Increasing IT Value and Reducing Risk. More for Less with COBIT5. IT Governance and Strategy



Similar documents
Presented by. Denis Darveau CISM, CISA, CRISC, CISSP

COBIT 5 Introduction. 28 February 2012

Strategy, COBIT and Vision: HOW DO THEY RELATE? Ken Vander Wal, CISA, CPA, Past President, ISACA

COBIT 5 For Cyber Security Governance and Management. Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE)

The Human Capital Management Systems Business Case A Checklist to assist agencies developing a business case

Chayuth Singtongthumrongkul

Revised October 2013

Deloitte and SuccessFactors Workforce Analytics & Planning for Federal Government

Enabling IT Performance & Value with Effective IT Governance Assessment & Improvement Practices. April 10, 2013

Roles, Activities and Relationships

CLOUD SECURITY THROUGH COBIT, ISO ISMS CONTROLS, ASSURANCE AND COMPLIANCE

A PeopleFluent Product Brochure. PeopleFluent Mirror Suite TM

Understanding COBIT 5. based on ISACA Materials Prepared by: Deb Mallette, CGEIT, CISA, CSSBB, IMG BSMS EPDM, Process Consultant

STRATEGIC WORKFORCE PLANNING LATEST TRENDS AND LEADING PRACTICE EXAMPLES

Frameworks and Maturity Models

COBIT 5 ISACA s new framework for IT Governance, Risk, Security and Auditing. An overview

Accenture Human Capital Management Solutions. Transforming people and process to achieve high performance

Recruitment Process Outsourcing Methodology Statement

White Paper. COBIT 5 & BiSL

IT Governance Implementation Workshop

For the Public Sector. The Missing Link: Improving your organisation, by linking reward to performance. Presented by:

IBM Executive Point of View: Transform your business with IBM Cloud Applications

COBIT 5 for Risk. CS 3-7: Monday, July 6 4:00-5:00. Presented by: Nelson Gibbs CIA, CRMA, CISA, CISM, CGEIT, CRISC, CISSP ngibbs@pacbell.

COBIT 5 Process Assessment Method (PAM) Debra Mallette, CGEIT, CISA, CSSBB Governance Risk and Compliance -G22

Organisational Change Management Maturity

Technology and Management Trends For Emerging HR Leaders 2015

CHARLES STURT UNIVERSITY WORKFORCE PLANNING FRAMEWORK

Effectively Using CobiT in IT Service Management

Three Strategies for Implementing HR in the Cloud

Drive to the top. The journey, lessons, and standards of global business services. kpmg.com

Helping our clients win in the changing world of work:

Operations Excellence in Professional Services Firms

The linchpin between Corporate Governance and IT Governance

ASAE s Job Task Analysis Strategic Level Competencies

Geoff Harmer PhD, CEng, FBCS, CITP, CGEIT Maat Consulting Reading, UK

Office of the Auditor General AUDIT OF IT GOVERNANCE. Tabled at Audit Committee March 12, 2015

IT Governance (Worthwhile Exercise?) January 10, 2013 Presented by Chad Murphy, CISA

THE FUTURE OF ASSET MANAGEMENT ON THE ROAD TO AN ASSET MANAGEMENT REVOLUTION

OPTIMUS SBR. Optimizing Results with Business Intelligence Governance CHOICE TOOLS. PRECISION AIM. BOLD ATTITUDE.

The Why & How of Managed Services

Professional Services for Cloud Management Solutions

How To Get A Cloud Computing Diploma

Building and Sustaining a Strong Organization Amid Challenge And Change KPMG LLP

INFORMATION TECHNOLOGY FLASH REPORT

AACSB International Accounting Accreditation Standard A7: Information Technology Skills and Knowledge for Accounting Graduates: An Interpretation

MANAGING THE EMPLOYEE LIFECYCLE

See what cloud can do for you.

CARLETON UNIVERSITY POSITION DESCRIPTION. Position Title: Manager, HR Systems Position No.: Approved by:

Setting goals and measuring the value of Enterprise IT Architecture using COBIT 5 framework

ARE YOU READY FOR TOMORROW S IT? Discover ITpreneurs full curriculum of Virtualization and Cloud Computing competence development programs

Begin Your BI Journey

Transform HR into a Best-Run Business Best People and Talent: Gain a Trusted Partner in the Business Transformation Services Group

Chartered Manager Degree Apprenticeship Assessment Plan

Qualification in Internal Audit Leadership (QIAL ) Exam Syllabus

Applying Integrated Risk Management Scenarios for Improving Enterprise Governance

Employing ITSM in Value Added Service Provisioning

The Talent Management Framework

Top 10 Considerations for Enterprise Agile Tools.

INNOTAS EBOOK The Transformational CIO

Infor CloudSuite HCM. Make more informed decisions. Modernize your HR technology

PERFORMANCE. 9 Out-of-the-box integration with best-in-class social platforms

7+ years in Human Capital Management Consulting. Industries: Telecom; Media; Automotive; Energy; Airline; Banking

Creating HR Service Delivery Success

Fortune 500 Medical Devices Company Addresses Unique Device Identification

Technology. Accenture Infrastructure Outsourcing Services

ISACA ON-SITE TRAINING DELIVERS EXPERT INSTRUCTION AT YOUR WORKPLACE

Accenture Technology Consulting. Clearing the Path for Business Growth

Optymyze Sales Performance Software

10 Tips to Education Assistance Program Excellence

Information Technology Strategic Plan

Intuitive Application Performance Management

Cloud CRM. Scalable solutions for enterprise deployment

A guide to strategic human resource planning

Preliminary Reference Guide for Software as a Service (SaaS)

Certified Human Resources Professional Competency Framework

Leadership & People Management WSQ

Welcome to today s training on how to Effectively Sell SAP ERP! In this training, you will learn how SAP ERP addresses market trends and

Optimise. Achieving the perfect reward and benefits programme

Principles of Execution. Tips and Techniques for Effective Project Portfolio Management

Department of Human Resources

S11 - Implementing IT Governance An Introduction Debra Mallette

HR - A STRATEGIC PARTNER Evolution in the adoption of Human Capital Management systems

Cisco Unified Communications and Collaboration technology is changing the way we go about the business of the University.

Business Intelligence with SharePoint 2010

The South Staffordshire and Shropshire Health Care NHS Foundation Trust Digital Strategy

VMware Cloud Operations Management Technology Consulting Services

as a key driver of their financial performance, can be influential in realizing on that objective. SMART HR Manager By : Irene

Evolution and trends in HR Technology. November 4, 2014

Embracing CHANGE as a Competitive Advantage

: SDI SD0-302 : SDI - SERVICE DESK MANAGER QUALIFICATION. Version : R6.1

PUBLIC SERVICE REGULATIONS REQUIREMENTS (CHAPTER I, PART III B) HUMAN RESOURCES PLAN AND ORGANISATIONAL STRUCTURE

INTRODUCING TALEO 10. Solutions Built for the Talent Age. Powering the New Age of Talent

Relationship Manager (Banking) Assessment Plan

Section Three: Ohio Standards for Principals

Process Guide TALENT MANAGEMENT. This document is protected by copyright. The consent of the copyright owner must be obtained for reproduction.

THE CORNERSTONE DIFFERENCE

Transcription:

Increasing IT Value and Reducing Risk More for Less with COBIT5 Copyright 2012 ITpreneurs. All rights reserved. 1

COBIT 5 the Next Evolution 2

COBIT 5 Released in April 2012 COBIT5 is the eagerly awaited guidance from ISACA on IT Governance. It is a comprehensive framework of globally accepted practices that will help enterprise leaders realize benefits from IT while optimizing risks and resources. In this article, Gary Hardy, lead developer of COBIT5 and one of the originators of the COBIT initiative, as well as leader of the Deloitte IT Governance Centre of Excellence; highlights the key benefits of COBIT5, the strategies for adopting the new guidance and how it helps deal with current issues. The first three publications will be: COBIT5 Framework, which explains the COBIT5 design principles and approach and the COBIT5 enablers for governance of enterprise IT. COBIT5 Enabling Processes, which describes the COBIT5 process model and provides all the process related content for the COBIT5 governance and management processes. COBIT5 Implementation, which is an update of the Implementing and Continually Improving IT Governance publication, aligned to COBIT5. COBIT5 Features and Benefits COBIT5 provides a single consolidated framework covering ISACA s guidance on the governance of enterprise IT. COBIT5 provides a complete enterprise view of IT governance. IT is pervasive and not limited to technicians or the IT function. COBIT5 considers the whole enterprise and considers IT-related governance and management enablers to be enterprise-wide. COBIT5 provides a holistic view of all of the enablers of IT governance. In the past COBIT had a strong process focus and through these processes referred to items such as skills and organisational structures. This is still the case with COBIT5, but in addition, it considers all the governance and management enablers: Culture and ethics, principles and policies, organisational structures, processes, information for decision making, supporting services, and skills and competencies. COBIT5 separates governance and management processes with the addition of a new Governance domain with which to evaluate, direct, and monitor practices and activities aligned to ISO/IEC 38500:2008. COBIT5 provides an updated process model aligned with current available standards and best practices that is more complete and relevant to current technologies and services. There are several new processes and final adjustments to the guidance that will be revealed in the new publications. The updated COBIT5 Implementation Guidance reflects COBIT5 thinking and provides practical guidance on how to initiate and drive IT governance improvements using COBIT5. COBIT5 will be supported by a new ISO/IEC 15504 process capability assessment method that will enable more rigorous and repeatable assessments, and will support an accredited assessor scheme to allow enterprises to obtain a formal assessment of their GEIT process capability in the future. This method is now available for COBIT4.1 and it is expected to be available for COBIT5 later in 2012. The Implementation Guide provides an overview of how to use COBIT5 with this approach, and also explains how to continue to do a COBIT4.1 equivalent maturity assessment. IT Value Optimisation More for less Copyright 2012 ITpreneurs. All rights reserved. 3

Impact on Current COBIT Users COBIT5 represents an evolution and continual improvement of ISACA s guidance; so previous improvements and current implementation activity can be built upon and developed further. COBIT5 is forward compatible and will provide mappings to help understand how the old guidance relates to the new. As always, COBIT should be used together with other standards and best practices to obtain more detailed guidance in specific areas. COBIT5 Foundation and Implementation training will be available soon, as well as a short bridging module. IT Value Optimisation More for less Copyright 2012 ITpreneurs. All rights reserved. 4

The Deloitte IT Value Optimization Survey 5

The Deloitte IT Value Optimization Survey In the second half of 2011, Deloitte conducted a preliminary survey amongst South African CIOs to obtain feedback on the current value being derived from IT spending within their enterprises; and focused it on people, process and technology. Technology: Effective management of IT assets Process: Well-managed IT processes People: Optimized use of human capital The results highlighted weaknesses in key areas addressed by COBIT5 The Importance of Executive Leadership COBIT5 supports the KING III approach to governance of IT and the importance of the board and executives. KING III emphasizes that business leaders (i.e., board and executive management) need to understand that IT is pervasive and an enabler of strategic business objectives. As such, IT should be viewed as an integral part of the way the enterprise operates. COBIT5 takes a full enterprise view of IT and highlights the role of executives in the new governance domain. Given the current economic climate, there is also increased pressure on business leaders to ensure that their enterprises are able to realize value from IT enabled business changes and optimise IT-related costs. COBIT5 integrates previous VALIT guidance into the new process model. Given its pervasive nature, IT-enabled business change affects the entire enterprise. Often the business process and organizational changes are more challenging than the implemention of new technologies. This is increasingly becoming an issue with new models for sourcing IT services. (e.g., Cloud Computing). People have a significant role to play in delivering business objectives, therefore, retaining adequate skills is critical. COBIT5 has an enhanced Manage Human Resources process, and emphasizes skills and competence as a key enabler. IT Value Optimisation More for less Copyright 2012 ITpreneurs. All rights reserved. 6

The Survey Findings The diagram below summarizes the survey findings from weak to strong responses. It shows that the areas of Human Capital and Investment Management were the weakest areas in the companies surveyed: COBIT5 introduces several new and updated processes directly covering the weakest areas. IT Value Optimisation More for less Copyright 2012 ITpreneurs. All rights reserved. 7

Managing IT Investments 8

Leadership, often does not have a clear approach of considering IT investments, or a way to monitor or report the potential success of failure of these investments. The Deloitte approach aligns with ISACA s COBIT5 guidance and focuses on two fundamental IT governance-related questions, Are we doing the right things? (the strategic question) and, Are we getting the benefits? (the value question). The Strategic Question. Is the investment: In line with our vision Consistent with our business principles Contributing to our strategic objectives Providing optimal value, at an affordable cost, at an acceptable level of risk The Value Question. Do we have: A clear and shared understanding of the expected benefits Clear accountability for realizing the benefits Relevant metrics An effective benefits-realization process over the full economic life cycle of the investment These principles can be summarized as follows: IT-enabled investments will: Be managed as a portfolio of investments Include the full scope of activities required to achieve business value Be managed through their full economic life cycle Provide optimal value, at an affordable cost, at an acceptable level of risk Value delivery practices will: Recognize that there are different categories of investments, which will be evaluated and managed differently Define and monitor key metrics and respond quickly to any changes or deviations Engage all stakeholders and assign appropriate accountability for the delivery of capabilities and the realisation of business benefits Be continually monitored, evaluated and improved COBIT5 integrates and updates previous VALIT and COBIT4.1 guidance in value management. The Business Case as a Tool for Realizing Value In order to optimize and manage value, a business case should be prepared that defines and articulates the value proposition. The business case should then be maintained and used to manage these investments throughout the full economic life cycle of the initiative. The business case contains a set of assumptions on how value will be created throughout the investment; and is critical to the outcome of the investment program. Few organizations, however, are adept at developing and documenting them in relation to IT initiatives. The aim is to begin by visualizing the desired business outcome and then progress to a detailed description of the required business outcomes, as well as stakeholder roles and responsibilities. Enterprises are more likely to achieve value from their IT enabled investments, where robust and realistic business cases are used. At a minimum, the business case should include the following: The business benefits targeted, their alignment with business strategy and who in the business functions will be responsible for securing them. The business changes needed to create additional value. The investments needed to make the business changes. The investments required to change or add new IT services and infrastructure. The on-going IT and business costs of operating in the changed way. The risks inherent in the above, including any constraints or dependencies. Who will be accountable for the successful creation of optimal value. How the investment and value creation will be monitored throughout the economic life cycle, and the metrics to be used. IT Value Optimisation More for less Copyright 2012 ITpreneurs. All rights reserved. 9

Managing Human Capital 10

Given the important role people play in optimizing value from IT across the enterprise, and the difficulty our clients face in retaining appropriate skills, it is important to maximize the investment in human capital. We are living in a fast-changing world with the emergence of new and rapidly changing technologies. Successful enterprises need nimble and flexible workforces with the talent to be able to exploit the opportunities that IT provides. COBIT5 highlights skills and competence as a key enabler of IT governance, and has updated process guidance for managing human resources in the business and IT function. The latest Deloitte Human Capital Trend Report for 2011 is not surprisingly titled, Revolution/Evolution emphasizing the sweeping changes to business and new challenges to Human Resource leaders. Deloitte s 2011 report highlighted four trends that are important in the context of delivering value from IT: 1. Workforce Analytics 2. Technology trends (e.g., SaaS and cloud computing options) 3. From ladder to lattice corporate ladder giving way to the corporate lattice 4. Diversity and inclusion driving business performance Workforce Analytics Given the pace of change, enterprises need greater foresight moving from reactive to proactive planning of human resources. Enterprises need to match the skills required to successfully exploit IT opportunities with the skills available. Using predictive modeling to make more effective workforce decisions can be very productive. Workforce analytics involves using statistical models that integrate internal and external data to predict future workforce and talent-related behaviour and events. As resources are becoming more and more limited, analytics are becoming critical in making effective decisions related to: 1. How Human Capital should best be deployed 2. What are the specific factors that drive staff retention on an individual and departmental level 3. IT recruitment 4. Training and development strategy Human Capital and Technology Trends Delivery of value from new technologies such as cloud computing requires a clear understanding of the necessary organizational and process changes. HR management has an important role to play in helping to understand how to best deploy human resources to deliver a return on investment to achieve lower costs and scalability, dealing with deployment challenges, and making implementation and financial choices. From Ladder to Lattice The corporate ladder, one-size-fits-all view of managing work and leading people is becoming outdated. Today s workplace is not what it used to be, especially given fast-changing technologies. The pace of change is faster. Organizations are flatter. Work is more virtual, collaborative, and project-based. The workforce isn t what it used to be either. The corporate ladder is collapsing; the corporate lattice is emerging. Enterprises are moving away from people fitting company roles to dynamic lattice career pathways maximizing human potential. This enables a nimble response to technology trends, and helps to grow and retain staff. Diversity and Inclusion Driving Business Performance Rather than focusing on recruiting new skills, enterprises should concentrate on maximizing the skills of the people they have. Not only can this save recruitment costs, but it can also unlock untapped potential. Delivering value from IT is not solely based on technical skills, but also on a wide array of other competencies such as organizational insight, personality, work styles, etc. Enterprises should retain their staff by growing skills and developing diverse talents. Given the fast pace of technological change, enterprises need to think beyond employees and team up with vendors adopting a partner model. IT Value Optimisation More for less Copyright 2012 ITpreneurs. All rights reserved. 11

Contacts 12

Gary Hardy Risk Advisory IT Governance Centre of Excellence Tel: +27 (0)82 857 0727 Email: gahardy@deloitte.co.za Laurens Gunneweg Product Manager ITpreneurs Tel: +31 (0)10 71 10 260 Email: laurens.gunneweg@itpreneurs.com IT Value Optimisation More for less Copyright 2012 ITpreneurs. All rights reserved. 13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information