Bill ClarkAlberta Gaming and Liquor Commission April 25, 2012
1. Is IT a Topic for the Board?2. Current and Emerging IT Trends3. IT Governance4. Questions to Ask Your CEO5. Questions / Comments
◦ Technical◦ Focused on formal governance frameworks◦ Beyond the scope of any Corporate Director
Most organizations are highly dependent upon their IT systems Major IT initiatives involve major risks, large capital expenditures, and significant trauma to the organization The pace of technology change continues to be very fast
“IT Governance is the responsibility of theboard of directors and executive management.It is an integral part of enterprise governanceand consists of the leadership andorganizational structures and processes thatensure that the organisation’s IT sustains andextends the organisation’s strategies andobjectives.” IT Governance Institute
What is It? ◦ The demand for IT continues to increase ◦ Colleges are producing fewer IT graduates ◦ “Boomers” are starting to retire Why is it Important? ◦ Supporting legacy applications is becoming more difficult ◦ Recruitment and retention of human resources with the necessary skill sets in new technologies is becoming more difficult
What is It? ◦ Connectivity of everything to everything ◦ Access 24 / 7 / 365 ◦ SOA [Services Oriented Architecture] Why is it Important? ◦ Internet enabled applications ◦ PCs -> Laptops -> Tablets -> Smart Phones ◦ Security
What is It? ◦ Browser based applications ◦ Massive data ◦ Centralized control Why is it Important? ◦ Mainframe skills are in short supply ◦ Mainframes are expensive ◦ Sharing [Outsourcing] may be appropriate
What is it? ◦ Separation of physical and logical storage ◦ Virtual storage (you don’t know where data is stored or on what device) Why is it important? ◦ Reliance upon 3rd parties (good and bad) ◦ Data crossing borders ◦ An answer to continual hardware/software upgrades (?)
What is it? ◦ FaceBook, Twitter, LinkedIn, YouTube, … ◦ Accessible at any time from anywhere on any device ◦ Instant! Why is it important? ◦ Communication method of choice for a significant portion of the population and growing dramatically
What is the trend? ◦ From 1.0 (Static Information Presentation) to ◦ 2.0 (Interactive Transaction Processing) to ◦ 3.0 (Smart Applications / Data Intensive) to ◦ 4.0 (???) Why is it important? ◦ The platform for Social Media ◦ Sophisticated [complex] architectures ◦ New skill sets required
What is it? ◦ Bring Your Own Device ◦ Staff use of personal Smart Phones, Laptops, and Tablets for company business Why is it Important? ◦ Complexity [Support of Multiple Platforms] ◦ Security / Confidentiality ◦ Liability
What is it? ◦ Separate IT organizations to “Keep the Lights On” vs. Plan and Introduce New Functionality Why is it Important? ◦ Radically different skill sets are required ◦ Dedicated resources are required for both
What is it? ◦ Use of 3rd party organizations to provide IT services ◦ Can be Hardware / Application Support / Help Desk ◦ Can be local, regional or international Why is it Important? ◦ Can help address IT skill shortages ◦ Can allow the business to focus on its primary mandate ◦ Often gets screwed up
What is it? ◦ Formal training and certification of Project Managers, Business Analysts, Programmers, Security Specialists, … ◦ Periodic re-certification Why is it important? ◦ Base level competency ◦ Common terminology ◦ The business of IT constantly changes
What is it? ◦ Use of powerful software tools to sift through massive amounts of data to extract trends ◦ Sophisticated reporting ◦ Includes: Data Cleanup / “Deduping” / Consolidation Why is it Important? ◦ Stability of data over time ◦ Reliability of data – definitional issues ◦ FOIP
What is it? ◦ A vendor raises the bar by offering everything the competition has plus more - and sometimes for less Why is it Important? ◦ “Best of Breed” is a transient measure ◦ Both IT professionals and IT users often get into “religious wars” concerning what is best ◦ The reality is that the range of technology solutions will change soon
What is it? ◦ Providing the necessary tools to allow IT personnel and others to work from home ◦ Hardware / network access / security Why is it Important? ◦ Preferred method of working for many ◦ Cost savings? ◦ “Green” ◦ Helps keep young mothers in the workforce
What is it? ◦ Alignment of IT with Business ◦ Introduction and use of formal frameworks to guide IT investment and use ◦ Identify and mitigate risks ◦ Confirm that value is commensurate with investment Why is it Important? ◦ Places accountability in the right places ◦ Transparency ◦ A baseline to audit against
How are IT decisions made? Who makes them? Who owns accountability for IT – your IT Dept. or your IT users? Is investment in IT planned and continuous or ad hoc and infrequent? Are major projects given sufficient transparency?Formal approaches exist and require investment
Is succession planning well in hand? [How old is your IT leadership team?] Are we using a formal IT control methodology such as COBIT or ISO? Do we have PMPs (certified Project Management Professionals) leading all strategic projects? Do we have external oversight on all large and/or strategic projects?
How many “failed” projects has your PM and team experienced? [Too many should raise a flag. None should also raise a flag. How experienced is your PM? Good PMs tend to get pulled into failing projects.] How long since the last major project? What has changed - Technology platform? Architecture? Key Users? Methodology? Major business transformation? Regulatory rules? The project complexity [risk] increases significantly with each new component.
Has the primary business user been through a large IT project before? How will the day-to-day responsibilities of users seconded to the project be handled? [“I also have a 9 to 5 job!”] Who is leading the Change Management? [New processes, new job specs., re-training, org. design, communications plan, …] Has this team done it before?
Who owns the project and is ultimately accountable? Do they have the authority to: ◦ Change dates? ◦ Reallocate user resources? ◦ Reduce or add functionality? ◦ Change the project budget? ◦ Hire external resources?
The Board does have a role in the oversight of Information Technology The basic questions that need to be addressed are not technical Formal methodologies and models exist and are important Good IT governance requires training and investment