CONIG® (Converged Information Governance) is a governance framework developed by TAC A.S. addressing information and related technologies. Its main focus is INFORMATION. CONIG® is based on models that are widely used for Information Technologies, Corporate Governance as well as Business Governance.
2. CONIG® (Converged Information Governance) is a governance framework
developed by TAC A.S. addressing information and related technologies. Its main
focus is INFORMATION. CONIG® is based on models that are widely used for
Information Technologies, Corporate Governance as well as Business Governance.
Introduced in 2009 by TAC A.S., CONIG® is a reference framework that consists of
components of various models, best-practices, framework and standards. All of the
underlying frameworks and best practices are widely accepted in the industry. While
they might bring different perspectives and differ in nuances the common goal of all
these frameworks and best practices is the assurance of provisioning of IT services,
business services, and other enabler services.
CONIG® aims to find the right balance between internal control approach focusing
on control objectives and performance management approach focusing on
achievement of value targets for the organization.
It aims effective and efficient utilization of service and customer focused resources
and capabilities to ensure that the IT organizations’ activities are aligned with
business objectives. It ensures that desired quality, security and compliance
requirements of produced and offered services are met.
In general the purpose of CONIG is providing processes, structures and other related
models to govern and manage the lifecycles of IT resources and capabilities of an
organization to provide IT services to its clients at an acceptable level of cost and
resource utilization.
At the core, CONIG® has PROCESS and IT SERVICE approach.
CONIG® defines INFORMATION as a valuable ASSET for the business. It is based on
IT Services and provides a MANAGEMENT SYSTEM FRAMEWORK that includes
MODELS consisting of PROCESSES for the governance and management of
TECHNOLOGY based IT Services that are used for storing, processing,
communicating and utilization of this INFORMATION.
About CONIG®
v1.5
3.
4.
5. EPAM - Enhanced Process Architecture Model
ELCA - Enterprise Layered Chambered Architecture
TCM - Transition Change Model
A.T.M.A.C.A. (Agile Timely Mature Adaptive Creative Adroid)
CMAM - Capability Maturity Assessment Model
OAM - IT Organization Assessment Model
CCM - Control Compliance Model
CSIM - Continual Systemic Improvement Model
VAR - Value at Risk Model
CONIG®
v1.5 Components
6. . is the process architecture model of CONIG Framework , defining and describing in
detail a number of governance and management processes
. has an objective that is to provide a detailed method and a set of supporting tools
for developing an IT process architecture. It may be used freely by any organization
wishing to adopt CONIG for use within that organization
. represents all of the processes normally found in an enterprise relating to IT
activities
. is intentionally composed of a common sense approach to service enabled process
management – do what works and what works is adapting a common framework of
practices that unite all areas of IT service provision toward a single aim – delivering
value to the business
. is expected to provide structure, stability and strength to information management
and governance capabilities with durable principles, methods and tools
. offers a common reference model understandable to operational IT and business
managers
. is a complete and comprehensive reference model: It is not norm model, that's
why, each enterprise shall define its own process set, taking into account its
resources and capabilities
. relies upon enhanced and converged architecture of globally accepted frameworks,
best practices and standards. So the architecture of processes is structured in
aligned with different authoritative requirements
EPAM - Enhanced Process Architecture Model
7.
8. . is the information architecture model of "enablers" of
CONIG Framework
. has an objective that is to provide a detailed method and a
set of supporting tools - for developing an enterprise
information architecture. It may be used freely by any
organization wishing to adopt CONIG for use within that
organization
. defines "enterprise" as any collection of organizations that
has a common set of goals
. ELCA relies upon "layered" and " chambered" architecture
of CONIG Enablers. So the architecture of enterprise
information is structured in aligned with the lifecycles of
enablers
ELCA - Enterprise Layered Chambered
Architecture
9.
10.
11. . is the transition change model of CONIG Framework
. has four main lifecycles entities;
- Requirement
- Project / Program
- Fast Transition / Fast Track
- Operational Change
. has objectives that are to;
- Set customer expectations on how the performance and use of the new or changed
IT service(s) can be used to enable business change
- Enable the business change to integrate a release into the business processes and
services
- Ensure that there is a business justification;
• for initiating the project/FT (documented in an outline Business Case)
• all the necessary authorities exist for initiating the project/FT
- Manage requirements of the project/FT’s products and product components and to
ensure alignment between those requirements and the project/FT’s plans and work
products
- Plan the work required for project/FT initiation establish and maintain plans that
define project/FT activities
- Ensure management direction and control which are provided throughout the
project/FT’s life, and that the project/FT remains viable
- Quantitatively manage the project/FT to achieve the project/FT’s established quality
and process performance objectives
- Manage the acquisition of products and services from suppliers
- Provide the information needed for the Boards (tCAb, pCAB) to assess the
continuing viability of the project/FT – including the aggregated risk exposure
- Ensure risks and issues are kept under control
- Ensure that team managers, team members and suppliers are clear as to what is to
be produced and what is the expected effort, cost or timescales
- Provide an understanding of the project/FT’s progress so that appropriate corrective
actions can be taken when the project/FT’s performance deviates significantly from the
plan
- Ensure that changes are recorded and evaluated, and that authorized changes are
prioritized, planned, tested, implemented, documented and reviewed in a controled
manner
• defines transition and change pipeline starges&gates, processes and information items
• TCM relies upon "stage&gate" architecture. So the architecture of TCM is structured in
aligned with the lifecycles of enablers
TCM - Transition Change Model
12.
13. • is the IT Service/Product analyze design development model of CONIG
Framework has six main lifecycles entities;
- Requirement (HLR, ILR, SLR)
- Iteration / Sprint
- Service Aspects (Functional, Capability, Resource)
- Test Cases
- Release Unit / Release Package
- Deployment Order
• has objectives that are ;
- Early delivery of working software
- Qality is built into the IT Services — everyone involved in quality
- Defect prevention (stopping them from getting beyond the requirements)
- CIear acceptance criteria
- EarIy involvement of all key players
- Surprises to the business on delivery
- Growth of (test) team skills
- Regression averse - more testing than ever
- Risk based approach to development — the most important bits are done first
- Good collaboration - knowledge of project
- Status, outcomes and progress is clearly and honestly displayed for all to see
- Less "formal'" defects
- Release unit and identification
- Release design options and considerations
- Release and deployment models
- Release and deployment planning
- Preparation for build, test and deployment
- Service testing and pilots
- Perform transfer, deployment and retirement
- Verify deployment
- Early life support
A.T.M.A.C.A.
Agile Timely Mature Adaptive Creative Adroid
14. • has advantages;
- Grouping of requirements into small increments with minimal planning
- Stakeholders' voice about the product and the plan
- No direct long-term planning
- Short development cycles of two to four weeks
- Daily communication through short meetings to State what one did since the last
meeting, what one will be working on until the next meeting, and what, if anything, is
impeding the progress
- Through these meetings, it becomes easy to discover any issue early and increase
offline communication
- Development progress measured through bum down chaıl and completed
requirement (HLR, ILR, SLR) backlog items
- Team members afticulate upfront about their responsibilities and roadblocks
- Self-organizing and self-managing teams
• leads to faster delivery of software.
- Agile methods are iterative development methods that aim to reduce
development overhead and so produce software faster
- Extreme programming includes practices such as systematic testing, continuous
improvement and customer involvement
- The approach to testing is a particular strength where executable tests are
developed before the code is written.
- Rapid application development environments include database programming
languages, form generation tools and links to office applications
- A throw-away prototype is used to explore requirements and design options
- When implementing a throw-away prototype, start with the requirements you
least understand; in incremental development, start with the best-understood
requirements.
• defines transition and change pipeline iterations, processes, information items
and work products
• benefits the organization by helping it to
- Increase the quality of the deliverables
- Cope better with change (and expect the changes)
- Provide better estimates while spending less time creating them
- Be more in control of the project schedule and state
As a result, A.T.M.A.C.A. projects achieve higher customer satisfaction rates.
• A.T.M.A.C.A. relies upon agile and lean architecture. So the architecture of
A.T.M.A.C.A. is structured in aligned with the lifecycles of enablers
A.T.M.A.C.A.
Agile Timely Mature Adaptive Creative Adroid
15.
16. . is the capability maturity assessment model of
"processes" of CONIG Framework
. is intended as a comprehensive reference model for
state-of-the-practice process improvement. The
CMAM defines the fundamental IT processes of
information management and governance and specific
capabilities that constitute a gradated path to
maturity. It allows organizations to evaluate
themselves against documented best practices -like
COBIT, ITIL, ISO27001, ISO20000, ISO 22301, eSCM-
determine gaps, and improve management of process
enablers across functional, line of business, and
geographic boundaries.
. CMAM relies upon "maturities" and " capabilities" of
CONIG Process Enablers. So the improvements of
enterprise IT is structured in aligned with the lifecycles
of processes.
CMAM - Capability Maturity
Assessment Model
17. OAM is a systematic process for obtaining valid information about the performance of an
organization and the factors that affect its performance. It focuses on the functioning of
organizations as the primary unit of analysis.
Outline of the approach being based on observing the relationships among staffs and
organization units, OAM represents a particular way of looking at organizational structure
and design. It gives attention to issues such as planning, delivering, operating, the delegation
of authority, organizational control, role cascade and definitions, boundaries, responsibilities,
and accountabilities.
OAM aims to help an organization defining and improving its overall performance through
analyzing its service portfolios, process areas, relationship, organizational skills and
information items. The factors embedded in the delivery, relations, competency and
contextual environment all influence the performance of governing an organization. The
overall organizational performance is defined in terms of effectiveness (mission fulfillment),
efficiency (accuracy, timeliness and value of service and program delivery), ongoing relevance
(the extent to which the organization adapts to changing conditions and its environment),
and financial viability.
OAM is suitable to the nature of how the IT organization operates. It also posits that
organizational performance should be examined in relation to the organization’s producing
outcome capability and external environment.
OAM provides mappings with SFIA (skills framework for the information age) and hence
provides practical implementation guidance for designing IT organization and talent
management in it.
OAM - IT Organization Assessment Model
18. . is the control compliance model of "enablers" of CONIG Framework
. has an objective that is to provide a detailed method and a set of supporting
tools - for developing an internal control architecture. It may be used freely by
any organization wishing to adopt CONIG for use within that organization in
order to comply authoritative requirements
. has detail objectives;
- Document controls and details
- Test controls
- Review controls
- Identify control deficiencies
- Issue and Remediation Management
- Report on control status
- Maintain controls
- Test control once and rely on results for many regulations
- Incorporate policy and risk management into compliance management
- Identify external compliance requirements (authoritative requirements)
- Optimise response to authoritative requirements
- Confirm authoritative requirements
- Obtain assurance of authoritative requirements
. establish mappings among "internal controls" and "authoritative
requirements"
. defines quatitative scoring model for "internal controls" and "authoritative
requirements" based on tests and audit finding
CCM - Control Compliance Model
19. . is the continual systemic improvement model of CONIG Framework
. has an objective that is to ensure continual systemic improvement of the IT value
enablers in fulfilling the relevant business objectives of the organization.
. identifies process improvements
. is expected to result in measurable and meaningful improvements in enablers
performance. In addition, the organization should systematically implement processes and
technology that will enable meeting quality and performance objectives of the enablers.
. focuses on continual process and IT service improvements in relation to business goals
. establishes the principles and framework for continual improvement and quality
enhancements across all aspects of the organization's activities
CONIG CSIM is committed to ensuring that the quality of service is constantly monitored
and that planning, procedures and fınancial resources are in place to ensure systematic
improvement, and to enhance efficiency and effectiveness for the benefıt of the enterprise
and its stakeholders. The enterprise's commitment to the provision of quality IT service is
underpinned by a Continual Systemic Improvement Model - CSIM - that applies to every
activity of the organization. The CONIG CSIM will support and enhance policies,
procedures and implemented key IT controls within a continual systemic improvement
cycle to ensure that IT services delivered by the enterprise:
. meet customer needs
. meet stakeholder needs
. are delivered in a quality assured manner
. are equivalent in standard in timely manner
The CONIG CSIM Framework will also meet the requirements of converged ISO standards,
autohoritative requirements of regulatory bodies and, national and international laws
. The enterprise can identify the following key areas of activity which make up the CONIG
CSIM:
. IT services
. assessment validation
. governance
. planning and review
. policy and procedure
. stakeholder feedback
. staff reviews
. course and curriculum reviews
. internal audit and self assessment
. benchmarking of IT service outcomes and the teaching and learning environment
CSIM - Continual Systemic Improvement Model
20. . is the value at risk model of "enablers" of CONIG Framework
. has an objective that is to provide a detailed method and a set of supporting
tools - for developing an risk model. It may be used freely by any organization
wishing to adopt CONIG for use within that organization in order to create
value from risk management
. has detail objectives;
- Ability to customize or tailor the risk profiles and risk detections
- Ability to schedule, notify, conduct, review and approve risk evaluations
for enablers, business processes, business objectives and other parts of the
organization
- Ability to define and test controls and use results in the risk evaluation
process
- Ability to define and monitor key risk indicators (risk magnitude value, risk
magnitude score) and use results in the risk evaluation process
- Ability to identify issues associated with risk evaluations
- Ability to track and manage remediation/improvement items associated
with issues identified
- Ability to take action to address issues identified
- Ability to monitor the environment for risk and notify appropriate
stakeholders when there has been a change in the risk profile
- Ability to report on the status, schedule or performance of risk
management activities
. establish mappings among "enablers", "risk detections", "risk profiles",
"impacts","internal controls" and "authoritative requirements"
. defines quatitative scoring model for "risk detections" and "risk profiles"
based on risk assessments and other management system information items
VAR – Value at Risk Model
21. Since our foundation in 1999, we are helping our clients to
identify and implementperformance
improvement opportunities. We work Together
with our clients in a trust-based cooperation to improve,
mature and transform their IT and business
processes. Our methodology based on best-practices
is an innovative and unique approach.
Today TAC is divided into threemajor business
segments :
Consulting | Technology | Education
Each segment is specialized in complementary services that
operate in concert to maximize value for our clients.
About TAC