2008_pugh-kirch-allstate-final

Good Practice Frameworks: Kissing Cousins or Family Feud

Cathy A. Kirch & Kevin Pugh Certified ITIL Practitioners & Service ManagersAllstate Insurance Corporation

Allstate Technology & Operations Goal“Improve the availability, performance,

reliability, and security of IT services through the company-wide adoption of ITIL”

Agenda

• Allstate at a Glance

• Frameworks – PMBOK, Six Sigma, CMMi Dev, CobiT, ITIL - what are they?

• Bringing the frameworks together – Family Reunion

• Benefits & Cautions – Kissing Cousins or Family Feud?

Allstate at a glance• The Allstate Corporation is the nation’s largest publicly held personal

lines insurer.

• A fortune 100 company with $156.4 billion in assets.

• Allstate sells 13 major lines of insurance, including auto, property, life and commercial. Allstate also offers retirement and investment products and banking services.

• Allstate is widely known through the “You’re In Good Hands With Allstate®” slogan.

• The Allstate Corporation encompasses more than 70,000 professionals with technology operations located around the globe.

• More than 17 million customers in the U.S. and Canada.

• Allstate’s strategic vision is to reinvent protection and retirement for the consumer.

Allstate at a glance – The Technology Environment

• Multiple operating systems • Multiple technology platforms • Multiple database systems

• 6,000+ IT professionals• 5,000+ software applications• 100,000+ desktop computers supported

• High-Speed Networking• Integration Architecture• J2EE and .Net• Large Scale Networks• Message Brokering• Performance Management• Rich Media Management• Service Oriented Architecture• Unix, Windows and Mainframe platforms• Web Content Management• Web Services

• Advanced Analytics• Business Process Management• Capacity Planning• Data Warehousing• Document Imaging• Enterprise Content Management• Enterprise Databases• Enterprise Information Integration• ETL (Extract, Transform, Load) Tools• Financial Applications• High-Availability and Disaster Recovery

Applications and Services

Frameworks –What are they?

Service Strategy•Service Strategy•Service Portfolio Mgmt•Financial Mgmt•Demand Mgmt

Service Operation•Event Mgmt •Incident Mgmt•Request Fulfillment•Problem Mgmt•Access Mgmt

Service Design•Service Catalog Mgmt•Service Level Mgmt•Supplier Mgmt•Capacity Mgmt•Availability Mgmt•IT Service Continuity Mgmt•Information Security Mgmt

Service Transition•Transition Planning & Support•Change Mgmt•Service Asset •Service Configuration Mgmt•Release & Deployment Mgmt•Service Validation•Evaluation•Knowledge Mgmt

Continual Service Improvement•Seven Step Improvement

ITIL/ITSM

Initiating Planning

Monitoring & Controlling Executing

Closing

PMBOK

SIX SIGMA

Improve

Process Management

OPF Organizational Process FocusOPD Organizational Process Definition + IPPDOT Organizational TrainingOPP Organizational Process PerformanceOID Organizational Innovation and Development

Project Management

PP Project PlanningPMC Project Monitoring and ControlSAM Supplier Agreement ManagementIPM Integrated Project Management + IPPDRSKM Risk ManagementQPM Quantitative Project Management

Engineering

REQM Requirements ManagementRD Requirements DevelopmentTS Technical SolutionsPI Product IntegrationVER VerificationVAL Validation

Support

CM Configuration ManagementPPQA Process and Product Quality AssuranceMA Measurement and AnalysisDAR Decision Analysis and ResolutionCAR Causal Analysis and Resolution

Improve

CMMI Dev

PO1 Define a strategic IT PlanPO2 Define the information architecturePO3 Determine the technological directionPO4 Define the IT organisation andrelationshipsPO5 Manage the IT investmentPO6 Communicate management aims anddirectionPO7 Manage IT human resourcesPO8 Manage qualityPO9 Assess and manage IT risksPO10 Manage Projects

PLAN AND ORGANIZEPLAN AND ORGANIZE

ACQUIRE ANDIMPLEMENT


DELIVER AND SUPPORT

DELIVER AND SUPPORT

AI1 Identify automated solutionsAI2 Acquire and mantain application softwareAI3 Acquire and maintain technology infrastructureAI4 Enable operation and useAI5 Procure IT resourcesAI6 Manage changesAI7 Install and accredit solutions and changes

DS1 Define and manage service levelsDS2 Manage thierd-party servicesDS3 Manage peformance and capacityDS4 Ensure continuous serviceDS5 Ensure systems securityDS6 Identify and allocate costsDS7 Educate and train usersDS8 Manage service desk and incidentsDS9 Manage the configurationDS10 Manage problemsDS11 Manage dataDS12 Manage the physical environmentDS13 Manage operations

MONITOR andEVALUATE

MONITOR andEVALUATEME1 Monitor and evaluate IT performanceME2 Monitor and evaluate internalcontrolME3 Ensure compliance wihtexternal requirementsME4 Provide IT governance

IT RESOURCES

IT RESOURCES

•Applications•Information•Infrastructure•People

•Effectiveness•Effficiency•Confidientiality•Integrity•Availability•Compliance•Reliability

InformationCriteria

InformationCriteria

Business & Governance ObjectivesBusiness & Governance Objectives

CobiT

Project Management Body of Knowledge (PMBOK)

• Purpose – The primary purpose of the Project Management Body of Knowledge (PMBOK) guide is to identify that subject of the PMBOK that is generally recognized as good practice.

• History - In 1991 the draft PMBOK became an ANSI standard. The first edition was published in 1994, then revised in 1996. PMBOK 2000 was released in 1999 and the most recent version, PMBOK Third Edition, was published in 2004.

• Scope – Covers the management areas of integration, scope, time, cost, quality, resource, communication, risk, and procurement.

Project Management Lifecycle

Initiating Planning


Closing

Six Sigma • Purpose - Six Sigma is a business-driven, multi-faceted

approach to process improvement, reducing costs, and increasing profits. With a fundamental principle to improve customer satisfaction by reducing defects, its ultimate performance target is virtually defect-free processes and products.

• History - Six Sigma originated at Motorola in the early 1980s in response to a CEO-driven challenge to achieve a tenfold reduction in product-failure levels in five years. Meeting this challenge required swift and accurate root-cause analysis and correction. In the mid-1990s, Motorola divulged the details of their quality improvement framework.

• Scope – Any process or service in any industry.

Six Sigma – Improvement Model

CMMi for Development

• Purpose – The purpose of CMMI for Development is to help organizations improve their development and maintenance processes for both products and services.

• History – In the late 1980s and early 1990s the Software Engineering Institute at Carnegie Mellon University developed the Capability Maturity Model (CMM), which captured organizational best practices for software development. CMMI Dev evolved from these early beginnings and has matured from 2000-2006.

• Scope – Consists of best practices that address development and maintenance activities that cover the product lifecycle from conception through delivery and maintenance. Key processes areas cover: project management, support, process management, and engineering.

CMMI Dev - Process Areas

Improve

DeployDe

velop

Devel

op

Process Management


Project Management


Engineering

Support


Deploy

ImproveRD Requirements DevelopmentREQM Requirements ManagementTS Technical SolutionPI Product IntegrationVAL ValidationVER Verification

Control Objectives for Information and related Technology (CobiT)

• Purpose - Internationally accepted set of guidance materials for IT governance presented in a manageable and logical structure.

• History - Initially published in 1996 CobiT has evolved now to CobiT 4.1, which emphasizes regulatory Compliance and IT Value. CobiT’s good practices represent the consensus of experts.

• Scope - Covers all assets, IT resources including applications, information, infrastructure, and people.

CobiT Domains & Processes

PO1 Define a strategic IT PlanPO2 Define the information architecturePO3 Determine the technological directionPO4 Define the IT organisation and relationshipsPO5 Manage the IT investmentPO6 Communicate management aims and directionPO7 Manage IT human resourcesPO8 Manage quality PO9 Assess and manage IT risksPO10 Manage Projects

PLAN AND ORGANIZE


DELIVER AND SUPPORT

AI1 Identify automated solutionsAI2 Acquire and mantain application softwareAI3 Acquire and maintain technology infrastructure AI4 Enable operation and useAI5 Procure IT resourcesAI6 Manage changesAI7 Install and accredit solutions and changes

DS1 Define and manage service levelsDS2 Manage thierd-party servicesDS3 Manage peformance and capacityDS4 Ensure continuous serviceDS5 Ensure systems securityDS6 Identify and allocate costsDS7 Educate and train usersDS8 Manage service desk and incidents DS9 Manage the configurationDS10 Manage problemsDS11 Manage dataDS12 Manage the physical environment DS13 Manage operations

MONITOR and EVALUATE

ME1 Monitor and evaluate IT performanceME2 Monitor and evaluate internal controlME3 Ensure compliance wiht external requirementsME4 Provide IT governance

IT RESOURCES



InformationCriteria

Business & Governance Objectives

Information Technology Infrastructure Library (ITIL)

• Purpose - The Information Technology Infrastructure Library (ITIL) is a set of concepts and techniques for managing information technology (IT) infrastructure, development, and operations.

• History – ITIL originated in the 80s as a project sponsored by the UK Government, OGC. In the 90s, library complete and became the de-facto best practices in IT Service Management, 2007 the Service Lifecycle was introduced with ITIL V3.

• Scope - It’s all about the processes needed to effectively balance the cost vs. quality for delivery of services for IT Service Management.

ITIL – Lifecycle and Processes

Service Strategy-Service Portfolio Management-Financial Management-Demand Management

Service Design-Service Level Management-Service Catalog Management-Supplier Management-Capacity Management-Availability Management-IT Service Continuity Management-Information Security Management

Service Transition-Transition Planning & Support-Change Management-Service Asset Management and Configuration Management (SACM)-Release & Deployment Management-Service Validation-Evaluation-Knowledge Management

Service Operation-Event Management-Incident Management-Request Fulfillment-Problem Management-Access Management

Continual Service Improvement-Business case ROI-Identify the overall health of IT Service Management Portfolio alignment with business needs-How to measure, interpret and execute results-Service Level-Service Improvement Plan-Service Reporting-Service Measurement-Seven Step Improvement

Bringing the frameworks togetherA family reunion…

Service Strategy•Service Strategy•Service Portfolio Mgmt•Financial Mgmt•Demand Mgmt

Service Operation•Event Mgmt •Incident Mgmt•Request Fulfillment•Problem Mgmt•Access Mgmt

Service Design•Service Catalog Mgmt•Service Level Mgmt•Supplier Mgmt•Capacity Mgmt•Availability Mgmt•IT Service Continuity Mgmt•Information Security Mgmt

Service Transition•Transition Planning & Support•Change Mgmt•Service Asset •Service Configuration Mgmt•Release & Deployment Mgmt•Service Validation•Evaluation•Knowledge MgmtContinual Service

Improvement•Seven Step Improvement

ITIL/ITSM

Initiating Planning


Closing

PMBOK

SIX SIGMA

Improve

Process Management


Project Management


Engineering

REQM Requirements ManagementRD Requirements DevelopmentTS Technical SolutionsPI Product IntegrationVER VerificationVAL Validation

Support


Improve

CMMI

PO1 Define a strategic IT PlanPO2 Define the information architecturePO3 Determine the technological directionPO4 Define the IT organisation andrelationshipsPO5 Manage the IT investmentPO6 Communicate management aims anddirectionPO7 Manage IT human resourcesPO8 Manage qualityPO9 Assess and manage IT risksPO10 Manage Projects

PLAN AND ORGANIZEPLAN AND ORGANIZE



DELIVER AND SUPPORT

DELIVER AND SUPPORT

AI1 Identify automated solutionsAI2 Acquire and mantain application softwareAI3 Acquire and maintain technology infrastructureAI4 Enable operation and useAI5 Procure IT resourcesAI6 Manage changesAI7 Install and accredit solutions and changes

DS1 Define and manage service levelsDS2 Manage thierd-party servicesDS3 Manage peformance and capacityDS4 Ensure continuous serviceDS5 Ensure systems securityDS6 Identify and allocate costsDS7 Educate and train usersDS8 Manage service desk and incidentsDS9 Manage the configurationDS10 Manage problemsDS11 Manage dataDS12 Manage the physical environmentDS13 Manage operations

MONITOR andEVALUATE

MONITOR andEVALUATEME1 Monitor and evaluate IT performanceME2 Monitor and evaluate internalcontrolME3 Ensure compliance wihtexternal requirementsME4 Provide IT governance

IT RESOURCES

IT RESOURCES



InformationCriteria

InformationCriteria

Business & Governance ObjectivesBusiness & Governance Objectives

CobiT


Building Blocks

PMBOK

Six Sigma

ITIL

CobiT

CMMi

Business Rules• Process Flows / Mapping

• Identify control points • Roles & Responsibilities • Policies – Scope, Authority• Operational Procedures• Education & Training• Communications & Marketing

Corrective Action• Communications• Roles & Responsibilities • Education &Training• Policies & Procedures• Performance Management• Process Design

Governance Types

• Strategy

• Investment

• Project

• Process

• Technology

• Operations

• Human Resources

• Suppliers

Governance

Documents

Documents& Records

Con

tinua

l Im

prov

emen

t

Governance are the policies, procedures and regulations under which IT operates. It is the mechanisms, put in place to ensure adherence and compliance with those policies and regulations. With the appropriate corrective actions to mitigate non compliance

Operational Execution

PLAN

DO

Adherence & Compliance• Metrics, Reporting • Technology (Tools, Automation, Data) • Self Assessment • Independent Assessment Records

CHECK

ACT


PLAN

ACT

Check

DO

Optimizing 5

Initial 1

Managed 4

Defined 3

Repeatable 2

Adopting a Maturity Approach

Kissing Cousins or Family Feud?

• Benefits– Targeted goals and

objectives for each framework exist

– Complementary not competing

– Don’t reinvent definitions or processes, leverage what is already defined and accepted

• Cautions– Know when to use them– Know when to loose

them– Know why you use them– Drive solutions for

business needs– Keep your experts

talking to each other

Additional reference

• Project Management Institute. (2004). A Guide to the Project Management Body of Knowledge (3rd ed). Newtown Square, Pennsylvania.

• Pyzdek, Thomas. (2003). The Six Sigma Handbook. New York: McGraw-Hill.

• Carnegie Mellon University, Software Engineering Institute. (2006). CMMI® for Development, Version 1.2. Pittsburg, Pennsylvania. http://www.sei.cmu.edu/cmmi/index.html

• Office of Government Commerce. (2007). ITIL Service Strategy, Service Design, Service Transition, Service Operations, and Continual Service Improvement. London, England: The Stationary Office (TSO).

• IT Governance Institute. (2008). CobiT 4.1. Rolling Meadows, Illinois, USA.

Good Practice Frameworks: Kissing Cousins or Family Feud

Cathy A. Kirch & Kevin PughCertified ITIL Practitioners & Service Managers Allstate Insurance Corporation