Add to collection(s) Add to saved
  1. Business
  2. Management
  3. Project Management

A Piloting Handbook for CIOs: The Lonely Planet Guide to IT

A Piloting Handbook for CIOs:
The Lonely Planet Guide to IT
Management Frameworks
Chris Finden-Browne
IBM Global Services
Chair, BCS Service Management Specialist Group
chris.findenbrowne@bcs.org.uk
Session Objectives

By the end of this session,
you will be able to:




2009-02-23
Describe a range of important IT Management frameworks
Understand their content, positioning and relevance
Conduct an initial conversation on them with a CIO
Know where to find more detail
BCS SMSG: IT Management Frameworks
2
Agenda



What and Why of ‘IT Management Frameworks’
Positioning the frameworks
Introduction to selected frameworks




2009-02-23
Purpose
Key Topics
Reference Details
Summary
BCS SMSG: IT Management Frameworks
3
What and Why of ‘IT Management
Frameworks’

The successful CIO has a strategic focus and is businessfacing

How can he/she be comfortable



that the IT management team has the IT ‘house’ in order?
that she/he can convey their department’s professionalism and
competence to their line-of-business peers?
HYPOTHESIS:
A well-selected set of IT Management Frameworks can
provide an organizing structure
We must first establish some concepts about this subject area
2009-02-23
BCS SMSG: IT Management Frameworks
4
What and Why of ‘IT Management Frameworks’
What is an IT Management Framework?

It is:



It can:



A body of knowledge about an area of expertise
A conceptual, organizing structure for conveying the expertise
topics
Have an assessment or maturity scheme
Be associated with professional certification for practitioners (or
for organizations)
It is not:


2009-02-23
A prescriptive approach
A formal standard
BCS SMSG: IT Management Frameworks
5
What and Why of ‘IT Management Frameworks’?
Why adopt a Management Framework?

Advantages





Learn from experience – avoid well-recognized mistakes
Exploit established terminology and definitions
Participate in or contribute to subject area development
Motivate staff through professional advancement and recognition
Pitfalls


2009-02-23
Not a panacea or an academic exercise
Frameworks must be applied to provide value
BCS SMSG: IT Management Frameworks
6
Positioning the frameworks
Two


2009-02-23
ways of classifying the frameworks:
‘IT Governance’ book from Weill and Ross
IT Management “envelope” chart (from IBM
Software Group)
BCS SMSG: IT Management Frameworks
7
Positioning the Frameworks
Lens 1 – Five Key IT Decisions
IT principles
High-level statements about how IT is used in the business
IT
architecture
Organizing
logic for data,
applications,
and
infrastructure –
leading to
business and
technical
standardization
and integration
IT infrastructure
Centrally coordinated, shared IT services –
IT capability foundation
Business application needs
Specifying the business need for purchase
or internally developed IT applications
IT
investment
and
prioritization
How much and
where to invest,
including project
approvals and
justification
techniques
IT Governance – Peter Weill, Jeanne W Ross – P 27
Harvard Business School Press, 2004
2009-02-23
BCS SMSG: IT Management Frameworks
8
Positioning the Frameworks
Lens 2 – Envelope chart
Business
Business Processes
IT Business
ITManagement
Business
Management
Business-IT
Alignment
The four domains of IT management
are the rows of the ITSM adoption
IT model
IT
Governance
Governance
IT Service
Business Driven
Management
Operations
IT IT
Operations
2009-02-23
Development
IT Development
IT Development
BCS SMSG: IT Management Frameworks
9
Introduction to selected frameworks









2009-02-23
eTOM
OCEG
TOGAF
CobiT
Val IT
PMBOK
e-SCM
CMMI
ITIL

Appendices


BASEL II
COSO
BCS SMSG: IT Management Frameworks
10
Selected Frameworks
eTOM

PURPOSE:


SCOPE:


To deliver a business process model or framework for use by
service providers and others within the telecommunications and
related sectors of industry
Describes all the enterprise processes required by a service
provider and analyzes them to different levels of detail according
to their significance and priority for the business
BACKGROUND:



TOM was developed over 1995-98
eTOM v1.0 emerged in 2001, and is now at v7.5 (2008)
It is one of five components of the New Generation Operations
Systems and Software (NGOSS) program
Enhanced Telecommunications Operations Map
2009-02-23
BCS SMSG: IT Management Frameworks
11
Selected frameworks
eTOM – Key topics
2009-02-23
BCS SMSG: IT Management Frameworks
12
Selected Frameworks
eTOM
Owner/originator
TM (TeleManagement) Forum
Type of body
Worldwide Consortium of ~400 Operators,
Suppliers & Integrators
Format
Softcopy
Free/fee
Free – requires free registration
Membership
Not as individual
Certification
TM Forum Knowledge Certification Program, for
companies and for individuals
Source
TMForum
2009-02-23
BCS SMSG: IT Management Frameworks
13
Selected Frameworks
OCEG

PURPOSE:


SCOPE:


To help organizations align their governance, compliance and
risk management activities to drive business performance and
promote integrity
A systematic approach to designing, implementing, managing,
evaluating and improving compliance and ethics programs
BACKGROUND:


Genesis around 2002 driven by the venture funding community
looking for consistency in GRC in investee companies
SOX provided additional stimulus
‘Foundation Guidelines’ (Red Book) from the Open Compliance and
Ethics Group – 2.0 issued in January 2009
2009-02-23
BCS SMSG: IT Management Frameworks
14
Selected Frameworks
OCEG – Key Topics
The Red Book provides guidelines on practices under four headings:
• Culture
• Organization
• Process
• Technology
2009-02-23
BCS SMSG: IT Management Frameworks
15
Selected Frameworks
OCEG
Owner/originator
Open Compliance and Ethics Group
Type of body
Multi-industry, multi-disciplinary coalition
Format
Softcopy
Free/fee
Free – after registration
Membership
Yes, by individual, for a fee
Certification
No
Source
OCEG
2009-02-23
BCS SMSG: IT Management Frameworks
16
Selected Frameworks
CobiT

PURPOSE:


Set of guidance materials for IT governance, most often associated with
Information Technology security and control practices
SCOPE:

It includes over three hundred specific 'control objectives' and a
framework and audit guides for over 30 information technology
processes. Overall, COBIT ™ is organized into six components, as
follows:







Executive Summary
Management Guidelines
Framework
Control Objectives
Implementation Toolset
Audit Guidelines
BACKGROUND:

V1=Audit, V2=Control, V3=Management, V4=Governance
CobiT – Control Objectives for Information and Related Technology
2009-02-23
BCS SMSG: IT Management Frameworks
17
Selected Frameworks
CobiT – Key Topics
COBIT
Framework
ME1 Monitor and evaluate IT
performance.
ME2 Monitor and evaluate internal
control.
ME3 Ensure compliance with external
requirements.
ME4 Provide IT governance.
DS1 Define and manage service
levels.
DS2 Manage third-party services.
DS3 Manage performance and
capacity.
DS4 Ensure continuous service.
DS5 Ensure systems security.
DS6 Identify and allocate costs.
DS7 Educate and train users.
DS8 Manage service desk and
incidents.
DS9 Manage the configuration.
DS10 Manage problems.
DS11 Manage data.
DS12 Manage the physical
environment.
DS13 Manage operations.
2009-02-23
Business
Objectives
PO1 Define a strategic IT Plan
PO2 Define the information architecture
PO3 Determine technological direction
PO4 Define the IT processes, organisation and relationships
PO5 Manage the IT investment
PO6 Communicate management aims and direction
PO7 Manage human resources
PO8 Manage quality
PO9 Assess and manage IT risks
PO10 Manage projects
Criteria
•Effectiveness
•Efficiency
•Confidentiality
•Integrity
•Availability
•Compliance
•Reliability
IT
RESOURCES
••
••
••
••
Applications
Applications
Information
Information
Infrastructure
Infrastructure
People
People
PLAN AND
ORGANISE
MONITOR AND
EVALUATE
ACQUIRE AND
IMPLEMENT
DELIVER AND
SUPPORT
AI1
AI2
AI3
AI4
AI5
AI6
2007 IT Governance Institute. All rights reserved. AI7
Identify automated solutions
Acquire and maintain application software
Acquire and maintain technology infrastructure
Enable operation and use
Procure IT resources
Manage changes
Install and accredit solutions and changes
BCS SMSG: IT Management Frameworks
18
Selected Frameworks
CobiT
Owner/originator
IT Governance Institute &
Information Systems Audit & Control Association
Type of body
Research think-tank – Membership organization
Format
Softcopy materials
Free/fee
Free – some downloads require registration (free).
Hardcopy available for purchase
Membership
Yes (ISACA)
Also there is “Control IT User Group”
Certification
Yes, for individuals – in IT audit, IT security
management and (new) Governance of IT
Source
CobiT
2009-02-23
ISACA
ITGI
BCS SMSG: IT Management Frameworks
19
Selected Frameworks
TOGAF

PURPOSE:


SCOPE:


An industry standard architecture framework that may be used freely by
any organization wishing to develop an information systems architecture
for use within that organization
A detailed method and a set of supporting tools - for developing an
enterprise architecture
BACKGROUND:

TOGAF has been developed by the Architecture Forum of The Open
Group and evolved since the 1996 merger of…



X/Open Company Ltd. (founded in 1984)
Open Software Foundation (founded in 1988)
Started with DoD’s Technical Architecture Framework for Information
Management (TAFIM)
The Open Group Architecture Framework – Version 9
2009-02-23
BCS SMSG: IT Management Frameworks
20
Selected Frameworks
TOGAF – Key Topics

Architecture Development
Method



Enterprise Continuum


Linkage between
architectures and solutions
Technical Reference Model


The AD Cycle
Phases
Generic services and
functions
Architecture Compliance and
Governance
2009-02-23
BCS SMSG: IT Management Frameworks
21
Selected Frameworks
TOGAF
Owner/originator
The Open Group
Type of body
A vendor-neutral and technology-neutral
consortium, whose vision of Boundaryless
Information Flow™ will enable access to integrated
information, within and among enterprises, based
on open standards and global interoperability
Format
Hard- & soft- copy
Free/fee
Both – free download for personal evaluation
Membership
Yes, at several levels. Corporate/individual
Certification
Yes.
Source
The Open Group and TOGAF
2009-02-23
BCS SMSG: IT Management Frameworks
22
Selected Frameworks
Val IT

PURPOSE:


Assists the board and executive management in understanding and
carrying out their roles related to IT-enabled business investments
SCOPE:



a set of guiding principles
a number of processes conforming to those principles that are further
defined as a set of key management practices.
Val IT works alongside CobiT to answer 4 basic questions:


A governance framework that consists of:
“(V) Are we doing the right things? (C) Are we doing them the right way?
(C) Are we getting them done well? (V) Are we getting the benefits?”
BACKGROUND:


2009-02-23
This work is stated as triggered by the use of CobiT at ING (NL)
The main research was carried out in 2005-6
BCS SMSG: IT Management Frameworks
23
Selected Frameworks
Val IT – Key Topics
VG – Value Governance (11 MPs)
Establish governance framework
Provide strategic direction
PM – Portfolio Management (14 MPs)
Evaluate and
prioritise
investments
Move selected
investments to
active portfolio
Establish portfolio parameters
Maintain resource
profile
Maintain funding
profile
Manage overall
portfolio
Monitor and report
on portfolio
performance
IM – Investment management (15 MPs)
Identify
Define
Analyse
business
candidate
alternatives
requirements
programme
Launch
programme
Manage
programme
execution
Assign
accountabilit
y
Monitor and
report on
programme
performance
Document
business
case
Retire
programme
2007 IT Governance Institute. All rights reserved.
2009-02-23
BCS SMSG: IT Management Frameworks
24
Selected Frameworks
Val IT
Owner/originator
IT Governance Institute &
Information Systems Audit & Control Association
Type of body
Research think-tank – Membership organization
Format
Softcopy materials
Free/fee
Free – some downloads require registration (free).
Hardcopy available for purchase
Membership
Yes (ISACA)
Certification
Indirectly – Value Delivery is one of 5 topics in the
new Certification in the Governance of Enterprise
IT
Source
Val IT
2009-02-23
ISACA
ITGI
BCS SMSG: IT Management Frameworks
25
Selected Frameworks
PMBOK Guide

PURPOSE:


SCOPE:


A collection of processes and knowledge areas generally accepted as
best practice within the project management discipline
Projects – and programs – in any industry
BACKGROUND:


A 1987 white paper led eventually to the publication of the first edition in
1996. Following a 2nd edition in 2000, the current (third) edition was
published in 2004 including major changes from the first edition.
Currently, an International panel of experts is working on developing the
fourth edition, with publication due to complete by end March 2009
Adopted by IEEE as Standard 1490-2003 (replacing 1490-1998)
PMBOK Guide – Guide to Project Management Body of Knowledge
2009-02-23
BCS SMSG: IT Management Frameworks
26
Selected Frameworks
PMBOK Guide – Key Topics


The Guide recognizes 44 processes that fall into five basic process
groups and nine knowledge areas that are typical of almost all
projects.
Process Groups
Knowledge Areas
Initiating
Planning
Executing
Controlling and Monitoring
Closing
Project Integration Management
Project Scope Management
Project Time Management
Project Cost Management
Project Quality Management
Project Human Resource Management
Project Communications Management
Project Risk Management
Project Procurement Management
Extensions exist for specialized industries –
examples:
government, construction
2009-02-23
BCS SMSG: IT Management Frameworks
27
Selected Frameworks
PMBOK Guide
Owner/originator
Project Management Institute
Type of body
Membership association for the project
management profession
Format
Hardcopy – some online materials
Free/fee
Fee – members have free access to the PMBOK
Guide itself
Membership
Yes – as individuals, fee payable
Certification
Yes, for individuals – PMP, PgMP and CAPM
Source
PMBOK from PMI
2009-02-23
BCS SMSG: IT Management Frameworks
28
Selected Frameworks
eSCM

PURPOSE: A “best practices” capability model with 3 purposes:




SCOPE:



(1) give service providers guidance that will help them improve their
capability across the sourcing life-cycle
(2) provide clients with an objective means of evaluating the capability of
service providers
(3) offer service providers a standard to use when differentiating
themselves from competitors
Service Providers:
Client Organizations:
84 Practices
95 Practices
BACKGROUND:


itSQC led a consortium of providers to release eSCM v1 in 2001, revised
as eSCM-SP v1.1 in 2002. It is now at v2 (2004)
The CL (v1.1) model was released in September 2006
eSCM – e-Sourcing Capability Model
2009-02-23
BCS SMSG: IT Management Frameworks
29
Selected Frameworks
eSCM – Key Topics
Phase
51 Ongoing
21 Initiation
8 Delivery
4 Completion
Capability Area
Knowledge Management
People Management
Performance Management
Relationship Management
Technology Management
Threat Management
Contracting
Service Design and
Deployment
Service Transfer (in)
Service Delivery
Service Transfer (out)
TOTALS
Capability Level
2
3
4
Totals
3
3
3
3
4
6
9
4
7
3
4
1
1
2
1
1
5
1
1
8
11
11
8
6
7
11
6
2
8
2
7
2
1
1
1
2
8
4
48
26
10
84
Distribution of Practices by Sourcing Life-cycle Phase,
Capability Area, and Capability Level
2009-02-23
BCS SMSG: IT Management Frameworks
30
Selected Frameworks
eSCM
Owner/originator
IT Services Qualification Center (itSQC) at
Carnegie Mellon University
Type of body
A multidisciplinary group of researchers,
practitioners, and organizations
Format
Softcopy books
Free/fee
Free download – hardcopy available for purchase
Membership
No
Certification
Organizations only – for both SP and CL
Training classes are offered
Source
itSQC
2009-02-23
BCS SMSG: IT Management Frameworks
31
Selected Frameworks
CMMI

PURPOSE:


SCOPE:



To help organizations improve their development
and maintenance processes for both products and services
A process improvement maturity model for the development of products
and services. It consists of best practices that address development and
maintenance activities that cover the product lifecycle from conception
through delivery and maintenance.
Previously focused on Development, but now covers Acquisition
BACKGROUND:



Since 1991, CMMs have been developed for myriad disciplines
Notable models for systems engineering, software engineering, software
acquisition, workforce management and development, and integrated
product and process development (IPPD)
The CMM Integration project was formed to sort out the problem of using
multiple CMMs
CMMI – Capability Maturity Model Integration – Version 1.2
2009-02-23
BCS SMSG: IT Management Frameworks
32
Selected Frameworks
CMMI – Key Topics
2009-02-23
BCS SMSG: IT Management Frameworks
33
Selected Frameworks
CMMI
Owner/originator
Software Engineering Institute (SEI) at CarnegieMellon University
Type of body
Federally funded research and development center
sponsored by the US Dept of Defense
Format
Softcopy
Free/fee
Free
Membership
Yes – ‘SEI Membership’ at individual, partner and
group level
Certification
Yes, for individuals – for Process
Assessment/Improvement and for Software-based
Development
Organizations can be appraised
Source
SEI CMMI
2009-02-23
BCS SMSG: IT Management Frameworks
34
Selected Frameworks
ITIL

PURPOSE:


DEFINITION of Service Management:


Provide a framework of Best
Practice guidance for IT Service
Management
“Service Management is a set of specialized organizational capabilities
for providing value to customers in the form of services.”
BACKGROUND:



2009-02-23
Has existed since late 1980s – now in its third version (2007)
V2 gained widespread
momentum in the last 10 years
Most strongly associated with
IT Operations, but now extended
by the ‘Service Lifecycle’ concept
BCS SMSG: IT Management Frameworks
35
Selected Frameworks
ITIL – Key Topics
Strategy
Design
Transition
Operation
Continual
Improvement
Service Strategy
Service Portfolio Mgmt
Transition Planning &
Support
Monitoring & Event Mgmt
Service Measurement
Market Intelligence
Service Catalog Mgmt
Change Management
Incident Mgmt
Service Reporting
IT Financial Management
Service Level Mgmt
Service Asset and
Configuration Management
Request Fulfillment
(standard changes)
Service Assessment &
Analysis
Service Portfolio Mgmt
Capacity Mgmt
Release & Deployment
Problem Mgmt
Process Assessment &
Analysis
Demand Management
Availability Mgmt
Service Testing and
Validation
Access Mgmt
Service Level
Management
Risk Management
Service Continuity Mgmt
Evaluation
Service Desk
Improvement Planning
(7-Step Process)
Information Security Mgmt
(ISO 27K, ISO 20K)
Knowledge Management
Infrastructure
Management
Processes
Supplier & Contract Mgmt
IT Operations
Organizational Change &
Communications
Facilities
Management
Functions
Taken from itSMF publication “An Introductory Overview of ITIL V3”
2009-02-23
BCS SMSG: IT Management Frameworks
36
Selected Frameworks
ITIL
Owner/originator
Office of Government Commerce
(part of UK Government)
Type of body
Government department – revenue generating.
New materials generated by individuals on contract
Format
5 core books, plus Introduction title
Free/fee
Fee – approx US$ 170 each
Membership
No, but itSMF exists for corporate and individual
membership
Certification
Yes, for individuals – mature scheme at multiple
levels
Source
OGC Best Management Practice - ITIL
2009-02-23
BCS SMSG: IT Management Frameworks
37
Summary
Framework Positioning
Business
Business Processes
IT Business
ITManagement
Business
Management
Business-IT
Alignment
The four domains of IT management are
the rows of the ITSM adoption model
IT
IT
Governance
Governance
IT Service
Business Driven
Management
IT Operations
IT Operations
2009-02-23
Development
IT Development
IT Development
BCS SMSG: IT Management Frameworks
38
Summary
Framework Tabulation
Framework
5 Key Decisions
“Envelope”
eTOM
(BASEL II)
Business applications needs
Business
(COSO)
OCEG
CobiT
IT principles
IT Governance
TOGAF
IT architecture
IT Development
Val-IT
IT investment and prioritization
IT Business Management
eSCM
IT investment and prioritization
IT Governance
CMMI
PMBOK
Guide
IT infrastructure
IT Development
ITIL
IT infrastructure
IT Operations
2009-02-23
BCS SMSG: IT Management Frameworks
39
Conclusions
1.A
well-selected set of IT Management
Frameworks can provide an organizing
structure for CIOs
2.Service Management is a significant –
but not the only – part of the overall IT
Management System
Appendices
BASEL II
COSO
Selected Frameworks
BASEL II

PURPOSE:


SCOPE:



To describe a more comprehensive measure and minimum
standard for capital adequacy that national supervisory
authorities are now working to implement through domestic
rulemaking and adoption procedures
Safety and soundness in the financial system by placing more
emphasis on banks’ own internal control and management, the
supervisory review process, and market discipline
Primary focus on internationally active banks
BACKGROUND:

The Basel I – Capital Accord – was issued in 1988
2004 New Basel Capital Accord
2009-02-23
BCS SMSG: IT Management Frameworks
42
Selected Frameworks
BASEL II – Key Topics

Three pillars of the new Accord



2009-02-23
First pillar: minimum capital requirement
Second pillar: supervisory review process
Third pillar: market discipline
Pillar 1
Pillar 2
Pillar 3
Minimum Capital
Requirements
Increased
Supervisory
Review
Additional
Public
Disclosure
BCS SMSG: IT Management Frameworks
43
Selected Frameworks
BASEL II
Owner/originator
Basel Committee
Type of body
A committee of central banks and bank
supervisors/regulators from the major industrialised
countries that meets every three months at the
Bank for International Settlements in Basel
Format
Softcopy
Free/fee
Free
Membership
No
Certification
No
Source
BIS site on Basel II
2009-02-23
BCS SMSG: IT Management Frameworks
44
Selected Frameworks
COSO

PURPOSE:


“To improve the quality of financial reporting through business
ethics, effective internal controls, and corporate governance”
SCOPE:

A set of documents which provide guidance on:



identifying the factors that cause fraudulent financial reporting
making recommendations to reduce its incidence
BACKGROUND:



Originally formed in 1985 to sponsor the (United States) National
Commission on Fraudulent Financial Reporting
Published the Internal Control Framework in 1992
In 2004, this was extended to the “Enterprise Risk Management
– Integrated Framework”
COSO – Committee of Sponsoring Organizations
2009-02-23
BCS SMSG: IT Management Frameworks
45
Selected Frameworks
COSO – Key Topics

Top face:


Front face:


Categories of objectives
Framework components
Side face:

2009-02-23
Focus
BCS SMSG: IT Management Frameworks
46
Selected Frameworks
COSO – Key Topics

New components
are:



Objective Setting
Event
Identification
Risk Response
Source: Enterprise Risk
Management —
Integrated Framework
2009-02-23
BCS SMSG: IT Management Frameworks
47
Selected Frameworks
COSO
Owner/originator
Committee of Sponsoring Organizations of the
Treadway Commission
Type of body
Voluntary private sector organization (US), from
five participating professional organizations
Format
Softcopy and hardcopy
Free/fee
Free Executive Summaries; Fee for full
documents
Membership
No
Certification
No
Source
COSO
2009-02-23
BCS SMSG: IT Management Frameworks
48
Related documents
Proceedings of 6 International Business and Social Sciences Research Conference
Proceedings of 6 International Business and Social Sciences Research Conference
15.568 – Practical Information Technology Management – Spring 2005
15.568 – Practical Information Technology Management – Spring 2005
Services Marketing 7205 Fall 2015 Term 1 Instructions for Case Analysis
Services Marketing 7205 Fall 2015 Term 1 Instructions for Case Analysis
Introducing Project Management for IT Teams
Introducing Project Management for IT Teams
Application of Frameworks to Family Problems
Application of Frameworks to Family Problems
Download