Presentation is loading. Please wait.

Presentation is loading. Please wait.

IT Effectiveness and Cloud Computing March 2013. Copyright © 2011 Deloitte Development LLC. All rights reserved. 1 Enterprises are faced with important.

Published byDarlene Holland Modified over 8 years ago

Similar presentations

Presentation on theme: "IT Effectiveness and Cloud Computing March 2013. Copyright © 2011 Deloitte Development LLC. All rights reserved. 1 Enterprises are faced with important."— Presentation transcript:

1 IT Effectiveness and Cloud Computing March 2013

2 Copyright © 2011 Deloitte Development LLC. All rights reserved. 1 Enterprises are faced with important operational risks on the road to cloud computing adoption Data controls and ownership Who will own the data when subscribing to a cloud computing service.? Is the data you create, use, and store within a cloud yours? Could your data be viewed, accessed, or used without your knowledge; sold to third parties; used for unknown purposes? Backup, retention, and disposal Is data retention meeting your policy requirements? Is deleted data "really" gone or still preserved somewhere within the cloud? How are data backups and restores handled? Availability and reliability How is reliability, access, and availability "guaranteed" by cloud services providers? Is it through service level agreements? Disaster recovery Is your data protected in the event of a disaster? What are the recovery time objectives and service level agreements? Legal compliance Is your cloud provider adhering to laws/regulations for your industry and in every jurisdiction which applies? Key operational and governance issues must be resolved as cloud computing architectures are deployed in the enterprise, requiring new approaches

3 Copyright © 2011 Deloitte Development LLC. All rights reserved. 2 Enterprises are faced with important operational risks on the road to cloud computing adoption Assurance How will you provide your customers with a level of comfort and assurance on the protection and controls in the cloud environment, especially when involving third parties? Scalability Can your service provider support growing demand from all clients and provide reliable services at high scalability? Are there vendors with mature offerings? Security and encryption Is data secure within the cloud environment? How is security enforced and confirmed? What level of encryption is required to enhance security, and how will this impact operational service levels? Auditing and monitoring Are you ready to apply enterprise risk management and controls, and auditing and monitoring practices to applications and data residing in cloud environments? Vendor “lock-in” What happens if you want to move your data back in house or into another cloud? How open is the existing cloud and what support will the vendor provide? Tax implications Is your enterprise ready to adjust tax processes to meet new needs? Key operational and governance issues must be resolved as cloud computing architectures are deployed in the enterprise, requiring new approaches

4 Copyright © 2011 Deloitte Development LLC. All rights reserved. 3 For most enterprises, the pace of cloud computing adoption will map to the maturity of the services category Adoption Google Apps Engine Gmail salesforce.com Amazon Virtual Private Clouds Oracle On Demand Microsoft Hosted E-mail Hosted VMware Should be actively watched and potentially tested on a small scale. Risks still exist and technology has not been fully tested. Should be tested through pilot studies. Business owners should be assigned and business cases developed. Broader implementation should be considered. Scale-up piloting with plans to implement. Nascent technology pilots Early adopters, growing adoption Stable technology, Significant adoption Amazon Web Services Mozy Force.com IaaS SaaS PaaS Vendors at various stages of maturity service- now.com The rate of adoption of cloud computing is tied to the vendors’ levels of technical and functional maturity, and their suitability to enterprise-class levels of performance, reliability, and resiliency Rightnow Workday

5 Copyright © 2011 Deloitte Development LLC. All rights reserved. 4 4 IT Effectiveness IT: noun. Tools, processes, methodologies, hardware and software used to collect, process and present information Effective: Adj. Adequate to accomplish a purpose; producing the intended or expected result What is IT Effectiveness? IT Effectiveness: noun. A structured assessment of IT and its alignment to the organisation’s strategic and operational objectives

6 Copyright © 2011 Deloitte Development LLC. All rights reserved. 5 Are IT Departments incentivised to source cost effective IT Services, even if that means using a third party? IT Strategy Alignment Risk : Opposing strategic decisions taken by management and IT lead to the inability of the organisation to react quickly to regulatory or operational change. User Perception Risk: The performance of the workforce may be undermined if IT services do not meet user requirements. IT Service Delivery Assessment Risk: Availability of services may be compromised or the cost of the service may be prohibitive. IT Expenditure Assessment Risk: expenditure within IT may be inappropriately allocated between investment into “business as usual” activities and activities that support growth and innovation. Effective sourcing of IT services can bring substantial efficiencies. We look at how IT Management can be challenged on IT sourcing decisions.

7 Copyright © 2011 Deloitte Development LLC. All rights reserved. 6 User perception User Perception Risk: The performance of the workforce may be undermined if IT services do not meet user requirements. Disaster recovery Desktop connectivity

8 Copyright © 2011 Deloitte Development LLC. All rights reserved. 7 User perception User Perception Risk: The performance of the workforce may be undermined if IT services do not meet user requirements.

9 Copyright © 2011 Deloitte Development LLC. All rights reserved. 8 IT Service Delivery Assessment Risk: Availability of services may be compromised or the cost of the service may be prohibitive.

10 Copyright © 2011 Deloitte Development LLC. All rights reserved. 9 Observations & Actions Process Maturity of retained organisation Organisations strive to improve the maturity of retained processes that have been identified as key interfaces into the industrialised processes. The Transition & Transform phase of vendor on-boarding will implement a robust transition plan, in collaboration with the vendor, to transition the workflows to the selected vendor while implementing retained organisation process re-design. The retained key interfaces into the build factory have undergone process improvement since the set-up of the build factory. However, process detailing has not been subject to a graded maturity assessment for appropriateness. The grading will help to encourage consistency in design and help the author to identify an appropriate target level of detail. Maturity Historic: Processes have been historically executed by knowledgeable personnel with all necessary procedures and supporting documentation not being complete. Current: The need to industrialise has necessitated the formalisation of some procedures with completed documentation. Some progress has been made but there is a significant lack of “version 1” procedure sets. Target: To gain maximum benefit from the Build Factory, all interfacing procedures up-stream of the Build Factory are to be universally baselined and subject to change control 1.A methodology should be defined for assessing then grading of the end to end processes that require additional rigour. Risk: Less formalised and immature processes cannot be effectively industrialised leading to inefficiency, and errors. Level 1Level 2Level 3Level 4Level 5 Informal processes using experienced personnel Process well understood but not fully documented Structure and mostly documentedHighly structure, regularly reviewedOptimised for efficiency and accuracy Good Practice Observation Rationale Improvement Actions H CT Action ThemeScope Group

11 Copyright © 2011 Deloitte Development LLC. All rights reserved. 10 What is IT Effectiveness? Value added Outputs

12 Microsoft vs The World An Audit Perspective March 2013

13 Copyright © 2011 Deloitte Development LLC. All rights reserved. 12 When auditing we often focus on the single largest component of the IT environment, namely the Microsoft products However it would be extremely unusual for an IT environment to function solely on Microsoft products. Java Open Office Adobe iTunes Open Source Linux Chrome Free / Nag /Shareware Portable software

14 Copyright © 2011 Deloitte Development LLC. All rights reserved. 13 What do we do for Microsoft products? What can we learn from these and how can we apply it to non-Microsoft products?. MBSA WSUS Microsoft Update CERT Advisories Nessus BackTrack Patch Tuesday

15 Copyright © 2011 Deloitte Development LLC. All rights reserved. 14 What questions should we ask? And have IT considered any of them? What are the risks? Maliciousness, Tampering, Poor QA, Override of Controls Who are the worst offenders? IT Departments, IT Experts Availability and reliability Ongoing support Legal complianceLicensing? Unfortunately there is no one size fits all approach, be aware of the potential issues and know when to ask for expert advice If it’s not explicitly blocked then it’s probably happening somewhere in your organisation

16 Copyright © 2011 Deloitte Development LLC. All rights reserved. 15 Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited (“DTTL”), a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.co.uk/about for a detailed description of the legal structure of DTTL and its member firms. Deloitte LLP is the United Kingdom member firm of DTTL. This publication has been written in general terms and therefore cannot be relied on to cover specific situations; application of the principles set out will depend upon the particular circumstances involved and we recommend that you obtain professional advice before acting or refraining from acting on any of the contents of this publication. Deloitte LLP would be pleased to advise readers on how to apply the principles set out in this publication to their specific circumstances. Deloitte LLP accepts no duty of care or liability for any loss occasioned to any person acting or refraining from action as a result of any material in this publication. © 2011 Deloitte LLP. All rights reserved. Deloitte LLP is a limited liability partnership registered in England and Wales with registered number OC303675 and its registered office at 2 New Street Square, London EC4A 3BZ, United Kingdom. Tel: +44 (0) 20 7936 3000 Fax: +44 (0) 20 7583 1198. Member of Deloitte Touche Tohmatsu Limited

Download ppt "IT Effectiveness and Cloud Computing March 2013. Copyright © 2011 Deloitte Development LLC. All rights reserved. 1 Enterprises are faced with important."

Similar presentations

Pros and Cons of Cloud Computing Professor Kam-Fai Wong Faculty of Engineering The Chinese University of Hong Kong.

Pros and Cons of Cloud Computing Professor Kam-Fai Wong Faculty of Engineering The Chinese University of Hong Kong.
RISK ADVISORY SERVICES Green State IT Strictly Private and Confidential 29 September 2014 An initiative towards higher maturity for managing software.

RISK ADVISORY SERVICES Green State IT Strictly Private and Confidential 29 September 2014 An initiative towards higher maturity for managing software.
The Gathering Cloud computing - Legal considerations David Goodbrand, Partner 28 February 2013 Aberdeen Edinburgh Glasgow.

The Gathering Cloud computing - Legal considerations David Goodbrand, Partner 28 February 2013 Aberdeen Edinburgh Glasgow.
Deloitte UK screen 4:3 (19.05 cm x 25.40 cm) © 2013 Deloitte LLP. All rights reserved. April 2013 Parameters of Competition for a Turkish International.

Deloitte UK screen 4:3 (19.05 cm x cm) © 2013 Deloitte LLP. All rights reserved. April 2013 Parameters of Competition for a Turkish International.
Government Finance Profession Annual Conference 19 th and 20 th November 2009 Margaret Ewing Partner and Vice Chairman Deloitte Managing Out of a Recession.

Government Finance Profession Annual Conference 19 th and 20 th November 2009 Margaret Ewing Partner and Vice Chairman Deloitte Managing Out of a Recession.
Deloitte CFO Survey Q1 2013 Fewer risks, greater optimism Feel free to use these slides in your presentations Internal webinar event, 16 th April CFO Survey.

Deloitte CFO Survey Q Fewer risks, greater optimism Feel free to use these slides in your presentations Internal webinar event, 16 th April CFO Survey.
PwC Role of Internal Audit in Corporate Governance September 2010 Tumin Gültekin, Partner.

PwC Role of Internal Audit in Corporate Governance September 2010 Tumin Gültekin, Partner.
Live for today as if it is your last day but plan for tomorrow as if it will last forever!

Live for today as if it is your last day but plan for tomorrow as if it will last forever!
The Cloud: Demystified Neil Cattermull Frontier Technology.

The Cloud: Demystified Neil Cattermull Frontier Technology.
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
Financial structure, management, and IFRS Reporting Creating value for growth Presenter: John Robinson Partner.

Financial structure, management, and IFRS Reporting Creating value for growth Presenter: John Robinson Partner.
Cloud Computing Stuart Dillon-Roberts. “In the simplest terms, cloud computing means storing & accessing data & programs over the Internet instead of.

Cloud Computing Stuart Dillon-Roberts. “In the simplest terms, cloud computing means storing & accessing data & programs over the Internet instead of.
Presentation to the Housing Technology Conference Tim Cowland- Senior Consultant 27 th February 2014 The Rise of the Housing Cloud.

Presentation to the Housing Technology Conference Tim Cowland- Senior Consultant 27 th February 2014 The Rise of the Housing Cloud.
Deloitte UK screen 4:3 (19.05 cm x 25.40 cm) © 2012 Deloitte MCS Limited. All rights reserved. Storage Challenges Client Conundrums David RS Rogers \ 5.

Deloitte UK screen 4:3 (19.05 cm x cm) © 2012 Deloitte MCS Limited. All rights reserved. Storage Challenges Client Conundrums David RS Rogers \ 5.
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
2nd Global ABC Conference and Exhibition October 2013

2nd Global ABC Conference and Exhibition October 2013
© 2012 Deloitte LLP. Private and confidential. FATCA Update for Individuals Alex Jones November 2013.

© 2012 Deloitte LLP. Private and confidential. FATCA Update for Individuals Alex Jones November 2013.
COMMON CHALLENGES AND SOLUTIONS IN ERM IMPLEMENTATION TO IMPROVE MUNICIPAL CLEAN ADMINISTRATION PROCESS. M.J. RAMAKGOLO (CCSA)

COMMON CHALLENGES AND SOLUTIONS IN ERM IMPLEMENTATION TO IMPROVE MUNICIPAL CLEAN ADMINISTRATION PROCESS. M.J. RAMAKGOLO (CCSA)
Tax Transformation: What does it mean to you?

Tax Transformation: What does it mean to you?
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Similar presentations

Ads by Google