sustained it governance: bridging the gap between it and business
TRANSCRIPT
Sustained IT Governance
Bridging the GapBetween
Corporate Business and IT
“If you can’t describe what you are doing as a process, you don’t know what you are doing.” -Deming
Sustained IT GovernancePurpose
Discuss the overall process of establishing
sustainable governance procedures and their
respective processes
Sustained IT GovernanceObjective
Leverage information to establish and drive
overall sustainable governance, bridging the gaps
between the business and IT silos
Sustained IT GovernanceGovernance Defined
• Leadership and organizational framework
• IT sustains organizational strategic objectives
Sustained IT Governance
Briefing Baseline
Sustained IT GovernanceWhere We Rank as a Country
GovernanceMetrics International, Sep 2007
The GMI research template is divided into six broad categories of analysis, including:
• Board Accountability• Financial Disclosure and Internal
Controls• Shareholder Rights• Corporate Behavior
# 5
Sustained IT GovernanceWhere Are You? Where Do You Want To Be?
ARE YOU
HERE?
DESIRED STATE?X
Level 1Ad Hoc
Level 4 Managed
BEST POSSIBLE
STATE
Level 5Streamlining
Sustained IT Governance
Let’s Look at the Solution
“Every problem has in it the seeds of its own solution.” –Norman Vincent Peale
Sustained IT GovernanceStrategic Overview
Mission and Vision StatementsAs per each intra -governmental organization
Policies and DistinctivenessLeverage best practices and lesson’s learned from other states that have already launched similar frameworks
Ongoing Actions and AdjustmentsUtilize metrics to measure and improve upon the successes already attained
Method and ExecutionPlan your governance and govern according to the plan
Perspective Positions
Patterns Plans
Strategy
Sustained IT GovernanceBuilding the Fundamental Framework
COSOCOBIT
Service Mgmt.
App. Dev. (SDLC)
IT Security
Project Mgmt.
IT Planning
Quality System
IT Operations
ITIL &ISO
20000
ASL
CMMIITIL
PMI
ISO
6-Sigma
ISO
ISO27000 / 17799 / NIST
COSOCOBIT
Service Mgmt.
App. Dev. (SDLC)
IT Security
Project Mgmt.
IT Planning
Quality System
IT Operations
ITIL &ISO
20000
ASL
CMMIITIL
PMI
ISO
6-Sigma
ISO
ISO27000 / 17799 / NIST
Sustained IT GovernanceEnterprise Level Governance
CIO / CTO
Board of Directors
Steering Committee
Executive Board
Strategic Planning
Project Manager
Project Teams
Service Provider
(Internal and External)
Develop Implement Deploy
Internal Processes(Contracting, Legal, etc.)
Service Level Agreements
Enterprise Continuum
Program Director
Diff
usio
n an
d C
onfo
rman
ceA
lignm
ent
Guidance
Regulatory Requirements Authority Structures Standards
Stewardship
Internal and External
Stakeholders
Stakeholder Oversight
Monitoring
Provide Change
Alig
nmen
t
Sustained IT GovernanceProgram Level Governance
Board of Directors
Steering Committee
Executive Board
Project Manager
Project Teams
Service Provider
(Internal and External)
Develop Implement Deploy
Program DirectorD
iffus
ion
and
Con
form
ance
Alig
nmen
t
Guidance
Internal and External
Stakeholders
Stakeholder Oversight
Monitoring
Provide Change
Alig
nmen
t
Sustained IT GovernanceApproaches to Building the Process
Cultural and Formal
Sustained IT Governance
• Commitment and energy demonstrated by leaders
• Generate / support employee engagement
• Build sustainability objectives into job descriptions and evaluation processes• Answer specific Top-Down questions• Answer Bottom-Up question: Why should I care?
Establishing Cultural Governance
Sustained IT Governance
• Gain Buy-In from Executive Leadership• Get the right people in the right place• Baseline current procedures and
processes• Establish a road map
Establishing Formal Governance
Sustained IT GovernanceGovernance Road MapRaise awareness and obtain management
commitmentDefine scope Define risks Define resources
and deliverables Plan the Program
Analyze gaps and identify
improvements
Define target for improvement
Assess actual performance
Define the supporting
projects
Develop improvement
plan
Implement improvements
Monitor implementation
performance
Build sustainability
Identify new governance
requirements
Review the Program’s
effectiveness
Identify Needs
Envision Solution
Plan Solution
Implement Solution
Operationalize Solution
Trade tools include:• COBIT• PMI• Six Sigma• ITIL
Sustained IT Governance
Metrics
“You can't manage what you don't measure.” –Morris Cohen
Sustained IT GovernanceTracking Enterprise Success
Perspective Objective Sample Metrics
Financial Short /Long Term $ SuccessLong Term Change Success
Return of InvestmentSuccess of Change
StakeholdersEthics and Legal ComplianceGovernance and AccountabilityManaging Stakeholders' Needs
Number of Ethical/Legal ViolationsNumber of Voluntary DisclosuresNumber of Stakeholder Meetings
Internal Processes
Risk and Crisis ManagementPerformance Evaluation SystemsReview of Strategic PlansFunctioning of the Board
Number of Risk Audits PerformedNumber of Board Members Owning StockNumber of Hours Spent on Strategic Issues Overall Attendance at Meetings
Learning and Growth
Composition of the BoardSkills and Knowledge
% Directors Financially LiterateExistence of Training Programs
Sustained IT GovernanceTracking IT Program Success
Perspective Objective Sample Metrics
Corporate
Business/IT AlignmentValue DeliveryCost ManagementRisk ManagementInter-Company Synergy
Operational Budget ApprovalBusiness Unit PerformanceExpense/Recovery TargetsResults of Internal AuditsSingle System Solutions
Customer
Customer SatisfactionCompetitive CostsDevelopment PerformanceOperational Performance
Business Unit Survey RatingsAttainment of Unit-Cost TargetsMajor Project ScoresAttainment of Targeted Levels
Operational Excellence
Development ProcessOperational Process MaturityEnterprise Architecture
Function Point MeasuresChange Management EffectivenessLevel of IT ProcessesState of Infrastructure Assessment
Future Resource ManagementKnowledge Management
Staff TurnoverImplementation of Learned Lessons
Sustained IT GovernanceBenefits of Sustained Approach
• Gain insight into IT / Enterprise business
relationship
• Assess specific IT processes
• Leverage control objectives to measure success
• Preparation for audits
Sustained IT GovernanceRisks
• Lack of management and/or leadership support• Not involving the right people at all levels• Being overly ambitious• Implementing business process improvements w/o IT• Decisions made w/o proper intelligence
Sustained IT GovernanceReal World Successes 2005-2007
• Blackboard, Inc (Education)
• Harley Davidson (Commercial / Consumer)
• Department of Defense (Government)
Sustained IT GovernanceWhat We Covered
• Objective: information for sustainable governance
• Identified the solution (COBIT, ITIL, etc.)
• Framework: Enterprise and Program Levels
• Cultural and Formal Governances
• Benefits: portfolio insight, measure success, and preparation for audits
• Risks: Lack of buy-in and wrong people/roles
• Examples of real world successes
Sustained IT Governance
Questions and Answers
Sustained IT GovernanceFor More Information
Shane Molinari, PMPMolinari Technical Solutions, LLC
(850) 625-2491
Sustained IT GovernanceReferences
• Benbow, D. (2005). The Certified Six Sigma Black Belt Handbook. ASQ• Collins, J. (2001). Good to Great. HarperCollins• Defense Technical Information Center (DTIC) (www.dtic.mil)• Forbes Magazine (www.forbes.com )• Governance Metrics International (www.gmiratings.com)• Information Systems Audit and Control Association (www.isaca.org )• IT Governance Institute (www.itgi.org )• IT Infrastructure Library Version 3 (www.best-management-practice.com)• Palmer, R. (2005). IT Service Management Foundations. Gulf Stream Press• Project Management Institute. (2004). Project Management Body of Knowledge• University of Pennsylvania (www.wharton.upenn.edu)