Академический Документы
Профессиональный Документы
Культура Документы
Strategic
alignment, resulting in increased business partner satisfaction in the order of 15% to 20%. project prioritization, leading to reduction of IT budget by 8% to 10%. ment, lowering the total cost of IT ownership by 10% to 15%. quality of IT output, resulting in a reduction in IT control issues by 50%.
Our experience of working with Fortune 1000 clients suggests that CIOs need to focus on the following five key imperatives while implementing a successful IT governance model (see Figure 1): 1. Align IT governance with corporate governance and business objectives. 2. Define IT governance objectives1 around strategic alignment, value delivery, risk management, resource management and performance management.
Carefully control risks, both strategic and oper More effectively manage IT assets. Continuously improve IT performance.
3. Establish holistic governance across disciplines spanning the entire IT value chain: IT strategy, architecture, project and portfolio, application lifecycle, infrastructure and data, vendor and sourcing, service lifecycle and modern SMAC technologies. 4. Identify the appropriate IT governance control practices2 to help achieve IT governance objectives. 5. Establish continuous tracking, monitoring and improvement of the IT governance model. Subsequently, this paper details the five key imperatives for designing an IT governance model.
For example, aligning IT risk management with corporate risk management practices, and aligning IT security standards with corporate security policies, drive consistency and compliance across the organization. Similarly, IT governance aligned with business objectives, such as achieving greater return on investments and reducing business risks, helps deliver business benefits. Define IT Governance Objectives Around Strategic Alignment, Value Delivery, Risk Management, Resource Management and Performance Management
alignment: Align IT strategy with business strategy, and ensure advancement of business priorities. delivery: Maximize value of IT investments. management: Identify and mitigate IT risks in a timely manner. appropriate IT resources to meet current as well as projected business demand.
CIOs should focus on this to improve transparency for corporate management, and to ensure business objectives are realized.
Corporate e Governance
Set Direction
Align Strategically
IT Governance
2
Dene IT governance objectives around strategic alignment, value delivery, risk management, resource management and performance management. Continuous Improvement
IT Governance Objectives
Strategic Alignment Value Delivery Risk Management Resource Management Performance Management
IT Governance Disciplines
IT Strategy Governance Architecture Governance Project and Portfolio Governance Service Lifecycle Governance Application Lifecycle Governance New Age Technology Governance
Establish holistic governance across governance disciplines spanning the entire IT value chain.
Identify the appropriate IT governance control practices to help achieve the IT governance objective. Establish continuous tracking, monitoring and improvement of the IT governance model.
Continuous Improvement
Figure 1
Performance management: Monitor IT performance effectively. In our experience, the above-mentioned objectives are relevant for all IT functions and disciplines.
typical benefits and impacts we have seen when implementing IT governance for clients across various industry sectors. Identify the Appropriate IT Governance Control Practices to Help Achieve IT Governance Objectives
Establish Holistic Governance Across Disciplines Spanning the Entire IT Value Chain
The IT governance model should focus on establishing oversight and control across all key IT governance disciplines. Figure 2 illustrates the
Based on our experience, in order to establish the right level of governance, organizations should define measurable IT governance control practices aligned with the IT governance
Application Lifecycle Governance: Control key facets of introduction, management and sunsetting of applications. Infrastructure and Data Governance: Optimize technology infrastructure costs and establish controls over organizational information assets. Vendor and Sourcing Governance: Ensure services provided by vendors deliver adequate business value, and reduce the business risk associated with nonperforming vendors.
Service Lifecycle Governance: Minimize or eliminate unauthorized changes into production environments, and maintain service and operational levels that promote business-IT alignment. New Age Technology Governance: Improve IT operating efficiency by adopting new age technologies, and minimize any risks associated with the same.
Performance Management and Resource Management: 20% to 25% improvement in operating efficiency post steady state.
Note: Indicated impacts are based on our experience with clients with a moderate level of organizational maturity. Figure 2
objectives for each of the eight IT governance disciplines (see Figure 3). They include:
Approvals
or committee to help mandate compliance with IT governance objectives (e.g., an architecture review board). meetings and surveys: Formal meetings/established surveys to monitor and track compliance with IT governance objectives (e.g., business satisfaction survey). controls and repositories: Mandating documentation or storage in central
and control checks: Adequate approvals and process checks to ensure compliance with IT governance objectives (e.g., UAT signoff before production implementation).
Governance
Documentation
In order to derive maximum benefits from IT governance, organizations should treat it as an ongoing priority (i.e., ensure continuous improve-
Value Delivery
Investment prioritization committee. Promote architectural component reuse.
Risk Management
Formal business case for funding. Architecture Review Board (project-wise review of the solution architecture). Independent project risk review.
Resource Management
Annual headcount planning. Periodic technology roadmap refresh leading to application rationalization. Weekly resource change control meetings.
Performance Management
Formal business case to measure project success. Total cost of ownership reporting.
Lifecycle tailoring criteria for various work effort types. Data quality management center of excellence. Semiannual vendor satisfaction survey. Incident resolution trend reporting.
Project Review Project team to Board to approve support operations phase exits. team during warranty support phase for all projects. Periodic capacity and availability reporting. Quarterly business review with strategic vendors. Change Advisory Board authorization of production releases. Mobility security audits. Capacity plans fed into the annual budget. Contracted staff policies and procedures. Periodic and planned baselines/ checkpoints established for configuration items. Application-centric cloud resource accounting.
Infrastructure and Data Governance Vendor and Sourcing Governance Service Lifecycle Governance
Tool-based infrastructure monitoring. Semiannual vendor performance reviews. Measure and report customer satisfaction with service desk.
Governance Meeting/Survey
Documentation Control/Repository
Approvals/Control Checks
ments in IT governance practices to adapt to changing business and IT environments). To ensure success of the implemented IT governance model, organizations should focus on continuous planning, monitoring and improvement of the IT governance model. In our experience, along with the CIO and senior IT leadership team, the IT audit and control team should drive continuous improvements to IT governance models with appropriate participation from IT area owners.
processes and infrastructure to support the governance model. To realize benefits from implementing the IT governance model, the CIO and senior IT leadership team need to invest in instilling a deep-rooted IT governance culture through effective communication, training sessions for continuous reinforcement and appropriate incentives for better compliance. Additionally, CIOs should mandate IT functional owners to include IT governance as an integral element of their processes, and leverage governance controls in decision-making. Organizations also need to continuously invest in improving the IT governance model in response to ever-changing business and IT needs.
Looking Ahead
Implementing a successful IT governance model has never been easy. Typical challenges range from facilitating organizational change management for greater adoption, to developing
Quick Take
Implementing Effective IT Governance for a Leading U.S. Insurer Challenge
The IT group of one of the largest U.S.-based insurers was faced with several governance issues such as suboptimal technology planning, inadequate return on IT investment, increase in the external audit issues, etc. The new CIO wanted to establish an effective IT governance model to alleviate the aforementioned IT risks/issues. Toward this objective, the CIO, along with the corporate team, engaged our business consulting team to leverage our expertise in setting up an effective IT governance model.
>> A
project review board to govern project phase exits. improve SLA adherence.
>> A service management office to track and >> An IT audit and control team to lead the
Benefits
The benefits achieved by implementing a best-inclass IT governance model included: implementation of IT governance practices and also drive continuous improvement.
Model
Our business consulting team engaged with the clients business and IT stakeholders to recommend an optimal IT governance model. It included:
Value
delivery: Approximately 8% to 10% decrease in the IT budget through effective project prioritization, thereby increasing the overall value of IT investments. management and resource management: About a 10% to 15% reduction in total cost of ownership through effective technology planning. management: A 50% year-on-year reduction in IT control issues.
>> Governance
practices which called for a dedicated business relationship management (BRM) function to conduct business partner reviews. IT capabilities with business priorities. prioritize IT investments.
Performance
>> A three-year technology roadmap to align >> A project prioritization committee to help
cognizant 20-20 insights
Risk
Footnotes
1 2
IT governance objectives are the stated governance purposes to be achieved for an IT process. IT governance control practices are the actionable activities to achieve an IT governance objective.
Reference
http://www.isaca.org/cobit/pages/default.aspx.
About the Authors
Philippe Dintrans is the Vice President and Practice Leader of Cognizant Business Consultings Strategic Services Group for North America. He has led numerous consulting engagements on business transformation, IT transformation and change management for marquee clients at Cognizant. Philippe holds a master of science degree in engineering from the Massachusetts Institute of Technology (MIT) and an M.B.A. from INSEAD. He can be reached at Philippe.Dintrans@cognizant.com. Amit Anand is a Director with Cognizant Business Consultings Strategic Services Practice. He has 12-plus years of experience in leading and managing large IT transformation and governance implementation initiatives for various clients. Amit holds a bachelors degree from IIT Delhi and an M.B.A. from the Indian School of Business, Hyderabad. He can be reached at Amit.Anand@cognizant.com. Madhusudan Ponnuveetil is an Engagement Manager with Cognizant Business Consultings Strategic Services Practice. He has nine years of experience in leading IT performance and process improvement initiatives, IT governance framework definition and implementation and change management. Madhu holds an M.B.A. from Asian Institute of Management, Philippines, and a bachelors degree in engineering from MSRIT, India. He can be reached at Madhusudan.Ponnuveetil@cognizant.com. Jayadevan Vijayakrishnan is a Senior Consultant with Cognizant Business Consultings Strategic Services Practice, with seven years of industry experience. His specific areas of expertise include IT performance and process improvements, IT organization and operating model redesign and IT strategy development. Jayadevan holds a bachelors degree in computer science engineering and an M.B.A. from the Indian Institute of Management, Bangalore. He can be reached at Jayadevan.Vijayakrishnan@cognizant.com.
About Cognizant
Cognizant (NASDAQ: CTSH) is a leading provider of information technology, consulting, and business process outsourcing services, dedicated to helping the worlds leading companies build stronger businesses. Headquartered in Teaneck, New Jersey (U.S.), Cognizant combines a passion for client satisfaction, technology innovation, deep industry and business process expertise, and a global, collaborative workforce that embodies the future of work. With over 50 delivery centers worldwide and approximately 156,700 employees as of December 31, 2012, Cognizant is a member of the NASDAQ-100, the S&P 500, the Forbes Global 2000, and the Fortune 500 and is ranked among the top performing and fastest growing companies in the world. Visit us online at www.cognizant.com or follow us on Twitter: Cognizant.
World Headquarters
500 Frank W. Burr Blvd. Teaneck, NJ 07666 USA Phone: +1 201 801 0233 Fax: +1 201 801 0243 Toll Free: +1 888 937 3277 Email: inquiry@cognizant.com
European Headquarters
1 Kingdom Street Paddington Central London W2 6BD Phone: +44 (0) 20 7297 7600 Fax: +44 (0) 20 7121 0102 Email: infouk@cognizant.com
Copyright 2013, Cognizant. All rights reserved. No part of this document may be reproduced, stored in a retrieval system, transmitted in any form or by any
means, electronic, mechanical, photocopying, recording, or otherwise, without the express written permission from Cognizant. The information contained herein is subject to change without notice. All other trademarks mentioned herein are the property of their respective owners.