Reduction of ICT Cost:
Strategies towards clean IT
audit and IT spending
28 May 2013
Razak Alli
Agenda
 Introduction
 Governance Requirements
SITA Initiatives
ICT Cost Reduction Strategy
Clean IT Audit
2
Introduction
 Total annual IT expenditures range from 2% to 15% of annual
revenues (Source: ITGI – IT Governance Performance Case Study)
 Reducing the cost of ownership of IT assets directly linked to
supporting business process and decision making processes
governing IT spending
 Moore’s Law—”the number of transistors on integrated circuits
doubles approximately every 4 years”.
 This law correlates with a decrease in the cost of computing
power.
 This availability of cost-effective computing power also
corresponds with an increase in the global generation of data by
devices, machinery, appliances and humans.
3
King III - King Report on Governance for South Africa 2009
Chapter 5 – The Governance of Information Technology
 The board/accounting officer should be responsible for information
technology (IT) governance
 IT should be aligned with the performance and sustainability
objectives of the company/business
 The board/accounting officer should delegate to management the
responsibility for the implementation of an IT governance framework
 The board/accounting officer should monitor and evaluate significant
IT investments and expenditure
 IT should form an integral part of the company’s risk management
 The board should ensure that information assets are managed
effectively
 A risk committee and audit committee should assist the board in
 carrying out its IT responsibilities
4
IT Governance Driving Improved Performance
 Most common IT governance objectives are focused on cost
containment (including efficiency, standardization, and
automation) and risk reduction (including compliance, security,
and public scrutiny of IT failures).
 For most businesses, cost containment is desirable, but not a
business strategy.
 As IT becomes a more strategic business enabler, organizations
should build on existing cost and risk focused IT governance
initiatives, and expand objectives to also include meeting
strategic business objectives, improve agility to meet changing
business needs.
5
SITA Initiatives - Partner and Supplier Relationships
Implementation of the Partnership Model
Forming strategic partnerships with main suppliers and
industry for high consuming services by clients
Revision of current contracting process with suppliers
Usage of State Owned Companies (SOCs)
New contracting framework implemented
 Umbrella agreements allowing improved cost savings
 Not on a transactional basis
 Negotiating new deals with suppliers for better costing
savings
 “Lock In” with software vendors (long term better cost
savings)
6
SITA Initiatives - Partner and Supplier Relationships (continued)
Negotiations with critical suppliers within the
environment
MIOS Compliance (Minimum Interoperability Standard)
7
SITA Initiatives - Infrastructure Environment
Cost management and saving initiatives:
Targeting transversal systems
Shared infrastructure reducing scope
Use of virtualisation and convergence
Moving decentralised infrastructure to centralised
Centrally managed infrastructure environment
leading to improvement of administration and
security
 Robust and secure infrastructure (preventative)
Consolidation and synchronisation of applications
and toolsets used
8
SITA Initiatives - SLA Contracting Method
Service Based SLAs - Redevelopment of SLAs according
to services provided to clients
Single SLA per client with services identified
Define level of performance via standardised manner
(not managed on “per item basis”)
Service Based SLAs based on approved Costing and
Pricing Models in alignment with approved Service
Level Catalogue
Packaging of services to include value added services
9
SITA Initiatives - Strategic Projects
Implementation of key identified projects as per Board
approval:
Could Computing
IFMS
E-Government
Convergence
Partnership Model
Costing and Pricing Model
Unified Communication (lowering broadband prices
contributing)
10
Supply Chain Management: Strategic Goals
 Saving on acquisition of ICT goods and services;
Improve
Purchasing
Power
Improve
Procurement
Processes
Provide IT
procurement to
ensure that the
Government
gets value for
money
 Number of industry partners established in the acquisition of
ICT delivery of goods and services; and
 Monitor and enforce supplier performance compliance.
 Improved Supply Chain Management Mean Time To
Respond;
 Drive 30% of acquisition spend through SMME;
 Automate procure to pay process; and
 Drive 100% electronic ordering with suppliers.
 Improved Supply Chain Management turnaround time:
Drive
Economies of
Scale
 90 days on Bids
 90 days on preferred list RFQs
 45 days for contract finalising
 30 days for Adhoc RFQs
 Create & centralise strategic sourcing
 Standardise procurement processes.
11
Improved Supply Chain Management Turnaround Times
Acquisition Method
Target
Actual
Tenders (Bids)
90 Days
127.55 Days
Preferred list RFQ’s
90 Days
72.23 Days
Contract Finalisation
45 Days
37 Days
Adhoc RFQ’s
30 Days
16.65 Days
12
Cost Saving For Government
SITA has entered into four
(4) Strategic Partnerships
ICT to provide goods and
services to government at a
discounted price.
13
Cost Saving For Government
SITA Supply Chain
Management has managed
to save government an
amount of R 262 652 243.05
on acquisition of ICT goods
and services(2012/2013).
14
Best Practices from Industry (continued)
ICT Procurement Strategy: Cost Reduction and
Integration Strategy
Alignment of IT Strategy with ICT Procurement Strategy
Optimum Return on ICT Investment (usage of COBIT
processes)
Controlled IT spending via approved architectures and
technology stacks incorporating:
IT cost transparency
Benchmarking of IT Service Costs
Enforcement of IT Cost reductions
15
Best Practices from Industry (continued)
 Design to Delivery: contract lifecycle for investing in
ICT
 On time, within budget, to specification
 Strengthen IT-Finance Collaboration to Drive ROI
IT Cost quality thresholds
Business process harmonisation
Process complexity review
Metrics and success measurements
Transparent reporting
16
ICT Cost Reduction Strategy
 Cost reduction should be performed via a structured approach
considering the long-term impact
 Should be performed for improving efficiency and effectiveness
 ICT Cost Reduction Strategy similar to Generic Enterprise Cost
Reduction Strategies
 Examine all IT spend and prioritise the right cost reduction
opportunities
 Adopt an end-to-end approach by considering:
 All sources of IT costs - Leverage multiple views to examine all sources of
ICT spend
 Analyse drivers of the IT costs
 Prioritise the right opportunities
 Create an organisation wide portfolio of investments to achieve
measurable savings
17
ICT Cost Reduction Strategy (continued)
 Make sure scope includes all components of IT expenditure
across the enterprise ecosystem
 Ensure proper engagement with the right stakeholders
 Examine all sources of IT spend using the following views:
 Expenses versus Investments
 Locked in spending per year versus new initiative spend
 Monitor expenses versus investments ratio
 Assets versus IT Capabilities
 Spend on business applications, infrastructure and data to
deliver IT capabilities
 Spend on IT capabilities is on people, process and
technology and assets required to deliver IT capabilities
18
ICT Cost Reduction Strategy (continued)
 Lines of Business (LoB)
 IT spend by LoB’s provides insight into the IT landscape
 Best practices to be applied across LoBs
 Standardisation of processes across LoBs
 Fixed versus Variable
 Maintain a mix of fixed and variable costs
 Trade off of maintaining capabilities in-house at fixed costs
versus outsourcing them at variable costs.
 Business Process
 Analyse IT spend by business processes to provide the cost to
serve the end customer
 Identify cost reduction opportunities by business process
redesign and supporting IT solutions
19
Clean IT Audit
 IT Audit is a subset of the overall Audit Department
 Cannot achieve Clean Audit ain the absence of issues
without the other environments
Size matters – In-house, outsourced or hybrid
If outsourced:
 Ensure the right to audit by the third party
 Must be included in signed agreement
 Compliance to SAS70 (replaced by SSAE16) – Auditor General
provides this service at SITA annually
20
Clean IT Audit (continued)
If in-house:
 Good people and capabilities
 Core Skills and IT Technical abilities
 Streamlined processes, policies and procedures
 High levels of compliance
IT Compliance framework and compliance officer
IT compliance and monitoring activities
SITA can only assist in the achievement of a Clean IT
Audit if in control of the full IT function
21
Thank You
22