implementation of the salga ict capability maturity ... · 2.1 it risk management assessment 2.2 it...
TRANSCRIPT
www.salga.org.za
Implementation of the
SALGA ICT Capability
Maturity
(Service & Governance
Management)
Assessment and Process
Improvement Model
BY
SALGA
www.salga.org.za
Contents
• Service and Governance Management Fundamentals
• Municipal ICT Maturity Domain
• Maturity Model Concept
• Governance and ITSM Framework
• Assessment Maturity Dashboard
• ITSM Capability Improvement Model
• Blueprints and Templates
www.salga.org.za
Standards & Best Practices
Management Level Reference Description
Governance KingIII/IV Corporate Governance
IS038500 IT Governance
CobiT IT Management
Strategy & Planning BSC Balanced Score Card
Prince2/PMBOK Project Management
ISO3100 Risk Management
TOGAF/GWEA Enterprise Architecture
ISO27001 Information Security Standards
ISO20000 IT Service Management
BCM/BS 25999 Business Continuity Management
Operations ISO12207 Software & Systems Lifecycle
ISO27002 Information Security Techniques
ITIL ITSM Practices
www.salga.org.za
Knowledge Management Roadmap
www.salga.org.za
Blueprint for Information Management
www.salga.org.za
Understanding Maturity Steps
Types Level 1 Level 2 Level 3 Level 4 Level 5
Capability Initial Repeatable Defined Managed Optimized
Management Reactive Efficient Proactive Aligned Strategic ICT Services Technology Driven Technology Control Technology Integration Service Provision Strategic Contribution
Management
Maturity StepsCapability
Maturity Steps
ICT Services
Maturity
Steps
www.salga.org.za
Municipal Maturity Model - Concept
www.salga.org.za
Governance & ITSM Process Framework
www.salga.org.za
ITSM Process Maturity Assessment
www.salga.org.za
Maturity Assessment Dashboard
www.salga.org.za
ICT Maturity Domain
A. Domain Control (Management and Organisational Structure)
– Strategic Planning
– Leadership Management
– Resources
– Awareness
B. Sustainability (Policy, Standards and Governance Framework)
– Policy, Standards and Governance Framework
– Compliance Monitoring
– Risk Management
– Internal Controls
C. Community (Change Management)
– Communications
– Training
D. Capability (Programme Operations)
– Retrieval and Accessibility
– Integration
– Security and Protection
E. Improvement (Service Transformation)
– Lifecycle Management
www.salga.org.za
Municipal Artefacts included in the Assessment
Governance Perspective:
1. IDP
2. Performance Plan
3. AG Audit reports and mitigating actions/response for the last 3 years.
4. Municipality Risk Management minutes and action plans
5. Municipal Organogram, personnel contact details and job descriptions
6. ICT governance framework
7. ICT Policy and procedures
Strategy & Planning Perspective:
1. IT Steering committee minutes and action plans
2. ICT Strategy
3. ICT Implementation Plan
4. ICT Performance Plan
5. ICT Disaster Recovery Plan
6. ICT Procurement Plan (historical and future)
7. ICT Service Providers and contracts
8. ICT Existing Technology Map (Server and Network)
9. ICT Asset List
10. Information Systems List and vendors
ICT Operations Perspective
1. Information Systems user workflow and reports
2. Change Management procedures and controls
3. ICT Security procedures and controls
4. IT Operations procedures and controls
5. IT Service desk reports
www.salga.org.za
Improvement Model Concept
www.salga.org.za
Improvement Plans & Templates
1. Leadership
1.1 Terms of Reference for ICT Steering Committee
1.2 Agenda Framework for ICT Steering Committee
1.3 Agenda Framework for IT Governance sub-com.
1.4 Minutes of meetings
1.5 ICT Performance Metrics
2. Risk Management
2.1 IT Risk Management Assessment
2.2 IT Risk Management Framework & Plan
2.3 Risk Register Procedure
3. IT Security:
3.1 Application of Network User Account Procedure
3.2 Security Log Management Procedure
3.4 Physical Access Control Procedure
3.5 Key Management Procedure (Not on file)
4. Change Management:
4.1 Service Desk Operating Procedure
4.2 Change Management Procedure
4.3 Patch Management Procedure
4.4 Corrective Action Procedure
5. Disaster Recovery:
5.1 Disaster Recovery
5.2 Backup/Recovery Procedure
5.3 Power Failure Procedure
6. Strategy & Planning
6.1 ICT Strategy
6.2 ICT Project Plan
6.3 ICT Balanced Scorecard
6.4 ICT Organizational Planning
7. Service Management
7.1 Quality Management Framework
7.2 Service Catalog
7.3 Service Level Management Framework
7.4 Service Level Agreements
…. more
www.salga.org.za
Thank You