Академический Документы
Профессиональный Документы
Культура Документы
Over my consulting career, I’ve seen many organizations struggle to create an IT strategy that aligns with the business’ strategy. Most of
the times, IT develops a strategy that consists of one or more of the following:
Reduce costs
Integrate emerging technology
Upgrade legacy technology
Comply with regulations
They then come up with tactical solutions such as
Let’s use a simple example. If the business wants to control IT costs, what’s the first thing that IT does? IT typically looks at the biggest
areas of IT expense – employee costs (or maybe hardware/software costs). So the organization works to reduce those costs. It could be
firing people, freezing salaries (which causes people to voluntarily leave), or getting rid of professional services. The problem with this
approach is that there are downstream effects that are forgotten about (or assumed will “take care of themselves”). Maybe some of IT’s
best people left when salaries were frozen. Maybe employees decide to “keep their head down” and not take risks.
While at the end of the day, the organization saves money, it does at the expense of productivity or even revenue generation.
One of the things that COBIT does it helps organizations think broader when faced with the task of reducing costs. I’ll show you how.
Let’s keep this walkthrough simple and focus only on one area – controlling (containing) IT costs.
I built an Excel spreadsheet to make this exercise more efficient, so the following screen prints are from the tool. The same exercise can
be done with the book/pdf, there will just be a lot of flipping between pages.
The Enterprise Goals that map to the Stakeholder Need of “How do I control the cost of IT?”
Here’s where the COBIT magic comes in. All the people who helped build COBIT brainstormed and created a large list of stakeholder
questions, enterprise goals, IT goals, and IT processes. They debated and reduced these multiple lists into smaller, more manageable
lists. For the Stakeholder Needs, the result was 22 questions. For the Enterprise Goals, the result was Enterprise Goals.
They then associated the 22 stakeholder questions the 17 Enterprise Goals that would best answer each question.
For this example, the Stakeholder Need of “How do I control the cost of IT?” is associated with the Enterprise Goals of “Optimisation of
service delivery costs,” “Optimisation of business process costs,” and “Operational and staff productivity” as you can see in the image
above.
The rest of this effort now becomes a mapping exercise.
IT Goals with a “P” or “S” are related to the cost reduction Enterprise Goals (highlighted in blue)
Let’s continue to keep this exercise relatively simple and only focus on the Primary IT-related Goals right now. Notice that two of the
goals overlap (“Transparency of IT costs, benefits and risk” and “Optimisation of IT assets, resources and capabilities). A note about the
Secondary IT-related Goals – they don’t have as much of an impact to achieving the Enterprise Goals as the Primary IT-related Goals.
Leaving those out is a good way to reduce the scope or level of effort.
Step 3: Map IT goals to IT processes
Now, back to the mapping. We now need to map the Primary IT-related Goals to the IT-related Processes using Appendix C: Detailed
Mapping IT-related Goals – IT-related Process. This will identify the specific COBIT Processes that the organization should improve.
Wow, that is a lot of IT processes that effect IT costs (30 unique processes). But if you really sit and think about it, it makes sense.
Everything in IT (and in business) is interrelated. I’ve seen it time and time again where IT cuts staff, staff is forced to “work harder,”
overworked staff then implements a change that causes an outage. There are various studies on how much the cost of an outage is, but it
varies from $5,000 – $13,000 per minute for large enterprises. If you took a shortcut approach for reducing costs, it just backfired.
This means that if you really want to be effective in controlling the cost of IT, you need to assess the effectiveness of the above IT
processes. If you improve the processes, you will reduce the costs of IT.
Step 4: Measure (or assess) the IT processes to determine which need to be improved
The steps involved with measuring (or assessing) the effectiveness of the IT processes is a post in itself. I’ll save that for next time.
Until then, I’d like to get your thoughts. Would you undertake this exercise to better approach your IT organization’s efforts? Please
leave your comments below.