that drives core earnings. It is the financial measure of productivity value that counts.IT projects are prioritized by IT and reviewed with the COO for concurrence. The denominator, IT Headcount, is the full time equivalents who are employed in IT. This is a measure of the efficiency and leverage the enterprise gets from IT. By concentrating on headcount, and not budget, the CIO can show that they are managing the cost structure of IT and that investments are made with an eye to creating a disproportionate impact on the enterprise.IT Infrastructure projects are now launched with better IT business user understanding of need. (leave out contractor and outsourced headcount and use only internal IT headcount) What says everything is the progression of that metric over time. The value of IT exists over time not a point in time. That shows that IT is well managed, has a business impact and has meaning to the enterprise. * Some argue that EBITA is a better measure since the investment in working capital (Depreciation) should be considered. * Discussion from: Mark P. McDonald GVP EXP 8 years at Gartner 24 years IT industry Mark McDonald, Ph.D., is a group vice president and head of research in Gartner Executive Programs. He is the coauthor of The Social Organization with Anthony Bradley uGovernIT™, Inc. Confidential ©
  46. 46. Descriptive and Predictive Analytics Accenture Getting Serious About Analytics: Better Insights, Better Decisions, Better Outcomes uGovernIT™, Inc. Confidential ©
  47. 47. Dimensions of an IT Budget 1. Run budget items keep the organization operating. Examples of Run budget items include mission-critical server replacements, key software upgrades and personnel costs associated with administering and maintaining the IT infrastructure on a day-to-day basis. Organizations that have to trim IT budgets should avoid cutting Run initiatives. Such cuts would introduce operational risk. If an organization already is going through a tough stretch, the last thing it needs is a server, application or network failure. 2. Grow budget items help the organization introduce new capabilities or improve existing ones. Grow initiatives could include the implementation of new software that makes operations more efficient, the purchase of a new firewall that provides additional protection from cyber threats or an upgrade of the organization’s website that improves interactivity with customers. Grow budget items should tie directly to the organization’s strategic initiatives. Grow initiatives usually are not as mission critical as Run initiatives and often have some time flexibility, which means that they are good candidates for starting early when additional cash is available, or for deferral if cash is tight. 3. Transform budget items are research- and-development-type activities. These initiatives might seek to identify, for example, the right technologies for new organizational capabilities; fundamental changes to business processes; or a new product or service offering. Examples of Transform initiatives include proof of concepts, prototypes and small-scale testing of new systems or business applications.* * How organizations can align technology spending with their overall mission and goals BY DONNY SHIMAMOTO, CPA/CITP MARCH 2012 uGovernIT™, Inc. Confidential ©
  48. 48. Typical Definitions for IT Governance 1) Information technology governance is a subset discipline of corporate governance focused on information technology systems and their performance and risk management. ... 2) IT governance (ITG) is defined as the processes that ensure the effective and efficient use of IT in enabling an organization to achieve its goals. IT demand governance (ITDG—what IT should work on) is the process by which organizations ensure the effective evaluation, selection, prioritization, and funding of competing IT investments; oversee their implementation; and extract (measurable) business benefits. ITDG is a business investment decision-making and oversight process, and it is a business management responsibility. IT supply-side governance (ITSG—how IT should do what it does) is concerned with ensuring that the IT organization operates in an effective, efficient and compliant fashion, and it is primarily a CIO responsibility Gartner Group 3) IT governance is the board's ability to direct and control the enterprise's use of IT resources in line with strategic goals. Leadership, organisational structure and processes are used to leverage IT resources and drive alignment, the delivery of value, management of risk, optimisation of resources and performance measurement. COBIT 5 Foundation 4) What is IT governance? Simply put, it’s putting structure around how organizations align IT strategy with business strategy, ensuring that companies stay on track to achieve their strategies and goals, and implementing good ways to measure IT’s performance. It makes sure that all stakeholders’ interests are taken into account and that processes provide measurable results. An IT governance framework should answer some key questions, such as how the IT department is functioning overall, what key metrics management needs and what return IT is giving back to the business from the investment it’s making. CIO Magazine uGovernIT™, Inc. Confidential ©
  49. 49. CIO Top Ten Issue List for 2013 1) Transforming IT spending habits by leveraging cloud computing to unlock and liberate huge chunks of IT budgets. 2) Embracing social business in a wide range of ways to enhance internal collaboration and external engagements. 3) Exploiting Big Data and analytics to unlock new growth opportunities. 4) Creating customer-centric systems and culture across the organization. 5) Future-proofing your IT architecture to meet the profoundly more-demanding requirements of businesses in a world increasingly driven by mobile, social, Big Data, and the Internet of Things. 6) Cloud computing as business-transformation agent: rapidly shifting the cloud discussion from one that’s centered on technology to one focused on strategic business outcomes. 7) Big Data goes strategic: Big Insights, Big Opportunities, and Big Growth become the new themes. 8) Move at the speed of your customers: finding elegant and scalable ways to marry systems of record (ERP) with systems of engagement (Social). 9) CIO as Chief Acceleration Officer: CIOs need to help CEOs accelerate everything from product development to analytics to financial closings to responding to customer inquiries. Latency is the enemy! 10) More Innovation, Less Integration: old IT approaches simply can’t scale with today’s demands, so CIOs must find powerful new approaches to meet the new customer-driven requirements of today and tomorrow Bob Evans, Oracle uGovernIT™, Inc. Confidential ©
  50. 50. Business/CIO Top Ten Issue List for 2013 Top 10 Business Priorities Ranking Top 10 Technology Priorities Increasing enterprise growth 1 Analytics and business intelligence 1 Delivering operational results 2 Mobile technologies Reducing enterprise costs 3 Cloud computing (SaaS, IaaS, PaaS) 3 Attracting and retaining new customers 4 Collaboration technologies (workflow) 4 Improving IT applications and infrastructure 5 Legacy modernization 5 Creating new products and services (innovation) 6 IT management 6 Improving efficiency 7 CRM 7 Attracting and retaining the workforce 8 Virtualization 8 Implementing analytics and big data 9 Security 9 Improving business processes ERP Applications 10 10 Ranking 2 Gartner - January 16, 2013 uGovernIT™, Inc. Confidential ©
  51. 51. Who is Responsible for IT Governance Processes Ownership of IT Governance is often attributed to an individual, who in many cases is the Chief Information Officer, or the Chief Financial Officer. There are situations where companies have a committee that assumes responsibility of IT Governance. Although there is no one right answer to the question of who should be responsible, managers and executives from both IT and business departments should contribute to the IT Governance strategy. Stakeholders include: 1) Board members: should take an active role in IT Governance; 2) CEOs :should provide organizational structures to create bridges between IT and the business 3) CIOs :must become business-oriented 4) All executives: should become involved in IT guidance. The owner of IT governance should have a strategic view of the entire company. No matter who takes ownership, the collaboration with senior executives across the enterprise is critical for effective IT Governance. Source: IT Governance Processes Used in Many Companies uGovernIT™, Inc. Confidential ©
  52. 52. A Typical SMB Set of IT Governance Processes Typical IT Governance Processes Used in Many Companies * Focus for this discussion uGovernIT™, Inc. Confidential ©