EP1222510A2 - Organization of information technology functions - Google Patents

Organization of information technology functions

Info

Publication number
EP1222510A2
EP1222510A2 EP00979124A EP00979124A EP1222510A2 EP 1222510 A2 EP1222510 A2 EP 1222510A2 EP 00979124 A EP00979124 A EP 00979124A EP 00979124 A EP00979124 A EP 00979124A EP 1222510 A2 EP1222510 A2 EP 1222510A2
Authority
EP
European Patent Office
Prior art keywords
function
management
service
information technology
group
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP00979124A
Other languages
German (de)
French (fr)
Other versions
EP1222510A4 (en
Inventor
Shari L. Dove
John R. Edwards
Margaret M. Flynn
Nirmalya Ghosh
Robert C. Pitt
Jeffrey Roedersheimer
Hugh W. Ryan
Larry A. Sigmund
Cathern M. Smith
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Accenture LLP
Original Assignee
Accenture LLP
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Accenture LLP filed Critical Accenture LLP
Publication of EP1222510A2 publication Critical patent/EP1222510A2/en
Publication of EP1222510A4 publication Critical patent/EP1222510A4/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/80Management or planning

Definitions

  • This invention pertains to information technology, and to an organization for information technology within a modern ente ⁇ rise.
  • the invention discloses a holistic approach to information technology that considers the flow of information and the changes to the flow of information, in managing an organization.
  • Businesses and other ente ⁇ rises have learned that the flow of information in their operations may be more important than any other flow within their control.
  • the information may concern any of the many other flows within an organization, including flows of parts, service orders, or even cash. As a result, spending within organizations has grown to, and remains at, record levels for information technology.
  • the focus of the spending has been primarily on specific goals for a desired information technology achievement.
  • one focus of an information technology project may be to streamline orders and the order-taking process.
  • Investments may be made within a marketing or sales organization to achieve certain specific goals, such as a lower number of minutes spent per order, or a specific maximum number of minutes a customer spends in a queue to speak with a service representative.
  • a project may be undertaken, goals set, and a budget allocated. The goal is presently achieved, but the project may ultimately have limited success because of factors not considered when the project was begun: the interaction of the new technology with the present and planned information technology environment.
  • What is needed is a sense of how every function fits into an information technology system, and how every function works within that system. What is needed is a functional framework, or an information technology framework, for all the functions in the information technology system. Using this framework, a practitioner may determine what needs to be modified in making a change, and what needs further development. What is needed is a holistic approach to the information technology system in an ente ⁇ rise.
  • the present invention meets this need with an information technology framework that encompasses nine core functions.
  • four core functions provide the technology needed to first run an information technology within an ente ⁇ rise.
  • a systematic approach is taken to four business aspects of information technology.
  • a service integration function is used to manage large-scale and ongoing work efforts, and to plan, execute, and manage large-scale programs and projects in information technology.
  • An information technology framework is a set of functions that provide the building blocks required to formulate processes, derive organizational structures, and establish tools to support the processes.
  • One aspect of the invention is an information technology framework used in an ente ⁇ rise. While perhaps most often used in a business ente ⁇ rise, the embodiment is not limited to business ente ⁇ rises.
  • An information technology framework according to this invention may be used as well in governmental organizations, such as bureaus, departments, or agencies.
  • the information systems described here may be used by non-governmental organizations outside of business, such as advocacy groups, charitable, civic, and educational institutions, and other associations of persons.
  • An information technology framework may include technology aspects, including customer service management, capability management, change administration and a service delivery mechanism.
  • customer service management in an information technology environment is accomplished by the use of technology in an appropriate service-oriented framework, along with the necessary processes and equipment to allow the service to function.
  • Customer service management manages ongoing relationships between the consumers of information technology services, the providers of information technology services, and the information technology ente ⁇ rise.
  • Another function of such an information technology framework is a capability to deliver service. This capability addresses functions required for the day-to-day operation of the information technology ente ⁇ rise.
  • Exemplary of functions within service delivery are Applications Management and Network/Systems Management. It is desirable in such an environment to include methods to measure the service delivered.
  • Service integration is another advantageous function of an information technology framework according to this invention.
  • Service integration is not so much a technology effort as it is a management effort to integrate and coordinate activities and functions for large-scale and ongoing work efforts across organizational groups and third-party suppliers.
  • Service integration is an effort to effectively deliver products and services to customers, including internal and external customers and users, under changing circumstances.
  • An effective information technology system of the present invention has a capability to develop and build. This capability for development includes all new development activities and building of infrastructure, including the creation of new organizational structures and processes. Through such capability development, the information technology system transforms both business and information technology goals and strategies into measurable business and informational capabilities. An effective information technology system is also able to handle change administration.
  • the system provides efficient and prompt handling of all change requests, in developmental as well as production environments.
  • the business-related portions of the information technology framework are the "glue” that holds the technology portions together, as mentioned above in the "service integration" function.
  • Other business-related portions include business strategy and planning for the overall information technology effort. This includes the overall information technology capability and direction, initiatives for information technology advances, and the information technology processes, organizations, and architectures required to support desired business capabilities with acceptable efficiency.
  • This strategy, architecture, and planning effort is a portion of the business- related aspects of the invention.
  • a related portion of the information technology framework is its governance and strategic relationships. This is primarily the portion of the information technology system that establishes the structure, policies, and underlying philosophies that guide the management of an information technology ente ⁇ rise. It is clear that this may be the portion of the information technology systems which decides how well the system fits into the overall business (or non-business) ente ⁇ rise.
  • Another business-related portion of the information technology framework is the management and administration of business functions that are not technology-specific. This portion provides a framework for effectively managing information technology in such areas as financial administration, quality management, asset management, and the like.
  • Another important non-technology portion of an information technology system is the human performance. Human performance management includes functions for attracting, retaining, and developing skilled people with the required knowledge and skills for an information technology system, or for an information technology organization.
  • Another aspect of the invention is a method for managing information technology in an ente ⁇ rise, the method for managing being accomplished through the functions described above. Another aspect is managing the ente ⁇ rise through the functions of the information technology framework. In this method, it is desirable if the "people" or organizational portions of the information technology organization are placed ahead of technical concerns.
  • an organization is developed by planning strategies for the organization, as well as architectures for its equipment. Management provides also for the strategic relationships and governance of the information technology organization.
  • the organization is managed and administered in such a way that the needs of the overall ente ⁇ rise are met, including those information technology functions that may not be directly within an information technology organization, but typically supported by an information technology organization: financial administration, quality management, asset management, and the like.
  • Other organizational portions of the method may include the management of human resources within the information technology department or organization, in such a manner as to attract, develop and retain skilled people for the organization.
  • the technology aspects of the method of managing an information technology organization are important as well. These technical aspects may include customer service management through appropriate service-oriented framework, processes and measures.
  • An information technology organization focuses on identifying and meeting the needs of its customers and users in order to provide at least expected levels of customer service.
  • the method of managing also includes delivering service on a day-to-day basis, with routine maintenance and management activities, for systems and networks. Service delivery also includes ongoing, routine maintenance of the applications served by the network or the organization, that is, Application Management.
  • Capability development is another method by which an information technology may be successful in serving its organizational customer. Capability development typically performs the development or build function of information technology. In one embodiment, it covers not only applications, but infrastructure as well. Capability development transforms business goals and strategies into measurable capabilities.
  • a related but different function, or method for managing information technology, is change administration. Change administration enables the controlled and repeatable management of information technology architecture components as they evolve, in both development and production environments. When properly handled, change administration provides prompt and efficient handling of all change requests, providing system integrity and traceability.
  • Service integration Another method used to manage the organizational information technology effort is service integration.
  • Service Integration efforts may include program management, such as for a new business program, or Project Management, such as for a large information technology or business project.
  • Service integration plans executes and manages large-scale programs and projects.
  • Information technology is computer-oriented. The systems and methods of the present invention are applicable to any computer-based systems. They reside on a computer accessible to an ente ⁇ rise or the information technology function within the ente ⁇ rise. Host computers may be mainframes, personal computers, servers, or the like, or the programs or systems for information technology may reside on application servers, network servers, or any computer peripheral accessible to the information system.
  • FIG. 1 is a schematic diagram of systems integrated into an information technology organizational framework.
  • FIG. 2 is another schematic diagram of the relationship of systems integrated with respect to the delivery of customer service management.
  • FIG. 3 is a diagram of an organizational chart for customer service management.
  • FIG. 4 is a diagram of an organizational chart for service integration.
  • FIG. 5 is a diagram of an organizational chart for service delivery.
  • FIG. 6 is a diagram of an organizational chart for capability development.
  • FIG. 7 is a diagram of an organizational chart for change administration.
  • FIG. 8 is a diagram of an organizational chart for strategy, architecture and planning.
  • FIG. 9 is a diagram of an organizational chart for information technology management and administration.
  • FIG. 10 is a diagram of an organizational chart for human performance management.
  • FIG. 11 is a diagram of an organizational chart for governance and strategic relationships.
  • FIG. 12 is a diagram of an organizational chart for service management.
  • FIG. 13 is a diagram of an organizational chart for demand management.
  • FIG. 14 is a diagram of an organizational chart for service control.
  • FIG. 15 is a diagram of an organizational chart for program management.
  • FIG. 16 is a diagram of an organizational chart for project management.
  • FIG. 17 is a diagram of an organizational chart for resource forecasting.
  • FIG. 18 is a diagram of an organizational chart for service provider management.
  • FIG. 19 is a diagram of an organizational chart for network/systems management.
  • FIG. 20 is a diagram of an organizational chart for application management.
  • FIG. 21 is a diagram of an organizational chart for capability analysis.
  • FIG. 22 is a diagram of an organizational chart for capability release design.
  • FIG. 23 is a diagram of an organizational chart for capability release build and test.
  • FIG. 24 is a diagram of an organizational chart for change control.
  • FIG. 25 is a diagram of an organizational chart for solution deployment.
  • FIG. 26 is a diagram of an organizational chart for strategic planning.
  • FIG. 27 is a diagram of an organizational chart for capability planning.
  • FIG. 28 is a diagram of an organizational chart for risk management.
  • FIG. 29 is a diagram of an organizational chart for financial administration.
  • FIG. 30 is a diagram of an organizational chart for quality management.
  • FIG. 31 is a diagram of an organizational chart for asset management.
  • FIG. 32 is a diagram of an organizational chart for vendor management.
  • FIG. 33 is a diagram of an organizational chart for facilities.
  • FIG. 34 is a diagram of an organizational chart for regulatory compliance.
  • FIG. 35 is a diagram of an organizational chart for communications.
  • FIG. 36 is a diagram of an organizational chart for career management.
  • FIG. 37 is a diagram of an organizational chart for service provider management.
  • FIG. 38 is a diagram of an organizational chart for competency development.
  • FIG. 39 is a diagram of an organizational chart for personnel sourcing.
  • FIG. 40 is a diagram of an organizational chart for organizational definition.
  • FIG. 41 is a diagram of an organizational chart for governance structures.
  • FIG. 42 is a diagram of an organizational chart for ente ⁇ rise portfolio management.
  • FIG. 43 is a diagram of an organizational chart for policies and standards.
  • FIG. 44 is a diagram of an organizational chart for goals and metrics.
  • FIG. 45 is a diagram of an organizational chart for information technology alignment.
  • FIG. 46 is a diagram of an organizational chart for expectations management.
  • FIG. 1 is a diagrammatic illustration of how the functions or systems of an information technology organization fit together to develop an organization.
  • the functions in the darker-colored blocks are the functions tending more toward technical aspects. These include customer service management 10, capability development 40, change administration 50 and service delivery 30.
  • the lighter-colored blocks, between the above-noted systems, are functions with more of a business orientation, including strategy, architecture and planning 60. These also include human performance management 80, management and administration 70 and governance and strategic relationships 90.
  • At the center is a block that indicative of the concept that all the pieces fit together to make a useful whole: service integration
  • FIG. 2 is another view of the same parts or organizations, arranged in a manner to suggest an organization (information technology) that is going forward with customer service management 10 in the lead.
  • Service management is backed by service integration 20 and service delivery 30, suggesting focus on the customer and on delivering service.
  • Elements of change, such as capability development 40 and change administration 50 back up customer service.
  • Strategic architecture and planning 60 forms a basis for the organization.
  • Management and administration 70 and human performance management 80 back up the elements for delivering customer service.
  • governance and strategic relationships 90 is placed atop the organization, suggesting that they help guide the organization.
  • FIG. 3 details customer service management 10
  • FIG. 4 shows details of service integration 20
  • FIGS. 5, 6, and 7 show details, respectively, of service delivery 30, capability development 40, and change administration 50.
  • FIG. 8 contains the details of the strategy, architecture and planning organization 60.
  • FIG. 9 shows the organizational details or management and administration 70.
  • FIGS. 10 and 11 show, respectively, organizations for human performance management 80 and governance and strategic relationships 90.
  • a given function or task may be performed by a person, by a group, by a computer, by a computer system, or by a combination of these. Therefore, in describing the information technology system, it may be appropriate to describe a task, or a function, or a group, or a computer, or a system. In some cases, the task or function may be performed by a person and a computer, while in other cases the task or function may be limited to a computer, while in other cases the task is more suited to persons only.
  • Customer Service Management manages on-going relationships between users, information technology services, and the information technology ente ⁇ rise by putting the appropriate service-oriented framework, processes, and measures in place.
  • the goal of the Customer Service Management function category is to assist the information technology organization in providing quality information technology service and support, while meeting and exceeding established levels of service.
  • Service Management desirably also partners with the information technology developers/ architects/vendors to verify that service levels are not affected by new offerings.
  • information technology organizations must focus on identifying and meeting the needs of its information technology users to provide better quality customer service.
  • Customer Service Management 10 has three principal components, service management 11, demand management 12, and service control 13.
  • Service management markets and manages information technology offerings and capabilities to current and potential users of information technology services.
  • Service management explicitly demonstrates the value of information technology investments to the ente ⁇ rise executive management team.
  • Service management serves as the source for gathering business needs and requirements.
  • Demand management manages the entry of requests for new development and major enhancements of products and services.
  • Demand management balances capacity with demand and tracks progress against these requests.
  • Service control provides information technology customers with a single point of contact for service requests, problems, or general User Administration. This is the traditional "Help Desk" or "Service Desk” function with the addition of handling service requests and User Administration.
  • Service management may cover a host of functions, but two functions tend to stand out, and may be considered as primary functions, with other sub-functions gathered into them.
  • FIG. 12 shows service management 11 comprising service level management 111 and customer management 112.
  • Service level management identifies and sets the expectations of users of information technology services and becomes a measure for customer satisfaction.
  • the vendors, outsourcers, etc. may also be made aware of their service level expectations through this function.
  • Service level management often plays a key role in Vendor Management.
  • this framework uses (1) Service Level Agreements (SLAs) to refer to service levels established and managed between information technology and internal or external customers, also known as “end users”, and (2) Operational Level Agreements (OLAs) to refer to operational levels established and managed between information technology and internal or external service providers.
  • SLAs Service Level Agreements
  • OLAs Operational Level Agreements
  • Customer management provides a single information technology point of contact for business units. Customer management includes marketing of current information technology services and products, as well as providing a liaison between information technology and the business units. Today's competitive advantage within the company may be short-lived with the onset of new products and services being offered by external vendors.
  • the information technology system should preferably build relationships by understanding the business' needs, market the information technology capabilities offered, deliver high levels of customer satisfaction, and ensure effective information technology delivery across the ente ⁇ rise.
  • Service level management may have numerous functions related to the agreed- upon service level between the information technology organization and the end-user. These functions include, but are not limited to, the identification of service requirements and a verification that the information technology organization can deliver the service promised. Other useful functions may include routines for determining the cost of the required service, as well as means for charging or charging back to an appropriate organization, the cost of providing the service. Such functions may also include routines for service level measurement, reporting, control and review. Changes to the basic service level agreement may also be made when appropriate, and the agreement may even be retired when the need for the particular service is satisfied, or when the particular service level agreement is superseded. Identifying service level agreement requirements ensures that before creating a service level agreement, the agreement with the users is in line with the overall business strategy. This stage also determines what services the users want. This includes identifying service needs and business unit service requirements. The
  • Business Liaison function plays a key role in this base practice. Support verification for these agreements ensures that the information technology organization can deliver on services to be included in the agreement. In order to ensure that the service expectations of the user group can be met, the service organization first verifies the level of service that can be provided. This function may also include compiling metrics for current service levels to act as baselines for service levels promised, which involves linking with a Quality Metrics function. This function helps to ensure that the service organization does not promise service levels that cannot be met.
  • a dose of reality may be injected by identifying chargeback, budget, or costing structure components to be included in these service level agreements.
  • a costing determination determines rewards and penalties for meeting/exceeding/not meeting agreed upon levels of service. These costs may be included in the overall service level agreement and may determine how individual costs for services may be reported.
  • Service level reporting includes the creation of service level document(s) (draft and final versions), reviewing service level agreement drafts with users and key stakeholders, and getting approval of the final version.
  • Service level reporting identifies key performance indicators (KPIs) to report upon for an agreement, and specifically details how and how often measurements will be reported.
  • KPIs key performance indicators
  • Service level control ensures reports are delivered as scheduled, and determines if service levels are being met. Service level control compares key performance indicators against agreed upon service expectations.
  • an unfavorable service level report originating from this function may initiate a Service Level Review session with a user group and a service provider to resolve any immediate or large service issues.
  • Service level reviews may be performed at regularly scheduled intervals, or more frequently if needed.
  • Reviews include reviewing service results with service providers and end users on a regular basis. Reviewing initiates and/or identifies actions needed to resolve service issues and escalates service disputes as necessary. A service review is a good opportunity to monitor actions taken to correct service issues. Under the right circumstances, maintenance may be required in a service level agreement itself. Maintenance identifies changes to existing service level agreements as necessary.
  • the reviewing function receives requests from end users and service providers to change agreements as required for business needs. The reviewing function also manages short-term deviations to the agreements due to business requirements.
  • a function of agreement retirement or termination is included. This function ensures that the specific service level agreement is retired and all accompanying processes for that agreement (i.e., service reports, scheduled review sessions, etc.) are ceased when services are no longer provided for whatever business reason. Termination or retirement ensures that only active agreements are in existence, which helps to raise the credibility of all such service level agreements. Retirement ensures that historical information (statistics, reports, various versions of the agreement, etc.) regarding retired agreements is appropriately recorded and stored for future reference.
  • customer management function of customer service management provides a single information technology point of contact for business units.
  • Customer management includes marketing of current information technology services and products, as well as providing a liaison between information technology and the business units.
  • Today's competitive advantage within the company may be shortlived with the onset of new products and services being offered by external vendors.
  • information technology should preferably build relationships by understanding the business' needs, market the information technology capabilities offered, deliver high levels of customer satisfaction, and ensure effective information technology delivery across the ente ⁇ rise.
  • Business liaison focuses on building long-term relationships with the business unit by better understanding and meeting their information technology needs.
  • This function acts as the single point of contact between the business unit and information technology.
  • Business liaison gathers customer requirements and manages customer expectations. By providing this open communication, the information technology organization gains a substantial understanding of the business' perception and satisfaction with the information technology services and products that they receive, as well as any changes in their needs. By understanding the business requirements this base practice can resolve any issues between the business unit and the information technology organization on a daily basis. Simply having a liaison promotes strong working relationships and customer satisfaction through two-way communication. Such a strategic alliance will help drive additional information technology programs and initiatives to support the business. Business liaison may be considered the traditional "account management" function.
  • Information technology marketing promotes and builds internal information technology awareness to develop and sustain customer relationships. Marketing is responsible for promoting technology awareness as an enabler for doing business.
  • Marketing communicates to the technology awareness and business stakeholders the cost of technology awareness as well as the value that the ente ⁇ rise receives from its investment in information technology. Marketing may clarify questions from the stakeholders in areas such as planned technology awareness investments, current technology awareness priorities, and chargeback or costing structures. Marketing educates the ente ⁇ rise's business users about the services and value of an information technology function. Regular sessions with the business will keep the business informed of new information technology services. This marketing base practice does not address the development of chargeback algorithms or development of service level agreements, but is responsible for explaining the cost for a service and the reasoning behind it.
  • Customer satisfaction measurement determines the level of overall user satisfaction with information technology products and services, across all business capabilities, and inco ⁇ orates data from other functions to determine what further measurements and analysis should be completed.
  • This function measures the products and services being provided, on a regularly scheduled, periodic basis (i.e., annual/semi-annual), through the use of surveys and other tools, to ensure that the customer is satisfied.
  • This function should also include customer expectations management.
  • Customer Satisfaction Measurement provides input to a vendor management function, a quality management function, and a Service Level Review function, and may initiate projects through project request management, as needed. This analysis is then used for the pu ⁇ ose of promoting and maintaining the customer relationship.
  • Customer Satisfaction Measurement differs from Service Level Management in that Customer Satisfaction Measurement is an on-going activity that measures the continuous level of services provided by all of information technology for delivering business capabilities, where Service Level Management measures those services agreed upon in the service level agreement only.
  • Service Level Management measures those services agreed upon in the service level agreement only.
  • Portfolio effectiveness examines all services being provided to the business, which may be referred to as "the business portfolio.”
  • the analysis looks at the portfolio to ensure that each service is only being performed by one information technology business unit and that there are no unnecessary overlaps or redundancies in services offered.
  • Portfolio effectiveness allows information technology to work with business representatives and to proactively look across all information technology functions and costs to understand and improve the value of the information technology services offered.
  • the evaluation may determine whether the information technology ente ⁇ rise is providing the highest, most effective level of service possible and evaluates the financial and functional benefits provided by information technology services; furthermore, the analysis may recommend enhancements based upon this evaluation.
  • the analysis may focus on continuous improvement of information technology services. In one embodiment, this function may be additionally responsible for calculating and reviewing the Total Cost of
  • Demand management manages the entry of requests for new development and major enhancements of products and services. Demand management balances capacity with demand and tracks progress against these requests. This function also identifies and manages requirements as well as evaluates business value and estimates the effort. Demand management may additionally be responsible for prioritizing, approving, assigning, and scheduling the request. Demand management verifies fulfillment of business needs or cases and tracks the request backlog. This function balances information technology resources between ongoing non-discretionary activities and requests for new projects, and the needs of an information technology ente ⁇ rise. Demand management facilitates beginning-to-end ownership of the capability development process while ensuring that the ente ⁇ rise and business units are receiving the day-to-day support services that they require.
  • FIG. 13 depicts two principal components to demand management 12: project request managing 121 and business case managing 122.
  • Project request management coordinates and controls all base practices necessary to initiate the fulfillment of a project request.
  • Managing project request determines if and when requests will be fulfilled, and plans approved requests to be executed and tracked. It is important to note that user-level requests are not considered in Project Request Management; rather, user-level requests are addressed as a part of the Service Request Management. Defining a "project" is specific to each ente ⁇ rise, and should be clearly defined during the Governance & Strategic
  • Project request logging and categorizing collects all of the information pertaining to a project request, then, in one embodiment, logs and categorizes collected information into a project request tracking tool.
  • a project request prioritization function communicates validated scope to project requestor, reconciles expected demand on resources with requestor's business case, and verifies requestor's priority for the project. Project priority is decided in light of all other requests made by the customer.
  • a function may also be used for project request assignments and tracking. This function assigns the project request to the appropriate support personnel once approval is given. Use of a project request tracking tool will allow tracking of the request through its completion and closure. It is believed that one other function is useful in managing projects in information technology, especially as the projects pertain to support of the business (or non- business) ente ⁇ rise. This is the function of a "program champion," i.e., a person assigned to be an advocate or "champion" for the program.
  • Assigning a champion ensures project ownership from beginning to end.
  • the champion provides approved projects with a proper level of oversight, and manages interdependencies throughout the various phases of the program.
  • Business case management performs an economic evaluation to determine the most effective way to complete project requests based on a business diagnosis and any value creating opportunities of the project.
  • Business Case Management balances resources with a requestor's concerns regarding time to market, scalability, flexibility, cost, availability of packaged solutions, and availability of required resources.
  • Factors considered in business case management include, but are not limited to, business diagnosis and business case development, in which business case development may include requested changes or improvements over time.
  • a "realization" function or evaluation function at the end of the case may help to ensure that the case is completed according to the customer's expectations.
  • business case development develops a business case or plan, including: i) gaining the customer's agreement to the proposed capability, including a timeline and time periods for a business case projection; ii) baseline projection of business results as if the project were not being undertaken; iii) "what if analyses; iv) economic models with high-level cost and benefit assumptions associated with each alternative under evaluation; and v) working closely with the customer to gain a preliminary agreement to the projected business results in the desired state.
  • business case maintenance continuously improves the business case or plan based upon activities that occur during the evolution of the project or program. The business case will become more detailed, evolving throughout the course of the project or program. A change in the business case may be initiated by a change in the projected benefits, cost figures, schedule, scope, work plan, achievement of performance measures, business capability requirements, business capability drivers, or other factors.
  • Service control provides information technology customers with a single point of contact for service requests, problems, or general User Administration. This is the "traditional Help Desk” or “Service Desk” function with the addition of handling service requests and User Administration.
  • the "traditional Help Desk” focuses primarily on system troubles, whereas Service Control is more proactive and focuses more on serving the users' overall needs, providing a central point of contact, and taking ownership of resolution.
  • the scope of Service Control 13 includes three organizations, Service Request Management 131, Problem Management 132, and User Administration 133.
  • the Service Control function set is typically composed of three levels of support:
  • Level 1 handles and resolves as many requests and problems, as possible, at the first contact using the tools and knowledge at the service desk.
  • Level 1 should always be the single point of contact for a user's request or incident handling;
  • Level 2 with more technical and business expertise, this level resolves the more difficult problems or specialized requests; and
  • Level 3 resolves problems that cannot be resolved by the first two levels of support and requires additional technical or programming expertise or vendor assistance (usually involving applications code changes or technical modifications).
  • Service Control provides the following services:
  • Service Request Management handles the fulfillment of all information technology requests and calls from the user (i.e., moves, password resets, etc.). Some of these requests may include requests for User Administration, while others are problems that would be handled by Problem Management. Note that "Larger" information technology requests are called “Project Requests”. The differences between what is considered a "smaller'Vservice request vs. a "larger'Vproject request may be defined in the Governance & Strategic Relationships function categories; Problem Management - handles the resolution of incidents (single occurrences of an issue that affects the delivery of normal or expected service) and problems (incidents that cannot be resolved at the first level of support);
  • User Administration handles the day-to-day tasks involved in administering users on the system.
  • Some of these tasks may be routine maintenance requests, while some may be received through the Project Request Management or Problem Management functions.
  • Service request management acts as a single point of contact for all requests from users. This function coordinates and controls all service requests including install, move, add, or change activities necessary to fulfill business service requests that are not large enough to be considered projects.
  • "Smaller" or non-project requests may include daily, routine application maintenance activities, such as: changing the date a "canned" report is printed, adding an additional field to a simple database, resetting application passwords, changing user Ids, and requesting additional telephones. Requests are classified as one of the following:
  • Simple Service Requests A service request that does not require a lot of effort but may not be able to be resolved instantly, i.e., ordering a new LAN cable for a user.
  • Incident A single occurrence of an issue that affects the user's ability to function in the environment. An incident is defined as an issue that can be resolved using business and product knowledge at the first level of support (i.e., by the person answering the phone at Service Control).
  • User Administration - Service Request Management receives requests for changes to user ID/accounts, but are acted upon in the User Administration function. Note that project requests that involve new functionality or a significant work effort are handled by Project Request Management. Larger application maintenance requests (those that are not routine or do not have predetermined rules already associated with them) should be handled through appropriate maintenance.
  • service request management has four sub-functions, including but not limited to, service request logging and categorization, service request prioritization, service request assignment and tracking, and service request resolution.
  • Service request logging and categorization collects all information pertaining to the service request and logs it into a Service Control tracking tool.
  • the information required might include: user name and contact number, date - when a service request has been raised, accepted, rejected, deferred, or implemented; current status of the service request; asset types affected; any approvals required; and name of person responsible for implementation.
  • This function also performs an analysis on the service request in order to categorize it and assign its priority. Based upon the analysis, the assignment may be resolved immediately by the initial Service Control analyst or may be assigned to the appropriate support personnel. Additionally, this function verifies that the service request is reasonable in scope and that the caller is a valid user. Before assigning the request to support personnel, the Level 1 Service Control personnel ensures that all approvals have been collected, since some service requests may require multiple approvals (i.e., remote access) before they can be assigned.
  • Service request prioritization verifies requestor's priority for the service request and prioritizes the request against all other requests made by the customer using the prioritization guidelines. This function determines the appropriate speed with which the service request should be handled, clearly communicates the assigned priority level to the customer, and queues the request in the service request tracking tool with the correct assigned priority level. Priorities for standard or common service requests should be clearly defined by the Governance & Strategic Relationships function category, and the priority levels and their expected turnaround time should be clearly communicated to the user groups.
  • Service request assignment and tracking assigns the service request to the appropriate support personnel once all approvals have been made.
  • Service Control will be able to track the request through closure and ensure that while service requests are resolved, all service levels are being met.
  • Service request resolution resolves all simple service requests, i.e., those that do not require escalation.
  • An example of a simple service request would be a request for a new LAN cable.
  • This function verifies the resolution of all service requests through a confirmed resolution.
  • a problem management function coordinates problem resolution among the users of the system and those operating and maintaining the system from incident logging through confirmed resolution. This function includes receiving incidents from users and informing users of potential workarounds or resolutions, when possible. If the incident cannot be resolved by Service Control, the incident will be classified as a problem and assigned to the appropriate support group. This function continues to provide status and track the problem through resolution, including escalations as necessary. Resolution of problems is approached through levels of support with various service providers utilized as appropriate.
  • incident resolution which attempts to resolve incidents by gathering all relevant information from the user, recreating the incident if necessary, prioritizing the incident, and using business and product knowledge, together with known problem checklists and other diagnostic aids, to deliver quality resolutions. If an incident cannot be resolved through analysis or if similar incidents are occurring, the incident becomes a problem and is assigned to a higher level (i.e., technical support groups, developers, business experts, etc.) for resolution. Related incidents are associated with problems, so that the resolutions can be applied to each occurring incident.
  • Problem escalation functions monitor all open/outstanding problems and escalate the problem if it is urgent or exceeds the established service levels. This function includes the notification of the person working on the problem and the next level of management. Problems may continue to be escalated up the levels of Service Control and information technology management if the problem is not resolved, the problem affects a business-critical system, or if users are not being satisfied.
  • a sample escalation path, within information technology, may be: support group leader, support group manager and support group director.
  • a sample escalation path may include the user's manager, the user's department director, and the user's department VP.
  • Service Control may make a communication to the entire user community regarding the problem and its status.
  • a proactive function may be that of problem resolution, which corrects identified problems and prevents recurring incidents by determining and correcting the underlying problems causing those incidents; this typically requires an expert or support groups.
  • all problem resolutions are confirmed by the user. All problem resolutions are logged, tracked, and archived for future reference. Going further, root cause analysis group's similar problems reactively to try to avoid future problems.
  • Service Control monitors daily metrics and collects historical data about recurring incidents that could be associated with an underlying problem. This function uses monitoring tools and documented incidents to complete an analysis to identify issues causing problems and uses the resolution to prevent additional incidents from occurring. This function is typically performed by a Level 1 lead or manager.
  • Knowledge Repository Management In another proactive effort to improve information technology performance, a Knowledge Repository Management function may be implemented.
  • Knowledge Repository Management identifies common incidents and problems documented by the service request tracking tool and reviews and approves associated resolutions. This function identifies areas where new knowledge is created, updated, or simply communicated to the Service Control teams. This also includes archiving or deleting obsolete knowledge (i.e., Windows 3.1 resolutions when the ente ⁇ rise has upgraded to Windows NT). This function coordinates with the business unit and information technology ente ⁇ rise experts in developing and publishing knowledge (i.e., Top 10 resolutions) to improve the resolution rates at Level 1.
  • Service Control can publish resolutions and prevent problems from recurring.
  • knowledge is usually stored within a knowledge base within the service request tracking tool, it may be beneficial to publish a newsletter or web site with Top 10 resolutions that customers can resolve themselves, without having to call the Service Control.
  • Knowledge Repository Management is typically performed by a Level 1 lead or manager.
  • a User Administration function is also useful in customer service management. User administration handles the day-to-day tasks involved in administering users on the system. These tasks include such things as: Moves/ Adds/Changes for desktops, Adding/Deleting/Modifying users, User ID changing, Re-establishing user passwords, Maintaining groups of users, and maintaining sets of profiles.
  • Strategic Relationships function set determines how to differentiate between what is a standard User Administration task (i.e., a request for two new user IDs) vs. a larger User Administration process (30 new user IDs for a new system). Requests are received through Service Request Management and are approved or disapproved based upon predetermined Security Administration procedures. Included in this group are the functions of user tracking, user status and notification, user group maintenance, and desktop Moves/ Adds/Changes.
  • User tracking receives personnel employment activity information from Human Performance Management regarding employees' hiring, transfers, leaves of absences, and termination. This function establishes an effective communication mechanism between Human Performance Management and the appropriate information technology User Administration personnel. Maintenance of this system will facilitate up-to-date information regarding employee arrival, transfer, hold, and departure dates. For example, Human Performance Management would send a list of new hires, their start dates, and the groups or departments they will be working in to the User Administration group. Once this list is received, the following actions can take place:
  • User Addition - Adds users to all necessary systems i.e., network, mail, etc.
  • User Administration Personnel should create IDs/accounts and all users with appropriate type of access to all necessary systems and accounts and procure hardware as needed (through Desktop Moves/Adds/Changes), and
  • User Account Maintenance Changes user information on all necessary systems.
  • User Administration personnel can schedule updates and modifications to existing user accounts.
  • Effective communication mechanisms allow personnel to schedule user account deletions on all necessary systems (i.e., network, mail, etc.).
  • the function of User Status and Notification may be used to clearly document the various access levels a user has to the various information technology systems and notifies appropriate parties periodically of User Administration status.
  • the function includes documenting user account maintenance and goal fulfillment and distributing user account status to the appropriate parties. Parties may include Human Performance Management, Applications Support, and Operations Support, as well as the user himself/herself. Depending on the urgency of the maintenance, this notification to other groups can take many forms: immediate notification - e-mail, pager; scheduled status reports or information through Change Control meetings; or information presented at Change Administration meetings.
  • User group maintenance functions maintain the user groups and group profiles.
  • the function includes clearly documenting the various access levels a user group has to the various IT systems. This group makes all appropriate changes, including adding/moving/deleting users from a group.
  • a user group may be a department or a role that has certain privileges. It is easier to maintain access levels for a group rather than to individually maintain all user IDs and access levels; therefore, user groups should be established for employees with similar roles who require the same access level.
  • a group or function may handle desktop moves/adds/changes. This group handles desktop alterations.
  • the function includes moving desktops from location to location, adding desktops to new locations, and making some changes to existing desktops. Large department moves or changes would be handled in Project Request Management or
  • Service Integration may be thought of as an organization, function or system that manages activities for large-scale and ongoing work efforts across organizational groups and third-party suppliers in order to effectively deliver products and services to customers and users.
  • This organization plans, executes and manages large-scale programs.
  • This organization or function tracks and reports progress, assesses performance, and identifies improvements. It also forecasts and balances resource schedules and workload.
  • Major tasks or subgroups within service integration 20, as shown in FIG. 4 include, but are not limited to, program management 21, project management 22, resource forecasting 23, and service provider management 24.
  • Program management focuses on the continuous guidance needed to support the delivery of a business capability through multiple projects and releases.
  • Appropriate disciplines, techniques, and tools are used to plan and organize the work, and to manage the incremental delivery of the new business capability.
  • a number of tasks or process are useful in performing the function of program management.
  • Program planning is the function used to plan the implementation of a new business capability. It is triggered by the acceptance of a value realization plan by the sponsoring organization, and is performed for each business capability within the business architecture. Expectations of the key program sponsors are gathered to help shape the program, and then a series of detailed planning activities are performed.
  • the Program Plan is developed through an iterative process of high-level program planning, bottom-up planning from all the program's projects, and consolidation and reconciliation of an integrated overall plan which accounts for interdependencies. The plan is then aligned to the Value Realization Plan and change journey. "Change journey" is a set of strategic initiatives undertaken by an organization to achieve a desired business outcome.
  • Program expectations management is the function that identifies, documents, and reconciles the expectations of the key program sponsors or stakeholders at the outset of the program. A briefly-undertaken, yet accurate, understanding may build the foundation for further program planning and subsequent in-depth gathering of all program stakeholders' expectations.
  • Management processes planning determines all the management processes necessary to support the program that relate to resources, vendors, quality, configuration, releases, issues, problems, risk, finances, contingency, and performance reporting. This function establishes and documents goals and metrics for each management process. Begins this base practice at the start of the program, and refines the management processes as the program progresses. Program master plan development develops the consolidated Program Master
  • Initial team-work environment design ensures that designs are developed for the initial team work environment for the program.
  • This environment typically consists of, but is not limited to, the initial development environment, an option engineering lab, initial networking infrastructure, initial communications environment, PC-based tools, design repository, knowledge management function, program management software, and/or model office. Yet another function performed by program management is delivery planning.
  • This function tailors the delivery approaches for a specific release of the business capability, based on a capability delivery approach and information gathered in a capability analysis function set. Delivery planning will take and finalize the capability release design function set plans and estimates. It will also refine estimates for work in the later function sets of the capability development function category, as well as for subsequent releases of the business capability.
  • One of its other functions is to obtain commitment from the sponsoring organization to proceed with the capability release design function set. This base practice is performed once for each business capability release, prior to initiating work in the capability release design function set.
  • This base practice function ties closely with release planning, and is highlighted here to emphasize the importance of delivery planning from an overall management "program coordination" perspective.
  • the actual release and deployment testing functions are defined in detail in the change administration function category. It is also necessary to create a program plan, and another element of program management is a group or a function for program plan creation. It is the function of the program plan group to consolidate the results of earlier program planning base practices with the program communications plan and program budget developed in this base practice. This function ensures that the components of the Program Plan are aligned, and obtains stakeholder acceptance and approval.
  • This base practice begins as soon as the majority of the components of the Program Plan are complete. The components of the Program Plan are continually refined throughout the life of the program.
  • the program mobilization function contains the base practices required to handle staffing, administrative, and other necessary activities to establish the program.
  • the base practices within this function begin once the Program Plan has been approved.
  • the program-level infrastructure designed in Program Planning is implemented.
  • Another desirable function within program management is resource obtaining and deploying. This function analyzes resource requirements, initiates the procurement of goods and services, obtains human and physical resources from participating entities, assigns these resources to projects, and releases the resources upon project completion. This function may also be considered a base practice to be performed throughout the life of the program based upon the forecast determined fn
  • a function of management processes implementation establishes the capabilities necessary to execute program management processes, and refines management processes as necessary to inco ⁇ orate the results of other concurrent program mobilization activities. Note that some management processes are implemented in conjunction with other program mobilization activities.
  • it may be useful to establish a program management office.
  • This function may be useful to establish the Program Management Office (PMO), the administrative support component of Program Management.
  • PMO Program Management Office
  • the pu ⁇ ose is to define the specific functions of the PMO and establish the Program Management infrastructure, including the initialization of the performance and financial reporting systems. Management should be careful to scale the size of the Program Management Office to the size of the program.
  • An initial team work environment implementation completes the implementation of the initial Team Work Environment deliverable, which may be defined as consisting of the initial development environment, option engineering lab, initial networking infrastructure, initial communications environment, PC-based tools, design repository, knowledge management function, program management software, and/or model office. This includes building or installing the initial team work environment components, conducting the appropriate test and verification steps, and deploying the team work environment to the projects to be supported.
  • Another useful function is to establish an orientation and training center. This center develops program-wide orientation and training materials, based on requirements gathered throughout program planning and mobilization. The function is to conduct initial orientation and training sessions as necessary. Additional sessions required throughout the life of the program are conducted in conjunction with the Program Management Office Operating base practice.
  • a program for management and improvement should include the ongoing management processes required to manage the delivery program, ensuring that the business capability is delivered successfully and meets sponsor and stakeholder expectations. These processes involve the day-to-day operation of the program in terms of the program leadership activities needed to guide the various projects, the execution of the various program-level management activities, the operation of the Program Management Office, and the operation and support of the teamwork environment.
  • the management and improvement office also involves three oversight functions:
  • program direction function or office which provides leadership to guide the planning and execution of program work.
  • This office or function maintains key working relationships within the program, and monitors and develops the skills and performance of program management team members.
  • it may be considered a base practice representing the decision-making component that directs all program work.
  • the program manager may find it useful to have a separate or adjoining office for management processes execution.
  • This function coordinates/executes a number of functions/ processes within program management.
  • These functions or departments may include, but are not limited to, vendor management, quality management, configuration management, release management, issue management, problem management, risk management, and contingency management. Note that these management Program functions/processes should be consistent with the functions/processes already established. This function ensures not only that the centralized processes are performing well, but also that the interactions among processes and with the program's project teams are operating effectively.
  • Program performance analysis is a desirable function in tracking a program.
  • An office or function to track program performance identifies and assesses problems with program performance, and specifies corrective actions as needed.
  • the function evaluates program metrics, as defined in a Program Metrics Plan, to determine progress towards program objectives, and to determine whether or not the current metrics are still relevant. Assessments may be performed as to whether or not the program is on track by reviewing program, project, and vendor performance and recommending alternative corrective actions.
  • Program Management will evaluate the alternative corrective actions, and will finalize the appropriate corrective actions to be carried out in the appropriate function or base practice. Closely related to performance is a function for program improvement planning and implementation. The task here is to coordinate the identification, analysis, and implementation of program improvements throughout program execution. As problems are analyzed and resolved, Program Management will act upon the results in this base practice or in conjunction with the Program Direction base practice, or will provide guidance to the affected projects on how best to proceed with the Project Work Control base practice.
  • a program management office operation performs the administrative functions of the Program Management Office.
  • the office updates and refines the Program Policies and Standards.
  • the office also reports, monitors, and accounts for the program's financial performance and results, and produces the program's performance reports.
  • the office may conduct ongoing orientation and training, and monitors the Program Communications Plan to ensure that planned communications events are addressed.
  • a specific management function for build and test authorization may be useful. This function reviews the work of the Capability Release Build & Test function set from a program management perspective. This function defines the Capability Release Delivery Approach, based on detailed information gathered in the Capability Release Design function set.
  • Capability Release Build & Test function set plans and estimates will become the baselines against which the function set will be managed.
  • This function also refines estimates for work in Solution Deployment, as well as for subsequent releases of the business capability.
  • a management function is to obtain commitment from the sponsoring organization to proceed with the Capability Release Build & Test function set.
  • Another potentially useful management function is one that obtains deployment authorization. It is this function that reviews the Solution Deployment function set from a Program Management perspective. They refine the remaining aspects of the Capability Release Delivery Approach, based on detailed information gathered in the Capability Release Build & Test function set. This office or function will finalize and commit to the Solution Deployment function set plans and estimates; these will become the baselines against which the function set will be managed. They are also in a position to refine estimates for work in subsequent releases of the business capability. It is this office that obtains commitment from the sponsoring organization to proceed with the deployment of the business capability release.
  • This organization ensures that the ongoing maintenance and support for the team work environment is being provided.
  • This office or task assures that the enhancements identified and requested by the supported projects are inco ⁇ orated as appropriate. It ensures that updates to the team work environment are periodically made with the latest versions of the technology infrastructure to ensure that the supported projects are working in an environment that most effectively enables their efforts.
  • the actual operations of the environment are defined and executed in Service Delivery.
  • Project Management focuses on providing specific deliverables (i.e., process flows, job designs, business applications, reward systems) through the balanced management of scope, quality, effort, risk, and schedule. Project management applies to both the "individual" efforts/projects coordinated by the programs, and also to stand-alone projects, which may be performed before the necessary program infrastructures have been established. In one embodiment, a number of functions are associated with project management. FIG. 16 depicts two main functions within project management 22, including project planning and management 221 and project execution 222.
  • the first of the project management functions may be project planning and management.
  • This functions contains a set of base practices that follow a cycle of planning the project's execution, organizing its resources, and controlling its work.
  • a detailed Project Plan is developed that indicates the project's work plan, schedule, resource needs, and plan for managing quality and risk. Once the Project Plan is approved by the program or other necessary stakeholders, its human and physical resources are enabled. The day-to-day project work is assigned and monitored, and the overall performance of the project is measured and assessed.
  • the base practices within this function interact with all the program-level processes to ensure the most efficient development, integration, and delivery of the business capability components. Projects are typically active through the various functions of the Capability Development Function Category, for multiple releases, until the complete business capability has been deployed.
  • a group or function for project plan execution defines and obtains approval of the initial Project Plan, which will be used to manage the execution of the project.
  • the project plan execution group performs this base practice throughout the project life cycle at predefined commitment points and whenever re-planning is required.
  • the Project Plan will include components related to scope, effort, quality, risk, and time (schedule). It will be developed based on initial estimates provided by program management. For maximum effectiveness, it should be approved by program management and other key stakeholders.
  • a desirable function of any project is the organization that organizes human resources for the project, and established other resources needed for the project.
  • this group makes resource work assignments and develops training to enable resources.
  • the group may need to perform this base practice in an iterative fashion to organize, mobilize, and manage project resources throughout the execution of the project.
  • Such a group or an organization may also be used to organize the resources required to implement program-wide management processes.
  • a project of sufficiently large scope or importance may also utilize groups for project work control, project execution and project completion.
  • the project work control group controls the execution of the project work. After assigning the work to team members, this group identifies potential and actual problems by measuring and monitoring progress and performance against the Project Plan. They may also solve problems by identifying, evaluating, selecting, and taking appropriate corrective actions.
  • a project execution group or function manages the day-to-day activities on the project. Their duties may range from issue resolution to client bill presentation. Along with the march towards the milestones of the project, particular attention may be paid to developing human and capital resource development, maintaining the workplan, and reviewing deliverables according to the plan. Lastly in this section a project completion group may close out the completed project, and evaluate its overall results. This group or function insures that activities for a project are completed so that resources can be released and documentation and responsibilities can be transferred to the new responsible party or parties.
  • Resource Forecasting A group whose responsibility is resource forecasting balances the resource requirements for "discretionary" demand (new development and major enhancement projects) with the requirements for "non-discretionary" ongoing Service Delivery commitments (typically maintenance work, including problems, questions, and minor enhancements). Based upon overall trends and projections in the ente ⁇ rise, and demand for specific categories of skills, Resource Forecasting assesses the future requirements for staff by skill type. Additionally, this group or function provides input to Human Performance Management functions regarding the acquisition, release, proficiency development, and reward strategies that will be required to meet unit requirements based on current resource loading and future client demand projections.
  • FIG. 17 depicts additional functions or needs that may be a part of resource forecasting 23 include groups or functions responsible for resource utilization 231, resource gap identification 232, and resource schedule management 233.
  • a resource utilization group or function tracks the deployment of budgeted resources (human, financial, or infrastructure) against demand and informs Project Management of discrepancies.
  • Resource Utilization tracks time spent by resources on various projects and compiles aggregate forecasts of resource requirements. This information is provided for billing and capacity planning activities.
  • This function complements the Project/Program Management in providing the resource perspective on utilization.
  • Project/Program Management tracks budgeted resources and actual expenditures of resources, providing useful metrics of project performance.
  • a resource gap identification group or function compiles and analyzes unit skills assessments and gaps for use in planning unit training needs and identifying sourcing requirements. This group or function interfaces with Human Performance Management to ensure that appropriate skills are available to fulfill project requests. The function performs careful analysis of project skill requirements and identifies potential gaps, or deficits. These skill deficits may be filled by hiring new resources or training existing personnel. They also examines trends in demand, identify competencies that should be built within the informational technology environment, and provide input to Competency Development.
  • a function for resource gap identification ensures that an organizational Human Performance Management group is aware of potential competency needs based upon new projects that are planned. For example, if an approved project is developing an Internet application, an organization would inform Human Performance Management at the start of the project of the need for Internet production skills so that those skills would be developed (either by training existing personnel or by hiring new) by the time the project is complete.
  • a third function within resource forecasting involves identifying required skills and knowledge, assigning and performing tasks, or allocating facilities. This function aids the project manager in assigning team members to the appropriate roles and work packages, including project work and decision-making processes. This group also maintains backlog of requests for resources. This function complements Project/Program Management in providing the resource perspective on schedule management. Whereas a particular resource may be utilized a portion of the time on any given project, the same resource may be committed to a number of projects. In Human Performance Management, systems such as group/individual scheduling satisfy this function.
  • Service Provider Management A service provider management function is used on an ongoing basis to ensure coordination of the different operational domains and effective use of resources.
  • service provider management 24 It manages the Service Delivery functions, the environment, and the service provider's relationships with operational domains and suppliers. This group may also be useful in insuring adherence to contracts with suppliers.
  • service provider integration 241 two principal functions within service provider management 24 are service provider integration 241 and operational level management 242.
  • a service provider integration function coordinates activities across in-house groups and third-party suppliers. Such an integration function establishes and maintains management controls, coordinates delivery schedules and resources, and monitors delivery against commitments.
  • Service provider scheduling manages in- house resources, and coordinates these resources with third-party service providers to provide seamless service to customers.
  • Service provider planning defines the appropriate strategies and business architecture for the day-to-day management that will position a business to achieve enduring competitive advantage and continually build stakeholder value.
  • Service provider administration administers management controls among all service providers. This group manages risks and issues, and tracks and reports progress against delivery schedules and budgets. They also coordinate interface points, integrate testing and implementation efforts, and conduct status meetings among providers as appropriate.
  • a second desirable group within service provider management is operational level management.
  • This function regularly monitors the results of services defined by the agreements and takes action where needed. This is done by establishing Operational Level Agreements (OLAs), reviewing metrics results (reports are created elsewhere via the Quality Metrics function), identifying service trends, meeting with teaming partners to review results, making corrections (as-needed), escalating (as- needed), and ensuring complete resolution of operational level noncompliance. This also includes making recommendations on OLA improvements (i.e., retiring metrics that are no longer useful).
  • functions useful include a group for OLA requirement identification. This group ensures that before creating an OLA, the agreement with the service provider is in line with the overall business strategy and is providing the services that the users want. This includes identifying service providers requiring OLAs, service needs, and business unit service requirements.
  • Another function may be OLA costing determination, a group whose responsibility is to identify chargeback, budget, or costing structure components that are included in OLAs. This group determines rewards and penalties for meeting/exceeding/not meeting agreed upon OLAs. This group determines how individual costs for services may be reported.
  • OLAs a group or function may be needed whose function is to define OLAs.
  • This group outlines agreements between those managing the service (i.e., an information technology organization) and those providing the service (i.e., internal or external providers). By obtaining sign-off from both information technology and the service provider, it formalizes the interface between information technology (customer) and information technology suppliers either within or outside the organization.
  • the Operational Level Agreement may define: • Scope of services provided
  • Groups with operational level management may also include the following function for operational level measurement, reporting, controlling, reviewing, maintenance and retirement.
  • An operational level measurement group provides regular metrics and information on how well the operational levels are being achieved by the service provider. This base practice provides those maintaining OLAs and those providing service to information technology with historical reports that track the operational level delivered over a particular period of time.
  • An OL reporting function provides information on how well a service is being provided by a service provider.
  • Operational Level Reports provide key measurements and input for Vendor Management when the OLA is between information technology and an external service provider.
  • An operational level control function assures that agreed upon operating levels are consistently reported on by regularly and frequently assessing service provided, determined by Operational Level Measurement and Operational Level Reporting, against the target operating levels defined in the OLA. If these operational levels are being violated, Operational Level Control will take the appropriate action to determine what is causing the violation and initiate a fix to ensure that services are provided in accordance with the OLA.
  • An operational level review group or function offers a regularly-scheduled forum for discussing Operational Level reports with information technology service providers. This group provides service providers with a formal opportunity to discuss their service arrangements, potential changes to their agreements, and methods for improving the quality of service delivered to the service providers.
  • An OLA maintenance group or function identifies changes to existing OLAs as necessary. This group receives requests from end users and service providers to change OLAs for business needs. This function also manages short-term deviation to OLAs due to business requirements.
  • An OLA retirement group ensures that the specific OLA is retired and all accompanying processes for that specific OLA (i.e., service reports, scheduled review sessions, etc.) are ceased. This group ensures that only active OLAs are in existence, which helps to raise the credibility of all OLAs. This function also ensures that historical information (statistics, reports, various versions of OLA, etc.) regarding ceased OLA is appropriately recorded and stored for future reference.
  • Service delivery involves all functions required for the day-to-day operations of the information technology systems, including Network/Systems Management and
  • This function category is often referred to as the "IT shop”: it encompasses the functions that keep the IT (information technology) systems running.
  • the functions performed in this section are considered Operations and Maintenance functions. Regardless of the change events that are scheduled and performed within the information technology ente ⁇ rise, Service Delivery activities take place in an on-going manner.
  • FIG. 5 depicts the principal activities that take place within service delivery 30 including network/ systems management 31 and application management 32.
  • Network/systems management 31 encompasses a host of functions or activities. These are the functions that perform the day-to-day execution, administration, and maintenance tasks for the ente ⁇ rise networks and systems, as shown in FIG. 19. This function set includes all routine maintenance and management activities for all systems and networks, except application maintenance and management. Sub-groups or tasks within network systems management include production scheduling 311, output print management 312, operations 313, operations architecture management 314, network addressing management 315, storage management 316, restore/backup management 317, archiving 318, event/fault management 319, system performance management 3110, security management 3111, and disaster recovery maintenance and testing 31 12.
  • Production scheduling manages the day-to-day operations schedule of activities in the various information technology domains and ensures that production activities are performed and controlled as required.
  • Production scheduling maintains the requirements for the execution of scheduled jobs and tasks across the information technology ente ⁇ rise, taking into consideration all dependencies and interrelationships in the environment.
  • a job is defined as any activity performed in the environment that requires human intervention, while a task is an activity to the environment that is automated.
  • Production scheduling requirements management manages the changing requirements of the business and associated technology infrastructure for scheduling operations jobs and tasks. This takes into account performance metrics and SLAs/OLAs. Personnel performing these tasks use expertise in technology architecture to extrapolate the scheduling implications of varying requirements, and to add the appropriate supporting functions to the core business capability requirements. This function also maps the business operations and processes to the Production Scheduling function, updating the requirements as new systems and business activities are introduced.
  • Fixed job scheduling defines production schedules and interfaces with System
  • Performance Management functions to validate that the infrastructure environment (network, platforms, storage subsystems, etc.) will support the throughput requirements for the regularly executed schedule of jobs.
  • Ad hoc scheduling assesses the priorities, capacities, and opportunities to add ad hoc jobs and tasks to the normal production schedule. This group prioritizes requests based on established job requirements submitted, and coordinates execution once a schedule is determined. The task is accomplished by weighing considerations, such as other processes running (backup/restoration, software distribution, etc.), before approving and sending the ad hoc order.
  • Service class definition establishes, maintains, and manages the appropriate service classes to support different classes of jobs and tasks based on requirements. This function determines the scheduling and adds the appropriate supporting functions to the core business capability requirements.
  • Selection criteria may include time, job dependencies, availability of data, and business function priority.
  • Batch process design establishes and maintains the dependency structure, notification approaches, and restart/recovery mechanisms for the production schedule execution.
  • Schedule and job monitoring ensures scheduled jobs and tasks are starting and stopping within the defined schedule window.
  • Schedule and job monitoring revises schedules when execution completes early or extends beyond normal schedule periods.
  • Information from System Performance Management will play a key role in this function.
  • Output/print management functions monitor all output generation and distribution across the information technology ente ⁇ rise and is responsible for managing the output devices and generation at both central and remote locations. This includes both hardcopy and electronic distributions.
  • a first function, output/print requirements management uses the business capability requirements to collect the technology infrastructure requirements for output and printing needs. This group also takes into account performance metrics and SLAs/OLAs.
  • Output service class management determines the implications of varying output requirements, and adds the appropriate supporting functions to the core business capability requirements. Selection may be based on any of time, frequency of printing, distribution, availability of forms, complexity of the ente ⁇ rise, priority of outputs, and the like.
  • Output device management manages the queues, hardware, and forms associated with routing the correct output to the right output device to meet business requirements. Includes all output media (paper, magnetic, optical).
  • a materials and supply management function or group handles requirements such as special paper, special ink, manual feeds, special feeder for the printer, etc. when printing forms (i.e., invoices). This group manages suppliers and inventory of supplies to ensure output functions can continue without interruption.
  • a network/systems operations group defines and controls the routine procedures governing the activation and the operation of communications equipment, applications, and operating systems within the information technology environment. This includes system startup/shutdown, notification, outage scheduling, and metrics.
  • a series of functions for networks/systems operations includes system startup/shutdown for processing platforms, utilities, databases, and applications. The governance or functionality may extend to both centrally managed and remotely managed components. In this same general category of functions should be included outage scheduling. Outage scheduling maintains a system-wide availability schedule. This schedule balances both essential maintenance needs and business operation requirements.
  • This function produces metrics reports for key information technology operations measures. These metrics will be based around SLAs/OLAs and will form the basis for continuous improvement. Also useful is a function for ente ⁇ rise notification. As implied, this function notifies the ente ⁇ rise stakeholders of planned and unplanned outages. Additionally, this group or function is responsible for notification of status and estimated recovery times.
  • Operations architecture management is a function that covers maintenance to the network operating systems and system software, such as installing upgrades and maintenance patches. This function applies to both the centralized, distributed, and communications environments. This does not encompass maintenance to applications.
  • System software updates/administration identifies, prioritizes, schedules, and applies approved system software updates. Updates/administration also addresses the system administration of system software components through normal parameter selection and configuration.
  • a related but distinct function that may be included is system software configuration and tuning. This function adjusts system software parameters, based on inputs from System Performance Management, to improve system efficiency. This group or function ensures system software configurations are consistent across the environment.
  • Similar groups may also exist for communication device software updates/administration, and for configuration and tuning. These groups perform for communications devices the same functions that applied to hardware and software.
  • the group for updates and administration identifies and applies approved communication software updates.
  • the group also addresses the system administration of communications software components through normal parameter selection and configuration.
  • the group for communication device configuration and tuning adjusts communication parameters, based on inputs from System Performance Management, to improve system efficiency. Ensures software configurations are consistent across the environment.
  • One last group or function typically found in operations architecture management is ente ⁇ rise integration. This group integrates systems management functions into related capabilities via an ente ⁇ rise framework product (e.g., Tivoli, CA Unicenter, HP OpenView) or via point solution products.
  • IP Internet Protocol
  • DNS Domain Name System
  • DHCP Dynamic Host Configuration Protocol
  • DDNS domain name system/ dynamic domain name system
  • network address assignment management This function manages the network addresses consumption strategy. This will provide network address ranges for dynamic (DHCP) or static (hard-coding) address assignment.
  • the static address management will be used to manage hard-coded network addresses for network nodes such as file/print servers, printers, routers, switches, and hubs.
  • Useful also is a function for network device naming service administration, which covers the maintenance of the device naming services, such as assigning DNS names for new network devices. This group or function also involves the management of network address and device name resolution.
  • Another useful function is network addressing application administration. This group configures and administers the network addressing management application to support network-addressing needs. The function includes assigning network address ranges for newly created networks, changing the address management server password, and generating utilization reports.
  • Network addressing application maintenance defines the maintenance of management applications. This group addresses the address management server clean-up and data archiving. Their function insures that useful information is stored safely and efficiently, while unnecessary data is discarded. For example, the scheduled maintenance process will include start-up/shutdown of the address management server, archival of log files, and address database replication.
  • Storage management contains several functions which address the handling of centralized and distributed storage media, such as disk, tape, microfiche, image, Optical, CD jukeboxes, etc. Storage management includes the monitoring and controlling of each of those types of resources and their usage, to include disk space, data placement, tape management and reporting.
  • Disk space management manages the hierarchy of disk storage types, including cache, high speed disk, mass storage, and optical. Assesses the requirements for disk space and allocates/partitions space to the appropriate pools of storage to fulfill space needs.
  • Data placement management manages the appropriate classification and placement of data on storage medium relative to the reference profile and business importance. This group's function includes managing 'aging' of data, migrating it across the storage hierarchy as it is referenced or unreferenced over periods of time. The group also addresses the retirement of obsolete and temporary data.
  • Tape management establishes and executes procedures for tape handling, tape rotation, tape cycling, and tape selection. Tape management provides tracking and reporting mechanism for tape usage and location, and manages tape library facilities and vendors for onsite and offsite storage of tapes.
  • Storage management reporting provides a tracking and reporting mechanism for all central and distributed storage management functions (including disk space, data management and location, tape usage and location) to maximize the effectiveness of the ente ⁇ rise storage management system.
  • this group performs backups on a predetermined schedule as well as for ad hoc requests. This is done to ensure that appropriate backup versions of data, libraries, and files are available for recovery and restoration and to prevent the loss or corruption of data.
  • a good backup/restore group considers all of the back-ups and restorations that need to take place across the ente ⁇ rise and, depending upon the need, executes processes centrally or remotely.
  • One such group may be backup/restore requirements management. This group manages the business and system requirements that determine the backup processes, tools, and schedules for data across the ente ⁇ rise.
  • the Backup/Restore Management function category maps to these requirements and is modified as new requirements are received.
  • Another group may perform functions related to backup/restore data indexing and compressing. This group compresses and indexes data for storage. Compression reduces the amount of media space needed to store the data. Indexing allows for a "table of contents" to be created on the information stored, which will make it faster to access the data when needed.
  • Another included function may be backup/restore data scheduling and monitoring. This group schedules and performs backups at appropriate intervals based on requirements and placement in the production operating schedule. The group or function also alerts and verifies whether backups took place and were completed as scheduled. Another possibly group, backup/restore testing provides schedules and mechanisms for testing Backup/Restore procedures to ensure the integrity of the backup data and backup/restore processes and tools. Finally, within backup/restore management, it may be the function of backup library maintenance to maintain the backup library, typically including labeling backup media, making copies of backup for storage off-site, to age out obsolete versions of backups.
  • Archiving is another function with several sub-groups or sub-functions appended. Archiving saves data that has been selected for storage for longer term retention but unlikely use. While speed of retrieval is usually not a consideration, retrieval speed should be documented in the SLA/OLA. Data selected for archival typically includes older versions of backups, data versions retained for regulatory requirements, or unreferenced data that is not yet due for deletion. Archiving may also involve placement of media with third party vendors, off-site storage vaults, or simply in alternative locations within the distributed network; in all cases, the ability to retrieve and restore archived data is in place. Archival requirements management manages the business and system requirements that determine the archival processes, tools, and schedules for data across the environment. The archival/retrieval function maps to these requirements and is modified as new requirements are received.
  • Archival scheduling and monitoring schedules and performs archiving at appropriate intervals based on requirements and placement in the production operating schedule. This function also alerts and verifies whether archivals took place and were completed as scheduled.
  • Archival testing provides schedules and mechanisms for testing archival and retrieval procedures to ensure the integrity of the archive data and archive/retrieval processes and tools.
  • Archive library maintenance maintains the archive library, including the following:
  • library indexing and compressing compresses and indexes data for storage in archival format. Compression reduces the amount of storage media required to store the data. Indexing provides the 'table of contents' for the data being stored, making it faster to retrieve the data when needed.
  • event/fault management Another group of functions useful in information technology may be termed event/fault management. These functions receive, log, classify, analyze, and present incidents based upon pre-established filters or thresholds. Incidents are inte ⁇ reted as either faults (failures) or events (warnings). Event/Fault information is sent from system components such as hardware, application/system software, and communications resources. Systems, groups, or function with event/fault management may include those for monitoring, analyzing, and classifying and displaying. Monitoring requirements management manages the requirements for new monitors and adjusts existing monitors. The requirements will typically identify resources and components that will be monitored and map the threshold levels into the event and fault categories. Incident classification classifies incidents to promote to an event, fault, or to ignore.
  • This group assigns severity levels and assesses impact. Once the data is pulled in, the incident is defined or classified. A severity level, system impact, and notification is then determined. Analysis and correlation groups for both faults and events then analyze any faults to identify whether the origin is with a specific device or whether an entire segment of the ente ⁇ rise is affected.
  • a fault is defined as a failure of a device or a critical component of that device.
  • the groups correlate faults or events from multiple devices to assist in problem analysis if applicable.
  • An event is defined as a tripping of a significant threshold or warning, and could be based on performance or indications of a potential failure of a device or critical component of that device.
  • Part of the fault/event series of functions may be a traffic analysis group. This group identifies critical nodes that are representative of ente ⁇ rise performance. These probes are then used to gather information on protocols and stations communicating on an ente ⁇ rise segment. Event/fault trend reporting functions report on event/fault alerts over a time period. This function provides trending information on frequency of events/faults and potential sources of future problems and feedback into the adjustments of thresholds. Finally, under event/fault management, there is desirably a function for display management. This function maintains an effective and ergonomically correct view of the event and fault alerts presented to the operations staff.
  • Another series of functions or systems may include a system performance management function. This group or function ensures that the required resources are available at all times throughout the system to meet the agreed upon SLAs/OLAs. This includes the monitoring and management of end-to-end performance based on utilization, capacity, and overall performance statistics. If necessary, System Performance Management can make adjustments to the production environments to either enhance performance or to rectify degraded performance (throttling).
  • Performance data requirements management This function manages the requirements of the business and associated technology infrastructure for maximizing utilization/performance. This takes into account the systems, applications, network, etc. of an ente ⁇ rise. The function maps the business operations and processes to the information technology ente ⁇ rise, updating the requirements as new systems and business activities are introduced. Related functions include threshold management, which maintains thresholds for system performance resources being measured, identifying performance levels where performance problems will/do occur.
  • a performance analysis group or function identifies the resource constraining throughput and response time, enabling root cause analysis of the performance problem.
  • a last sub-group or function is performance reporting. Performance reporting provides the standard reporting mechanism to generate regularly scheduled reports of trend data and performance incidents. Performance reporting also supports ad hoc reporting and diagnosis views to identify problems as they are occurring.
  • a security management function performs security functions to plan, determine, implement, manage, and review security controls, and to respond to security events.
  • the functions include Security Administration.
  • Implementation of secure technical infrastructures that include appropriate technologies, i.e., firewalls, encryption, and authentication servers, are included as well as implementation of appropriate software controls in the application architecture, i.e., access rules, transaction logs, and checksums. Additionally, security management enforces security policy and conducts security awareness training.
  • the security administration function tracks and coordinates security changes across all systems/platforms/applications. Security administration works in conjunction with User Administration to prevent unauthorized access to systems.
  • a security audit function defines the procedures and tools needed to periodically review the security controls. Security audits also determine compliance with security policy.
  • a security review provides for continuous review of systems/platforms/applications as determined by Risk Management.
  • the review or review function determines required updates to security policy and identifies new threats and vulnerabilities. No one doubts the need for disaster recovery maintenance and testing.
  • This group or function develops procedures to guide updates to the Disaster Recovery plan on a regular basis.
  • the group or function is additionally responsible for developing test strategies that, if used, ensure that the plan will remain current.
  • Disaster recovery plan maintenance provides the ente ⁇ rise with the procedures to update its disaster recovery plan. These procedures are developed by first identifying the events occurring in the organization which will require the plan to be updated. Based on these events, procedures are defined to guide the submission of changes and the application of those changes to the plan.
  • the function of application management includes ongoing, routine maintenance of the applications.
  • the function performs ongoing application code maintenance and application administration.
  • Application management also encompasses the functions that are done during regularly scheduled 'downtime' or 'maintenance windows.' Large-scale application maintenance requests (which are different from routine application maintenance) are not handled here, but through Demand Management.
  • application management 32 includes portfolio management 321, release maintenance 322, work request processing 323, and application support services 324.
  • Application portfolio management identifies the portfolio of applications required by an organization to meet its current and future requirements. Portfolio management deliberates how to manage the implementation and operation of those systems.
  • Application management plan maintenance identifies the immediate business plans for the organization and maps specific objectives to scheduled activities within the organization. Portfolio management maintains the Application
  • Application portfolio maintenance maintains the portfolio of applications by accepting new ones into production (through participating in the development and deployment project), retiring old ones, and understanding the quality of the applications in the portfolio. Portfolio maintenance also records all applications and other software assets (such as development software) that are part of the Application Management organization's archives or current portfolio.
  • work request backlog management This group reviews, on an ongoing basis, all work requests that are currently in process as well as any backlog of requests. Included are both work requests that are part of a release as well as all of those that are out-of-release. The backlog is made up of those requests that have been received, but are not yet being executed, either because their scheduled start date has not arrived or because there is not enough capacity to execute them. Work request backlog management is responsible for the identification of exception conditions, determination of which work requests should be processed next, and adjustment of the priority of the work requests to be processed. Backlog management also modifies estimates and schedules based on changes in priority, and communicates status information to stakeholders. Additionally, backlog management reviews resource needs and initiates the appropriate action to fulfill the identified needs.
  • a group useful in information technology is an application release maintenance group. This group defines and controls the scope of each application release. This group integrates all work requests included in the release into a single design. Additionally, release maintenance plans the release deployment and executes the regression test. Another function useful within application release maintenance is application release scope negotiation. This group reviews work requests from application users (whether included in the initial plan for the application release or already in the backlog) and possible third-party package upgrades, and determines whether they should be included within the scope of the release.
  • Application release scope control involves assessing the impact of a scope change request to the application release, then having the request approved, canceled, or deferred by the change control board. If a scope change is approved, scope control creates the change order, and coordinates the execution of the change.
  • Another group, application release design integration defines the implementation details of the changes to human performance, business process, and technology that are needed to improve business performance. These designs form the basis for the detailed estimating and scheduling of the work required in the Capability Release Build & Test stage. This base practice is conducted once for each release of the business capability. Design integration addresses the design and integration of the elements with the business capability release. The overall design process is iterative, as teams will continuously revisit their designs in order to resolve integration issues and tune the overall capability to meet any applicable Business Performance Model, such as one defined within Capability Analysis.
  • An application release deployment plan group or function manages the implementation of an application release.
  • the plan typically includes the following: a list of stakeholders, an overall implementation approach, and a schedule of specific activities or checkpoints.
  • An application regression test execution ensures that a fix has been implemented properly and has not affected anything else.
  • Deployment planning involves planning for multiple passes, developing a modular, structured, and repeatable test model, and automating script execution and results checking.
  • Application release deployment transfers the work products to production. Release deployment also retires and archives unused components, modifies performance support products and learning products, and conducts training.
  • the release deployment function authorizes release deployment and reviews and baselines the work products.
  • an application release assessment documents any improvement actions, sample deliverables, and other experiences resulting from executing the application release. This assessment highlights the items that had a significant effect on the project.
  • Application management work request processing describes how to log, validate, clarify, classify, prioritize, estimate, control changes to, track, and close work requests.
  • a work request processing function analyzes work requests and enables the Applications Management team to design, build, and test the capability.
  • a work request can include any of the following: fix a problem, correct a production defect, enhance an application, or find the answer to a question.
  • Work requests may require modifications, no modifications, or a pre-defined set of modifications.
  • An application work request receipt logs and validates all requests for service, whether verbal or written. Work requests may be received from an external or internal source. Application work request analysis functions then analyze work requests and determine the appropriate course of action. Work request analysis confirms scope, classification, priority, initial estimate, and delivery date as appropriate. Work request analysis determines if modifications are required (modification, no modification, or pre-defined modification) and determines responsibilities for addressing the work request.
  • a work-request requires no modifications to software, it may be handled by a group or function for application no-modification processing.
  • This group performs the necessary actions to address a work request that does not require modifications to software, such as an ad hoc query, report execution, or a data query that requires better user understanding or process changes. Resolution for these requests often involves following a pre-defined set of actions.
  • Application modification release planning assesses the impact of a scope change request to the application release. Based upon this assessment, a request is either approved, canceled, or deferred by a change control board. If approved, a change order is created and coordinated for the execution of the change.
  • Another group or function, application modification design creates the design to address the capability changes required for the work request.
  • the design provides the direction and approach for the Build & Test stage.
  • Application modification build and test prepares a requested change that affects the baseline or the net benefits defined in the Business Case. This deliverable may be applicable to all programs and projects.
  • the build and test group or function finalizes and commits to the Capability Release Build & Test plans and estimates; these will become the baselines against which the stage will be managed.
  • the build and test group also refines estimates for work in the Deployment stage, as well as for subsequent releases of the business capability, obtains commitment from the sponsoring organization to proceed with the Capability Release Build & Test stage of work. Remaining functions useful in application modification work request processing include change control and closure.
  • Application modification change control tracks the timely implementation of changes to the service while minimizing the disruptive effect of these changes. Additionally, change control controls changes to production system environments to ensure minimized disruption. Change control requests are initiated when the Work Request is ready for implementation and the production systems and users are ready to accept the changes. Application work request closure ensures requests for service are resolved. The closure group or function reviews completed work request to ensure that both proper documentation has been filed and that customer feedback is solicited. Any work request improvement suggestions are noted and passed along to the appropriate owners. Requests may include any kind of requests from projects to small enhancements (anything that is not a problem).
  • Performance Support Standards Details the standards, templates, functions, and prototypes of all services and products that support an application management environment. This consists of: Performance Support Standards, Performance Support Structure, Reference Material Template, User Procedures Template, Performance Support Job Aid Templates, Performance Support Low- Fidelity Prototype, applications documentation, training materials, and database administration.
  • Database administration manages access to the physical database, its structure, the placement of data elements, data integrity monitoring, data corrections, name conventions, and archive and backup requirements. Database Administration is responsible for describing the steps for ensuring that databases used by the engagement are managed to maintain optimum efficiency, security, and usability.
  • Application performance support management manages the support of the activities responsible for ensuring satisfactory performance of an application.
  • Documentation management (user and technical) creates user procedures that consist of step-by-step instructions on how to use an application to complete a specific activity.
  • User Procedures provide the detail necessary to enable smooth execution of new application-related tasks within a given business procedure.
  • Application performance support is also responsible for the management of the creation of Performance Support Products that are often developed for employees whose jobs utilize new and/or changed business processes and/or technology.
  • Application training management creates and maintains applications materials for user training or technical training.
  • Infrastructure liaison ensures integrated schedules and plans are communicated between Network/Systems
  • Capability development is a desirable function or system of information technology, transforming business and information technology goals and strategies into measurable business and information technology capabilities. Capability development guides the creation of tools for information technology, along with processes and organizations required to enable business capabilities.
  • the Capability Development function category includes all new development activities and infrastructure builds, including the creation of new organizational structures and processes.
  • this function transforms approved business and technical project requests, defined in the Fiscal Plan Management and Project Request Management function sets, into real business capabilities.
  • the function or group validates project scope and completes development and testing of the agreed capability. They should also verify that completed capabilities meet user requirements.
  • major sub-groups or functions within capability development 40 include capability analysis 41, capability release design 42, and capability release build and test 43.
  • the capability analysis group concentrates on defining the business requirements, performance targets, and delivery options necessary to define and commit to a specific implementation and release plan (see Release Planning within the Change Administration function category).
  • the information gathered in this function focuses on a single business capability, describing it to the level of detail needed to finalize the delivery releases, define the specific requirements, and resolve implementation issues.
  • This function set begins with an organization's commitment to delivering a program, and with the completion of the business architecture and Program Plan.
  • the function set ends with a defined release plan and a detailed scope definition for a business capability.
  • the organization commits to that plan based on the business requirements, the refined Business Performance Model (defined in the Business
  • Integration Methodology as "a qualitative model of the business capability that defines performance measures, targets, and reporting requirements", and the approaches used to develop the capability releases. Shown in FIG. 21. functions or groups within capability analysis 41 include performance model refinement 411, delivery option selection 412, and packaged software selection 413.
  • Performance model refinement collects the business capability requirements, defines details of the Business Performance Model, and establishes the initial deployment requirements (see Deployment Planning within Change Administration). These requirements form the basis for assessing the implementation, operational, and other constraints in order to produce a detailed scope of the business capability and its releases.
  • Another group or function is business performance refinement. This group defines the business performance targets of the new information technology capability and its related Business Capability Requirements; this information is used to provide additional detail to the Business Performance Model. The work involved in this base practice may occur concurrently with analyzing and selecting delivery options for specific parts of the business capability.
  • deployment environment assessment Another useful function within performance model refinement is deployment environment assessment. This group or function ensures the early consideration of the deployment effort. The objectives of this assessment are to consider the geographical, infrastructure, operational, and cultural differences between the current structure of the sponsoring organization and the desired structure, to define the deployment requirements, and to determine the optimal deployment units. This base practice will provide a major input to defining information technology capability releases and estimating the design, build & test, and deployment efforts (see Change Communications and Deployment Planning in Change Administration regarding capability releases and deployment efforts respectively).
  • a delivery option selection function selects options regarding the structure of specific parts of the information technology capability and its implementation. This function produces design and implementation recommendations for each of the investigated delivery options.
  • Each of the recommended options desirably describes how the human performance, business process, application, and technology infrastructure elements will interact to meet the required level of performance.
  • This function selects options that consider the structure of specific parts of the information technology capability and its implementation.
  • This base practice applies innovative thinking and techniques to design the information technology capability, and should be executed once for each set of related options. This work is conducted in parallel to the refinement of the Business Performance Model and the definition of the Business Capability Requirements.
  • Certainly one of the preferred functions may be packaged software selection.
  • This group or function defines a process for evaluating and selecting third-party packaged software, where appropriate.
  • the base practices outlined in this document support selection as either part of an information technology architecture, capability, or individual capability release.
  • the packaged software is selected as part of the information technology capability to fit within the constraints of the Business Architecture Blueprint.
  • Sub-groups or functions within packaged software selection may include, but are not limited to, surveying and screening, proposal request development, and evaluation and selection.
  • a first step is selection is logically that of surveying and screening available packaged software.
  • the group or the function is used to select two or three packaged software vendors as finalists for detailed evaluation.
  • the goal is to identify the potential vendors that have the ability to satisfy a subset of the information technology Business Capability Requirements by using their packaged software products. Completing this base practice offers a cursory view of the market and confirms whether or not a packaged software approach is a better solution than the custom application approach.
  • a group whose task is packaged software proposal request development then creates the Request for Proposal (RFP) that will be distributed to all the packaged software finalists. The completed RFPs will be used to select the software package and vendor.
  • RFP Request for Proposal
  • the evaluation and selection is made by the packaged software finalist evaluation and selection function or team. This team gathers additional information about the packaged software finalists, allowing the evaluation and comparison of the capabilities and functionality of each finalist. After careful observation and analysis, a single packaged software finalist is selected and contract terms are negotiated with the vendor. The group then prepares an evaluation to document conclusions for management, and obtain management's approval to continue.
  • capability release design A second desirable function within capability development is capability release design. This group concentrates on defining the implementation details of the changes to human performance, business process, and technology that are needed to improve information technology and business performance. This function may be conducted once for each release of the business capability. The base practices within this function address the design and integration of the elements with the business capability release. The overall design process is iterative, as teams will continuously revisit their designs in order to resolve integration issues and tune the overall capability to meet their goals.
  • Functions or tasks within capability release design 42 are depicted in FIG. 22. These include quick wins implementation 421 , processes, skills and user interaction design 422, human performance infrastructure design 423, physical environment design and planning 424, application design 425, technology infrastructure design 426, and business capability release validation 427.
  • a group or function for quick wins implementation is useful to implements quick wins at any time during the change journey.
  • Change Journey is defined as "a set of strategic initiatives undertaken by an organization to achieve a desired business outcome.”
  • Quick wins represent incremental changes on a relatively small scale.
  • quick wins provide early positive returns on an organization's change effort.
  • a group or function for processes, skills and user interaction design designs the new information technology and business processes and defines how they will interact with the workforce (skills), applications (application interaction), and physical environment, based on the Business Capability Requirements, and the Business Performance Model.
  • This group uses the Capability Interaction Model to capture the interactions among information technology business processes, human performance, application, physical environment, and technology infrastructure.
  • this group uses the generic business processes implied by the packaged software. These should be the starting point for developing the business capability's process elements.
  • Another function, human performance infrastructure design designs the Organization, Performance Management, and Performance Enhancement infrastructures. These designs include definitions of new competencies, roles, jobs, and teams within a sponsoring organization.
  • the human performance infrastructure establishes the basis for managing and sustaining improvements in work force proficiency and skills, and for aligning responsibilities with the business and information technology processes and outcomes.
  • a group or function for organization infrastructure design defines structures for managing human performance. These structures define what is expected of people who participate in the capability operation, the required competencies for people to perform the capability, and how the performance is managed and sustained.
  • This function or group defines the roles played by individuals, the jobs that they hold, and the teams in which they work.
  • the function may use a Competency Model to document the skills, knowledge, and behavior required to perform in the sponsoring organization.
  • the group designs the assessment procedures for following individual or team performance and the mechanisms for encouraging work force development.
  • the group also calculates the staffing needs and provides an approach for filling the necessary positions.
  • This base practice applies to both business capabilities and supporting capabilities.
  • Another useful "people" function in this vein is a group or function for performance enhancement infrastructure design.
  • This group determines the training that helps people make the transition to their new roles, as well as to define online help text, procedures, job aids, and other information that they can use during the actual work.
  • Performance enhancement infrastructure design determines the competencies and proficiency levels of the employees in the sponsoring organization, and identifies ways to help employees master their responsibilities in the new business capability: that is, define training and performance support, and design products and a delivery approach for the training, performance, and support products.
  • a group for physical environment design and planning desirably identifies and resolves the overall design and planning issues related to the physical environment, including the facilities, layout, and equipment. This group establishes the detailed designs and requirements for the physical environment.
  • Application design includes the analysis and design of custom applications as well as the installation and configuration of packaged software.
  • the function covers creation of key design deliverables, plus the identification of inventories and estimating factors that drive the estimate of the application detailed design and build & test effort.
  • Sub-groups or functions within include application requirements identification, requirements analysis, product test planning, packaged software installation and planning, and conference room piloting.
  • Application requirements identification identifies the Business Capability Requirements that will be delivered through an application. This entails analyzing elements of the current Business Process Design, and understanding the business processes, the requirements from the stakeholders (i.e., employees, application users, customers, suppliers, sponsors), the usability requirements, the required performance of the product in the organization, and the required performance support for the stakeholders.
  • a group for application requirements analysis develops a formal and rigorous model of the previously gathered requirements.
  • the project team creates cohesive models of the application (event, process, content, and data) and establishes metrics and goals that can be verified with stakeholders for each model. When open issues remain, the group actively manages them to an agreed conclusion. If necessary, the function or group may create a prototype of the business process and iterate it to stakeholder satisfaction. The group meets to review the requirements specifications, and then makes appropriate modifications.
  • a group for application product test planning develops a comprehensive approach for the application product test.
  • Product test planning also uses this base practice to create and verify the test plan (conditions and cycles) for the application product test(s).
  • Packaged software installation and verification verifies that the packaged software installation has been completed successfully and identifies any gaps in its integration with the existing architecture components.
  • the group documents and analyzes any gaps within the technology infrastructure, and decides whether to use the packaged software as is, to request a fix from the vendor, to change an architecture component to select different packaged software, or to discontinue the packaged software project. This process allows the technical support team to gain hands-on experience with the new application.
  • Conference room piloting functions demonstrate that the packaged software supports the core business processes. Piloting confirms the Application Requirement Specifications as well as identify new requirements. This function configures the packaged software. The group also identifies potential modifications to the packaged software, confirms the selected packaged software, and analyzes business representative impacts and training requirements. The conference room pilot will test the packaged software using business data in a controlled environment, provide information required to develop the implementation plan, and serve as a gap analysis exercise. It also helps to develop a team that is knowledgeable in both software and organizational needs.
  • Key data structure includes items like customer file, vendor master file, chart of accounts, and organizational hierarchy (for example, company, division, plant, and office).
  • Another useful function is user interaction model design and evaluation. This group or function translates business processes, capability interaction, usability objectives, and usability requirements into a User
  • the group calculates and designs how the users will interact with the applications, and how the applications will be integrated into the workflow, relying heavily on the Business Process Design and the Capability Interaction Model.
  • This group or function may also define the overall approach for detailed user interface development. This base practice should occur early enough in the design process for the User Interaction Model to be considered during technical and application architecture development.
  • the group also establishes a design and evaluation approach for user interface development, and develops user interface standards and guidelines that are based on user interaction.
  • a group for application architecture design designs the application and helps ensure the conceptual integrity of the application among multiple design, build, and maintenance teams. Making and documenting overall design decisions, including the application interfaces, helps ensure that the application will meet its quality requirements.
  • the group also develops an approach and plan for assembly testing to ensure that the application architecture is successfully implemented and meets the quality requirements.
  • User interface design and evaluation designs and tests the specific details of the user interface, building on the framework described in the User Interaction Model and the User Interface Standards and Guidelines deliverables.
  • User interface details include dialogs or conversations, window screens or pages, forms, reports, and possibly user interface hardware (monitors, input devices).
  • User interface design and evaluation designs and evaluates forms and reports.
  • This group may perform one or more high-fidelity usability evaluations.
  • media content design generates media content designs, after the requirements for the content have been specified, but before any existing content has been formatted or any original content has been created.
  • This group determines creative ways to inco ⁇ orate content into the application.
  • Database design transforms the Data Model into logical and physical database designs to optimize the performance and reliability of the application, and ensures that all data requirements are identified and will be met during application conversion.
  • the data conversion processes created in this base practice by a data design function will be used in the overall migration and deployment of the application.
  • the last group or function within application design is application quality verification and validation. This group ensures that the total collection of designs (or specifications) is consistent with the requirements. The designs are verified against the requirements, facilitating stakeholder sign-off of the Application Architecture, User Interface Design, Database Design, and Data Conversion Design deliverables. This process helps ensure that the current and future design work products are produced as planned.
  • a desirable function within capability release design is technology infrastructure design.
  • This group or function designs the components of the Technology Infrastructure, including the Execution, Development, and Operations Architectures.
  • This group also designs the network, communication, and computing platforms and coordinates the work within this major activity with the development of the information technology processes and organizational changes required to support the new infrastructure.
  • Functions or sub-groups within technology infrastructure include groups for selection and design of execution, development and operations architectures, physical network and computing selection, as well as validation.
  • technology infrastructure design should follow standards/guidelines established in technology infrastructure requirements analysis.
  • This group prepares for the selection and design of the technology infrastructure and establishes preliminary plans for technology infrastructure releases and product testing.
  • Technology-related requirements from the Business Capability Requirements are refined and decomposed into component requirements for the technology infrastructure.
  • This function translates the business and technology requirements for the technology infrastructure as a whole into the requirements and selection criteria for each component. Iterations of this base practices are necessary whenever there is a change to requirements.
  • Execution architecture selection and design creates and documents an execution architecture design, and a test plan for the components and the assembly of the execution architecture. Based on whether reused, packaged, or custom built options are chosen, this group finalizes the physical model, and selects or designs all components.
  • the execution architecture design precedes the development and operation architecture designs because it drives the requirements of those architectures.
  • the development architecture selection and design creates and documents the design of the development architecture components, as well as the test plan for those components. Specifically, this function finalizes the physical model and selects or designs all components, depending on whether reused, packaged, or custom built options are chosen.
  • the physical network and computing selection and design group evaluates and selects the physical network and computing platform (hardware, application software, and internetworking services).
  • the group describes activities to create high-level design, and component, and assembly test plans for the environment.
  • the high-level design should provide logical diagrams showing the integration of all the selected components, such as the logical topology of the network and the interconnection points between components.
  • a validation group ensures that the development, execution, operations, physical network, and computing designs are integrated, compatible, and consistent.
  • the group may also validate that the Technology Infrastructure Design meets the business needs or organization needs according to a business performance model or capability requirements.
  • Business capability release validation validates the performance characteristics of the business capability against the Business Performance Model deliverable. This validation includes evaluating the integration or "fit" across the capability's elements. These tests are executed in the Capability Release Build and Test stage. The function of business capability release validating ensures that the capability release design supports the realization of the Business Case and Business Performance Model.
  • Capability release validation tests the integration across information technology capability elements. This represents a rigorous mechanism to investigate and simulate the design before sign-off of the capability release. This base practice can be used to verify the capability's benefits to the new organization because it includes measurements, processes, hardware, and software to support the sponsoring organization's operations.
  • Business capability release test planning and operations readiness test planning round out the functions in capability release design.
  • Business capability release test planning produces the test plan that will allow the requirements of the business capability release to be tested in a controlled environment. This function completes the testing approach.
  • Operations readiness test planning ensures that the business capability release can be correctly deployed and operated within the ente ⁇ rise. This group outlines the activities and strategies needed to develop the deployment plans and procedures (see Deployment Planning within the Change Administration function category).
  • This function also updates the Business Capability Release Plan so that it clearly defines the order of release implementation, the functionality corresponding to each release, and the sequence and timing of deployment.
  • the operational readiness test plans created here should cover all types of operating locations that will receive the business capability. Implementing the tests will mitigate the risks associated with transferring the business capability into production.
  • Capability release build and test is the third major grouping under capability development. This function concentrates on implementing the business capability elements required for a single capability release. The delivery teams are responsible for the detailed design and creation of new processes, facilities, learning systems, performance support, application systems, and technology infrastructure components necessary to implement the new capability. These elements are then tested and implemented within a pilot environment. Shown in FIG. 23, groups within build and test 43 include those for human performance infrastructure build 431 , physical environment assets and services acquisition 432, applications and performance support build and test 433, technology infrastructure build and test 434, and business capability release test and pilot 435.
  • a group or function for human performance infrastructure build creates the basic foundations of a human performance infrastructure by creating the programs needed to evaluate, compensate, develop, and recruit personnel for the capability.
  • This group documents and develops policies and procedures for these major aspects of human performance. Changes to the human performance infrastructure can include changes to the human resources operations, tools, and organization. A useful function is an organization to develop career development programs. This group defines a career development program that will have mutual benefits to employees and employers. Such programs help employees become aware of their interests, values, strengths, weaknesses, and career goals as well as job opportunities within the company, giving employees a chance to grow in ways that are personally meaningful and aligned with company goals. From the company perspective, career planning programs reduce the time to fill job openings, aid in succession planning, and identify employees with managerial talent.
  • Another function or group is one for performance evaluation program development. This group documents the rules for the performance evaluation program and the steps and guidelines for conducting evaluations. The group may use performance evaluation forms to document the desired behaviors and skills that employees are required to demonstrate in relation to their roles and jobs. Given those behaviors, the group assigns measurement values against which those behaviors and skills will be evaluated. The function or group develops additional materials to support the performance evaluation program, and then validates the completeness and ease of use of the products developed.
  • Another desirable function is one for compensation and reward program development.
  • This group develops policies and procedures to support the compensation and reward program based on the corresponding workflows.
  • the group develops materials to educate employees on the program and to assist the Human Resources staff in administering the program, and validates all new compensation and reward products as well as those that were developed previously.
  • this group develops a program that aligns individual and organizational goals and that reinforces employees' behaviors in support of the capabilities via financial compensation and financial or non-financial rewards.
  • Human Performance planning and on-going support is defined in the Human Performance Management Function Category. In many instances the Human Performance Infrastructure will already be in place. This function set defines the key functions required in building the Human Performance Infrastructure.
  • a group or function for recruiting and selection program development is one that develops a recruiting and selection program, enabling the recruitment of employees with the skills and abilities required by a business capability.
  • the group should document the rules, steps, and guidelines for conducting the recruiting and selection program.
  • the group should include in recruiting materials the desired skills and experience levels that employees are required to demonstrate for a particular role or job.
  • the group also develops additional materials to support the program, and validates the comprehensiveness and ease of use of the products that are developed.
  • a group or function for physical environment assets and services acquisition is one that determines which new facilities, equipment, and services should be acquired in order to operate the information technology business capability.
  • the acquisition group develops a procurement strategy for selecting and appointing vendors, mobilizing the acquisition plan, and evaluating the expected costs and results of each vendor appointment.
  • the group supports managing the specification and acquisition process, while the actual processes of building new facilities and installing new equipment is handled through specialists.
  • An application and performance support build and test group with several sub-groups or functions, is also useful.
  • This group builds and tests the application, training materials, media content, and other forms of performance support required by the business capability.
  • the group completes the detailed design, component testing, and assembly testing of the application.
  • the group also develops learning materials following the instructor-led, goal-based scenario, or computer-based learning approaches.
  • the group may also develop business policies and procedures along with related performance support mechanisms.
  • a desired group or function in support build and test is a group for application detailed design. This group details the Application Analysis Model to the module level to produce a complete set of module specifications that can be used for coding. Detailed design reviews each module specification and develops the Component Test Approach deliverable and plans for testing the application modules. The detailed design group creates common test data that can be used by multiple test phases, and produces completed detailed design specifications that can be directly implemented in code, and develops the approach and plan for component testing the application's modules.
  • Another function or group within support build and test is the group or function for policies, procedures and performance support development. This group produces a finalized, detailed set of new Business Policies, Business Procedures, User
  • the group defines the policies and performance support structure, standards, and templates, and creates prototypes for all policies, procedures, reference materials, and job aids. They conduct a usability test and review to verify ease of use, and document Business Policies and Procedures using capability designs.
  • This development group documents User Procedures in enough detail to enable smooth execution of new application-related tasks within a given Business Procedure.
  • the group also documents reference materials and job aids, and validates and tests the content and usability of the policies, procedures, and performance support.
  • the application build and test group builds a complete, high-quality software application from the Application Detailed Design document. Programmers implement the modules and then review the coded modules to verify correctness.
  • the build and test group executes assembly tests to check interfaces and interdependencies between modules.
  • the media content development group develops all the media content that is required for the application.
  • Media development ensures that the media assets are refined, based on how they look in the sample media content composition.
  • media development creates the final media content composition that only accounts for the representation of assets on page types, not every page. Since a stakeholder sign-off of the final composition is needed before creating the media assets that belong on each page, the final media content composition is created before all the individual media assets are finalized.
  • a learning products development group within application and performance support build and test selects the relevant authoring and development tools, and defines standards, templates, and development procedures. Learning products defines detailed learning objectives, determines learning context, and designs learning activities. They also review paper-based learning product prototypes for ease of use.
  • the group develops activities and content, and defines the support that learners will require.
  • the group also prepares and executes testing to ensure that each learning product meets the stated objectives and that instructors are effective when using the learning products.
  • One of the group's functions is to translate the learning approach and learning requirements into finalized learning products.
  • the learning products that are developed may be paper-based or computer-based.
  • Technology infrastructure build and test is a larger function with several subgroups or functions.
  • Technology infrastructure build and test acquires, develops, and tests the Technology Infrastructure.
  • the group implements the additions and extensions to the Execution, Development, and Operations Architectures.
  • the group also develops the Physical Network and Computing Resources, and tests them as a unified product prior to the Application Product Test. These tests should include changes to information technology processes and organization to ensure improvements to the organization's technology capability.
  • One sub-group or function is technology infrastructure acquisition. This group plans and executes the procurement of the technology infrastructure components that will be acquired.
  • the group decides who will supply the components and services, how they will be supplied, and how much they will cost.
  • the group also assesses the impact of the procurement choices on physical environment deliverables.
  • An execution architecture build and test group completes a detailed design of the execution architecture, and builds and tests that architecture.
  • This group uses the same methodology used for application development to plan and perform the component and assembly tests of the execution architecture.
  • a development architecture build and test group translates the Development Architecture Component Design into the Development Architecture Detailed Design.
  • the group defines the Development Architecture Design while addressing the appropriate Technology Infrastructure Component Requirements.
  • This function also builds custom development architecture components according to the detailed design, and develops extensions to packaged/reuse components.
  • Development architecture build and test uses the assembly test to ensure that, when all development architecture components are integrated, the development architecture will meet the technology requirements.
  • Operations architecture build and test develops the Operations Architecture Components, including extensions to reused and packaged items.
  • the group functions include component and assembly testing.
  • Physical network and computing build and test completes the detailed design, component build, and testing of the
  • the technology infrastructure product test preparation and execution function ensures that the Technology Infrastructure Design has been properly implemented, and that the infrastructure can support the development, execution, and operations architectures. Additionally, this group tests the deployment of the new Technology Infrastructure and its integration with the current Technology Infrastructure.
  • Business capability release test and pilot conducts the product level and overall capability tests to evaluate the integration and operation of the business capability release. These tests start with a controlled test of the application and its interaction with the technology infrastructure. They progress to a pilot of the business capability that evaluates the capability in the operational environment.
  • a group for application product test preparation and execution creates the application product test scripts from the test conditions and cycles that were created in the Plan Application Product Test base practice. This group tests the new application before it moves into production; reviews the test results and monitors the application's performance. The group makes changes as necessary, and investigates discrepancies between the actual and the expected results, taking appropriate steps to resolve those discrepancies. The group completes a comprehensive model for the application product test.
  • One other function is that it verifies, before conversion, that the new application meets requirements as defined in the Application Requirements
  • a group or function for business capability release test preparation and execution creates capability release test scripts from the test conditions and cycles that were created in the Plan Business Capability Release Test base practice.
  • the group or function ensures that the business capability release will be able to support the
  • the group runs the test(s) in a controlled environment before pilot testing.
  • the goal of the test is to ensure that all elements of the business capability release are integrated properly.
  • Performance Model can be successfully completed.
  • the group or function addresses key implementation issues and validates the implementation approach. This is the first deployment of the business capability in an uncontrolled environment.
  • the pilot implementation can be used to establish metrics and define the criteria to be met before a full deployment of the business capability can occur.
  • Change administration is an advantageous function in an information technology network. Change administration enables the controlled and repeatable management of information technology architecture components as they evolve in both development and production environments.
  • a change administration group or function implements a process by which the various information technology units, project teams, and business units communicate, implement, and document changes in the systems environment. When properly implemented, change administration provides efficient and prompt handling of all change requests.
  • the goals of a strong Change Administration function category are to maintain the integrity of the system and provide traceability for all changes inco ⁇ orated into a production environment.
  • a change is defined as anything (hardware, software, system components) that will ultimately alter and/or affect the production environment.
  • change control 51 and solution deployment 52 are the principal sub-groups or tasks of change administration 50.
  • Change Administration is an ongoing process of planning, communicating, coordinating, scheduling, monitoring, and controlling changes to the production environment. It is the process that protects the production environment from changes that are potentially disruptive or have unacceptable risk associated with them. All projects and requests need to go through the Change Administration process. The level of detail required for the change request as well as the speed in which the change is implemented will vary according to the type of change requested.
  • the Change Administration process should be developed to handle all types of change requests, including standard change requests, administrative change requests, and emergency change requests. While each of these types of change requests would be handled differently, all would require some form of change control (planning, scheduling and communication). For example, a simple request to change a frequency of a report may be handled as a user request, and its planning approval, scheduling, and communication could all occur simultaneously. But a larger request for a new application would also go through the planning approval, scheduling, and communication process, and then require a more detailed project plan.
  • an impact analysis may be performed to determine the level of complexity and ultimately the cost associated with that change.
  • a central management organizational group (Change Control Committee), who represent key operational components of the business, are typically involved in the approval/ disapproval of these change requests.
  • Change Administration functions are infrequently done in isolation from other functions in this framework, but usually occur in conjunction with other functions, such as: • Customer Service Management and Vendor Management - managing changes for vendor software ensuring compliance with Service Level Agreements • Service Control - receiving user change requests and communicating change information through the Service Desk
  • Project Request Management and Project Management - a project is another form of a change and is approved and scheduled by the Change Administration function category
  • Network Systems Management many day-to-day operations base practices (i.e., operating system modifications, backup failure and fixes, changes to batch job scripts, etc.) and events (i.e., hardware failures) are other forms of change that still need to be logged and tracked.
  • Application Management - enhancements to applications and various database administration tasks are changes that need to be logged, tracked, and controlled by Change Administration prior to implementation into production
  • Risk Management - risk assessments are a desirable part of the Change Administration function category
  • Asset Management - can provide alerts to the Change Administration function category when unauthorized changes have been entered into the production environment and the Change Administration function category can provide advanced notification when changes to the production infrastructure are going to occur
  • a change control group plans, manages, schedules, and coordinates all changes to the environment.
  • Change Control is the process by which operations development and business process areas communicate, implement, and document changes in the environment. Change control allows the impact of the change to be assessed along with the merits, timeframes, etc.
  • This group monitors the change process to make sure that changes are delivered according to established plans.
  • the group or function also finalizes release planning and provides communications to end users concerning the change process.
  • the group or function is additionally responsible for rationalizing multiple change requests against one another to determine what changes should actually take place.
  • FIG. 24 depicts groups or tasks within change control 51, including change planning 511, change communications 512, and migration control 513. Change planning addresses how all changes are handled, coordinated, implemented, and documented in both production and development environments.
  • Change planning coordinates the release of updates to the IT environment and defines the requirements for the change (i.e., a new version of software, data, user procedures, training, or support materials).
  • a release is defined as maintenance changes to an application, operating system, or firmware that are made prior to the readiness of a version change to be sent to a user.
  • An upgrade is defined as a maintenance change to hardware that is being made prior to a model change. After a release or upgrade has been tested, it is then ready to be deployed (or “rolled out") to the end user community.
  • a desirable part of the change plan is to conduct an analysis to identify the change type (i.e., emergency fix release or planned release), change priority (severity level), and change category or contents of the change package (i.e., hardware, application software, web content, system software, data, configuration parameters).
  • a change plan includes a Contingency and Backout Plan, and is linked to the Change Communication process in order to inform/include all appropriate parties.
  • a group or function for change request creation collects and documents all information pertaining to the change request and logs it into the Change Control tracking tool.
  • Completed change requests include the following information:
  • the change request should include change, contingency, backout, testing, and training plans as well as installation documentation, and change/release documentation.
  • the group confirms that the request is complete and all information is accurately categorized.
  • the group reviews the change request for completeness and accuracy. All change requests are forwarded to the Change Coordinator who reviews them for completeness. If additional information is needed, the Change Coordinator will send the Change Request back to the requester and/or the appropriate support group. If the request information is complete, the Change Coordinator will begin the approval process. In order for a Change Request to be considered, all required information is entered on the Change Request Form.
  • a change impact analysis group performs an impact analysis for a change to determine if the change is an emergency or planned. Change requests need to be analyzed in order for the impact to be fully realized and prioritized for resource pu ⁇ oses.
  • the analysis may be based on such things as cost, performance, resources, organization, timeframes, network configuration, or architecture issues.
  • a related but distinct function or group is change criticality. Change criticality determines the criticality or importance of the change. Changes can be classified as standard changes that are reviewed on a regularly scheduled basis and are planned and implemented during an "official" change maintenance window. Changes may also be classified as urgent, but whose implementation cannot wait for review at a regularly scheduled change maintenance window. Other functions may include change approval, charged with approving a change request. Authority to proceed with a change request can come from various sources, depending on the type of change.
  • a change effort group determines the effort required to implement the change. A group for change request milestones identifies dependencies and critical milestones for the change request.
  • a group for change request prioritization prioritizes a change request against outstanding change requests, as change requests may come from multiple sources.
  • the ente ⁇ rise desirably copes with not only varying types of change, but varying urgencies as well.
  • a release planning function coordinates the functions required to release a new version of any combination of software, data, user procedures, training, or support materials. This group or function determines what will change, the timeframes for the change, and defines the testing and fallback/contingency approaches for a release according to the agreed upon SLAs. The overall release plan is then agreed upon and documented by the appropriate parties.
  • the final group or function in change planning is change scheduling, handled by a change scheduling group. This group creates the master schedule for changes to the environment.
  • change communications The group tracks status and ensures that the change requirements are synchronized to minimize the risk associated with changing the information technology environment.
  • the next function, change communications has several sub-groups or functions. Change communications informs all affected parties on the status of planned and unplanned changes to the information technology environment before scheduling the changes and after the changes have taken place.
  • change communications management directs, coordinates, and monitors the communication activities required to implement an information technology change into the production environment.
  • the communications plan for the change will be designed and documented. It has also been found useful to include a function for change schedule confirmation, which verifies that change notifications are consistent with the information contained in the master schedule for changes and communications plan, and that the change contact list is current and correct.
  • a change schedule update function involves tracking all modifications or alterations to a change that affect the implementation schedule.
  • Change schedule reporting This involves updating the master schedule for changes and notifying the change contact list.
  • Change status categories are defined as:
  • Change request reports may be categorized by request number, by role (initiator, manager, controller, etc.), by status, by priority, by due date, by category, by environment, or as desired.
  • a function for change schedule dissemination notifies all affected parties before a change is initiated according to the communications plan. Change notifications are completed prior to any change. Notifications should be given with enough advance notice so affected parties may plan accordingly.
  • the last function in change control communications is change schedule feedback. This group reports the results (success, failure, change production metrics data, etc.) of the change once it is in the production environment and initiates appropriate action as needed.
  • Migration control coordinates the movement and maintains the integrity of a release package while in the development and testing environments, before a change is ready to be deployed to a production environment. Besides its main function, migration control contains several other sub-groups or functions. Migration control ensures smooth handling of changes from test environments to staging locations for subsequent release packaging and deployment. In order to do this, Migration Control ensures that the proper updates are received from development, versioned accordingly, and moved into the test environment after the pre-release tests have been successfully completed. Migration Control is implemented to maintain integrity of all master release packages and ensure version control on releases. Examples of a release package include software, data, procedures, and support materials.
  • a highly desirable function of migration control is to ensure the integrity of code for the pu ⁇ oses of version control.
  • Migration control also controls the development of all components to ensure new capability development stays on schedule to deploy the new/enhanced capability.
  • Migration control is used in Application Management as well as Capability Development. Note that Migration does not include Operability Testing. Strong security measures are also taken in the migration control function to ensure that the number of people who can make changes to production are minimized and that adequate separation of duties exists.
  • release package assembly This group bundles the requirement components of a release, and ensures that it is correct and complete. Assurances are made that the tools, testing, software, space, and version control are in place before a package is released.
  • a release assembly kit function or group identifies all components that are required for release and installation, including proper documentation, instruction kit, interfaces, links, etc. Release package integrity ensures that the changes in the ente ⁇ rise environment are synchronized in order to ensure a successful change/release. Master releases should be processed from development, through testing, to production in a like manner to ensure the integrity of all releases.
  • Migration control also includes a group or function for version control implementation. This group ensures that the multiple entities that make up the release package are versioned and controlled.
  • Version control on releases allows for software to be documented thoroughly. Change requests, environment, description, responsible programmer, migration date, problems, and status should be noted for all versions via Change Control personnel. Successful release package release confirmation ensures that tested release packages are stored prior to release. Releases will be tested and confirmation will be noted on the version control documents as to the tester, status, comments, etc. This group is additionally responsible for assigning dates and storing a release until the actual deployment.
  • Release packaging migration notification ensures that access to tested releases for distribution to the production environment are available to those who require access. Multiple releases can be dependent and need to be deployed in sync and require that users, programmers, and other departments be informed. Deployment and/or Software & Data Distribution personnel are notified of the release status so they can schedule appropriately for possible system unavailability, etc.
  • Migration library maintenance ensures housekeeping is performed on migration libraries. Libraries are maintained for backout and backup pu ⁇ oses. This ensures that copies of releases are available for any future use, along with supporting documentation that thoroughly describes changes, status, programmers, and owners of release.
  • a group or function for change backout and contingency planning ensures that backout plans and contingency plans are in place in the event that problems arise.
  • Courses of actions are outlined to reverse change or to serve as alternative methods of achieving desired outcome, in the event of unpredicted consequences.
  • a contingency plan is defined as a detailed plan that explicitly describes the actions that will be taken to correct any problems to the existing information technology environment that may be caused by the implementation of the change. Implementing a contingency plan repairs any damage that may have been caused by the intended change.
  • a backout plan is a detailed plan that explicitly describes the actions that will be taken to undo the change, should a problem be encountered when implementing the change.
  • a solution deployment function handles major releases, major initiatives, and major changes that get introduced into environment.
  • Solution deployment provides the input into Change Control so that changes are delivered according to established plans.
  • Solution deployment finalizes Release Planning and provides communications to end users concerning changes.
  • Solution deployment also implements changes for everything within the production environment, including applications and infrastructure, using tested components following a detailed Solution Deployment plan.
  • Solution deployment prioritizes changes anytime a capability is going to production.
  • solution deployment includes working from a plan and modifying and expanding the plan accordingly as changes occur.
  • Groups within solution deployment 52 are depicted in FIG. 25, and include deployment planning 521, process deployment 522, organizational deployment 523, technology/environment deployment 524, software and data distribution 525, facilities deployment 526, and post deployment support 527.
  • a first major task or group in solution deployment is deployment planning. This group gathers the requirements to deploy a new capability or new site and plans the conversion. Deployment planning determines everything from the high-level deployment schedule to individual mandatory deployment base practices. The group or function additionally prepares a detailed deployment plan and schedule, reviews it with appropriate parties, and publicizes (using the Change Communications function set) to prepare the new/enhanced capability to "go live.” Deployment Planning is specific to a site for every release change. Contingency plans are also created in this function set. Deployment is synonymous with "rollout.” A deployment is defined as a change that is ready to be implemented for the end user community after the Build
  • Deployment planning advantageously includes a function or group for deployment schedule confirmation. This group establishes appropriate lead times for deployment of systems to allow users to prepare. Schedules confirmations with internal and external groups may refer to dates, times, contingency dates and times (if problems arise), and deliverables.
  • Another function is deployment schedule impact assessment. This group assesses impact to the deployment schedule provided to internal or external groups, that may occur as a result of feasibility, resource, or lead time issues.
  • a deployment schedule adjustment group or function adjusts the deployment schedule to accommodate schedule conflicts or requirements for longer lead times.
  • Deployment contingency planning ensures that backout plans and contingency plans are in place in the event that deployment problems arise.
  • Courses of actions are outlined to reverse deployment or to serve as alternative methods of achieving desired outcomes, in the event of unpredicted consequences.
  • a process deployment group or function involves the design, build, test, and deployment of new processes required to support the new business solution/capability.
  • This group or function includes requirements gathering and finalization, metrics definition, process design (both conceptual and detailed, and the Build & Test). This group is also responsible for the staging and implementation of new processes into the production environment.
  • An organizational deployment group involves the deployment of the key elements and structure of the organization to provide a common mental model to all Delivering teams that affect the implementation of the organization chart.
  • the group identifies structures for managing human performance by defining what is expected of people who participate in the business capability operation, the required competencies for people to perform the business capability, and how the performance is managed and sustained.
  • Organizational deployment defines the roles played by individuals, the jobs that they hold, and the teams in which they work.
  • the group uses a Competency Model to document the skills, knowledge, and behavior required to perform in the sponsoring organization.
  • Organizational deployment designs the assessment procedures for following individual or team performance and the mechanisms for encouraging work force development. This group also calculates the staffing needs and provides an approach for filling the necessary positions, applied to both core business capabilities and supporting capabilities.
  • Technology/environment deployment configures hardware and software components within a system and coordinates interrelationships within and across the system to ensure that all equipment can function together.
  • Technology/environment deployment prepares the physical location for the deployment, including the installation and testing of the equipment prior to allowing the users to utilize the system. This may also include the setup and configuration of testing and staging environments.
  • This deployment includes functions or sub-groups for production acceptance testing, application deployment, and equipment deployment.
  • a production acceptance testing group or function provides one last check of the new/enhanced capability prior to actual customer signing-on. Once the deployment at a site is completed and the software/data appropriately distributed, Production Acceptance Testing is done by the deployment team as a "mini user test" which ensures that the deployment went as expected. It also tests security of the new functionality in addition to the function's capability.
  • An application deployment group or function involves the various aspects of deploying the application release such as transferring the work products to production, retiring and archiving unused components, modifying performance support products and learning products, conducting training, authorizing the release deployment, and reviewing and baselining the work products.
  • An equipment deployment groups installs, configures, tests, and deploys the new infrastructure components into the production environment. Includes the planning for methods, tools, resources, etc.
  • Software and data distribution are an advantageous group within solution deployment. Distribution updates the software, data, or configuration information on a machine(s), reports the relative success/failure of the distribution, and updates the asset information for the site(s)/machine(s) affected by the distribution. Note that this function relates to the actual Software & Data Distribution of a specific release capability. Primary planning for the overall Software & Data Distribution architecture, tools, and processes is done in information technology Capability Planning. Software and data distribution includes several sub-groups or functions, including software distribution requirements analysis, environment assessment, detailed design and customization, and distribution execution. There may also be groups for review and logging of distribution, and capability assessment.
  • Software distribution requirements analysis reviews and defines the business requirements for distributing software & data for a specific capability release, i.e., number and types of users, number of sites, distribution window, etc. Requirements analysis identifies required specifications related to the distribution, which mat include the following: • Size of distribution
  • a function or group for current environment assessment reviews and evaluates current environment options (i.e., those already in place in the ente ⁇ rise) used for distributing software & data.
  • the environment assessment selects "best fits" for a specific capability release based upon the current available tools/processes and identifies gaps in selected solutions that need to be "fixed” prior to deployment.
  • This group also identifies Software & Data Distribution tools/processes that may need to be implemented in order to meet the requirements of a specific capability release.
  • Environment assessment also identifies required changes to applications, environments, and/or associated architectures related to a specific capability release. Examples of required changes to the environment may include network bandwidth, workstation configurations, and the like.
  • Detailed design and customization finalizes the Software & Data Distribution approach as well as documents detailed specifications. This group customizes existing Software & Data Distribution processes/tools as needed for the specific capability release, and defines the distribution timeline including detailed steps, dependencies, and critical platforms as well as develops the rollback approach (Contingency Planning). Testing of the detailed design is accomplished as part of the Business Capability Release Test & Pilot function found in the Capability
  • Software and data distribution execution performs Software & Data Distribution tasks as part of the deployment scheduled for the new capability release.
  • Software and data distribution review and logging monitors the distribution performance. It tracks and logs distribution-related problems and issues. This group performs emergency fixes or rollbacks as necessary, and additionally documents lessons learned during the Software & Data Distribution.
  • a group for continuous user requirements/current capability assessment documents trends, issues, challenges, and needs with regard to Software & Data Distribution requirements. This group assesses ente ⁇ rises' abilities to meet existing and future needs in this area. This function or group makes recommendations for the new and improved Software & Data Distribution tools/processes.
  • the remaining groups or functions within change administration include facilities deployment, post deployment support, and post conversion support and review.
  • a group for facilities deployment defines and deploys new facilities functionality. Facilities deployment analyzes cu ⁇ ent facilities capabilities and defines new requirements and functions needed to support the new capability.
  • Post deployment support plans in advance for a heightened level of service support directly after deployment of the change. This increased support is scheduled to last a predetermined amount of time (typically 2-4 weeks after deployment). This group schedules additional resources and plans for additional short-term support processes to accommodate the necessary support directly after deployment in anticipation of an increase in service requests from the end user community due to the change event.
  • Post conversion support provides additional support resources and short-term processes to assist the existing support organization with handling user requests and issues quickly.
  • the Post Conversion Support base practice utilizes the knowledge and skills of the development team to assist with support for the predetermined time.
  • Post conversion review reviews the conversion/deployment effort once deployment is complete. Review ensures that issues are resolved and that lessons learned, key issues, and key successes are documented for future reference.
  • Strategy, architecture and planning is an important group or function within information technology framework. This group creates a strategy and plan that outlines the overall information technology capability direction, initiatives, and common information technology processes, organizations, applications, and technology architecture required to support desired business capabilities with optimal efficiency. This is accomplished by working with the ente ⁇ rise and business unit strategy teams as well as analyzing technology industry trends.
  • the Strategy, Architecture, & Planning function category provides technology guidance to the broader ente ⁇ rise through the definition of common application and technology architecture blueprints.
  • blueprints are integrated with the overall business architecture and with the definition of technology guiding principles and standards. These blueprints include the information technology organization, information technology process architectures, application architectures, and delivery vehicle architectures (development, execution, operations and physical network, and computing environments) required to enable the business capabilities.
  • the Strategy, Architecture, & Planning function category seeks to ensure that the information technology ente ⁇ rise is aligned with the business and that there is maximum value, interoperability, and re-use of information technology initiatives. This function additionally evaluates, prioritizes, and plans for the recovery of critical business systems through the Risk Management function set. Desirable groups or functions within Strategy, Architecture & Planning 60 are depicted in FIG. 8, and include strategic planning 61 , capability planning 62, and risk management 63.
  • the Strategy, Architecture, and Planning function category focuses on planning and balancing long-term, strategic initiatives and quick win business opportunities. Day-to-day operational and administrative tasks are addressed within the Service Delivery and Management & Administration function categories. Groups or tasks within this function category include strategic planning for information technology, capability planning for information technology, and risk management. 6.1 Information technology strategic planning
  • Strategic planning provides a long-term (i.e., three-to-five year) strategic direction for a information technology ente ⁇ rise.
  • the current ente ⁇ rise or business unit strategy may seek to establish information technology and business value propositions, technology imperatives, guiding principles, and the technology objectives and implications that need to be addressed by the information technology
  • Strategic planning addresses the information technology Processes, Organizations, and Technology Architecture needed to ensure that the information technology ente ⁇ rise can efficiently support all business initiatives and business capabilities identified by the Business Operating Strategies. This applies to all information technology services (i.e., custom application development, packaged application implementation, or information technology services such as Service Level Management processes).
  • Information technology Strategic Planning is an iterative process; information technology strategic plans are periodically monitored, reviewed, and updated to ensure relevance to ente ⁇ rise, business unit, and industry trends. Any changes to the environment and the related assumptions may impact the overall blueprints and plans.
  • FIG. 26 depicts functions or tasks within strategic planning 61, including information technology strategy 611, sourcing strategy 612, and a capability performance model 613.
  • Information technology defines the strategic information technology direction by identifying the technology imperatives, objectives, and guiding principles needed to enable the overall business strategy.
  • a sourcing strategy examines current and potential sourcing opportunities associated with information technology assets and services needed by the ente ⁇ rise. This group or function develops sourcing strategies, conducts market research, coordinates competitive bidding processes, analyzes results, and develops sourcing recommendations.
  • Useful may also be an information technology capability performance model, and a group or function for implementing the model.
  • This group contains the performance targets and indicators for the capability, and defines the different performance goals and metrics and the methods of measurement, presentation, and communication that monitor the performance of the information technology capability. Metrics and definitions are also defined for each of the business integration elements that comprise an information technology capability. These are aligned with delivering the overall information technology Capability Performance Model. 6.2 Information technology capability planning
  • Information technology capability planning defines the Application and Technology Architectures and key Business Continuity and Protection plans needed to deliver and enable the core business capabilities. Capability planning works with information technology Strategic Planning and Quality Management to ensure that there are people and processes in place to facilitate the inter-operability of Business Capability information technology solutions and to ensure consistent information technology strategy implementation. This group also ensures that the technologies being used by the ente ⁇ rise enable the pursuit of business objectives and capabilities, and that sound operations and security practices are being employed. Groups, functions or tasks within capability planning are depicted in FIG. 27. They include process planning 621, organization planning 622, application architecture planning 623, data architecture planning 624, technology architecture planning 625, capacity modeling and planning 626, and architecture standards and compliance 627.
  • a sub-task of capability planning, information technology process planning defines the key information technology processes and the related performance requirements required to implement the overall information technology function.
  • the process flows define the process initiation steps, the manual/automated processing steps, the exception processing steps, the inputs required, the outputs created, and the responsible parties.
  • the performance model identifies how these processes will be measured.
  • Another sub-task of capability planning, information technology organization planning defines the organization required to support information technology processes. In defining the information technology organization, the competencies/skills required, the culture, organization structure, human capital development plan, the human capital assessment plan, an information technology organization performance model, and the training plan are all addressed. Based on the inputs gathered, an organizational chart, a detailed role description, and associated responsibilities and measurements are produced. Organizational planning works with the Human Performance Management function category to ensure that the proposed organizational changes are viable.
  • Application architecture planning defines the applications needed, their application requirements, performance model, and the application distribution approach needed to enable the business capabilities.
  • Data architecture planning defines the data needed, the data definitions, performance model, and the data distribution approach needed to enable the business capabilities
  • technology architecture planning Another task within information technology capability planning is technology architecture planning.
  • This group defines the ente ⁇ rise's technology architecture blueprints and the performance model required to enable the application blueprints in delivering the business capabilities.
  • Technology architecture planning facilitates the reuse of common architecture components and defines environments to facilitate the inter-operability of information technology solutions. This group ensures that the technologies being used by the ente ⁇ rise enable the pursuit of business objectives and capabilities, and that sound security practices are being employed.
  • the group also defines the technology architecture blueprints, guiding principles and standards for the development, execution, operations, physical network, and computing environments.
  • Sub-tasks within architecture planning include development, execution, and operations architecture blueprint, as well as physical network and computing blueprint.
  • a group for development architecture blueprints identifies the development architecture services necessary to build the applications, execution architecture, and operations architecture based on the application requirements and the developer user service class.
  • a group or function for execution architecture blueprint identifies the execution architecture services that support the applications component of the business architecture based on the user service classes and the technology infrastructure. This group understands the criticality of each application that is being addressed by the execution architecture, and addresses all communication services that each application will require (i.e., security, messaging, directory services, virtual resources).
  • An operations architecture blueprint group identifies the operations architecture services necessary to operate the applications, development architecture, and execution architecture, based on the application requirements and the operator user service class. This group ensures that the proposed architecture is practical to build and maintain when defining the operations architecture services.
  • This group or function identifies the service level agreements (SLAs) and operational level agreements (OLAs) required to support the operations architecture, and ensures that the information technology processes and organization that build and maintain these services after the program is completed are included in the business architecture.
  • a physical network and computing blueprint group identifies the physical network and computing architecture required to support the applications, development, execution, and operations architectures based on the application requirements, the business volumes, application/data distribution approach, and location of users.
  • the physical network and computing component is the foundation for one or multiple delivery vehicles; therefore, it is highly desirable that the physical network and computing component fully address the requirements of the delivery vehicle as a whole.
  • This group utilizes the network services in the execution architecture framework as a guide when defining the physical network and computing component.
  • the group documents all guiding principles and assumptions that affect decisions for each physical network and computing component.
  • capability modeling and planning Another function or group within capability planning is capability modeling and planning. This group ensures that appropriate system (computing and networking) resources are available to handle the business workloads, to enable business capabilities, and ensure that service level targets are reached. This function ensures that enough physical facility is available to house the resources and that enough people are available to manage them. Functions included in this group include business definition and requirements planning, resource data gathering, capacity modeling, capacity plan development, plan implementation and maintenance.
  • a group or task for business definition and requirement planning defines the key business requirements and business drivers that will determine what information technology resources are needed for a specific application during a given time frame.
  • a group or task for resource data gathering collects the key data needed for the pu ⁇ ose of building a capacity model and performing capacity planning.
  • the information for data gathering comes from a variety of sources, both manual and automated. Historical, as well as current data, is gathered in order to understand resource utilization trends, identify peak process periods, and plan for future processing demands.
  • One of the most important aspects of data gathering is accuracy. The accuracy of the data directly impacts the accuracy of the capacity model and the quality of the capacity plan.
  • Capacity modeling uses automated tools to build a model of the application and identify the system on which the application is running. The capacity modeling tool will then be used to identify the optimal hardware, software, and communications configuration needed to meet desired service levels for the expected workloads.
  • Capacity plan development summarizes the configuration strategies of the capacity modeling efforts and creates the capacity plan report.
  • the capacity plan documents the capacity requirements and resource upgrades required for the coming year. It will also be used on an ongoing basis to track actual capacity consumption.
  • Capacity plan implementation and maintenance presents the results of the capacity plan, for a given planning period, to management. Once approved, the capacity planning team works with other teams to execute the capacity plan. The team or function continually monitors the actual usage in the business environment and information technology production environment. Business workload volumes, levels of performance, and resource utilization are monitored and compared against planned projections to determine variances. The results are reported on a periodic basis to management.
  • a group or function may also be used for architecture standards and compliance. Based upon architecture planning guidelines, this group establishes the standards and compliance guidelines for all "technology/architecture" related items
  • Risk management is a third large sub-category under strategy, architecture and planning. Risk management encompasses all functions aimed at identifying and securing ente ⁇ rise assets against various forms of business interruption or loss.
  • FIG. 28 depicts tasks classified under risk management 63, including risk mitigation strategy 631, security planning 632, high availability planning 633, and business recovery planning 634.
  • Risk mitigation strategy develops people, process, and technology directions to reduce security risks to an acceptable level. Mitigation determines the most cost effective and efficient mitigation plan in the event of a business risk occurrence.
  • This group or task classifies business assets and develops strategies for securing different classes of assets. This group understands industry best practices in securing assets, and establishes ente ⁇ rise direction in security management, including such areas as secure commerce with business partners.
  • the following five subtasks may form parts of the risk mitigation strategy.
  • Asset and loss impact identification determines those critical assets requiring protection.
  • the group identifies undesirable events and expected impacts. It also values or prioritizes assets based on consequence of loss.
  • Another embodiment may feature threat identification and characterization. This activity identifies threat categories and potential adversaries, and assesses intent, motivation, and capability of adversary or threat. This group determines frequency of threat-related incidents based on historical data. The group estimates degree of threat relative to each critical asset and undesirable events.
  • This task identifies potential countermeasures to reduce vulnerabilities.
  • the task identifies countermeasure capability and effectiveness and their associated cost.
  • the group conducts countermeasure cost/trade-off analysis, prioritizes options, and prepares recommendations.
  • a security planning group develops tactical plans to secure environments in order of business priority, based on the Risk Assessment and Risk Mitigation
  • Security planning monitors key technology deployment efforts and provides security requirements and consulting to projects.
  • Security planning includes areas such as tool deployment, awareness/change management programs, compliance programs, etc. This group designs and maintains the security plan based on a periodically updated Risk Assessment as the environment changes. The quick wins groups and other security functions mentioned below are the focus of this group.
  • a Quick Wins Identification group identifies the high priority vulnerabilities in the system.
  • Quick Wins identification identifies the most egregious security holes that also have the minimum cost impact to the client.
  • Quick Win countermeasures are classified in terms of complexity and length of time required to accomplish them
  • a group for quick wins implementation planning combines the strategy and plan for implementing the countermeasures identified for each of the quick wins.
  • the strategy should be completed at a level of detail that is acceptable to the client. Prioritization is the key element in this base practice and the client is an essential part of the process. Priority setting, however, may be initiated by the security team.
  • Security Quick Wins Implementation covers the execution of the implementation activities. This group identifies what it will take to install, test, and deploy the countermeasure of the identified vulnerability.
  • a group or function for solution product analysis assesses security components primarily for longer term solutions. Vendor demonstrations and piloting are included within this base practice.
  • Another group, security options selection ascertains the cost-to-fix against the benefit that the solution provides to the client. This base practice produces a document that is appended to the security plan.
  • Security plan deployment is responsible for the deployment of the security plan. This group tests and stages fixes at various levels. Additionally, this group writes procedures for the operations group.
  • a high availability planning group develops and maintains contingency plans in support of the Risk Mitigation Strategy.
  • This group monitors the support organization's ability to switch to alternate resources when a portion of the system is not or cannot remain functional. This group also ensures that all contingency plans meet previously agreed upon Service Level or Operational Level Agreement targets.
  • a contingency plan development/ verification/maintenance plan group develops the contingency plans to support the business goals in a comprehensive capability approach including technology, processes, facilities, etc. based upon SLAs/OLAs in effect. In developing the plans, the scope of the plan needs to be clearly articulated. Once the contingency plan has been developed, this base practice monitors any changes to the environment, business or otherwise, that would impact the plan. Occasionally, the plan is verified through testing.
  • a redundancy architecture guideline development group provides guidelines for redundant resource architectures starting from multiple CPUs, power supplies, etc. within a single server to multiple servers distributed to multiple processing centers with features such as high-bandwidth connectivity, data mirroring, fault tolerance, etc.
  • a redundant resource monitoring group monitors resources to detect utilization and re-routes traffic to other, more available resources. In the event of a resource failure, the redundant resource monitoring group potentially brings on-line standby resources and/or alters other resources to the problem.
  • a Business Recovery Planning function develops a business recovery plan in the event of a significant or prolonged system failure. Unlike High Availability Planning, the Business Recovery Planning function is concerned with how to quickly rebuild required services in the event of a long-term outage that renders sites (remote or central) unusable. Some key responsibilities include:
  • This framework uses Business Recovery to refer to the development of the strategy for recovering functional capabilities in the case of a major disruption or emergency.
  • Disaster Recovery develops the strategy for recovering a system or a portion of the system in the event of a significant system failure caused by a major disruption or emergency.
  • the following ten functions or groups may be considered part of business recovery planning.
  • Risk mitigation strategy confirmation identifies outage scenarios to be addressed by the recovery plan.
  • the strategy develops preliminary recovery strategies across time, quantifies critical resources by function and develops a recovery timeline.
  • the function also quantifies and qualifies appropriate recovery options and presents all findings to stakeholders.
  • Business recovery maintenance procedure development develops business recovery plan update procedures, training materials, and task responsibility matrix.
  • Disaster recovery maintenance procedure development develops disaster recovery plan update procedures, testing strategy, training materials, and task responsibility matrix.
  • Disaster recovery plan validation plans and conducts tests to evaluate the validity of the initial disaster recovery plan. It evaluates the test results and revises the disaster recovery plan if necessary. The disaster recovery plan is regularly tested to ensure that the plan remains current.
  • Business recovery plan training conducts training sessions with the business recovery team and awareness training with employees. The group evaluates the training based on feedback from these sessions.
  • Disaster recovery plan training conducts training sessions with the disaster recovery team and awareness training with employees. This group evaluates the training based on feedback from these sessions.
  • Business recovery plan approval creates a presentation to present to management to gain approval of the business recovery plan. Once approval is obtained, publishes the business recovery plan.
  • Disaster recovery plan approval creates a presentation to present to management to gain approval of the disaster recovery plan. Once approval is obtained, this group or function publishes the disaster recovery plan.
  • Management and administration provides the framework for effectively managing information technology ente ⁇ rises using sound business principles and practices. Management and administration manages functions that are not always unique to the information technology portion of the ente ⁇ rise; therefore, these functions are often performed outside of the information technology group.
  • Financial administration manages the information technology finances, including preparing the budget for the information technology resources and information technology operations, managing adherence to that budget, and establishing a pricing mechanism for selling its services to internal and external customers. All financial matters are included, including the building and maintenance of any Total Cost of Ownership (TCO) information.
  • FIG. 29 shows the principal subgroups or tasks within financial administration 71, including fiscal plan management 711, service costing 712 and pricing, billing and accounting 713, and financial audit compliance 714.
  • Fiscal plan management provides financial stewardship for the information technology activities of the ente ⁇ rise, monitors and authorizes discretionary spending, and reconciles actual expenditures with the information technology plan. This group is responsible for accurate financial reporting.
  • Fiscal plan management includes budget planning and development, budget execution and control, capital budget monitoring, and modeling and forecasting financial plans. Budget planning and development plans and develops the budget for information technology. Budgeting approaches vary by ente ⁇ rise. Typically, a traditional budgeting approach begins with last year's budget levels and adjusts for inflation and new programs or activities. In many companies, the necessity of current expense levels are only questioned when operating cost cutting programs are introduced.
  • KPIs Key Performance Indicators
  • Other proven practices in leading edge companies include revising business plans and budgets to meet changing business conditions, preparing budgets on a rolling (perhaps 18 months) basis (eliminating annual planning distinctions), empowering managers with spending authority on the basis of "approved budget” (not “signing authority”), and tying the budgeting process to the regulatory review process.
  • Budget execution and control develops budgets for the time frames needed by both managers and regulators.
  • Key performance indicators (KPIs) are viewable to all personnel levels within the organization in order to encourage proactive behavior and prevent overruns.
  • Capital budget monitoring includes planning expenditures for major equipment/facilities on which returns are anticipated to extend beyond one fiscal year. This involves estimating cash flows, calculating the payback period/return on investments, monitoring and approving procurement, and evaluating assets/facilities against a combination of initial investment and continuing costs.
  • the monitoring of the capital budget is particularly unique due to the fact that depreciation, with respect to equipment and facilities, plays a major role in information technology budgets.
  • Modeling and forecasting enables ente ⁇ rises to analyze scenarios in an attempt to simulate the effects of alternative management policies and assumptions.
  • Alternatives can be driven by optimizing management objectives including multi- objective techniques such as goal-programming available through linear programming.
  • Models and forecasting techniques are utilized in the following types of value-added analysis: financial forecasting, financial analysis, capital expenditure analysis, cash flow analysis, cost/volume/profit analysis, cost and price projections, merger/acquisition analysis, new venture analysis, tax planning, exchange rate analysis, capacity planning, etc.
  • Service costing and pricing monitors costs for information technology services, maintains service pricing algorithms to determine chargeback and/or allocation costs within the organization, and provides input to information technology Marketing. This group may build and maintain a Total Cost of Ownership (TCO) routine and compare internal/external financial benchmarks.
  • Service costing and pricing includes functions for cost/depreciation schedule determining, chargeback and allocation determination, usage trend determining, budget preparation and validation, product/service option identification, service price cost evaluation, cost allocation plan determining, service price catalog maintenance, cost notification, and financial reporting information. Cost/depreciation schedule determination determines the value of purchasing versus leasing based upon equipment, software, and support costs with projected depreciation for the next year.
  • the chargeback/allocation determination group determines which items that are part of an ente ⁇ rise's overhead need to be charged back to the department, project, or individual and outlines them in a service document or SLA. This group may be responsible for the creation/maintenance of a database of detailed activity.
  • Usage/trend determination collects data on what services are being used, how often, and when. This data can be used to provide load-balancing information for personnel needed to support the services.
  • the group may be responsible for end user surveys and results. Budget preparation/validation audits budgets prepared by each project or department to ensure accuracy. This group is also responsible for the review of monthly forecasts to plan, and they are responsible for the collection and cross-referencing of data with current service/product cost, expected growth, and past budgetary needs.
  • Product/service option identification identifies product and service options that are offered within an SLA. The group cross-references and documents these products/services.
  • Product/service definition outlines in detail (in the SLA/OLA documents) the products and services that are available and any outside costs that may be incu ⁇ ed if the customer goes outside the standard products or services.
  • the group for service price cost evaluation creates a cost model based on the business and pricing strategy.
  • the cost model may take the form of a chargeback structure, a budget structure, or a cost structure for each department or group.
  • Cost allocation plan determination delineates between common infrastructure components and department/user specific components. Cost allocation plans will reflect specific purchases of equipment and services for a given department and will have an associate "over-all” or "seat-charge” for infrastructure components.
  • Service price catalog maintenance ensures that a list of services and their cost is made available. This list is a living document that is updated frequently. This document is broken down to the lowest level of each service, when possible. Cost notification justifies and provides a breakdown of charges assigned to the customer for a particular service.
  • the final group or function within service costing and pricing is the financial information reporting group. Financial information reporting collects consistent, detailed financial information regarding service costs for each department or project in a company. Financial thresholds are set and the data, and reporting frequency is specified so unnecessary information is not collected.
  • Billing and accounting includes chargeback and allocation administration and any reporting and trending on chargeback and allocation.
  • Billing and accounting is responsible for the accounts payable and accounts receivable functions for information technology. This group or function gathers the necessary accounting information to calculate actual costs, determines costs based on the Service Costing & Pricing function, bills users for services rendered, and makes payments to service providers based on input from Service Level Management and Service Level Review about the quality and level of service provided.
  • Chargeback/allocation administration collects statistics on systems usage by users, groups, or departments and then allocates charges based on an appropriate chargeback algorithm. Allocation of charges is intended to communicate to the users how much processing services that they are using actually cost. Allocation also monitors the actual payments for services rendered and credits for SLA and OLA violations by the service provider. Chargeback/ allocation reporting and trending reports and trends chargeback results to document and track chargeback activities and goods/services purchased.
  • Financial audit compliance provides resources and data for internal and external auditors and manages the resolution of any negative findings.
  • Quality management is the second major group or function within management and administration. Quality management monitors, across the ente ⁇ rise, how well the information technology environment is being managed and works towards continual improvement of information technology capabilities and services. Quality management ensures that quality is put into every aspect of information technology throughout the ente ⁇ rise. Groups or functions within quality management 72 are shown in FIG. 30. They include tasks for the quality plan 721 , quality metrics 722, external benchmarking 723, quality assurance review 724, and continuous improvement planning 725.
  • a quality plan function establishes a course of action for ensuring that quality is put into all aspects of an information technology ente ⁇ rise. This includes the communication of the Quality Plan across the ente ⁇ rise, as well as maintenance and revision of the plan.
  • Quality plan creation creates a plan to infuse quality into all aspects of the information technology organization by setting aggressive goals and creating mandatory quality procedures.
  • a successful plan regards quality as a multi-year investment.
  • Quality plan communication communicates the established quality plan throughout the ente ⁇ rise. The plan should include providing the training necessary to the success of the quality plan. Imparts the idea that quality is the responsibility of everyone.
  • a key success factor is "obtaining buy-in" for the Quality Plan across the ente ⁇ rise.
  • Quality plan maintenance maintains the quality plan including monitoring the effectiveness and establishing checkpoints.
  • Quality management includes a quality metrics group, which determines the methods and standards by which quality is going to be measured.
  • the metrics group continually measures and monitors these methods to ensure they are appropriate and reports on the effectiveness of the metrics in place.
  • This function receives key input from the Governance & Strategic Relationships functions.
  • Metrics functions include creation, measurement and reporting, metrics control and metrics review.
  • Quality metrics creation determines the methods that should be used to measure quality.
  • This group researches, defines, and analyzes internal Key Performance Indicators (KPIs) throughout the information technology ente ⁇ rise.
  • KPIs Key Performance Indicators
  • Quality metrics measurement and reporting measures and assesses the metrics that are currently in place, at set checkpoints, checking effectiveness and ensuring that the standards remain pertinent and up-to-date. Measurement and reporting generates reports presenting the results of the measurement process and distributes to appropriate parties.
  • Quality metrics control assesses the change of Quality Metrics over time. The group assures that agreed upon quality levels are consistently reported on by regularly and frequently assessing the quality delivered against the target quality levels defined. If Quality Metrics are being violated, Quality Metrics Control is responsible for taking the appropriate action to determine what is causing the violation and to initiate a fix to ensure the best quality in the delivery of information technology services. Quality metrics review schedules and completes reviews to quality on a periodic basis. They provide a formal opportunity to internally get an overall assessment of where the organization stands in terms of quality. They evaluate measurements to see what is going well, what is going poorly, and where fixes are needed.
  • External benchmarking is the next group within quality management. External bench marking reviews the quality and compares the performance of the information technology ente ⁇ rise against similar types of information technology ente ⁇ rises using an independent auditing company. The results of these comparisons show an information technology ente ⁇ rise its status in relationship to similar ente ⁇ rises. This status may justify the initiation or existence of a project, service, team, etc. This function provides an external gauge on the level of quality being delivered. Functions within external benchmarking include data gathering, analysis, and formulation of an action plan. The data gathering group conducts a thorough review of the quality practices that are in place at the information technology ente ⁇ rise, gathering detailed information on the ente ⁇ rise's current quality practices. The data gathered is categorized and in the same format as the data provided by the benchmarking company.
  • the benchmarking analysis group or function analyzes the results of the benchmark study to attain insight into the ente ⁇ rise's quality practices. Through this analysis the organization may gauge its status in comparison to similar types of information technology organizations. The results of the analysis will demonstrate the ente ⁇ rise's strengths and outline areas for improvement.
  • the action plan group creates an Action Plan designed to maximize quality, based upon the Benchmarking Analysis. This plan will be developed with the goal of improving areas that fall below industry standards and striving to exceed quality provided by comparable ente ⁇ rises.
  • Quality assurance reviews are conducted by the quality assurance review group or function. This group reviews the services and products provided by information technology on a periodic basis. This group evaluates compliance with overall Quality Management guidelines in an effort to continually improve the quality of the services provided. They evaluate performance against SLAs, comparing delivered service against expected service, in order to assist in determining areas of improvement. They provide a point-in-time internal gauge to quality. Quality Assurance Reviews are not merely responsible for reviewing system performance, but also for surveying & assessing employee satisfaction, process maturity, work environment, leadership, unit knowledge capital contribution skills, and unit metrics. Specific groups or function within quality assurance review are scheduling, audit, and another action plan group. Quality assurance scheduling sets the schedule for providing Quality
  • Quality assurance audit performs the Quality Assurance Reviews, checking for compliance to guidelines and effectiveness.
  • Quality Assurance Audits include "predefined” Quality Assurance checklists as well as more "free form” interviews and discussion sessions.
  • Action plan creation creates an Action Plan based on the results from the Quality Assurance Review.
  • the last function within quality management is a group or function for continuous improvement planning. This group ensures that internal reviews are continually being conducted on quality.
  • the group identifies improvement opportunities, maps and re-designs processes, plans improvements, and verifies and evaluates improvements.
  • the group periodically evaluates how well the information technology functions are being performed and what improvements can be made. Functions or sub-groups within continuous improvement include plan assessment, action plan development, and continuous improvement monitoring.
  • Continuous improvement plan assessment assesses the improvement Action Plan in place. This group reports on the progress made by the improvement plan.
  • a group for action plan development continues to develop and update the Action Plan, documenting and submitting (through the Request Management function) changes necessary for improvement.
  • Continuous improvement monitoring monitors the policies that are in place to implement change. This group or function ensures the adherence of the Action Plan and that the improvement effort is kept on-track.
  • the asset management group performs life-cycle management of all technology assets within the environment. Functions here include registration and maintenance of asset records and management of licenses for assets.
  • the term "asset” is defined according to the specific ente ⁇ rise and may include hardware and software.
  • FIG. 31 shows the function or tasks within asset management 73.
  • Desirable functions within asset management 73 include asset optimization 731 , procurement 732, inventory management 733, software license management 734, hardware maintenance 735, lease portfolio management 736, and disposition 737.
  • a group or function for asset optimization determines how the ente ⁇ rise strategically ensures that the assets it possesses are being utilized efficiently.
  • the optimization group defines strategy for asset lifecycle and determines alternatives for lowering the Total Cost of Ownership of information technology assets by analyzing contracts, assets, utilization, performances, competitive solutions, and service level information to compare with users' expectations.
  • asset lifecycle strategy development for determining the recommended life span, maintenance approach, and disposition alternatives for groups of assets
  • alternative costing assessment which analyzes and determines the appropriate financing or costing approach (i.e., leasing, purchasing, etc.), based upon financial guidelines/standards.
  • Procurement works with suppliers and users to identify and acquire products and services for use in information technology. Procurement ensures that proper authorizations exist, monitors adherence to co ⁇ orate standards, issues appropriate procurement documentation, and verifies order fulfillment. This function is closely related to the Vendor Management function category. Procurement includes the functions below relating to vendors, orders, returns, and procurement reporting.
  • Vendor information maintenance maintains and updates lists of approved vendors, historical transaction information with each vendor, quality of service, special terms/conditions that apply to a vendor, and existing contracts or regulatory requirements that might affect vendor selection.
  • Vendor portfolio reconciliation reviews and reconciles vendors' portfolios of products and services to ensure that the organization is receiving the appropriate services/products contracted for appropriate pricing/discounts and consistent services.
  • Procurement request logging logs each request, upon receipt, with all required information. For each request received, Procurement verifies that appropriate approval for the purchase has been obtained. For non-standard orders, the technical compatibility of the equipment requested is also verified.
  • Order placement submits an order. Once a request has been approved, a purchase order is generated, and a suitable vendor is identified.
  • Price, terms, and conditions are negotiated with the vendor before the order is placed. Order notification and an estimated delivery date are sent to the user. Order tracking then tracks orders to ensure delivery occurs on schedule, and that vendors are contacted if issues arise. Order tracking also maintains backlog and backorder information. If applicable, Solution Deployment is notified of delivery dates with sufficient lead-time for any necessary planning. Delivery verification ensures that the necessary quantities of equipment (hardware and software) are delivered to the appropriate locations on time. All assets received are logged in the Asset Management system. Return/replacement management coordinates the return of rejected items or replacement of canceled orders. Reasons for rejection or cancellation should be documented and the costs of processing returns or replacements assessed. Procurement activity reporting reports on information such as items purchased, supplier performance, and deviations from procurement plans. The final activity or group within procurement is asset portfolio optimization. Asset portfolio optimization identifies beneficial modifications to the procurement strategy by reviewing procurement activity reports. This activity provides input to Vendor Portfolio Reconciliation.
  • Inventory management captures and tracks information about the information technology asset portfolio (software, hardware, network components, telecommunications, and other equipment), including physical attributes, cost, location, vendor, ownership, and the related procurement contract. Inventory management is responsible for the archival and logging of this information and updating the asset information as changes occur. Functions within inventory management include asset logging, inventory information maintenance and audit, discrepancy reporting and archiving.
  • Asset logging ensures that the necessary quantities of equipment (hardware and software) are entered into the asset management system correctly, and in a timely manner.
  • Inventory audit performs periodic audits of the Asset Management system and ensures that asset information is accurate.
  • Discrepancy reporting creates asset reports according to user-defined criteria to ensure accurate data. These reports are then distributed to the correct audience based on user requirements.
  • Asset information archiving archives asset information for historical tracking and documentation.
  • Software license management is another function within asset management. Software license management ensures that software licenses are being maintained throughout the ente ⁇ rise information technology environment, manages the number and type of licenses, and ensures strict adherence to license agreements. The several functions below related to licenses are all portions or functions of software license management.
  • License agreement compliance enforcement searches for and reviews all software to ensure that it is properly licensed. New/increased license acquisition ensures that licenses are purchased, authorized, and tracked for software being used. Expired license/software deletion identifies expired licenses for software that is no longer needed, ensures that the software is removed, and that there is no violation of license agreements. This group is responsible for writing cancellation letters and retiring and removing software. Finally, license maintenance renews license agreements when due or removes applications associated with expired licenses. Another function within asset management is hardware maintenance.
  • Hardware maintenance includes the planning for and the actual budgeting, scheduling, and performance of maintenance for hardware assets within the ente ⁇ rise.
  • Hardware maintenance documents warranty and maintenance coverage for each asset. This group also monitors expiration dates, provides cost projections, and evaluates the adequacy of warranty and maintenance coverage.
  • Hardware maintenance planning plans for appropriate maintenance by hardware grouping This group considers account cost, vendor, performance record, warranty, service levels, and procurement plans/guidelines.
  • Hardware maintenance budgeting provides hardware costing information for budgeting functions.
  • Hardware maintenance scheduling ensures that hardware maintenance is applied on time with minimal interference to business activity.
  • Hardware maintenance performance rates maintenance providers against stated metrics (i.e., mean time to repair, mean time to respond, performed on time, etc.) and other providers.
  • Hardware maintenance includes warranty/maintenance coverage documentation. This group tracks warranty and maintenance agreements on all hardware, and ensures that specific pieces of hardware are not covered under multiple agreements. The group responds to disputes between vendor and client billing for maintenance repair. Hardware expiration date monitoring tracks the expiration of warranty/maintenance agreements on all hardware. This group writes cancellation letters based on the contract, when necessary. Finally under hardware maintenance, warranty/maintenance evaluation determines whether warranty/maintenance agreements should be renewed or allowed to expire.
  • Lease portfolio management tracks all information technology asset leases, ensures compliance with lease agreements, monitors expiration dates, analyzes end-of-lease options, and provides financial portfolio information.
  • IT lease tracking monitors the status of information technology asset lease agreements and ensures that lease invoices are tracked.
  • Lease agreement compliance enforcement ensures that both parties, the lessor/lessee are in compliance with the lease agreement. This includes ensuring that payments are made on schedule.
  • Expiration date monitoring tracks lease expiration dates for all assets to ensure that leases are renewed or allowed to expire. The date monitoring group also writes letters of cancellation and tracks adherence to notification dates.
  • asset disposition identifies unused and/or old, "high maintenance" information technology assets, analyzes alternatives ranging from redeployment to retirement, determines the appropriate strategy, and performs data transfer, de-installation, and redeployment/disposal of all information technology assets throughout the information technology operation. This is the traditional asset "decommissioning," retirement, or redeployment function. Other functions or subgroups include asset identification, alternatives analysis, disposition strategy development, de-installation and disposal or redeployment.
  • Unused asset identification identifies assets that are not being utilized and determines why the assets are not being utilized.
  • Alternative analysis determines whether to keep, retire, or modify an asset.
  • Asset disposition strategy development develops a strategy to dispose of unused assets and ensures that assets that are not utilized are retired. This group determines the appropriate means of disposal (sell, donate to charity, etc.).
  • a group or function for data transfer/ de-installation identifies what data/software may be stored in an asset and determines whether the data/software should be transferred to another asset or should be disposed of entirely.
  • Asset redeployment/ disposal conducts the redeployment or disposal of a specific asset based on the asset disposition strategy. 7.4 Vendor management Vendor management manages relationships with vendors.
  • the vendor management group ensures that good business principles are in place when selecting and working with vendors. They are responsible for vendor selection, contract compliance, contract negotiation, vendor relationship management, and outsourcing selection and management.
  • Sourcing strategies researches, develops, and documents vendor management strategies required to ensure the most optimal relationship. Sourcing strategies also analyzes business benefits and risks of potential sourcing opportunities and compares them with non-sourcing alternatives. Vendor search and analysis examines potential sourcing candidates through consultation with subject matter experts and investigation of market reports, annual reports, 10-K forms, and similar data in order to determine if they satisfy the elimination criteria. Such analysis is the basis for preliminary candidate selection and is often sent out as a Request for Information (RFI).
  • RFI Request for Information
  • Random Bidding coordination develops and implements the plan for acquiring competitive bids for the proposed sourcing work. Involves all the tasks associated with conducting a Request for Proposal (RFP) process i.e., metrics, invitation letter, transmission of RFP, evaluation, selection, etc.
  • a Request for Proposal (RFP) is sent to a short list of candidates.
  • RFP vendor candidates may be asked to submit a documented proposal as well as deliver an oral presentation, conduct a product demonstration, or hold site visits.
  • detailed functional checklists or business case scenarios may be used as guidelines for evaluation.
  • Result analysis examines the proposal along with any other input data from the vendors (site visits, oral presentations, product demonstrations) and tabulates the results. Subject matter experts are asked to review and rank the data. Sourcing recommendation development compiles an objective assessment of the proposals and all other data for each vendor. The recommendation is then presented to senior management. Open issues and risk summaries can be included in the recommendation.
  • Contract strategy development identifies the appropriate members of the contract development team, the negotiators, and the key business issues to protect in the contract.
  • Contract creation develops the contract template based upon previous contracts or from an aggregate of generally accepted contract provisions. Key exhibits are identified and developed by both the vendor and customer.
  • Contract creation includes appropriate documentation on Statement of Work and/or Product Acquisition, as well as appropriate operational level agreements.
  • Contract legal/financial review continually reviews and tracks the legal and financial implications of the evolving contract. This continuous review helps to mitigate risks and identify issues as early as possible.
  • Contract approval management reviews and approves vendor contracts prior to acceptance.
  • Contract management is a longer-term function under vendor management. Contract management tracks contracts and ensures that both suppliers and users are complying with negotiated terms and conditions. Contact management includes contract administration, compliance enforcement, and issue resolution and escalation. It includes additional tasks such as:
  • Contract administration involves the day-to-day maintenance and administration tasks that are required to manage vendor contracts i.e., measurement and compliance with established metrics. Contract compliance enforcement ensures that service levels, escalation processes, notification processes, and other such contract specifics are followed. Contract inquiry support addresses contract-related questions and verifies recommendations with legal counsel if necessary.
  • Compliance issue escalation and resolution ensures that proper dispute and issue resolution processes are followed for contract noncompliance. This includes the tasks and procedures that manage the escalation of vendor noncompliance issues and the various resolution strategies to resolve them. Contract renewal/revision keeps the contract up-to-date. In addition to extending the expiration date, the contract details should be reviewed on a regular basis and revised if necessary to maintain an effective win-win relationship for a constantly changing environment.
  • Vendor relationship management Another task within vendor management is vendor relationship management. This group builds lasting relationships with outside partners to form long-term strategic alliances. Vendor relationship management includes the account management/business liaison role between the vendor and the ente ⁇ rise. It also includes strategies for the best relationship. Vendor relationship strategies development researches, develops, and documents vendor relationship strategy(s) required to ensure the most optimal relationship. Among other elements, the strategy may include: research, marketing, business development, solution development, solution delivery, channel fulfillment, training, etc.
  • vendor account management develops and maintains the single point of contact role, i.e., business liaison role, for the vendor and the ente ⁇ rise.
  • possible additional required roles may include the following: Alliance Director, Business Development Director, Marketing Director, Relationship Partner, Knowledge Manager, Solution Center/Practice Manager, Subject Matter Expert, Trainer, Stakeholder, etc.
  • the relationship manager should establish a communication channel and coordinate the investment and activities of each role.
  • Vendors may at times be service providers and would then be handled through Service Provider Management. Vendor relationship measures the performance of the relationship based on the originally stated and periodically revised business objectives.
  • a facilities group or function manages the ente ⁇ rise facilities, i.e., ensures that facilities are planned and that space is appropriately being used and managed.
  • FIG. 33 depicts the tasks or functions within the facilities 75 realm. Tasks or groups within facilities 75 may include facilities planning 751, management 752, health and safety management 753, moves/adds/changes 754, facilities inventory management 755, and environmental monitoring 756.
  • Facilities planning handles the physical space requirements, for given information technology business needs. Facilities planning also addresses issues such as power backup (i.e., the strategy for managing/meeting electricity requirements), regulatory requirements, workstation and backbone wiring, fire suppression, air conditioning, grounding, harmonics, distortion, capacity, maintenance, temperature, and humidity controls.
  • power backup i.e., the strategy for managing/meeting electricity requirements
  • regulatory requirements i.e., the strategy for managing/meeting electricity requirements
  • workstation and backbone wiring fire suppression, air conditioning, grounding, harmonics, distortion, capacity, maintenance, temperature, and humidity controls.
  • Facilities management manages security and maintenance for IT building(s) and grounds. Manages all facility-related elements, including HVAC and power, in work environment except PCs (i.e., office space, furniture, and desktop telephones).
  • PCs i.e., office space, furniture, and desktop telephones.
  • This group manages voice/data infrastructure, including cabling and wiring and develops environmental control plans. This function encompasses all ongoing management of facilities as well as any major construction or facilities projects. Health and safety management determines what is necessary at a physical information technology site to comply with any health and safety or regulatory requirements (i.e., OSHA and IEEE) already in existence and prepares a plan to meet those requirements. This group manages the plan for response to emergency situations. Moves/adds/changes (MAC) works in conjunction with User Administration to coordinate all requests for changes to facilities. MAC is responsible for all of the non-technology based components related to a change request. MAC manages new, changing, and departing personnel by processing and fulfilling the facilities requests for work area, building access, etc.
  • Facilities inventory management manages all inventory related to information technology facilities infrastructure, such as office furniture, physical layout, wiring, telephone, etc. (not PCs). This group differs from Asset Management, which specifically deals with technology pieces.
  • Environmental monitoring monitors the physical, central, and remote environments to ensure they are being controlled according to environmental (i.e., heat levels) and regulatory levels. When necessary, corrective actions are requested and monitored according to predetermined environmental control plans.
  • a complete list of monitored activities include: power, uninterruptible power supplies (UPS), battery, distribution, spike, drop, air conditioning, temperature range, humidity, range for proper operation, security, fire, smoke or heat alarms, halon, water, chemicals, lightning suppression, etc. 7.6 Regulatory compliance
  • FIG. 34 depicts the principal subgroups within regulatory compliance 76 as it applies to information technology include legal risk identification 761, compliance planning and implementation 762, and compliance audit 763.
  • Legal risk identification identifies legal risks and the plans to mitigate these risks.
  • Legal risk area identification identifies and understands legal risk areas in the information technology environment, such as copyright infringement, misrepresentation, slander, defamation, export issues, privacy issues, security issues, etc.
  • Content legal risk identification reviews content types (textual information, dynamic HTML, audio, video, graphics, database driven content, etc.) to determine the legal risks associated with publishing the content.
  • Legal/business requirements identification identifies legal and business requirements pertaining to any group within an organization that need to be developed. The requirements may differ based on the groups of users (system users, internal to company, contractors, public, co ⁇ orations, governments, etc.).
  • Regulatory compliance plan implementation implements the regulatory compliance plan. This group ensures a high awareness level of the regulatory requirements and implications among the organization by preparing and circulating communications materials to appropriate personnel; briefing the entire organization, and all new joiners to it, of the principal regulatory commitments; and keeping the organization updated of any changes to the commitments and associated risks. Regulatory compliance tracking and oversight performs the day-to-day monitoring of regulatory compliance as follows:
  • Regulatory compliance audit planning confirms requirements, approaches, groups, and schedules for regulatory compliance audits.
  • the planning group or function provides communications materials prior to the audit to the targeted groups.
  • Regulatory compliance auditing conducts meeting(s) for the audit team to understand group(s) to be audited and areas for review. Auditing reviews materials, conducts interviews, compares against regulatory compliance requirements, and documents findings.
  • the audit group maintains a clear audit trail for audit results, as well as for variations and waivers to the regulations.
  • the audit group also reviews the audit results with appropriate personnel. They identify items to address, high risk areas, and potential disputes.
  • the group documents planned actions and monitors and reports progress.
  • the audit group schedules re-audit as required, and provides reports to management and other appropriate personnel and agencies.
  • 7.7 Communications Communications for management and administration defines and establishes the approach for effective interaction, sharing of information, and coordination of work both within the ente ⁇ rise and with clients. Communications determines and conveys the key messages in order to develop understanding and positively affect behaviors and attitudes.
  • FIG. 35 shows the major groups or functions within communications 77, including planning 771, design including communications channels 772, build and test 773, and deployment 774.
  • Communications planning defines up-front considerations to communications including overall strategy and objectives, audiences, technology, number of employees, culture, and resources available. Communication requirements identification identifies and confirms overall communications needs across the ente ⁇ rise. This group develops an understanding of the audience (i.e., who the audience groups are and what they know) including current communications problems and barriers, and desired communication channels. The group reviews current communications events, successes, and areas for improvement. Within the planning group, strategic communications objectives determination identifies the long-term strategic objectives of the communication program, in alignment with overall organizational strategies.
  • Communications design creates the overall approach for communications, including the key messages, vehicles, and measurement, and develops a long-term communication plan, for internal operations as well as customers and users.
  • Key message creation determines the main messages that need to be conveyed as a result of the communications. These messages should be clear, concise, and easily communicated. Key messages are what the sender wants the receiver to gain from the message.
  • Communication channels determination determines the channels (vehicles) for messages, understanding the strengths and limitations of each vehicle. Different channels allow for different types of messages and delivery of those messages. Channels include e-mail, videotape, voice mail, group meetings, flyers, posters, invitations, signage, banners, Internet pages, intranet pages, databases, quick reference cards, premium items (pens, mouse pads, mugs, etc.), photographs, personal letters, magazine articles, books, and websites.
  • Communications channels may recommend appropriate media for different pu ⁇ oses. They may recommend the use of one-way communications to send out information that is routine, detailed, or regards non-controversial topics. Examples of channels for one-way communications are newsletters, brochures, billboards, flyers, etc. The group may recommend two-way communications when messages require discussion or interaction between those individuals sending the message and their audience. Two-way communications are better suited for complex issues, i.e., topics that require agreement, topics that have a strong personal impact, etc. Examples of channels for two-way communications include discussion databases, phone calls, face-to-face meetings, etc.
  • Communication channels assesses whether communications should be “pulled” (where the audience takes the initiative to get the information, like accessing a database posting or a website) or "pushed” (which means that information is sent directly to the user).
  • Measurement tools for communications can be readership surveys, focus groups, feedback buttons, subscription numbers, page hits, attendance figures, etc. Knowing how and what will be measured in the early stages helps plan for ongoing communication efforts.
  • Communication plan development creates the long-term communications plan, by gathering the information on the audience, key messages, potential channels, and measurement tools and merging them together to make a cohesive plan of action.
  • the communications plan maps messages to audiences through channels and is used to document: objectives, message, audience, and delivery channels.
  • the communications plan addresses considerations related to time, budget, resources, cultural and technological factors, available communication channels, and any other new or existing barriers to communication.
  • Communication templates and standards creation develops templates and communications standards. The group determines standards for written and verbal communications materials, creates a common look among communications channels, determines legal and confidentiality restrictions, distributes the templates and standards, and monitors usage.
  • Communications materials development builds communications materials and content. This group obtains information from content experts, organizational leadership, presenters, or other appropriate resources. The group determines required approvals and creates additional "collateral" materials to support group meetings and major events i.e., invitations, hand-outs, or agendas needed for group meetings.
  • Communications testing determines the approach to gathering feedback prior to deployment of the communications and obtains approval. Communications testing helps in gathering feedback in a number of areas such as identifying participants' greatest needs and concerns, determining what is working and what is valuable, obtaining suggestions and recommendations, developing success criteria, and gaining insights.
  • the last major sub-task within communications is communications deployment.
  • This group delivers communications materials.
  • the group implements communications databases, sends newsletters, conducts meetings or events, distributes e-mail/voice-mail. Following deployment, the group assesses the effectiveness of the communications and determines areas for improvement.
  • Communications implementation deploys the communications materials.
  • the group conducts group meetings and events, distributes written materials, publicizes
  • Communications assessment and improvement assesses the effectiveness of the communications efforts and determines areas for improvement.
  • the group determines if personnel are reading the information provided and if communications are changing behaviors, attitudes and understanding.
  • the assessment group performs an audience baseline assessment to determine attitudes before the communication program begins. Afterward, the group uses feedback mechanisms or measurements to determine if the objectives have been met. The group preferably solicits feedback only if it will be acted upon.
  • Human performance management attracts, develops and retains skilled people with the required knowledge and skills for information technology. This group builds the organization, teams, and culture. Human performance management motivates personnel and manages performance. The function also implements personnel policies and verifies adherence to employment laws. Principal tasks within human performance management are shown in FIG. 10, including co ⁇ orate culture planning
  • Culture planning seeks input from individuals and teams and strives to promote belonging and assimilation/integration through its efforts. Functions included within this domain include team-building, dress code, social activities, charitable activities, working environment, diversity, and common business language. 8.2
  • the career management group maintains a healthy, acceptable information technology work environment by managing career development, employee morale
  • a number of functions or groups are integral parts of career management 82, shown in FIG. 36. These include individual development planning 821, career guidance and counseling 822, mentoring 823, performance feedback 824, performance plan management 825, and promotions management 826. This group's functions also include succession management 827 and rewards and recognition 828.
  • career guidance and counseling provides a formal counseling relationship to enhance performance, and is supplemented by other informal counseling relationships as determined by the ente ⁇ rise.
  • Counseling includes selecting career counselors, providing guidance on methods for improving performance, and evaluating effectiveness.
  • Personnel mentoring management guides the partnering of experienced personnel with less experienced personnel to provide informal advice and guidance in the development of knowledge and skills. This partnering assists in improving performance, making career decisions, and balancing personal objectives with business requirements. This includes establishing a mentoring program, selecting and training mentors, assigning mentors to individuals, establishing relationships, and evaluating the program's effectiveness.
  • On-going performance feedback management manages the integrated programs and processes, and defines inter-relationships to effectively manage both individual and overall workforce performance.
  • a highly advantageous part of this function is to maintain alignment of the human performance system with ente ⁇ rise business goals.
  • This function provides formal advice and guidance to personnel in the development of their skills and responsibilities.
  • the group reviews and evaluates the actual performance of personnel against the objectives and performance criteria outlined in Individual Development Planning, and provides periodic informal feedback against these same objectives and criteria.
  • Human performance plan management establishes objective criteria against which performance can be measured and reviews and evaluates the performance to those objectives.
  • This group identifies development needs, methods to enhance performance, and rewards actual performance based on objectives and performance criteria relative to individuals' role.
  • Promotions management manages the recognition of an individual's ability and potential to perform at the next career level and to motivate people by providing growth opportunities. Promotions Management includes:
  • Succession management plans the transfer of personnel into different roles in order to allow for personal development and motivation. Succession planning additionally allows for resilience to the loss of individuals.
  • Rewards and recognition establishes and administers a program for providing rewards (financial or other) and recognition for individual and team contributions. Rewards and recognition is additionally responsible for the following:
  • An employee compensation group provides personnel with the remuneration and benefits based on contribution and value to the organization and growth in knowledge and skills. Compensation is responsible for creating, administering, and monitoring the policies encompassed under compensation, and making periodic adjustments to compensation based on performance. Forms of compensation include employee wages, rewards and benefits.
  • FIG. 37 shows the tasks or groups within employee compensation. There may be groups for information technology skills compensation 831 and contribution payment 832.
  • a market skills compensation group analyzes labor supply and demand analysis. Determination of wages, employment and unemployment, accumulation of human capital and investment in education and training, and roles of unions in wage determination (if applicable) are all handled in this function. Contribution payment tailors the financial package that should be offered to continue to maximize personnel performance.
  • a competency development group determines how to systematically enhance the capabilities of the workforce and to obtain or build the required competencies for information technology.
  • the group is additionally responsible for the following:
  • Skills portfolio management ensuring that the appropriate skills necessary for the delivery of information technology services and solutions are available, identifying gaps between skills needed and skills available, and managing the skills portfolio to minimize the gap. This also encompasses the determination of training and hiring requirements and provides an inventory of skills for internal staff and external contractors so that those skills will be available when needed • Personnel development - providing career development services and performance reviews.
  • FIG. 38 depicts the groups or tasks with competency development 84.
  • Specific groups or tasks within competency development 84 include personnel orientation and induction 841. This group provides programs and materials for new personnel to enable success in new roles and responsibilities and to speed assimilation into the ente ⁇ rise. It informs new personnel of the pu ⁇ ose and function of the ente ⁇ rise, and of their role within it. Training management 842 assists in ensuring that personnel have the necessary skills required to perform assignments. Training management confirms the skills required to perform critical tasks and identifies training needs. Additionally, the group provides training through defined programs and materials and ensures that training is received through scheduling. This group is also responsible for delivering and tracking training of the overall workforce and individual employees.
  • a group for skills forecasting and analysis 843 compiles and analyzes ente ⁇ rise skills assessments and gaps for use in planning ente ⁇ rise training and sourcing needs.
  • the group identifies the knowledge and skills needed to perform the organization's key business functions and maintains an inventory of knowledge and skills available. They also identify necessary future knowledge and skills requirements, evaluate deficiencies (based on a skills gap analysis of individual + ente ⁇ rise needs), and develop a plan to bring the required knowledge and skills to the organization.
  • Skills assessment management 844 identifies the skills and behavior requirements for performing the functions within the business capability. This function or group understands the interactions between different potential roles in the organization.
  • Leadership development management 845 provides development opportunities and support structures for leadership development and enablement in order to lead effectively and to maintain meaningful and lasting results.
  • Employee motivation and satisfaction 846 measurement conducts surveys on a frequent and annual basis to give both a long-term look at where improvements have been made and where more attention is needed with regard to the employees' overall motivation and satisfaction as well as a feel for the day-to-day morale of employee satisfaction.
  • This function provides an anonymous method for personnel to give feedback.
  • the last function within competency development is labor relations management 847.
  • This group provides the framework for valuing, employing, developing, motivating, and maintaining human resources in an ente ⁇ rise. This includes: • Staffing, training, and development
  • FIG. 39 depicts the functions or tasks within personnel sourcing 85. Specific tasks or groups or functions include a new employee hiring group
  • This group acquires new employees from outside sources or from other parts of the organization to fill identified workforce needs. They select personnel for specific assignments within the organization. Personnel sourcing develops a list of qualified candidates and defines a selection strategy based on assessed knowledge and skills of the candidates. The group identifies and thoroughly evaluates qualified candidates, selects the most qualified candidates, and attracts the selected candidates.
  • employee recruiting 852 This group attracts and recruits people from outside the ente ⁇ rise to fill identified skill requirements. recruiting identifies the knowledge and skill requirements for open positions, motivates personnel to seek out qualified candidates, and announces the available positions to likely sources of candidates. Additionally, recruiting reviews the effectiveness of recruiting efforts. Personnel transfer 853 considers options for bringing personnel into the ente ⁇ rise from other areas of the existing organization, external recruiting, and temporary staffing. This group or function implements the required changes to financial data capture and reporting systems.
  • governance and strategic relationships establishes the structure, set of processes, and underlying philosophies that guide the overall management and oversight of the information technology function and its strategic relationships in an ente ⁇ rise.
  • Governance and strategic relationships closely aligns with the business governance structure in place.
  • This group or function is responsible for the initial effort in establishing an ente ⁇ rise and the on-going effort in monitoring and modifying the effectiveness of that ente ⁇ rise.
  • FIG. 11 depicts the functions, tasks or groups within the governance and strategic relationships 90 area.
  • Governance and strategic relationships 90 is responsible for defining the following: organizational structure 91, governance structure 92, alignment with ente ⁇ rise goals 96, executive expectations 97 and decision-making processes, interfaces with other organizations within the ente ⁇ rise 93, policies & standards 94, and goals & metrics 95.
  • This function provides high-level input into other information technology functions within Strategy, Architecture, & Planning,
  • An organizational definition function defines the highest level organizational structure and the interaction between the entities of that structure.
  • Organization principles defines the high-level organization principles. Starting with a set of principles, this group helps in the derivation of the high-level organizational structure.
  • the principles represent continuums that the Governance body needs to agree upon as representative of the overall direction of the organizational structure. Sample continuums may include the following:
  • a useful tool for describing the range of organizational structures is the Federal information technology model. It represents a continuum of structures ranging from centralized to distributed. The differences between the structures along the continuum, are reflective of the overall leadership and management culture. It is also not unusual to have hybrid structures with perhaps a more distributed approach for inter-Lines of Business(LOBs)/Geos (Geographies) interaction and a more centralized approach for intra-LOBs/Geos interaction.
  • FIG. 40 depicts two tasks arising out of these demands on an organizational definition group 91 : organizational principles 911 and organizational structure 912. 9.2 Governance structures
  • governance structures provide the overall Governance Structure within the ente ⁇ rise.
  • the culture of the ente ⁇ rise and the leadership of the governance body will, to a large extent, determine the charter of the Governance body, the structure of the governance body, and the terms and conditions associated with the Governance body.
  • This function set varies significantly between ente ⁇ rises.
  • This function set will also determine the membership of the governance structure and the time commitment necessary for the members.
  • FIG. 41 shows one embodiment of a governance structure 92.
  • a function or group for a charter 921 provides a definition of scope for the governance the members to adhere to.
  • the charter may vary widely, from simply fostering improved communications to defining the course for the information technology organization, depending on the intent of the ente ⁇ rise.
  • the charter may evolve over time.
  • a sample charter may include some of the following ideas:
  • a group or function for structure/style 922 defines the overall structure and style in which Governance executes. Structure or style ranges from an executive owner with a command-and-control structure to a steering committee style representative assembly/federation. The structure, to a lesser extent, determines the information flow and the decision-making processes.
  • One particularly useful tool for this pu ⁇ ose is a RACI chart.
  • RACI Responsible, Accountable, Consulted and Informed charts clearly delineate roles and responsibilities along the lines of major activities.
  • Other considerations in formulating the structure of the Governance function category include number of parties, hierarchy of players, relationship to
  • a group or function for structure/membership 923 defines the membership of the Governance functions.
  • Time commitment 924 defines the time commitment of the governance members. This may range between occasional meetings to a full-time dedicated governance organization, depending upon the complexity of the products and services that the ente ⁇ rise is delivering. Note that in most instances, the "governance body" is typically a role of the highest level committee of business and information technology leaders that function as an overall information technology steering committee. 9.3 Ente ⁇ rise portfolio management
  • Ente ⁇ rise portfolio management defines the decision-making processes between the member entities. This addresses the decision mechanism, the funding approach, and the escalation appeal process. For example, in an ente ⁇ rise related to
  • FIG. 42 shows one structure for the subgroups or tasks within ente ⁇ rise portfolio management 93, including decision mechanisms 931, funding models 932, and escalation /appeal process 933.
  • a group or function for decision mechanisms defines the decision process mechanism. The mechanism may range from consensus driven to a weighted majority, largely based on the structure of the organization. The membership of the ente ⁇ rise will need to agree upon the decision mechanism as early in the lifecycle of the ente ⁇ rise as possible. Funding models articulate the funding process, the budgetary cycle, the financial controls, and the delineation between the discretionary and the non- discretionary line items.
  • Information technology in most instances is still viewed as infrastructure and as such allocates costs to the member entities based on usage, infrastructure investments, and discretionary requests. While the allocation method represents a traditional form of cost recovery, other more value-driven approaches are aggressively pursued in order to position information technology as a revenue-enhancing function rather than a cost-center type of function.
  • spending and investment decision-making are formulated along the lines of "value creating” and "value sustaining”.
  • the decision- making rigor applied to the information technology asset matches that of any other asset (new production facilities, co ⁇ orate acquisitions, etc.).
  • non-value added tasks can be identified and appropriately sourced.
  • an escalation/appeal process or function constitutes a continuum from proposal evaluation to arbitration amongst the member entities. Such a function ensures that issues raised to Governance are addressed with due diligence. In defining the escalation process, the scope of the issues, the schedule of resolution, the ownership of process, and the protocol for resolution need to be articulated. Member entities should agree upon this issue-resolving process early-on.
  • 9.4 Policies and standards 9.4 Policies and standards establishes, monitors, and modifies policies related to information technology. The policies and standards group or function addresses policy issues and communicates policy positions to member entities as required. They work with Human Performance Management of member entities to enforce policy positions and manage variances.
  • FIG. 43 depicts the structure of the groups or tasks within a policies and standards organization 94. Issues typically addressed by this function include information use and management 941 and degree of required standardization 942, and the like.
  • Information use and management defines key information use and management approaches. Based upon the ente ⁇ rise, the flow of information may range from very open to very restrictive. In the virtual ente ⁇ rise world, a very open information flow is required to create unique products and services by the member entities for the customer. Regardless of the ente ⁇ rise, the ownership of the information and appropriate secondary usage of the information beyond the pu ⁇ ose of the ente ⁇ rise needs to be articulated. Standardization defines required levels of standardization across the ente ⁇ rise. A key challenge in both the virtual ente ⁇ rises and the mergers & acquisitions environment is the level of standardization that will be required of the member entities. Value of standardization needs to be analyzed to determine the level of standardization warranted for a given ente ⁇ rise. 9.5 Goals and metrics
  • Goals and metrics defines business performance objectives and measures to guide administration, policies, and investment decisions. Exclusive of strictly human performance related factors that drive promotion or compensation, there are three classes of metrics.
  • First is impact on the business, arguably best measured using a balanced scorecard.
  • the measures should "map to" the measures adopted by the ente ⁇ rise. So, for example, if the business measures EVA (economic value added), employee retention, and customer satisfaction, the information technology function advantageously measures itself along those same dimensions. Note, in the customer satisfaction instance, there is a tendency for information technology ente ⁇ rises to equate this to the internal customer. While this is frequently useful, it does not excuse information technology leadership from understanding, and measuring, the impact of their efforts on the customer of the business.
  • FIG. 44 shows one embodiment of a goals and metrics group
  • Metrics scope defines the key metrics that will constitute success for the ente ⁇ rise. Metrics may reflect the organizational boundaries, the products/services, the linkages to overall business goals, or hybrid of these measures. Metrics responsibility defines responsibility for tracking and reporting against the metrics.
  • FIG. 45 shows functions within information technology alignment 96, including a classic alignment approach 961, a new alignment approach 962, and a task or group for developing business case standards
  • CLASSIC ALIGNMENT APPROACH The classic alignment approach focuses on identifying and aligning to the strategic business initiatives where information technology can deliver the most impact and value to the business.
  • the New Rules for information technology Alignment address the shift in focus from information technology investment as the result of business strategy to information technology as a vital component to delivering business value.
  • the New Rules leverage proven strategies and trends in resource virtualization to set a direction for information technology that, as a primary objective, delivers value.
  • the New Rules for information technology alignment are:
  • Executive expectations management is a final function or group within governance and strategic relationships. Executive expectations management understands, addresses and manages the expectations of key stakeholder groups.
  • FIG. 46 depicts the groups, functions or tasks within expectations management 97.
  • a group for stakeholder expectations understanding 971 confirms the key stakeholder groups. Additionally, this group identifies the expectation gathering approach and gathers and documents the stakeholders' expectations of information technology. Other functions within this area include expectations plan preparation 972, execution 973, tracking 974 and tailoring and improvement 975.
  • Executive expectation action plan preparation consolidates documentation for stakeholder expectations, determines action items and prioritization. This group obtains approval for the executive expectations action plan, and inco ⁇ orates this into an annual information technology operating plan. The function or group performs "up front" management of expectations by communicating where expectations will not be met (i.e., not all expectations can necessarily be addressed due to scope, budgets, schedules, etc.).
  • Executive expectation action plan execution performs the executive expectations action plan to address stakeholder expectations.
  • Executive expectation progress verification assesses progress, by creating progress reports and reviewing performance with stakeholders. This function gathers metrics data where appropriate.
  • This description has been meant to show how several computer systems interact with organizations and functions to form an information technology system.
  • the information technology system is desirably composed of all these sub-systems, functions, or groups.
  • the advantage is that the integrated whole may be much greater than the sum of its parts, as the parts interact to mange information technology for an ente ⁇ rise, of which the information technology system is a part.
  • An ente ⁇ rise using the improved information technology system of this invention may profit in several ways.
  • the ente ⁇ rise's information technology system will have improved over its baseline status, using an improvement strategy inline with the ente ⁇ rise's needs, priorities, and resource availability.
  • the information technology framework can be used to identify areas, especially within IT, with a need for improvement. Having made these improvements, application areas which rely on IT may then become more proficient and adept at their tasks. These tasks and application areas may include evaluating business opportunities, planning activities for the ente ⁇ rise, managing the ente ⁇ rise, transitioning and transforming the ente ⁇ rise, alliance processes for the ente ⁇ rise, and the like.
  • the benefits may be as extensive as the audiences for the improved IT framework.

Abstract

The invention concerns a framework for information technology within a modern enterprise. The framework contains the functions required to effectively support a modern enterprise including customer service (10), service integration (20), capability development (40), change administration (50), strategy and architecture planning (60), general management and administration (70), human performance management (80), governance and strategic relationships (90). The invention discloses how the several functions interact to form a structure that can manage data and information using computer technology in modern enterprises including governmental and non-governmental organizations, and commercial enterprises.

Description

ORGANIZATION OF INFORMATION TECHNOLOGY FUNCTIONS RELATED APPLICATIONS
This application claims priority to U.S. Provisional Application 60/158,259, filed October 6, 1999.
FIELD OF THE INVENTION
This invention pertains to information technology, and to an organization for information technology within a modern enteφrise. The invention discloses a holistic approach to information technology that considers the flow of information and the changes to the flow of information, in managing an organization.
BACKGROUND OF THE INVENTION
Businesses and other enteφrises have learned that the flow of information in their operations may be more important than any other flow within their control. The information may concern any of the many other flows within an organization, including flows of parts, service orders, or even cash. As a result, spending within organizations has grown to, and remains at, record levels for information technology.
The focus of the spending has been primarily on specific goals for a desired information technology achievement. Thus, one focus of an information technology project may be to streamline orders and the order-taking process. Investments may be made within a marketing or sales organization to achieve certain specific goals, such as a lower number of minutes spent per order, or a specific maximum number of minutes a customer spends in a queue to speak with a service representative. A project may be undertaken, goals set, and a budget allocated. The goal is presently achieved, but the project may ultimately have limited success because of factors not considered when the project was begun: the interaction of the new technology with the present and planned information technology environment.
What is needed is a sense of how every function fits into an information technology system, and how every function works within that system. What is needed is a functional framework, or an information technology framework, for all the functions in the information technology system. Using this framework, a practitioner may determine what needs to be modified in making a change, and what needs further development. What is needed is a holistic approach to the information technology system in an enteφrise.
BRIEF SUMMARY OF THE INVENTION
The present invention meets this need with an information technology framework that encompasses nine core functions. In one embodiment, four core functions provide the technology needed to first run an information technology within an enteφrise. In addition to the technology aspects, a systematic approach is taken to four business aspects of information technology. Finally, a service integration function is used to manage large-scale and ongoing work efforts, and to plan, execute, and manage large-scale programs and projects in information technology.
An information technology framework is a set of functions that provide the building blocks required to formulate processes, derive organizational structures, and establish tools to support the processes.
One aspect of the invention is an information technology framework used in an enteφrise. While perhaps most often used in a business enteφrise, the embodiment is not limited to business enteφrises. An information technology framework according to this invention may be used as well in governmental organizations, such as bureaus, departments, or agencies. The information systems described here may be used by non-governmental organizations outside of business, such as advocacy groups, charitable, civic, and educational institutions, and other associations of persons.
An information technology framework may include technology aspects, including customer service management, capability management, change administration and a service delivery mechanism. Typically customer service management in an information technology environment is accomplished by the use of technology in an appropriate service-oriented framework, along with the necessary processes and equipment to allow the service to function. Customer service management manages ongoing relationships between the consumers of information technology services, the providers of information technology services, and the information technology enteφrise. Another function of such an information technology framework is a capability to deliver service. This capability addresses functions required for the day-to-day operation of the information technology enteφrise. Exemplary of functions within service delivery are Applications Management and Network/Systems Management. It is desirable in such an environment to include methods to measure the service delivered. Service integration is another advantageous function of an information technology framework according to this invention. Service integration is not so much a technology effort as it is a management effort to integrate and coordinate activities and functions for large-scale and ongoing work efforts across organizational groups and third-party suppliers. Service integration is an effort to effectively deliver products and services to customers, including internal and external customers and users, under changing circumstances.
Changes figure prominently in two more technology-related aspects of the invention. An effective information technology system of the present invention has a capability to develop and build. This capability for development includes all new development activities and building of infrastructure, including the creation of new organizational structures and processes. Through such capability development, the information technology system transforms both business and information technology goals and strategies into measurable business and informational capabilities. An effective information technology system is also able to handle change administration.
That is, the system provides efficient and prompt handling of all change requests, in developmental as well as production environments.
The business-related portions of the information technology framework are the "glue" that holds the technology portions together, as mentioned above in the "service integration" function. Other business-related portions include business strategy and planning for the overall information technology effort. This includes the overall information technology capability and direction, initiatives for information technology advances, and the information technology processes, organizations, and architectures required to support desired business capabilities with acceptable efficiency. This strategy, architecture, and planning effort is a portion of the business- related aspects of the invention. A related portion of the information technology framework is its governance and strategic relationships. This is primarily the portion of the information technology system that establishes the structure, policies, and underlying philosophies that guide the management of an information technology enteφrise. It is clear that this may be the portion of the information technology systems which decides how well the system fits into the overall business (or non-business) enteφrise.
Another business-related portion of the information technology framework is the management and administration of business functions that are not technology- specific. This portion provides a framework for effectively managing information technology in such areas as financial administration, quality management, asset management, and the like. Finally, another important non-technology portion of an information technology system is the human performance. Human performance management includes functions for attracting, retaining, and developing skilled people with the required knowledge and skills for an information technology system, or for an information technology organization.
Another aspect of the invention is a method for managing information technology in an enteφrise, the method for managing being accomplished through the functions described above. Another aspect is managing the enteφrise through the functions of the information technology framework. In this method, it is desirable if the "people" or organizational portions of the information technology organization are placed ahead of technical concerns. Thus in one method for managing an information technology organization, an organization is developed by planning strategies for the organization, as well as architectures for its equipment. Management provides also for the strategic relationships and governance of the information technology organization.
The organization is managed and administered in such a way that the needs of the overall enteφrise are met, including those information technology functions that may not be directly within an information technology organization, but typically supported by an information technology organization: financial administration, quality management, asset management, and the like. Other organizational portions of the method may include the management of human resources within the information technology department or organization, in such a manner as to attract, develop and retain skilled people for the organization.
The technology aspects of the method of managing an information technology organization are important as well. These technical aspects may include customer service management through appropriate service-oriented framework, processes and measures. An information technology organization focuses on identifying and meeting the needs of its customers and users in order to provide at least expected levels of customer service. The method of managing also includes delivering service on a day-to-day basis, with routine maintenance and management activities, for systems and networks. Service delivery also includes ongoing, routine maintenance of the applications served by the network or the organization, that is, Application Management.
Capability development is another method by which an information technology may be successful in serving its organizational customer. Capability development typically performs the development or build function of information technology. In one embodiment, it covers not only applications, but infrastructure as well. Capability development transforms business goals and strategies into measurable capabilities. A related but different function, or method for managing information technology, is change administration. Change administration enables the controlled and repeatable management of information technology architecture components as they evolve, in both development and production environments. When properly handled, change administration provides prompt and efficient handling of all change requests, providing system integrity and traceability.
Another method used to manage the organizational information technology effort is service integration. In service integration, management efforts are made to integrate and coordinate large-scale and ongoing work efforts for information technology across organizational lines and often with third-party suppliers. Service Integration efforts may include program management, such as for a new business program, or Project Management, such as for a large information technology or business project. Service integration plans, executes and manages large-scale programs and projects. Information technology is computer-oriented. The systems and methods of the present invention are applicable to any computer-based systems. They reside on a computer accessible to an enteφrise or the information technology function within the enteφrise. Host computers may be mainframes, personal computers, servers, or the like, or the programs or systems for information technology may reside on application servers, network servers, or any computer peripheral accessible to the information system.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 is a schematic diagram of systems integrated into an information technology organizational framework.
FIG. 2 is another schematic diagram of the relationship of systems integrated with respect to the delivery of customer service management.
FIG. 3 is a diagram of an organizational chart for customer service management. FIG. 4 is a diagram of an organizational chart for service integration.
FIG. 5 is a diagram of an organizational chart for service delivery. FIG. 6 is a diagram of an organizational chart for capability development. FIG. 7 is a diagram of an organizational chart for change administration. FIG. 8 is a diagram of an organizational chart for strategy, architecture and planning.
FIG. 9 is a diagram of an organizational chart for information technology management and administration.
FIG. 10 is a diagram of an organizational chart for human performance management. FIG. 11 is a diagram of an organizational chart for governance and strategic relationships.
FIG. 12 is a diagram of an organizational chart for service management. FIG. 13 is a diagram of an organizational chart for demand management. FIG. 14 is a diagram of an organizational chart for service control. FIG. 15 is a diagram of an organizational chart for program management.
FIG. 16 is a diagram of an organizational chart for project management. FIG. 17 is a diagram of an organizational chart for resource forecasting.
FIG. 18 is a diagram of an organizational chart for service provider management.
FIG. 19 is a diagram of an organizational chart for network/systems management.
FIG. 20 is a diagram of an organizational chart for application management.
FIG. 21 is a diagram of an organizational chart for capability analysis.
FIG. 22 is a diagram of an organizational chart for capability release design.
FIG. 23 is a diagram of an organizational chart for capability release build and test.
FIG. 24 is a diagram of an organizational chart for change control.
FIG. 25 is a diagram of an organizational chart for solution deployment.
FIG. 26 is a diagram of an organizational chart for strategic planning.
FIG. 27 is a diagram of an organizational chart for capability planning. FIG. 28 is a diagram of an organizational chart for risk management.
FIG. 29 is a diagram of an organizational chart for financial administration.
FIG. 30 is a diagram of an organizational chart for quality management.
FIG. 31 is a diagram of an organizational chart for asset management.
FIG. 32 is a diagram of an organizational chart for vendor management. FIG. 33 is a diagram of an organizational chart for facilities.
FIG. 34 is a diagram of an organizational chart for regulatory compliance.
FIG. 35 is a diagram of an organizational chart for communications.
FIG. 36 is a diagram of an organizational chart for career management.
FIG. 37 is a diagram of an organizational chart for service provider management.
FIG. 38 is a diagram of an organizational chart for competency development.
FIG. 39 is a diagram of an organizational chart for personnel sourcing.
FIG. 40 is a diagram of an organizational chart for organizational definition.
FIG. 41 is a diagram of an organizational chart for governance structures. FIG. 42 is a diagram of an organizational chart for enteφrise portfolio management.
FIG. 43 is a diagram of an organizational chart for policies and standards. FIG. 44 is a diagram of an organizational chart for goals and metrics. FIG. 45 is a diagram of an organizational chart for information technology alignment.
FIG. 46 is a diagram of an organizational chart for expectations management.
DETAILED DESCRIPTION OF THE INVENTION
FIG. 1 is a diagrammatic illustration of how the functions or systems of an information technology organization fit together to develop an organization. The functions in the darker-colored blocks (top, bottom, left and right) are the functions tending more toward technical aspects. These include customer service management 10, capability development 40, change administration 50 and service delivery 30. The lighter-colored blocks, between the above-noted systems, are functions with more of a business orientation, including strategy, architecture and planning 60. These also include human performance management 80, management and administration 70 and governance and strategic relationships 90. At the center is a block that indicative of the concept that all the pieces fit together to make a useful whole: service integration
20.
FIG. 2 is another view of the same parts or organizations, arranged in a manner to suggest an organization (information technology) that is going forward with customer service management 10 in the lead. Service management is backed by service integration 20 and service delivery 30, suggesting focus on the customer and on delivering service. Elements of change, such as capability development 40 and change administration 50 back up customer service. Strategic architecture and planning 60 forms a basis for the organization. Management and administration 70 and human performance management 80 back up the elements for delivering customer service. Finally, governance and strategic relationships 90 is placed atop the organization, suggesting that they help guide the organization.
Other figures detail specifics of the information technology organization and function. FIG. 3 details customer service management 10, while FIG. 4 shows details of service integration 20. FIGS. 5, 6, and 7 show details, respectively, of service delivery 30, capability development 40, and change administration 50. FIG. 8 contains the details of the strategy, architecture and planning organization 60. FIG. 9 shows the organizational details or management and administration 70. FIGS. 10 and 11 show, respectively, organizations for human performance management 80 and governance and strategic relationships 90.
Each of these parts or organizations comprising an information technology system is described below. In many cases, a given function or task may be performed by a person, by a group, by a computer, by a computer system, or by a combination of these. Therefore, in describing the information technology system, it may be appropriate to describe a task, or a function, or a group, or a computer, or a system. In some cases, the task or function may be performed by a person and a computer, while in other cases the task or function may be limited to a computer, while in other cases the task is more suited to persons only.
Even when tasks are primarily performed by computers, they must be operated, maintained and managed by persons. Therefore, it may be more appropriate or accurate to describe a system, a task, an organization, or a function as "a group or a function," or "a group or a task," or similar terms, to reflect the possibilities inherent in the task, or function or organization, or its accomplishment. As an example, customer service management is a function performed largely by computers, but there may well be a "customer service" organization, and a customer service system as well.
1.0 Customer Service Management
Customer Service Management manages on-going relationships between users, information technology services, and the information technology enteφrise by putting the appropriate service-oriented framework, processes, and measures in place. The goal of the Customer Service Management function category is to assist the information technology organization in providing quality information technology service and support, while meeting and exceeding established levels of service. Customer service management links with the other function categories to provide input and aims to continuously improve current information technology services and offerings. To continue delivering quality information technology service, Customer
Service Management desirably also partners with the information technology developers/ architects/vendors to verify that service levels are not affected by new offerings. As dictated by the industry's best practices, information technology organizations must focus on identifying and meeting the needs of its information technology users to provide better quality customer service.
In one embodiment, depicted in FIG. 3, Customer Service Management 10 has three principal components, service management 11, demand management 12, and service control 13. Service management markets and manages information technology offerings and capabilities to current and potential users of information technology services. Service management explicitly demonstrates the value of information technology investments to the enteφrise executive management team. Service management serves as the source for gathering business needs and requirements. Demand management manages the entry of requests for new development and major enhancements of products and services. Demand management balances capacity with demand and tracks progress against these requests. Service control provides information technology customers with a single point of contact for service requests, problems, or general User Administration. This is the traditional "Help Desk" or "Service Desk" function with the addition of handling service requests and User Administration.
1.1 Service Level Management and Customer Management
Service management may cover a host of functions, but two functions tend to stand out, and may be considered as primary functions, with other sub-functions gathered into them. FIG. 12 shows service management 11 comprising service level management 111 and customer management 112. Service level management identifies and sets the expectations of users of information technology services and becomes a measure for customer satisfaction. In a "virtual" information technology community, the vendors, outsourcers, etc. may also be made aware of their service level expectations through this function. Service level management often plays a key role in Vendor Management. In one embodiment, this framework uses (1) Service Level Agreements (SLAs) to refer to service levels established and managed between information technology and internal or external customers, also known as "end users", and (2) Operational Level Agreements (OLAs) to refer to operational levels established and managed between information technology and internal or external service providers. Customer management provides a single information technology point of contact for business units. Customer management includes marketing of current information technology services and products, as well as providing a liaison between information technology and the business units. Today's competitive advantage within the company may be short-lived with the onset of new products and services being offered by external vendors. Typically, in order to manage the business customer, the information technology system should preferably build relationships by understanding the business' needs, market the information technology capabilities offered, deliver high levels of customer satisfaction, and ensure effective information technology delivery across the enteφrise.
Service level management may have numerous functions related to the agreed- upon service level between the information technology organization and the end-user. These functions include, but are not limited to, the identification of service requirements and a verification that the information technology organization can deliver the service promised. Other useful functions may include routines for determining the cost of the required service, as well as means for charging or charging back to an appropriate organization, the cost of providing the service. Such functions may also include routines for service level measurement, reporting, control and review. Changes to the basic service level agreement may also be made when appropriate, and the agreement may even be retired when the need for the particular service is satisfied, or when the particular service level agreement is superseded. Identifying service level agreement requirements ensures that before creating a service level agreement, the agreement with the users is in line with the overall business strategy. This stage also determines what services the users want. This includes identifying service needs and business unit service requirements. The
Business Liaison function plays a key role in this base practice. Support verification for these agreements ensures that the information technology organization can deliver on services to be included in the agreement. In order to ensure that the service expectations of the user group can be met, the service organization first verifies the level of service that can be provided. This function may also include compiling metrics for current service levels to act as baselines for service levels promised, which involves linking with a Quality Metrics function. This function helps to ensure that the service organization does not promise service levels that cannot be met.
A dose of reality may be injected by identifying chargeback, budget, or costing structure components to be included in these service level agreements. A costing determination determines rewards and penalties for meeting/exceeding/not meeting agreed upon levels of service. These costs may be included in the overall service level agreement and may determine how individual costs for services may be reported.
Service level reporting includes the creation of service level document(s) (draft and final versions), reviewing service level agreement drafts with users and key stakeholders, and getting approval of the final version. Service level reporting identifies key performance indicators (KPIs) to report upon for an agreement, and specifically details how and how often measurements will be reported. Service level control ensures reports are delivered as scheduled, and determines if service levels are being met. Service level control compares key performance indicators against agreed upon service expectations.
If necessary, an unfavorable service level report originating from this function may initiate a Service Level Review session with a user group and a service provider to resolve any immediate or large service issues. Service level reviews may be performed at regularly scheduled intervals, or more frequently if needed. Reviews include reviewing service results with service providers and end users on a regular basis. Reviewing initiates and/or identifies actions needed to resolve service issues and escalates service disputes as necessary. A service review is a good opportunity to monitor actions taken to correct service issues. Under the right circumstances, maintenance may be required in a service level agreement itself. Maintenance identifies changes to existing service level agreements as necessary. The reviewing function receives requests from end users and service providers to change agreements as required for business needs. The reviewing function also manages short-term deviations to the agreements due to business requirements. In one embodiment, a function of agreement retirement or termination is included. This function ensures that the specific service level agreement is retired and all accompanying processes for that agreement (i.e., service reports, scheduled review sessions, etc.) are ceased when services are no longer provided for whatever business reason. Termination or retirement ensures that only active agreements are in existence, which helps to raise the credibility of all such service level agreements. Retirement ensures that historical information (statistics, reports, various versions of the agreement, etc.) regarding retired agreements is appropriately recorded and stored for future reference.
The customer management function of customer service management provides a single information technology point of contact for business units. Customer management includes marketing of current information technology services and products, as well as providing a liaison between information technology and the business units. Today's competitive advantage within the company may be shortlived with the onset of new products and services being offered by external vendors. Typically, in order to manage the business customer, information technology should preferably build relationships by understanding the business' needs, market the information technology capabilities offered, deliver high levels of customer satisfaction, and ensure effective information technology delivery across the enteφrise. In one embodiment, there are four functions included in customer service management, business liaison, information technology marketing, customer satisfaction measurement, and portfolio effectiveness. Business liaison focuses on building long-term relationships with the business unit by better understanding and meeting their information technology needs. This function acts as the single point of contact between the business unit and information technology. Business liaison gathers customer requirements and manages customer expectations. By providing this open communication, the information technology organization gains a substantial understanding of the business' perception and satisfaction with the information technology services and products that they receive, as well as any changes in their needs. By understanding the business requirements this base practice can resolve any issues between the business unit and the information technology organization on a daily basis. Simply having a liaison promotes strong working relationships and customer satisfaction through two-way communication. Such a strategic alliance will help drive additional information technology programs and initiatives to support the business. Business liaison may be considered the traditional "account management" function.
Information technology marketing promotes and builds internal information technology awareness to develop and sustain customer relationships. Marketing is responsible for promoting technology awareness as an enabler for doing business.
Marketing communicates to the technology awareness and business stakeholders the cost of technology awareness as well as the value that the enteφrise receives from its investment in information technology. Marketing may clarify questions from the stakeholders in areas such as planned technology awareness investments, current technology awareness priorities, and chargeback or costing structures. Marketing educates the enteφrise's business users about the services and value of an information technology function. Regular sessions with the business will keep the business informed of new information technology services. This marketing base practice does not address the development of chargeback algorithms or development of service level agreements, but is responsible for explaining the cost for a service and the reasoning behind it.
Customer satisfaction measurement determines the level of overall user satisfaction with information technology products and services, across all business capabilities, and incoφorates data from other functions to determine what further measurements and analysis should be completed. This function measures the products and services being provided, on a regularly scheduled, periodic basis (i.e., annual/semi-annual), through the use of surveys and other tools, to ensure that the customer is satisfied. This function should also include customer expectations management. Customer Satisfaction Measurement provides input to a vendor management function, a quality management function, and a Service Level Review function, and may initiate projects through project request management, as needed. This analysis is then used for the puφose of promoting and maintaining the customer relationship. Customer Satisfaction Measurement differs from Service Level Management in that Customer Satisfaction Measurement is an on-going activity that measures the continuous level of services provided by all of information technology for delivering business capabilities, where Service Level Management measures those services agreed upon in the service level agreement only. By marketing current information technology service offerings, increasing customer satisfaction, and building stronger customer relationships, the information technology enteφrise can better service their business customer. Customer Service Management becomes a highly desirable aspect of the information technology organization as competition to provide information technology services increases from outsourcers.
Portfolio effectiveness examines all services being provided to the business, which may be referred to as "the business portfolio." The analysis looks at the portfolio to ensure that each service is only being performed by one information technology business unit and that there are no unnecessary overlaps or redundancies in services offered. Portfolio effectiveness allows information technology to work with business representatives and to proactively look across all information technology functions and costs to understand and improve the value of the information technology services offered. The evaluation may determine whether the information technology enteφrise is providing the highest, most effective level of service possible and evaluates the financial and functional benefits provided by information technology services; furthermore, the analysis may recommend enhancements based upon this evaluation. The analysis may focus on continuous improvement of information technology services. In one embodiment, this function may be additionally responsible for calculating and reviewing the Total Cost of
Ownership (TCO) of the information technology function. 1.2 Demand Management
Demand management manages the entry of requests for new development and major enhancements of products and services. Demand management balances capacity with demand and tracks progress against these requests. This function also identifies and manages requirements as well as evaluates business value and estimates the effort. Demand management may additionally be responsible for prioritizing, approving, assigning, and scheduling the request. Demand management verifies fulfillment of business needs or cases and tracks the request backlog. This function balances information technology resources between ongoing non-discretionary activities and requests for new projects, and the needs of an information technology enteφrise. Demand management facilitates beginning-to-end ownership of the capability development process while ensuring that the enteφrise and business units are receiving the day-to-day support services that they require. Managing demand also provides a check and balance for both discretionary and non-discretionary projects by creating the business case components for managing the information technology organization and managing the demands from a workload usage perspective. FIG. 13 depicts two principal components to demand management 12: project request managing 121 and business case managing 122.
Project request management coordinates and controls all base practices necessary to initiate the fulfillment of a project request. Managing project request determines if and when requests will be fulfilled, and plans approved requests to be executed and tracked. It is important to note that user-level requests are not considered in Project Request Management; rather, user-level requests are addressed as a part of the Service Request Management. Defining a "project" is specific to each enteφrise, and should be clearly defined during the Governance & Strategic
Relationships process. Project request logging and categorizing collects all of the information pertaining to a project request, then, in one embodiment, logs and categorizes collected information into a project request tracking tool.
A project request prioritization function communicates validated scope to project requestor, reconciles expected demand on resources with requestor's business case, and verifies requestor's priority for the project. Project priority is decided in light of all other requests made by the customer. A function may also be used for project request assignments and tracking. This function assigns the project request to the appropriate support personnel once approval is given. Use of a project request tracking tool will allow tracking of the request through its completion and closure. It is believed that one other function is useful in managing projects in information technology, especially as the projects pertain to support of the business (or non- business) enteφrise. This is the function of a "program champion," i.e., a person assigned to be an advocate or "champion" for the program. Assigning a champion ensures project ownership from beginning to end. The champion provides approved projects with a proper level of oversight, and manages interdependencies throughout the various phases of the program. Business case management performs an economic evaluation to determine the most effective way to complete project requests based on a business diagnosis and any value creating opportunities of the project. Business Case Management balances resources with a requestor's concerns regarding time to market, scalability, flexibility, cost, availability of packaged solutions, and availability of required resources.
Factors considered in business case management include, but are not limited to, business diagnosis and business case development, in which business case development may include requested changes or improvements over time. A "realization" function or evaluation function at the end of the case may help to ensure that the case is completed according to the customer's expectations. This
"realization" function may also help to ensure delivery as promised to the customer. In one embodiment, business case development develops a business case or plan, including: i) gaining the customer's agreement to the proposed capability, including a timeline and time periods for a business case projection; ii) baseline projection of business results as if the project were not being undertaken; iii) "what if analyses; iv) economic models with high-level cost and benefit assumptions associated with each alternative under evaluation; and v) working closely with the customer to gain a preliminary agreement to the projected business results in the desired state. In an auxiliary role, business case maintenance continuously improves the business case or plan based upon activities that occur during the evolution of the project or program. The business case will become more detailed, evolving throughout the course of the project or program. A change in the business case may be initiated by a change in the projected benefits, cost figures, schedule, scope, work plan, achievement of performance measures, business capability requirements, business capability drivers, or other factors. 1.3 Service Control
Service control provides information technology customers with a single point of contact for service requests, problems, or general User Administration. This is the "traditional Help Desk" or "Service Desk" function with the addition of handling service requests and User Administration. The "traditional Help Desk" focuses primarily on system troubles, whereas Service Control is more proactive and focuses more on serving the users' overall needs, providing a central point of contact, and taking ownership of resolution. In one embodiment as depicted in FIG. 14, the scope of Service Control 13 includes three organizations, Service Request Management 131, Problem Management 132, and User Administration 133. The Service Control function set is typically composed of three levels of support:
Level 1 - handles and resolves as many requests and problems, as possible, at the first contact using the tools and knowledge at the service desk. Level 1 should always be the single point of contact for a user's request or incident handling; Level 2 - with more technical and business expertise, this level resolves the more difficult problems or specialized requests; and
Level 3 - resolves problems that cannot be resolved by the first two levels of support and requires additional technical or programming expertise or vendor assistance (usually involving applications code changes or technical modifications). Service Control provides the following services:
Service Request Management - handles the fulfillment of all information technology requests and calls from the user (i.e., moves, password resets, etc.). Some of these requests may include requests for User Administration, while others are problems that would be handled by Problem Management. Note that "Larger" information technology requests are called "Project Requests". The differences between what is considered a "smaller'Vservice request vs. a "larger'Vproject request may be defined in the Governance & Strategic Relationships function categories; Problem Management - handles the resolution of incidents (single occurrences of an issue that affects the delivery of normal or expected service) and problems (incidents that cannot be resolved at the first level of support);
User Administration - handles the day-to-day tasks involved in administering users on the system.
Some of these tasks may be routine maintenance requests, while some may be received through the Project Request Management or Problem Management functions.
Service request management acts as a single point of contact for all requests from users. This function coordinates and controls all service requests including install, move, add, or change activities necessary to fulfill business service requests that are not large enough to be considered projects. "Smaller" or non-project requests may include daily, routine application maintenance activities, such as: changing the date a "canned" report is printed, adding an additional field to a simple database, resetting application passwords, changing user Ids, and requesting additional telephones. Requests are classified as one of the following:
Simple Service Requests - A service request that does not require a lot of effort but may not be able to be resolved instantly, i.e., ordering a new LAN cable for a user. Incident - A single occurrence of an issue that affects the user's ability to function in the environment. An incident is defined as an issue that can be resolved using business and product knowledge at the first level of support (i.e., by the person answering the phone at Service Control).
Problem - An incident that cannot be resolved at the first level of support and requires additional technical or business expertise. Because it is usually a more complex issue, it may also be the underlying cause of one or more incidents. Experts will correct the problem and its underlying cause(s), while attempting to prevent any recurring incidents. Experts should also provide Level 1 support with the knowledge required to resolve it when appropriate. Change Request - Service Request Management receives change requests, but they are administered in Change Administration.
User Administration - Service Request Management receives requests for changes to user ID/accounts, but are acted upon in the User Administration function. Note that project requests that involve new functionality or a significant work effort are handled by Project Request Management. Larger application maintenance requests (those that are not routine or do not have predetermined rules already associated with them) should be handled through appropriate maintenance. In one embodiment, service request management has four sub-functions, including but not limited to, service request logging and categorization, service request prioritization, service request assignment and tracking, and service request resolution.
Service request logging and categorization collects all information pertaining to the service request and logs it into a Service Control tracking tool. The information required might include: user name and contact number, date - when a service request has been raised, accepted, rejected, deferred, or implemented; current status of the service request; asset types affected; any approvals required; and name of person responsible for implementation. This function also performs an analysis on the service request in order to categorize it and assign its priority. Based upon the analysis, the assignment may be resolved immediately by the initial Service Control analyst or may be assigned to the appropriate support personnel. Additionally, this function verifies that the service request is reasonable in scope and that the caller is a valid user. Before assigning the request to support personnel, the Level 1 Service Control personnel ensures that all approvals have been collected, since some service requests may require multiple approvals (i.e., remote access) before they can be assigned.
Service request prioritization verifies requestor's priority for the service request and prioritizes the request against all other requests made by the customer using the prioritization guidelines. This function determines the appropriate speed with which the service request should be handled, clearly communicates the assigned priority level to the customer, and queues the request in the service request tracking tool with the correct assigned priority level. Priorities for standard or common service requests should be clearly defined by the Governance & Strategic Relationships function category, and the priority levels and their expected turnaround time should be clearly communicated to the user groups.
Service request assignment and tracking assigns the service request to the appropriate support personnel once all approvals have been made. Using the service request tracking tool, Service Control will be able to track the request through closure and ensure that while service requests are resolved, all service levels are being met.
Service request resolution resolves all simple service requests, i.e., those that do not require escalation. An example of a simple service request would be a request for a new LAN cable. This function verifies the resolution of all service requests through a confirmed resolution. A problem management function coordinates problem resolution among the users of the system and those operating and maintaining the system from incident logging through confirmed resolution. This function includes receiving incidents from users and informing users of potential workarounds or resolutions, when possible. If the incident cannot be resolved by Service Control, the incident will be classified as a problem and assigned to the appropriate support group. This function continues to provide status and track the problem through resolution, including escalations as necessary. Resolution of problems is approached through levels of support with various service providers utilized as appropriate.
Functions within resolution management include incident resolution, which attempts to resolve incidents by gathering all relevant information from the user, recreating the incident if necessary, prioritizing the incident, and using business and product knowledge, together with known problem checklists and other diagnostic aids, to deliver quality resolutions. If an incident cannot be resolved through analysis or if similar incidents are occurring, the incident becomes a problem and is assigned to a higher level (i.e., technical support groups, developers, business experts, etc.) for resolution. Related incidents are associated with problems, so that the resolutions can be applied to each occurring incident.
Problem escalation functions monitor all open/outstanding problems and escalate the problem if it is urgent or exceeds the established service levels. This function includes the notification of the person working on the problem and the next level of management. Problems may continue to be escalated up the levels of Service Control and information technology management if the problem is not resolved, the problem affects a business-critical system, or if users are not being satisfied. A sample escalation path, within information technology, may be: support group leader, support group manager and support group director.
Note that as problems are escalated within the information technology organization, information technology also communicates the status with the customer or user liaison on a regular basis. If the problem cannot be resolved within the established service levels, the business customer should be notified. If there is a significant business impact, escalation within the business should be initiated. A sample escalation path may include the user's manager, the user's department director, and the user's department VP. For certain problems that affect the overall enteφrise, Service Control may make a communication to the entire user community regarding the problem and its status. A proactive function may be that of problem resolution, which corrects identified problems and prevents recurring incidents by determining and correcting the underlying problems causing those incidents; this typically requires an expert or support groups. In a preferred embodiment, all problem resolutions are confirmed by the user. All problem resolutions are logged, tracked, and archived for future reference. Going further, root cause analysis group's similar problems reactively to try to avoid future problems. Service Control monitors daily metrics and collects historical data about recurring incidents that could be associated with an underlying problem. This function uses monitoring tools and documented incidents to complete an analysis to identify issues causing problems and uses the resolution to prevent additional incidents from occurring. This function is typically performed by a Level 1 lead or manager.
In another proactive effort to improve information technology performance, a Knowledge Repository Management function may be implemented. Knowledge Repository Management identifies common incidents and problems documented by the service request tracking tool and reviews and approves associated resolutions. This function identifies areas where new knowledge is created, updated, or simply communicated to the Service Control teams. This also includes archiving or deleting obsolete knowledge (i.e., Windows 3.1 resolutions when the enteφrise has upgraded to Windows NT). This function coordinates with the business unit and information technology enteφrise experts in developing and publishing knowledge (i.e., Top 10 resolutions) to improve the resolution rates at Level 1.
By working closely with Root Cause Analysis, Service Control can publish resolutions and prevent problems from recurring. Although knowledge is usually stored within a knowledge base within the service request tracking tool, it may be beneficial to publish a newsletter or web site with Top 10 resolutions that customers can resolve themselves, without having to call the Service Control. Knowledge Repository Management is typically performed by a Level 1 lead or manager. A User Administration function is also useful in customer service management. User administration handles the day-to-day tasks involved in administering users on the system. These tasks include such things as: Moves/ Adds/Changes for desktops, Adding/Deleting/Modifying users, User ID changing, Re-establishing user passwords, Maintaining groups of users, and maintaining sets of profiles.
Note that larger application maintenance activities or changes in which a large group of users are being affected are typically handled through different functions, either Project Request Management or Change Administration. The Governance &
Strategic Relationships function set determines how to differentiate between what is a standard User Administration task (i.e., a request for two new user IDs) vs. a larger User Administration process (30 new user IDs for a new system). Requests are received through Service Request Management and are approved or disapproved based upon predetermined Security Administration procedures. Included in this group are the functions of user tracking, user status and notification, user group maintenance, and desktop Moves/ Adds/Changes.
User tracking receives personnel employment activity information from Human Performance Management regarding employees' hiring, transfers, leaves of absences, and termination. This function establishes an effective communication mechanism between Human Performance Management and the appropriate information technology User Administration personnel. Maintenance of this system will facilitate up-to-date information regarding employee arrival, transfer, hold, and departure dates. For example, Human Performance Management would send a list of new hires, their start dates, and the groups or departments they will be working in to the User Administration group. Once this list is received, the following actions can take place:
User Addition - Adds users to all necessary systems (i.e., network, mail, etc.). User Administration Personnel should create IDs/accounts and all users with appropriate type of access to all necessary systems and accounts and procure hardware as needed (through Desktop Moves/Adds/Changes), and
User Account Maintenance - Changes user information on all necessary systems. By having established an effective communication mechanism, User Administration personnel can schedule updates and modifications to existing user accounts. User Deletion - Deletes user information on all necessary systems. Effective communication mechanisms allow personnel to schedule user account deletions on all necessary systems (i.e., network, mail, etc.).
The function of User Status and Notification may be used to clearly document the various access levels a user has to the various information technology systems and notifies appropriate parties periodically of User Administration status. The function includes documenting user account maintenance and goal fulfillment and distributing user account status to the appropriate parties. Parties may include Human Performance Management, Applications Support, and Operations Support, as well as the user himself/herself. Depending on the urgency of the maintenance, this notification to other groups can take many forms: immediate notification - e-mail, pager; scheduled status reports or information through Change Control meetings; or information presented at Change Administration meetings.
User group maintenance functions maintain the user groups and group profiles. The function includes clearly documenting the various access levels a user group has to the various IT systems. This group makes all appropriate changes, including adding/moving/deleting users from a group. A user group may be a department or a role that has certain privileges. It is easier to maintain access levels for a group rather than to individually maintain all user IDs and access levels; therefore, user groups should be established for employees with similar roles who require the same access level. Lastly under customer service management, a group or function may handle desktop moves/adds/changes. This group handles desktop alterations. The function includes moving desktops from location to location, adding desktops to new locations, and making some changes to existing desktops. Large department moves or changes would be handled in Project Request Management or
Change Administration. The Governance & Strategic Relationships function category would clearly define what number of moves constitutes a "large" move/add/change request, and thus what should be handled through a project or change request.
2. 0 SERVICE INTEGRATION
Service Integration may be thought of as an organization, function or system that manages activities for large-scale and ongoing work efforts across organizational groups and third-party suppliers in order to effectively deliver products and services to customers and users. This organization plans, executes and manages large-scale programs. This organization or function tracks and reports progress, assesses performance, and identifies improvements. It also forecasts and balances resource schedules and workload. Among the functions is coordination of delivery of products and services across in-house and third-party providers. Major tasks or subgroups within service integration 20, as shown in FIG. 4 include, but are not limited to, program management 21, project management 22, resource forecasting 23, and service provider management 24. 2.1 Program Management
Program management focuses on the continuous guidance needed to support the delivery of a business capability through multiple projects and releases. Appropriate disciplines, techniques, and tools are used to plan and organize the work, and to manage the incremental delivery of the new business capability. A number of tasks or process are useful in performing the function of program management.
Alternatively, these tasks or processes, described below, are useful elements in a program management system 21, shown in FIG. 1 . These tasks include program planning 211, program mobilization 212, and program management and improvement 213. Program planning is the function used to plan the implementation of a new business capability. It is triggered by the acceptance of a value realization plan by the sponsoring organization, and is performed for each business capability within the business architecture. Expectations of the key program sponsors are gathered to help shape the program, and then a series of detailed planning activities are performed. The Program Plan is developed through an iterative process of high-level program planning, bottom-up planning from all the program's projects, and consolidation and reconciliation of an integrated overall plan which accounts for interdependencies. The plan is then aligned to the Value Realization Plan and change journey. "Change journey" is a set of strategic initiatives undertaken by an organization to achieve a desired business outcome.
Program expectations management is the function that identifies, documents, and reconciles the expectations of the key program sponsors or stakeholders at the outset of the program. A briefly-undertaken, yet accurate, understanding may build the foundation for further program planning and subsequent in-depth gathering of all program stakeholders' expectations.
Management processes planning determines all the management processes necessary to support the program that relate to resources, vendors, quality, configuration, releases, issues, problems, risk, finances, contingency, and performance reporting. This function establishes and documents goals and metrics for each management process. Begins this base practice at the start of the program, and refines the management processes as the program progresses. Program master plan development develops the consolidated Program Master
Plan, which documents the necessary tasks, effort, schedule, and costs for all releases of a business capability. This is an effort to define the Program Statement of Work, and develop bottom-up project plans. This effort reconciles these plans with the top- down plans to generate a program baseline. This task is performed initially during program planning, in conjunction with or prior to a capability analysis function set. It may be re-initiated during the course of the program as re-planning is required by program or journey management. "Journey Management" is a systematic approach to managing the successful delivery of large-scale change.
Initial team-work environment design ensures that designs are developed for the initial team work environment for the program. This environment typically consists of, but is not limited to, the initial development environment, an option engineering lab, initial networking infrastructure, initial communications environment, PC-based tools, design repository, knowledge management function, program management software, and/or model office. Yet another function performed by program management is delivery planning.
This function tailors the delivery approaches for a specific release of the business capability, based on a capability delivery approach and information gathered in a capability analysis function set. Delivery planning will take and finalize the capability release design function set plans and estimates. It will also refine estimates for work in the later function sets of the capability development function category, as well as for subsequent releases of the business capability. One of its other functions is to obtain commitment from the sponsoring organization to proceed with the capability release design function set. This base practice is performed once for each business capability release, prior to initiating work in the capability release design function set.
This base practice function ties closely with release planning, and is highlighted here to emphasize the importance of delivery planning from an overall management "program coordination" perspective. The actual release and deployment testing functions are defined in detail in the change administration function category. It is also necessary to create a program plan, and another element of program management is a group or a function for program plan creation. It is the function of the program plan group to consolidate the results of earlier program planning base practices with the program communications plan and program budget developed in this base practice. This function ensures that the components of the Program Plan are aligned, and obtains stakeholder acceptance and approval. This base practice begins as soon as the majority of the components of the Program Plan are complete. The components of the Program Plan are continually refined throughout the life of the program.
The program mobilization function contains the base practices required to handle staffing, administrative, and other necessary activities to establish the program. The base practices within this function begin once the Program Plan has been approved. Here, the program-level infrastructure designed in Program Planning is implemented. Another desirable function within program management is resource obtaining and deploying. This function analyzes resource requirements, initiates the procurement of goods and services, obtains human and physical resources from participating entities, assigns these resources to projects, and releases the resources upon project completion. This function may also be considered a base practice to be performed throughout the life of the program based upon the forecast determined fn
Resource Forecasting.
A function of management processes implementation establishes the capabilities necessary to execute program management processes, and refines management processes as necessary to incoφorate the results of other concurrent program mobilization activities. Note that some management processes are implemented in conjunction with other program mobilization activities. In one embodiment of the invention, it may be useful to establish a program management office. This function may be useful to establish the Program Management Office (PMO), the administrative support component of Program Management. The puφose is to define the specific functions of the PMO and establish the Program Management infrastructure, including the initialization of the performance and financial reporting systems. Management should be careful to scale the size of the Program Management Office to the size of the program.
An initial team work environment implementation completes the implementation of the initial Team Work Environment deliverable, which may be defined as consisting of the initial development environment, option engineering lab, initial networking infrastructure, initial communications environment, PC-based tools, design repository, knowledge management function, program management software, and/or model office. This includes building or installing the initial team work environment components, conducting the appropriate test and verification steps, and deploying the team work environment to the projects to be supported.
Another useful function is to establish an orientation and training center. This center develops program-wide orientation and training materials, based on requirements gathered throughout program planning and mobilization. The function is to conduct initial orientation and training sessions as necessary. Additional sessions required throughout the life of the program are conducted in conjunction with the Program Management Office Operating base practice.
A program for management and improvement should include the ongoing management processes required to manage the delivery program, ensuring that the business capability is delivered successfully and meets sponsor and stakeholder expectations. These processes involve the day-to-day operation of the program in terms of the program leadership activities needed to guide the various projects, the execution of the various program-level management activities, the operation of the Program Management Office, and the operation and support of the teamwork environment. The management and improvement office also involves three oversight functions:
• Analyzing the performance of the program as a whole as well as of its specific projects and vendors • Recommending corrective action
• Implementing any necessary improvements to keep the program on track The function concludes with a formal close-out process that obtains final acceptance of the business capability and transfer of appropriate responsibilities back to the sponsoring organization.
Closely related is a program direction function or office, which provides leadership to guide the planning and execution of program work. This office or function maintains key working relationships within the program, and monitors and develops the skills and performance of program management team members. In one embodiment, it may be considered a base practice representing the decision-making component that directs all program work.
The program manager may find it useful to have a separate or adjoining office for management processes execution. This function coordinates/executes a number of functions/ processes within program management. These functions or departments may include, but are not limited to, vendor management, quality management, configuration management, release management, issue management, problem management, risk management, and contingency management. Note that these management Program functions/processes should be consistent with the functions/processes already established. This function ensures not only that the centralized processes are performing well, but also that the interactions among processes and with the program's project teams are operating effectively.
Program performance analysis is a desirable function in tracking a program. An office or function to track program performance identifies and assesses problems with program performance, and specifies corrective actions as needed. The function evaluates program metrics, as defined in a Program Metrics Plan, to determine progress towards program objectives, and to determine whether or not the current metrics are still relevant. Assessments may be performed as to whether or not the program is on track by reviewing program, project, and vendor performance and recommending alternative corrective actions. Program Management will evaluate the alternative corrective actions, and will finalize the appropriate corrective actions to be carried out in the appropriate function or base practice. Closely related to performance is a function for program improvement planning and implementation. The task here is to coordinate the identification, analysis, and implementation of program improvements throughout program execution. As problems are analyzed and resolved, Program Management will act upon the results in this base practice or in conjunction with the Program Direction base practice, or will provide guidance to the affected projects on how best to proceed with the Project Work Control base practice.
In one embodiment, a program management office operation performs the administrative functions of the Program Management Office. The office updates and refines the Program Policies and Standards. The office also reports, monitors, and accounts for the program's financial performance and results, and produces the program's performance reports. In accordance with the other functions listed above, the office may conduct ongoing orientation and training, and monitors the Program Communications Plan to ensure that planned communications events are addressed. As the program proceeds, a specific management function for build and test authorization may be useful. This function reviews the work of the Capability Release Build & Test function set from a program management perspective. This function defines the Capability Release Delivery Approach, based on detailed information gathered in the Capability Release Design function set. It is their task to finalize and commit to the Capability Release Build & Test function set plans and estimates; these will become the baselines against which the function set will be managed. This function also refines estimates for work in Solution Deployment, as well as for subsequent releases of the business capability. A management function is to obtain commitment from the sponsoring organization to proceed with the Capability Release Build & Test function set.
Another potentially useful management function is one that obtains deployment authorization. It is this function that reviews the Solution Deployment function set from a Program Management perspective. They refine the remaining aspects of the Capability Release Delivery Approach, based on detailed information gathered in the Capability Release Build & Test function set. This office or function will finalize and commit to the Solution Deployment function set plans and estimates; these will become the baselines against which the function set will be managed. They are also in a position to refine estimates for work in subsequent releases of the business capability. It is this office that obtains commitment from the sponsoring organization to proceed with the deployment of the business capability release.
Later in the list of program management functions is an organization or function for the team work environment operation. This organization ensures that the ongoing maintenance and support for the team work environment is being provided. This office or task assures that the enhancements identified and requested by the supported projects are incoφorated as appropriate. It ensures that updates to the team work environment are periodically made with the latest versions of the technology infrastructure to ensure that the supported projects are working in an environment that most effectively enables their efforts. The actual operations of the environment are defined and executed in Service Delivery.
It maybe useful to provide a program close-out function at the conclusion of a program. This function achieves an orderly and successful program closure by performing the following activities:
• Formally transfer responsibility for the business capability components to the operational units
• Obtain formal management acceptance of the competitive capabilities delivered • Release all remaining human and physical resources to their providing organizations/owners
• Complete a disposition of all program documentation and other materials.
2.2 Project Management Project management focuses on providing specific deliverables (i.e., process flows, job designs, business applications, reward systems) through the balanced management of scope, quality, effort, risk, and schedule. Project management applies to both the "individual" efforts/projects coordinated by the programs, and also to stand-alone projects, which may be performed before the necessary program infrastructures have been established. In one embodiment, a number of functions are associated with project management. FIG. 16 depicts two main functions within project management 22, including project planning and management 221 and project execution 222.
The first of the project management functions may be project planning and management. This functions contains a set of base practices that follow a cycle of planning the project's execution, organizing its resources, and controlling its work. A detailed Project Plan is developed that indicates the project's work plan, schedule, resource needs, and plan for managing quality and risk. Once the Project Plan is approved by the program or other necessary stakeholders, its human and physical resources are enabled. The day-to-day project work is assigned and monitored, and the overall performance of the project is measured and assessed. The base practices within this function interact with all the program-level processes to ensure the most efficient development, integration, and delivery of the business capability components. Projects are typically active through the various functions of the Capability Development Function Category, for multiple releases, until the complete business capability has been deployed.
A group or function for project plan execution defines and obtains approval of the initial Project Plan, which will be used to manage the execution of the project. The project plan execution group performs this base practice throughout the project life cycle at predefined commitment points and whenever re-planning is required. The Project Plan will include components related to scope, effort, quality, risk, and time (schedule). It will be developed based on initial estimates provided by program management. For maximum effectiveness, it should be approved by program management and other key stakeholders.
A desirable function of any project is the organization that organizes human resources for the project, and established other resources needed for the project.
Sometimes called a Project Resources Organization, this group makes resource work assignments and develops training to enable resources. The group may need to perform this base practice in an iterative fashion to organize, mobilize, and manage project resources throughout the execution of the project. Such a group or an organization may also be used to organize the resources required to implement program-wide management processes. In addition to these functions or groups, a project of sufficiently large scope or importance may also utilize groups for project work control, project execution and project completion. The project work control group controls the execution of the project work. After assigning the work to team members, this group identifies potential and actual problems by measuring and monitoring progress and performance against the Project Plan. They may also solve problems by identifying, evaluating, selecting, and taking appropriate corrective actions. Once interim deliverables have been completed, the project work control group may obtain appropriate stakeholder acceptance. A project execution group or function manages the day-to-day activities on the project. Their duties may range from issue resolution to client bill presentation. Along with the march towards the milestones of the project, particular attention may be paid to developing human and capital resource development, maintaining the workplan, and reviewing deliverables according to the plan. Lastly in this section a project completion group may close out the completed project, and evaluate its overall results. This group or function insures that activities for a project are completed so that resources can be released and documentation and responsibilities can be transferred to the new responsible party or parties. 2.3 Resource Forecasting A group whose responsibility is resource forecasting balances the resource requirements for "discretionary" demand (new development and major enhancement projects) with the requirements for "non-discretionary" ongoing Service Delivery commitments (typically maintenance work, including problems, questions, and minor enhancements). Based upon overall trends and projections in the enteφrise, and demand for specific categories of skills, Resource Forecasting assesses the future requirements for staff by skill type. Additionally, this group or function provides input to Human Performance Management functions regarding the acquisition, release, proficiency development, and reward strategies that will be required to meet unit requirements based on current resource loading and future client demand projections. FIG. 17 depicts additional functions or needs that may be a part of resource forecasting 23 include groups or functions responsible for resource utilization 231, resource gap identification 232, and resource schedule management 233.
A resource utilization group or function tracks the deployment of budgeted resources (human, financial, or infrastructure) against demand and informs Project Management of discrepancies. Resource Utilization tracks time spent by resources on various projects and compiles aggregate forecasts of resource requirements. This information is provided for billing and capacity planning activities. This function complements the Project/Program Management in providing the resource perspective on utilization. Typically, Project/Program Management tracks budgeted resources and actual expenditures of resources, providing useful metrics of project performance.
However, this does not provide insight into overall utilization levels of individual resources or category of resources. To satisfy this need and to appropriately plan capacity, Resource Utilization maybe tracked outside of Project and Program Management. A resource gap identification group or function compiles and analyzes unit skills assessments and gaps for use in planning unit training needs and identifying sourcing requirements. This group or function interfaces with Human Performance Management to ensure that appropriate skills are available to fulfill project requests. The function performs careful analysis of project skill requirements and identifies potential gaps, or deficits. These skill deficits may be filled by hiring new resources or training existing personnel. They also examines trends in demand, identify competencies that should be built within the informational technology environment, and provide input to Competency Development.
In a larger sense, a function for resource gap identification ensures that an organizational Human Performance Management group is aware of potential competency needs based upon new projects that are planned. For example, if an approved project is developing an Internet application, an organization would inform Human Performance Management at the start of the project of the need for Internet production skills so that those skills would be developed (either by training existing personnel or by hiring new) by the time the project is complete.
A third function within resource forecasting involves identifying required skills and knowledge, assigning and performing tasks, or allocating facilities. This function aids the project manager in assigning team members to the appropriate roles and work packages, including project work and decision-making processes. This group also maintains backlog of requests for resources. This function complements Project/Program Management in providing the resource perspective on schedule management. Whereas a particular resource may be utilized a portion of the time on any given project, the same resource may be committed to a number of projects. In Human Performance Management, systems such as group/individual scheduling satisfy this function. 2.4 Service Provider Management A service provider management function is used on an ongoing basis to ensure coordination of the different operational domains and effective use of resources. It manages the Service Delivery functions, the environment, and the service provider's relationships with operational domains and suppliers. This group may also be useful in insuring adherence to contracts with suppliers. As depicted in FIG. 18, two principal functions within service provider management 24 are service provider integration 241 and operational level management 242.
A service provider integration function coordinates activities across in-house groups and third-party suppliers. Such an integration function establishes and maintains management controls, coordinates delivery schedules and resources, and monitors delivery against commitments. Service provider scheduling manages in- house resources, and coordinates these resources with third-party service providers to provide seamless service to customers. Service provider planning defines the appropriate strategies and business architecture for the day-to-day management that will position a business to achieve enduring competitive advantage and continually build stakeholder value. Service provider administration administers management controls among all service providers. This group manages risks and issues, and tracks and reports progress against delivery schedules and budgets. They also coordinate interface points, integrate testing and implementation efforts, and conduct status meetings among providers as appropriate. A second desirable group within service provider management is operational level management. This function regularly monitors the results of services defined by the agreements and takes action where needed. This is done by establishing Operational Level Agreements (OLAs), reviewing metrics results (reports are created elsewhere via the Quality Metrics function), identifying service trends, meeting with teaming partners to review results, making corrections (as-needed), escalating (as- needed), and ensuring complete resolution of operational level noncompliance. This also includes making recommendations on OLA improvements (i.e., retiring metrics that are no longer useful).
In establishing and using OLAs, functions useful include a group for OLA requirement identification. This group ensures that before creating an OLA, the agreement with the service provider is in line with the overall business strategy and is providing the services that the users want. This includes identifying service providers requiring OLAs, service needs, and business unit service requirements. Another function may be OLA costing determination, a group whose responsibility is to identify chargeback, budget, or costing structure components that are included in OLAs. This group determines rewards and penalties for meeting/exceeding/not meeting agreed upon OLAs. This group determines how individual costs for services may be reported.
Of course, if the organization will contract for OLAs, then a group or function may be needed whose function is to define OLAs. This group outlines agreements between those managing the service (i.e., an information technology organization) and those providing the service (i.e., internal or external providers). By obtaining sign-off from both information technology and the service provider, it formalizes the interface between information technology (customer) and information technology suppliers either within or outside the organization.
The Operational Level Agreement (OLA) may define: • Scope of services provided
• Who the customer is
• Level of service to be delivered (base line & target)
• Roles and responsibilities for providers and customers (information technology) • What constitutes a failure to meet the OLA and associated penalties
• Monitoring and review process • Costs and contractual arrangements.
Groups with operational level management may also include the following function for operational level measurement, reporting, controlling, reviewing, maintenance and retirement. An operational level measurement group provides regular metrics and information on how well the operational levels are being achieved by the service provider. This base practice provides those maintaining OLAs and those providing service to information technology with historical reports that track the operational level delivered over a particular period of time. An OL reporting function provides information on how well a service is being provided by a service provider.
Additionally, this group provides those managing OLAs and service providers with reports tracking the service delivered over a particular period of time. Operational Level Reports provide key measurements and input for Vendor Management when the OLA is between information technology and an external service provider. An operational level control function assures that agreed upon operating levels are consistently reported on by regularly and frequently assessing service provided, determined by Operational Level Measurement and Operational Level Reporting, against the target operating levels defined in the OLA. If these operational levels are being violated, Operational Level Control will take the appropriate action to determine what is causing the violation and initiate a fix to ensure that services are provided in accordance with the OLA.
An operational level review group or function offers a regularly-scheduled forum for discussing Operational Level reports with information technology service providers. This group provides service providers with a formal opportunity to discuss their service arrangements, potential changes to their agreements, and methods for improving the quality of service delivered to the service providers. An OLA maintenance group or function identifies changes to existing OLAs as necessary. This group receives requests from end users and service providers to change OLAs for business needs. This function also manages short-term deviation to OLAs due to business requirements.
When operational services are no longer provided for whatever business reason, An OLA retirement group ensures that the specific OLA is retired and all accompanying processes for that specific OLA (i.e., service reports, scheduled review sessions, etc.) are ceased. This group ensures that only active OLAs are in existence, which helps to raise the credibility of all OLAs. This function also ensures that historical information (statistics, reports, various versions of OLA, etc.) regarding ceased OLA is appropriately recorded and stored for future reference.
3.0 SERVICE DELIVERY
Service delivery involves all functions required for the day-to-day operations of the information technology systems, including Network/Systems Management and
Application Management. This function category is often referred to as the "IT shop": it encompasses the functions that keep the IT (information technology) systems running. The functions performed in this section are considered Operations and Maintenance functions. Regardless of the change events that are scheduled and performed within the information technology enteφrise, Service Delivery activities take place in an on-going manner. FIG. 5 depicts the principal activities that take place within service delivery 30 including network/ systems management 31 and application management 32.
3.1 Network/systems management
Network/systems management 31 encompasses a host of functions or activities. These are the functions that perform the day-to-day execution, administration, and maintenance tasks for the enteφrise networks and systems, as shown in FIG. 19. This function set includes all routine maintenance and management activities for all systems and networks, except application maintenance and management. Sub-groups or tasks within network systems management include production scheduling 311, output print management 312, operations 313, operations architecture management 314, network addressing management 315, storage management 316, restore/backup management 317, archiving 318, event/fault management 319, system performance management 3110, security management 3111, and disaster recovery maintenance and testing 31 12.
Production scheduling manages the day-to-day operations schedule of activities in the various information technology domains and ensures that production activities are performed and controlled as required. Production scheduling maintains the requirements for the execution of scheduled jobs and tasks across the information technology enteφrise, taking into consideration all dependencies and interrelationships in the environment. A job is defined as any activity performed in the environment that requires human intervention, while a task is an activity to the environment that is automated. Production scheduling requirements management manages the changing requirements of the business and associated technology infrastructure for scheduling operations jobs and tasks. This takes into account performance metrics and SLAs/OLAs. Personnel performing these tasks use expertise in technology architecture to extrapolate the scheduling implications of varying requirements, and to add the appropriate supporting functions to the core business capability requirements. This function also maps the business operations and processes to the Production Scheduling function, updating the requirements as new systems and business activities are introduced. Fixed job scheduling defines production schedules and interfaces with System
Performance Management functions to validate that the infrastructure environment (network, platforms, storage subsystems, etc.) will support the throughput requirements for the regularly executed schedule of jobs. Ad hoc scheduling assesses the priorities, capacities, and opportunities to add ad hoc jobs and tasks to the normal production schedule. This group prioritizes requests based on established job requirements submitted, and coordinates execution once a schedule is determined. The task is accomplished by weighing considerations, such as other processes running (backup/restoration, software distribution, etc.), before approving and sending the ad hoc order. Service class definition establishes, maintains, and manages the appropriate service classes to support different classes of jobs and tasks based on requirements. This function determines the scheduling and adds the appropriate supporting functions to the core business capability requirements. Selection criteria may include time, job dependencies, availability of data, and business function priority. Batch process design establishes and maintains the dependency structure, notification approaches, and restart/recovery mechanisms for the production schedule execution. Schedule and job monitoring ensures scheduled jobs and tasks are starting and stopping within the defined schedule window. Schedule and job monitoring revises schedules when execution completes early or extends beyond normal schedule periods. Information from System Performance Management will play a key role in this function. Output/print management functions monitor all output generation and distribution across the information technology enteφrise and is responsible for managing the output devices and generation at both central and remote locations. This includes both hardcopy and electronic distributions. A first function, output/print requirements management uses the business capability requirements to collect the technology infrastructure requirements for output and printing needs. This group also takes into account performance metrics and SLAs/OLAs.
Output service class management determines the implications of varying output requirements, and adds the appropriate supporting functions to the core business capability requirements. Selection may be based on any of time, frequency of printing, distribution, availability of forms, complexity of the enteφrise, priority of outputs, and the like. Output device management manages the queues, hardware, and forms associated with routing the correct output to the right output device to meet business requirements. Includes all output media (paper, magnetic, optical). A materials and supply management function or group handles requirements such as special paper, special ink, manual feeds, special feeder for the printer, etc. when printing forms (i.e., invoices). This group manages suppliers and inventory of supplies to ensure output functions can continue without interruption.
It has been found useful to have an output distribution function to distribute and route output to the designated recipients. This includes routing of hardcopy output, routing of electronic output to user devices, and the storage of confidential and archive output into appropriate locations. A network/systems operations group defines and controls the routine procedures governing the activation and the operation of communications equipment, applications, and operating systems within the information technology environment. This includes system startup/shutdown, notification, outage scheduling, and metrics. A series of functions for networks/systems operations includes system startup/shutdown for processing platforms, utilities, databases, and applications. The governance or functionality may extend to both centrally managed and remotely managed components. In this same general category of functions should be included outage scheduling. Outage scheduling maintains a system-wide availability schedule. This schedule balances both essential maintenance needs and business operation requirements. Needed among these functions is a group for network/systems operations metrics. This function produces metrics reports for key information technology operations measures. These metrics will be based around SLAs/OLAs and will form the basis for continuous improvement. Also useful is a function for enteφrise notification. As implied, this function notifies the enteφrise stakeholders of planned and unplanned outages. Additionally, this group or function is responsible for notification of status and estimated recovery times.
Operations architecture management is a function that covers maintenance to the network operating systems and system software, such as installing upgrades and maintenance patches. This function applies to both the centralized, distributed, and communications environments. This does not encompass maintenance to applications. System software updates/administration identifies, prioritizes, schedules, and applies approved system software updates. Updates/administration also addresses the system administration of system software components through normal parameter selection and configuration. A related but distinct function that may be included is system software configuration and tuning. This function adjusts system software parameters, based on inputs from System Performance Management, to improve system efficiency. This group or function ensures system software configurations are consistent across the environment.
While the above groups or functions cover software, hardware and platforms should also be considered. Therefore, related but also distinct should be a group or function for hardware configuration and administration. This group identifies, prioritizes, schedules, and applies approved hardware updates.
Similar groups may also exist for communication device software updates/administration, and for configuration and tuning. These groups perform for communications devices the same functions that applied to hardware and software. The group for updates and administration identifies and applies approved communication software updates. The group also addresses the system administration of communications software components through normal parameter selection and configuration. The group for communication device configuration and tuning adjusts communication parameters, based on inputs from System Performance Management, to improve system efficiency. Ensures software configurations are consistent across the environment. One last group or function typically found in operations architecture management is enteφrise integration. This group integrates systems management functions into related capabilities via an enteφrise framework product (e.g., Tivoli, CA Unicenter, HP OpenView) or via point solution products.
Another series of function useful in information technology framework is a network addressing management function. This function, or group of functions ensures that Internet Protocol (IP) and Domain Name System (DNS) services are provided to devices within an enteφrise. This function includes maintaining Dynamic Host Configuration Protocol (DHCP) address leasing and DNS/DDNS (domain name system/ dynamic domain name system) addresses, leasing or assigning addresses, resolving IP name and address lookups, and managing address capacity. Whether dealing with a new or existing capability, the Network Addressing Management base practice demands that high-level business requirements be taken into consideration.
One function within network addressing management is network address assignment management. This function manages the network addresses consumption strategy. This will provide network address ranges for dynamic (DHCP) or static (hard-coding) address assignment. The static address management will be used to manage hard-coded network addresses for network nodes such as file/print servers, printers, routers, switches, and hubs. Useful also is a function for network device naming service administration, which covers the maintenance of the device naming services, such as assigning DNS names for new network devices. This group or function also involves the management of network address and device name resolution.
Another useful function is network addressing application administration. This group configures and administers the network addressing management application to support network-addressing needs. The function includes assigning network address ranges for newly created networks, changing the address management server password, and generating utilization reports.
The last function within network addressing is application maintenance. Network addressing application maintenance defines the maintenance of management applications. This group addresses the address management server clean-up and data archiving. Their function insures that useful information is stored safely and efficiently, while unnecessary data is discarded. For example, the scheduled maintenance process will include start-up/shutdown of the address management server, archival of log files, and address database replication. Storage management contains several functions which address the handling of centralized and distributed storage media, such as disk, tape, microfiche, image, Optical, CD jukeboxes, etc. Storage management includes the monitoring and controlling of each of those types of resources and their usage, to include disk space, data placement, tape management and reporting. Disk space management manages the hierarchy of disk storage types, including cache, high speed disk, mass storage, and optical. Assesses the requirements for disk space and allocates/partitions space to the appropriate pools of storage to fulfill space needs.
Data placement management manages the appropriate classification and placement of data on storage medium relative to the reference profile and business importance. This group's function includes managing 'aging' of data, migrating it across the storage hierarchy as it is referenced or unreferenced over periods of time. The group also addresses the retirement of obsolete and temporary data. Tape management establishes and executes procedures for tape handling, tape rotation, tape cycling, and tape selection. Tape management provides tracking and reporting mechanism for tape usage and location, and manages tape library facilities and vendors for onsite and offsite storage of tapes. Storage management reporting provides a tracking and reporting mechanism for all central and distributed storage management functions (including disk space, data management and location, tape usage and location) to maximize the effectiveness of the enteφrise storage management system.
A desirable function, in all of information technology, is the backup/ restore management group. In a preferred embodiment, this group performs backups on a predetermined schedule as well as for ad hoc requests. This is done to ensure that appropriate backup versions of data, libraries, and files are available for recovery and restoration and to prevent the loss or corruption of data. A good backup/restore group considers all of the back-ups and restorations that need to take place across the enteφrise and, depending upon the need, executes processes centrally or remotely.
There may be several groups or sub-groups within backup/restore management.
One such group may be backup/restore requirements management. This group manages the business and system requirements that determine the backup processes, tools, and schedules for data across the enteφrise. The Backup/Restore Management function category maps to these requirements and is modified as new requirements are received. Another group may perform functions related to backup/restore data indexing and compressing. This group compresses and indexes data for storage. Compression reduces the amount of media space needed to store the data. Indexing allows for a "table of contents" to be created on the information stored, which will make it faster to access the data when needed.
Another included function may be backup/restore data scheduling and monitoring. This group schedules and performs backups at appropriate intervals based on requirements and placement in the production operating schedule. The group or function also alerts and verifies whether backups took place and were completed as scheduled. Another possibly group, backup/restore testing provides schedules and mechanisms for testing Backup/Restore procedures to ensure the integrity of the backup data and backup/restore processes and tools. Finally, within backup/restore management, it may be the function of backup library maintenance to maintain the backup library, typically including labeling backup media, making copies of backup for storage off-site, to age out obsolete versions of backups.
Archiving is another function with several sub-groups or sub-functions appended. Archiving saves data that has been selected for storage for longer term retention but unlikely use. While speed of retrieval is usually not a consideration, retrieval speed should be documented in the SLA/OLA. Data selected for archival typically includes older versions of backups, data versions retained for regulatory requirements, or unreferenced data that is not yet due for deletion. Archiving may also involve placement of media with third party vendors, off-site storage vaults, or simply in alternative locations within the distributed network; in all cases, the ability to retrieve and restore archived data is in place. Archival requirements management manages the business and system requirements that determine the archival processes, tools, and schedules for data across the environment. The archival/retrieval function maps to these requirements and is modified as new requirements are received.
Archival scheduling and monitoring schedules and performs archiving at appropriate intervals based on requirements and placement in the production operating schedule. This function also alerts and verifies whether archivals took place and were completed as scheduled. Archival testing provides schedules and mechanisms for testing archival and retrieval procedures to ensure the integrity of the archive data and archive/retrieval processes and tools. Archive library maintenance maintains the archive library, including the following:
• Labels archived media • Stores copies of archives in a vault/off-site
• Performs generation maintenance tasks for archival
• Ages out obsolete versions of archives
Finally, library indexing and compressing compresses and indexes data for storage in archival format. Compression reduces the amount of storage media required to store the data. Indexing provides the 'table of contents' for the data being stored, making it faster to retrieve the data when needed.
Another group of functions useful in information technology may be termed event/fault management. These functions receive, log, classify, analyze, and present incidents based upon pre-established filters or thresholds. Incidents are inteφreted as either faults (failures) or events (warnings). Event/Fault information is sent from system components such as hardware, application/system software, and communications resources. Systems, groups, or function with event/fault management may include those for monitoring, analyzing, and classifying and displaying. Monitoring requirements management manages the requirements for new monitors and adjusts existing monitors. The requirements will typically identify resources and components that will be monitored and map the threshold levels into the event and fault categories. Incident classification classifies incidents to promote to an event, fault, or to ignore. This group assigns severity levels and assesses impact. Once the data is pulled in, the incident is defined or classified. A severity level, system impact, and notification is then determined. Analysis and correlation groups for both faults and events then analyze any faults to identify whether the origin is with a specific device or whether an entire segment of the enteφrise is affected. A fault is defined as a failure of a device or a critical component of that device. The groups correlate faults or events from multiple devices to assist in problem analysis if applicable. An event is defined as a tripping of a significant threshold or warning, and could be based on performance or indications of a potential failure of a device or critical component of that device.
Part of the fault/event series of functions may be a traffic analysis group. This group identifies critical nodes that are representative of enteφrise performance. These probes are then used to gather information on protocols and stations communicating on an enteφrise segment. Event/fault trend reporting functions report on event/fault alerts over a time period. This function provides trending information on frequency of events/faults and potential sources of future problems and feedback into the adjustments of thresholds. Finally, under event/fault management, there is desirably a function for display management. This function maintains an effective and ergonomically correct view of the event and fault alerts presented to the operations staff.
Another series of functions or systems may include a system performance management function. This group or function ensures that the required resources are available at all times throughout the system to meet the agreed upon SLAs/OLAs. This includes the monitoring and management of end-to-end performance based on utilization, capacity, and overall performance statistics. If necessary, System Performance Management can make adjustments to the production environments to either enhance performance or to rectify degraded performance (throttling).
Functions within system performance management that are useful in service delivery include performance data requirements management. This function manages the requirements of the business and associated technology infrastructure for maximizing utilization/performance. This takes into account the systems, applications, network, etc. of an enteφrise. The function maps the business operations and processes to the information technology enteφrise, updating the requirements as new systems and business activities are introduced. Related functions include threshold management, which maintains thresholds for system performance resources being measured, identifying performance levels where performance problems will/do occur. A performance analysis group or function identifies the resource constraining throughput and response time, enabling root cause analysis of the performance problem. A last sub-group or function is performance reporting. Performance reporting provides the standard reporting mechanism to generate regularly scheduled reports of trend data and performance incidents. Performance reporting also supports ad hoc reporting and diagnosis views to identify problems as they are occurring.
A security management function performs security functions to plan, determine, implement, manage, and review security controls, and to respond to security events. The functions include Security Administration. Implementation of secure technical infrastructures that include appropriate technologies, i.e., firewalls, encryption, and authentication servers, are included as well as implementation of appropriate software controls in the application architecture, i.e., access rules, transaction logs, and checksums. Additionally, security management enforces security policy and conducts security awareness training.
The security administration function tracks and coordinates security changes across all systems/platforms/applications. Security administration works in conjunction with User Administration to prevent unauthorized access to systems. A security audit function defines the procedures and tools needed to periodically review the security controls. Security audits also determine compliance with security policy.
Lastly within security management, a security review provides for continuous review of systems/platforms/applications as determined by Risk Management. The review or review function determines required updates to security policy and identifies new threats and vulnerabilities. No one doubts the need for disaster recovery maintenance and testing. This group or function develops procedures to guide updates to the Disaster Recovery plan on a regular basis. The group or function is additionally responsible for developing test strategies that, if used, ensure that the plan will remain current. Disaster recovery plan maintenance provides the enteφrise with the procedures to update its disaster recovery plan. These procedures are developed by first identifying the events occurring in the organization which will require the plan to be updated. Based on these events, procedures are defined to guide the submission of changes and the application of those changes to the plan. These procedures developed are then incoφorated into formal change control procedures in existence at the enteφrise. Desirable also is a group for disaster recovery plan testing. This function develops specific strategies to guide the organization in testing, by outlining what components of the plan to test, which components should be tested together, and how often they should be tested. Criteria will be developed for use in evaluating the results of the test and assessing its validity. This completes one listing of possible embodiments of network/systems management functions. The next major group of function may be entitled application management. 3.2 Application management
The function of application management includes ongoing, routine maintenance of the applications. The function performs ongoing application code maintenance and application administration. Application management also encompasses the functions that are done during regularly scheduled 'downtime' or 'maintenance windows.' Large-scale application maintenance requests (which are different from routine application maintenance) are not handled here, but through Demand Management. As shown in FIG. 20, application management 32 includes portfolio management 321, release maintenance 322, work request processing 323, and application support services 324. Application portfolio management identifies the portfolio of applications required by an organization to meet its current and future requirements. Portfolio management deliberates how to manage the implementation and operation of those systems. Application management plan maintenance identifies the immediate business plans for the organization and maps specific objectives to scheduled activities within the organization. Portfolio management maintains the Application
Management Plan through successive releases of the application; however, emergencies for fixes and enhancements to an infrequently maintained application may arise.
Application portfolio maintenance maintains the portfolio of applications by accepting new ones into production (through participating in the development and deployment project), retiring old ones, and understanding the quality of the applications in the portfolio. Portfolio maintenance also records all applications and other software assets (such as development software) that are part of the Application Management organization's archives or current portfolio.
The last function listed for portfolio management is work request backlog management. This group reviews, on an ongoing basis, all work requests that are currently in process as well as any backlog of requests. Included are both work requests that are part of a release as well as all of those that are out-of-release. The backlog is made up of those requests that have been received, but are not yet being executed, either because their scheduled start date has not arrived or because there is not enough capacity to execute them. Work request backlog management is responsible for the identification of exception conditions, determination of which work requests should be processed next, and adjustment of the priority of the work requests to be processed. Backlog management also modifies estimates and schedules based on changes in priority, and communicates status information to stakeholders. Additionally, backlog management reviews resource needs and initiates the appropriate action to fulfill the identified needs.
A group useful in information technology is an application release maintenance group. This group defines and controls the scope of each application release. This group integrates all work requests included in the release into a single design. Additionally, release maintenance plans the release deployment and executes the regression test. Another function useful within application release maintenance is application release scope negotiation. This group reviews work requests from application users (whether included in the initial plan for the application release or already in the backlog) and possible third-party package upgrades, and determines whether they should be included within the scope of the release.
Application release scope control involves assessing the impact of a scope change request to the application release, then having the request approved, canceled, or deferred by the change control board. If a scope change is approved, scope control creates the change order, and coordinates the execution of the change. Another group, application release design integration defines the implementation details of the changes to human performance, business process, and technology that are needed to improve business performance. These designs form the basis for the detailed estimating and scheduling of the work required in the Capability Release Build & Test stage. This base practice is conducted once for each release of the business capability. Design integration addresses the design and integration of the elements with the business capability release. The overall design process is iterative, as teams will continuously revisit their designs in order to resolve integration issues and tune the overall capability to meet any applicable Business Performance Model, such as one defined within Capability Analysis.
An application release deployment plan group or function manages the implementation of an application release. The plan typically includes the following: a list of stakeholders, an overall implementation approach, and a schedule of specific activities or checkpoints. An application regression test execution ensures that a fix has been implemented properly and has not affected anything else. Deployment planning involves planning for multiple passes, developing a modular, structured, and repeatable test model, and automating script execution and results checking. Application release deployment transfers the work products to production. Release deployment also retires and archives unused components, modifies performance support products and learning products, and conducts training. The release deployment function authorizes release deployment and reviews and baselines the work products. Finally, within application release maintenance, an application release assessment documents any improvement actions, sample deliverables, and other experiences resulting from executing the application release. This assessment highlights the items that had a significant effect on the project.
Application management work request processing describes how to log, validate, clarify, classify, prioritize, estimate, control changes to, track, and close work requests. A work request processing function analyzes work requests and enables the Applications Management team to design, build, and test the capability. A work request can include any of the following: fix a problem, correct a production defect, enhance an application, or find the answer to a question. Work requests may require modifications, no modifications, or a pre-defined set of modifications.
An application work request receipt logs and validates all requests for service, whether verbal or written. Work requests may be received from an external or internal source. Application work request analysis functions then analyze work requests and determine the appropriate course of action. Work request analysis confirms scope, classification, priority, initial estimate, and delivery date as appropriate. Work request analysis determines if modifications are required (modification, no modification, or pre-defined modification) and determines responsibilities for addressing the work request.
If a work-request requires no modifications to software, it may be handled by a group or function for application no-modification processing. This group performs the necessary actions to address a work request that does not require modifications to software, such as an ad hoc query, report execution, or a data query that requires better user understanding or process changes. Resolution for these requests often involves following a pre-defined set of actions. Application modification release planning assesses the impact of a scope change request to the application release. Based upon this assessment, a request is either approved, canceled, or deferred by a change control board. If approved, a change order is created and coordinated for the execution of the change.
Another group or function, application modification design, creates the design to address the capability changes required for the work request. The design provides the direction and approach for the Build & Test stage. Application modification build and test prepares a requested change that affects the baseline or the net benefits defined in the Business Case. This deliverable may be applicable to all programs and projects. The build and test group or function finalizes and commits to the Capability Release Build & Test plans and estimates; these will become the baselines against which the stage will be managed. The build and test group also refines estimates for work in the Deployment stage, as well as for subsequent releases of the business capability, obtains commitment from the sponsoring organization to proceed with the Capability Release Build & Test stage of work. Remaining functions useful in application modification work request processing include change control and closure. Application modification change control tracks the timely implementation of changes to the service while minimizing the disruptive effect of these changes. Additionally, change control controls changes to production system environments to ensure minimized disruption. Change control requests are initiated when the Work Request is ready for implementation and the production systems and users are ready to accept the changes. Application work request closure ensures requests for service are resolved. The closure group or function reviews completed work request to ensure that both proper documentation has been filed and that customer feedback is solicited. Any work request improvement suggestions are noted and passed along to the appropriate owners. Requests may include any kind of requests from projects to small enhancements (anything that is not a problem).
One final group of functions remains within service delivery, that is, application support services. This array of functions details the standards, templates, functions, and prototypes of all services and products that support an application management environment. This consists of: Performance Support Standards, Performance Support Structure, Reference Material Template, User Procedures Template, Performance Support Job Aid Templates, Performance Support Low- Fidelity Prototype, applications documentation, training materials, and database administration. Database administration manages access to the physical database, its structure, the placement of data elements, data integrity monitoring, data corrections, name conventions, and archive and backup requirements. Database Administration is responsible for describing the steps for ensuring that databases used by the engagement are managed to maintain optimum efficiency, security, and usability.
Application performance support management manages the support of the activities responsible for ensuring satisfactory performance of an application. Documentation management (user and technical) creates user procedures that consist of step-by-step instructions on how to use an application to complete a specific activity. User Procedures provide the detail necessary to enable smooth execution of new application-related tasks within a given business procedure. Application performance support is also responsible for the management of the creation of Performance Support Products that are often developed for employees whose jobs utilize new and/or changed business processes and/or technology.
Application training management (user and technical) creates and maintains applications materials for user training or technical training. Infrastructure liaison ensures integrated schedules and plans are communicated between Network/Systems
Management and Application Management.
4.0 CAPABILITY DEVELOPMENT
Capability development is a desirable function or system of information technology, transforming business and information technology goals and strategies into measurable business and information technology capabilities. Capability development guides the creation of tools for information technology, along with processes and organizations required to enable business capabilities. The Capability Development function category includes all new development activities and infrastructure builds, including the creation of new organizational structures and processes.
Put another way, this function transforms approved business and technical project requests, defined in the Fiscal Plan Management and Project Request Management function sets, into real business capabilities. The function or group validates project scope and completes development and testing of the agreed capability. They should also verify that completed capabilities meet user requirements. As shown in FIG. 6, major sub-groups or functions within capability development 40 include capability analysis 41, capability release design 42, and capability release build and test 43. 4.1 Capability analysis
The capability analysis group concentrates on defining the business requirements, performance targets, and delivery options necessary to define and commit to a specific implementation and release plan (see Release Planning within the Change Administration function category). The information gathered in this function focuses on a single business capability, describing it to the level of detail needed to finalize the delivery releases, define the specific requirements, and resolve implementation issues. This function set begins with an organization's commitment to delivering a program, and with the completion of the business architecture and Program Plan. The function set ends with a defined release plan and a detailed scope definition for a business capability. The organization commits to that plan based on the business requirements, the refined Business Performance Model (defined in the Business
Integration Methodology as "a qualitative model of the business capability that defines performance measures, targets, and reporting requirements"), and the approaches used to develop the capability releases. Shown in FIG. 21. functions or groups within capability analysis 41 include performance model refinement 411, delivery option selection 412, and packaged software selection 413.
Performance model refinement, collects the business capability requirements, defines details of the Business Performance Model, and establishes the initial deployment requirements (see Deployment Planning within Change Administration). These requirements form the basis for assessing the implementation, operational, and other constraints in order to produce a detailed scope of the business capability and its releases. Another group or function is business performance refinement. This group defines the business performance targets of the new information technology capability and its related Business Capability Requirements; this information is used to provide additional detail to the Business Performance Model. The work involved in this base practice may occur concurrently with analyzing and selecting delivery options for specific parts of the business capability.
Another useful function within performance model refinement is deployment environment assessment. This group or function ensures the early consideration of the deployment effort. The objectives of this assessment are to consider the geographical, infrastructure, operational, and cultural differences between the current structure of the sponsoring organization and the desired structure, to define the deployment requirements, and to determine the optimal deployment units. This base practice will provide a major input to defining information technology capability releases and estimating the design, build & test, and deployment efforts (see Change Communications and Deployment Planning in Change Administration regarding capability releases and deployment efforts respectively). A delivery option selection function selects options regarding the structure of specific parts of the information technology capability and its implementation. This function produces design and implementation recommendations for each of the investigated delivery options. Each of the recommended options desirably describes how the human performance, business process, application, and technology infrastructure elements will interact to meet the required level of performance. This function selects options that consider the structure of specific parts of the information technology capability and its implementation. This base practice applies innovative thinking and techniques to design the information technology capability, and should be executed once for each set of related options. This work is conducted in parallel to the refinement of the Business Performance Model and the definition of the Business Capability Requirements.
Certainly one of the preferred functions may be packaged software selection. This group or function defines a process for evaluating and selecting third-party packaged software, where appropriate. The base practices outlined in this document support selection as either part of an information technology architecture, capability, or individual capability release. The packaged software is selected as part of the information technology capability to fit within the constraints of the Business Architecture Blueprint. Sub-groups or functions within packaged software selection may include, but are not limited to, surveying and screening, proposal request development, and evaluation and selection.
A first step is selection is logically that of surveying and screening available packaged software. The group or the function is used to select two or three packaged software vendors as finalists for detailed evaluation. The goal is to identify the potential vendors that have the ability to satisfy a subset of the information technology Business Capability Requirements by using their packaged software products. Completing this base practice offers a cursory view of the market and confirms whether or not a packaged software approach is a better solution than the custom application approach. Having decided on the vendor list, a group whose task is packaged software proposal request development then creates the Request for Proposal (RFP) that will be distributed to all the packaged software finalists. The completed RFPs will be used to select the software package and vendor. The evaluation and selection is made by the packaged software finalist evaluation and selection function or team. This team gathers additional information about the packaged software finalists, allowing the evaluation and comparison of the capabilities and functionality of each finalist. After careful observation and analysis, a single packaged software finalist is selected and contract terms are negotiated with the vendor. The group then prepares an evaluation to document conclusions for management, and obtain management's approval to continue.
4.2 Capability release design A second desirable function within capability development is capability release design. This group concentrates on defining the implementation details of the changes to human performance, business process, and technology that are needed to improve information technology and business performance. This function may be conducted once for each release of the business capability. The base practices within this function address the design and integration of the elements with the business capability release. The overall design process is iterative, as teams will continuously revisit their designs in order to resolve integration issues and tune the overall capability to meet their goals.
The work in this function results in the design of new organizations, competencies, learning materials, business processes, applications, and technology infrastructure necessary to achieve the Business Performance Model. These designs form the basis for the detailed estimating and scheduling of the work required in the Capability Release Build & Test function set.
Functions or tasks within capability release design 42 are depicted in FIG. 22. These include quick wins implementation 421 , processes, skills and user interaction design 422, human performance infrastructure design 423, physical environment design and planning 424, application design 425, technology infrastructure design 426, and business capability release validation 427.
A group or function for quick wins implementation is useful to implements quick wins at any time during the change journey. Change Journey is defined as "a set of strategic initiatives undertaken by an organization to achieve a desired business outcome." Quick wins represent incremental changes on a relatively small scale. Within the change journey, quick wins provide early positive returns on an organization's change effort.
A group or function for processes, skills and user interaction design designs the new information technology and business processes and defines how they will interact with the workforce (skills), applications (application interaction), and physical environment, based on the Business Capability Requirements, and the Business Performance Model. This group uses the Capability Interaction Model to capture the interactions among information technology business processes, human performance, application, physical environment, and technology infrastructure. For packaged software solutions, this group uses the generic business processes implied by the packaged software. These should be the starting point for developing the business capability's process elements.
Another function, human performance infrastructure design designs the Organization, Performance Management, and Performance Enhancement infrastructures. These designs include definitions of new competencies, roles, jobs, and teams within a sponsoring organization. The human performance infrastructure establishes the basis for managing and sustaining improvements in work force proficiency and skills, and for aligning responsibilities with the business and information technology processes and outcomes. A group or function for organization infrastructure design defines structures for managing human performance. These structures define what is expected of people who participate in the capability operation, the required competencies for people to perform the capability, and how the performance is managed and sustained. This function or group defines the roles played by individuals, the jobs that they hold, and the teams in which they work. The function may use a Competency Model to document the skills, knowledge, and behavior required to perform in the sponsoring organization. The group designs the assessment procedures for following individual or team performance and the mechanisms for encouraging work force development. The group also calculates the staffing needs and provides an approach for filling the necessary positions. This base practice applies to both business capabilities and supporting capabilities. Another useful "people" function in this vein is a group or function for performance enhancement infrastructure design. This group determines the training that helps people make the transition to their new roles, as well as to define online help text, procedures, job aids, and other information that they can use during the actual work. Performance enhancement infrastructure design determines the competencies and proficiency levels of the employees in the sponsoring organization, and identifies ways to help employees master their responsibilities in the new business capability: that is, define training and performance support, and design products and a delivery approach for the training, performance, and support products. Perhaps not so obvious in the "people" category is concern for physical environment design and planning. A group for physical environment design and planning desirably identifies and resolves the overall design and planning issues related to the physical environment, including the facilities, layout, and equipment. This group establishes the detailed designs and requirements for the physical environment.
An desirable function may be application design. Application design includes the analysis and design of custom applications as well as the installation and configuration of packaged software. The function covers creation of key design deliverables, plus the identification of inventories and estimating factors that drive the estimate of the application detailed design and build & test effort. Sub-groups or functions within include application requirements identification, requirements analysis, product test planning, packaged software installation and planning, and conference room piloting.
Application requirements identification identifies the Business Capability Requirements that will be delivered through an application. This entails analyzing elements of the current Business Process Design, and understanding the business processes, the requirements from the stakeholders (i.e., employees, application users, customers, suppliers, sponsors), the usability requirements, the required performance of the product in the organization, and the required performance support for the stakeholders. In the same vein, a group for application requirements analysis develops a formal and rigorous model of the previously gathered requirements. The project team creates cohesive models of the application (event, process, content, and data) and establishes metrics and goals that can be verified with stakeholders for each model. When open issues remain, the group actively manages them to an agreed conclusion. If necessary, the function or group may create a prototype of the business process and iterate it to stakeholder satisfaction. The group meets to review the requirements specifications, and then makes appropriate modifications.
A group for application product test planning develops a comprehensive approach for the application product test. Product test planning also uses this base practice to create and verify the test plan (conditions and cycles) for the application product test(s). Packaged software installation and verification verifies that the packaged software installation has been completed successfully and identifies any gaps in its integration with the existing architecture components. The group documents and analyzes any gaps within the technology infrastructure, and decides whether to use the packaged software as is, to request a fix from the vendor, to change an architecture component to select different packaged software, or to discontinue the packaged software project. This process allows the technical support team to gain hands-on experience with the new application.
Conference room piloting functions demonstrate that the packaged software supports the core business processes. Piloting confirms the Application Requirement Specifications as well as identify new requirements. This function configures the packaged software. The group also identifies potential modifications to the packaged software, confirms the selected packaged software, and analyzes business representative impacts and training requirements. The conference room pilot will test the packaged software using business data in a controlled environment, provide information required to develop the implementation plan, and serve as a gap analysis exercise. It also helps to develop a team that is knowledgeable in both software and organizational needs.
Another group under the general banner of application design is master and key configuration data development. Data development defines the key data structures and configures the packaged software to meet key data structure requirements. Teams can perform these tasks to map the packaged software data model to the current applications' data model and to configure the packaged software data structures. Key data structure includes items like customer file, vendor master file, chart of accounts, and organizational hierarchy (for example, company, division, plant, and office).
Another useful function, often within application design, is user interaction model design and evaluation. This group or function translates business processes, capability interaction, usability objectives, and usability requirements into a User
Interaction Model. The group calculates and designs how the users will interact with the applications, and how the applications will be integrated into the workflow, relying heavily on the Business Process Design and the Capability Interaction Model. This group or function may also define the overall approach for detailed user interface development. This base practice should occur early enough in the design process for the User Interaction Model to be considered during technical and application architecture development. In one embodiment, the group also establishes a design and evaluation approach for user interface development, and develops user interface standards and guidelines that are based on user interaction. A group for application architecture design designs the application and helps ensure the conceptual integrity of the application among multiple design, build, and maintenance teams. Making and documenting overall design decisions, including the application interfaces, helps ensure that the application will meet its quality requirements. The group also develops an approach and plan for assembly testing to ensure that the application architecture is successfully implemented and meets the quality requirements. User interface design and evaluation designs and tests the specific details of the user interface, building on the framework described in the User Interaction Model and the User Interface Standards and Guidelines deliverables. User interface details include dialogs or conversations, window screens or pages, forms, reports, and possibly user interface hardware (monitors, input devices). User interface design and evaluation designs and evaluates forms and reports. Finally, This group may perform one or more high-fidelity usability evaluations.
Another group or function, media content design, generates media content designs, after the requirements for the content have been specified, but before any existing content has been formatted or any original content has been created. In this base practice, it is advantageous to first determine how much original content needs to be created, as well as how much formatting needs to be performed on existing content. Once content has been acquired, design activities for audio, video, and graphical assets, may begin, as well as for a formatting process for existing content. This group determines creative ways to incoφorate content into the application.
Database design transforms the Data Model into logical and physical database designs to optimize the performance and reliability of the application, and ensures that all data requirements are identified and will be met during application conversion. The data conversion processes created in this base practice by a data design function will be used in the overall migration and deployment of the application. The last group or function within application design is application quality verification and validation. This group ensures that the total collection of designs (or specifications) is consistent with the requirements. The designs are verified against the requirements, facilitating stakeholder sign-off of the Application Architecture, User Interface Design, Database Design, and Data Conversion Design deliverables. This process helps ensure that the current and future design work products are produced as planned.
A desirable function within capability release design is technology infrastructure design. This group or function designs the components of the Technology Infrastructure, including the Execution, Development, and Operations Architectures. This group also designs the network, communication, and computing platforms and coordinates the work within this major activity with the development of the information technology processes and organizational changes required to support the new infrastructure. Functions or sub-groups within technology infrastructure include groups for selection and design of execution, development and operations architectures, physical network and computing selection, as well as validation. In one embodiment, technology infrastructure design should follow standards/guidelines established in technology infrastructure requirements analysis. This group prepares for the selection and design of the technology infrastructure and establishes preliminary plans for technology infrastructure releases and product testing. Technology-related requirements from the Business Capability Requirements are refined and decomposed into component requirements for the technology infrastructure. This function translates the business and technology requirements for the technology infrastructure as a whole into the requirements and selection criteria for each component. Iterations of this base practices are necessary whenever there is a change to requirements.
Execution architecture selection and design creates and documents an execution architecture design, and a test plan for the components and the assembly of the execution architecture. Based on whether reused, packaged, or custom built options are chosen, this group finalizes the physical model, and selects or designs all components. The execution architecture design precedes the development and operation architecture designs because it drives the requirements of those architectures. The development architecture selection and design creates and documents the design of the development architecture components, as well as the test plan for those components. Specifically, this function finalizes the physical model and selects or designs all components, depending on whether reused, packaged, or custom built options are chosen.
Another group within technology infrastructure, operations architecture selection and design, selects and designs the components required to support a high- level operations architecture and to ensure application availability and efficiency. This group starts with the reuse option first, packaged second, and custom third. The group focuses on the technology aspects of operations as information technology organization and process concerns are handled by other parts of the methodology. The physical network and computing selection and design group evaluates and selects the physical network and computing platform (hardware, application software, and internetworking services). The group describes activities to create high-level design, and component, and assembly test plans for the environment. The high-level design should provide logical diagrams showing the integration of all the selected components, such as the logical topology of the network and the interconnection points between components. Finally within technology infrastructure design, a validation group ensures that the development, execution, operations, physical network, and computing designs are integrated, compatible, and consistent. In addition, the group may also validate that the Technology Infrastructure Design meets the business needs or organization needs according to a business performance model or capability requirements. Business capability release validation validates the performance characteristics of the business capability against the Business Performance Model deliverable. This validation includes evaluating the integration or "fit" across the capability's elements. These tests are executed in the Capability Release Build and Test stage. The function of business capability release validating ensures that the capability release design supports the realization of the Business Case and Business Performance Model. Capability release validation tests the integration across information technology capability elements. This represents a rigorous mechanism to investigate and simulate the design before sign-off of the capability release. This base practice can be used to verify the capability's benefits to the new organization because it includes measurements, processes, hardware, and software to support the sponsoring organization's operations. 4.3 Capability release build and test
Business capability release test planning and operations readiness test planning round out the functions in capability release design. Business capability release test planning produces the test plan that will allow the requirements of the business capability release to be tested in a controlled environment. This function completes the testing approach. Operations readiness test planning ensures that the business capability release can be correctly deployed and operated within the enteφrise. This group outlines the activities and strategies needed to develop the deployment plans and procedures (see Deployment Planning within the Change Administration function category).
This function also updates the Business Capability Release Plan so that it clearly defines the order of release implementation, the functionality corresponding to each release, and the sequence and timing of deployment. The operational readiness test plans created here should cover all types of operating locations that will receive the business capability. Implementing the tests will mitigate the risks associated with transferring the business capability into production.
Capability release build and test is the third major grouping under capability development. This function concentrates on implementing the business capability elements required for a single capability release. The delivery teams are responsible for the detailed design and creation of new processes, facilities, learning systems, performance support, application systems, and technology infrastructure components necessary to implement the new capability. These elements are then tested and implemented within a pilot environment. Shown in FIG. 23, groups within build and test 43 include those for human performance infrastructure build 431 , physical environment assets and services acquisition 432, applications and performance support build and test 433, technology infrastructure build and test 434, and business capability release test and pilot 435.
A group or function for human performance infrastructure build creates the basic foundations of a human performance infrastructure by creating the programs needed to evaluate, compensate, develop, and recruit personnel for the capability.
This group documents and develops policies and procedures for these major aspects of human performance. Changes to the human performance infrastructure can include changes to the human resources operations, tools, and organization. A useful function is an organization to develop career development programs. This group defines a career development program that will have mutual benefits to employees and employers. Such programs help employees become aware of their interests, values, strengths, weaknesses, and career goals as well as job opportunities within the company, giving employees a chance to grow in ways that are personally meaningful and aligned with company goals. From the company perspective, career planning programs reduce the time to fill job openings, aid in succession planning, and identify employees with managerial talent.
Another function or group is one for performance evaluation program development. This group documents the rules for the performance evaluation program and the steps and guidelines for conducting evaluations. The group may use performance evaluation forms to document the desired behaviors and skills that employees are required to demonstrate in relation to their roles and jobs. Given those behaviors, the group assigns measurement values against which those behaviors and skills will be evaluated. The function or group develops additional materials to support the performance evaluation program, and then validates the completeness and ease of use of the products developed.
Another desirable function is one for compensation and reward program development. This group develops policies and procedures to support the compensation and reward program based on the corresponding workflows. The group develops materials to educate employees on the program and to assist the Human Resources staff in administering the program, and validates all new compensation and reward products as well as those that were developed previously. In one embodiment, this group develops a program that aligns individual and organizational goals and that reinforces employees' behaviors in support of the capabilities via financial compensation and financial or non-financial rewards. Note that Human Performance planning and on-going support is defined in the Human Performance Management Function Category. In many instances the Human Performance Infrastructure will already be in place. This function set defines the key functions required in building the Human Performance Infrastructure.
A group or function for recruiting and selection program development is one that develops a recruiting and selection program, enabling the recruitment of employees with the skills and abilities required by a business capability. The group should document the rules, steps, and guidelines for conducting the recruiting and selection program. The group should include in recruiting materials the desired skills and experience levels that employees are required to demonstrate for a particular role or job. The group also develops additional materials to support the program, and validates the comprehensiveness and ease of use of the products that are developed. A group or function for physical environment assets and services acquisition is one that determines which new facilities, equipment, and services should be acquired in order to operate the information technology business capability. The acquisition group develops a procurement strategy for selecting and appointing vendors, mobilizing the acquisition plan, and evaluating the expected costs and results of each vendor appointment. The group supports managing the specification and acquisition process, while the actual processes of building new facilities and installing new equipment is handled through specialists.
An application and performance support build and test group, with several sub-groups or functions, is also useful. This group builds and tests the application, training materials, media content, and other forms of performance support required by the business capability. The group completes the detailed design, component testing, and assembly testing of the application. The group also develops learning materials following the instructor-led, goal-based scenario, or computer-based learning approaches. The group may also develop business policies and procedures along with related performance support mechanisms.
A desired group or function in support build and test is a group for application detailed design. This group details the Application Analysis Model to the module level to produce a complete set of module specifications that can be used for coding. Detailed design reviews each module specification and develops the Component Test Approach deliverable and plans for testing the application modules. The detailed design group creates common test data that can be used by multiple test phases, and produces completed detailed design specifications that can be directly implemented in code, and develops the approach and plan for component testing the application's modules.
Another function or group within support build and test is the group or function for policies, procedures and performance support development. This group produces a finalized, detailed set of new Business Policies, Business Procedures, User
Procedures, and Reference Material. The group defines the policies and performance support structure, standards, and templates, and creates prototypes for all policies, procedures, reference materials, and job aids. They conduct a usability test and review to verify ease of use, and document Business Policies and Procedures using capability designs. This development group documents User Procedures in enough detail to enable smooth execution of new application-related tasks within a given Business Procedure. The group also documents reference materials and job aids, and validates and tests the content and usability of the policies, procedures, and performance support. The application build and test group builds a complete, high-quality software application from the Application Detailed Design document. Programmers implement the modules and then review the coded modules to verify correctness. The build and test group executes assembly tests to check interfaces and interdependencies between modules. The media content development group develops all the media content that is required for the application. Media development ensures that the media assets are refined, based on how they look in the sample media content composition. After refining the media assets, media development creates the final media content composition that only accounts for the representation of assets on page types, not every page. Since a stakeholder sign-off of the final composition is needed before creating the media assets that belong on each page, the final media content composition is created before all the individual media assets are finalized.
A learning products development group within application and performance support build and test selects the relevant authoring and development tools, and defines standards, templates, and development procedures. Learning products defines detailed learning objectives, determines learning context, and designs learning activities. They also review paper-based learning product prototypes for ease of use.
The group develops activities and content, and defines the support that learners will require. The group also prepares and executes testing to ensure that each learning product meets the stated objectives and that instructors are effective when using the learning products. One of the group's functions is to translate the learning approach and learning requirements into finalized learning products. The learning products that are developed may be paper-based or computer-based.
Technology infrastructure build and test is a larger function with several subgroups or functions. Technology infrastructure build and test acquires, develops, and tests the Technology Infrastructure. The group implements the additions and extensions to the Execution, Development, and Operations Architectures. The group also develops the Physical Network and Computing Resources, and tests them as a unified product prior to the Application Product Test. These tests should include changes to information technology processes and organization to ensure improvements to the organization's technology capability. One sub-group or function is technology infrastructure acquisition. This group plans and executes the procurement of the technology infrastructure components that will be acquired. The group decides who will supply the components and services, how they will be supplied, and how much they will cost. The group also assesses the impact of the procurement choices on physical environment deliverables.
An execution architecture build and test group completes a detailed design of the execution architecture, and builds and tests that architecture. This group uses the same methodology used for application development to plan and perform the component and assembly tests of the execution architecture. In similar fashion, a development architecture build and test group translates the Development Architecture Component Design into the Development Architecture Detailed Design. The group defines the Development Architecture Design while addressing the appropriate Technology Infrastructure Component Requirements. This function also builds custom development architecture components according to the detailed design, and develops extensions to packaged/reuse components. Development architecture build and test uses the assembly test to ensure that, when all development architecture components are integrated, the development architecture will meet the technology requirements.
Operations architecture build and test develops the Operations Architecture Components, including extensions to reused and packaged items. The group functions include component and assembly testing. Physical network and computing build and test completes the detailed design, component build, and testing of the
Physical Network and Computing Components. Note that the detailed design effort also includes the installation and configuration of the Physical Network and Computing Components.
The technology infrastructure product test preparation and execution function ensures that the Technology Infrastructure Design has been properly implemented, and that the infrastructure can support the development, execution, and operations architectures. Additionally, this group tests the deployment of the new Technology Infrastructure and its integration with the current Technology Infrastructure. Business capability release test and pilot conducts the product level and overall capability tests to evaluate the integration and operation of the business capability release. These tests start with a controlled test of the application and its interaction with the technology infrastructure. They progress to a pilot of the business capability that evaluates the capability in the operational environment.
A group for application product test preparation and execution creates the application product test scripts from the test conditions and cycles that were created in the Plan Application Product Test base practice. This group tests the new application before it moves into production; reviews the test results and monitors the application's performance. The group makes changes as necessary, and investigates discrepancies between the actual and the expected results, taking appropriate steps to resolve those discrepancies. The group completes a comprehensive model for the application product test. One other function is that it verifies, before conversion, that the new application meets requirements as defined in the Application Requirements
Specification.
A group or function for business capability release test preparation and execution creates capability release test scripts from the test conditions and cycles that were created in the Plan Business Capability Release Test base practice. The group or function ensures that the business capability release will be able to support the
Business Performance Model. The group runs the test(s) in a controlled environment before pilot testing. The goal of the test is to ensure that all elements of the business capability release are integrated properly.
The last function within capability is pilot implementation. This group ensures that the business capability, as defined in the Business Case and the Business
Performance Model, can be successfully completed. The group or function addresses key implementation issues and validates the implementation approach. This is the first deployment of the business capability in an uncontrolled environment. The pilot implementation can be used to establish metrics and define the criteria to be met before a full deployment of the business capability can occur.
5.0 CHANGE ADMINISTRATION
Change administration is an advantageous function in an information technology network. Change administration enables the controlled and repeatable management of information technology architecture components as they evolve in both development and production environments. A change administration group or function implements a process by which the various information technology units, project teams, and business units communicate, implement, and document changes in the systems environment. When properly implemented, change administration provides efficient and prompt handling of all change requests. The goals of a strong Change Administration function category are to maintain the integrity of the system and provide traceability for all changes incoφorated into a production environment. A change is defined as anything (hardware, software, system components) that will ultimately alter and/or affect the production environment. As shown in FIG. 7, change control 51 and solution deployment 52 are the principal sub-groups or tasks of change administration 50.
Change Administration is an ongoing process of planning, communicating, coordinating, scheduling, monitoring, and controlling changes to the production environment. It is the process that protects the production environment from changes that are potentially disruptive or have unacceptable risk associated with them. All projects and requests need to go through the Change Administration process. The level of detail required for the change request as well as the speed in which the change is implemented will vary according to the type of change requested. The Change Administration process should be developed to handle all types of change requests, including standard change requests, administrative change requests, and emergency change requests. While each of these types of change requests would be handled differently, all would require some form of change control (planning, scheduling and communication). For example, a simple request to change a frequency of a report may be handled as a user request, and its planning approval, scheduling, and communication could all occur simultaneously. But a larger request for a new application would also go through the planning approval, scheduling, and communication process, and then require a more detailed project plan.
During the planning phase of the change process, an impact analysis may be performed to determine the level of complexity and ultimately the cost associated with that change. A central management organizational group (Change Control Committee), who represent key operational components of the business, are typically involved in the approval/ disapproval of these change requests.
Change Administration functions are infrequently done in isolation from other functions in this framework, but usually occur in conjunction with other functions, such as: • Customer Service Management and Vendor Management - managing changes for vendor software ensuring compliance with Service Level Agreements • Service Control - receiving user change requests and communicating change information through the Service Desk
• Project Request Management and Project Management - a project is another form of a change and is approved and scheduled by the Change Administration function category
• Network Systems Management - many day-to-day operations base practices (i.e., operating system modifications, backup failure and fixes, changes to batch job scripts, etc.) and events (i.e., hardware failures) are other forms of change that still need to be logged and tracked. • Application Management - enhancements to applications and various database administration tasks are changes that need to be logged, tracked, and controlled by Change Administration prior to implementation into production
• Risk Management - risk assessments are a desirable part of the Change Administration function category • Asset Management - can provide alerts to the Change Administration function category when unauthorized changes have been entered into the production environment and the Change Administration function category can provide advanced notification when changes to the production infrastructure are going to occur
• Quality Management - Change Administration is responsible for the quality of the changes entering the production environment
• Governance & Strategic Relationships - Change Administration can act as the review vehicle for new or upgraded policies in an information technology enteφrise. 5.1 Change control
A change control group plans, manages, schedules, and coordinates all changes to the environment. Change Control is the process by which operations development and business process areas communicate, implement, and document changes in the environment. Change control allows the impact of the change to be assessed along with the merits, timeframes, etc. This group monitors the change process to make sure that changes are delivered according to established plans. The group or function also finalizes release planning and provides communications to end users concerning the change process. The group or function is additionally responsible for rationalizing multiple change requests against one another to determine what changes should actually take place. FIG. 24 depicts groups or tasks within change control 51, including change planning 511, change communications 512, and migration control 513. Change planning addresses how all changes are handled, coordinated, implemented, and documented in both production and development environments. Change planning coordinates the release of updates to the IT environment and defines the requirements for the change (i.e., a new version of software, data, user procedures, training, or support materials). A release is defined as maintenance changes to an application, operating system, or firmware that are made prior to the readiness of a version change to be sent to a user. An upgrade is defined as a maintenance change to hardware that is being made prior to a model change. After a release or upgrade has been tested, it is then ready to be deployed (or "rolled out") to the end user community. A desirable part of the change plan is to conduct an analysis to identify the change type (i.e., emergency fix release or planned release), change priority (severity level), and change category or contents of the change package (i.e., hardware, application software, web content, system software, data, configuration parameters). A change plan includes a Contingency and Backout Plan, and is linked to the Change Communication process in order to inform/include all appropriate parties. The
Change Control Committee members are the central point of contact for these base practices.
A group or function for change request creation collects and documents all information pertaining to the change request and logs it into the Change Control tracking tool. Completed change requests include the following information:
• Date - when a Service Request has been raised, accepted, rejected, deferred, or implemented
• Change Category
• Change Type (i.e., permanent, temporary, emergency, etc.) • Change Priority - Critical, High, Medium
• Implementation Date • Description of Change
• Reason for change
• Areas Affected (departments, files, directories, hardware, software web content, etc., that may be affected by the proposed change)
• Special Instructions - if applicable Any approvals required
The change request should include change, contingency, backout, testing, and training plans as well as installation documentation, and change/release documentation.
A group or function for change request logging and characterization logs requests into the system. The group confirms that the request is complete and all information is accurately categorized. The group reviews the change request for completeness and accuracy. All change requests are forwarded to the Change Coordinator who reviews them for completeness. If additional information is needed, the Change Coordinator will send the Change Request back to the requester and/or the appropriate support group. If the request information is complete, the Change Coordinator will begin the approval process. In order for a Change Request to be considered, all required information is entered on the Change Request Form. A change impact analysis group performs an impact analysis for a change to determine if the change is an emergency or planned. Change requests need to be analyzed in order for the impact to be fully realized and prioritized for resource puφoses. The analysis may be based on such things as cost, performance, resources, organization, timeframes, network configuration, or architecture issues. A related but distinct function or group is change criticality. Change criticality determines the criticality or importance of the change. Changes can be classified as standard changes that are reviewed on a regularly scheduled basis and are planned and implemented during an "official" change maintenance window. Changes may also be classified as urgent, but whose implementation cannot wait for review at a regularly scheduled change maintenance window. Other functions may include change approval, charged with approving a change request. Authority to proceed with a change request can come from various sources, depending on the type of change. A change effort group determines the effort required to implement the change. A group for change request milestones identifies dependencies and critical milestones for the change request. A group for change request prioritization prioritizes a change request against outstanding change requests, as change requests may come from multiple sources. The enteφrise desirably copes with not only varying types of change, but varying urgencies as well. A release planning function coordinates the functions required to release a new version of any combination of software, data, user procedures, training, or support materials. This group or function determines what will change, the timeframes for the change, and defines the testing and fallback/contingency approaches for a release according to the agreed upon SLAs. The overall release plan is then agreed upon and documented by the appropriate parties. The final group or function in change planning is change scheduling, handled by a change scheduling group. This group creates the master schedule for changes to the environment. The group tracks status and ensures that the change requirements are synchronized to minimize the risk associated with changing the information technology environment. The next function, change communications, has several sub-groups or functions. Change communications informs all affected parties on the status of planned and unplanned changes to the information technology environment before scheduling the changes and after the changes have taken place. As part of change communications, change communications management directs, coordinates, and monitors the communication activities required to implement an information technology change into the production environment. The communications plan for the change will be designed and documented. It has also been found useful to include a function for change schedule confirmation, which verifies that change notifications are consistent with the information contained in the master schedule for changes and communications plan, and that the change contact list is current and correct. A change schedule update function involves tracking all modifications or alterations to a change that affect the implementation schedule. This involves updating the master schedule for changes and notifying the change contact list. A related but distinct function is change schedule reporting, which ensures that the progress or status of a change request is communicated to the change contact list according to the communications plan. Reporting is additionally responsible for change status categories, change requests, etc. Change status categories are defined as:
• New - the change request has been submitted and is awaiting review by the change control board
• Pending - the change request has not been submitted with all required information • Reviewed - the change request has all required information and will be presented at the next change control board meeting
• Denied - the change request was not approved in the change control board
• Approved - The groups/individual(s) responsible for executing the change have received the approval and the change has been scheduled • Aborted - execution of the change request failed
• Completed - execution of the change request was successful
• Closed - the completed change request that did not experience problems has been reviewed by the change control board, and the appropriate configuration information has been updated • Closed with exception - the completed change request that experienced problems that were fixed has been reviewed by the change control board, and the appropriate configuration information has been updated.
Change request reports may be categorized by request number, by role (initiator, manager, controller, etc.), by status, by priority, by due date, by category, by environment, or as desired.
A function for change schedule dissemination notifies all affected parties before a change is initiated according to the communications plan. Change notifications are completed prior to any change. Notifications should be given with enough advance notice so affected parties may plan accordingly. The last function in change control communications is change schedule feedback. This group reports the results (success, failure, change production metrics data, etc.) of the change once it is in the production environment and initiates appropriate action as needed.
Migration control coordinates the movement and maintains the integrity of a release package while in the development and testing environments, before a change is ready to be deployed to a production environment. Besides its main function, migration control contains several other sub-groups or functions. Migration control ensures smooth handling of changes from test environments to staging locations for subsequent release packaging and deployment. In order to do this, Migration Control ensures that the proper updates are received from development, versioned accordingly, and moved into the test environment after the pre-release tests have been successfully completed. Migration Control is implemented to maintain integrity of all master release packages and ensure version control on releases. Examples of a release package include software, data, procedures, and support materials.
A highly desirable function of migration control is to ensure the integrity of code for the puφoses of version control. Migration control also controls the development of all components to ensure new capability development stays on schedule to deploy the new/enhanced capability. Migration control is used in Application Management as well as Capability Development. Note that Migration does not include Operability Testing. Strong security measures are also taken in the migration control function to ensure that the number of people who can make changes to production are minimized and that adequate separation of duties exists.
One group or function within migration control is release package assembly. This group bundles the requirement components of a release, and ensures that it is correct and complete. Assurances are made that the tools, testing, software, space, and version control are in place before a package is released. A release assembly kit function or group identifies all components that are required for release and installation, including proper documentation, instruction kit, interfaces, links, etc. Release package integrity ensures that the changes in the enteφrise environment are synchronized in order to ensure a successful change/release. Master releases should be processed from development, through testing, to production in a like manner to ensure the integrity of all releases. Migration control also includes a group or function for version control implementation. This group ensures that the multiple entities that make up the release package are versioned and controlled. Version control on releases allows for software to be documented thoroughly. Change requests, environment, description, responsible programmer, migration date, problems, and status should be noted for all versions via Change Control personnel. Successful release package release confirmation ensures that tested release packages are stored prior to release. Releases will be tested and confirmation will be noted on the version control documents as to the tester, status, comments, etc. This group is additionally responsible for assigning dates and storing a release until the actual deployment.
Release packaging migration notification ensures that access to tested releases for distribution to the production environment are available to those who require access. Multiple releases can be dependent and need to be deployed in sync and require that users, programmers, and other departments be informed. Deployment and/or Software & Data Distribution personnel are notified of the release status so they can schedule appropriately for possible system unavailability, etc. Migration library maintenance ensures housekeeping is performed on migration libraries. Libraries are maintained for backout and backup puφoses. This ensures that copies of releases are available for any future use, along with supporting documentation that thoroughly describes changes, status, programmers, and owners of release.
A group or function for change backout and contingency planning ensures that backout plans and contingency plans are in place in the event that problems arise. Courses of actions are outlined to reverse change or to serve as alternative methods of achieving desired outcome, in the event of unpredicted consequences. A contingency plan is defined as a detailed plan that explicitly describes the actions that will be taken to correct any problems to the existing information technology environment that may be caused by the implementation of the change. Implementing a contingency plan repairs any damage that may have been caused by the intended change. Conversely, a backout plan is a detailed plan that explicitly describes the actions that will be taken to undo the change, should a problem be encountered when implementing the change.
Implementing a backout plan removes the change to the environment. Change reporting reports on changes made to the operations environment as well as changes put on hold, cancelled, etc. Change reporting generates monthly reports detailing the status of change requests, and in one embodiment, notes completed as well as pending changes. 5.2 Solution deployment
A solution deployment function handles major releases, major initiatives, and major changes that get introduced into environment. Solution deployment provides the input into Change Control so that changes are delivered according to established plans. Solution deployment finalizes Release Planning and provides communications to end users concerning changes. Solution deployment also implements changes for everything within the production environment, including applications and infrastructure, using tested components following a detailed Solution Deployment plan.
Solution deployment prioritizes changes anytime a capability is going to production. In one embodiment, solution deployment includes working from a plan and modifying and expanding the plan accordingly as changes occur. Groups within solution deployment 52 are depicted in FIG. 25, and include deployment planning 521, process deployment 522, organizational deployment 523, technology/environment deployment 524, software and data distribution 525, facilities deployment 526, and post deployment support 527.
A first major task or group in solution deployment is deployment planning. This group gathers the requirements to deploy a new capability or new site and plans the conversion. Deployment planning determines everything from the high-level deployment schedule to individual mandatory deployment base practices. The group or function additionally prepares a detailed deployment plan and schedule, reviews it with appropriate parties, and publicizes (using the Change Communications function set) to prepare the new/enhanced capability to "go live." Deployment Planning is specific to a site for every release change. Contingency plans are also created in this function set. Deployment is synonymous with "rollout." A deployment is defined as a change that is ready to be implemented for the end user community after the Build
& Test functions are complete. In common terms, it may be referred to as "going live" or "conversion." Deployment planning advantageously includes a function or group for deployment schedule confirmation. This group establishes appropriate lead times for deployment of systems to allow users to prepare. Schedules confirmations with internal and external groups may refer to dates, times, contingency dates and times (if problems arise), and deliverables. Another function is deployment schedule impact assessment. This group assesses impact to the deployment schedule provided to internal or external groups, that may occur as a result of feasibility, resource, or lead time issues.
A deployment schedule adjustment group or function adjusts the deployment schedule to accommodate schedule conflicts or requirements for longer lead times.
Managerial approval should be sought for such changes. Deployment contingency planning ensures that backout plans and contingency plans are in place in the event that deployment problems arise. Courses of actions are outlined to reverse deployment or to serve as alternative methods of achieving desired outcomes, in the event of unpredicted consequences.
A process deployment group or function involves the design, build, test, and deployment of new processes required to support the new business solution/capability. This group or function includes requirements gathering and finalization, metrics definition, process design (both conceptual and detailed, and the Build & Test). This group is also responsible for the staging and implementation of new processes into the production environment.
An organizational deployment group involves the deployment of the key elements and structure of the organization to provide a common mental model to all Delivering teams that affect the implementation of the organization chart. The group identifies structures for managing human performance by defining what is expected of people who participate in the business capability operation, the required competencies for people to perform the business capability, and how the performance is managed and sustained. Organizational deployment defines the roles played by individuals, the jobs that they hold, and the teams in which they work. The group uses a Competency Model to document the skills, knowledge, and behavior required to perform in the sponsoring organization. Organizational deployment designs the assessment procedures for following individual or team performance and the mechanisms for encouraging work force development. This group also calculates the staffing needs and provides an approach for filling the necessary positions, applied to both core business capabilities and supporting capabilities.
Technology/environment deployment configures hardware and software components within a system and coordinates interrelationships within and across the system to ensure that all equipment can function together. Technology/environment deployment prepares the physical location for the deployment, including the installation and testing of the equipment prior to allowing the users to utilize the system. This may also include the setup and configuration of testing and staging environments. This deployment includes functions or sub-groups for production acceptance testing, application deployment, and equipment deployment.
A production acceptance testing group or function provides one last check of the new/enhanced capability prior to actual customer signing-on. Once the deployment at a site is completed and the software/data appropriately distributed, Production Acceptance Testing is done by the deployment team as a "mini user test" which ensures that the deployment went as expected. It also tests security of the new functionality in addition to the function's capability.
An application deployment group or function involves the various aspects of deploying the application release such as transferring the work products to production, retiring and archiving unused components, modifying performance support products and learning products, conducting training, authorizing the release deployment, and reviewing and baselining the work products.
An equipment deployment groups installs, configures, tests, and deploys the new infrastructure components into the production environment. Includes the planning for methods, tools, resources, etc.
Software and data distribution are an advantageous group within solution deployment. Distribution updates the software, data, or configuration information on a machine(s), reports the relative success/failure of the distribution, and updates the asset information for the site(s)/machine(s) affected by the distribution. Note that this function relates to the actual Software & Data Distribution of a specific release capability. Primary planning for the overall Software & Data Distribution architecture, tools, and processes is done in information technology Capability Planning. Software and data distribution includes several sub-groups or functions, including software distribution requirements analysis, environment assessment, detailed design and customization, and distribution execution. There may also be groups for review and logging of distribution, and capability assessment. Software distribution requirements analysis reviews and defines the business requirements for distributing software & data for a specific capability release, i.e., number and types of users, number of sites, distribution window, etc. Requirements analysis identifies required specifications related to the distribution, which mat include the following: • Size of distribution
• Required target configuration
• Window for electronic transfer
• Platforms
• Affected applications An example of this might include identifying the amount of free space available on the hard drive memory. Since this base practice can have a direct impact on execution/ application/ operations architecture, it needs to be done early on in the system development life-cycle.
A function or group for current environment assessment reviews and evaluates current environment options (i.e., those already in place in the enteφrise) used for distributing software & data. The environment assessment selects "best fits" for a specific capability release based upon the current available tools/processes and identifies gaps in selected solutions that need to be "fixed" prior to deployment. This group also identifies Software & Data Distribution tools/processes that may need to be implemented in order to meet the requirements of a specific capability release.
Environment assessment also identifies required changes to applications, environments, and/or associated architectures related to a specific capability release. Examples of required changes to the environment may include network bandwidth, workstation configurations, and the like. Detailed design and customization finalizes the Software & Data Distribution approach as well as documents detailed specifications. This group customizes existing Software & Data Distribution processes/tools as needed for the specific capability release, and defines the distribution timeline including detailed steps, dependencies, and critical platforms as well as develops the rollback approach (Contingency Planning). Testing of the detailed design is accomplished as part of the Business Capability Release Test & Pilot function found in the Capability
Development function category. In one embodiment, new Software & Data Distribution capabilities or major changes are handled through Project Request Management.
Software and data distribution execution performs Software & Data Distribution tasks as part of the deployment scheduled for the new capability release.
Software and data distribution review and logging monitors the distribution performance. It tracks and logs distribution-related problems and issues. This group performs emergency fixes or rollbacks as necessary, and additionally documents lessons learned during the Software & Data Distribution. A group for continuous user requirements/current capability assessment documents trends, issues, challenges, and needs with regard to Software & Data Distribution requirements. This group assesses enteφrises' abilities to meet existing and future needs in this area. This function or group makes recommendations for the new and improved Software & Data Distribution tools/processes. The remaining groups or functions within change administration include facilities deployment, post deployment support, and post conversion support and review. A group for facilities deployment defines and deploys new facilities functionality. Facilities deployment analyzes cuπent facilities capabilities and defines new requirements and functions needed to support the new capability. Post deployment support plans in advance for a heightened level of service support directly after deployment of the change. This increased support is scheduled to last a predetermined amount of time (typically 2-4 weeks after deployment). This group schedules additional resources and plans for additional short-term support processes to accommodate the necessary support directly after deployment in anticipation of an increase in service requests from the end user community due to the change event.
Post conversion support provides additional support resources and short-term processes to assist the existing support organization with handling user requests and issues quickly. Typically, the Post Conversion Support base practice utilizes the knowledge and skills of the development team to assist with support for the predetermined time. Post conversion review reviews the conversion/deployment effort once deployment is complete. Review ensures that issues are resolved and that lessons learned, key issues, and key successes are documented for future reference.
6.0 STRATEGY, ARCHITECTURE & PLANNING
Strategy, architecture and planning is an important group or function within information technology framework. This group creates a strategy and plan that outlines the overall information technology capability direction, initiatives, and common information technology processes, organizations, applications, and technology architecture required to support desired business capabilities with optimal efficiency. This is accomplished by working with the enteφrise and business unit strategy teams as well as analyzing technology industry trends. The Strategy, Architecture, & Planning function category provides technology guidance to the broader enteφrise through the definition of common application and technology architecture blueprints.
These blueprints are integrated with the overall business architecture and with the definition of technology guiding principles and standards. These blueprints include the information technology organization, information technology process architectures, application architectures, and delivery vehicle architectures (development, execution, operations and physical network, and computing environments) required to enable the business capabilities.
The Strategy, Architecture, & Planning function category seeks to ensure that the information technology enteφrise is aligned with the business and that there is maximum value, interoperability, and re-use of information technology initiatives. This function additionally evaluates, prioritizes, and plans for the recovery of critical business systems through the Risk Management function set. Desirable groups or functions within Strategy, Architecture & Planning 60 are depicted in FIG. 8, and include strategic planning 61 , capability planning 62, and risk management 63.
The Strategy, Architecture, and Planning function category focuses on planning and balancing long-term, strategic initiatives and quick win business opportunities. Day-to-day operational and administrative tasks are addressed within the Service Delivery and Management & Administration function categories. Groups or tasks within this function category include strategic planning for information technology, capability planning for information technology, and risk management. 6.1 Information technology strategic planning
Strategic planning provides a long-term (i.e., three-to-five year) strategic direction for a information technology enteφrise. The current enteφrise or business unit strategy may seek to establish information technology and business value propositions, technology imperatives, guiding principles, and the technology objectives and implications that need to be addressed by the information technology
Capability Planning function set. Strategic planning addresses the information technology Processes, Organizations, and Technology Architecture needed to ensure that the information technology enteφrise can efficiently support all business initiatives and business capabilities identified by the Business Operating Strategies. This applies to all information technology services (i.e., custom application development, packaged application implementation, or information technology services such as Service Level Management processes).
Information technology Strategic Planning is an iterative process; information technology strategic plans are periodically monitored, reviewed, and updated to ensure relevance to enteφrise, business unit, and industry trends. Any changes to the environment and the related assumptions may impact the overall blueprints and plans. FIG. 26 depicts functions or tasks within strategic planning 61, including information technology strategy 611, sourcing strategy 612, and a capability performance model 613. Information technology defines the strategic information technology direction by identifying the technology imperatives, objectives, and guiding principles needed to enable the overall business strategy. A sourcing strategy examines current and potential sourcing opportunities associated with information technology assets and services needed by the enteφrise. This group or function develops sourcing strategies, conducts market research, coordinates competitive bidding processes, analyzes results, and develops sourcing recommendations. Useful may also be an information technology capability performance model, and a group or function for implementing the model. This group contains the performance targets and indicators for the capability, and defines the different performance goals and metrics and the methods of measurement, presentation, and communication that monitor the performance of the information technology capability. Metrics and definitions are also defined for each of the business integration elements that comprise an information technology capability. These are aligned with delivering the overall information technology Capability Performance Model. 6.2 Information technology capability planning
Information technology capability planning defines the Application and Technology Architectures and key Business Continuity and Protection plans needed to deliver and enable the core business capabilities. Capability planning works with information technology Strategic Planning and Quality Management to ensure that there are people and processes in place to facilitate the inter-operability of Business Capability information technology solutions and to ensure consistent information technology strategy implementation. This group also ensures that the technologies being used by the enteφrise enable the pursuit of business objectives and capabilities, and that sound operations and security practices are being employed. Groups, functions or tasks within capability planning are depicted in FIG. 27. They include process planning 621, organization planning 622, application architecture planning 623, data architecture planning 624, technology architecture planning 625, capacity modeling and planning 626, and architecture standards and compliance 627.
A sub-task of capability planning, information technology process planning defines the key information technology processes and the related performance requirements required to implement the overall information technology function. In defining the information technology processes, the informational technology functional descriptions are used to create the process flows. The process flows define the process initiation steps, the manual/automated processing steps, the exception processing steps, the inputs required, the outputs created, and the responsible parties. The performance model identifies how these processes will be measured. Another sub-task of capability planning, information technology organization planning defines the organization required to support information technology processes. In defining the information technology organization, the competencies/skills required, the culture, organization structure, human capital development plan, the human capital assessment plan, an information technology organization performance model, and the training plan are all addressed. Based on the inputs gathered, an organizational chart, a detailed role description, and associated responsibilities and measurements are produced. Organizational planning works with the Human Performance Management function category to ensure that the proposed organizational changes are viable.
Other sub-groups or tasks include application architecture planning and data architecture planning. Application architecture planning defines the applications needed, their application requirements, performance model, and the application distribution approach needed to enable the business capabilities. Data architecture planning defines the data needed, the data definitions, performance model, and the data distribution approach needed to enable the business capabilities
Another task within information technology capability planning is technology architecture planning. This group defines the enteφrise's technology architecture blueprints and the performance model required to enable the application blueprints in delivering the business capabilities. Technology architecture planning facilitates the reuse of common architecture components and defines environments to facilitate the inter-operability of information technology solutions. This group ensures that the technologies being used by the enteφrise enable the pursuit of business objectives and capabilities, and that sound security practices are being employed. The group also defines the technology architecture blueprints, guiding principles and standards for the development, execution, operations, physical network, and computing environments. Sub-tasks within architecture planning include development, execution, and operations architecture blueprint, as well as physical network and computing blueprint.
A group for development architecture blueprints identifies the development architecture services necessary to build the applications, execution architecture, and operations architecture based on the application requirements and the developer user service class. A group or function for execution architecture blueprint identifies the execution architecture services that support the applications component of the business architecture based on the user service classes and the technology infrastructure. This group understands the criticality of each application that is being addressed by the execution architecture, and addresses all communication services that each application will require (i.e., security, messaging, directory services, virtual resources). An operations architecture blueprint group identifies the operations architecture services necessary to operate the applications, development architecture, and execution architecture, based on the application requirements and the operator user service class. This group ensures that the proposed architecture is practical to build and maintain when defining the operations architecture services. This group or function identifies the service level agreements (SLAs) and operational level agreements (OLAs) required to support the operations architecture, and ensures that the information technology processes and organization that build and maintain these services after the program is completed are included in the business architecture. A physical network and computing blueprint group identifies the physical network and computing architecture required to support the applications, development, execution, and operations architectures based on the application requirements, the business volumes, application/data distribution approach, and location of users. The physical network and computing component is the foundation for one or multiple delivery vehicles; therefore, it is highly desirable that the physical network and computing component fully address the requirements of the delivery vehicle as a whole. This group utilizes the network services in the execution architecture framework as a guide when defining the physical network and computing component. The group documents all guiding principles and assumptions that affect decisions for each physical network and computing component. Another function or group within capability planning is capability modeling and planning. This group ensures that appropriate system (computing and networking) resources are available to handle the business workloads, to enable business capabilities, and ensure that service level targets are reached. This function ensures that enough physical facility is available to house the resources and that enough people are available to manage them. Functions included in this group include business definition and requirements planning, resource data gathering, capacity modeling, capacity plan development, plan implementation and maintenance. A group or task for business definition and requirement planning defines the key business requirements and business drivers that will determine what information technology resources are needed for a specific application during a given time frame. A group or task for resource data gathering collects the key data needed for the puφose of building a capacity model and performing capacity planning. The information for data gathering comes from a variety of sources, both manual and automated. Historical, as well as current data, is gathered in order to understand resource utilization trends, identify peak process periods, and plan for future processing demands. One of the most important aspects of data gathering is accuracy. The accuracy of the data directly impacts the accuracy of the capacity model and the quality of the capacity plan.
Capacity modeling uses automated tools to build a model of the application and identify the system on which the application is running. The capacity modeling tool will then be used to identify the optimal hardware, software, and communications configuration needed to meet desired service levels for the expected workloads.
Capacity plan development summarizes the configuration strategies of the capacity modeling efforts and creates the capacity plan report. The capacity plan documents the capacity requirements and resource upgrades required for the coming year. It will also be used on an ongoing basis to track actual capacity consumption. Capacity plan implementation and maintenance presents the results of the capacity plan, for a given planning period, to management. Once approved, the capacity planning team works with other teams to execute the capacity plan. The team or function continually monitors the actual usage in the business environment and information technology production environment. Business workload volumes, levels of performance, and resource utilization are monitored and compared against planned projections to determine variances. The results are reported on a periodic basis to management.
A group or function may also be used for architecture standards and compliance. Based upon architecture planning guidelines, this group establishes the standards and compliance guidelines for all "technology/architecture" related items
(i.e., software, hardware and configurations) across the information technology enteφrise. This function includes all computing equipment, and the group is responsible for the development, implementation, and compliance of these standards. 6.3 Risk management
Risk management is a third large sub-category under strategy, architecture and planning. Risk management encompasses all functions aimed at identifying and securing enteφrise assets against various forms of business interruption or loss. FIG. 28 depicts tasks classified under risk management 63, including risk mitigation strategy 631, security planning 632, high availability planning 633, and business recovery planning 634. Risk mitigation strategy develops people, process, and technology directions to reduce security risks to an acceptable level. Mitigation determines the most cost effective and efficient mitigation plan in the event of a business risk occurrence. This group or task classifies business assets and develops strategies for securing different classes of assets. This group understands industry best practices in securing assets, and establishes enteφrise direction in security management, including such areas as secure commerce with business partners. The following five subtasks may form parts of the risk mitigation strategy.
Asset and loss impact identification determines those critical assets requiring protection. The group identifies undesirable events and expected impacts. It also values or prioritizes assets based on consequence of loss. Another embodiment may feature threat identification and characterization. This activity identifies threat categories and potential adversaries, and assesses intent, motivation, and capability of adversary or threat. This group determines frequency of threat-related incidents based on historical data. The group estimates degree of threat relative to each critical asset and undesirable events.
Vulnerability identification and analysis identifies potential vulnerabilities related to specific assets or undesirable events. This group or function identifies existing countermeasures and their level of effectiveness in reducing vulnerabilities. The group estimates the degree of vulnerability relative to each asset and threat. A group may be used to determine risks and priorities. This group estimates the degree of impact relative to each critical asset. It estimates the likelihood of attack by a potential adversary/threat. It may also estimate potential likelihood that a specific vulnerability will be exploited. The group or function determines relative degree of risk (risk = potential damage x likelihood of threat occurring), and prioritizes risks based on integrated assessment.
Finally within this group, there may be a task for countermeasure security options selection. This task identifies potential countermeasures to reduce vulnerabilities. The task identifies countermeasure capability and effectiveness and their associated cost. The group conducts countermeasure cost/trade-off analysis, prioritizes options, and prepares recommendations.
A security planning group develops tactical plans to secure environments in order of business priority, based on the Risk Assessment and Risk Mitigation
Strategy. Security planning monitors key technology deployment efforts and provides security requirements and consulting to projects. Security planning includes areas such as tool deployment, awareness/change management programs, compliance programs, etc. This group designs and maintains the security plan based on a periodically updated Risk Assessment as the environment changes. The quick wins groups and other security functions mentioned below are the focus of this group.
A Quick Wins Identification group identifies the high priority vulnerabilities in the system. Quick Wins identification identifies the most egregious security holes that also have the minimum cost impact to the client. Quick Win countermeasures are classified in terms of complexity and length of time required to accomplish them
(generally less than six months from start to operational completion). A group for quick wins implementation planning combines the strategy and plan for implementing the countermeasures identified for each of the quick wins. The strategy should be completed at a level of detail that is acceptable to the client. Prioritization is the key element in this base practice and the client is an essential part of the process. Priority setting, however, may be initiated by the security team.
Security Quick Wins Implementation covers the execution of the implementation activities. This group identifies what it will take to install, test, and deploy the countermeasure of the identified vulnerability. A group or function for solution product analysis assesses security components primarily for longer term solutions. Vendor demonstrations and piloting are included within this base practice. Another group, security options selection ascertains the cost-to-fix against the benefit that the solution provides to the client. This base practice produces a document that is appended to the security plan. Security plan deployment is responsible for the deployment of the security plan. This group tests and stages fixes at various levels. Additionally, this group writes procedures for the operations group. A high availability planning group develops and maintains contingency plans in support of the Risk Mitigation Strategy. This group monitors the support organization's ability to switch to alternate resources when a portion of the system is not or cannot remain functional. This group also ensures that all contingency plans meet previously agreed upon Service Level or Operational Level Agreement targets. Within the high availability planning function, a contingency plan development/ verification/maintenance plan group develops the contingency plans to support the business goals in a comprehensive capability approach including technology, processes, facilities, etc. based upon SLAs/OLAs in effect. In developing the plans, the scope of the plan needs to be clearly articulated. Once the contingency plan has been developed, this base practice monitors any changes to the environment, business or otherwise, that would impact the plan. Occasionally, the plan is verified through testing.
A redundancy architecture guideline development group provides guidelines for redundant resource architectures starting from multiple CPUs, power supplies, etc. within a single server to multiple servers distributed to multiple processing centers with features such as high-bandwidth connectivity, data mirroring, fault tolerance, etc. A redundant resource monitoring group monitors resources to detect utilization and re-routes traffic to other, more available resources. In the event of a resource failure, the redundant resource monitoring group potentially brings on-line standby resources and/or alters other resources to the problem.
A Business Recovery Planning function develops a business recovery plan in the event of a significant or prolonged system failure. Unlike High Availability Planning, the Business Recovery Planning function is concerned with how to quickly rebuild required services in the event of a long-term outage that renders sites (remote or central) unusable. Some key responsibilities include:
• Plan development and maintenance
• Training and testing • Deployment
• Disaster recovery
• Maintain disaster recovery strategy and plan
• Manage hot/cold site coordination • Manage hot/cold site testing
• Implement disaster recovery procedures.
This framework uses Business Recovery to refer to the development of the strategy for recovering functional capabilities in the case of a major disruption or emergency. Disaster Recovery develops the strategy for recovering a system or a portion of the system in the event of a significant system failure caused by a major disruption or emergency. The following ten functions or groups may be considered part of business recovery planning.
Risk mitigation strategy confirmation identifies outage scenarios to be addressed by the recovery plan. The strategy develops preliminary recovery strategies across time, quantifies critical resources by function and develops a recovery timeline.
The function also quantifies and qualifies appropriate recovery options and presents all findings to stakeholders.
Business contingency and resumption plan development identifies and selects alternative recovery sites. It also develops and documents an untested recovery plan and develops and documents appropriate recovery team procedures.
Technical disaster recovery design designs the physical implementation of the hardware and processes recommended in the Risk Mitigation Strategy.
Business recovery maintenance procedure development develops business recovery plan update procedures, training materials, and task responsibility matrix. Disaster recovery maintenance procedure development develops disaster recovery plan update procedures, testing strategy, training materials, and task responsibility matrix.
Disaster recovery plan validation plans and conducts tests to evaluate the validity of the initial disaster recovery plan. It evaluates the test results and revises the disaster recovery plan if necessary. The disaster recovery plan is regularly tested to ensure that the plan remains current. Business recovery plan training conducts training sessions with the business recovery team and awareness training with employees. The group evaluates the training based on feedback from these sessions.
Disaster recovery plan training conducts training sessions with the disaster recovery team and awareness training with employees. This group evaluates the training based on feedback from these sessions.
Business recovery plan approval creates a presentation to present to management to gain approval of the business recovery plan. Once approval is obtained, publishes the business recovery plan. Disaster recovery plan approval creates a presentation to present to management to gain approval of the disaster recovery plan. Once approval is obtained, this group or function publishes the disaster recovery plan.
7.0 MANAGEMENT & ADMINISTRATION The next major function within information technology is management and administration. Management and administration provides the framework for effectively managing information technology enteφrises using sound business principles and practices. Management and administration manages functions that are not always unique to the information technology portion of the enteφrise; therefore, these functions are often performed outside of the information technology group.
However, while these functions may be separate from an organizational standpoint, they are highly desirable from a functional point of view, and are included here to emphasize their importance.
In some enteφrises, some of these non-technology management and administrative functions are performed by separate departments within the larger enteφrise (i.e., a separate Finance organization), while in other enteφrises (especially in outsourcing arrangements and very large information technology enteφrises), the information technology enteφrise itself may be partially or fully responsible for these functions. The principal groups within management and administration 70 are depicted in FIG. 9. These include financial administration 71, quality administration
72, asset management 73, vendor management 74, facilities 75, regulatory compliance 76 and communications 77. 7.1 Financial administration
Financial administration manages the information technology finances, including preparing the budget for the information technology resources and information technology operations, managing adherence to that budget, and establishing a pricing mechanism for selling its services to internal and external customers. All financial matters are included, including the building and maintenance of any Total Cost of Ownership (TCO) information. FIG. 29 shows the principal subgroups or tasks within financial administration 71, including fiscal plan management 711, service costing 712 and pricing, billing and accounting 713, and financial audit compliance 714.
Fiscal plan management provides financial stewardship for the information technology activities of the enteφrise, monitors and authorizes discretionary spending, and reconciles actual expenditures with the information technology plan. This group is responsible for accurate financial reporting. Fiscal plan management includes budget planning and development, budget execution and control, capital budget monitoring, and modeling and forecasting financial plans. Budget planning and development plans and develops the budget for information technology. Budgeting approaches vary by enteφrise. Typically, a traditional budgeting approach begins with last year's budget levels and adjusts for inflation and new programs or activities. In many companies, the necessity of current expense levels are only questioned when operating cost cutting programs are introduced.
Aside from the traditional budgeting approach, a number of other approaches exist and suitability to a particular environment should be evaluated carefully. These approaches include Program, Planning and Budgeting Systems, Zero-Based Budgeting, Operational Audits, The Sunset Concept, Management by Objectives,
Bracket Budgeting, etc. Leading edge companies in this functional area are able to rigorously link strategic planning to business planning to budgets. These budgets are planned at an appropriate level of detail to reflect controllability and risk of expenditures. These budgets are also formulated on the basis of work and not on money to be spent (i.e., activity based budgeting).
Budget execution and control tracks and reports actual performance against the planned budget. This begins with having well-defined Key Performance Indicators (KPIs) in the budget. Other proven practices in leading edge companies include revising business plans and budgets to meet changing business conditions, preparing budgets on a rolling (perhaps 18 months) basis (eliminating annual planning distinctions), empowering managers with spending authority on the basis of "approved budget" (not "signing authority"), and tying the budgeting process to the regulatory review process. Budget execution and control develops budgets for the time frames needed by both managers and regulators. Key performance indicators (KPIs) are viewable to all personnel levels within the organization in order to encourage proactive behavior and prevent overruns. Capital budget monitoring includes planning expenditures for major equipment/facilities on which returns are anticipated to extend beyond one fiscal year. This involves estimating cash flows, calculating the payback period/return on investments, monitoring and approving procurement, and evaluating assets/facilities against a combination of initial investment and continuing costs. The monitoring of the capital budget is particularly unique due to the fact that depreciation, with respect to equipment and facilities, plays a major role in information technology budgets.
Modeling and forecasting enables enteφrises to analyze scenarios in an attempt to simulate the effects of alternative management policies and assumptions. Alternatives can be driven by optimizing management objectives including multi- objective techniques such as goal-programming available through linear programming. Models and forecasting techniques are utilized in the following types of value-added analysis: financial forecasting, financial analysis, capital expenditure analysis, cash flow analysis, cost/volume/profit analysis, cost and price projections, merger/acquisition analysis, new venture analysis, tax planning, exchange rate analysis, capacity planning, etc.
The next major group within fiscal plan management is service costing and pricing. Service costing and pricing monitors costs for information technology services, maintains service pricing algorithms to determine chargeback and/or allocation costs within the organization, and provides input to information technology Marketing. This group may build and maintain a Total Cost of Ownership (TCO) routine and compare internal/external financial benchmarks. Service costing and pricing includes functions for cost/depreciation schedule determining, chargeback and allocation determination, usage trend determining, budget preparation and validation, product/service option identification, service price cost evaluation, cost allocation plan determining, service price catalog maintenance, cost notification, and financial reporting information. Cost/depreciation schedule determination determines the value of purchasing versus leasing based upon equipment, software, and support costs with projected depreciation for the next year. This group works with vendors, asset management, SLAs, and OLAs to obtain this information. They receive updates to depreciation costs from vendors, asset management, etc. throughout the year. The chargeback/allocation determination group determines which items that are part of an enteφrise's overhead need to be charged back to the department, project, or individual and outlines them in a service document or SLA. This group may be responsible for the creation/maintenance of a database of detailed activity.
Usage/trend determination collects data on what services are being used, how often, and when. This data can be used to provide load-balancing information for personnel needed to support the services. The group may be responsible for end user surveys and results. Budget preparation/validation audits budgets prepared by each project or department to ensure accuracy. This group is also responsible for the review of monthly forecasts to plan, and they are responsible for the collection and cross-referencing of data with current service/product cost, expected growth, and past budgetary needs. Product/service option identification identifies product and service options that are offered within an SLA. The group cross-references and documents these products/services.
Product/service definition outlines in detail (in the SLA/OLA documents) the products and services that are available and any outside costs that may be incuπed if the customer goes outside the standard products or services. The group for service price cost evaluation creates a cost model based on the business and pricing strategy. The cost model may take the form of a chargeback structure, a budget structure, or a cost structure for each department or group. Cost allocation plan determination delineates between common infrastructure components and department/user specific components. Cost allocation plans will reflect specific purchases of equipment and services for a given department and will have an associate "over-all" or "seat-charge" for infrastructure components.
Service price catalog maintenance ensures that a list of services and their cost is made available. This list is a living document that is updated frequently. This document is broken down to the lowest level of each service, when possible. Cost notification justifies and provides a breakdown of charges assigned to the customer for a particular service. The final group or function within service costing and pricing is the financial information reporting group. Financial information reporting collects consistent, detailed financial information regarding service costs for each department or project in a company. Financial thresholds are set and the data, and reporting frequency is specified so unnecessary information is not collected.
Billing and accounting includes chargeback and allocation administration and any reporting and trending on chargeback and allocation. Billing and accounting is responsible for the accounts payable and accounts receivable functions for information technology. This group or function gathers the necessary accounting information to calculate actual costs, determines costs based on the Service Costing & Pricing function, bills users for services rendered, and makes payments to service providers based on input from Service Level Management and Service Level Review about the quality and level of service provided. Chargeback/allocation administration collects statistics on systems usage by users, groups, or departments and then allocates charges based on an appropriate chargeback algorithm. Allocation of charges is intended to communicate to the users how much processing services that they are using actually cost. Allocation also monitors the actual payments for services rendered and credits for SLA and OLA violations by the service provider. Chargeback/ allocation reporting and trending reports and trends chargeback results to document and track chargeback activities and goods/services purchased.
The last major group with fiscal plan management is financial audit compliance. Financial audit compliance provides resources and data for internal and external auditors and manages the resolution of any negative findings.
7.2 Quality management Quality management is the second major group or function within management and administration. Quality management monitors, across the enteφrise, how well the information technology environment is being managed and works towards continual improvement of information technology capabilities and services. Quality management ensures that quality is put into every aspect of information technology throughout the enteφrise. Groups or functions within quality management 72 are shown in FIG. 30. They include tasks for the quality plan 721 , quality metrics 722, external benchmarking 723, quality assurance review 724, and continuous improvement planning 725. A quality plan function establishes a course of action for ensuring that quality is put into all aspects of an information technology enteφrise. This includes the communication of the Quality Plan across the enteφrise, as well as maintenance and revision of the plan. Separate functions may be considered for quality plan creation, communication, and maintenance. Quality plan creation creates a plan to infuse quality into all aspects of the information technology organization by setting aggressive goals and creating mandatory quality procedures. A successful plan regards quality as a multi-year investment. Quality plan communication communicates the established quality plan throughout the enteφrise. The plan should include providing the training necessary to the success of the quality plan. Imparts the idea that quality is the responsibility of everyone. A key success factor is "obtaining buy-in" for the Quality Plan across the enteφrise. Quality plan maintenance maintains the quality plan including monitoring the effectiveness and establishing checkpoints.
Quality management includes a quality metrics group, which determines the methods and standards by which quality is going to be measured. The metrics group continually measures and monitors these methods to ensure they are appropriate and reports on the effectiveness of the metrics in place. This function receives key input from the Governance & Strategic Relationships functions. Metrics functions include creation, measurement and reporting, metrics control and metrics review. Quality metrics creation determines the methods that should be used to measure quality. This group researches, defines, and analyzes internal Key Performance Indicators (KPIs) throughout the information technology enteφrise. Quality metrics measurement and reporting measures and assesses the metrics that are currently in place, at set checkpoints, checking effectiveness and ensuring that the standards remain pertinent and up-to-date. Measurement and reporting generates reports presenting the results of the measurement process and distributes to appropriate parties.
Quality metrics control assesses the change of Quality Metrics over time. The group assures that agreed upon quality levels are consistently reported on by regularly and frequently assessing the quality delivered against the target quality levels defined. If Quality Metrics are being violated, Quality Metrics Control is responsible for taking the appropriate action to determine what is causing the violation and to initiate a fix to ensure the best quality in the delivery of information technology services. Quality metrics review schedules and completes reviews to quality on a periodic basis. They provide a formal opportunity to internally get an overall assessment of where the organization stands in terms of quality. They evaluate measurements to see what is going well, what is going poorly, and where fixes are needed.
External benchmarking is the next group within quality management. External bench marking reviews the quality and compares the performance of the information technology enteφrise against similar types of information technology enteφrises using an independent auditing company. The results of these comparisons show an information technology enteφrise its status in relationship to similar enteφrises. This status may justify the initiation or existence of a project, service, team, etc. This function provides an external gauge on the level of quality being delivered. Functions within external benchmarking include data gathering, analysis, and formulation of an action plan. The data gathering group conducts a thorough review of the quality practices that are in place at the information technology enteφrise, gathering detailed information on the enteφrise's current quality practices. The data gathered is categorized and in the same format as the data provided by the benchmarking company. The benchmarking analysis group or function analyzes the results of the benchmark study to attain insight into the enteφrise's quality practices. Through this analysis the organization may gauge its status in comparison to similar types of information technology organizations. The results of the analysis will demonstrate the enteφrise's strengths and outline areas for improvement.
As a result of this activity, another group or function formulates an action plan. The action plan group creates an Action Plan designed to maximize quality, based upon the Benchmarking Analysis. This plan will be developed with the goal of improving areas that fall below industry standards and striving to exceed quality provided by comparable enteφrises.
Quality assurance reviews are conducted by the quality assurance review group or function. This group reviews the services and products provided by information technology on a periodic basis. This group evaluates compliance with overall Quality Management guidelines in an effort to continually improve the quality of the services provided. They evaluate performance against SLAs, comparing delivered service against expected service, in order to assist in determining areas of improvement. They provide a point-in-time internal gauge to quality. Quality Assurance Reviews are not merely responsible for reviewing system performance, but also for surveying & assessing employee satisfaction, process maturity, work environment, leadership, unit knowledge capital contribution skills, and unit metrics. Specific groups or function within quality assurance review are scheduling, audit, and another action plan group. Quality assurance scheduling sets the schedule for providing Quality
Assurance Reviews. Quality assurance audit performs the Quality Assurance Reviews, checking for compliance to guidelines and effectiveness. Quality Assurance Audits include "predefined" Quality Assurance checklists as well as more "free form" interviews and discussion sessions. Action plan creation creates an Action Plan based on the results from the Quality Assurance Review.
The last function within quality management is a group or function for continuous improvement planning. This group ensures that internal reviews are continually being conducted on quality. The group identifies improvement opportunities, maps and re-designs processes, plans improvements, and verifies and evaluates improvements. The group periodically evaluates how well the information technology functions are being performed and what improvements can be made. Functions or sub-groups within continuous improvement include plan assessment, action plan development, and continuous improvement monitoring.
Continuous improvement plan assessment assesses the improvement Action Plan in place. This group reports on the progress made by the improvement plan. A group for action plan development continues to develop and update the Action Plan, documenting and submitting (through the Request Management function) changes necessary for improvement. Continuous improvement monitoring monitors the policies that are in place to implement change. This group or function ensures the adherence of the Action Plan and that the improvement effort is kept on-track. 7.3 Asset management
The asset management group performs life-cycle management of all technology assets within the environment. Functions here include registration and maintenance of asset records and management of licenses for assets. The term "asset" is defined according to the specific enteφrise and may include hardware and software. FIG. 31 shows the function or tasks within asset management 73.
Desirable functions within asset management 73 include asset optimization 731 , procurement 732, inventory management 733, software license management 734, hardware maintenance 735, lease portfolio management 736, and disposition 737. A group or function for asset optimization determines how the enteφrise strategically ensures that the assets it possesses are being utilized efficiently. The optimization group defines strategy for asset lifecycle and determines alternatives for lowering the Total Cost of Ownership of information technology assets by analyzing contracts, assets, utilization, performances, competitive solutions, and service level information to compare with users' expectations. Functions within asset optimization include asset lifecycle strategy development, for determining the recommended life span, maintenance approach, and disposition alternatives for groups of assets, and alternative costing assessment, which analyzes and determines the appropriate financing or costing approach (i.e., leasing, purchasing, etc.), based upon financial guidelines/standards. Procurement works with suppliers and users to identify and acquire products and services for use in information technology. Procurement ensures that proper authorizations exist, monitors adherence to coφorate standards, issues appropriate procurement documentation, and verifies order fulfillment. This function is closely related to the Vendor Management function category. Procurement includes the functions below relating to vendors, orders, returns, and procurement reporting. Vendor information maintenance maintains and updates lists of approved vendors, historical transaction information with each vendor, quality of service, special terms/conditions that apply to a vendor, and existing contracts or regulatory requirements that might affect vendor selection. Vendor portfolio reconciliation reviews and reconciles vendors' portfolios of products and services to ensure that the organization is receiving the appropriate services/products contracted for appropriate pricing/discounts and consistent services. Procurement request logging logs each request, upon receipt, with all required information. For each request received, Procurement verifies that appropriate approval for the purchase has been obtained. For non-standard orders, the technical compatibility of the equipment requested is also verified. Order placement submits an order. Once a request has been approved, a purchase order is generated, and a suitable vendor is identified. Prices, terms, and conditions are negotiated with the vendor before the order is placed. Order notification and an estimated delivery date are sent to the user. Order tracking then tracks orders to ensure delivery occurs on schedule, and that vendors are contacted if issues arise. Order tracking also maintains backlog and backorder information. If applicable, Solution Deployment is notified of delivery dates with sufficient lead-time for any necessary planning. Delivery verification ensures that the necessary quantities of equipment (hardware and software) are delivered to the appropriate locations on time. All assets received are logged in the Asset Management system. Return/replacement management coordinates the return of rejected items or replacement of canceled orders. Reasons for rejection or cancellation should be documented and the costs of processing returns or replacements assessed. Procurement activity reporting reports on information such as items purchased, supplier performance, and deviations from procurement plans. The final activity or group within procurement is asset portfolio optimization. Asset portfolio optimization identifies beneficial modifications to the procurement strategy by reviewing procurement activity reports. This activity provides input to Vendor Portfolio Reconciliation.
The next function with asset management is inventory management. Inventory management captures and tracks information about the information technology asset portfolio (software, hardware, network components, telecommunications, and other equipment), including physical attributes, cost, location, vendor, ownership, and the related procurement contract. Inventory management is responsible for the archival and logging of this information and updating the asset information as changes occur. Functions within inventory management include asset logging, inventory information maintenance and audit, discrepancy reporting and archiving.
Asset logging ensures that the necessary quantities of equipment (hardware and software) are entered into the asset management system correctly, and in a timely manner. Inventory information maintenance updates and deletes asset information in the asset management system, either locally or remotely. The puφose of this base practice is to ensure that the most up-to-date information is contained in the asset management system. Inventory audit performs periodic audits of the Asset Management system and ensures that asset information is accurate. Discrepancy reporting creates asset reports according to user-defined criteria to ensure accurate data. These reports are then distributed to the correct audience based on user requirements. Asset information archiving archives asset information for historical tracking and documentation.
Software license management is another function within asset management. Software license management ensures that software licenses are being maintained throughout the enteφrise information technology environment, manages the number and type of licenses, and ensures strict adherence to license agreements. The several functions below related to licenses are all portions or functions of software license management.
License agreement compliance enforcement searches for and reviews all software to ensure that it is properly licensed. New/increased license acquisition ensures that licenses are purchased, authorized, and tracked for software being used. Expired license/software deletion identifies expired licenses for software that is no longer needed, ensures that the software is removed, and that there is no violation of license agreements. This group is responsible for writing cancellation letters and retiring and removing software. Finally, license maintenance renews license agreements when due or removes applications associated with expired licenses. Another function within asset management is hardware maintenance.
Hardware maintenance includes the planning for and the actual budgeting, scheduling, and performance of maintenance for hardware assets within the enteφrise. Hardware maintenance documents warranty and maintenance coverage for each asset. This group also monitors expiration dates, provides cost projections, and evaluates the adequacy of warranty and maintenance coverage.
Hardware maintenance planning plans for appropriate maintenance by hardware grouping. This group considers account cost, vendor, performance record, warranty, service levels, and procurement plans/guidelines. Hardware maintenance budgeting provides hardware costing information for budgeting functions. Hardware maintenance scheduling ensures that hardware maintenance is applied on time with minimal interference to business activity. Hardware maintenance performance rates maintenance providers against stated metrics (i.e., mean time to repair, mean time to respond, performed on time, etc.) and other providers.
Hardware maintenance includes warranty/maintenance coverage documentation. This group tracks warranty and maintenance agreements on all hardware, and ensures that specific pieces of hardware are not covered under multiple agreements. The group responds to disputes between vendor and client billing for maintenance repair. Hardware expiration date monitoring tracks the expiration of warranty/maintenance agreements on all hardware. This group writes cancellation letters based on the contract, when necessary. Finally under hardware maintenance, warranty/maintenance evaluation determines whether warranty/maintenance agreements should be renewed or allowed to expire.
Another desirable function under asset management is lease portfolio management. Lease portfolio management tracks all information technology asset leases, ensures compliance with lease agreements, monitors expiration dates, analyzes end-of-lease options, and provides financial portfolio information. IT lease tracking monitors the status of information technology asset lease agreements and ensures that lease invoices are tracked. Lease agreement compliance enforcement ensures that both parties, the lessor/lessee are in compliance with the lease agreement. This includes ensuring that payments are made on schedule. Expiration date monitoring tracks lease expiration dates for all assets to ensure that leases are renewed or allowed to expire. The date monitoring group also writes letters of cancellation and tracks adherence to notification dates. Finally under lease management, a group for end-of- lease option evaluation performs a cost/benefit analysis to determine the value of renewing or retiring the lease of an asset. This analysis may factor into depreciation, interest charge, new purchases, maintenance agreements, etc. The last major function of asset management is asset disposition. Asset disposition identifies unused and/or old, "high maintenance" information technology assets, analyzes alternatives ranging from redeployment to retirement, determines the appropriate strategy, and performs data transfer, de-installation, and redeployment/disposal of all information technology assets throughout the information technology operation. This is the traditional asset "decommissioning," retirement, or redeployment function. Other functions or subgroups include asset identification, alternatives analysis, disposition strategy development, de-installation and disposal or redeployment.
Unused asset identification identifies assets that are not being utilized and determines why the assets are not being utilized. Alternative analysis determines whether to keep, retire, or modify an asset. Asset disposition strategy development develops a strategy to dispose of unused assets and ensures that assets that are not utilized are retired. This group determines the appropriate means of disposal (sell, donate to charity, etc.). A group or function for data transfer/ de-installation identifies what data/software may be stored in an asset and determines whether the data/software should be transferred to another asset or should be disposed of entirely. Asset redeployment/ disposal conducts the redeployment or disposal of a specific asset based on the asset disposition strategy. 7.4 Vendor management Vendor management manages relationships with vendors. The vendor management group ensures that good business principles are in place when selecting and working with vendors. They are responsible for vendor selection, contract compliance, contract negotiation, vendor relationship management, and outsourcing selection and management. Major tasks or functions within vendor management 74, shown in FIG. 32, include sourcing analysis 741, contract negotiations 742, contract management 743, and managing vendor relations 744. Sourcing analysis examines cuπent and potential sourcing opportunities associated with information technology assets and services needed by the enteφrise. Functions additionally include:
• Developing sourcing strategies
• Conducting market research • Coordinating competitive bidding processes
• Analyzing results
• Developing sourcing recommendation
Sourcing strategies researches, develops, and documents vendor management strategies required to ensure the most optimal relationship. Sourcing strategies also analyzes business benefits and risks of potential sourcing opportunities and compares them with non-sourcing alternatives. Vendor search and analysis examines potential sourcing candidates through consultation with subject matter experts and investigation of market reports, annual reports, 10-K forms, and similar data in order to determine if they satisfy the elimination criteria. Such analysis is the basis for preliminary candidate selection and is often sent out as a Request for Information (RFI).
Competitive bidding coordination develops and implements the plan for acquiring competitive bids for the proposed sourcing work. Involves all the tasks associated with conducting a Request for Proposal (RFP) process i.e., metrics, invitation letter, transmission of RFP, evaluation, selection, etc. A Request for Proposal (RFP) is sent to a short list of candidates. As part of an RFP vendor candidates may be asked to submit a documented proposal as well as deliver an oral presentation, conduct a product demonstration, or hold site visits. Depending on the size and scope of the solution, detailed functional checklists or business case scenarios may be used as guidelines for evaluation. Result analysis examines the proposal along with any other input data from the vendors (site visits, oral presentations, product demonstrations) and tabulates the results. Subject matter experts are asked to review and rank the data. Sourcing recommendation development compiles an objective assessment of the proposals and all other data for each vendor. The recommendation is then presented to senior management. Open issues and risk summaries can be included in the recommendation.
Contract negotiations, the next major task within vendor management, develops strategies to employ industry standards when negotiating with vendors. Contact negotiations then uses these strategies to negotiate prices, service levels, terms, conditions, and remedies. Additional responsibilities include: • Creating contracts
• Coordinating legal risk and financial reviews
• Managing contract approvals
Contract strategy development identifies the appropriate members of the contract development team, the negotiators, and the key business issues to protect in the contract. Contract creation develops the contract template based upon previous contracts or from an aggregate of generally accepted contract provisions. Key exhibits are identified and developed by both the vendor and customer. Contract creation includes appropriate documentation on Statement of Work and/or Product Acquisition, as well as appropriate operational level agreements. Contract legal/financial review continually reviews and tracks the legal and financial implications of the evolving contract. This continuous review helps to mitigate risks and identify issues as early as possible. Contract approval management reviews and approves vendor contracts prior to acceptance.
Contract management is a longer-term function under vendor management. Contract management tracks contracts and ensures that both suppliers and users are complying with negotiated terms and conditions. Contact management includes contract administration, compliance enforcement, and issue resolution and escalation. It includes additional tasks such as:
• Support for contract inquiries • Escalation of noncompliance issues
• Assistance in problem resolution. Contract administration involves the day-to-day maintenance and administration tasks that are required to manage vendor contracts i.e., measurement and compliance with established metrics. Contract compliance enforcement ensures that service levels, escalation processes, notification processes, and other such contract specifics are followed. Contract inquiry support addresses contract-related questions and verifies recommendations with legal counsel if necessary.
Compliance issue escalation and resolution ensures that proper dispute and issue resolution processes are followed for contract noncompliance. This includes the tasks and procedures that manage the escalation of vendor noncompliance issues and the various resolution strategies to resolve them. Contract renewal/revision keeps the contract up-to-date. In addition to extending the expiration date, the contract details should be reviewed on a regular basis and revised if necessary to maintain an effective win-win relationship for a constantly changing environment.
Another task within vendor management is vendor relationship management. This group builds lasting relationships with outside partners to form long-term strategic alliances. Vendor relationship management includes the account management/business liaison role between the vendor and the enteφrise. It also includes strategies for the best relationship. Vendor relationship strategies development researches, develops, and documents vendor relationship strategy(s) required to ensure the most optimal relationship. Among other elements, the strategy may include: research, marketing, business development, solution development, solution delivery, channel fulfillment, training, etc.
Within vendor relationship management, vendor account management develops and maintains the single point of contact role, i.e., business liaison role, for the vendor and the enteφrise. Depending on the scope of agreement or the vendor stature, possible additional required roles may include the following: Alliance Director, Business Development Director, Marketing Director, Relationship Partner, Knowledge Manager, Solution Center/Practice Manager, Subject Matter Expert, Trainer, Stakeholder, etc. The relationship manager should establish a communication channel and coordinate the investment and activities of each role.
Vendors may at times be service providers and would then be handled through Service Provider Management. Vendor relationship measures the performance of the relationship based on the originally stated and periodically revised business objectives.
7.5 Facilities
A facilities group or function manages the enteφrise facilities, i.e., ensures that facilities are planned and that space is appropriately being used and managed.
Facilities manages all services associated with the physical work environment (such as data centers, equipment closets, wiring information technology infrastructure, etc). Typically, facilities is a separate function outside the information technology department, with its own organization, processes, and technology. Specific Facilities Management functions within the information technology organization focus on the information technology facilities (i.e., Data Center, workspace, wiring infrastructure). FIG. 33 depicts the tasks or functions within the facilities 75 realm. Tasks or groups within facilities 75 may include facilities planning 751, management 752, health and safety management 753, moves/adds/changes 754, facilities inventory management 755, and environmental monitoring 756.
Facilities planning handles the physical space requirements, for given information technology business needs. Facilities planning also addresses issues such as power backup (i.e., the strategy for managing/meeting electricity requirements), regulatory requirements, workstation and backbone wiring, fire suppression, air conditioning, grounding, harmonics, distortion, capacity, maintenance, temperature, and humidity controls.
Facilities management manages security and maintenance for IT building(s) and grounds. Manages all facility-related elements, including HVAC and power, in work environment except PCs (i.e., office space, furniture, and desktop telephones).
This group manages voice/data infrastructure, including cabling and wiring and develops environmental control plans. This function encompasses all ongoing management of facilities as well as any major construction or facilities projects. Health and safety management determines what is necessary at a physical information technology site to comply with any health and safety or regulatory requirements (i.e., OSHA and IEEE) already in existence and prepares a plan to meet those requirements. This group manages the plan for response to emergency situations. Moves/adds/changes (MAC) works in conjunction with User Administration to coordinate all requests for changes to facilities. MAC is responsible for all of the non-technology based components related to a change request. MAC manages new, changing, and departing personnel by processing and fulfilling the facilities requests for work area, building access, etc.
Facilities inventory management manages all inventory related to information technology facilities infrastructure, such as office furniture, physical layout, wiring, telephone, etc. (not PCs). This group differs from Asset Management, which specifically deals with technology pieces. Environmental monitoring monitors the physical, central, and remote environments to ensure they are being controlled according to environmental (i.e., heat levels) and regulatory levels. When necessary, corrective actions are requested and monitored according to predetermined environmental control plans. A complete list of monitored activities include: power, uninterruptible power supplies (UPS), battery, distribution, spike, drop, air conditioning, temperature range, humidity, range for proper operation, security, fire, smoke or heat alarms, halon, water, chemicals, lightning suppression, etc. 7.6 Regulatory compliance
Regulatory compliance establishes and enforces the policies, guidelines, and procedures required for compliance with external and internal regulations. Regulatory compliance manages the compliance of all information technology activities to these regulations that have been established by all applicable governing bodies. FIG. 34 depicts the principal subgroups within regulatory compliance 76 as it applies to information technology include legal risk identification 761, compliance planning and implementation 762, and compliance audit 763. Legal risk identification identifies legal risks and the plans to mitigate these risks. Legal risk area identification identifies and understands legal risk areas in the information technology environment, such as copyright infringement, misrepresentation, slander, defamation, export issues, privacy issues, security issues, etc. Content legal risk identification reviews content types (textual information, dynamic HTML, audio, video, graphics, database driven content, etc.) to determine the legal risks associated with publishing the content. Legal/business requirements identification identifies legal and business requirements pertaining to any group within an organization that need to be developed. The requirements may differ based on the groups of users (system users, internal to company, contractors, public, coφorations, governments, etc.).
Legal process planning and compliance creates new and updates existing deliverables/ documents that contain the requirements for Regulatory Compliance, including compliance tracking and oversight. These deliverables/ documents may be used to:
• Document business capability requirements
• Gather requirements for ongoing legal issues • Serve as a communications tool/discussion document for the process in ongoing steps
• Define and carry-out formal contracts
• Maintain formal contracts
Regulatory compliance planning assesses any impact on products and services and determines the plan, approach, procedures and tools for addressing regulations.
This group highlights the risks, and develops a milestones and deliverables schedule for regulatory compliance. Regulatory compliance planning establishes the overall audit approach and schedule.
Regulatory compliance plan implementation implements the regulatory compliance plan. This group ensures a high awareness level of the regulatory requirements and implications among the organization by preparing and circulating communications materials to appropriate personnel; briefing the entire organization, and all new joiners to it, of the principal regulatory commitments; and keeping the organization updated of any changes to the commitments and associated risks. Regulatory compliance tracking and oversight performs the day-to-day monitoring of regulatory compliance as follows:
• Monitors the timely delivery of deliverables and fulfillment of obligations of all parties
• Reviews deliverables • Performs correspondence and maintains an audit trail of correspondence
• Communicates with regulations personnel external to the organization • Updates formal contracts
• Identifies ongoing risks and determines action plans
• Manages issues resolution
• Provides general advice to regulatory compliance efforts within the organization
• Ensures that all changes to scope of regulations requirements are subject to rigorous change control, with an audit trail of contract changes
• Acts as liaison with regulatory advisors and other experts as appropriate
• Identifies non-compliance and acts upon quickly Regulatory compliance audit assists to achieve and maintain compliance with appropriate regulations (i.e., environmental and OSHA health and safety regulations) in a practical and cost-effective manner. The intent of any audit is to provide management with an objective evaluation of an enteφrise's operations with respect to standard practice, best management protocols, and regulatory requirements. Subgroups include audit planning and auditing.
Regulatory compliance audit planning confirms requirements, approaches, groups, and schedules for regulatory compliance audits. The planning group or function provides communications materials prior to the audit to the targeted groups. Regulatory compliance auditing conducts meeting(s) for the audit team to understand group(s) to be audited and areas for review. Auditing reviews materials, conducts interviews, compares against regulatory compliance requirements, and documents findings.
The audit group maintains a clear audit trail for audit results, as well as for variations and waivers to the regulations. The audit group also reviews the audit results with appropriate personnel. They identify items to address, high risk areas, and potential disputes. The group documents planned actions and monitors and reports progress. The audit group schedules re-audit as required, and provides reports to management and other appropriate personnel and agencies. 7.7 Communications Communications for management and administration defines and establishes the approach for effective interaction, sharing of information, and coordination of work both within the enteφrise and with clients. Communications determines and conveys the key messages in order to develop understanding and positively affect behaviors and attitudes. FIG. 35 shows the major groups or functions within communications 77, including planning 771, design including communications channels 772, build and test 773, and deployment 774.
Communications planning defines up-front considerations to communications including overall strategy and objectives, audiences, technology, number of employees, culture, and resources available. Communication requirements identification identifies and confirms overall communications needs across the enteφrise. This group develops an understanding of the audience (i.e., who the audience groups are and what they know) including current communications problems and barriers, and desired communication channels. The group reviews current communications events, successes, and areas for improvement. Within the planning group, strategic communications objectives determination identifies the long-term strategic objectives of the communication program, in alignment with overall organizational strategies.
Communications design creates the overall approach for communications, including the key messages, vehicles, and measurement, and develops a long-term communication plan, for internal operations as well as customers and users. Key message creation determines the main messages that need to be conveyed as a result of the communications. These messages should be clear, concise, and easily communicated. Key messages are what the sender wants the receiver to gain from the message.
Communication channels determination determines the channels (vehicles) for messages, understanding the strengths and limitations of each vehicle. Different channels allow for different types of messages and delivery of those messages. Channels include e-mail, videotape, voice mail, group meetings, flyers, posters, invitations, signage, banners, Internet pages, intranet pages, databases, quick reference cards, premium items (pens, mouse pads, mugs, etc.), photographs, personal letters, magazine articles, books, and websites.
Communications channels may recommend appropriate media for different puφoses. They may recommend the use of one-way communications to send out information that is routine, detailed, or regards non-controversial topics. Examples of channels for one-way communications are newsletters, brochures, billboards, flyers, etc. The group may recommend two-way communications when messages require discussion or interaction between those individuals sending the message and their audience. Two-way communications are better suited for complex issues, i.e., topics that require agreement, topics that have a strong personal impact, etc. Examples of channels for two-way communications include discussion databases, phone calls, face-to-face meetings, etc.
Communication channels assesses whether communications should be "pulled" (where the audience takes the initiative to get the information, like accessing a database posting or a website) or "pushed" (which means that information is sent directly to the user).
Communication effectiveness identification establishes measurable goals and assessment methods to gauge the success in achieving the communications strategic objectives. Measurement tools for communications can be readership surveys, focus groups, feedback buttons, subscription numbers, page hits, attendance figures, etc. Knowing how and what will be measured in the early stages helps plan for ongoing communication efforts.
Communication plan development creates the long-term communications plan, by gathering the information on the audience, key messages, potential channels, and measurement tools and merging them together to make a cohesive plan of action. The communications plan maps messages to audiences through channels and is used to document: objectives, message, audience, and delivery channels. The communications plan addresses considerations related to time, budget, resources, cultural and technological factors, available communication channels, and any other new or existing barriers to communication.
Communications build and test develops and tests the communications materials according to the communications plan. All deliverables and deadlines determined in the communications plan should be met in this function. Communication templates and standards creation develops templates and communications standards. The group determines standards for written and verbal communications materials, creates a common look among communications channels, determines legal and confidentiality restrictions, distributes the templates and standards, and monitors usage.
Communications materials development builds communications materials and content. This group obtains information from content experts, organizational leadership, presenters, or other appropriate resources. The group determines required approvals and creates additional "collateral" materials to support group meetings and major events i.e., invitations, hand-outs, or agendas needed for group meetings.
Communications testing determines the approach to gathering feedback prior to deployment of the communications and obtains approval. Communications testing helps in gathering feedback in a number of areas such as identifying participants' greatest needs and concerns, determining what is working and what is valuable, obtaining suggestions and recommendations, developing success criteria, and gaining insights.
The last major sub-task within communications is communications deployment. This group delivers communications materials. The group implements communications databases, sends newsletters, conducts meetings or events, distributes e-mail/voice-mail. Following deployment, the group assesses the effectiveness of the communications and determines areas for improvement.
Communications implementation deploys the communications materials. The group conducts group meetings and events, distributes written materials, publicizes
"pull" communications, plans agendas, arranges for speakers, coordinates logistics, and determines budgets and how time will be charged. Communications are used to create enthusiasm, share current news, and help the organization feel connected. This group also responds to unexpected communications requirements that may be identified, by obtaining as much information up front as feasible, and setting realistic expectations in order to get things done.
Communications assessment and improvement assesses the effectiveness of the communications efforts and determines areas for improvement. The group determines if personnel are reading the information provided and if communications are changing behaviors, attitudes and understanding. When possible, the assessment group performs an audience baseline assessment to determine attitudes before the communication program begins. Afterward, the group uses feedback mechanisms or measurements to determine if the objectives have been met. The group preferably solicits feedback only if it will be acted upon.
8.0 HUMAN PERFORMANCE MANAGEMENT Human performance management attracts, develops and retains skilled people with the required knowledge and skills for information technology. This group builds the organization, teams, and culture. Human performance management motivates personnel and manages performance. The function also implements personnel policies and verifies adherence to employment laws. Principal tasks within human performance management are shown in FIG. 10, including coφorate culture planning
81, career management 82, employee compensation 83, competency development 84, and personnel sourcing 85.
8.1 Coφorate culture planning
Coφorate culture planning plans and decides upon the social norms that should be practiced in the information technology work environment in order to create a pleasant and participatory work environment. Culture planning seeks input from individuals and teams and strives to promote belonging and assimilation/integration through its efforts. Functions included within this domain include team-building, dress code, social activities, charitable activities, working environment, diversity, and common business language. 8.2 Career management
The career management group maintains a healthy, acceptable information technology work environment by managing career development, employee morale
(including motivation and satisfaction), employee communications, information technology coφorate culture, incentive programs, and labor relations. The group provides employee advocacy as well as incentives to information technology personnel for superior work performance. Managing employees also includes budgeting for and reporting of the total information technology head count. This activity may be tied closely with the Financial Administration function set. A number of functions or groups are integral parts of career management 82, shown in FIG. 36. These include individual development planning 821, career guidance and counseling 822, mentoring 823, performance feedback 824, performance plan management 825, and promotions management 826. This group's functions also include succession management 827 and rewards and recognition 828.
Individual development planning plans the future career development of personnel in terms of roles, responsibilities, and skills. This group helps identify opportunities for achieving individual career objectives and establishes agreement with personnel on their individual performance objectives relative to their role(s). This activity facilitates development of a career development plan and tracks progress, identifies training needs, and balances individual personal objectives with the needs of the business.
Career guidance and counseling provides a formal counseling relationship to enhance performance, and is supplemented by other informal counseling relationships as determined by the enteφrise. Counseling includes selecting career counselors, providing guidance on methods for improving performance, and evaluating effectiveness. Personnel mentoring management guides the partnering of experienced personnel with less experienced personnel to provide informal advice and guidance in the development of knowledge and skills. This partnering assists in improving performance, making career decisions, and balancing personal objectives with business requirements. This includes establishing a mentoring program, selecting and training mentors, assigning mentors to individuals, establishing relationships, and evaluating the program's effectiveness.
On-going performance feedback management manages the integrated programs and processes, and defines inter-relationships to effectively manage both individual and overall workforce performance. A highly advantageous part of this function is to maintain alignment of the human performance system with enteφrise business goals. This function provides formal advice and guidance to personnel in the development of their skills and responsibilities. The group reviews and evaluates the actual performance of personnel against the objectives and performance criteria outlined in Individual Development Planning, and provides periodic informal feedback against these same objectives and criteria. Human performance plan management establishes objective criteria against which performance can be measured and reviews and evaluates the performance to those objectives. This group identifies development needs, methods to enhance performance, and rewards actual performance based on objectives and performance criteria relative to individuals' role. Promotions management manages the recognition of an individual's ability and potential to perform at the next career level and to motivate people by providing growth opportunities. Promotions Management includes:
• Preparing for promotions process • Collecting promotions readiness input
• Determining promotion readiness for potential candidates
Succession management plans the transfer of personnel into different roles in order to allow for personal development and motivation. Succession planning additionally allows for resilience to the loss of individuals. Rewards and recognition establishes and administers a program for providing rewards (financial or other) and recognition for individual and team contributions. Rewards and recognition is additionally responsible for the following:
• Identifying program objectives
• Determining requirements and overall policies • Establishing incentives and desired behaviors
• Implementing reward program
• Verifying effectiveness
8.3 Employee compensation An employee compensation group provides personnel with the remuneration and benefits based on contribution and value to the organization and growth in knowledge and skills. Compensation is responsible for creating, administering, and monitoring the policies encompassed under compensation, and making periodic adjustments to compensation based on performance. Forms of compensation include employee wages, rewards and benefits. FIG. 37 shows the tasks or groups within employee compensation. There may be groups for information technology skills compensation 831 and contribution payment 832. A market skills compensation group analyzes labor supply and demand analysis. Determination of wages, employment and unemployment, accumulation of human capital and investment in education and training, and roles of unions in wage determination (if applicable) are all handled in this function. Contribution payment tailors the financial package that should be offered to continue to maximize personnel performance.
8.4 Competency development
A competency development group determines how to systematically enhance the capabilities of the workforce and to obtain or build the required competencies for information technology. The group is additionally responsible for the following:
• Personnel orientation and training - providing access to necessary orientation training for information technology personnel to ensure that they can competently perform their information technology responsibilities in the changing environment
• Skills portfolio management - ensuring that the appropriate skills necessary for the delivery of information technology services and solutions are available, identifying gaps between skills needed and skills available, and managing the skills portfolio to minimize the gap. This also encompasses the determination of training and hiring requirements and provides an inventory of skills for internal staff and external contractors so that those skills will be available when needed • Personnel development - providing career development services and performance reviews.
FIG. 38 depicts the groups or tasks with competency development 84. Specific groups or tasks within competency development 84 include personnel orientation and induction 841. This group provides programs and materials for new personnel to enable success in new roles and responsibilities and to speed assimilation into the enteφrise. It informs new personnel of the puφose and function of the enteφrise, and of their role within it. Training management 842 assists in ensuring that personnel have the necessary skills required to perform assignments. Training management confirms the skills required to perform critical tasks and identifies training needs. Additionally, the group provides training through defined programs and materials and ensures that training is received through scheduling. This group is also responsible for delivering and tracking training of the overall workforce and individual employees.
A group for skills forecasting and analysis 843 compiles and analyzes enteφrise skills assessments and gaps for use in planning enteφrise training and sourcing needs. The group identifies the knowledge and skills needed to perform the organization's key business functions and maintains an inventory of knowledge and skills available. They also identify necessary future knowledge and skills requirements, evaluate deficiencies (based on a skills gap analysis of individual + enteφrise needs), and develop a plan to bring the required knowledge and skills to the organization. Skills assessment management 844 identifies the skills and behavior requirements for performing the functions within the business capability. This function or group understands the interactions between different potential roles in the organization. Leadership development management 845 provides development opportunities and support structures for leadership development and enablement in order to lead effectively and to maintain meaningful and lasting results.
Employee motivation and satisfaction 846 measurement conducts surveys on a frequent and annual basis to give both a long-term look at where improvements have been made and where more attention is needed with regard to the employees' overall motivation and satisfaction as well as a feel for the day-to-day morale of employee satisfaction. This function provides an anonymous method for personnel to give feedback. The last function within competency development is labor relations management 847. This group provides the framework for valuing, employing, developing, motivating, and maintaining human resources in an enteφrise. This includes: • Staffing, training, and development
• Organizational behavior and theory
• Compensation and benefits • Labor market analysis
• Labor relations and collective bargaining.
8.5 Personnel sourcing Personnel sourcing acquires new personnel by recruiting and hiring new employees, transferring personnel within the company, and acquiring personnel on short-term contracts. Personnel releases personnel for plan succession & rotation, internal transfers, terminations, and project roll-offs. FIG. 39 depicts the functions or tasks within personnel sourcing 85. Specific tasks or groups or functions include a new employee hiring group
851. This group acquires new employees from outside sources or from other parts of the organization to fill identified workforce needs. They select personnel for specific assignments within the organization. Personnel sourcing develops a list of qualified candidates and defines a selection strategy based on assessed knowledge and skills of the candidates. The group identifies and thoroughly evaluates qualified candidates, selects the most qualified candidates, and attracts the selected candidates.
Other tasks within employee sourcing include new employee recruiting 852. This group attracts and recruits people from outside the enteφrise to fill identified skill requirements. Recruiting identifies the knowledge and skill requirements for open positions, motivates personnel to seek out qualified candidates, and announces the available positions to likely sources of candidates. Additionally, recruiting reviews the effectiveness of recruiting efforts. Personnel transfer 853 considers options for bringing personnel into the enteφrise from other areas of the existing organization, external recruiting, and temporary staffing. This group or function implements the required changes to financial data capture and reporting systems.
There may also be a need for a group for contract personnel acquisition 854. This group defines how to contact, select, and contract with a short-term contractor to fill temporary or specialized needs. The last task within personnel sourcing is a group to release personnel 855. This group releases or transfers a single individual to that of an entire service provision unit or to significantly change the individual's present employment relationship. 9.0 GOVERNANCE & STRATEGIC RELATIONSHIPS
Governance and strategic relationships establishes the structure, set of processes, and underlying philosophies that guide the overall management and oversight of the information technology function and its strategic relationships in an enteφrise. Governance and strategic relationships closely aligns with the business governance structure in place. This group or function is responsible for the initial effort in establishing an enteφrise and the on-going effort in monitoring and modifying the effectiveness of that enteφrise. FIG. 11 depicts the functions, tasks or groups within the governance and strategic relationships 90 area. Governance and strategic relationships 90 is responsible for defining the following: organizational structure 91, governance structure 92, alignment with enteφrise goals 96, executive expectations 97 and decision-making processes, interfaces with other organizations within the enteφrise 93, policies & standards 94, and goals & metrics 95. This function provides high-level input into other information technology functions within Strategy, Architecture, & Planning,
Management & Administration, Human Performance Management, and Program/Project Management.
9.1 Organization definition
An organizational definition function defines the highest level organizational structure and the interaction between the entities of that structure. Organization principles defines the high-level organization principles. Starting with a set of principles, this group helps in the derivation of the high-level organizational structure. The principles represent continuums that the Governance body needs to agree upon as representative of the overall direction of the organizational structure. Sample continuums may include the following:
• Level of redundancy for centralized information technology with Lines of Business (LOBs) information technology organizations
• Role of service providers in the organization - vendor vs. partner
• Level of cross-domain service provider coordination • Level of dependence upon individual based capability vs. process based capability • Selective competencies retained vs. all competencies retained in-house
• Level of control LOBs have over information technology priorities
• Information technology vision and leadership is centralized/distributed A group or function for organizational structure defines the high-level structure of the organization in terms of the organizational principles agreed upon by the stakeholders. Decisions in this situation will evolve around the following types of questions:
• How distributed or centralized will the information technology enteφrise need to be? • What services should be centralized and run in a shared services manner?
• What are the interfaces for the various organizational entities?
• What are the reporting relationships amongst the top tiers of the organization?
A useful tool for describing the range of organizational structures is the Federal information technology model. It represents a continuum of structures ranging from centralized to distributed. The differences between the structures along the continuum, are reflective of the overall leadership and management culture. It is also not unusual to have hybrid structures with perhaps a more distributed approach for inter-Lines of Business(LOBs)/Geos (Geographies) interaction and a more centralized approach for intra-LOBs/Geos interaction. FIG. 40 depicts two tasks arising out of these demands on an organizational definition group 91 : organizational principles 911 and organizational structure 912. 9.2 Governance structures
Governance structures provide the overall Governance Structure within the enteφrise. The culture of the enteφrise and the leadership of the Governance body will, to a large extent, determine the charter of the Governance body, the structure of the Governance body, and the terms and conditions associated with the Governance body. This function set varies significantly between enteφrises. This function set will also determine the membership of the governance structure and the time commitment necessary for the members. FIG. 41 shows one embodiment of a governance structure 92. A function or group for a charter 921 provides a definition of scope for the governance the members to adhere to. The charter may vary widely, from simply fostering improved communications to defining the course for the information technology organization, depending on the intent of the enteφrise. The charter may evolve over time. A sample charter may include some of the following ideas:
• Helps facilitate the ongoing alignment between business and information technology management
• Enforces information technology decision-making processes and authorities • Provides an executive forum for identifying, discussing, and resolving information technology issues and opportunities
A group or function for structure/style 922 defines the overall structure and style in which Governance executes. Structure or style ranges from an executive owner with a command-and-control structure to a steering committee style representative assembly/federation. The structure, to a lesser extent, determines the information flow and the decision-making processes. One particularly useful tool for this puφose is a RACI chart. RACI (Responsible, Accountable, Consulted and Informed) charts clearly delineate roles and responsibilities along the lines of major activities. Other considerations in formulating the structure of the Governance function category include number of parties, hierarchy of players, relationship to
Business Units, etc. Equally central to the structure is the style in which the governance function executes. The decision making style should conform to and reflect that of the broader organization.
A group or function for structure/membership 923 defines the membership of the Governance functions. Key to the success of the Governance function category, especially from an information technology perspective, is participation of business leadership. Based upon membership of business leaders in the Governance body, the sphere of influence will be greater or smaller. Based upon the level of collaboration required and the topics of collaboration, different individuals will be required to participate. The terms for participation will be determined by the issues at hand with a minimal level of membership and participation required from the member entities to sustain the collaboration. Time commitment 924 defines the time commitment of the governance members. This may range between occasional meetings to a full-time dedicated governance organization, depending upon the complexity of the products and services that the enteφrise is delivering. Note that in most instances, the "governance body" is typically a role of the highest level committee of business and information technology leaders that function as an overall information technology steering committee. 9.3 Enteφrise portfolio management
Enteφrise portfolio management defines the decision-making processes between the member entities. This addresses the decision mechanism, the funding approach, and the escalation appeal process. For example, in an enteφrise related to
Application Design and development, many of the decision making processes will govern scope-management related issues. FIG. 42 shows one structure for the subgroups or tasks within enteφrise portfolio management 93, including decision mechanisms 931, funding models 932, and escalation /appeal process 933. A group or function for decision mechanisms defines the decision process mechanism. The mechanism may range from consensus driven to a weighted majority, largely based on the structure of the organization. The membership of the enteφrise will need to agree upon the decision mechanism as early in the lifecycle of the enteφrise as possible. Funding models articulate the funding process, the budgetary cycle, the financial controls, and the delineation between the discretionary and the non- discretionary line items. Information technology in most instances is still viewed as infrastructure and as such allocates costs to the member entities based on usage, infrastructure investments, and discretionary requests. While the allocation method represents a traditional form of cost recovery, other more value-driven approaches are aggressively pursued in order to position information technology as a revenue-enhancing function rather than a cost-center type of function. In the value approach, spending and investment decision-making are formulated along the lines of "value creating" and "value sustaining". The decision- making rigor applied to the information technology asset matches that of any other asset (new production facilities, coφorate acquisitions, etc.). In adopting a disciplined approach to value analysis in this area, non-value added tasks can be identified and appropriately sourced.
As part of the mechanism, an escalation/appeal process or function constitutes a continuum from proposal evaluation to arbitration amongst the member entities. Such a function ensures that issues raised to Governance are addressed with due diligence. In defining the escalation process, the scope of the issues, the schedule of resolution, the ownership of process, and the protocol for resolution need to be articulated. Member entities should agree upon this issue-resolving process early-on. 9.4 Policies and standards 9.4 Policies and standards establishes, monitors, and modifies policies related to information technology. The policies and standards group or function addresses policy issues and communicates policy positions to member entities as required. They work with Human Performance Management of member entities to enforce policy positions and manage variances. FIG. 43 depicts the structure of the groups or tasks within a policies and standards organization 94. Issues typically addressed by this function include information use and management 941 and degree of required standardization 942, and the like.
Information use and management defines key information use and management approaches. Based upon the enteφrise, the flow of information may range from very open to very restrictive. In the virtual enteφrise world, a very open information flow is required to create unique products and services by the member entities for the customer. Regardless of the enteφrise, the ownership of the information and appropriate secondary usage of the information beyond the puφose of the enteφrise needs to be articulated. Standardization defines required levels of standardization across the enteφrise. A key challenge in both the virtual enteφrises and the mergers & acquisitions environment is the level of standardization that will be required of the member entities. Value of standardization needs to be analyzed to determine the level of standardization warranted for a given enteφrise. 9.5 Goals and metrics
Goals and metrics defines business performance objectives and measures to guide administration, policies, and investment decisions. Exclusive of strictly human performance related factors that drive promotion or compensation, there are three classes of metrics. First is impact on the business, arguably best measured using a balanced scorecard. At the information technology level, the measures should "map to" the measures adopted by the enteφrise. So, for example, if the business measures EVA (economic value added), employee retention, and customer satisfaction, the information technology function advantageously measures itself along those same dimensions. Note, in the customer satisfaction instance, there is a tendency for information technology enteφrises to equate this to the internal customer. While this is frequently useful, it does not excuse information technology leadership from understanding, and measuring, the impact of their efforts on the customer of the business.
The next level of measurement is captured at the Service Delivery level. The third is solution delivery efficiency and effectiveness. These high-level Goals & Metrics definitions are input to the Quality Management and Customer Service Management functions. FIG. 44 shows one embodiment of a goals and metrics group
95. Specific functions here include metrics scope 951 and responsibility 952.
Metrics scope defines the key metrics that will constitute success for the enteφrise. Metrics may reflect the organizational boundaries, the products/services, the linkages to overall business goals, or hybrid of these measures. Metrics responsibility defines responsibility for tracking and reporting against the metrics.
Responsibility may mimic the organization of the metrics in terms of member entities' organizational boundaries, geographies, etc. 9.6 Information technology alignment
Currently, businesses' increasing sophistication with information technology is driving a transition to more complex, issue orientation that answers questions such as
"How can I use information technology to achieve breakthrough results for my business going forward?" This new approach is called the New Rules for Information Technology Alignment. The New Alignment Rules move beyond the former paradigm of acquiring business priorities and information technology capabilities. The new rules move right to a focus on delivering value, leveraging virtual resources, and leveraging proven strategies for information technology. During the transition, both approaches to information technology alignment may be valid, depending on the enteφrise's context. Many enteφrises still require the basics of information technology alignment offered by classic alignment approaches. However, an increasingly large number of enteφrises are sufficiently sophisticated in their thinking regarding information technology to benefit from the
New Rules approach. The differentiating question is: Is the client ready to abandon the traditional standards for well-managed information technology needs in support of a new focus on value and leverage? FIG. 45 shows functions within information technology alignment 96, including a classic alignment approach 961, a new alignment approach 962, and a task or group for developing business case standards
963.
Traditional standards are characterized by the following:
• information technology projects are prioritized according to their impact on business strategy • Core competencies are being built or are in place, whereas the current thinking is typified by
• What really matters is a project's actual impact on coφorate value, not on how it ranks among other projects
• The new focus is less on building skills and more on getting the right mix of internal and external skills
• Few companies are solving IT problems for the first (or even the tenth) time; leveraging proven strategies to achieve IT related objectives makes perfect sense.
CLASSIC ALIGNMENT APPROACH. The classic alignment approach focuses on identifying and aligning to the strategic business initiatives where information technology can deliver the most impact and value to the business.
Typically, this approach focuses on five key issue areas, including, but not limited to, the following:
• Investment and Value
• Architecture • Change Programs
• Management and Delivery • Business Impact
Regardless of the area, a "good" issue is a prerequisite to a successful alignment effort. Based on understanding of the key issues in a particular enteφrise, the Classic Approach proceeds with developing a vision, assessing the current environment and, based on the results of these activities, formulating strategies.
NEW ALIGNMENT APPROACH. The New Rules for information technology Alignment address the shift in focus from information technology investment as the result of business strategy to information technology as a vital component to delivering business value. The New Rules leverage proven strategies and trends in resource virtualization to set a direction for information technology that, as a primary objective, delivers value. The New Rules for information technology alignment are:
• Turn information technology loose on top-line growth
• Embrace "givens" and "truths" • Compete on information technology arbitrage opportunities
• Reinvent planning to foster innovation
• Let supply follow demand
• Make fixed investments variable and variable returns fixed
• Manage relationships, not just people One last function or task within information technology alignment is a group or function for business case development standards. This group defines the deliverable format for developing business cases and articulates the process by which business cases are approved. This function is closely related to risk management and typically quantifies the risk related to new projects in light of potential benefits. Based on the level of risk, a more or less rigorous process is typically followed.
9.7 Executive expectations management
Executive expectations management is a final function or group within governance and strategic relationships. Executive expectations management understands, addresses and manages the expectations of key stakeholder groups. FIG. 46 depicts the groups, functions or tasks within expectations management 97. A group for stakeholder expectations understanding 971 confirms the key stakeholder groups. Additionally, this group identifies the expectation gathering approach and gathers and documents the stakeholders' expectations of information technology. Other functions within this area include expectations plan preparation 972, execution 973, tracking 974 and tailoring and improvement 975. Executive expectation action plan preparation consolidates documentation for stakeholder expectations, determines action items and prioritization. This group obtains approval for the executive expectations action plan, and incoφorates this into an annual information technology operating plan. The function or group performs "up front" management of expectations by communicating where expectations will not be met (i.e., not all expectations can necessarily be addressed due to scope, budgets, schedules, etc.).
Executive expectation action plan execution performs the executive expectations action plan to address stakeholder expectations. Executive expectation progress verification assesses progress, by creating progress reports and reviewing performance with stakeholders. This function gathers metrics data where appropriate.
Executive expectations tailoring and improvement identifies areas for improvement in addressing stakeholder expectations. Incoφorates improvements into the executive expectations action plan and begins executing per plan.
This description has been meant to show how several computer systems interact with organizations and functions to form an information technology system.
The information technology system is desirably composed of all these sub-systems, functions, or groups. The advantage is that the integrated whole may be much greater than the sum of its parts, as the parts interact to mange information technology for an enteφrise, of which the information technology system is a part. Applications
An enteφrise using the improved information technology system of this invention may profit in several ways. The enteφrise's information technology system will have improved over its baseline status, using an improvement strategy inline with the enteφrise's needs, priorities, and resource availability. In particular, the information technology framework can be used to identify areas, especially within IT, with a need for improvement. Having made these improvements, application areas which rely on IT may then become more proficient and adept at their tasks. These tasks and application areas may include evaluating business opportunities, planning activities for the enteφrise, managing the enteφrise, transitioning and transforming the enteφrise, alliance processes for the enteφrise, and the like. The benefits may be as extensive as the audiences for the improved IT framework.
While this invention has been shown and described in connection with the embodiments described, it is apparent that certain changes and modifications, in addition to those mentioned above may be made from the basic features of this invention. Many types of organizations may benefit from the use of this invention, e.g., any organization wishing use an information technology system. In addition, there are many different types of computer systems, and computer software and hardware, that may be utilized in practicing the invention, and the invention is not limited to the examples given above. Accordingly, it is the intention of the applicants to protect all variations and modifications within the valid scope of the present invention. It is intended that the invention be defined by the following claims, including all equivalents.

Claims

We claim:
1. An information technology framework, comprising: a customer service management system function; a service integration function; a service delivery function; a capability development function; a change administration function; a strategy, architecture and planning function; a management and administration function; a human performance management function; and a governance and strategic relationships function, wherein the functions cooperate to manage an enteφrise.
2. The information technology framework of Claim 1, wherein at least one of the systems comprising the frameworks includes at least one computer program residing on a digital computer in the enteφrise or accessible to the enteφrise.
3. The framework of Claim 2, wherein the at least one computer program resides on at least one of a mainframe computer, a host computer, a computer network, a network server, an application computer, an application server, a computer peripheral, and a computer workstation.
4. The framework of Claim 1 , wherein the customer service management function includes at least one of a service management function, a demand management function, and a service control function.
5. The framework of Claim 1, wherein the service integration function includes at least one of a program management function, a project management function, a resource forecasting function, and service provider management.
6. The framework of Claim 1, wherein the service delivery function includes at least one of a network/systems management function and an application management function.
7. The framework of Claim 1, wherein the capability development function includes at least one of a capability analysis function, a capability release design function, and a capability release build and test function.
8. The framework of Claim 1, wherein the change administration function includes at least one of a change control function and a solution deployment function.
9. The framework of Claim 1, wherein the strategy, planning and architecture function includes at least one of a strategic planning function, a capability planning function, and a risk management function.
10. The framework of Claim 1, wherein the management and administration function includes at least one of a financial administration function, quality management, asset management, vendor management, a facilities function, a regulatory compliance function, and a communications function.
11. The framework of Claim 1 , wherein the human performance management function includes at least one of a coφorate culture planning function, career management, an employee compensation function, a competency development function, and a personnel sourcing function.
12. The framework of Claim 1, wherein the governance and strategic relationships function includes at least one of an organizational definition function, a governance structures function, enteφrise portfolio management, a policies and standards function, a goals and metrics function, an information technology alignment function, and an expectations management function.
13. An information technology framework, comprising: at least one digital computer; at least one computer memory storage device, operably connected to the at least one computer; software, operating on the at least one computer and the at least one computer memory storage device, where the software has functions for providing at least one of customer service management, service integration, service delivery, capability development, change administration, strategy, architecture and planning, management and administration, human performance management, and governance and strategic relationships.
14. A method for managing information technology for an enteφrise, comprising: managing information technology customer service; integrating services for information technology; delivering service for information technology; developing information technology capabilities; administering information technology changes; planning information technology strategies and architecture; managing and administering information technology; managing human performance for an information technology organization; and providing governance and strategic relationships for the information technology organization.
15. The method of Claim 14, wherein the steps are accomplished at least partly with hardware and software.
16. The method of Claim 15, wherein the hardware is at least one of a mainframe computer, a host computer, a computer network, a network server, an application computer, an application server, a computer peripheral, and a computer workstation.
17. The method of Claim 14, wherein managing customer services includes at least one of a service management function, a demand management function, and a service control function.
18. The method of Claim 14, wherein integrating services includes at least one of a program management function, a project management function, a resource forecasting function, and service provider management.
19. The method of Claim 14, wherein delivering services includes at least one of network/systems management and application management.
20. The method of Claim 14, wherein developing capabilities includes at least one of a capability analysis function, a capability release design function, and a capability release build and test function. t
21. The method of Claim 14, wherein administering changes includes at least one of a change control function and a solution deployment function.
22. The method of Claim 14, wherein planning strategies and architectures includes at least one of a strategic planning function, a capability planning function, and a risk management function.
23. The method of Claim 14, wherein managing and administrating includes at least one of a financial administration function, quality management, asset management, vendor management, a facilities function, a regulatory compliance function, and a communications function.
24. The method of Claim 14, wherein managing human performance includes at least one of a coφorate culture planning function, career management, an employee compensation function, a competency development function, and a personnel sourcing function.
25. The method of Claim 14, wherein providing governance and strategic relationships includes at least one of an organizational definition function, a governance structures function, enteφrise portfolio management, a policies and standards function, a goals and metrics function, an information technology alignment function, and an expectations management function.
26. A information technology frameworks for managing information technology for an enteφrise, comprising: a customer service management function; a service integration function; a service delivery function; a capability development function; a change administration function; a function of strategy, architecture, and planning; a function of human performance management; and a function of governance and strategic relationships, wherein at least one record, activity, task or sub-function from each of the functions resides in a computer or a computer program.
27. A method of managing information technology for an enteφrise, comprising: organizing information technology functions into technology functions, business functions, and an service integration function; and operating the functions.
28. The method of Claim 27, wherein the technology functions are at least one of customer service management function, a service delivery function, a capability development function, and a change administration function.
29. The method of Claim 28, wherein the customer service management function includes at least one of a service management function, a demand management function, and a service control function.
30. The method of Claim 28, wherein the service delivery function includes at least one of a network systems management function, and an application management function.
31. The method of Claim 28, wherein the capability development function includes at least one of a capability analysis function, a capability release design function, and a capability release build and test function.
32. The method of Claim 28, wherein the change administration function includes at least one of a change control function and a solution deployment function.
33. The method of Claim 27, wherein the business functions include at least one of a strategy, architecture and planning function, a management and administration function, a human performance management function, and a governance and strategic relationships function.
34. The method of Claim 33, wherein the strategy, architecture and planning function includes at least one of a strategic planning function, a capability planning function, and a risk management function.
35. The method of Claim 33, wherein the management and administration function includes at least one of a financial administration function, a quality management function, an asset management function, a vendor management function, a facilities function, a regulatory compliance function, and a communications function.
36. The method of Claim 33, wherein the human performance management function includes at least one of a coφorate culture planning function, a career management function, an employee compensation function, a competency development function, and a personnel sourcing function.
37. The method of Claim 33, wherein the governance and strategic relationships function includes at least one of an organizational definition function, a governance structures function, an enteφrise portfolio management function, a policies and standards function, a goals and metrics function, an alignment function for information technology, and an expectations management function.
38. The method of Claim 27, wherein the service integration function includes at least one of a program management function, a project management function, a resource forecasting function, and a service provider management function.
EP00979124A 1999-10-06 2000-10-06 Organization of information technology functions Withdrawn EP1222510A4 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US15825999P 1999-10-06 1999-10-06
US158259P 1999-10-06
PCT/US2000/027857 WO2001025877A2 (en) 1999-10-06 2000-10-06 Organization of information technology functions

Publications (2)

Publication Number Publication Date
EP1222510A2 true EP1222510A2 (en) 2002-07-17
EP1222510A4 EP1222510A4 (en) 2007-10-31

Family

ID=22567316

Family Applications (2)

Application Number Title Priority Date Filing Date
EP00973433A Withdrawn EP1226523A4 (en) 1999-10-06 2000-10-06 Method and estimator for providing operations maturity model assessment
EP00979124A Withdrawn EP1222510A4 (en) 1999-10-06 2000-10-06 Organization of information technology functions

Family Applications Before (1)

Application Number Title Priority Date Filing Date
EP00973433A Withdrawn EP1226523A4 (en) 1999-10-06 2000-10-06 Method and estimator for providing operations maturity model assessment

Country Status (4)

Country Link
EP (2) EP1226523A4 (en)
AU (12) AU7996100A (en)
CA (1) CA2386788A1 (en)
WO (12) WO2001026013A1 (en)

Families Citing this family (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002048935A1 (en) * 2000-12-11 2002-06-20 Skill Development Associates Ltd Integrated business management system
US7937281B2 (en) 2001-12-07 2011-05-03 Accenture Global Services Limited Accelerated process improvement framework
US7035809B2 (en) * 2001-12-07 2006-04-25 Accenture Global Services Gmbh Accelerated process improvement framework
WO2004040409A2 (en) 2002-10-25 2004-05-13 Science Applications International Corporation Determining performance level capabilities using predetermined model criteria
DE10331207A1 (en) 2003-07-10 2005-01-27 Daimlerchrysler Ag Method and apparatus for predicting failure frequency
US8572003B2 (en) * 2003-07-18 2013-10-29 Sap Ag Standardized computer system total cost of ownership assessments and benchmarking
US8566147B2 (en) * 2005-10-25 2013-10-22 International Business Machines Corporation Determining the progress of adoption and alignment of information technology capabilities and on-demand capabilities by an organization
EP1808803A1 (en) * 2005-12-15 2007-07-18 International Business Machines Corporation System and method for automatically selecting one or more metrics for performing a CMMI evaluation
US8457297B2 (en) 2005-12-30 2013-06-04 Aspect Software, Inc. Distributing transactions among transaction processing systems
US8355938B2 (en) 2006-01-05 2013-01-15 Wells Fargo Bank, N.A. Capacity management index system and method
US7523082B2 (en) * 2006-05-08 2009-04-21 Aspect Software Inc Escalating online expert help
WO2008105825A1 (en) * 2007-02-26 2008-09-04 Unisys Corporation A method for multi-sourcing technology based services
US20100312612A1 (en) * 2007-10-25 2010-12-09 Hugh Carr Modification of service delivery infrastructure in communication networks
US8326660B2 (en) 2008-01-07 2012-12-04 International Business Machines Corporation Automated derivation of response time service level objectives
US8320246B2 (en) * 2009-02-19 2012-11-27 Bridgewater Systems Corp. Adaptive window size for network fair usage controls
US8200188B2 (en) * 2009-02-20 2012-06-12 Bridgewater Systems Corp. System and method for adaptive fair usage controls in wireless networks
US9203629B2 (en) 2009-05-04 2015-12-01 Bridgewater Systems Corp. System and methods for user-centric mobile device-based data communications cost monitoring and control
US8577329B2 (en) 2009-05-04 2013-11-05 Bridgewater Systems Corp. System and methods for carrier-centric mobile device data communications cost monitoring and control
US20110066476A1 (en) * 2009-09-15 2011-03-17 Joseph Fernard Lewis Business management assessment and consulting assistance system and associated method
US20110231229A1 (en) * 2010-03-22 2011-09-22 Computer Associates Think, Inc. Hybrid Software Component and Service Catalog
CN103154978B (en) 2010-10-27 2018-03-30 慧与发展有限责任合伙企业 For dispatching the system and method changed
US11172022B2 (en) 2014-02-21 2021-11-09 Hewlett Packard Enterprise Development Lp Migrating cloud resources
US10148757B2 (en) 2014-02-21 2018-12-04 Hewlett Packard Enterprise Development Lp Migrating cloud resources
WO2015153988A1 (en) * 2014-04-03 2015-10-08 Greater Brain Group, Inc. Systems and methods for increasing capability of systems of businesses or other entities through maturity evolution
US10044786B2 (en) 2014-11-16 2018-08-07 International Business Machines Corporation Predicting performance by analytically solving a queueing network model
US9984044B2 (en) 2014-11-16 2018-05-29 International Business Machines Corporation Predicting performance regression of a computer system with a complex queuing network model
US10460272B2 (en) * 2016-02-25 2019-10-29 Accenture Global Solutions Limited Client services reporting
CN106682385B (en) * 2016-09-30 2020-02-11 广州英康唯尔互联网服务有限公司 Health information interaction system
MX2020010922A (en) * 2018-04-16 2021-01-08 Cloudblue Llc System and method for matching revenue streams in a cloud service broker platform.
US11481711B2 (en) 2018-06-01 2022-10-25 Walmart Apollo, Llc System and method for modifying capacity for new facilities
WO2019232411A1 (en) 2018-06-01 2019-12-05 Walmart Apollo, Llc Automated slot adjustment tool
US11483350B2 (en) 2019-03-29 2022-10-25 Amazon Technologies, Inc. Intent-based governance service
CN110096423A (en) * 2019-05-14 2019-08-06 深圳供电局有限公司 A kind of server memory capacity analyzing and predicting method based on big data analysis
US11119877B2 (en) 2019-09-16 2021-09-14 Dell Products L.P. Component life cycle test categorization and optimization
MX2022005750A (en) * 2019-11-11 2022-08-17 Snapit Solutions Llc System for producing and delivering information technology products and services.
US11288150B2 (en) 2019-11-18 2022-03-29 Sungard Availability Services, Lp Recovery maturity index (RMI)-based control of disaster recovery
US20210160143A1 (en) 2019-11-27 2021-05-27 Vmware, Inc. Information technology (it) toplogy solutions according to operational goals
US11501237B2 (en) 2020-08-04 2022-11-15 International Business Machines Corporation Optimized estimates for support characteristics for operational systems
US11329896B1 (en) 2021-02-11 2022-05-10 Kyndryl, Inc. Cognitive data protection and disaster recovery policy management

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1994029804A1 (en) * 1993-06-16 1994-12-22 Electronic Data Systems Corporation Process management system
GB2316506A (en) * 1996-08-21 1998-02-25 I2 Technologies Inc Extended enterprise planning across a supply chain
US5819270A (en) * 1993-02-25 1998-10-06 Massachusetts Institute Of Technology Computer system for displaying representations of processes
US5960417A (en) * 1996-03-19 1999-09-28 Vanguard International Semiconductor Corporation IC manufacturing costing control system and process

Family Cites Families (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4827423A (en) * 1987-01-20 1989-05-02 R. J. Reynolds Tobacco Company Computer integrated manufacturing system
JPH03111969A (en) * 1989-09-27 1991-05-13 Hitachi Ltd Method for supporting plan formation
US5233513A (en) * 1989-12-28 1993-08-03 Doyle William P Business modeling, software engineering and prototyping method and apparatus
WO1993012488A1 (en) * 1991-12-13 1993-06-24 White Leonard R Measurement analysis software system and method
US5701419A (en) * 1992-03-06 1997-12-23 Bell Atlantic Network Services, Inc. Telecommunications service creation apparatus and method
US5586021A (en) * 1992-03-24 1996-12-17 Texas Instruments Incorporated Method and system for production planning
US5646049A (en) * 1992-03-27 1997-07-08 Abbott Laboratories Scheduling operation of an automated analytical system
US5978811A (en) * 1992-07-29 1999-11-02 Texas Instruments Incorporated Information repository system and method for modeling data
US5630069A (en) * 1993-01-15 1997-05-13 Action Technologies, Inc. Method and apparatus for creating workflow maps of business processes
CA2118885C (en) * 1993-04-29 2005-05-24 Conrad K. Teran Process control system
US5485574A (en) * 1993-11-04 1996-01-16 Microsoft Corporation Operating system based performance monitoring of programs
US5724262A (en) * 1994-05-31 1998-03-03 Paradyne Corporation Method for measuring the usability of a system and for task analysis and re-engineering
US5563951A (en) * 1994-07-25 1996-10-08 Interval Research Corporation Audio interface garment and communication system for use therewith
US5745880A (en) * 1994-10-03 1998-04-28 The Sabre Group, Inc. System to predict optimum computer platform
JP3315844B2 (en) * 1994-12-09 2002-08-19 株式会社東芝 Scheduling device and scheduling method
JPH08320855A (en) * 1995-05-24 1996-12-03 Hitachi Ltd Method and system for evaluating system introduction effect
EP0770967A3 (en) * 1995-10-26 1998-12-30 Koninklijke Philips Electronics N.V. Decision support system for the management of an agile supply chain
US5875431A (en) * 1996-03-15 1999-02-23 Heckman; Frank Legal strategic analysis planning and evaluation control system and method
US5793632A (en) * 1996-03-26 1998-08-11 Lockheed Martin Corporation Cost estimating system using parametric estimating and providing a split of labor and material costs
US5960200A (en) * 1996-05-03 1999-09-28 I-Cube System to transition an enterprise to a distributed infrastructure
US5673382A (en) * 1996-05-30 1997-09-30 International Business Machines Corporation Automated management of off-site storage volumes for disaster recovery
US5864483A (en) * 1996-08-01 1999-01-26 Electronic Data Systems Corporation Monitoring of service delivery or product manufacturing
US5930762A (en) * 1996-09-24 1999-07-27 Rco Software Limited Computer aided risk management in multiple-parameter physical systems
US6044354A (en) * 1996-12-19 2000-03-28 Sprint Communications Company, L.P. Computer-based product planning system
US5903478A (en) * 1997-03-10 1999-05-11 Ncr Corporation Method for displaying an IT (Information Technology) architecture visual model in a symbol-based decision rational table
US6028602A (en) * 1997-05-30 2000-02-22 Telefonaktiebolaget Lm Ericsson Method for managing contents of a hierarchical data model
US6106569A (en) * 1997-08-14 2000-08-22 International Business Machines Corporation Method of developing a software system using object oriented technology
US6092047A (en) * 1997-10-07 2000-07-18 Benefits Technologies, Inc. Apparatus and method of composing a plan of flexible benefits
US6131099A (en) * 1997-11-03 2000-10-10 Moore U.S.A. Inc. Print and mail business recovery configuration method and system
US6119097A (en) * 1997-11-26 2000-09-12 Executing The Numbers, Inc. System and method for quantification of human performance factors
US6157916A (en) * 1998-06-17 2000-12-05 The Hoffman Group Method and apparatus to control the operating speed of a papermaking facility

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5819270A (en) * 1993-02-25 1998-10-06 Massachusetts Institute Of Technology Computer system for displaying representations of processes
WO1994029804A1 (en) * 1993-06-16 1994-12-22 Electronic Data Systems Corporation Process management system
US5960417A (en) * 1996-03-19 1999-09-28 Vanguard International Semiconductor Corporation IC manufacturing costing control system and process
GB2316506A (en) * 1996-08-21 1998-02-25 I2 Technologies Inc Extended enterprise planning across a supply chain

Non-Patent Citations (5)

* Cited by examiner, † Cited by third party
Title
BRADSHAW J M ET AL: "eQuality: a knowledge acquisition approach to process management and decision support tools" PROCEEDINGS OF THE TWENTY-FIFTH HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES (CAT. NO.91TH0394-7) IEEE COMPUT. SOC. PRESS LOS ALAMITOS, CA, USA, 1991, pages 58-69 vol.3, XP002451404 ISBN: 0-8186-2420-5 *
GRAW G ET AL: "Support of cooperating and distributed business processes" PROCEEDINGS. 1996 INTERNATIONAL CONFERENCE ON PARALLEL AND DISTRIBUTED SYSTEMS (CAT. NO.96TB100045) IEEE COMPUT. SOC. PRESS LOS ALAMITOS, CA, USA, 1996, pages 22-31, XP002451405 ISBN: 0-8186-7267-6 *
See also references of WO0125877A2 *
SELTSIKAS P: "Information management in process-based organizations: a case study at Xerox Ltd" INFORMATION SYSTEMS JOURNAL BLACKWELL SCIENTIFIC PUBLICATIONS UK, vol. 9, no. 3, July 1999 (1999-07), pages 181-195, XP002451402 ISSN: 1350-1917 *
WEIMIN DU ET AL: "SONET configuration management with OpenPM" PROCEEDINGS OF THE TWELFTH INTERNATIONAL CONFERENCE ON DATA ENGINEERING (CAT. NO.96CB35888) IEEE COMPUT. SOC. PRESS LOS ALAMITOS, CA, USA, 1996, pages 295-299, XP002451403 ISBN: 0-8186-7240-4 *

Also Published As

Publication number Publication date
WO2001026010A1 (en) 2001-04-12
WO2001025877A2 (en) 2001-04-12
AU1431701A (en) 2001-05-10
AU1193601A (en) 2001-05-10
WO2001025876A2 (en) 2001-04-12
WO2001026008A1 (en) 2001-04-12
WO2001025877A3 (en) 2001-09-07
AU1193801A (en) 2001-05-10
WO2001026011A1 (en) 2001-04-12
AU8001800A (en) 2001-05-10
WO2001026014A1 (en) 2001-04-12
AU7756600A (en) 2001-05-10
WO2001026005A1 (en) 2001-04-12
AU1653901A (en) 2001-05-10
AU7996000A (en) 2001-05-10
CA2386788A1 (en) 2001-04-12
EP1226523A1 (en) 2002-07-31
WO2001026028A8 (en) 2001-07-26
AU7866600A (en) 2001-05-10
WO2001025876A3 (en) 2001-08-30
AU8001700A (en) 2001-05-10
WO2001025970A1 (en) 2001-04-12
AU7861800A (en) 2001-05-10
WO2001026007A1 (en) 2001-04-12
WO2001026012A1 (en) 2001-04-12
WO2001026013A1 (en) 2001-04-12
EP1226523A4 (en) 2003-02-19
WO2001026028A1 (en) 2001-04-12
EP1222510A4 (en) 2007-10-31
WO2001025970A8 (en) 2001-09-27
AU1431801A (en) 2001-05-10
AU7996100A (en) 2001-05-10

Similar Documents

Publication Publication Date Title
EP1222510A2 (en) Organization of information technology functions
US8200527B1 (en) Method for prioritizing and presenting recommendations regarding organizaion's customer care capabilities
US6738736B1 (en) Method and estimator for providing capacacity modeling and planning
US7937281B2 (en) Accelerated process improvement framework
CA2470394C (en) Accelerated process improvement framework
US20110054968A1 (en) Continuous performance improvement system
Pilorget et al. IT Management
Persse The ITIL Process Manual
Chemuturi Mastering IT project management: best practices, tools and techniques
WO2007030633A2 (en) Method and system for remotely monitoring and managing computer networks
Letavec et al. The PMOSIG's Program Management Office Handbook: Strategic and Tactical Insights for Improving Results
Melik The rise of the project workforce: Managing people and projects in a flat world
Chen et al. IT outsourcing: A primer for public managers
Spencer et al. Technology best practices
McDowell introduction to “
Van Bon ITIL® 2011 Edition-A Pocket Guide
Webber et al. It Governance: Policies and Procedures
Uçar A qualitative model of the critical success factors for the effectiveness of information systems outsourcing
Kooijmans et al. Value Realization from Efficient Software Deployment
Chittenden IT Outsourcing Part 2: Managing the Sourcing Contract
Lutchman Computerized Work Management Systems for Utility and Plant Operations
Hyder et al. The Capability Model for IT-enabled Outsourcing Service Providers
WO2001008035A2 (en) A system, method and computer program for determining capability level of processes to evaluate operational maturity in an administration process area
Grobstein Software metrics for post deployment software support systems: a case analysis for the chemical accountability management information network
Marquis A Study Guide to Service Catalogue from the Principles of ITIL V3

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20020425

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT

AX Request for extension of the european patent

Free format text: AL;LT;LV;MK;RO;SI

RIN1 Information on inventor provided before grant (corrected)

Inventor name: RYAN, HUGH, W.

Inventor name: FLYNN, MARGARET, M.

Inventor name: DOVE, SHARI, L.

Inventor name: EDWARDS, JOHN, R.

Inventor name: PITT, ROBERT, C.

Inventor name: ROEDERSHEIMER, JEFFREY

Inventor name: GHOSH, NIRMALYA

Inventor name: SIGMUND, LARRY, A.

A4 Supplementary search report drawn up and despatched

Effective date: 20070928

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN WITHDRAWN

18W Application withdrawn

Effective date: 20071219