IT Governance a Compass Without a Map?<br />Pink Elephant<br />
Session Topics<br /><ul><li>Understanding the changing role of IT in relationship to business value
Building a practical blueprint of IT Governance
Tying Business objectives and value to IT goals and operational activities
Moving from a technology to a service approach of IT Management
Integrating best practice frameworks, COBIT, ITIL, CMMI, ETOM
Understanding the implications of Service Management on traditional organizational design and IT roles</li></li></ul><li>T...
What is IT Governance<br /><ul><li>IT governance is the responsibility of executives and the board of directors, and consi...
Furthermore, IT governance integrates and institutionalizes good practices to ensure that the enterprise’s IT supports the...
~IT Governance Institute – “COBIT 4.1”
IT Governance encompasses five major decision areas related to management and use of IT in a firm, all of which should be ...
IT principles: high level decisions about the strategic role of IT in the business
Enterprise Architecture: the organizing logic for business processes and IT infrastructure
IT Infrastructure: centrally coordinated, shared IT services providing part of the foundation for execution
Business Application Needs: business requirements for purchased or internally developed IT applications that both use and ...
Prioritization and Investment: decisions about how much and where to invest in IT, including project approval and justific...
~ Harvard Business Review / MIT Sloan “Enterprise Service Architecture as Strategy”</li></li></ul><li>Enterprise & IT Gove...
The Governance Model ISO 38500<br />Corporate <br />Governance <br />of ICT<br />Business <br />Needs<br />Business <br />...
IT Governance vs Management<br />Market  Competition<br />Business Strategy<br />New Technology<br />Markets<br />Legislat...
Service Portfolio and Governance <br />IT Governance<br />IT Mgmt. tools<br />
The ChangingRole For IT<br />HIGH<br />v3<br />IT customers are the customer of the organization<br />Value Network Focus<...
Four Stages or Architecture Maturity<br />Business Silo<br /> Architecture<br />Standardized Technology<br /> Architecture...
The Growing Legislation Minefield<br /><ul><li>Privacy & Security
Personal Information Protection Electronic Document Act (PIPEDA)
Upcoming SlideShare
Loading in …5
×

Marcos gobernabilidad-sin-mapa-v040811

695 views

Published on

Published in: Business, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
695
On SlideShare
0
From Embeds
0
Number of Embeds
7
Actions
Shares
0
Downloads
16
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Marcos gobernabilidad-sin-mapa-v040811

  1. 1. IT Governance a Compass Without a Map?<br />Pink Elephant<br />
  2. 2. Session Topics<br /><ul><li>Understanding the changing role of IT in relationship to business value
  3. 3. Building a practical blueprint of IT Governance
  4. 4. Tying Business objectives and value to IT goals and operational activities
  5. 5. Moving from a technology to a service approach of IT Management
  6. 6. Integrating best practice frameworks, COBIT, ITIL, CMMI, ETOM
  7. 7. Understanding the implications of Service Management on traditional organizational design and IT roles</li></li></ul><li>The “Risk Gap” For Business Growth Goals<br />
  8. 8. What is IT Governance<br /><ul><li>IT governance is the responsibility of executives and the board of directors, and consists of the leadership, organizational structures and processes that ensure that the enterprise’s IT sustains and extends the organization’s strategies and objectives.
  9. 9. Furthermore, IT governance integrates and institutionalizes good practices to ensure that the enterprise’s IT supports the business objectives.
  10. 10. ~IT Governance Institute – “COBIT 4.1”
  11. 11. IT Governance encompasses five major decision areas related to management and use of IT in a firm, all of which should be driven by the operating model:
  12. 12. IT principles: high level decisions about the strategic role of IT in the business
  13. 13. Enterprise Architecture: the organizing logic for business processes and IT infrastructure
  14. 14. IT Infrastructure: centrally coordinated, shared IT services providing part of the foundation for execution
  15. 15. Business Application Needs: business requirements for purchased or internally developed IT applications that both use and build the foundation for execution.
  16. 16. Prioritization and Investment: decisions about how much and where to invest in IT, including project approval and justification
  17. 17. ~ Harvard Business Review / MIT Sloan “Enterprise Service Architecture as Strategy”</li></li></ul><li>Enterprise & IT Governance<br />RegulatoryReporting / Privacy<br />Drivers<br />Enterprise Risk Mgmt.<br />CorporateObjectives<br />ITIL / ASL / ISO 27100 / PMI<br />IT Controls<br />Disciplines<br />Internal Risk ControlFramework (COSO)<br />IT Governance Framework(COBIT?)<br />Standards Controls<br />Ownership & Accountability<br />Monitoring & Reporting<br />ISO 38500 <br />
  18. 18. The Governance Model ISO 38500<br />Corporate <br />Governance <br />of ICT<br />Business <br />Needs<br />Business <br />Pressures<br />Evaluate<br />Direct<br />Monitor<br />Proposals<br />Performance<br />Conformance<br />Plans<br />Policies<br />Business Processes<br />ICT Projects<br />ICT Operations<br />
  19. 19. IT Governance vs Management<br />Market Competition<br />Business Strategy<br />New Technology<br />Markets<br />Legislation<br />IT Strategy<br />Customers<br />IT Governance<br />Services<br />External<br />Internal<br />IT Management<br />Present Service Portfolio<br />Future Service Portfolio<br />Business Governance & Strategy Drives IT<br />
  20. 20. Service Portfolio and Governance <br />IT Governance<br />IT Mgmt. tools<br />
  21. 21. The ChangingRole For IT<br />HIGH<br />v3<br />IT customers are the customer of the organization<br />Value Network Focus<br />IT is perceived as an internal business partner <br />Business Focus<br />Influence On The Business<br />v2<br />IT has a single strategy and is focused on the customer, but is perceived as an external supplier<br />Customer Focus<br />IT is focused on the integration and delivery of end-to-end IT services (business solutions)<br />Service Focus<br />IT is focused on technology, infrastructure and applications are treated as separate and largely unrelated domains<br />Technology Focus<br />LOW<br />Role Of IT/IS In The Organization<br />
  22. 22. Four Stages or Architecture Maturity<br />Business Silo<br /> Architecture<br />Standardized Technology<br /> Architecture<br />Optimized Core<br /> Architecture<br />Business Modularity<br /> Architecture<br />Reuse loosely coupled IT Enabled business process components (services) to preserve global standards while enabling local differences<br />Providing IT efficiencies though technology standardization and, in most cases increased centralization<br />Where companies look to maximize individual business unit needs of functional silo needs<br />Company wide data and process standardization as appropriate for the operating model<br />Phase 1<br />Phase 3<br />Phase 2<br />Phase 4<br />Source: HBS Enterprise Architecture as Strategy<br />
  23. 23. The Growing Legislation Minefield<br /><ul><li>Privacy & Security
  24. 24. Personal Information Protection Electronic Document Act (PIPEDA)
  25. 25. US Patriot Act Homeland Security (Critical Infrastructure)
  26. 26. Personal Health Information Protection Act (PHIPA)
  27. 27. Health Insurance Portability and Accountability Act (HIPAA)
  28. 28. SEC Rules 17a-3 & 17a-4 re: Securities Transaction Retention
  29. 29. Gramm-Leach Bliley Act (GLBA) privacy of financial information
  30. 30. Children’s Online Privacy Protection Act
  31. 31. Clinger-Cohen Act (US Gov.)
  32. 32. Federal Information Security Mgmt. Act (FISMA)
  33. 33. Freedom of Information & Protection of Privacy (FOIPOP) BC Gov
  34. 34. FDA Regulated IT Systems
  35. 35. Freedom Of Information Act
  36. 36. Americans with Disabilities Act, Sec. 508 (website accessibility)
  37. 37. Family Education Rights & Privacy Act (FERPA) (Higher Education)
  38. 38. Finance
  39. 39. Sarbanes Oxley (US)
  40. 40. FFIEC US Banking Standards
  41. 41. Basel II (World Bank)
  42. 42. Turnbull Report (UK)
  43. 43. Canadian Bill 198 (MI 52-109 & 52-111)
  44. 44. CIRCULAR A-123 (US Gov.)
  45. 45. J-Sox (Japan)
  46. 46. Other International IT Models
  47. 47. Corporate Governance for ICT DR 04198 (Australia)
  48. 48. Intragob Quality Effort (Mexico)
  49. 49. Medical Information System Development (Medis-DC) (Japan)
  50. 50. Authority for IT in the Public Administration (AIPA) (Italy)
  51. 51. Principles of accurate data processing supported accounting systems (GDPdu & GoBS) (Germany)
  52. 52. European Privacy Directive (Safe Harbor Framework)</li></li></ul><li>IT Governance & Business Value Linkage<br />Core Business Measures<br /><ul><li> Revenue
  53. 53. Market Share
  54. 54. Profit
  55. 55. ROE</li></ul>IT Core Strategic Measures<br />IT Governance & Measures<br />Balanced Scorecard<br />Business Value<br />IT Value Chain (Service Organization)<br />IT Governance / COBIT<br />IT Goals<br />IT Operational Processes<br />IT Processes<br />ITSM, SDLC, Project Mgmt., Security and Information Mgt.<br />
  56. 56. Process & Product Relationship<br />
  57. 57. DEMAND MANAGEMENT<br />SUPPLY<br />Develop & Maintain<br />Orders<br />Deliver Service<br />Commitments<br />E2E Service issues: Service delivery MI<br />E2E Service information<br />Supplier strategies<br />& profiles<br />governance<br />Group<br />Industry<br />Best practice<br />Develop & Integrate<br />Service Components<br />Strategy, Planning<br />and Sourcing<br />Deliver business change<br />Client strategies<br />Service<br />cost info<br />Architectures<br />Handover components<br />(awaiting authority <br />to run)<br />Aggregated<br />release<br />Plans<br />Demand <br />levels<br />& supply<br />capacity<br />Accepted<br />bid<br />10<br />Incidents & 1st line support<br />Requests/fixes<br />Acceptance<br />documentation<br />Service Portfolio<br />Service<br />Run Service<br />Components<br />Authorise major changes<br />Support<br />Approved<br />plans & <br />controls<br />3<br />Unplanned<br />change<br />demand<br />4<br /> 5<br />7<br />6<br />8<br />C<br />U<br />S<br />T<br />O<br />M<br />E<br />R<br />S<br />Performance vs. <br />OLA<br />U<br />S<br />E<br />R<br />S<br />E2E Service<br />Design & Sourcing<br />Client requirements for/<br />agreement to change<br />Request for major Service changes<br />Manage Services<br />Manage Client Relationships<br />Major<br />change<br />request<br />Request for improved<br />performance/fixes<br />Market and supplier info<br />Manage Service<br />Components<br />Maintain <br />Service Components<br />OLA requirements<br />OLA reporting<br />Bid support<br />Cost & <br />price model<br />OLA metrics<br />Minor change<br />requests<br />Invoicing & payments<br />Incident<br />escalation<br />2<br />Financial Processing<br />& Reporting<br />1<br />Major change<br />requests<br />Financial information<br />Supplier<br />contract,<br />issue<br />resolution, <br />feedback<br />and<br />benchmarking<br />10<br /> 9<br />11<br />12<br />Incident<br />escalation/<br />resolution<br />Problem reporting<br />and resolution<br />Manage Customer<br />Services<br />Supplier<br />negotiation<br />requirements<br />Incident communications<br />Supplier profiles<br />Orders<br />Supplier performance feedback<br />Manage Risk<br />Manage Suppliers<br />11<br />11<br />11<br /> 4<br />9<br /> 6<br />
  58. 58. 5. Develop& Integrate<br />Service Components<br />3. Strategy, Planning & Sourcing<br />2. Manage Services<br />6. Run Service Components<br />3.1 Define Vision & <br />Strategy<br />3.2 Define Strategic<br />Investment Portfolio<br />2.1 Produce Service Plan<br />6.1 Operate & monitor services<br />6.2 Service recovery<br />5.1 Manage projects<br />3.3 Develop / Maintain <br />Service Portfolio, OM <br />& Architectures<br />3.4 Define Strategic<br />Roadmaps<br />2.2 Track sservice performance<br />5.2 Manage integrated <br />service components/<br />business change<br />8. Manage Service Components<br />3.5 Develop SP <br />Business Plan <br />and Budget<br />3.6 Apply Strategic<br />Governance<br />8.1 Implement changed/ new service component<br />2.3 Review & report service performance<br />8.2 OLA management<br />8.3 Operational supplier<br />management<br />8.4 Service component<br />performance management<br />2.4 Identify service improvements<br />4. E2E Service Design <br />& Sourcing<br />1. Manage Client<br />Relationships<br />4.1 Change demand<br />capture<br />8.6 Update SCP database & reporting<br />2.5 Update SLAs (existing services)<br />8.5 Benchmarking<br />1.1 Facilitate client <br />business strategy<br />7. Maintain <br />Service Components<br />4.2 Route to appropriate<br />change process<br />1.2 Manage client <br />demand<br />9. Manage Customer Services<br />7.1 Component acceptance<br />4.3 Confirm <br />feasibility of bid<br />9.1 Manage incidents<br />9.3 Manage order<br />9.2 Manage problem<br />1.3 Manage client <br />contact<br />4.4 Mobilise team &<br />prepare bid<br />7.2 Release planning<br />9.4 Manage major incident<br />9.5 Manage knowledge<br />1.4 Facilitate overall<br />client satisfaction<br />7.3 Maintain component <br />4.5 Agree with clients<br />12. Manage Risk<br />1.5 Manage marketing<br />& account opportunities<br />12.3 Provide risk consultancy<br />12.1 Provide local risk governance<br />12.2 Lead risk management <br />7.4 Production change control<br />4.6 Portfolio entry<br />7.5 Business, operations, IT & supplier support<br />12.6 Provide IT security solutions<br />12.5 Provide risk training & awareness<br />12.4 Provide tools, techniques & standards<br />4.7 Aggregate business<br />release/ plan entry<br />11. Manage Suppliers<br />10. Financial Processing & Reporting<br />10.3 Maintain & manage cost (ABC) and pricing models<br />10.1 Operate and maintain accounting systems<br />10.2 Maintain financial accounts<br />11.1 Provide market & <br />supplier intelligence<br />11.4 Communicate<br />with suppliers<br />11.2 Negotiate with <br />suppliers<br />11.3 Select suppliers<br />11.7 Resolve dispute<br />with supplier<br />11.5 Manage supplier<br />relationships<br />11.6 Review supplier<br />performance<br />10.4 Charging and invoicing<br />10.5 Management & financial reporting<br />10.6 Investment Appraisal<br />
  59. 59. Value Service Network<br />Business Units<br />Shared IT Services<br />3 Service Supplier Types <br />Business<br /> Unit A<br />Service<br /> Unit 1<br />Service W<br />Dedicated<br />Service<br />Business<br /> Unit B<br />Service<br /> Unit 2<br />Service X<br />External <br />Supplier<br />Shared<br />Service<br />Business<br /> Unit C<br />Service<br /> Unit 3<br />External<br />Business<br /> Unit A<br />Service Y<br />Outsourced<br />Service<br />Business<br /> Unit D<br />Service<br /> Unit 4<br />Service Z<br />Embedded IT<br />Service Ecosystem<br />Service Catalog<br />
  60. 60. IT Governance Model<br />Sarbanes-<br /> Oxley<br />US Securities & Exchange Commission<br />COSO<br />CobIT<br />Service Mgmt.<br />App. Dev. (SDLC)<br />Project Mgmt.<br />IT Planning<br />IT Security<br />Quality System<br />ISO<br />CMMi<br />Six<br />Sigma<br />ITIL<br />ASL<br />ISO<br />27001<br />PMI<br />TOGAF<br />Zachman <br />ISO 20k<br />Audit Models<br />Quality Systems & Mgmt. Frameworks<br />IT OPERATIONS<br />
  61. 61. Where Do We Want To Be?<br />
  62. 62. Service and Process Architectures<br />
  63. 63. The Evolving IT Service Organization<br />
  64. 64. Service Organization Model<br />Catalog<br />SLA<br />SLM<br />Service Delivery<br /><ul><li>ITSM
  65. 65. Security
  66. 66. QA assurance / testing
  67. 67. PMO
  68. 68. Performance Mgmt.
  69. 69. Planning / Consulting
  70. 70. IT Finance
  71. 71. Risk Mgmt./ Compliance
  72. 72. IT Audit
  73. 73. Human Resources</li></ul>Service<br />All of these functions have a enterprise IT mandate and not a vertical technology focus <br />Customer<br />Infrastructure<br />Applications<br />
  74. 74. ITSM Tool Strategy & Integrations<br />
  75. 75. Adoption Curve Of ITSM<br />
  76. 76. Pink Elephant - Expertos en Gestión de Servicios de TI<br />info.mx@pinkelephant.com<br />www.pinkelephant.com<br />

×