Update February 2011 Technology Office Stephen Pope NIMM
Agenda CA development priorities? NIMM context and framework Foundation Capabilities Where are you? Questionnaire NIMM going forward CA development priorities outcomes Q & A Close
The bigger Picture
Infrastructure Key Capability List Common Applications & Services Electronic Messaging Calendaring & Scheduling Unified Communications Collaboration Knowledge Management Remote User Access Electronic Software Distribution Enterprise Content Management Enterprise Search File & Print Services Operating Systems PC Operating System Standardisation Operating System Configuration Mgmt PC Application Virtualisation Operating System Virtualisation Server Provisioning Infrastructure Hardware Platforms Server Consolidation Server Virtualisation Storage Virtualisation Data Storage Management Power & Cooling Infrastructure Hardware Configuration Mgmt Network Devices & Services Wireless LAN & PAN Fixed LAN Local Network Services Network Cabling LAN Configuration Mgmt Network Service Security IT Security & Information Governance LAN Security Policies WAN & Remote Access Security Policies Directory Services Single Sign On Identity Management * Data Security End Point Security Antivirus & Malware Protection Infrastructure Patterns & Practices Availability Management Change Management * Configuration Management Release Management * Problem Management Incident Management * Service Desk Capacity Management IT Service Continuity Management Service Monitoring * End User Provisioning Software Asset Management Patch Management Testing End User Devices This section will be populated in a future release Infrastructure Governance IT Infrastructure Governance IT Infrastructure Strategy & Planning Document Collaboration & KM Strategy IT Project/Programme Management Product/Service Catalogue Infrastructure Business Alignment Stakeholder Management IT/Infrastructure Risk Management IT/Business Strategy Alignment Procurement Supplier Management SLA Management Procurement Process Effectiveness People & Skills IT staff career pathways and development IT Staff Performance Management End User Training IT staff development and planning IT staff attraction, motivation and retention Financial Management TCO Management * ROI Management * Benefits Management Principles, Standards, Procedures & Guidelines Infrastructure Principles Infrastructure Standards Infrastructure Procedures Infrastructure Guidelines Green IT
Maturity Model Background and Objective The NHS Infrastructure Maturity Model is an on-going program that will deliver detailed guidance to NHS Organisations for obtaining an objective benchmark of their existing Infrastructure maturity and identifying actions to improve infrastructure maturity where required. Format The NIMM model is delivered in the format of Infrastructure Capability Assessment Documents. Each document is designed to assess one particular infrastructure area. In addition, the NIMM offers a comprehensive set of user guides detailing how to plan, prepare and execute capability assessments, how to analyse assessment findings and define actionable recommendations. Key Benefits The NIMM process helps deliver an objective view of current maturity levels. It supports the definition of clear tactical and strategic recommendations to improve maturity. The NIMM process promotes participation of different areas of the organisation during the assessment process to increasing acceptance and buy-in.
The NIMM Framework 13 Categories 74 Capabilities – identify the ones important to you to complete Each capability is assessed from 5 perspectives to get a rounded view Each perspective has KPIs which give a score for that perspective for the capability being assessed Scores range from 1 (lowest) to 5 (highest) Record the score in the spread sheet to get an overview Create an action plan to increase maturity and therefore scores that are important to you.
NIMM Categories
The 5 Perspectives
NIMM Levels Level 1 Basic Avoid Down Time Disjointed, manual Infrastructure Knowledge not shared Reactive & ad-hoc Unpredictable service performance User drive “who shouts loudest” Level 2 Controlled Get Control Coordinated, manual Infrastructure Knowledge silos exist Reactive with some planning in place Services manageable & getting predictable Problem driven Level 3 Standardised Standards and Best Practice Standardize d Infrastructu re Individual level collaboration and knowledge sharing Reactive trending proactive Stable & architected IT Infrastructure Request driven Level 4 Optimised Efficiency Consolidated & virtualised Infrastructure Team level knowledge sharing & collaboration Proactive & accountable Continuous service improvement Service driven Level 5 Innovative Catalyst for Innovation IT & business stakeholders work in partnership Enterprise Level knowledge sharing & collaboration Strategic Asset Drives Service Innovation Value Driven
NIMM KPI KPI Description What processes exist to deploy base lined operating system images to PCs? MetricNIMM Level Each PC has its operating system installed manually with no baseline image 1 Manual selection of an image that matches the hardware is done and the deployment is initiated locally be a member of ICT 2 The deployment of the image is initiated locally with minimal configuration chosen through a wizard style interface 3 The build process is automated post the initialisation of the OS deployment 4 The image and configuration can be deployed from a central location with no user intervention locally 5 Self Assessed NIMM Level Category: Capability: Perspective: Operating Systems PC Operating System Standardisation Process Perspective
NIMM Level example – OS Standardisation Level 1 Basic Avoid Down Time Manual build processes No standards – either build or OS version/level There is no user training. Unpredictable performance makes trouble shooting hard No proactive review of life cycle support >20% of deployed machines are no longer supported by the vendor. >10 images exist or no images are used in deployment Level 2 Controlled Get Control Coordinated, manual build process, potentially image based. Departmental standards exist but no org wide standards Training is adhoc with no management/ reporting. OS performance manageable & getting predictable Machines retired at end of life cycle but no replacement pre-planning % of deployed machines are no longer supported by the vendor different OS images are used Level 3 Standardised Standards and Best Practice Standardised build Infrastructure using ‘Lite Touch’ image based build processes. IT own core OS policy, departments can create their own. No central control or planning for training. No statistics available. OS performance consistent across rebuilds/ machines There is a clear policy on OS refresh and life cycle support 5%-10% of deployed machines are no longer supported by the vendor. 3-5 different OS images are used Level 4 Optimised Efficiency Standard image build and deployment solution with some post build automation IT own a central image policy that is used org wide. Training targeted at business units, some available on line and some reporting available OS performance is base lined and monitored changes are automatically noted for investigation. A roadmap of published images is available that is aligned to the vendors 1%-5% of deployed machines are no longer supported by the vendor. 2 OS images are used Level 5 Innovative Catalyst for Innovation Images can be built and deployed fully ‘zero touch’ and customised based on backend database information per user. IT consults with the business to ensure image policy aligns with business needs. Performance is monitored and improvement is continuous. The OS is seen as adding value to the organisation. The organisation works with the vendors and gets early access to upcoming OS changes. <1% of deployed machines are no longer supported by the vendor. 1 OS image is used across all PCs.
The NIMM Assessment Cycle Execute Analyze Priorities Select Plan Confirm Business Priorities Select Capability Assessments Plan & Prepare Assessment Execute Maturity Assessments & Document Analyze Findings and Define Actions NIMM Cycle The Selection and Prioritisation Guide The Planning and Execution Guide The Scoring Analysis Guide
The Selection and Prioritisation Guide This user guide supports the CA prioritisation and selection process by: Helping to identify the key priorities of the business (in alignment with the business strategy) and qualify how these priorities map back to IT initiatives and infrastructure areas. Helping to identify the key operational problems of the business and investigate how these problems map back to infrastructure areas. Providing guidance for selecting the NIMM capability assessments that best support the NHS organisation in assessing the infrastructure areas identified above. The objective of this guide is to support NHS organisations in identifying the NIMM capability assessments (CAs) that are most relevant for their particular business objectives. It provides different options for selecting the relevant CAs depending on whether business objectives have already been defined or not. Goal A description of strategic goals and objectives List of ongoing IT projects List of current operational issues Some of the input items listed above may be readily available through business strategy and IT strategy documents. Other data items such as operational problems may have to be collected at the beginning of the selection activity. Key Inputs List of recommended capability assessments This list will be aligned with the top business priorities and with the most important operational issues. List of optional capability assessments This list will complement the list of ‘recommended’ assessments by indicating which capabilities assessments are related to the overall objectives of the business and therefore worth considering for assessment execution. Key Outputs Description
This user guide supports the CA prioritisation and selection process by: Helping to identify the key priorities of the business (in alignment with the business strategy) and qualify how these priorities map back to IT initiatives and infrastructure areas. Helping to identify the key operational problems of the business and investigate how these problems map back to infrastructure areas. Providing guidance for selecting the NIMM capability assessments that best support the NHS organisation in assessing the infrastructure areas identified above. The Selection and Prioritisation Guide The objective of this guide is to support NHS organisations in identifying the NIMM capability assessments (CAs) that are most relevant for their particular business objectives. It provides different options for selecting the relevant CAs depending on whether business objectives have already been defined or not. Goal A description of strategic goals and objectives List of ongoing IT projects List of current operational issues Some of the input items listed above may be readily available through business strategy and IT strategy documents. Other data items such as operational problems may have to be collected at the beginning of the selection activity. Key Inputs List of recommended capability assessments This list will be aligned with the top business priorities and with the most important operational issues. List of optional capability assessments This list will complement the list of ‘recommended’ assessments by indicating which capabilities assessments are related to the overall objectives of the business and therefore worth considering for assessment execution. Key Outputs Description
Prioritisation and Selection Guide Strategic Business Goals Leads to 1 or many Resulting IT initiatives Relies on Supporting Infrastructure Areas Supports Identification of Recommended and Optional Capability Assessments Dependency Chain
This guide is intended to help the planning and execution of a set of selected NIMM Capability Assessments (CAs) at an NHS organisation. This document will outline the recommended approaches and highlight the key activities, inputs and outputs. Goal This user guide describes the planning and execution process and defines in detail the key inputs and outputs for both activities. In addition, it supports with identifying the participants, facilitators as well as in deciding whether to execute the assessment through individual interviews or group workshops. Finally it provides guidance of how to plan and sequence activities, how to execute and how to document the assessment findings. Description Planning Inputs List of selected CAs Project Time Constraints People Identification. People Availability Budget Information & Constraints Internal and External Dependencies Planning Inputs High level project plan Detailed execution schedule Key Inputs Planning Outputs Effort estimation Expected duration Key milestones Key risks Dates of workshops/interviews and which CA will be covered on which date. People requirements (e.g. which days, how long for etc.) Key deliverables and milestones Execution Outputs CA scoring dashboard CA scoring evidence / workshop minutes Key Outputs The Planning and Execution Guide
17 This guide is intended to help the planning and execution of a set of selected NIMM Capability Assessments (CAs) at an NHS organisation. This document will outline the recommended approaches and highlight the key activities, inputs and outputs. Goal This user guide describes the planning and execution process and defines in detail the key inputs and outputs for both activities. In addition, it supports with identifying the participants, facilitators as well as in deciding whether to execute the assessment through individual interviews or group workshops. Finally it provides guidance of how to plan and sequence activities, how to execute and how to document the assessment findings. Description Planning Inputs List of selected CAs Project Time Constraints People Identification. People Availability Budget Information & Constraints Internal and External Dependencies Planning Inputs High level project plan Detailed execution schedule Key Inputs Planning Outputs Effort estimation Expected duration Key milestones Key risks Dates of workshops/interviews and which CA will be covered on which date. People requirements (e.g. which days, how long for etc.) Key deliverables and milestones Execution Outputs CA scoring dashboard CA scoring evidence / workshop minutes Key Outputs
The Scoring Analysis Guide The key objectives of this guide are to: Provide NIMM users with a structured approach for analysing the scores obtained during NIMM workshops or interviews. Help NIMM users to identify those perspectives within a specific CA that should be given priority when taking action to improve the overall maturity score. Support NIMM users with defining actionable recommendations to improve the maturity level of the priority areas identified. Goal This guide covers the approach to identify participants and facilitators, analyse scoring results and identify actions to improve maturity. The process focuses on making recommendations to improve the maturity of the CA perspectives. Emphasis is initially be placed on areas with the lowest scoring values but can also be applied to perspectives with a higher maturity In addition, this guide provides guidance of how to achieve a balanced distribution of maturity scores across the five perspectives of a CA rather than having an unequal score distribution. Description The key inputs of this process phase are: Scoring values for each CA executed during the NIMM assessment workshops or interview Score justification information Information about current and planned IT initiatives Key Inputs The resulting key outputs are: A list of tactical remedial actions and recommendations to improve the overall maturity level A list of strategic remedial actions and recommendations to improve the overall maturity level Key Outputs
The Scoring Analysis Guide The key objectives of this guide are to: Provide NIMM users with a structured approach for analysing the scores obtained during NIMM workshops or interviews. Help NIMM users to identify those perspectives within a specific CA that should be given priority when taking action to improve the overall maturity score. Support NIMM users with defining actionable recommendations to improve the maturity level of the priority areas identified. Goal This guide covers the approach to identify participants and facilitators, analyse scoring results and identify actions to improve maturity. The process focuses on making recommendations to improve the maturity of the CA perspectives. Emphasis is initially be placed on areas with the lowest scoring values but can also be applied to perspectives with a higher maturity In addition, this guide provides guidance of how to achieve a balanced distribution of maturity scores across the five perspectives of a CA rather than having an unequal score distribution. Description The key inputs of this process phase are: Scoring values for each CA executed during the NIMM assessment workshops or interview Score justification information Information about current and planned IT initiatives Key Inputs The resulting key outputs are: A list of tactical remedial actions and recommendations to improve the overall maturity level A list of strategic remedial actions and recommendations to improve the overall maturity level Key Outputs
Scoring Analysis Guide
FOUNDATION CAPABILITIES
Foundation Capabilities 12 Capabilities taken from across the categories Aim is to reduce risk and provide a solid foundation The 12 are (in no particular order!); IT/Business Strategy Alignment, Electronic Software Distribution, File & Print Services, Benefits Management, Patch Management, Service Desk, Software Asset Management, Antivirus & Malware Protection, Data Security, Directory Services, Operating System Configuration Mgmt, PC Operating System Standardisation
Additional Documents CA available Wireless LAN Single Sign On Collaboration IT Architecture & Governance PC Application Virtualisation Server Virtualisation Server Consolidation Problem Management LAN Security WAN & Remote Access Security End Point Security Unified Communications Service Catalogue Data Storage Management User Guides Self Assessment User Guide Self Assessment Template Selection & Prioritisation Guide Planning & Execution Guide Scoring Analysis Guide Quick start Check List Key Capabilities Self Assessment workbook
NIMM Questions All FCAs
Where are you? Your turn! Please complete the questionnaire before you leave
Please complete:- How would you describe your organisations current standing in respect of..... BasicControlledStandardisedOptimisedInnovative IT Business Strategy Alignment Directory Services OS Configuration Management PC Operating System Standardisation Electronic Software Distribution File and Print Services Benefits Management Patch Management Service Desk Software Asset Management Antivirus & malware Protection Data Security
NIMM What next?
CA’s in Development Service Transition (Release Management) Service Level Management (Service Monitoring) Change Management Incident Management Return on Investment Total Cost of Ownership Identity Management Electronic Messaging Calendaring & Scheduling Knowledge Management Enterprise Content Management Enterprise Search Green IT Power and Cooling
An Information Revolution Why NIMM? –NHS specific –Establishes infrastructure maturity –Uses objective KPI’s and Metric’s –Equal baseline –Due diligence –Aids clarity (see the woods from the trees) –Build tactical and strategic plans to support health care requirements –Aligned with other maturity models
Infrastructure Key Capability List Common Applications & Services Electronic Messaging Calendaring & Scheduling Unified Communications Collaboration Knowledge Management Remote User Access Electronic Software Distribution Enterprise Content Management Enterprise Search File & Print Services Operating Systems PC Operating System Standardisation Operating System Configuration Mgmt PC Application Virtualisation Operating System Virtualisation Server Provisioning Infrastructure Hardware Platforms Server Consolidation Server Virtualisation Storage Virtualisation Data Storage Management Power & Cooling Infrastructure Hardware Configuration Mgmt Network Devices & Services Wireless LAN & PAN Fixed LAN Local Network Services Network Cabling LAN Configuration Mgmt Network Service Security IT Security & Information Governance LAN Security Policies WAN & Remote Access Security Policies Directory Services Single Sign On Identity Management * Data Security End Point Security Antivirus & Malware Protection Infrastructure Patterns & Practices Availability Management Change Management * Configuration Management Release Management * Problem Management Incident Management * Service Desk Capacity Management IT Service Continuity Management Service Monitoring * End User Provisioning Software Asset Management Patch Management Testing End User Devices This section will be populated in a future release Infrastructure Governance IT Infrastructure Governance IT Infrastructure Strategy & Planning Document Collaboration & KM Strategy IT Project/Programme Management Product/Service Catalogue Infrastructure Business Alignment Stakeholder Management IT/Infrastructure Risk Management IT/Business Strategy Alignment Procurement Supplier Management SLA Management Procurement Process Effectiveness People & Skills IT staff career pathways and development IT Staff Performance Management End User Training IT staff development and planning IT staff attraction, motivation and retention Financial Management TCO Management * ROI Management * Benefits Management Principles, Standards, Procedures & Guidelines Infrastructure Principles Infrastructure Standards Infrastructure Procedures Infrastructure Guidelines Green IT
&