Df10364 ca

525 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
525
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
22
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Df10364 ca

  1. 1. Why IT Governance still matters in “the cloud”<br />Steve Romero PMP, CISSP, CPM<br />IT Governance Evangelist<br />
  2. 2. How many cloud experts in the room?<br />2<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  3. 3. How many IT Governance experts in the room?<br />IT Governance Mechanisms<br />IT Governance Definition(s)<br />3 Key Questions: <br /><ul><li>What decisions need to be made?
  4. 4. Who is accountable for making decisions?
  5. 5. How will the decisions be made?
  6. 6. Board of Directors / Committees
  7. 7. Metrics
  8. 8. Process Management</li></ul>IT Principle Decisions<br />Clarifying Enterprise Objectives for IT<br />IT Governance Principles<br />IT Governance Processes<br /><ul><li>Ensure IT is aligned with the business
  9. 9. Ensure IT delivers value to the business
  10. 10. Ensure IT manages risk
  11. 11. Ensure IT manages resources
  12. 12. Ensure IT manages performance
  13. 13. Integrated Business & IT Planning
  14. 14. IT Investment Assessment, Prioritization, Funding & Benefits Realization Accountability (PPM)
  15. 15. IT Financial & Resource Allocation
  16. 16. Project Execution & Decision-making (PMOs/PM)
  17. 17. Emerging Technology Evaluation & Adoption
  18. 18. Client Relationship Management
  19. 19. Building & Maintaining Applications & Infrastructure
  20. 20. Provisioning of IT Services
  21. 21. Outsourcing Services
  22. 22. Audit & Risk Management
  23. 23. Architecture Management - Standards & Review</li></ul>IT Infrastructure<br />Decisions<br />IT Investment and<br />Prioritization<br />Decisions<br />IT Architecture<br />Decisions<br />IT Governance Decisions<br />Business Application<br />Decisions<br />3<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  24. 24. When does IT Governance and PPM matter more?<br />In a down economy – surviving the economic storm<br /><ul><li>In a Cloud Computing environment – surviving the nebulous cumulus</li></ul>4<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  25. 25. The Genesis of this Presentation<br /> 3 months collecting everything “cloud”<br /> One week pouring over the information<br /> Found I had something to say<br /> Found I had something to do<br />5<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  26. 26. I want to prepare and arm PPM practitioners to defend this critical business process<br />6<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  27. 27. Governance - simplified<br /><ul><li>Simple Version - The processes and relationships that lead to reasoned decision-making in IT
  28. 28. 3 Key Questions:
  29. 29. Whatdecisionsneed to be made?
  30. 30. Who is accountable for making the decisions?
  31. 31. How will the decisionsbe made?</li></ul>7<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  32. 32. The Elements of IT Governance<br />IT Governance Mechanisms<br />IT Governance Definition(s)<br />3 Key Questions: <br /><ul><li>What decisions need to be made?
  33. 33. Who is accountable for making decisions?
  34. 34. How will the decisions be made?
  35. 35. Board of Directors / Committees
  36. 36. Metrics
  37. 37. Process Management</li></ul>IT Principle Decisions<br />Clarifying Enterprise Objectives for IT<br />IT Governance Principles<br />IT Governance Processes<br /><ul><li>Ensure IT is aligned with the business
  38. 38. Ensure IT delivers value to the business
  39. 39. Ensure IT manages risk
  40. 40. Ensure IT manages resources
  41. 41. Ensure IT manages performance
  42. 42. Integrated Business & IT Planning
  43. 43. IT Investment Assessment, Prioritization, Funding & Benefits Realization Accountability (PPM)
  44. 44. IT Financial & Resource Allocation
  45. 45. Project Execution & Decision-making (PMOs/PM)
  46. 46. Emerging Technology Evaluation & Adoption
  47. 47. Client Relationship Management
  48. 48. Building & Maintaining Applications & Infrastructure
  49. 49. Provisioning of IT Services
  50. 50. Outsourcing Services
  51. 51. Audit & Risk Management
  52. 52. Architecture Management - Standards & Review</li></ul>IT Infrastructure<br />Decisions<br />IT Investment and<br />Prioritization<br />Decisions<br />IT Architecture<br />Decisions<br />IT Governance Decisions<br />Business Application<br />Decisions<br />8<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  53. 53. 9<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />The greatest single factor in realizing value from technology investments<br />according to Massachusetts Institute of Technology (MIT) Center for Information Research (CISR), Sloan School of Management<br /><ul><li>MIT CISR has been asking and answering the same question for 36 years: How do enterprises realize the most value from their investment in technology?
  54. 54. Firms with superior IT Governance had more than 20% higher profits over those that did not
  55. 55. Peter Weill, Chairman of MIT CISR: “If I was to choose one factor that most contributed to the success of IT, it is IT Governance.”</li></li></ul><li>My foray into Cloud Computingrecommended cloud computing resources<br />I encountered many differing views and definitions – ensure you’re on the same page <br />The NIST Definition of Cloud Computing <br />Authors: Peter Mell and Tim Grance, Version 15, 10-7-09, National Institute of Standards and Technology, Information Technology Laboratory<br />http://csrc.nist.gov/groups/SNS/cloud-computing/<br />Cloud Security Alliance<br />http://www.cloudsecurityalliance.org/<br />10<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  56. 56. Cloud Computing Definedaccording to NIST<br />Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. <br />11<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  57. 57. Cloud Computing Defined<br />The NIST cloud model promotes availability and is composed of:<br />5 essential characteristics<br />3 service models<br />4 deployment models<br />12<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  58. 58. On-demand self-service- it’s there when you need it<br />Broad network access- tons of connectivity options<br />Resource pooling- sharing who-knows-where resources<br />Rapid elasticity- you get what you need<br />Measured Service- you get what you pay for<br />13<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />Essential Characteristics of Cloud Computing<br />
  59. 59. On-demand self-serviceA consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service’s provider. <br />Broad network accessCapabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, laptops, and PDAs).<br />Resource poolingThe provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or datacenter). Examples of resources include storage, processing, memory, network bandwidth, and virtual machines.<br />Rapid elasticityCapabilities can be rapidly and elastically provisioned, in some cases automatically, to quickly scale out and rapidly released to quickly scale in. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be purchased in any quantity at any time.<br />Measured ServiceCloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported providing transparency for both the provider and consumer of the utilized service.<br />14<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />Essential Characteristics of Cloud Computing<br />
  60. 60. Infrastructure as a Service (IaaS) – rent a datacenter<br />Platform as a Service (PaaS)– here’s my application – run it<br />Software as a Service (SaaS)– give me a logon<br />15<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />Cloud Service Models<br />
  61. 61. Infrastructure as a Service (IaaS)<br />The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications, and possibly limited control of select networking components (e.g., host firewalls).<br />Platform as a Service (PaaS)<br />The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly application hosting environment configurations.<br />Software as a Service (SaaS)<br />The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure. The applications are accessible from various client devices through a thin client interface such as a web browser (e.g., web-based email). The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.<br />16<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />Cloud Service Models<br />
  62. 62. Public cloud -sold to the public, mega-scale infrastructure<br />Private cloud - enterprise owned or leased<br />Community cloud - shared infrastructure for specific community<br />Hybrid cloud - Composition of two or more clouds<br />17<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />Cloud Deployment Models<br />
  63. 63. Elimination of an up-front commitment by Cloud users<br />Developers with innovative ideas encounter less barriers to entry<br />Quick up-and-down for temporary apps<br />Reduces infrastructure costs<br />Converts some capital expenses to operating expenses<br />Highly efficient pricing where customers pay only for resources used on a short-term basis as needed.<br />Virtually unlimited computing power on demand<br />Increasingly open high-value business data typically delivered up via SOA<br />Rapid expansion of business information in machine-readable form. <br /><ul><li>Less pressure on corporate IT departments charged with managing the infrastructure and budgeting for new equipment to keep up with demand
  64. 64. Companies with large batch-oriented tasks can get results as quickly as their programs can scale
  65. 65. Fewer over-provisioning and under-provisioning concerns
  66. 66. Better security – if you have archaic or home-grown security capabilities
  67. 67. Transfers risk
  68. 68. Gives application providers the choice of deploying their product as SaaS without provisioning a datacenter
  69. 69. SaaS-Service providers enjoy greatly simplified software installation and maintenance and centralized control over versioning</li></ul>18<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />Benefits of Cloud Computing<br />
  70. 70. Data transfer bottlenecks and latency concerns<br />Service Availability and Business Continuity Management and assurance concerns<br />Data owner no longer has direct or indirect control of the physical environment affecting his/her data<br />Data confidentiality and “auditability”<br />Performance unpredictability, bugs in large-scale distributed systems<br />Questionable security – if you have proven, mature, advanced security capabilities<br />Pricing models need to evolve – lack of flexible pricing<br /><ul><li>Absence of a business model that fully reflects the technology’s flexibility
  71. 71. No data handling and security practices standards
  72. 72. Users might become dependent on proprietary systems whose costs will escalate or whose terms of service might be changed unilaterally and adversely
  73. 73. What recourse when application isn't available, performance bogs down, or there's a security breach
  74. 74. SLA “penalty” costs will carry over to price
  75. 75. Reputation fate sharing and legal liability</li></ul>19<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />Downside of Cloud Computing<br />
  76. 76. <ul><li>People were either pro-Cloud or anti-Cloud -rarely did I find fence-sitters or both-side-seers
  77. 77. Pro-cloud?- immerse yourself in the downsides
  78. 78. Anti-cloud? – immerse yourself in the benefits
  79. 79. Informed cloud – knowing the pros and the cons and making informed decisions about what is best for your business</li></ul>20<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />Two Sides to the Cloud Computing Coin<br />
  80. 80. Analogously to how SaaS allows the user to offload some problems to the SaaS provider, the SaaS provider can now offload some of his problems to the Cloud Computing provider.<br />Above the Clouds: A Berkeley View of Cloud Computing Copyright 2009, by the author(s). All rights reserved.<br />21<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />Users and Providers of Cloud Computing<br />
  81. 81. Does Cloud Computing mean “IT doesn’t matter”?in the spirit of Nicolas Carr’s May ‘03 HBS review article<br />Blog Post: Can IT management let go of IT operations?<br />April 13th, 2010 Posted by David Chernicoff @ 10:48 am<br />“As you move more line-of-business services to the cloud, your internal day-to-day IT technical needs will continue to decline, but at what overall cost?  When you and all of your competitors are using the same technical resources and getting your corporate IT services from cloud providers, how will you be able to leverage IT for any sort of competitive advantage for your business? Where will the technical knowledge necessary to get the most from IT reside, and how will you access it?”<br />22<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  82. 82. Yes, even in the clouds, IT still matters<br />I agree the inevitable move to Cloud Computing will decrease the need for IT Operations and Maintenance personnel. But what about these other roles?<br />Biz/IT Strategic and Tactical Planners<br />IT Portfolio Managers<br />IT Financial Managers<br />IT Program and Project Managers<br />Business and Systems Analysts<br />IT Research and Development Staff<br /><ul><li>Client Relationship Managers
  83. 83. Application Development Managers and Staff
  84. 84. Provisioning Managers
  85. 85. IT Outsourcing Managers
  86. 86. IT Risk Managers
  87. 87. IT Security Managers
  88. 88. Enterprise and IT Architects</li></ul>23<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  89. 89. The Elements of IT Governance<br />IT Governance Mechanisms<br />IT Governance Definition(s)<br />3 Key Questions: <br /><ul><li>What decisions need to be made?
  90. 90. Who is accountable for making decisions?
  91. 91. How will the decisions be made?
  92. 92. Board of Directors / Committees
  93. 93. Metrics
  94. 94. Process Management</li></ul>IT Principle Decisions<br />Clarifying Enterprise Objectives for IT<br />IT Governance Principles<br />IT Governance Processes<br /><ul><li>Ensure IT is aligned with the business
  95. 95. Ensure IT delivers value to the business
  96. 96. Ensure IT manages risk
  97. 97. Ensure IT manages resources
  98. 98. Ensure IT manages performance
  99. 99. Integrated Business & IT Planning
  100. 100. IT Investment Assessment, Prioritization, Funding & Benefits Realization Accountability (PPM)
  101. 101. IT Financial & Resource Allocation
  102. 102. Project Execution & Decision-making (PMOs/PM)
  103. 103. Emerging Technology Evaluation & Adoption
  104. 104. Client Relationship Management
  105. 105. Building & Maintaining Applications & Infrastructure
  106. 106. Provisioning of IT Services
  107. 107. Outsourcing Services
  108. 108. Audit & Risk Management
  109. 109. Architecture Management - Standards & Review</li></ul>IT Infrastructure<br />Decisions<br />IT Investment and<br />Prioritization<br />Decisions<br />IT Architecture<br />Decisions<br />IT Governance Decisions<br />Business Application<br />Decisions<br />24<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  110. 110. Decisions are still requiredso governance is still required<br /><ul><li>Simple Version - The processes and relationships that lead to reasoned decision-making in IT
  111. 111. 3 Key Questions:
  112. 112. Whatdecisionsneed to be made?
  113. 113. Who is accountable for making the decisions?
  114. 114. How will the decisionsbe made?</li></ul>25<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  115. 115. All Governance decisions are required to make reasoned and rational decisions about the Cloud<br />IT Principles for Digitization Decisions - Clarifying the Role for IT<br />Need to determine if Cloud influences IT Archetype<br />IT Infrastructure Decisions<br />IT Investment and<br />Prioritization Decisions<br />Enterprise Architecture<br />Decisions<br />Must reflect the Cloud<br />Business Application<br />Decisions<br />Biz/IT Architecture must incorporate the Cloud<br />Which are candidates for the Cloud?<br />Increased need to ensure they are reasoned and rationale<br />© Peter Weill and Jeanne Ross, CISR MIT Sloan School of Management<br />26<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  116. 116. Governance Processes Required in the Cloud<br /><ul><li>Integrated Business & IT Planning –Need to determine Cloud fit
  117. 117. IT Investment Assessment, Prioritization, Funding & Benefits Realization Accountability (PPM) – Increased need to ensure decisions are reasoned/rational
  118. 118. IT Financial & Resource Allocation – Major $ ramifications
  119. 119. Project Execution & Decision-making (PMOs/PM) – More Cloud projects
  120. 120. Emerging Technology Evaluation & Adoption – When to adopt
  121. 121. Client Relationship Management – User to Provider liaison
  122. 122. Building & Maintaining Apps & Infrastructure – Unless strategic differentiator
  123. 123. Provisioning of IT Services – Need to determine which Cloud?
  124. 124. Outsourcing Services – Contracts and increased SLA criticality
  125. 125. Audit & Risk Management – CIA, CRO/CSO, SDLC, involvement
  126. 126. Architecture Management - FIT</li></ul>27<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  127. 127. PPM Defined<br />Portfolio management is the centralized management of one or more portfolios, which includes identifying, prioritizing, authorizing, managing, and controlling projects, programs, and other related work, to achieve specific strategic business objectives.<br />28<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  128. 128. Understanding PPM<br />Problems to be solved<br /><ul><li>Varying Definitions
  129. 129. The “Ps” in PPM
  130. 130. Goal and Criteria
  131. 131. Investment Decision-making
  132. 132. Ensure IT manages performance
  133. 133. The issues and problems
  134. 134. The untenable reality created by these issues</li></ul>Doing the right things<br />IT’s ability to partner with the business to maintain alignment and maximize return from IT investments<br />PPM Leadership<br /><ul><li>Executive Steering Committee
  135. 135. Go/No-go – Kill/Fix – Benefits Realization
  136. 136. Mechanics</li></ul>Doing things right<br />IT’s ability to make the best use of its people, budgets and assets<br />PPM<br />The Two Dimensions<br />Portfolios<br /><ul><li>Projects / Programs
  137. 137. Demand
  138. 138. Resource
  139. 139. Assets
  140. 140. Applications</li></ul>PMO<br />29<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />Elements of Understanding PPM<br />
  141. 141. Problems Plaguing Enterprises TodayWhich of these problems are solved by cloud computing?<br /><ul><li>Wrong projects – not linked to strategy/goals
  142. 142. Projects are not prioritized
  143. 143. Too many projects – not in line with resources
  144. 144. No formal project/program approval process
  145. 145. Projects use critical resources inefficiently
  146. 146. Projects create redundant applications
  147. 147. Projects invest in non-strategic applications
  148. 148. Funding tends to be political
  149. 149. We can’t kill a project
  150. 150. Projects are not monitored and managed collectively
  151. 151. Unbalanced investment mix
  152. 152. 50% of IT projects fail (cost, schedule, performance)</li></ul>30<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  153. 153. Problems Plaguing enterprises todayWhich problems are exacerbated by cloud computing?<br /><ul><li>Wrong projects – not linked to strategy/goals
  154. 154. Projects are not prioritized
  155. 155. Too many projects – not in line with resources
  156. 156. No formal project/program approval process
  157. 157. Projects use critical resources inefficiently
  158. 158. Projects create redundant applications
  159. 159. Projects invest in non-strategic applications
  160. 160. Funding tends to be political
  161. 161. We can’t kill a project
  162. 162. Projects are not monitored and managed collectively
  163. 163. Unbalanced investment mix
  164. 164. 50% of IT projects fail (cost, schedule, performance)</li></ul>31<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  165. 165. PPM is Critical to Solving the Problems<br /><ul><li>Wrong projects - chooses investments and ensures they fulfill the strategy
  166. 166. Projects are not prioritized – makes priority decisions
  167. 167. Too many projects - determines if projects “can be” done
  168. 168. No formal approval process - approves/rejects project requests
  169. 169. Projects use critical resources inefficiently - ensures appropriate use
  170. 170. Projects create redundant applications - compares investments– sees the “whole”
  171. 171. Projects invest in non-strategic applications - focuses investment on most strategic applications
  172. 172. Funding tends to be political - provides objective criteria
  173. 173. We can’t kill a project - provides oversight to fix or kill challenged projects
  174. 174. Projects are not monitored and managed collectively - slows, stops, helps, modifies
  175. 175. Unbalanced investment mix - ensures portfolios fulfill business strategy
  176. 176. 50% of IT projects fail - determines what “should be” done and if it “can be” done</li></ul>32<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />
  177. 177. According to Gartner’s"User Survey Analysis: Software as a Service, Enterprise Application Markets, Worldwide, 2010” study- More than 95 percent of organizations expect to maintain or grow their use of software as a service (SaaS)<br />According to a Platform Computing survey of 95 Execs - 85% of companies are experimenting with Clouds “inside the firewall” and intend to keep them there – expect this to change, fast<br />33<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />Current Trends<br />
  178. 178. How will Enterprises ensure Cloud Computing investment decisions are reasoned & rational? <br />Business and IT understanding and consensus of Cloud Computing is key<br />The Business (IT Users) will be able to bypass IT more easily<br />There is much more to IT than Systems Development and Operations – IT Governance is essential to understanding this<br />SoundPPMpracticesare far more critical due to increased IT investment option availability created by Cloud Computing<br />34<br />. December 2010 CA Clarity™ PPM Field Marketing Copyright © 2010 CA<br />Summary<br />
  179. 179. Steve RomeroIT Governance Evangelist steven.romero@ca.comTwitter @itgEvangelisthttp://community.ca.com/blogs/theitgovernanceevangelist/http://successfulppm.ning.com/<br />Thank you<br />

×