e-cio consolidate the industiral effort
e-cio conslidate the industry efforts to establish IT management best practice in a holistic architecture approach. Many organizations have worked toward the direction in establishing common IT managment best practice such as the US OCIO coucil, itsmf, ITIL and Cobit. Although each organization work toward this direction from different aspect, it is interesting to observe that all the existing IT managment best practice effort shares similar circular framework as shown in the following figure. Instead of trying address IT managment from different asspects, e-cio sugget to see the big picture of IT managment as the OCIO architecture.
The Information Technology Infrastructure Library (ITIL) is a set of concepts and techniques for managing information technology (IT) infrastructure, development, and operations.
ITIL is published in a series of books, each of which cover an IT management topic. The names ITIL and IT Infrastructure Library are registered trademarks of the United Kingdom's Office of Government Commerce (OGC). ITIL gives a detailed description of a number of important IT practices with comprehensive checklists, tasks and procedures that can be tailored to any IT organization
COBIT
The Control Objectives for Information and related Technology (COBIT) is a set of best practices (framework) for information technology (IT) management created by the Information Systems Audit and Control Association (ISACA), and the IT Governance Institute (ITGI) in 1992. COBIT provides managers, auditors, and IT users with a set of generally accepted measures, indicators, processes and best practices to assist them in maximizing the benefits derived through the use of information technology and developing appropriate IT governance and control in a company.
The IT Service Management Forum (itSMF)
itSMF international Instead of considering IT management from the aspect of services and processes. e-CIO consider IT management from the aspect to architect the OCIO line of business. This is an "Eat your dog food " effort to architect the Office of Chief Information Officer in the Enterprise Architecture approach from the layers of Business, Application, Data and Technologies.
It establish the master plan to architect the OCIO, identify the existing IT management solution from the industry and suggest to make transition from the stovepipe IT management culture to an architeted IT management solution. After all, the OCIO have to eat it's own dog food to get buy-in from the others on the concept of enterprise architecture.
The OCIO architecture analysis leverage on existing IT management efforts such as the :
. Practical Guide for Federal Enterprise Architecture by CIO Council.
. The COBIT framework
. The ITIL version 3 Framework
. The ITIL version 2 Framework.
Read More → ^ TOP
ecio leverage on the ITIL
ecio leverage on ITIL. The Information Technology Infrastructure Library (ITIL) also known as Infrastructure Management Service (IMS) is a set of concepts and policies for managing information technology (IT) infrastructure, development and operations.ITIL gives a detailed description of a number of important IT practices with comprehensive checklists, tasks and procedures that any IT organization can tailor to its needs. ITIL is published in a series of books, each of which covers an IT management topic. The names ITIL and IT Infrastructure Library are registered trademarks of the United Kingdom's Office of Government Commerce (OGC).
The IT Infrastructure Library originated as a collection of books each covering a specific practice within IT Service Management. After the initial publication, the number of books quickly grew within ITIL v1 to over 30 volumes. In order to make ITIL more accessible (and affordable) to those wishing to explore it, one of the aims of ITIL v2 was to consolidate the publications into logical 'sets' that grouped related process guidelines into the different aspects of IT management, applications and services.
While the Service Management sets (Service Support and Service Delivery) are by far the most widely used, circulated and understood of ITIL publications, ITIL provides a more comprehensive set of practices as a whole. Proponents believe that using the broader library provides a comprehensive set of guidance to link the technical implementation, operations guidelines and requirements with the strategic management, operations management and financial management of a modern business.
The eight ITIL version 2 books and their disciplines are:
The IT Service Management sets
1. Service Delivery
2. Service Support
Other operational guidance
3. ICT Infrastructure Management
4. Security Management
5. The Business Perspective
6. Application Management
7. Software Asset Management
To assist with the implementation of ITIL practices a further book was published providing guidance on implementation (mainly of Service Management):
8. Planning to Implement Service Management
And this has more recently been supplemented with guidelines for smaller IT units, not included in the original
eight publications:
9. ITIL Small-Scale Implementation
Integrated EA governance processes
ITIL v3, published in May 2007, comprises 5 key volumes:
1. Service Strategy
2. Service Design
3. Service Transition
4. Service Operation
5. Continual Service Improvement
Service Strategy
Service strategy is shown at the core of the ITIL v3.1 lifecycle but cannot exist in isolation to the other parts of the IT structure. It encompasses a framework to build best practice in developing a long term service strategy. It covers many topics including: general strategy, competition and market space, service provider types, service management as a strategic asset, organization design and development, key process activities, financial management, service portfolio management, demand management, and key roles and responsibilities of staff engaging in service strategy.
Service Design
The design of IT services conforming to best practice, and including design of architecture, processes, policies, documentation, and allowing for future business requirements. This also encompasses topics such as Service Design Package (SDP), Service catalog management, Service Level management, designing for capacity management, IT service continuity, Information Security, supplier management, and key roles and responsibilities for staff engaging in service design..
Service Transition
Service transition relates to the delivery of services required by the business into live\operational use, and often encompasses the "project" side of IT rather than "BAU" (Business As Usual). This area also covers topics such as managing changes to the "BAU" environment. Topics include Service Asset and Configuration Management, Transition Planning and Support, Release and deployment management, Change Management, Knowledge Management, as well as the key roles of staff engaging in Service Transition.
Service Operation
Best practice for achieving the delivery of agreed levels of services both to end-users and the customers (where "customers" refer to those individuals who pay for the service and negotiate the SLAs). Service Operations is the part of the lifecycle where the services and value is actually directly delivered. Also the monitoring of problems and balance between service reliability and cost etc are considered. Topics include balancing conflicting goals (e.g. reliability v cost etc), Event management, incident management, problem management, event fulfillment, asset management, service desk, technical and application management, as well as key roles and responsibilities for staff engaging in Service Operation.....
Continual Service Improvement (CSI) ^ TOP
Overview of the ITIL 2 library
tbd ^ TOPecio leverage on the Cobit version 4 framework
ecio adopt the the Cobit vesion 4 framework as the base to define the OCIO funcation decomposition. the ideal is to establish an common OCIO taxanomy. With deliverate study of many effort, it is found that the Cobit framework serve well as the foundation for OCIO function decompsotion. The Control Objectives for Information and related Technology (COBIT) is a set of best practices (framework) for information technology (IT) management created by the Information Systems Audit and Control Association (ISACA), and the IT Governance Institute (ITGI) in 1996. COBIT provides managers, auditors, and IT users with a set of generally accepted measures, indicators, processes and best practices to assist them in maximizing the benefits derived through the use of information technology and developing appropriate IT governance and control in a company.
COBIT structure
COBIT covers four domains:
Plan and Organize
Acquire and Implement
Deliver and Support
Monitor and Evaluate
Plan and Organize
The Planning and Organization domain covers the use of information & technology and how best it can be used in a company to help achieve the company’s goals and objectives. It also highlights the organizational and infrastructural form IT is to take in order to achieve the optimal results and to generate the most benefits from the use of IT. The following table lists the high-level IT processes for the Planning and Organization domain.
HIGH LEVEL CONTROL OBJECTIVES
Plan and Organize
PO1 Define a Strategic IT Plan and direction
PO2 Define the Information Architecture
PO3 Determine Technological Direction
PO4 Define the IT Processes, Organization and Relationships
PO5 Manage the IT Investment
PO6 Communicate Management Aims and Direction
PO7 Manage IT Human Resources
PO8 Manage Quality
PO9 Assess and Manage IT Risks
PO10 Manage Projects
Acquire and Implement
The Acquire and Implement domain covers identifying IT requirements, acquiring the technology, and implementing it within the company’s current business processes. This domain also addresses the development of a maintenance plan that a company should adopt in order to prolong the life of an IT system and its components. The following table lists the high level control objectives for the Acquisition and Implementation domain.
HIGH LEVEL CONTROL OBJECTIVES
Acquire and Implement
AI1 Identify Automated Solutions
AI2 Acquire and Maintain Application Software
AI3 Acquire and Maintain Technology Infrastructure
AI4 Enable Operation and Use
AI5 Procure IT Resources
AI6 Manage Changes
AI7 Install and Accredit Solutions and Changes
Delivery and Support
The Delivery and Support domain focuses on the delivery aspects of the information technology. It covers areas such as the execution of the applications within the IT system and its results, as well as, the support processes that enable the effective and efficient execution of these IT systems. These support processes include security issues and training. The following table lists the high level control objectives for the Delivery and Support domain.
HIGH LEVEL CONTROL OBJECTIVES
Deliver and Support
DS1 Define and Manage Service Levels
DS2 Manage Third-party Services
DS3 Manage Performance and Capacity
DS4 Ensure Continuous Service
DS5 Ensure Systems Security
DS6 Identify and Allocate Costs
DS7 Educate and Train Users
DS8 Manage Service Desk and Incidents
DS9 Manage the Configuration
DS10 Manage Problems
DS11 Manage Data
DS12 Manage the Physical Environment
DS13 Manage Operations
Monitor and Evaluate
The Monitoring and Evaluation domain deals with a company’s strategy in assessing the needs of the company and whether or not the current IT system still meets the objectives for which it was designed and the controls necessary to comply with regulatory requirements. Monitoring also covers the issue of an independent assessment of the effectiveness of IT system in its ability to meet business objectives and the company’s control processes by internal and external auditors. The following table lists the high level control objectives for the Monitoring domain.
HIGH LEVEL CONTROL OBJECTIVES
Monitor and Evaluate
ME1 Monitor and Evaluate IT Processes
ME2 Monitor and Evaluate Internal Control
ME3 Ensure Regulatory Compliance
ME4 Provide IT Governance
COBIT and other standards
From the aspect of EA, the OCIO business consist of startegic planning, captital investment, applicaiton development, operation, result mesurement. It is an effort to considered all the IT managment process from a holistic view rather than by individaul processes.
^ TOP