Download presentation
1
ForrTel: IT Governance Frameworks
Craig Symons Principal Analyst Forrester Research June 21, Call in at 12:55 p.m. Eastern Time
2
IT alignment and value are derived from good IT governance
Theme IT alignment and value are derived from good IT governance
3
Agenda IT governance defined An IT governance maturity model
Structural issues to consider The four dimensions of IT governance Existing frameworks The three pillars of IT governance Recommendations
4
Definition IT governance is the process by which decisions are made around IT investments. How these decisions are made, who makes the decisions, who is held accountable, and how the results of the decisions are measured and monitored are all parts of IT governance.
5
IT governance vs. enterprise governance
Governing for constraints Governing for success Accountability fiduciary responsibility Wealth/value creation sustainability Conformance/compliance Performance/results
6
The five decision types
IT governance IT principles IT architecture IT infrastructure strategies Business application needs IT investment These are high- level statements about how IT is used in the business Defining integration and standardization requirements Determining shared and enabling services Specifying the business need for purchased or internally developed IT applications Choosing which initiatives to fund and how much to spend Source: Forrester Research, Inc.
7
IT governance maturity model
Best practices At the fourth level of maturity, IT governance processes are fully evolved and optimized across the enterprise. A strong IT portfolio management process is in place to ensure that all IT investment decisions are optimized; the CEO and executive team are active participants in the governance process; and IT strategy is part of the enterprise strategy. IV Consistent At the third level of maturity, IT governance processes have been consistently applied across the enterprise. All business units/entities conform to the same set of IT governance processes. IT investment decisions are based on the enterprise view. III Fragmented There is an attempt to formalize IT governance processes but on a fragmented basis. These formalized processes may exist in one or more business units and IT decisions within those business units may be optimized, but there is no enterprise-wide effort to coordinate investment decisions or examine tradeoffs between business units or enterprise-wide investments versus BU investments. II Ad hoc There are no formal IT governance processes, and it's not recognized by management as being a necessity. IT investments are made on a completely ad hoc basis. This scenario is almost always found in highly decentralized organizations, but it is not limited to them. I Source: Forrester Research, Inc.
8
Structural issues to consider
Project based All IT resources are centralized under a single reporting structure with centralized resource allocation (staffing). The organizational structure is built around resource pools. Line managers are replaced by resource managers. Federated IT takes on a hybrid structure. A centralized IT organization supports all infrastructure and enterprise-wide applications, usually in a shared services environment. Individual business units maintain their own applications development organizations and budgets for business unit specific systems. Decentralized IT is decentralized by business unit, operating group, subsidiary, or geography. Each of these entities has its own CIO, IT organization, and IT budget. There is little or no attempt to coordinate across units or with corporate. Corporate IT supports the corporate HQ staff and perhaps some enterprise-wide applications. Centralized IT is centralized under a single Enterprise CIO. All IT systems and budgets reside at the corporate level. Source: Forrester Research, Inc.
9
The four dimensions of IT governance
IT value and alignment Accountability IT governance Performance management Risk management Source: Forrester Research, Inc.
10
Existing frameworks COBIT ITIL ISO 17799
11
Source: Forrester Research, Inc.
COBIT Source: Forrester Research, Inc.
12
Planning to implement service management
ITIL T h e B u s i n T h e c n o l g y Planning to implement service management The business perspective Service mgmt ICT infrastructure management Service support Service delivery Security management Application management Source: ITIL
13
ISO 17799 Business continuity planning System access control
System development and maintenance Physical and environmental security Compliance Personal security Security organization Computer and operations management Asset classification and control Security policy
14
The three pillars of IT governance
structures Governance processes Governance communications
15
Governance structures
Reporting relationships CIO reports to CEO Governance specific positions IT governance officer IT relationship managers Committees IT steering committees IT architecture and standards committees
16
Governance processes IT portfolio management
Service level agreements (SLAs) Chargeback mechanisms Demand management
17
Governance communication
IT balanced scorecard IT portal Annual report
18
Recommendations Perform a governance maturity assessment
Understand the structural/cultural issues Obtain executive buy-in Develop the governance structures first Develop processes next Don’t start from scratch Communicate, communicate, communicate
19
Thank you Craig Symons csymons@forrester.com www.forrester.com
Entire contents © Forrester Research, Inc. All rights reserved.
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.