SlideShare a Scribd company logo

Canheit-2012-ITRepository

D
Doug Badger
1 of 1
Download to read offline
Building a central IT Repository Last Revised: February 28, 2012 Background: Maintaining an accurate inventory of major IT assets is an essential requirement of enterprise risk management (ERM) activity. IT risk management (a subset of ERM) has a focus on IT asset management (i.e. know what you need to protect), as an underpinning resource to business continuity planning (BCP) and disaster recovery planning (DRP). An additional value of the information relates to emergency preparedness, crisis management and incident response; however the significant distributed/decentralized IT environment (typical of Universities), presents a challenge for senior management to know “what’s out there”. Since the infamous ‘Y2K’ contingency planning effort, a basic spreadsheet listing major IT systems and services has been maintained within the Office of the CIO. In recent years, the listing has been expanded, additional data attributes have been suggested, and the importance of the information recognized by those charged with risk management and contingency planning. The enhanced scope of the inventory classifies IT assets as either a) application systems or b) infrastructure services. A key deliverable is identification of individuals who have either managerial or technical support responsibility for each asset. The Office of the CIO’s Systems Assurance unit is charged with transforming the spreadsheet listing into a central on- line repository of IT information including IT Assets (Applications and Services) and IT Resources (people/service providers). A web-based application and database has been developed that is currently in ‘beta’ release, targeted for initial production release later this year. Value/Deliverables: The primary purpose of the central IT repository is to facilitate risk management. Based upon data attributes of each asset, overall risk will be determined. Key risk metrics (e.g. performs e-business) will be identified, communicated, and prioritized in a straight-forward, consistent manner to senior management and relevant stakeholders. The identification of individuals, who are ‘related’ to IT assets, enables a focus on accountability and contingency planning and is the key differentiator with Guelph’s approach, compared to traditional asset management systems. Additional risk management attributes which the Repository will store include: i) remote hosting and 3rd party support; ii) purchased commercial products versus internally developed; iii) centralized versus distributed technical support. An additional planned feature is highlighting “active” assets reflecting current development/enhancement projects. Functionality: The Repository is intended to be a ‘high level’ catalog of IT application systems and infrastructure services. The depth of information (i.e. data attributes) would be limited to the needs of management charged with risk management. The Repository is NOT a physical hardware inventory with details about assets such as configurations, models, serial numbers, etc. nor is it a Service Catalog targeted to end-users. Attributes worth tracking and which provide risk management value include: deployment (i.e. departmental vs. enterprise); service provider (in- house vs. 3rd party); stores sensitive/personal information; business process criticality, etc. In addition to Asset records, the Repository is intended to track the IT-related human resources who either ‘own’ the applications/services or provide technical support. Each individual who has a relationship with IT (executive sponsor, system owner, technical support) will be asked to provide emergency contact information that will only be visible on a “need to know” basis via an emergency contact dashboard within the Repository. This information is collected to enable improved responsiveness to potential disruptions and security breaches. IT PMO Page 1 of 1 D. D. Badger

Recommended

Ch_02
Ch_02Ch_02
Ch_02bizcommksbf
 
Introduction to dbms and sql(session 1)
Introduction to dbms and sql(session 1)Introduction to dbms and sql(session 1)
Introduction to dbms and sql(session 1)Mr Kyaing
 
What Is Data
What Is DataWhat Is Data
What Is DataDuane Garrett
 
BCBS -By Ontology2
BCBS -By Ontology2BCBS -By Ontology2
BCBS -By Ontology2bfreeman1987
 
Bernie's Handbill
Bernie's HandbillBernie's Handbill
Bernie's HandbillBernie Hennings, PMP
 
Chap18
Chap18Chap18
Chap18Fathur Rohman
 
Ch02
Ch02Ch02
Ch02The University of Faislabad (Rao's BBA)
 
Sppt chap001
Sppt chap001Sppt chap001
Sppt chap001Awais Ahmed
 

Recommended

Ch_02
Ch_02Ch_02
Ch_02bizcommksbf
 
Introduction to dbms and sql(session 1)
Introduction to dbms and sql(session 1)Introduction to dbms and sql(session 1)
Introduction to dbms and sql(session 1)Mr Kyaing
 
What Is Data
What Is DataWhat Is Data
What Is DataDuane Garrett
 
BCBS -By Ontology2
BCBS -By Ontology2BCBS -By Ontology2
BCBS -By Ontology2bfreeman1987
 
Bernie's Handbill
Bernie's HandbillBernie's Handbill
Bernie's HandbillBernie Hennings, PMP
 
Chap18
Chap18Chap18
Chap18Fathur Rohman
 
Ch02
Ch02Ch02
Ch02The University of Faislabad (Rao's BBA)
 
Sppt chap001
Sppt chap001Sppt chap001
Sppt chap001Awais Ahmed
 
Utilities Industry - Smart Analytics
Utilities Industry - Smart AnalyticsUtilities Industry - Smart Analytics
Utilities Industry - Smart AnalyticsTeradata
 
Business Informaton Systems
Business Informaton SystemsBusiness Informaton Systems
Business Informaton SystemsDr. Aziz Altamimi
 
Cognitivo - Tackling the enterprise data quality challenge
Cognitivo - Tackling the enterprise data quality challengeCognitivo - Tackling the enterprise data quality challenge
Cognitivo - Tackling the enterprise data quality challengeAlan Hsiao
 
Lecture 10 documentation techniques -transaction processing- james a. hall b...
Lecture 10 documentation techniques -transaction processing- james a. hall b...Lecture 10 documentation techniques -transaction processing- james a. hall b...
Lecture 10 documentation techniques -transaction processing- james a. hall b...Habib Ullah Qamar
 
Unit Ii
Unit IiUnit Ii
Unit IiRam Dutt Shukla
 
Information Resources Management
Information Resources ManagementInformation Resources Management
Information Resources ManagementAchmad Solichin
 
Consumerization of IT: Mobile Infrastructure, Support and Security
Consumerization of IT: Mobile Infrastructure, Support and SecurityConsumerization of IT: Mobile Infrastructure, Support and Security
Consumerization of IT: Mobile Infrastructure, Support and SecurityMarie-Michelle Strah, PhD
 
Chap05 Data Resource Management
Chap05 Data Resource ManagementChap05 Data Resource Management
Chap05 Data Resource ManagementAqib Syed
 
Introduction to Accounting System
Introduction to Accounting SystemIntroduction to Accounting System
Introduction to Accounting SystemHelpWithAssignment.com
 
Information Systems Chapter 1
Information Systems Chapter 1Information Systems Chapter 1
Information Systems Chapter 1Jim Constantinou
 
Information systems
Information systemsInformation systems
Information systemsnaszach
 
Intel Data Center Manager
Intel Data Center ManagerIntel Data Center Manager
Intel Data Center ManagerDESMOND YUEN
 
Management information systems and cyber
Management information systems and cyberManagement information systems and cyber
Management information systems and cyberAnjali
 
Management information-system-computer-information-system-need of information...
Management information-system-computer-information-system-need of information...Management information-system-computer-information-system-need of information...
Management information-system-computer-information-system-need of information...Milan Padariya
 
Data
DataData
Datafelipegrenas
 
Ch02
Ch02Ch02
Ch02kelasapa
 
Application Rationalization Paper 092308 Doc Version
Application Rationalization Paper 092308 Doc VersionApplication Rationalization Paper 092308 Doc Version
Application Rationalization Paper 092308 Doc VersionCarolyn Reid
 
AARON LEE GIVAN PhD FINE ART
AARON LEE GIVAN PhD FINE ARTAARON LEE GIVAN PhD FINE ART
AARON LEE GIVAN PhD FINE ARTAaron Givan, MC, D.Min., Ph.D.
 
NOSQL apache-cassandra-150611122739-lva1-app6891
NOSQL apache-cassandra-150611122739-lva1-app6891NOSQL apache-cassandra-150611122739-lva1-app6891
NOSQL apache-cassandra-150611122739-lva1-app6891darwin dj
 
Francisco A. Martínez
Francisco A. MartínezFrancisco A. Martínez
Francisco A. MartínezEliezer Sanchez
 
Announcements Thurs June 11
Announcements Thurs June 11 Announcements Thurs June 11
Announcements Thurs June 11 Pine River
 
First Aid
First AidFirst Aid
First AidAmiee Senekal
 

More Related Content

What's hot

Utilities Industry - Smart Analytics
Utilities Industry - Smart AnalyticsUtilities Industry - Smart Analytics
Utilities Industry - Smart AnalyticsTeradata
 
Cognitivo - Tackling the enterprise data quality challenge
Cognitivo - Tackling the enterprise data quality challengeCognitivo - Tackling the enterprise data quality challenge
Cognitivo - Tackling the enterprise data quality challengeAlan Hsiao
 
Lecture 10 documentation techniques -transaction processing- james a. hall b...
Lecture 10 documentation techniques -transaction processing- james a. hall b...Lecture 10 documentation techniques -transaction processing- james a. hall b...
Lecture 10 documentation techniques -transaction processing- james a. hall b...Habib Ullah Qamar
 
Information Resources Management
Information Resources ManagementInformation Resources Management
Information Resources ManagementAchmad Solichin
 
Consumerization of IT: Mobile Infrastructure, Support and Security
Consumerization of IT: Mobile Infrastructure, Support and SecurityConsumerization of IT: Mobile Infrastructure, Support and Security
Consumerization of IT: Mobile Infrastructure, Support and SecurityMarie-Michelle Strah, PhD
 
Chap05 Data Resource Management
Chap05 Data Resource ManagementChap05 Data Resource Management
Chap05 Data Resource ManagementAqib Syed
 
Information Systems Chapter 1
Information Systems Chapter 1Information Systems Chapter 1
Information Systems Chapter 1Jim Constantinou
 
Information systems
Information systemsInformation systems
Information systemsnaszach
 
Intel Data Center Manager
Intel Data Center ManagerIntel Data Center Manager
Intel Data Center ManagerDESMOND YUEN
 
Management information systems and cyber
Management information systems and cyberManagement information systems and cyber
Management information systems and cyberAnjali
 
Management information-system-computer-information-system-need of information...
Management information-system-computer-information-system-need of information...Management information-system-computer-information-system-need of information...
Management information-system-computer-information-system-need of information...Milan Padariya
 
Application Rationalization Paper 092308 Doc Version
Application Rationalization Paper 092308 Doc VersionApplication Rationalization Paper 092308 Doc Version
Application Rationalization Paper 092308 Doc VersionCarolyn Reid
 

What's hot (17)

Utilities Industry - Smart Analytics
Utilities Industry - Smart AnalyticsUtilities Industry - Smart Analytics
Utilities Industry - Smart Analytics
 
Business Informaton Systems
Business Informaton SystemsBusiness Informaton Systems
Business Informaton Systems
 
Cognitivo - Tackling the enterprise data quality challenge
Cognitivo - Tackling the enterprise data quality challengeCognitivo - Tackling the enterprise data quality challenge
Cognitivo - Tackling the enterprise data quality challenge
 
Lecture 10 documentation techniques -transaction processing- james a. hall b...
Lecture 10 documentation techniques -transaction processing- james a. hall b...Lecture 10 documentation techniques -transaction processing- james a. hall b...
Lecture 10 documentation techniques -transaction processing- james a. hall b...
 
Unit Ii
Unit IiUnit Ii
Unit Ii
 
Information Resources Management
Information Resources ManagementInformation Resources Management
Information Resources Management
 
Consumerization of IT: Mobile Infrastructure, Support and Security
Consumerization of IT: Mobile Infrastructure, Support and SecurityConsumerization of IT: Mobile Infrastructure, Support and Security
Consumerization of IT: Mobile Infrastructure, Support and Security
 
Chap05 Data Resource Management
Chap05 Data Resource ManagementChap05 Data Resource Management
Chap05 Data Resource Management
 
Introduction to Accounting System
Introduction to Accounting SystemIntroduction to Accounting System
Introduction to Accounting System
 
Information Systems Chapter 1
Information Systems Chapter 1Information Systems Chapter 1
Information Systems Chapter 1
 
Information systems
Information systemsInformation systems
Information systems
 
Intel Data Center Manager
Intel Data Center ManagerIntel Data Center Manager
Intel Data Center Manager
 
Management information systems and cyber
Management information systems and cyberManagement information systems and cyber
Management information systems and cyber
 
Management information-system-computer-information-system-need of information...
Management information-system-computer-information-system-need of information...Management information-system-computer-information-system-need of information...
Management information-system-computer-information-system-need of information...
 
Data
DataData
Data
 
Ch02
Ch02Ch02
Ch02
 
Application Rationalization Paper 092308 Doc Version
Application Rationalization Paper 092308 Doc VersionApplication Rationalization Paper 092308 Doc Version
Application Rationalization Paper 092308 Doc Version
 

Viewers also liked

NOSQL apache-cassandra-150611122739-lva1-app6891
NOSQL apache-cassandra-150611122739-lva1-app6891NOSQL apache-cassandra-150611122739-lva1-app6891
NOSQL apache-cassandra-150611122739-lva1-app6891darwin dj
 
Announcements Thurs June 11
Announcements Thurs June 11 Announcements Thurs June 11
Announcements Thurs June 11 Pine River
 
La vida en cristo Jesus
La vida en cristo JesusLa vida en cristo Jesus
La vida en cristo Jesusnoteconosco
 
Introducción a Silex. Aprendiendo a hacer las cosas bien en PHP
Introducción a Silex. Aprendiendo a hacer las cosas bien en PHPIntroducción a Silex. Aprendiendo a hacer las cosas bien en PHP
Introducción a Silex. Aprendiendo a hacer las cosas bien en PHPDaniel Primo
 
Elementos de la musica
Elementos de la musicaElementos de la musica
Elementos de la musicaDanielalpb
 

Viewers also liked (11)

AARON LEE GIVAN PhD FINE ART
AARON LEE GIVAN PhD FINE ARTAARON LEE GIVAN PhD FINE ART
AARON LEE GIVAN PhD FINE ART
 
NOSQL apache-cassandra-150611122739-lva1-app6891
NOSQL apache-cassandra-150611122739-lva1-app6891NOSQL apache-cassandra-150611122739-lva1-app6891
NOSQL apache-cassandra-150611122739-lva1-app6891
 
Francisco A. Martínez
Francisco A. MartínezFrancisco A. Martínez
Francisco A. Martínez
 
Announcements Thurs June 11
Announcements Thurs June 11 Announcements Thurs June 11
Announcements Thurs June 11
 
First Aid
First AidFirst Aid
First Aid
 
Wiki
WikiWiki
Wiki
 
La vida en cristo Jesus
La vida en cristo JesusLa vida en cristo Jesus
La vida en cristo Jesus
 
Evaluación radicales
Evaluación radicalesEvaluación radicales
Evaluación radicales
 
Valores en el Docente
Valores en el DocenteValores en el Docente
Valores en el Docente
 
Introducción a Silex. Aprendiendo a hacer las cosas bien en PHP
Introducción a Silex. Aprendiendo a hacer las cosas bien en PHPIntroducción a Silex. Aprendiendo a hacer las cosas bien en PHP
Introducción a Silex. Aprendiendo a hacer las cosas bien en PHP
 
Elementos de la musica
Elementos de la musicaElementos de la musica
Elementos de la musica
 

Similar to Canheit-2012-ITRepository

MIS for LOGISTICS B.com Logistics unit 1.pptx
MIS for LOGISTICS B.com Logistics unit 1.pptxMIS for LOGISTICS B.com Logistics unit 1.pptx
MIS for LOGISTICS B.com Logistics unit 1.pptxPranavRaythatha1
 
IT_RFO10-14-ITS_AppendixA_20100513
IT_RFO10-14-ITS_AppendixA_20100513IT_RFO10-14-ITS_AppendixA_20100513
IT_RFO10-14-ITS_AppendixA_20100513Alexander Doré
 
Hybrid ERP Pov
Hybrid ERP PovHybrid ERP Pov
Hybrid ERP PovTim Hofer
 
IT Services Management
IT Services ManagementIT Services Management
IT Services ManagementDanu Ridwanto
 
The 7 Steps to Prevent IT-Caused Outages- A Comprehensive Approach
The 7 Steps to Prevent IT-Caused Outages- A Comprehensive ApproachThe 7 Steps to Prevent IT-Caused Outages- A Comprehensive Approach
The 7 Steps to Prevent IT-Caused Outages- A Comprehensive ApproachProtected Harbor
 
Enterprise architecture
Enterprise architecture Enterprise architecture
Enterprise architecture Hamzazafeer
 
Color Blind 1.pdfColor Blind 2.pdfColor Blind 3.pdfC.docx
Color Blind 1.pdfColor Blind 2.pdfColor Blind 3.pdfC.docxColor Blind 1.pdfColor Blind 2.pdfColor Blind 3.pdfC.docx
Color Blind 1.pdfColor Blind 2.pdfColor Blind 3.pdfC.docxdrandy1
 
Color Blind 1.pdfColor Blind 2.pdfColor Blind 3.pdfC.docx
Color Blind 1.pdfColor Blind 2.pdfColor Blind 3.pdfC.docxColor Blind 1.pdfColor Blind 2.pdfColor Blind 3.pdfC.docx
Color Blind 1.pdfColor Blind 2.pdfColor Blind 3.pdfC.docxcargillfilberto
 
A Special Report on Infrastructure Futures: Keeping Pace in the Era of Big Da...
A Special Report on Infrastructure Futures: Keeping Pace in the Era of Big Da...A Special Report on Infrastructure Futures: Keeping Pace in the Era of Big Da...
A Special Report on Infrastructure Futures: Keeping Pace in the Era of Big Da...IBM India Smarter Computing
 
A System Approach For Defining Data Center Value Proposition.pdf
A System Approach For Defining Data Center Value Proposition.pdfA System Approach For Defining Data Center Value Proposition.pdf
A System Approach For Defining Data Center Value Proposition.pdfVernette Whiteside
 
REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS Accelerite
 
Chapter Twenty-Four Information Technology Portfolio Management.docx
Chapter Twenty-Four Information Technology Portfolio Management.docxChapter Twenty-Four Information Technology Portfolio Management.docx
Chapter Twenty-Four Information Technology Portfolio Management.docxchristinemaritza
 
RISK MITIGATION AND THREAT IDENTIFICATIONIntroductionInforma.docx
RISK MITIGATION AND THREAT IDENTIFICATIONIntroductionInforma.docxRISK MITIGATION AND THREAT IDENTIFICATIONIntroductionInforma.docx
RISK MITIGATION AND THREAT IDENTIFICATIONIntroductionInforma.docxjoellemurphey
 
Explain the IAR document and how it should be filled__YASHODA Hospital.pptx
Explain the IAR document and how it should be filled__YASHODA Hospital.pptxExplain the IAR document and how it should be filled__YASHODA Hospital.pptx
Explain the IAR document and how it should be filled__YASHODA Hospital.pptxUndersam
 
Technology career opportunties within the insurance industry
Technology career opportunties within the insurance industryTechnology career opportunties within the insurance industry
Technology career opportunties within the insurance industryRachel Acker
 

Similar to Canheit-2012-ITRepository (20)

MIS for LOGISTICS B.com Logistics unit 1.pptx
MIS for LOGISTICS B.com Logistics unit 1.pptxMIS for LOGISTICS B.com Logistics unit 1.pptx
MIS for LOGISTICS B.com Logistics unit 1.pptx
 
IT_RFO10-14-ITS_AppendixA_20100513
IT_RFO10-14-ITS_AppendixA_20100513IT_RFO10-14-ITS_AppendixA_20100513
IT_RFO10-14-ITS_AppendixA_20100513
 
Hybrid ERP Pov
Hybrid ERP PovHybrid ERP Pov
Hybrid ERP Pov
 
IT Services Management
IT Services ManagementIT Services Management
IT Services Management
 
ITMCH2.pptx
ITMCH2.pptxITMCH2.pptx
ITMCH2.pptx
 
The 7 Steps to Prevent IT-Caused Outages- A Comprehensive Approach
The 7 Steps to Prevent IT-Caused Outages- A Comprehensive ApproachThe 7 Steps to Prevent IT-Caused Outages- A Comprehensive Approach
The 7 Steps to Prevent IT-Caused Outages- A Comprehensive Approach
 
Enterprise architecture
Enterprise architecture Enterprise architecture
Enterprise architecture
 
S36169184
S36169184S36169184
S36169184
 
HOW INFORMATION SYSTEM IS EFFECT ON AN ORGANIZATION
HOW INFORMATION SYSTEM IS EFFECT ON AN ORGANIZATIONHOW INFORMATION SYSTEM IS EFFECT ON AN ORGANIZATION
HOW INFORMATION SYSTEM IS EFFECT ON AN ORGANIZATION
 
Color Blind 1.pdfColor Blind 2.pdfColor Blind 3.pdfC.docx
Color Blind 1.pdfColor Blind 2.pdfColor Blind 3.pdfC.docxColor Blind 1.pdfColor Blind 2.pdfColor Blind 3.pdfC.docx
Color Blind 1.pdfColor Blind 2.pdfColor Blind 3.pdfC.docx
 
Color Blind 1.pdfColor Blind 2.pdfColor Blind 3.pdfC.docx
Color Blind 1.pdfColor Blind 2.pdfColor Blind 3.pdfC.docxColor Blind 1.pdfColor Blind 2.pdfColor Blind 3.pdfC.docx
Color Blind 1.pdfColor Blind 2.pdfColor Blind 3.pdfC.docx
 
A Special Report on Infrastructure Futures: Keeping Pace in the Era of Big Da...
A Special Report on Infrastructure Futures: Keeping Pace in the Era of Big Da...A Special Report on Infrastructure Futures: Keeping Pace in the Era of Big Da...
A Special Report on Infrastructure Futures: Keeping Pace in the Era of Big Da...
 
A System Approach For Defining Data Center Value Proposition.pdf
A System Approach For Defining Data Center Value Proposition.pdfA System Approach For Defining Data Center Value Proposition.pdf
A System Approach For Defining Data Center Value Proposition.pdf
 
REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS
 
Chapter Twenty-Four Information Technology Portfolio Management.docx
Chapter Twenty-Four Information Technology Portfolio Management.docxChapter Twenty-Four Information Technology Portfolio Management.docx
Chapter Twenty-Four Information Technology Portfolio Management.docx
 
RISK MITIGATION AND THREAT IDENTIFICATIONIntroductionInforma.docx
RISK MITIGATION AND THREAT IDENTIFICATIONIntroductionInforma.docxRISK MITIGATION AND THREAT IDENTIFICATIONIntroductionInforma.docx
RISK MITIGATION AND THREAT IDENTIFICATIONIntroductionInforma.docx
 
AIS 3 - EDITED.pdf
AIS 3 - EDITED.pdfAIS 3 - EDITED.pdf
AIS 3 - EDITED.pdf
 
Explain the IAR document and how it should be filled__YASHODA Hospital.pptx
Explain the IAR document and how it should be filled__YASHODA Hospital.pptxExplain the IAR document and how it should be filled__YASHODA Hospital.pptx
Explain the IAR document and how it should be filled__YASHODA Hospital.pptx
 
Technology career opportunties within the insurance industry
Technology career opportunties within the insurance industryTechnology career opportunties within the insurance industry
Technology career opportunties within the insurance industry
 
Data Management
Data ManagementData Management
Data Management
 

Canheit-2012-ITRepository

  • 1. Building a central IT Repository Last Revised: February 28, 2012 Background: Maintaining an accurate inventory of major IT assets is an essential requirement of enterprise risk management (ERM) activity. IT risk management (a subset of ERM) has a focus on IT asset management (i.e. know what you need to protect), as an underpinning resource to business continuity planning (BCP) and disaster recovery planning (DRP). An additional value of the information relates to emergency preparedness, crisis management and incident response; however the significant distributed/decentralized IT environment (typical of Universities), presents a challenge for senior management to know “what’s out there”. Since the infamous ‘Y2K’ contingency planning effort, a basic spreadsheet listing major IT systems and services has been maintained within the Office of the CIO. In recent years, the listing has been expanded, additional data attributes have been suggested, and the importance of the information recognized by those charged with risk management and contingency planning. The enhanced scope of the inventory classifies IT assets as either a) application systems or b) infrastructure services. A key deliverable is identification of individuals who have either managerial or technical support responsibility for each asset. The Office of the CIO’s Systems Assurance unit is charged with transforming the spreadsheet listing into a central on- line repository of IT information including IT Assets (Applications and Services) and IT Resources (people/service providers). A web-based application and database has been developed that is currently in ‘beta’ release, targeted for initial production release later this year. Value/Deliverables: The primary purpose of the central IT repository is to facilitate risk management. Based upon data attributes of each asset, overall risk will be determined. Key risk metrics (e.g. performs e-business) will be identified, communicated, and prioritized in a straight-forward, consistent manner to senior management and relevant stakeholders. The identification of individuals, who are ‘related’ to IT assets, enables a focus on accountability and contingency planning and is the key differentiator with Guelph’s approach, compared to traditional asset management systems. Additional risk management attributes which the Repository will store include: i) remote hosting and 3rd party support; ii) purchased commercial products versus internally developed; iii) centralized versus distributed technical support. An additional planned feature is highlighting “active” assets reflecting current development/enhancement projects. Functionality: The Repository is intended to be a ‘high level’ catalog of IT application systems and infrastructure services. The depth of information (i.e. data attributes) would be limited to the needs of management charged with risk management. The Repository is NOT a physical hardware inventory with details about assets such as configurations, models, serial numbers, etc. nor is it a Service Catalog targeted to end-users. Attributes worth tracking and which provide risk management value include: deployment (i.e. departmental vs. enterprise); service provider (in- house vs. 3rd party); stores sensitive/personal information; business process criticality, etc. In addition to Asset records, the Repository is intended to track the IT-related human resources who either ‘own’ the applications/services or provide technical support. Each individual who has a relationship with IT (executive sponsor, system owner, technical support) will be asked to provide emergency contact information that will only be visible on a “need to know” basis via an emergency contact dashboard within the Repository. This information is collected to enable improved responsiveness to potential disruptions and security breaches. IT PMO Page 1 of 1 D. D. Badger