ICT6221 Chapter 6 Planning Related IT Processes Paula Goulding

ICT6222 Chapter Outline  Importance of planning to management  Levels of IT planning and implications  Strategic-level IT planning  Tactical-level IT planning  Operational-level IT planning  Global considerations in IT planning

ICT6223 Importance of IT  Must look across all other functions in enterprise  Must integrate business perspectives of other functions  Support specific business requirements at all levels  Deal with turbulent and dynamic environments

ICT6224 Layers of Management Focus

ICT6225 Components of Business Strategic Planning  Define IT mission  Define IT policies to carry out mission  Define business processes, information, and information flows  Define enterprise requirements for information throughout strategic time period

ICT6226 IT Strategy Planning  Evaluate alternate implementation of services, applications, and infrastructure  Define and prioritize strategic objectives with IS policies  Obtain approval for IS strategic plan  Control information systems strategic plan against tactical performance

ICT6227 Application Planning  Schedule of applications to be built or modified within set period of time  Address key functions of enterprise  Review existing and proposed applications –Emerging technologies –Integrated processes –Improved standards in development or maintenance

ICT6228 Considerations in Applications Planning  Abandon traditional approaches based on long-term stability of business environment  Alignment with strategic business objectives is paramount  Applications being considered should demonstrate: –Salience –Worth

ICT6229 Dimensions of Application Portfolio  Organization’s dependence upon the application  Strategic impact of the application

ICT62210 Application Portfolio Matrix

ICT62211 Application Prioritization Matrix

ICT62212 Application Prioritization Matrix  Business impact –Ability of the application to deliver a business benefit  Ease of execution –How many resources the application will consume –How difficult it will be for organization to implement application

ICT62213 Data Planning  Dependent on outcome of application plan  Data architecture may change to include: –Merging data storage technologies –Changes to the database architectures by vendor –Integrated data processes –Improved standards in development or maintenance of data

ICT62214 Objectives of Data Planning  Facilitate cost-effective and timely transformation of raw data into productive information  Facilitate reuse of data and information across the organization  Protect organization's data and information assets

ICT62215 Success Factors of Data Plan  Develop data models of key processes  Define underlying shared data used by key processes  Develop common definitions of “core” data and share with functional groups  Develop common information/data models for key processes  Identify how proposed applications identified in application plan affect data  Apply appropriate governance for data management

ICT62216 System Planning Objectives  Document which systems are planned for development  Document the justification for developing those systems  Identify time frames for developing those systems  Document impact on IT architecture of developing those systems  Document any implications on organization's disaster recovery plan

ICT62217 Network Planning Considerations  Impacts of recent mergers on network capacity  Impact of current network capacity and infrastructure of proposed applications  Opportunities to standardize components/services  Opportunities to consolidate existing services and infrastructure to enhance network: –Reliability –Availability –Service responsiveness –Security –Scalability

ICT62218 Network Planning Considerations  Security of network against threats  Recovery of network from catastrophes  Identification and repair of network performance issues  Customer services  Vendor management and service agreements  Cross-border issues  Hardware upgrade plan  Software upgrade plan  Capital investment plan

ICT62219 Project Planning  Uses results from application, data, network, and systems planning processes  Define technically feasible and manageable projects  Reflect strategic goals and direction  Plans include –Specification of resources –Time frames –Service level requirements

ICT62220 Service Level Planning and Management  Negotiates individual service agreements  Identifies individual requests for recovery, security, and audit ability  Forecasting level and volume of service agreements  Develops preventive maintenance plan

ICT62221 Recovery Planning and Management  Ensures continuation of business operations in event of failure/disaster  Multiple contingency plans  Consolidate recovery requirements for all service agreements  Define business and IT recovery-operating environment  Identify variances between operating environments and agreements  Develop overall recovery plan

ICT62222

ICT62223 Disaster Recovery Plan Elements  Data recovery  Technology recovery  Business-process recovery  Crisis management  Customer-support operations  Facilities  Human resources  Procedures for key suppliers and partners  Public relations and damage control  Protection of intellectual property

ICT62224 Elements of a Business-Continuity Plan

ICT Steps to Promote Continuity  Visualize  Itemize  Prioritize  Categorize  Minimize  Organize  Rehearse  Sponsor/Champion  Vigilant Monitoring

ICT62226 Security Issues  Unauthorized access to systems  Unauthorized access to confidential data  Virus attack  Denial of service attacks on Web sites and  Illegal/unwanted use of computer systems/equipment  Illegal use or monitoring of /Internet  Possible physical or virtual destruction of financial/administrative information

ICT62227 Top 10 Triggers of Unethical Employee Behavior 1.Efforts to balance work and family 2.Poor internal communications 3.Poor leadership 4.Work hours, work load 5.Lack of mgmt. support 6.Need to meet sales, budget, profit goals 7.Little recognition of achievements 8.Company politics 9.Personal financial worries 10.Insufficient resources

ICT62228 Audit Planning and Management  Ensures agreed levels of audit and compliance for systems, application, and services will be met  Evaluate and ensure adequacy of internal systems of control  Securities and Exchange Act of 1934

ICT62229 Fair Information Practices 1.NO personal record systems with secret existence 2.Rights of access, inspection, review, and amendment to systems that contain information about individuals 3.No use of personal information for purposes other than for intent it was gathered 4.Managers are responsible for reliability and security and can be held accountable 5.Governments have right to intervene

ICT62230 Corporate Responsibility Audit Steps  Gain CEO commitment  Appoint steering committee to guide  Appoint auditing team to develop questions  Diagnose corporate culture and investigate functional areas  Analyze mission statement  Seek reasons for inconsistent performance  Collect relevant industry information, benchmark studies, competitor’s information  Interview stakeholders involved in functional areas  Compare internal data and external perceptions  Write final report for managers and audit steering committee

ICT62231 Capacity Planning Importance  Reduces customer dissatisfaction –Identify potential bottlenecks  Reduces productivity decline –Ensures systems can handle peak times  Reduces budgetary constraints –Upgrades budgeted ahead of time  Improves stability –Can identify problems ahead of time and avoid or predict them

ICT62232 Organizational IT Capacity Planning Capacity planning process maturity level Characteristics Level 1 Reactive; firefighting Level 2 Efficient: professional and sophisticated firefighting Level 3 Fewer fires; analysis of problems, start of process improvement Level 4 Process includes procedural improvement Level 5 Process becomes self-correcting

ICT62233 Skills Planning Process  Define manpower requirements  Consolidate manpower required to support project and system plans  Identify existing and planned manpower skills  Establish and evaluate alternate manpower plans  Define effective education plan  Document manpower and education plans

ICT62234

ICT62235 Budget Planning and Value Management  Converts systems plans into financial terms  Identifies how funds will be obtained  Identifies how funds will be allocated  Decouple budget planning process from strategic planning process

ICT62236 Vendor Planning and Management  Outsourcing of services and other IT processes  Measure and monitor performance  Determine corrective action if necessary  Make readjustments if necessary

ICT62237 Management Systems Planning and Monitoring  Collect and summarize IT organization data  Compare results to IT organizational objectives and standards  Diagnose deviation or substandard performance  Analyze variance and initiate effectiveness/efficiency improvements

ICT62238 Management Systems Planning and Monitoring  Define detailed requirements based on enterprise policies  Evaluate alternative standards, procedures, methodologies  Design solutions  Publish instructions for use of standards, procedures, and methodologies  Installing solutions

ICT62239 Operational Level IT Planning  Day-to-day administration and execution of processes and plans  Project-related plans  Effective implementation of requirements at strategic and tactical levels  PMBOK