IT Manager's Handbook

Transcription

1 IT Manager's Handbook Getting your new job done Third Edition Bill Holtsnider Brian D. Jaffe AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Morgan Kaufmann is an Imprint of Elsevier

2 Contents About the Authors Brief Table of Contents Key Changes for This Edition Preface vii ix xxi xxiii CHAPTER 1 The Role of an IT Manager Just What Does an IT Manager Do? 2 Why All That Change and Flexibility Is Good 2 Why All That Change and Flexibility Is Bad Managers in General 3 Definition of a Manager 3 Styles of Management 3 Pros and Cons of Being a Manager: Reasons to Become a Manager, and Reasons Not to Become One 5 The Hidden Work of Management 6 Resentment toward Management 7 Babysitting versus Managing 7 Politics 7 Managing in Four Directions The Strategic Value of the IT Department 8 Application Development versus Technical Operations 9 IT Department Goals 10 The Value of IT Managers Developing an IT Strategy 10 Determine Who Your Team Members Are 11 Determine How Important Technology Is to Your Organization 11 Determine Who Your Customers Are and What Their Needs Are 12 Keep Your Department Central to the Company's Operations Leadership versus Management Starting Your New Job 14 The First Day 14 Meeting the Staff 14 A Few Ideas for What to Say to Break the Ice 15 Some Don'ts 15 One-on-One Meetings 15 What to Say to Those Who Wanted Your Job and Didn't Get It 16 Establish a Relationship with Your Manager and Your Peers 17 Learning the Landscape: Key Users and Key Applications 18 xi

3 1.7 The First 100 Days 20 No Organization Is Perfect 20 Quietly Advertising What You Bring to the Table 21 Projects in Progress and Projects on the Horizon 22 Is the Status Quo Good Enough? 23 People to Meet and Know 24 Quick Introductory Meetings 24 Human Resource Issues 25 Budgeting 26 Making Those First Decisions Two IT Departments What Happens If Your Company Merges with Another? 27 CHAPTER 2 Managing Your IT Team Keeping Employees Focused 32 Establish Priorities 32 Communicate with Your Team 32 Company Mission, Vision, and Values 34 Be as Clear as Possible about Your Real Priorities 35 Avoid Burnout in Your Employees 35 Make Your Employees Aware of the Dangers of Burnout 36 Deal with the Situation 36 Managing Remote Workers (or Teleworkers) Employee Training 39 Cost 39 Need 39 Scheduling Demands 40 Employee Morale 40 How Do You Know When Your Employees Need Training? 40 Certification 41 What If the Employee Takes a Training Class and Then Uses His New-Found Skills to Find Another Job? 41 Nontechnical Training 42 Maximizing the Value of Training Employee Performance 43 Performance Reviews 43 Key Areas of Evaluation 44 Specific Evaluation Statements 47 Guidelines for Reviews 48 Negative Reviews 49 Have Employees Review Themselves Reviews 51

4 Contents xiii How to Conduct the Actual Review Discussion 52 Development Plans and Goals 52 Salary Review 53 Disciplinary Problems and Terminations Generational Issues at Work 57 Managing across Generations 58 CHAPTER 3 Staffing Your IT Team Why IT Managers Need to Deal with Hiring People 65 Human Resources Department's Role 66 Justifying a Hire 67 Start with Internal and External Referrals 68 Internal versus External Hires 68 Should You Hire a Full-Time Employee or a Consultant? Write a Position Description 74 Position Descriptions versus Contracts 75 General Requirements 75 Advertising Options Recruiters 79 Finding the Right Recruiter Selecting Candidates 83 Reviewing Resumes 83 Telephone Screening 84 At What Level Should I Interview? 84 Narrowing Down the List 84 General Interview Guidelines 86 Prepare a List of Questions 87 Who Else Should Interview a Candidate? 88 Key Concepts for a Good Technical Interview 89 Rank Criteria 93 The Value of Certification 94 Education 95 Checking References 97 Common Hiring Mistakes 98 Offering the Correct Salary for an IT Position 99 CHAPTER 4 Project Management Projects and Project Management: A Quick Overview 104 Different Kinds of Projects 104 The Value of Project Management 104 Five Key Phases to a Project 104 Do You Have to Be a Certified Project Manager to Run a Project? 105

5 xiv Contents The Project Management Institute (PMI) 105 A Project Management Office Phase One: Scope the Project 106 Clearly Define the Project's Objective and Scope to Avoid Scope Creep 106 Department versus Company Objectives 107 Get Proper Sponsorship for the Project 107 Identify the Stakeholders 108 Identify the Constraints, Interdependencies, and Risks 109 The Project Charter 110 Get Historical Perspective Phase Two: Develop a Project Plan Ill Three Critical Components to Any Project Write the Project Plan with the Closeout Report in Mind 112 Time Estimates 112 Resources Required: Employees (Internal and External to IT) 113 Money 114 Roles and Responsibilities 115 Multiple Projects Phase Three: Launch the Project 116 Range of Launch Options Stage a Kick-Off Meeting Phase Four: Track the Project's Progress 117 Microsoft Project 117 Other Project Management Tools 118 Gantt Charts and Time Lines 118 PERT Charts and Critical Paths 118 Project Milestones 119 Updates to Management Ill and the Team Phase Five: Close Out the Project 121 Writing a Closeout Report Decision-Making Techniques 122 Four Types of Decision-Making Methods What to Do If/When the Project Gets Off Track 123 Some Issues out of Your Control 124 When a Project Gets behind Schedule 124 Your Project Is Costing More Than Expected Useful Project Management Techniques 126 Project Teams 126 Create a War Room 126 Formalized Project Frameworks 127

6 Contents xv Participate in the Project Yourself 127 Offer Project Perks 127 Give Your Project a Code Name 127 Productive Project Meetings Funding Projects 130 Estimating Costs: Go High 130 Projects Always Cost More Than Estimated 131 Exactly Who Is Going to Pay for It? 131 Justifying the Costs Multiple Projects: How to Juggle Them Well 132 You Will Have Multiple Projects Dealing with Non-IT Departments on a Project 133 Motivating Employees outside of Your Department 133 Who Is in Charge? 133 CHAPTER 5 Software, Operating Systems, and Enterprise Applications Types of Software Operating Systems 137 Windows 137 Mac 137 Unix Variants and Linux 138 Choosing an Operating System 138 Multiple Operating Systems Open Source 141 Definition 141 Cost Managing Software 142 Total Cost of Ownership (TCO) 142 Software Management Techniques 142 Software -. Licensing ^ 144 Licensing Issues Cloud Computing 148 The Many Flavors of Cloud Computing 148 Private versus Public Cloud 149 Considerations When Moving to the Cloud Enterprise Applications Managing 153 Unified Messaging 155 Directory Services 156

7 xvi Contents 5.7 Enterprise Resource Planning (ERP) 157 The Value of ERP Software 157 General ERP Implementation Issues 157 Costs of Implementing ERP 158 Major Changes Required 158 It Isn't Only IT's Decision 158 Disadvantages to ERP 159 CHAPTER 6 Managing the Money The Budgeting Process 161 Possible Budget Items 162 Chargebacks Who Really Pays? 164 Reviewers for Your Budget 164 Estimating (and Overestimating) Your Numbers 165 Getting Approval and Defending Your Budget 165 During the Year: Tracking and Revising Your Budget The Difference between Capital Expenditures and Operating Expense Items 167 Capital Expenditure Details 167 Check with Your Company's Policies 168 Gray Areas Lease versus Buy: Which One Is Better? 168 Leasing 169 Who Makes This Decision? Other Budgeting Factors to Consider 170 Growth of Your Department's Workload 170 Technological Change 171 Staff 171 Software Maintenance 171 Hardware Maintenance Managing Vendors 173 Establish a Relationship 173 Help Your Vendors 174 Request for Proposals 174 Get Multiple Bids 175 Set Up a Trial 175 Reviewing Contracts with Vendors 175 Evaluating Alternatives 176 Set Up a Matrix Managing the Money during Difficult Times 179

8 Managing Costs Leverage IT for Increased Business Value 180 Demonstrating Leadership Outsourcing and Offshoring 182 Offshore Outsourcing Overview Which Functions to Outsource 184 Does Outsourcing Make Sense? CHAPTER 7 Getting Started with the Technical Environment The Technical Environment 189 What Do We Have Here? 189 Define Your Scope 190 The Elements 190 Tools for Tracking the Technical Environment 194 The Value of Good Infrastructure Documentation 195 What You May Find Understanding the User Environment TCO and Asset Management: What Are They? 196 Total Cost of Ownership 197 Asset Management Standards 199 Issues That Users Care About 199 Issues That IT Cares About 200 Standards for IT Technology Refreshing CHAPTER 8 Security and Compliance How We Got Here 206 Get Perspective 206 Computer Security Themes Managing Security Action 1: Evaluate Your Environment's Needs, Exposures, and Defenses 209 Action 2: Get Upper Level Management Buy-In 212 Action 3: Mitigate the Risks 212 Action 4: Work with Users to Make Everyone More Secure 213 Action 5: Remember That Security Is an Ongoing Process Security Solutions and Technologies 214 Tracking and Controlling Access 214 Authentication 219 Security Defenses 220 Security Incident Response 223

9 8.4 Types of Threats 224 Malware 224 Phishing and Social Engineering Compliance and IT 226 Overview 226 Victims of Non-Compliance The Rules 227 Sarbanes-Oxley 227 Health Insurance Portability and Accountability Act (HIPAA) 228 Basel II 229 SB Massachusetts Data Protection Law 230 Fair and Accurate Credit Transactions Act (FACTA) 231 Gramm-Leach-Bliley 231 U.S. Securities 232 Patriot Act 232 Dodd-Frank Act 233 Office of Foreign Assets Control (OFAC) 233 CLERP-9 (Australia) 233 Personal Information Protection and Electronic Documents Act (PIPEDA) 233 Privacy and Electronic Communications Directive (European Union) 234 Data Protection Directive (European Union) How to Comply with the Rules 234 Document the Policies 235 Identify Control Mechanisms 236 Educate Employees 236 Maintain Evidence Hidden Benefits of Compliance 237 The Hidden Benefit of Documentation 237 The Hidden Benefit of Control Mechanisms 237 The Hidden Benefit of Educating Your Employees 237 Hidden Benefits of Maintaining Evidence Methodologies and Frameworks 238 IT Governance 238 Committee of Sponsoring Organizations (COSO) 239 Control Objectives for Information and Related Technology (COBIT) 239 IT Infrastructure Library (ITIL) 240 Capability Maturity Model Integration (CMMI) 240 International Organization for Standards (ISO 9000) 240 Six Sigma 241

10 Contents xix 8.10 It's Not Just Regulatory Compliance 242 Electronic Discovery 242 Information and Records Retention 242 Working with Auditors Disaster Recovery and Business Continuity 243 Definition of Policies and Procedures Outsourcing 244 CHAPTER 9 Disaster Recovery Defining the Scope 248 Key Questions 248 Recovery Time and Recover Point Objectives 249 Disaster Recovery Committee Application Assessment The Value of Your Data 9.2 Creating a Disaster Recovery Plan Communication Plan Documentation Real Estate and IT Facilities Off-Site Storage of Data Hardware Availability 257 Regular Updating and Testing 257 After the Disaster Regional and Catastrophic Disasters 259 The ACT Model 9.3 A Word about Incident Response, Business Continuity, and Disaster Recovery The Hidden Benefits of Good Disaster Recovery Planning CHAPTER 10 Working with Users Relationships with Users Who Are Your Users? Find Out Who Your Department Thinks Its Users Are 264 Find Out Who Your Boss Thinks Your Users Are 265 Meet the Users 265 Being Available and Reachable 266 Sharing Information 266 Collecting Information 267 Proactive Solutions 268 Being Flexible 270 User Training 270

11 xx Contents 10.2 The Consumerization of IT 271 How to Deal with Consumerization 272 Support Issues Associated with Consumerization and Handheld Devices 272 Bring Your Own (BYO) Policies When Your Users Are Part of a Mobile Work Force 274 Techniques for Supporting Your Mobile Users The Help Desk 275 Typical Help Desk Activities 276 Procedures 276 Access 277 Self-Service 277 Tools 278 User Surveys 280 Measuring the Help Desk Workload 281 Staffing Service Level Agreements 283 Positive Values of SLAs 283 Ask for Help from Your Staff 283 Writing Good SLAs 284 CHAPTER 11 Connectivity: Social Media, Handhelds, and More Get in Front of the Curve 288 The Blurry Line between Company-Owned and Personally-Owned Equipment 288 (BYO Policies) 289 The New Technologies of Connectedness Benefits and Challenges of Connectivity 290 Dealing with a Lot More Empowered Users 292 Wisdom of Crowds The Power of All These Connections 293 How Companies Use the Web 293 How Companies Use Intranets 294 How Companies Use Social Media and Mobile Devices 295 Mobile Device Operating Systems, Apps, and Hardware 296 Handheld Hardware How Does This Affect You as IT Manager? 298 Lead, Encourage, and Experiment 298 It's Not the Tools, But How They Are Used 299 Remember Your Goals 301 What Is "Focused" and What Is "Distracted"? 301 Glossary 305 Index 317