Information Governance Maturity Model

Similar documents
A Maturity Model for Information Governance

COBIT Helps Organizations Meet Performance and Compliance Requirements

COBIT 5 and the Process Capability Model. Improvements Provided for IT Governance Process

Benchmark of controls over IT activities Report. ABC Ltd

AGILE. Project OPM3 Portugal PM4S. All Rights Reserved. Lisbon, Portugal

Criticism of Implementation of ITSM & ISO20000 in IT Banking Industry. Presented by: Agus Sutiawan, MIT, CISA, CISM, ITIL, BSMR3

CAPABILITY MATURITY MODEL & ASSESSMENT

Preparation Guide. EXIN IT Service Management Associate Bridge based on ISO/IEC 20000

The DAM Maturity Model

Advanced Topics for TOGAF Integrated Management Framework

IMPROVEMENT THE PRACTITIONER'S GUIDE TO DATA QUALITY DAVID LOSHIN

EA vs ITSM. itsmf

Revised October 2013

Preparation Guide. EXIN IT Service Management Associate based on ISO/IEC 20000

A Risk Management Approach to Data Preservation

Unifying IT Vision Through Enterprise Architecture

On the relevance of Enterprise Architecture and IT Governance for Digital Preservation

Sound Transit Internal Audit Report - No

Business Process Discovery

Quality assurance in an Agile delivery method

SITA Service Management Strategy Implementation. Presented by: SITA Service Management Centre

Business Process Design As-Is and To-Be Checklists Introduction

Software Quality Standards and. from Ontological Point of View SMEF. Konstantina Georgieva

Agenda. Seda Overview Seda EA Project Requirements Enterprise Architecture Approach

White Paper. COBIT 5 & BiSL

Requirements Management Practice Description

Contents. viii. 4 Service Design processes 57. List of figures. List of tables. OGC s foreword. Chief Architect s foreword. Preface.

Applying Integrated Risk Management Scenarios for Improving Enterprise Governance

Introduction to ITIL for Project Managers

ITIL: What it is What it Can Do For You V2.1

itsmf USA Problem Management Community of Interest

Enhancing IT Governance, Risk and Compliance Management (IT GRC)

The EMA current activities towards ISO IDMP implementation

Executive's Guide to

How To Deploy And Sustain Data Governance by John Ladley

IS Management, ITIL, ISO, COBIT...

- 5 days (30 PDUs) ITIL V3 Intermediate Capability - Planning, Protection and Optimization... 14

ITIL vs. ISO/IEC 20000: Similarities and Differences & Process Mapping

Cloud Security Benchmark: Top 10 Cloud Service Providers Appendix A E January 5, 2015

Presented by. Denis Darveau CISM, CISA, CRISC, CISSP

The role of Information Governance in an Enterprise Architecture Framework

Enterprise Architecture at Work

AUDIT OF ACCOUNTING INFORMATION SYSTEM USING COBIT 4.1 FOCUS ON DELIVER AND SUPPORT DOMAIN

Need to reassure customers that your cloud services are secure? Inspire confidence with STAR Certification from BSI

ENTERPRISE RISK MANAGEMENT FRAMEWORK

BCS Specialist Certificate in Business Relationship Management Syllabus. Version 1.9 March 2015

Need to reassure customers that your cloud services are secure? Inspire confidence with STAR Certification from BSI

INFORMATION TECHNOLOGY FLASH REPORT

Enabling IT Performance & Value with Effective IT Governance Assessment & Improvement Practices. April 10, 2013

IMPLEMENTATION OF HIGH-PERFORMANCE SECURITY MANAGEMENT PROCESSES

ASSESSMENT OF THE IT GOVERNANCE PERCEPTION WITHIN THE ROMANIAN BUSINESS ENVIRONMENT

Blackhawk Technical College. Information Technology Services. Process Improvement Visioning Document

Preparation Guide. EXIN IT Service Management Executive Consultant/Manager based on ISO/IEC 20000

Module F13 The TOGAF Certification for People Program

Consultants Alliance LLC. Professional Development Programs

Effective Contract Management

COPYRIGHTED MATERIAL. Contents. Acknowledgments Introduction

Practice Description Business process management and enterprise architecture

Developing Business Architecture with TOGAF

Government's Adoption of SOA and SOA Examples

Business Security Architecture: Weaving Information Security into Your Organization's Enterprise Architecture through SABSA

PETRONAS Carigali Information Management and ISO towards Integrated Operations

P.O. box 1796 Atlas, Fes, 30000, Morocco 2 ENSA, Ibn Tofail University, P.O 141, Kenitra, 14000, Morocco

Somewhere Today, A Project is Failing

Request for Proposal. Supporting Document 3 of 4. Contract and Relationship Management for the Education Service Payroll

Improving Service Lifecycles with fewer surprises

INTERMEDIATE QUALIFICATION

Selection and use of the ISO 9000 family of standards

Dodging Breaches from Dodgy Vendors: Tackling Vendor Risk Management in Healthcare

Enabling Information PREVIEW VERSION

COBIT 5 Process Assessment Method (PAM) Debra Mallette, CGEIT, CISA, CSSBB Governance Risk and Compliance -G22

Camber Quality Assurance (QA) Approach

POL ENTERPRISE RISK MANAGEMENT SC51. Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT:

Enterprise Architecture Assessment Guide

The IT Infrastructure Library (ITIL)

Software Engineering. Christopher Simpkins Chris Simpkins (Georgia Tech) CS 2340 Objects and Design CS / 16

Strategic Communications Audits

ITIL Introduction and Overview & ITIL Process Map

A Framework for a BPM Center of Excellence

Auditors Need to Know June 13th, ISACA COBIT 5 for Assurance

ECM Project Delivery Methodology (EPDM): An EMC Consulting Approach to ECM Programs

APPROACH TO EIM. Bonnie O Neil, Gambro-BCT Mike Fleckenstein, PPC

Building CSIRT Capabilities

SmartDocs: Document Management Inovation

ITIL v3 Service Manager Bridge

COBIT 5 For Cyber Security Governance and Management. Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE)

HDI Support Center Certification: A Pragmatic Approach to Verifying Core ITIL Process Maturity

SC7-ISO20000 Alignment issues Aligning ITIL to existing ISO JTC1- SC7 Software Engineering Standards

Core Fittings C-Core and CD-Core Fittings

A DESIGN SCIENCE APPROACH TO DEVELOP A NEW COMPREHENSIVE SOA GOVERNANCE FRAMEWORK

Bridging the IT Business Gap The Role of an Enterprise Architect

Transcription:

Information Governance Maturity Model Diogo Proença* (diogo.proenca@ist.utl.pt) Ricardo Vieira (rjcv@ist.utl.pt) José Borbinha (jlb@ist.utl.pt ) 1

Motivation Working group in Portugal developed a set of guidelines for efficient and effective Information Governance Guidelines will be issued as a governmental resolution Application of the guidelines will be measured by a Maturity Model Organizations need to achieve level 2 of the IG Maturity Model in 3 years in all processes. With proper justification this deadline can be extended by one year. In 4 years the IG Maturity Model will be used as a criteria for funding IG programs. Non-compliant organizations will be penalized in their performance evaluation. 2

Maturity Model - Definition A Maturity Model is a methodology used to develop and refine organization s processes. For each process it identifies a five-level path of increasingly organized and systematically more mature process. Identifies the strong and weak points of an organization It provides information for internal auditing It allows measuring of progress It allows to identify gaps between the as-is and the to-be state It supports planning of efforts and identification of priorities 3

COMPLETED IN PROGRESS FUTURE WORK Encontro Internacional de Arquivos Faro, October 4 and 5, 2013 Procedure model for developing maturity models [J. Becker, R. Knackstedt, J. Poppelbuß. Developing Maturity Models for IT Management A Procedure Model 4 and its Application ]

1. Problem Definition Define Information Governance as a framework to optimize the value of information to the actors involved Promote IG as an holistic concept Assure that the application of IG policies can be measured and consequently refined based on the evaluation 5

Stages # Dimensions 2. Comparison of existing maturity models Maturity Model Scope Details IAM Information Asset Management 6 4 High RM Records Management 4 9 High DAM Digital Asset Management 5 15 Medium ECM3 Enterprise Content Management 6 13 Medium EIM Enterprise Information Management 6 NA Low 6

2. Comparison of existing maturity models Almost all models use the same five stages: (1) Unaware, (2) Aware, (3) Defined, (4) Effective, (5) Innovative. Six stages models normally introduce a reactive stage; Several models categorize their stages in People, Information and Systems Models with fewer dimensions provide a higher level of detail Good news for IG: similar concerns, dimensions and content Bad news for IG: different terminology and fundamentals There is a need for a common vocabulary 7

3. Development Strategy 1. Create our maturity model architecture (i.e. define stages and dimensions) 2. Define a common vocabulary that allow the integration of the existing maturity models (i.e. Information Governance Ontology) 3. Use literature analysis to populate our levels ISO15489 ISO30300/1 MoReq2010 ISO/IEC 38500 ISA-ADMS ISO/IEC/IEEE 420130 ISAACA COBIT ITIL TOGAF ISO16175 ISO19011 8

3.1. Development Strategy i* is a comprehensive approach that was designed to closely integrate the concepts of stakeholders and goal for properly documenting and analysing goals and goal dependency. Its most relevant objects are Actor Goal Task Resource By modelling literature knowledge using i* we align our references and define a common referential 9

3.2. Development Strategy 10

3.3. Development Strategy Level 0 (Absence) There is an absence of vision, policies and processes regarding information governance. Level 1 (Basic) There is some effort regarding information governance; IG Processes are ad-hoc and unorganized; Responsabilities are partially identified; Level 2 (Essential) There is a concern regarding information governance; IG Processes are defined; Responsabilities are fully identified 11

3.3. Development Strategy Level 3 (Valued) Information Governance is part of the mission of the organization and is used to get competitive advantage; IG Processes are not only defined but monitored and evaluated to assure efficiency and effectivness; The organization is a reference of IG good practices. Level 4 (Inovative) The organization promotes IG as a tranversal strategy; The Enterprise Architecture of the organization is well defined and IG plays a pro-active role in all areas; The organization actively contributes to the inovation of IG; The organization is recognized as a partner for IG inovation; 12

4. Iterative Development Criteria Assessment (emm) In different sectors with the help of several organizations Agency for Administrative Modernization ARDOC from Link National Archives of Portugal Technical University of Lisbon 13

Future Work Define a Information Governance Ontology Develop an online questionnaire based on the developed Maturity Model Evaluate and refine phases Engage with Practitioners Refine the Maturity model to meet users expectation 14

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information