eMedia Technologie IT Best practices overview, mapping and implementation Thierry Brunet, Director Associates  18/01/12 Th...
Agenda 18/01/12 <ul><li>IT Best practices, Frameworks & Standards </li></ul><ul><li>COBIT 4.1 </li></ul><ul><li>ITIL V2 an...
IT Best Practices, Framework, & Standards overview “ the quality of a system or product is highly influenced by the qualit...
Stabilizing IT with Process Methodologies IT organization activity Continuous Improvement Point Improvement Certification ...
COBIT 4.1 18/01/12
What is COBIT? <ul><li>COBIT (Control Objectives for IT) is a Framework </li></ul><ul><li>Defines IT Processes, Goals and ...
COBIT 4.1 18/01/12
Defined Responsibilities for Each Process RACI Chart  A  RACI  chart identifies who is  R esponsible,  A ccountable,  C on...
COBIT 4.1 Tools 18/01/12
COBIT Certifications <ul><li>Enterprise and Individual certifications </li></ul><ul><li>CISA (Certified Information System...
ITIL (Information Technology Information Library) 18/01/12
Origin of ITIL <ul><li>British Government’s effort to improve IT management  </li></ul><ul><li>Developed by in the late 19...
ITIL V2 Process Reference Framework Financial Management for IT services Capacity Management Availability Management IT Se...
Service reports Incident statistics Audit reports CMDB Incident Management Problem Management Change Management Release Ma...
Maintainability Reliability Serviceability Statistics& incidents Audit reports CMDB Availability Management Capacity Manag...
ITIL V3 reference framework 18/01/12
Certifications <ul><li>Individual </li></ul><ul><ul><li>ITIL Foundation </li></ul></ul><ul><ul><li>ITIL Practitioner </li>...
ISO 20000 18/01/12
CMMI-DEV CMMI-ACQ – CMMI-SERV 18/01/12
CMMI-DEV Processes 18/01/12 Causal Analysis and Resolution (CAR)  Configuration Management (CM)  Decision Analysis and Res...
CMMI Staged Representation - 5 Maturity Levels Level  5  Initial   Level  1  Processes are unpredictable, poorly controlle...
Certifications <ul><li>Given by SEI (Software Engineering Institute) </li></ul><ul><li>Enterprise Level (certifies a Matur...
IT Best Practices, Frameworks & Standards mapping COBIT, ITIL, ISO2700x, CMMi 18/01/12
Deliver and Support (DS Process Domain) Monitor and  Evaluate (ME Process Domain) Acquire and Implement (AI Process Domain...
Deliver and Support Monitor and Evaluate Planning & Organization Acquire and Implement Plan and Organise Define  Strategic...
Deliver and Support Monitor and Evaluate Planning & Organization Acquire and Implement Plan and Organise Define  Strategic...
Deliver and Support Monitor and Evaluate Planning & Organization Acquire and Implement Plan and Organise Define  Strategic...
Deliver and Support Monitor and Evaluate Planning & Organization Acquire and Implement Plan and Organise Define  Strategic...
Deliver and Support Monitor and Evaluate Planning & Organization Acquire and Implement Plan and Organise Define  Strategic...
IT Best Practices, Standards & Frameworks Implementation A pragmatical approach 18/01/12
Why Starting? <ul><li>Volunteer Motivation </li></ul><ul><ul><li>Platform interconnection > new architecture > new process...
The Deming Cycle <ul><li>Plan  </li></ul><ul><ul><li>Scoping,  </li></ul></ul><ul><ul><li>Risk Assesment </li></ul></ul><u...
18/01/12 Comprehensive Approach to Improvement Six  σ IT Operational Processes — ITIL App. Development Processes — CMMI Pr...
Implementing IT Governance 18/01/12
18/01/12 Implementing IT Service Management <ul><li>Service Delivery: </li></ul><ul><ul><li>Service-level management </li>...
Promote Change 18/01/12 <ul><li>Integrate the management of change in the approach </li></ul><ul><li>Involvement of manage...
Enterprise Change Management Manage Change 18/01/12 Organization Culture Leadership Sponsorship People Engagement Training...
Culture Program 18/01/12
eMedia Technologie 18/01/12 <ul><li>Business Consulting </li></ul><ul><li>B2B, B2C  Business Development </li></ul><ul><li...
Questions - Réponses 18/01/12
Upcoming SlideShare
Loading in...5
×

Thierry Brunet - IT best practices & frameworks overview

916

Published on

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
916
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
68
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • Hello Ladies &amp; Gentlemen, Thank you for joining this presentation, I’m Thierry Brunet, Co-Founder of eMedia Technologie. Before and during 19 years, with my associates Philippe Depland, we worked for a large software vendor, in EMEA as Principal Consultant, where we helped large companies, Consulting companies and Service Providers to implement Technologies using a people, process and Technology approach To better Govern, Manage and Secure IT Systems and align them to business goals So we have created eMedia Technologie, The legacy modernization company, in France mainly to work outside from France, in order to help By providing Consulting, Training, Services, and experts. We intend to install a branch here in Damascus, in order to act as a bridge between our Experts and your projects. We would like also to hire people here and to make bridges between french universities, Syrian universities and IT Associations. The purpose of my presentation today is to make an overview of IT Best practices, Frameworks and Standards, and mainly how they map and how to implement them.
  • We’ll make a Best practices overview, we’ll see their mapping and how to implement them, I’m not sur we’ll cover everything in details in one hour, but I hope this will give you a better idea. We have a Q&amp;A session after the presentation and if you need more details or specific projects, we’ll welcome you on Booth A1.11. Philippe Depland from eMedia will cover more in details the evolution of security best practices
  • Ces démarches méthodologiques ont largement gagné l&apos;approbation des entreprises dans d&apos;autres domaines en dehors de l&apos;informatique. Par exemple, l&apos;approche Six Sigma a été mise en œuvre avec grand succès par des entreprises industrielles comme Motorola et General Electric. Les dirigeants de ces sociétés ont publiés des ouvrages qui mettent en évidence les résultats chiffrés impressionnants. Le cabinet Forrester a publié plusieurs rapports récemment qui démontrent qu&apos;un nombre croissant d&apos;organisations IT sont en train d&apos;adopter des méthodologies spécifiques à l&apos;informatique, tel que CMMi, ITIL ou CobIT. Ce graphique est tiré d&apos;une étude Forrester dans lequel l&apos;analyste précise que: ces méthodologies dérivent des approches différentes, mais elles ont également des traits communs et elles apportent une forte complémentarité. ... Chez CA, nous adhérons complètement à ces démarches ... mais pour être mise en œuvre avec succès, nous croyons que ces processus requièrent un certain niveau d&apos;automatisation ...
  • COBIT also provides information on what processes should be delegated and to whom they should be delegated. This helps to ensure that IT processes are being managed at the appropriate level within an enterprise. The ‘RACI’ Chart is defined for each process and indicates who is responsible, accountable, consulted or should be informed about specific tasks within a given process. The roles in the RACI chart are categorised for all processes as: • Chief executive officer (CEO) • Chief financial officer (CFO) • Business executives • Chief information officer (CIO) • Business process owner • Head operations • Chief architect • Head development • Head IT administration (for large enterprises, the head of functions such as human resources, budgeting and internal control) • The project management officer (PMO) or function • Compliance, audit, risk and security (groups with control responsibilities but not operational IT responsibilities)
  • Everyone recognise this the ITIL service support model? How many IIFs do you think we need to automate the key processes, optimise the underlying technology base and realise the potential cost benefits while at the same time building on existing ITIL processes? What if I told you we need only 3?
  • Service delivery is different though……..for one thing some of the Idelivery TIL books fail to point out the obvious, that a cmdb is still central---this is more of a failure to state something that everyone thinks is obvious than a failure to recognise reality, however……….
  • exion
  • Session #: Title ORGANIZATION Culture Leadership PEOPLE Engagement – most orgs forget this step Training – formal &amp; practical PROCESS Design – not from scratch TECHNOLOGY Sorry - You will have to buy tools
  • Session #: Title
  • Thierry Brunet - IT best practices & frameworks overview

    1. 1. eMedia Technologie IT Best practices overview, mapping and implementation Thierry Brunet, Director Associates 18/01/12 The Legacy Modernization Company
    2. 2. Agenda 18/01/12 <ul><li>IT Best practices, Frameworks & Standards </li></ul><ul><li>COBIT 4.1 </li></ul><ul><li>ITIL V2 and V3 </li></ul><ul><li>CMM-i </li></ul><ul><li>Mappings </li></ul><ul><li>Implementations and Change Management </li></ul><ul><li>Benefits of IT Best practices Implementation </li></ul><ul><li>eMedia Technologie presentation </li></ul>
    3. 3. IT Best Practices, Framework, & Standards overview “ the quality of a system or product is highly influenced by the quality of the process used to develop and maintain it,” (SEI) 18/01/12
    4. 4. Stabilizing IT with Process Methodologies IT organization activity Continuous Improvement Point Improvement Certification and documentation Schema Planning Decision Developpement and Acquisition Deployement Exploitation IT Best practices roles 18/01/12
    5. 5. COBIT 4.1 18/01/12
    6. 6. What is COBIT? <ul><li>COBIT (Control Objectives for IT) is a Framework </li></ul><ul><li>Defines IT Processes, Goals and Metrics </li></ul><ul><li>Defines Maturity Levels for each Process </li></ul><ul><li>Defines Responsibilities for each Process </li></ul><ul><li>Provides Management guidelines </li></ul><ul><li>Mapped with other frameworks (Coso, ITIL, CMMi, ISO20000, ISO2700-x…) </li></ul>18/01/12
    7. 7. COBIT 4.1 18/01/12
    8. 8. Defined Responsibilities for Each Process RACI Chart A RACI chart identifies who is R esponsible, A ccountable, C onsulted and/or I nformed. 18/01/12
    9. 9. COBIT 4.1 Tools 18/01/12
    10. 10. COBIT Certifications <ul><li>Enterprise and Individual certifications </li></ul><ul><li>CISA (Certified Information Systems Auditor) </li></ul><ul><li>ISACA certification </li></ul><ul><li>Certifications helps company to reach a level of IT Governance, and IT Compliance requested by : </li></ul><ul><ul><li>SOX, BASLE II, Solvency II,… </li></ul></ul>18/01/12
    11. 11. ITIL (Information Technology Information Library) 18/01/12
    12. 12. Origin of ITIL <ul><li>British Government’s effort to improve IT management </li></ul><ul><li>Developed by in the late 1980’s </li></ul><ul><li>Originally, a library of over 40 books that documented various IT Service areas, processes and standards </li></ul><ul><li>Today, a library of 8 books, under the auspices of OGC </li></ul>18/01/12
    13. 13. ITIL V2 Process Reference Framework Financial Management for IT services Capacity Management Availability Management IT Service Continuity Management Incident Management Problem Management Change Management Configuration Management Release Management Service Delivery Set Service Support Set Service Level Management IT Infrastructure security Service Desk
    14. 14. Service reports Incident statistics Audit reports CMDB Incident Management Problem Management Change Management Release Management Configuration Management Incidents Problems Known Errors Changes Releases CIs Relationships Incidents Management Tools CMD reports CMDB statistics Policy/standards Audit reports Incidents Service Desk Difficulties Queries Enquires Communications Updates Work-arounds Customer survey reports Changes Releases The Business, Customers, or Users Release schedule Release statistics Release reviews Secure library Testing Standards Audit reports Change schedule CAB minutes Change statistics Change reviews Audit reports Problem statistics Trend analysis Problem reports Problem reviews Diagnostic aids Audit reports THE SERVICE SUPPORT PROCESS MODEL 18/01/12
    15. 15. Maintainability Reliability Serviceability Statistics& incidents Audit reports CMDB Availability Management Capacity Management Business Continuity Management Financial Management Configuration Management Incidents Problems Known Errors Changes Releases CIs Relationships Incidents Incidents (SLM) Service Desk Difficulties Queries Enquires Communications Updates Workarounds Customer survey reports Standards Statistics Reports Audit reports Reviews Plans Tests Audit reports Performance statistics& incidents Plans Trend analysis Diagnostic aids Audit reports THE SERVICE DELIVERY PROCESS MODEL CMD reports CMDB statistics Policy/standards Audit reports The Business, Customers, or Users 18/01/12
    16. 16. ITIL V3 reference framework 18/01/12
    17. 17. Certifications <ul><li>Individual </li></ul><ul><ul><li>ITIL Foundation </li></ul></ul><ul><ul><li>ITIL Practitioner </li></ul></ul><ul><ul><li>ITIL Service Manager </li></ul></ul>18/01/12
    18. 18. ISO 20000 18/01/12
    19. 19. CMMI-DEV CMMI-ACQ – CMMI-SERV 18/01/12
    20. 20. CMMI-DEV Processes 18/01/12 Causal Analysis and Resolution (CAR) Configuration Management (CM) Decision Analysis and Resolution (DAR) Integrated Project Management (IPM) Measurement and Analysis (MA) Organizational Process Definition (OPD) Organizational Process Focus (OPF) Organizational Performance Management (OPM) Organizational Process Performance (OPP) Organizational Training (OT) Product Integration (PI) Project Monitoring and Control (PMC) Project Planning (PP) Process and Product Quality Assurance (PPQA) Quantitative Project Management (QPM) Requirements Development (RD) Requirements Management (REQM) Risk Management (RSKM) Supplier Agreement Management (SAM) Technical Solution (TS) Validation (VAL) Verification (VER)
    21. 21. CMMI Staged Representation - 5 Maturity Levels Level 5 Initial Level 1 Processes are unpredictable, poorly controlled, reactive. Managed Level 2 Processes are planned, documented, performed, monitored, and controlled at the project level. Often reactive. Defined Level 3 Processes are well characterized and understood. Processes, standards, procedures, tools, etc. are defined at the organizational (Organization X ) level. Proactive. Quantitatively Managed Level 4 Processes are controlled using statistical and other quantitative techniques. Optimizing Process Maturity Process performance continually improved through incremental and innovative technological improvements. 18/01/12
    22. 22. Certifications <ul><li>Given by SEI (Software Engineering Institute) </li></ul><ul><li>Enterprise Level (certifies a Maturity Level) </li></ul><ul><li>Individual Level (CMMI Lead appraisal) </li></ul><ul><li>Used Methods : Standard CMMI Appraisal Method for Process Improvement (SCAMPI) </li></ul>18/01/12
    23. 23. IT Best Practices, Frameworks & Standards mapping COBIT, ITIL, ISO2700x, CMMi 18/01/12
    24. 24. Deliver and Support (DS Process Domain) Monitor and Evaluate (ME Process Domain) Acquire and Implement (AI Process Domain) Plan and Organise (PO Process Domain) 18/01/12
    25. 25. Deliver and Support Monitor and Evaluate Planning & Organization Acquire and Implement Plan and Organise Define Strategic IT Plan Define IT Processes Organisation and Relationships Manage IT Investment Determine Technological Direction Communicate Managementt Aims and Direction Manage IT Human Resource Assess and Manage IT Risks Manage Projects Manage IT Quality Identify Automated Solutions Acquire and Maintain Application Software Acquire and Maintain Technology Infrastructure Manage Change Install and Accredit Systems Enable operation and use Manage Performance and Capacity Ensure Continuous Service Ensure System Security Identify and Allocate Costs Manage Third-party Services Define and Manage Service Levels Educate and Train Users Manage Operations Manage Configuration Manage Service Desk and Incidents Manage Data Manage Physical environment Manage Manage Problems Monitor And Evaluate IT Performance Monitor and Evaluate Internal Controls Ensure Compliance With External Standards Provide IT Governance Define Information Architecture ITIL V2 mapping with COBIT 4.1 Service Delivery Service Support Service Desk Incident Management Change Management Release Management Problem Management Configuration Management Service Level Management Availability Management Financial Management Continuity Management Capacity Management Procure IT Ressources 18/01/12
    26. 26. Deliver and Support Monitor and Evaluate Planning & Organization Acquire and Implement Plan and Organise Define Strategic IT Plan Define IT Processes Organisation and Relationships Manage IT Investment Determine Technological Direction Communicate Managementt Aims and Direction Manage IT Human Resource Assess and Manage IT Risks Manage Projects Manage IT Quality Identify Automated Solutions Acquire and Maintain Application Software Acquire and Maintain Technology Infrastructure Manage Change Install and Accredit Systems Enable operation and use Manage Performance and Capacity Ensure Continuous Service Ensure System Security Identify and Allocate Costs Manage Third-party Services Define and Manage Service Levels Educate and Train Users Manage Operations Manage Configuration Manage Service Desk and Incidents Manage Data Manage Physical environment Manage Problems Monitor And Evaluate IT Performance Monitor and Evaluate Internal Controls Ensure Compliance With External Standards Provide IT Governance Define Information Architecture ITIL V2 mapping with COBIT 4.1 Service Delivery Service Support Service Desk Incident Management Change Management Release Management Problem Management Configuration Management Service Level Management Availability Management Financial Management Continuity Management Capacity Management Procure IT Ressources 18/01/12
    27. 27. Deliver and Support Monitor and Evaluate Planning & Organization Acquire and Implement Plan and Organise Define Strategic IT Plan Define IT Processes Organisation and Relationships Manage IT Investment Determine Technological Direction Communicate Managementt Aims and Direction Manage IT Human Resource Assess and Manage IT Risks Manage Projects Manage IT Quality Identify Automated Solutions Acquire and Maintain Application Software Acquire and Maintain Technology Infrastructure Manage Change Install and Accredit Systems Enable operation and use Manage Performance and Capacity Ensure Continuous Service Ensure System Security Identify and Allocate Costs Manage Third-party Services Define and Manage Service Levels Educate and Train Users Manage Operations Manage Configuration Manage Service Desk and Incidents Manage Data Manage Physical environment Manage Problems Monitor And Evaluate IT Performance Monitor and Evaluate Internal Controls Ensure Compliance With External Standards Provide IT Governance Define Information Architecture ITIL V3 mapping with COBIT 4.1 Procure IT Ressources 18/01/12
    28. 28. Deliver and Support Monitor and Evaluate Planning & Organization Acquire and Implement Plan and Organise Define Strategic IT Plan Define IT Processes Organisation and Relationships Manage IT Investment Determine Technological Direction Communicate Managementt Aims and Direction Manage IT Human Resource Assess and Manage IT Risks Manage Projects Manage IT Quality Identify Automated Solutions Acquire and Maintain Application Software Acquire and Maintain Technology Infrastructure Manage Change Install and Accredit Systems Enable operation and use Manage Performance and Capacity Ensure Continuous Service Ensure System Security Identify and Allocate Costs Manage Third-party Services Define and Manage Service Levels Educate and Train Users Manage Operations Manage Configuration Manage Service Desk and Incidents Manage Data Manage Physical environment Manage Problems Monitor And Evaluate IT Performance Monitor and Evaluate Internal Controls Ensure Compliance With External Standards Provide IT Governance Define Information Architecture ISO 2700x Family mapping with COBIT 4.1 Procure IT Ressources 18/01/12
    29. 29. Deliver and Support Monitor and Evaluate Planning & Organization Acquire and Implement Plan and Organise Define Strategic IT Plan Define IT Processes Organisation and Relationships Manage IT Investment Determine Technological Direction Communicate Managementt Aims and Direction Manage IT Human Resource Assess and Manage IT Risks Manage Projects Manage IT Quality Identify Automated Solutions Acquire and Maintain Application Software Acquire and Maintain Technology Infrastructure Manage Change Install and Accredit Systems Enable operation and use Manage Performance and Capacity Ensure Continuous Service Ensure System Security Identify and Allocate Costs Manage Third-party Services Define and Manage Service Levels Educate and Train Users Manage Operations Manage Configuration Manage Service Desk and Incidents Manage Data Manage Physical environment Manage Manage Problems Monitor And Evaluate IT Performance Monitor and Evaluate Internal Controls Ensure Compliance With External Standards Provide IT Governance Define Information Architecture CMMI for Development 1.3 mapping with COBIT 4.1 Procure IT Ressources 18/01/12
    30. 30. IT Best Practices, Standards & Frameworks Implementation A pragmatical approach 18/01/12
    31. 31. Why Starting? <ul><li>Volunteer Motivation </li></ul><ul><ul><li>Platform interconnection > new architecture > new processes </li></ul></ul><ul><li>Motivation by constraint </li></ul><ul><ul><li>Regulations (Local, from EU, BASLE II, Solvency II,…) </li></ul></ul><ul><ul><li>Government initiative </li></ul></ul><ul><ul><li>From a partner </li></ul></ul><ul><ul><li>From a customer </li></ul></ul><ul><li>By interest </li></ul><ul><ul><li>Customer </li></ul></ul><ul><ul><li>Insurance </li></ul></ul>18/01/12
    32. 32. The Deming Cycle <ul><li>Plan </li></ul><ul><ul><li>Scoping, </li></ul></ul><ul><ul><li>Risk Assesment </li></ul></ul><ul><ul><li>Risk Management </li></ul></ul><ul><ul><li>Documentation </li></ul></ul><ul><li>Do </li></ul><ul><ul><li>Resources Allocation </li></ul></ul><ul><ul><li>Training </li></ul></ul><ul><ul><li>Management </li></ul></ul><ul><ul><li>Documentation </li></ul></ul><ul><li>Check </li></ul><ul><ul><li>Project metrics </li></ul></ul><ul><ul><li>Process metrics </li></ul></ul><ul><ul><li>System Audit </li></ul></ul><ul><li>Act </li></ul><ul><ul><li>Make Decision froms metrics </li></ul></ul>18/01/12
    33. 33. 18/01/12 Comprehensive Approach to Improvement Six σ IT Operational Processes — ITIL App. Development Processes — CMMI Project Management Processes — PMI 1. Establish the Work 2. Align Roles With Work RACI 3. Identify Appropriate Measures 4. Apply Governance CobiT
    34. 34. Implementing IT Governance 18/01/12
    35. 35. 18/01/12 Implementing IT Service Management <ul><li>Service Delivery: </li></ul><ul><ul><li>Service-level management </li></ul></ul><ul><ul><li>Financial management </li></ul></ul><ul><ul><li>Capacity management </li></ul></ul><ul><ul><li>IT service continuity </li></ul></ul><ul><ul><li>Availability management </li></ul></ul><ul><li>Service Support: </li></ul><ul><ul><li>Incident management </li></ul></ul><ul><ul><li>Problem management </li></ul></ul><ul><ul><li>Change management </li></ul></ul><ul><ul><li>Configuration management </li></ul></ul><ul><ul><li>Release management </li></ul></ul><ul><li>Service Desk </li></ul>
    36. 36. Promote Change 18/01/12 <ul><li>Integrate the management of change in the approach </li></ul><ul><li>Involvement of management </li></ul><ul><li>Motivate human resources </li></ul><ul><li>Measure and improve the achievements </li></ul>
    37. 37. Enterprise Change Management Manage Change 18/01/12 Organization Culture Leadership Sponsorship People Engagement Training Processes Reuse Automate Templates Measure Technology ITIL (at least) Configuration Management Asset Management Service Desk Supervision tool COBIT Excel or IT Governance & Risk Management tool
    38. 38. Culture Program 18/01/12
    39. 39. eMedia Technologie 18/01/12 <ul><li>Business Consulting </li></ul><ul><li>B2B, B2C Business Development </li></ul><ul><li>Enterprise Change Management </li></ul><ul><li>Coaching </li></ul><ul><li>Industry Solutions </li></ul><ul><li>IT Consulting </li></ul><ul><li>IT Modernization </li></ul><ul><li>IT Governance </li></ul><ul><li>IT Services Management </li></ul><ul><li>IT Security Management </li></ul><ul><li>Application Management </li></ul><ul><li>Business Intelligence </li></ul><ul><li>IT Infrastructure Management </li></ul><ul><li>Software Distribution </li></ul><ul><li>Industry solutions </li></ul><ul><li>IT Service Management </li></ul><ul><li>Data Management </li></ul><ul><li>Workload Management </li></ul>
    40. 40. Questions - Réponses 18/01/12
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×