Embed Size (px)
Citation preview
Technology Governance Smart, Sexy, and Simple in Seven Steps 12NTCtechgov
Johan Hammerstrom Community IT Innovators
Evaluate This Session! Each entry is a chance to win an NTEN engraved iPad!
or Online at www.nten.org/ntc/eval
Slide 2 12NTCtechgov
Johan Hammerstrom Vice President Community IT Innovators [email protected] @JohanCITI
Disclaimer
Smart?
I’ll do my best
Sexy?
Don’t count on it
Simple?
That’s my goal
Slide 3 12NTCtechgov
Slide 4 12NTCtechgov
photo: Wikimedia Commons
ISO-9000
ITGI
Alphabet Soup
1. Why business objectives should drive all technology decisions
2. Why user adoption and support is critical to all technology management
3. A usable technology governance outline that can be used within your organization today
Slide 5 12NTCtechgov
Take-aways
the 7 Steps
1. Planning
2. Implementation
3. Deployment
4. Management
5. Support
6. User adoption
7. Training
Slide 6 12NTCtechgov
Process
1. Planning
2. Implementation
3. Deployment
4. Management
5. Support
6. User adoption
7. Training
Slide 7 12NTCtechgov
50,000 foot view
Slide 8 12NTCtechgov
photo: Wikimedia Commons
Organizations exist for a purpose.
MISSION
Slide 9 12NTCtechgov
Purpose
The system by which companies are directed and controlled…
Cadbury Report, 1992
to achieve their purpose.
Slide 10 12NTCtechgov
Corporate Governance
The leadership and organizational structures and processes that ensure that the organization’s IT sustains and extends the organization’s strategies and objectives.
ITGI, 2006
Slide 11 12NTCtechgov
IT Governance
The systems d organizational structures and processes that ensure that the organization’s IT sustains and extends the organization’s strategies and mission.
revised ITGI, 2012
Slide 12 12NTCtechgov
IT Governance redux
1. Leadership
2. Organizational Structures
3. Processes
Slide 13 12NTCtechgov
essentials
Slide 14 12NTCtechgov
Governance Maturity
“none”
“ad-hoc”
“defined”
“managed”
“optimized”
COBIT
Slide 15 12NTCtechgov
Control
Objectives
for IT
source: COBIT 5
Well-planned
well-implemented
well-maintained
Slide 16 12NTCtechgov
Control?
Slide 17 12NTCtechgov
source: COBIT 5
Slide 18 12NTCtechgov
source: COBIT 4.1 Executive Summary
COBIT Principles
Slide 19 12NTCtechgov
Business Goals
IT Goals IT Processes
Information Requirements
source: COBIT 4.1 Executive Summary
Strategic Alignment
Slide 20 12NTCtechgov
Mission
IT Goals IT Processes
Information Requirements
source: COBIT 4.1 Executive Summary
Strategic Alignment
Slide 21 12NTCtechgov
Mission
IT Goals IT Processes
Information
• Outcome measurements • Performance Metrics • Messaging • Website • Files • Databases • Internet Access
Slide 22 12NTCtechgov
Mission
IT Goals IT Processes
Requirements
• Business Continuity • Reporting • Compliance • Automation/efficiency • Remote access • Support
• COST
Slide 23 12NTCtechgov
Business Goals
IT Goals IT Processes
Information Requirements
source: COBIT 4.1 Executive Summary
Strategic Alignment Dialogue
1. Leadership willing and able to have dialogue
2. Organizational Structures that enable the conversation
3. Processes that support it
Slide 24 12NTCtechgov
Strategic Alignment Business
Goals
IT Goals IT Processes
1.Planning
2.Implementation
3.Deployment
4.Management
5.Support
6.User adoption
7.Training
Slide 25 12NTCtechgov
Process Business
Goals
IT Goals IT Processes
Slide 26 12NTCtechgov
source: COBIT 4.1 Executive Summary
Dialogue around…
1. What resources are required?
2. What risks are tolerable?
3. What measurements are needed?
Slide 27 12NTCtechgov
source: COBIT 4.1 Executive Summary
Key Decisions
1. Specific systems
2. Support staff
3. Training
4. Hosting
5. Infrastructure
Slide 28 12NTCtechgov
source: COBIT 4.1 Executive Summary
Required Resources
1. Business Continuity
2. Disaster Recovery
3. RPO
4. RTO
5. Hacking threats
6. Malware
7. Spam
Slide 29 12NTCtechgov
Tolerable Risks
1. Reporting requirements
2. Compliance requirements
3. Management
4. Performance metrics
5. Project status
Slide 30 12NTCtechgov
Measurements Needed
Slide 31 12NTCtechgov
Simple Risk Matrix
Tape Backup
Availability Hosted
RTO 1-2 weeks 1 hr n/a
RPO 1-7 days 15 min 1 day
Retention 6 months 3 months 3 weeks
Reports Custom Custom Limited
Cost $10,000 $20,000 $15,000
Slide 32 12NTCtechgov
Simple Risk Matrix
Tape Backup
Availability Hosted
Down for… 1-2 weeks 1 hr n/a
Lost data… 1-7 days 15 min 1 day
Retention 6 months 3 months 3 weeks
Reports Custom Custom Limited
Cost $10,000 $20,000 $15,000
Slide 33 12NTCtechgov
source: COBIT 4.1 Executive Summary
Accountability
1. Leadership exercising oversight
2. Organizational Structures that enable the accountability
3. Processes that deliver value
Slide 34 12NTCtechgov
Value Delivery Business
Goals
IT Goals IT Processes
1.Planning
2.Implementation
3.Deployment
4.Management
5.Support
6.User adoption
7.Training
Slide 35 12NTCtechgov
Process Business
Goals
IT Goals IT Processes
Slide 36 12NTCtechgov
source: COBIT 4.1 Executive Summary
lifecycle Key Decisions
1. How will leadership know if IT is delivering value?
a) Metrics?
b) Reports?
2. Is responsibility clearly defined?
a) SLA
b) Policy
Slide 37 12NTCtechgov
Accountability
1. Start with Strategic Alignment
2. Create Dialogue around…
a) Resource Management
b) Risk Management
c) Performance Measurement
3. Identify Value Delivery through
a) Accountability
b) Regular reports?
Slide 38 12NTCtechgov
In closing…
• www.isaca.org
• www.citidc.com/ntc2012
• @JohanCITI
Slide 39 12NTCtechgov
Resources
Evaluate This Session! Each entry is a chance to win an NTEN engraved iPad!
or Online at www.nten.org/ntc/eval
