1 / 31

IT Governance

IT Governance. Infocom India Presentation December 6, 2006. Pathfinder Technology Solutions. Agenda. Why have IT Governance? What is IT Governance? Various elements of IT Governance Frameworks for IT Governance How Frameworks interact How IT processes underpin IT Governance

daxia
Télécharger la présentation

IT Governance

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IT Governance Infocom India Presentation December 6, 2006 Pathfinder Technology Solutions

  2. Agenda • Why have IT Governance? • What is IT Governance? • Various elements of IT Governance • Frameworks for IT Governance • How Frameworks interact • How IT processes underpin IT Governance • Example of Framework integration • Metrics to measure IT process health

  3. Why Bother About IT Governance? Lack of Effective Governance Can Lead to Catastrophic Failures!! IT Readiness Decline of Business Readiness DesiredLevel MajorEffort forRecovery Catastrophic Failure!! Time

  4. This is not a Rhetorical Conjecture! • Some Examples: • Largest Asian Stock Exchange suspended trading in November, 2005 due to incorrect software patch • Payroll of millions of customers of a major North American bank was affected in June, 2004 due to incorrect system update • Erroneous changes to Airline Ticketing system caused hundreds of international travel tickets being sold for less than $100

  5. IT Governance – The Definition • ITGovernance is a system that: • Directs and controls to administer necessary IT services to its clients • Specifies rights and responsibilities of parties* involved • Defines the policies and procedures; • Provides the structure to achieve the above The above closely follows corporate governance definition outlined by OECD (Organization for Economic Cooperation and Development) located in Paris, France. * Customers, Regulators and Stakeholders

  6. IT Governance – Differing Viewpoints • Three Parties & Three Areas of Interest • Regulators – in Regulatory Compliance • Regulators are Government Agencies • Customers – in Effectiveness of IT Services and somewhat in Regulatory Compliance • Customers are recipients of IT Services • Stakeholders – in Efficiency and Effectiveness of IT Services and Regulatory Compliance • Stakeholders are managers and employees of an IT organization

  7. Interest Areas of the Three Parties Efficiency, Effectiveness and Compliance are only possible through Deployment and Management of a Process Environment of Best Practices

  8. Elements of Governance • Standard against which Governance can be assessed • Proven SetofPractices for the processes of an organization • Compliance for government regulations • ContinuousImprovement to address Efficiency Governance is NOT just compliance of Government Regulations for Financial Disclosure

  9. Frameworks impacting IT Governance – The Alphabet Soup • Standards Frameworks • ISO (Int. Org. for Standardization) – for Quality • Adoption for competitive reason and is optional • SOXA (Sarbanes-Oxley Act) – for Compliance • Regulatory requirements make adoption mandatory • Compliance Framework • COBIT (Control Objectives for Information and Related Technology) – for Controls

  10. Frameworks impacting IT Governance – The Alphabet Soup • Best Practices Frameworks • CMMI (Capability Maturity Modeling Integration) – for IT Development • ITIL (Information Technology Infrastructure Library) – for IT Infrastructure Support • Continuous Improvement Framework • Six Sigma

  11. Governance Elements -Also Underpinned by Best Practices

  12. Processes Underpin Governance Elements • ITIL processes are necessary for ISO 20000 certification • ITIL helps to provide controls for COBIT • ITIL processes underpin CMMI for support and maintenance • Continuous Improvement & Six Sigma is only possible through deployment of ITIL best practices • ITIL Best Practices allow addressing of Effectiveness, Efficiency and Compliance

  13. Users Difficulties, Inquiries Service Requests Change Requests Communication, Updates, Workarounds Service Desk Incidents Releases Incident Management Problem Management Release Management Change Management Configuration Management Availability Management Availability Management Capacity Management Capacity Management Financial Management for IT Services Financial Management for IT Services IT Service Continuity Management IT Service Continuity Management Service Delivery Requirements, Targets, Achievements Requirements, Targets, Achievements Service Level Management Queries, Inquiries Communication` The Business, Customers ITIL (IT Infrastructure Library) Service Support

  14. ITIL and ISO - Achieving ISO 20000 Certification

  15. ITIL Best Practices ITIL Best Practices Necessary Tasks for SOXA* Compliance • Display the Business Process • Define Control Objectives • Identify Risks (or “what-can-go-wrong”) in the process • Define specific Controls that are in place to mitigate the above Risks, and, • Produce Evidence to prove that the above Controls are effective *Sarbanes-Oxley Act – enacted by US Congress in 2002

  16. ITIL and COBIT • While ITIL is about process best practice, COBIT is about control points • Procedures are mapped by ITIL best practices • Risks can be defined through Metrics • Software tool for ITIL management provide Control Evidence and Audit Logs

  17. Integration of Development and Support Best Practices Application Management Lifecycle Elegantly Integrates ITIL and CMMI

  18. ITIL and Six Sigma • ITIL Best Practice allows rapid adoption • No need to develop from scratch • ITIL defines metrics used as Six Sigma CTQs (“y”) and also for causes (“x”) • ITIL process management software tool provides data for necessary analyses • Application of Six Sigma require mature environment CTQ – “Critical to Quality” (as defined by customer)

  19. Deployment of Frameworks • Parts of Frameworks can be applied as needed and incrementally • Even partial implementations of Frameworks can provide major benefits for superior Governance • Business goals decide what to adopt • Any Framework implementation is a major effort • Strong and committed leadership is not just crucial, it is absolutely mandatory to achieve superior governance

  20. Support Infrastructure is a Must for Deployed Frameworks • Successful deployments require that the processes be: • Aligned – ensuring process objectives address business needs • Streamlined – through adoption of best practice • Mapped – through mapping of tasks for workflows and role assignments • Verified – by various organizational functions to meet their business requirements • Owned – by assigning formal roles for accountability • Documented – for consistency of implementation throughout the organization • Measured – to ensure that the process is effective and efficient while meeting compliance A support infrastructure essentially includes a number of formal roles such as the champions, process owners, process managers and others – depending on the nature of the framework and the organization

  21. Integration of Frameworks – An Example in an ITIL Process

  22. Metrics – Crucial to Manage Processes and Frameworks • Metrics Determine Process Health or Framework Maturity • 3M Principle – Measure-to-Monitor-to-Manage • To manage, one needs to monitor • To monitor, one needs to measure • ITIL Best Practices also provide relevant and well-defined Metrics for IT processes Continuous improvement is NOT possible without appropriate metrics

  23. B o x p l o t o f M o n t h l y O u t a g e D u r a t i o n 5 0 0 4 0 0 ) . n i M ( 3 0 0 n o i t a r u 2 0 0 D e g a t u 1 0 0 O 0 l t r r b n g p n y v c u c a p a o e a e u u e a J O A N D J J J F M A M S 5 5 5 5 5 6 5 5 5 5 5 0 5 5 0 0 0 0 0 0 0 0 0 0 0 0 Examples of Applying 6σ Based Metrics Traditional Chart for Outage

  24. Examples of Applying 6σ Based Metrics Statistical Chart (Boxplot) for Outage

  25. B o x p l o t o f O u t a g e T i m e b y P l a t f o r m 5 0 0 4 0 0 ) . n i 3 0 0 M ( e m i T 2 0 0 e g a t u O 1 0 0 0 E x t e r n a l I n t e r n a l - M i d I n t e r n a l - M V S I n t e r n a l - S e r v e r I n t e r n a l - O t h e r Examples of Applying 6σ Based Metrics Traditional Outage Chart by Platform

  26. Examples of Applying 6σ Based Metrics Outage Boxplot by Platform

  27. Examples of Applying 6σ Based Metrics Xbar-R Control Chart – Internal Outages Weeks

  28. Examples of Applying 6σ Based Metrics Xbar-R Control Chart – Int. & Ext. Outages Weeks

  29. Agenda • Why have IT Governance? • What is IT Governance? • Various elements of IT Governance • Frameworks for IT Governance • How Frameworks interact • How IT processes underpin IT Governance • Example of Framework integration • Metrics to measure IT process health

  30. Questions? ?

More Related