Governance and Audit of IT in a Post-Recession World. Mark Toomey Author: Waltzing with the Elephant Managing Director Infonomics Pty Ltd Member, Standards Australia Committee IT-030 Member, ISO/IEC JTC-1 WG6. 0:00/1. A little (more) about me…. 0:01/1. - PowerPoint PPT Presentation
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Executive management has sufficient evidence that day to day business operations will not be seriously damaged by unplanned interruptions to operational IT systems.
The full spectrum of costs, risks, opportunities and value derived from the organization's current portfolio of operational IT systems is well understood and acceptable.
• Typical efforts to ensure that IT is doing its job competently…– Rigour– Process– Control– Reporting
… Miss the point!• It’s not just in IT that problems develop:
– Use of IT to achieve business goals involvesbusiness change
• Process• People• Structure• Context
– And necessarily requires that business leaders engage fully:• Being responsible• Setting direction• Planning and implementing
Polishing INSIDE the Kettle improves supply…
… but does not fully address the problem of use!
Governance of IT has to deal with Governance of IT has to deal with how organisations USE IT as well as how organisations USE IT as well as with how IT departments operate.with how IT departments operate.
Governance of IT has to deal with Governance of IT has to deal with how organisations USE IT as well as how organisations USE IT as well as with how IT departments operate.with how IT departments operate.
DeliveryDelivery
UseUseMany issues arise Many issues arise here – outside IT’s here – outside IT’s sphere of control.sphere of control.
Many issues arise Many issues arise here – outside IT’s here – outside IT’s sphere of control.sphere of control.
• Four key elements of operating organisations– People – who participate in business events– Process – what business events take place– Structure – where business events happen– Technology – enabling and recording events
• Operating context of the organisation– External– Internal.
• IT intrinsic to day to day operations – Generic - Email, Telephony, Information– Business process specific - Transactions,
Customers, Etc– Future capabilities and functions.
Page 15
ProcessProcess StructureStructure
PeoplePeople
TechnologyTechnology
The
Busin
ess C
onte
xt
The
Busin
ess C
onte
xt
Based on H.J. Leavitt’s Model of organisational change, published in 1965.
• Four key elements of operating organisations– People – who participate in business events– Process – what business events take place– Structure – where business events happen– Technology – enabling and recording events
• Operating context of the organisation– External– Internal.
• IT intrinsic to day to day operations – Generic - Email, Telephony, Information– Business process specific - Transactions,
Customers, Etc– Future capabilities and functions.
• When IT fails, everything goes pear-shaped– Citylink Melbourne, Tuesday 20 Sept 2006
The purpose of information technology...... we depend on it as a business tool.
Page 16
The Business System
The Business System
Based on H.J. Leavitt’s Model of organisational change, published in 1965.
Governance of IT means evaluating, directing and monitoring the current and proposed future use of IT. It involves overseeing preparation of plans for use of IT, overseeing delivery of business change enabled by IT and overseeing ongoing operational use of IT.
• Weak governance of Pan-Government issues related to ICT.
– Has led to significant fragmentation and duplication
• Lack of standardisation in common processes
• Agency governance mechanisms are weak in respect of focus on ICT efficiency and understanding of organisational capability to commission, manage and realise benefits from ICT-enabled projects.
– ICT vs organisational capability.
Recommendation
• Strengthen Pan-Government Governance
– Ministerial committee on ICT– Secretaries ICT Governance board
with strong mandate• Drive ministerial agenda on whole of
government use of ICT.
– Oversight of opt-outs– Redefine AGIMO role– Establish program board
• Strengthen Agency Governance– Link between policy formulation and
implementation– Best practices in benefits realisation.