community it innovators - it governance 083012
DESCRIPTION
In this webinar held on Aug. 30, 2012 from 12:30 to 1:30 pm EST, Johan Hammerstrom, Vice President of Client Services, talked about how to apply IT governance principles and practices to nonprofit organizations to help develop your IT strategy, manage your IT risk, and enable better business decisions through information. Webinar Takeaways 1. Learn about the principles of IT Governance. 2. Learn how to apply the IT governance principles to better manage your service providers and IT Staff. 3. Learn how use IT governance "big questions" to enable discussion between your leadership and your IT staffTRANSCRIPT
IT Governance Making Technology
Work for Your Organization
Johan Hammerstrom
August 30, 2012
Community IT Innovators Webinar Series
Webinar Tips
• Ask questions Post questions via chat f
• Interact Respond to polls during webinar ff
• Focus Avoid multitasking. You may just miss the best part of the presentation : )
About Community IT Innovators Community IT Innovators partners with nonprofits to help them solve their strategic & day-to-day IT challenges. • Strategic – Proactive approach so you can make IT decisions
that support your mission and grow with you • Collaborative – Team of over 40 staff who empower you to
make informed IT choices • Invested – We are committed to supporting your mission, and
take care of your IT network as if it were our own • Nonprofit focus - Worked with over 900 nonprofits since
1993
About the Presenter Johan Hammerstrom Vice President of Client Services Community IT Innovators [email protected] 202-449-6710 @JohanCITI
photo: Wikimedia Commons
ISO-9000
ITGI
What is it?
The leadership and organizational structures and processes that ensure that the organization’s IT sustains and extends the organization’s strategies and objectives.
ITGI, 2006
What is it?
The essentials d organizational structures and processes that ensure that the organization’s IT sustains and extends the organization’s strategies and mission.
revised ITGI, 2012
What is it really?
Without good governance, IT cannot support
the MISSION
Why do you need it?
source: COBIT 5
Why do you need it?
Why do you need it? • Information is critical to
mission • Information is an asset • Technology is a
significant investment • IT is complex
The essentials d organizational structures and processes that ensure that the organization’s IT sustains and extends the organization’s strategies and mission.
revised ITGI, 2012
IT Governance
1. Leadership
2. Organizational Structures
(2a. IT Director/CIO)
3. Processes
IT Governance essentials…
source: COBIT 4.1 Executive Summary
COBIT Focus Areas
Business Goals
IT Goals IT Processes
Information Requirements
source: COBIT 4.1 Executive Summary
1. Strategic Alignment
Mission
IT Goals IT Processes
Information Requirements
1. Strategic Alignment
source: COBIT 4.1 Executive Summary
Mission
IT Goals IT Processes
Requirements
• Business Continuity • Reporting • Compliance • Automation/efficiency • Remote access • Support • Culture • Cost
Mission
IT Goals IT Processes
Information
• Outcome measurements • Performance Metrics • Messaging systems • Website • Files • Databases • Internet Access
Business Goals
IT Goals IT Processes
Information Requirements
Strategic Alignment is a dialogue
IT Goals IT Process
…throughout the organization?
COBIT 5
source: COBIT 5 Executive Summary
1. Leadership willing and able to have dialogue
2. Organizational Structures that enable the conversation
2a. IT Director/CIO that owns it
3. Processes that support it
Strategic Alignment essentials
Business Goals
IT Goals IT Processes
Framing the dialogue…
1. What resources are required? 2. What risks are tolerable? 3. What measurements are needed?
Key Decisions
1. Specific systems 2. Support staff 3. Training 4. Hosting 5. Infrastructure
Required Resources
1. Business Continuity 2. Disaster Recovery 3. RPO 4. RTO 5. Hacking threats 6. Malware 7. Spam
Tolerable Risks
1. Reporting requirements 2. Compliance requirements 3. Management 4. Performance metrics 5. Project status
Measurements Needed
Simple Risk Matrix
Tape Backup
Availability Hosted
RTO 1-2 weeks 1 hr n/a RPO 1-7 days 15 min 1 day Retention 6 months 3 months 3 weeks Reports Custom Custom Limited Cost $10,000 $20,000 $15,000
Simple Risk Matrix
Tape Backup
Availability Hosted
Down for… 1-2 weeks 1 hr n/a Lost data… 1-7 days 15 min 1 day Retention 6 months 3 months 3 weeks Reports Custom Custom Limited Cost $10,000 $20,000 $15,000
Accountability
1. Leadership exercising oversight
2. Organizational Structures that enable accountability
3. Processes that deliver value
Value Delivery essentials
Business Goals
IT Goals IT Processes
source: COBIT 4.1 Executive Summary
lifecycle Key Decisions
1. How will leadership know if IT is delivering value? a) Metrics? b) Reports?
2. Is responsibility clearly defined? a) SLA b) Policy
Accountability
1. Start with Strategic Alignment 2. Create Dialogue around…
a) Resource Management b) Risk Management c) Performance Measurement
3. Identify Value Delivery through a) Accountability b) Regular reports
In closing…
Upcoming Webinar
Sept. 27: Technology Funding Thinking Outside the Box f d
Presenters: f
David Deal, CEO Community IT Innovators d
David Krumlauf, Chief Technologist Pierce Family Foundation
Next Steps • Connect with us - Twitter, Google+, Linkedin
and Facebook. http://www.citidc.com
• Provide feedback – Short survey after you exit the webinar. Be sure to include any questions that were not answered.
• Missed anything? – Link to slides & Recording will be emailed to you.