An Overview of IT Governance
An Overview of IT Governance … and CIO’s must balance among many competing priorities. Maximize return: Increase agility: • Improve business results; • Enable the business organization grow revenue and earnings, cash flow, reduced cost-of-operation Mitigate risk: • Ensure security and continuity of internal business operations, while minimizing exposure to external risk factor and operations to adapt to changing business needs Improve performance: • Improve business operations performance end-to-end across the enterprise • Increase customer and employee satisfaction Needs, Issues & Challenges Planning Alignment Capital, Capacity, Priorities Lack of Business aligned strategy Flexibility Deployment Complexity in number of project Making new outsourcing decisions No means of capturing demands Management of Service Changes Cannot aggregate need and distribute ROI Deployment Complexity through lack of standard & legacy No means of prioritization of business need Demand Lack of IT resource transparency Supply IT and Business Resources Strategic Tactical Operations No means of reporting SLA Must reduce IT costs by 30% Ineffective project Management Reduce costs across business No Audit Trails Missed targets due to lack of steering control No means of governing outsourced contracts Quality Control Procedure, Audits, Metrics Efficiency What is IT Governance? (Ref.)HP working definition Decision rights framework & mechanisms Vision, goals/priorities, measures; value prop & service portfolio; resource approaches & commitments; change management plans IT governance is the formal process of defining the strategy of the IT organization and overseeing its execution to achieve the goals of the enterprise. Aligned/synchronized with the enterprise strategy, including other key asset strategies Translation into aligned, tactical, operational plans; closed-loop monitoring & control; accountability; regulatory compliance Who are the Decision Makers? Non-Cooperative Centralized Federal De-centralised Cooperative Business Decision IT Decision Business and IT Collaboration Business Exec. IT Exec. Business and IT Exec. Business Exec./Mgt. IT Exec./Mgt. Business and IT Exec./Mgt. Business Mgt. IT Management Business and IT Mgt. Anarchy Core Competencies for Effective IT Governance • • Align operational and strategic IT investments to business strategies & objectives. Balance the demand for IT services with available resources to meet immediate and strategic goals. • Supply / Demand Management IT Strategy Management • Establish policies, standards, models and processes for managing IT as an enterprise asset Establish effective, collaborative relationships with business stakeholders and suppliers. Relationship Management • IT Operating Model Enterprise Architecture Managemen t Financial Managemen t Portfolio Management • Understand the drivers of IT costs to allocate appropriate costs to the consumers of IT services. Lifecycle management of infrastructure, applications and services The HP IT Governance Capability Model IT Governance Capability Model IT Governance Capability Domains Role of IT None Utility Dependent Agile IT Governance Governance Capability Levels Capability Levels Level 1: Initial 1: Initial Level 2: Repeatable 2: Repeatable Level 3: Defined 3: Defined Level 4: Managed 4: Managed Level 5: Optimized 5: Optimized Strategy ITITStrategy Management Management AdAdHoc HocororITIT Centric Centric Deliver Deliver toto Budget Budget Supply Supply Constrained Constrained Enterprise Enterprise Demand DemandDriven Driven Balanced Balanced& & Aligned Aligned Adaptive Adaptive Enterprise Enterprise Portfolio Portfolio Management Management AdAd Hoc Hoc Review Review ofof Portfolio Portfolio Synergies Synergies ITITCost Cost Minimization Minimization Emerging Emerging ROI ROI Based BasedFunding Funding Business Business Unit Unit Aligned Aligned Enterprise EnterpriseITIT Portfolio Portfolio Management Management Enterprise Enterprise Architecture Architecture Management Management Initial Enterprise Enterprise Ad Adhoc hoc//Ineffective Ineffective Initial Program-based Ad hoc Technical Architecture Architecture Enterprise Enterprise Architecture Architecture Management Program Program Architecture Financial Financial Management Management Supply / Demand Management Management Expense Expense Driven, Driven, Budget BudgetFocused Focused ITITCost Cost Minimization Minimization ITITCost CostTransfer Transfer Technology Technology Based Based Supply Supply Constrained Constrained Value ValueBased Based Business Relationship Relationship Management Management Technology Technology Centric Centric ITITOperating Operating Model Model Silo Silo 11 January 2017 ArchitectureArchitectureArchitecture Compliant Compliant Driven Design Design Technology-Based Technology-based Service ServiceCentric Centric Services Services ITIT Process-Based Process-Based Business Business Strategy Strategy Integrated Enterprise Business Strategy Architecture Agile Enterprise & Aligned Linked Architecture Business Business Planning Planning Architecture Enterprise Enterprise Cost Cost Management Management Optimized Optimized Business BusinessValue Value Impact Impact Demand DemandDriven Driven Balanced Balanced && Aligned AlignedMulti MultiSourcing Sourcing Business BusinessCentric Centric Customer Customer Centric Centric Business Business Process Process Internal Internal Service Service Based Based Provider Provider Shared SharedServices Services 7 IT Governance Models - the 5 Characteristics Corporate Governance IT Governance Framework Processes Technology People Value 11 January 2017 Val IT Cobit ITIL ISO PPM Methods … BTO portfolio Business Change Org. Alignment & Competencies Benefits Assurance There are many models. But they share 5 characteristics: • Underpinned by processes that must be implemented (e.g. Incident management) • Supported by technology • Define business change issues to be addressed • Define organisational realignment to be achieved • Include some way of measuring the value to be achieved (e.g. balanced scorecard) 9 How to Implement Governance Execute IT Governance Assessment •Execute assessment to identify gaps •Define new role of IT in organization •Define evolution roadmap to address the gaps Setup IT Governance Framework •Define roles and responsibilities •Setup communication path to support IT-business alignment •Define management structures for decision making, reporting and escalation Design IT Governance Processes •Define policies •Define processes •Define KPIs and reporting requirements Implement Supporting Tools •Implement tool to support the execution of the solution •Implement tools for data collection and management reporting Continuous Improvement Plan (Control 11 January 2017Lifecycle) •Identify indicators to monitor strategy execution •Define steering committee to manage relationships within IT and between business & IT •Review IT strategy periodically and evolve governance environment 10 Critical success factors for ITG • Clarity of Purpose • Senior Management Commitment • Management of Business Change • Focus, execute and enforce • Measure achievable targets and expectations • Don’t over-engineer IT Governance • Evolution not revolution Practical Advice to Successfully Implementing ITIL Best Practices Ed Holub Research Vice President, IT Operations Management Hype Surrounding ITIL ITIL makes the business love the IT group! ITIL is easy! Buy our tool and have ITIL! IT Operations Management Hype Cycle visibility ITIL 2005 ITIL 2012 ITIL 2006 ITIL 2010 Everybody is doing it … ITIL 2008 Technology Trigger Peak of Inflated Expectations Trough of Disillusionment time Slope of Enlightenment Plateau of Productivity Key Issues 1. What is ITIL and how can it serve as a guide to transforming operations? 2. What pitfalls should be avoided when implementing ITIL? 3. What are the critical success factors and practical methods to maximize return on investment? Key Issues 1. What is ITIL and how can it serve as a guide to transforming operations? 2. What pitfalls should be avoided when implementing ITIL? 3. What are the critical success factors and practical methods to maximize return on investment? Positioning the Frameworks CMM = capability maturity model Specific CobiT = Control Objectives for Information and Related Technology TCO ITIL CMMI ITIL = IT Infrastructure Library ISO 20000 TCO = total cost of ownership IS0 20000 = IT service mgt standard CobiT IT Relevance ISO 9000 = quality mgt standard People CMM Point solutions are useful, but a broader, holistic approach to process and quality improvement is POWERFUL. Six Sigma ISO 9000 National Awards (e.g., Baldrige) Scorecards Holistic Low Level of Abstraction High Process Framework — ITIL ITIL is a best-practice process framework. – Service delivery – Service support – Others (application management, security management) Shows the goals, general activities, inputs and outputs of the various processes. ITIL: The Good and the Bad Service Delivery: – Service-level management Standard process language – Financial management Emphasis on process vs. technology – Capacity management Process integration – IT service continuity Standardization enables cost and quality improvements – Availability management Focus on customer Service Support: – Incident management – Problem management – Change management – Configuration management – Release management Core Benefits: Service Desk Limitations: – Not a process improvement methodology – Specifies "what" but not "how" – Doesn't cover all processes – Doesn't cover organization issues – Hype driving unrealistic expectations Key Issues 1. What is ITIL and how can it serve as a guide to transforming operations? 2. What pitfalls should be avoided when implementing ITIL? 3. What are the critical success factors and practical methods to maximize return on investment? More Process Refinement Initiatives Fail Due to Ineffective Governance than Due to Bad Designs Steering Committee Responsibilities Service management vision Project management and process prioritization Funding and infrastructure investment Technical architecture Standards, tools and vendor criteria Measurement criteria Reporting to management Stakeholders IT operations and production engineering Architecture and standards IT controller IT service desk Security and compliance Business applications Trying to Run Before Walking Level 4 Level 3 Value IT as strategic Service business partner Level 2 IT as a service IT and business provider Proactive metric linkage Analyze trends Level 1 Define services, IT/business classes, pricing Set thresholds collaboration Reactive improves business Level 0 Fight fires Predict problems Understand costs process Guarantee SLAs Inventory Measure appliChaotic cation availability Measure & report Real-time Desktop SW Ad hoc infrastructure service availability distribution Automate Undocumented Integrate processes Business planning Initiate Mature problem, Unpredictable problem mgt Capacity configuration, Manage IT as a Business process mgt change, asset Multiple help and performance Alert and desks Service and Account Management event mgt mgt processes Minimal IT Measure component operations Service Delivery Process Engineering availability (up/down) User call Operational Process Engineering notification Tool Leverage Assuming Tools Will Solve Your Problems "Man is a tool-using animal. Nowhere do you find him without tools; without tools he is nothing, with tools he is all." – Thomas Carlyle Be wary of vendor hype Focus on process first Tools can be enablers or inhibitors Assess capabilities of your current tools Review new tools where they would pay significant dividends Buy what you need, as you need it Confusing the 'Means' With the 'End' This Is Not the Goal! "Certification" ITIL Six Sigma CMM-I Malcolm Baldrige Etc. Beware of Process for Its Own Sake! Certification Does Not Guarantee Good Outcomes! Process Improvement Is About Better Outcomes and Experiences for Customers Key Issues 1. What is ITIL and how can it serve as a guide to transforming operations? 2. What pitfalls should be avoided when implementing ITIL? 3. What are the critical success factors and practical methods to maximize return on investment? Keep Focus Narrow and Deliver Benefits Determine Where to Start Not necessarily on the least mature processes 80 percent of clients start on core service support processes like change, incident and problem management Configuration management is a steeper challenge Service-level management is often first of service delivery processes Deliver Benefits Quickly to Address "Pain Points" Examples: Reduce percentage of changes causing incidents, improve MTTR Builds momentum Take an Iterative Approach Design 80 percent solutions and plan to improve later Channel benefits to "self-fund" the next phase Periodically reassess priorities Build Top-Down and Grass-Roots Support Treat as an Organizational Change Initiative Emphasize "WIIFM" Communicate Frequently and Consistently CIO or Head of Infrastructure and Operations must be visible champion ITIL is much more about people than technology Change culture to embrace standardization vs. unique solutions Don't ignore the aspects of people change and simply concentrate on process and tools Tailor messages for stakeholder groups Reward process victories vs. traditional hero behavior Clearly articulate underlying goals and objectives Report on progress – macro and micro Take a Structured and Holistic Approach to Process Refinement Structure Program Measurement and Governance What is the Governance Structure? What pain points are addressed? How will you know when you achieve the desired maturity? How will you market and communicate the program value and progress? Adopt Process Taxonomy Implement and Manage Implement the target state! Operate and manage new processes! Common and consistent language! Better alignment of expectations! Adopt Process Reference Architecture Build Technical Integration Framework Define a conceptual, integrated target state! Clean-sheet design concept! Develop Process Baseline(s) How do the current processes perform? Identify key gaps against best practice! What standards and protocols should be used? How should new automation be assimilated? Develop Transition Approach and Plan How should the target state be implemented? Knowledge transfer and training! Build Process Logical Architectures Define the target state detail for each process! Task-Level Process Detail Information Requirements Automation Detail = Reference Material = Detail Design = Implementation Leverage Process Integration 1 Availability Management Smell the smoke 2 Incident Management Firefighting 3 Problem Management Fireproofing Comprehensive monitoring Iteratively tune thresholds Filter out noise Train operations center staff Automate on call staff notification Discover anomalies as soon as possible, preferably before customer impact Perform parallel investigation Designate senior technical leaders Utilize problem isolation tools Prioritize effort based on criticality Resolve incidents as quickly as possible Dedicate staff to problem management Conduct quick review on all problems Perform in-depth postmortem on significant problems Identify root cause risk areas Identify action items and track to completion Maintain an Availability Hit List Take action to prevent future problems Use Metrics to Drive Behavior and Measure Progress People inherently want to do a good job What gets measured gets attention What doesn't get measured drops off the radar People will take action to move a metric in a positive direction – People will do "dumb" things – People will stop doing "smart" things Focus on analysis and action vs. reporting – Select a few key metrics instead of many – Measure what will help you improve, not what's easy to measure – Create "tiers" of metrics tailored to different audiences Effectively Staff Crucial Roles Designate individuals as process owners Assign (virtual) teams of subject matter experts Utilize program or project managers – Credibility Desirable characteristics – Communication skills – Process and customer focus members – Ability to deal with ambiguity – Commitment to the cause for team People will make or break your ITIL initiative Comprehensive Approach to Improvement 4. Apply Governance CobiT 3. Identify Appropriate Measures 2. Align Roles With Work Six σ RACI IT Operational Processes — ITIL 1. Establish the Work App. Development Processes — CMM, CMMI, ASL Project Management Processes — PMI Recommendations Keep the scope narrow enough to deliver tangible benefits before losing momentum. Demonstrate senior management commitment repeatedly to inspire grass-roots support. Remember that ITIL is an organizational change initiative. Look for "best of fit" process modifications. Tools are not a substitute for good process. Set attainable process improvement measurement Implementing ITSM at DTS • Our approach • Current efforts Approach • Why we are embracing ITSM – Serve our customers more efficiently and effectively – Position DTS to take on new services – Prepare DTS to manage services across two data centers Approach • Leverage experience/expertise of others • Change to an IT service culture • Internalize incremental changes Approach • Build an ITSM foundation core – Tendency to look at a single ITIL process – Keep in mind the linkages between processes Approach • Take actions to address specific organizational issues – Completed ITIL Foundations training – Began the “change the language” campaign – Established the Service Desk function – Developed first version of a service level agreement – Conducted assessments Current Efforts • Defining Service Request Management process to replace our current SR system • Procuring consulting services – To support refinement of implementation roadmap – To raise the maturity of other processes How is DTS Implementing ITSM? • With multiple projects following project management practices • With Executive sponsorship • With stakeholder involvement • With some communication and a lot more to come • With feedback and course adjustments
© Copyright 2024