1

Optimizing IT

Better Planning, Better Control, Better Results

Copyright © 2009 K-12 Technology Works

2

IT Today

IT has a growing impact on organizations IT is fundamental for day-to-day operations IT is key to increasing productivity IT processes are now spread across organizations

– not just IT or IS

IT needs to function like a utility — “always on”

3

What This Means

The stakes have grown for IT– Do more with less– Operate more effectively and efficiently– Become more proactive and less reactive

Transition from Support Center to Strategic Asset

4

CTO Concerns

1. Infrastructure management2. Keeping up with technology3. Maintaining skills and knowledge4. Time and resource management

1990’s

5

CTO Concerns (Today)

1. Managing costs, budgets and resources2. Meeting organization and user needs3. Aligning IT strategy with organization strategy 4. Coping with change5. Dealing with senior management6. Recruiting and retaining staff7. Time and resource management8. Infrastructure management9. Keeping up with technology10. Maintaining skills and knowledge

6

What’s a CTO to do?

Best Practices Without Best Practices

– IT staff often “reinvent the wheel”– Lessons learned are rarely shared– Same mistakes are often repeated

With Best Practices– Improved quality, efficiency and effectiveness– Reduced errors, risk, and wasted effort

7

Focus – IT Challenges

Keep IT Running Value Costs Mastering Complexity Aligning IT with

Business Regulatory Compliance Security

8

Best Practices

IT Governance COBIT ITIL Infrastructure Optimization

9

Purpose of IT Governance

To direct IT endeavors and ensure that IT performance meets the following objectives:

– Alignment of IT with the enterprise and realization of the promised benefits

– Use of IT to enable the enterprise by exploiting opportunities and maximizing benefits

– Responsible use of IT resources– Appropriate management of IT-related risks

10

Focus Areas

11

IT Governance

Strategic Alignment– Set goals, ensure linkage and devise strategies

Value Delivery– Prove intrinsic value by delivering on promises

Risk Management– Awareness, safeguarding and compliance

Resource Management– Optimal investment in and management of critical resources

Performance Measurement– Track and monitor processes and resources

12

In Summary

IT governance ensures that IT goals are met and IT risks are mitigated such that IT delivers value to sustain and optimize enterprise operations

Success is dependent on buy-in from all stakeholders

Commitment starts with education Control and structure gained through the use

of control frameworks

13

Control Frameworks

14

Framework Benefits

Business Focus– IT aligned, meaningful priorities, executive sponsorship

Process Orientation– Organized processes with clear responsibilities

General Acceptability– Good practices employed across the community evolve

Common Language– Best Practices tend to develop a distinctive terminology

Regulatory Compliance– Easier to demonstrate when based on accepted standards

15

Frameworks for IT Governance

Confidence of Executive Leadership Responsiveness of IT to Business Higher Return on Investment More Reliable Services More Transparency

16

COBIT

Control Objectives for Information and related Technologies

Globally accepted as the umbrella process model for IT best practice

Balance between useful guidance and concise requirements

Often seen in association with audit community (e.g. Sarbanes-Oxley)

Information Systems Audit and Control Association (ISACA)

17

4 Domains

34 Processes

215 Control

Objectives

CobiT Cube

18

COBIT Domains

Plan and Organize

Monitor and Evaluate

Deliverand

Support

Acquireand

Implement

19

Plan and Organize

PO1 Define a Strategic IT PlanPO2 Define the Information ArchitecturePO3 Determine the Technological DirectionPO4 Define the IT Processes, Organization and Relationships

PO5 Manage the IT InvestmentPO6 Communicate Management Aims and DirectionPO7 Manage IT Human ResourcesPO8 Manage QualityPO9 Assess and Manage RisksPO10 Manage Projects

20

Acquire and Implement

AI1 Identify Automated SolutionsAI2 Acquire and Maintain Application SoftwareAI3 Acquire and Maintain Technology InfrastructureAI4 Enable Operation and UseAI5 Procure IT ResourcesAI6 Manage ChangesAI7 Install and Accredit Solutions and Changes

21

Deliver and Support

DS1 Define and Manage Service LevelsDS2 Manage Third-Party ServicesDS3 Manage Performance and CapacityDS4 Ensure Continuous ServiceDS5 Ensure Systems SecurityDS6 Identify and Allocate CostsDS7 Educate and Train UsersDS8 Manage Service Desk and IncidentsDS9 Manage the ConfigurationDS10 Manage ProblemsDS11 Manage DataDS12 Manage the Physical EnvironmentDS13 Manage Operations

22

Monitor and Evaluate

ME1 Monitor and Evaluate IT Performance

ME2 Monitor and Evaluate Internal Control

ME3 Ensure Compliance with External Requirements

ME4 Provide IT Governance

23

Framework Content

Process Definition Detailed Control Objectives

24

PO1 – Define a Strategic IT Plan

PO1.1 IT Value Management

PO1.2 Business-IT Alignment

PO1.3 Assessment of Current Capability and Performance

PO1.4 IT Strategic Plan

PO1.5 IT Tactical Plans

PO1.6 IT Portfolio Management

25

Framework Content

Process Definition Detailed Control Objectives Inputs and Outputs RACI Goals and Metrics

26

Generic Maturity Model

Five Level Ordinal Scale– Level 1 – Initial– Level 2 – Repeatable– Level 3 – Defined– Level 4 – Managed– Level 5 - Optimized

27

ITIL

Information Technology Infrastructure Library– A framework for managing IT– Developed by OGC– ITIL v1, 1990’s – 30 Volumes– ITIL v2, 2001 – 8 Volumes– ITIL v3, 2007 – 5 Volumes

28

ITIL Worldwide

Aetna Barclays Bank Boeing Exxon Federal Express Fujitsu Guinness Hewlett Packard

IBM Merrill Lynch Microsoft Oracle Proctor and Gamble Shell Oil Telstra

29

The New ITIL® Version 3 Library

Service Strategy– Design, develop and implement service management

Service Design– Design and develop services and SM proc

Service Transition– Transition new and changed services into operations

Service Operation– Manage IT Service delivery and support

Continual Service Improvement– Create and maintain business value through better– service design, transition and operation

30

31

Service Strategy

Developing Service Strategies Service Portfolio Management Financial Management Demand Management

32

Service Design

Service Catalog Management Service Level Management Availability Management Capacity Management Continuity Management Information Security Supplier Management

33

Service Transition

Transition Planning and Support Change Management Asset and Configuration

Management Release and Deployment Validation and Testing Evaluation Knowledge Management

34

Service Operation

Incident Management Problem Management Event Management Request Management Access Management

35

Continual Service Improvement

Service Measurement 7 Step Improvement Process Deming Cycle CSI Model Service Reporting ROI for CSI

K-12 INFRASTRUCTURE OPTIMIZATION (IO)

36

OPTIMIZING ITBetter Planning, Better Control, Better Results

K12 IO Model

37

ReactiveCost Center

ProactiveStrategic Asset

K12 IO Drivers

38

K12 IO Domains

39

ServersWorkstationsPeripheralsNetworking EquipmentCabling SystemSoftwareCommunications Equipment

K12 IO Results

Optimize IT resources Measure growth Become a strategic asset Provide the catalyst for change

40

Defined Process Model

Services Requests– How do users request service?– How does IT interact regarding requests?

How is security maintained? How are assets tracked? How long are records kept? What happens in case of a disaster?

Generic Process Model

Roles Roles Roles

Rules Rules Rules

Task Task TaskRWO RWO RWO RWO

Operational Processes

Where do we want to be?

Where are we now?

How do we get where we want to be?

How do we know when

we’ve arrived?

Vision and Business

Objectives

Assessments

Process Change

Metrics

A Process Led

Approach

Continual Process Improvement

Document As-Is

Process

Establish Measurements

Follow Process

Measure Performance

Identify and Implement

Improvements

Business Process Reengineering

Scope Project

Learn from

Others

Create To-be

Process

Plan Transition Implement

Optimizing IT

Adopt Best Practices Identify Baseline Business Alignment Process Improvement Develop Business Case Project Management Monitor, Measure and Report