2 -governanca_de_tic_-_uma_visao_do_mercado_gartner_-_claudio_chauke
-
Upload
mayk-campelo -
Category
Education
-
view
307 -
download
0
Transcript of 2 -governanca_de_tic_-_uma_visao_do_mercado_gartner_-_claudio_chauke
This presentation, including any supporting materials, is owned by Gartner, Inc. and/or its affiliates and is for the sole use of the intended Gartner audience or other authorized recipients. This presentation may contain information that is confidential, proprietary or otherwise legally protected, and it may not be further copied, distributed or publicly displayed without the express written permission of Gartner, Inc. or its affiliates. © 2012 Gartner, Inc. and/or its affiliates. All rights reserved.
II Encontro Nacional de Auditores da Tecnologia da Informação-ENAUTI
Governança de TIC – Uma Visão do
Mercado
Claudio Chauke
Executive Partner, Gartner LATAM
Brasília, 06 de junho de 2013
What is Governance?
• Gartner defines "governance" as the process of:
- Setting decision rights and accountability, as well as establishing policies that are aligned to business objectives (preservation and growth of shareholder value)
- Balancing investments in accordance with policies and in support of business objectives (coherent strategy realization)
- Establishing measures to monitor adherence to decisions and policies (compliance and assurance)
- Ensuring that processes, behaviors, and procedures are in accordance with policies and within tolerances to support decisions (risk management)
- Bottom Line: Who decides and by what process?
1
In Undisciplined Times, Successful CIOs Maintain a Continuous Planning Initiative
Use Key Management Tools to Drive Focus and Discipline
Objective Focus Discipline
Strategy Dodge Threats,
Leverage Opportunities,
Meet Objectives
Strategy Process as a
Focusing Exercise
Formal
Development and
Refresh Processes
Architecture Agile and Flexible
Evolution Path,
Provide Resources
Standard, Open,
Service-Oriented
Strongly Enforced
Rules
Governance Efficient and Effective
Collaboration
The Right Links With
Demand and Supply
Formal Roles,
Responsibilities and
Decisions
Leadership Continued Vision and
Guidance
Alignment, Coordination
and Integration
The Right Balance
between
Trust and Control
IT Governance Strategy
IT Governance
• Goals
• Domains
• Decision Rights
• Principles and Policies
Demand Governance is Dysfunctional for Most Public Sector Organizations
Supply
Governance
(How Should IT Do What It Does?)
Demand
Governance
(What Should IT Work On?)
IT Management Primary Responsibility
Architecture
• Plan
• Implement
• Manage
• Monitor Compliance
Sourcing
Project Management
• Plan
• Implement
• Manage
• Monitor Compliance
Procurement • Plan
• Implement
• Manage
• Monitor Compliance
Corporate Compliance
Etc.
IT Supply Governance Domains
• Plan
• Implement
• Manage
• Monitor Compliance
• Plan
• Implement
• Manage
• Monitor Compliance
• Plan
• Implement
• Manage
• Monitor Compliance
• Plan
• Implement
• Manage
• Monitor Compliance
Security
Business Management Primary Responsibility
Business IT Strategy
Validation
Overall IT Investment & Expense
Develop Demand Governance Processes
Business/IT Operational
Planning
IT Investment Portfolios
(PPM)
Intra/Inter Enterprise
Prioritization
Demand Governance
Implementation
IT Value Assessment
Board IT Governance
Funding/ Chargeback
Spending/ Project
Oversight
Councils/ Committees
Issue Escalation/ Resolution
Business Benefits Realization
Business Unit Prioritization
Plan Implement Manage Monitor
Investment Evaluation
Criteria
IT Service Chargeback
IT Governance Effectiveness (Metrics, etc.)
A Changing Environment Changes Business Objectives
Contractual Target
Business Objective
Governance Frameworks Respond to Changes
And Steer Processes toward Changing Objectives
Regulatory Compliance Undermines the Business!
Restricts Business Agility and Flexibility
Compliance without a Business Focus
Business Objective
Business Objective
Regulatory Compliance Undermines the Business!
Does Not Properly Support Business Objectives
Business Objective
Actually
Achieved
Compliance without a Business Focus
IT Governance: From the Basic Concept, Two Perspectives, One Framework
IT governance is the set of
processes that ensure the
effective and efficient use of IT
in enabling an organization to
achieve its goals
IT Governance
Framework
Formal and verifiable
description of:
Principles
Processes
Relationships
Decisions
Business
Alignment of decisions
to business strategy
and objectives
Regulatory
Compliance
Compliance with
regulations, and
accountability with transparency
Key Issues
How does IT governance support the achievement of business objectives?
How can you integrate IT governance and compliance?
Key Issues
How does IT governance support the achievement of business objectives?
How can you integrate IT governance and compliance?
Effective Governance Harnesses Different Perspectives
IT Governance
must provide continuous, agile
alignment with business objectives
Business: Solution
IT Area: Resources
GRC: Control
Players have different
objectives and perspectives over
IT initiatives
Governance: a Business Perspective
Enterprises will strategically use
IT governance to steer IT initiatives
toward changing business objectives
Governance Building Blocks
Process Framework
Principles
Relationships Decisions
Principles: The Guiding Ground Rules of Governance
A set of guiding ground rules
that clarify a strategy,
expressed as simple statements
of practical courses of action.
Contrasting Examples:
Decisions about IT initiatives will be made independently by business units, under general corporate directions and compliance requirements.
Individual decisions, favoring specific, individual business units, are taken in collaborative decision processes, with diverse representation from corporate areas and business units.
Role:
Establish culturally-aligned governance style
Shape process framework processes
Communicate direction (transmit and share)
The IT Governance Motherboard Is Collection of Processes
Strategy: Alignment, objectives, policies, priorities
Resources: Knowledge, skills, sources of resources
Delivery: Workflow, operations, coordination, integration
Finance: Budget, funding, assets, costs, cashflow
Control: Business value, performance, risk, compliance
Feedback: Communication, reporting 6
1
2
3
4
5
A set of shared processes that enable
the IT organization to continuously align IT initiatives
to changing organizational goals.
Processes Establish Relationships between Demand and Supply
Supply Governance:
Supports IT’s delivery patterns
How should IT work?
Demand
Governance:
Supports
the user’s expectations
What should IT be
working on?
Relationships in
an IT governance Framework:
Match expectations
and patterns according to
each specific IT initiative
How can IT initiatives
continuously match
business expectations?
Decision Relationship Typical
Method Level Governance Tools
Automatic 0 Rules, Controls
Role Autonomy 1 Principles, Guidelines
Processes 2 Workflow
Projects 4 Methodology
Collaborative Groups 3 Committees
Decisions Steer IT Initiatives toward Changing Business Goals
Decisions Steer IT Initiatives toward Changing Business Goals – Examples
Payment approval for external providers under ongoing contracts will made by a contract manager based on formal metrics established by contract T&C.
Selection of new technology will be approved by interested business user, after OK by chief architect followed by OK by budget committee, supported by business case.
Changes in project priority or resource allocation will be taken by business-IT initiatives committee, based on recommendations by CIO, supported by business cases.
Role Autonomy
Processes
Collaborative Groups
Simple
Fast
Few information requirements
Logically sequential
Time-economic interventions
Leveled information
Binding
Slow and expensive
Key Issues
How does IT governance support the achievement of business objectives?
How can you integrate IT governance and compliance?
Regulatory Compliance Undermines the Business!
Governance:
Formal description of how people work together
and make decisions
Principles Processes Relationships Decisions
Business Drivers
Predictability Regularity Transparency Control Auditability
Regulatory Compliance
Agility Flexibility Speed
What is Compliance, After All?
Compliance is about controls and accountability in the fulfillment of a mandate. It is also
predictable, consistent, transparent behavior.
Establish what you know
Know what to do
Do what you establish
Say what you do
The Connection Between IT Governance and Compliance
Governance Compliance
… through predictable, consistent and transparent
behavior
Aims at steering resources towards business goals
Is concerned with the process of how you do it
The governance framework defines mechanisms for
steering resources
Makes sure that those mechanisms meet
compliance objectives
Efficient & effective use of IT
in enabling an organization to achieve its goals
The Many Flavors of Compliance
Externally mandated regulations aiming ethical behavior, good corporate governance and financial transparency.
Regulatory Compliance
Requirements established by, or jointly developed with, external trading partners, including ESPs, aiming at the proper distribution of roles and responsibilities in their shared business processes.
Commercial Compliance
Organizational Compliance
A composite of vision, mission and bylaws aiming to shape organizational behavior and culture, with strong influence over business objectives, including CSR
Business Domain
There Are IT Initiatives Outside of Compliance (But Not Outside of IT Governance)
Regulatory Compliance
Commercial Compliance
Organizational Compliance
BPM
Dashboard Collaboration
Workbench
BI
Toolbox
Efficiency, Quality
Agility,
Flexibility
Innovation
Process Cycle Time
The Journey: Changing the Organization & Delivering Results along the Way
The Map: Strategy
Sets objective
Sets path to follow
The Vehicle: Governance
Aims the destination
Steers resources
Provides agility, flexibility
Comes with a dashboard
The Road: Compliance
Road characteristics and conditions
Regulations & sign posts
Radar and cameras
The Obsessed Cop: Constraints
Safe driving as priority over destination
Excessive, unjustified constraints
Tickets for everything
Equipment & Resources: Architecture
Defines equipment
Sets resource plan
Key Steps in The Journey toward Success
Understand what your business objectives are and how IT is going to achieve them.
Assess the current IT governance framework, its strengths and weaknesses
Establish IT governance objectives
Assess current IT compliance requirements
Integrate compliance requirements with governance objectives
Develop the IT governance framework
This presentation, including any supporting materials, is owned by Gartner, Inc. and/or its affiliates and is for the sole use of the intended Gartner audience or other authorized recipients. This presentation may contain information that is confidential, proprietary or otherwise legally protected, and it may not be further copied, distributed or publicly displayed without the express written permission of Gartner, Inc. or its affiliates. © 2012 Gartner, Inc. and/or its affiliates. All rights reserved.
II Encontro Nacional de Auditores da Tecnologia da Informação-ENAUTI
Governança de TIC – Uma Visão do
Mercado
Claudio Chauke
Executive Partner, Gartner LATAM
Brasília, 06 de junho de 2013
Will Governments Be Able to Sustain Themselves?
• Climate change
• Depletion of nonrenewable resources
Excessive Debt
Slow growth
High unemployment Civil unrest
Rapid economic growth
New infrastructure
Natural disasters
Five Key Trends That Will Shape Government IT in the Next Decade
Commoditization Seamless Socialization
Information Continuum Confluence of IT, OT, CT
Employee-Centricity
Seamless Socialization: The Symmetry of Open Government
Transparency
Participation
Community data
Employee participation
2
1
5
4 Government 2.0
3 Collaboration
Open Government
Information Continuum: New Challenges for Information Management
Top-down
Declassification, de-
identification, transformation
Taxonomies and ontologies
Formal and specialized
Information assurance
Mostly text and structured data
Bottom-up and sideways
Social network analysis, sentiment analysis
Tagging, rating, usage, folksonomies
Informal by crowd
Trusted sources, reputation, social rating
People, text, graphics, audio, video Media
Creation
Capture
Categorization
Maintenance
Open Data Social Data
Trust
At the Confluence of Information, Operational and Consumer Data
Crowdsourced Traffic Management
Collaborative Environmental Management
Environment
Energy
Traffic
• Air quality
• Water quality
• Water consumption
• Instant power supply
• Instant power demand
• Energy consumption
• Traffic light map
• Number of vehicles per zone
• Parking lot status
• Traffic cameras
Government Data
• Consumer GPS location
• Traffic-related feeds & microblogs
• Geolocated pictures & videos
• Instant home power demand
• Active devices per type
• Instant oil consumption/
carbon emission
• Instant water consumption
Citizen-Generated Data
Consumer Device to Government Infrastructure
The Evolution of Technology in Government
E-Government
• Online services
• Multiple websites
Joined-Up Government
• Life events
• Back-office re-engineering
• Benchmarking
Open Government
• Transparency, participation, collaboration
• Community engagement
Smart Government
• Sustainability
• Agility
• Blending IT, OT, CT
2000
2005
2010 2015+
• Integrates information, communication
and operational technologies
• to planning, management and operations
• across multiple domains, process areas
and jurisdictions
• to generate sustainable public value
A Different Approach to Government IT Strategic Planning
Political Agenda
Service Delivery &
Operations
Project Management
IT ESP
Strategic Sourcing
Business Strategic Plan
Budget
Political Agenda
(Strategic) Sourcing
Budget
Business Strategic Plan
Advice Agile PM
Clients ESP IT Business
Service Delivery &
Operations
Unclear or
Ambiguous
Fast-
Changing
Differentiate
& Record
Innovation
Not Just "the" Social Web — But a Dynamic Network of Networks
Collective intelligence
Pooling contributions
Expertise location Finding one in a million
Interest cultivation
Sharing interests
Relationship leverage
Cultivating weak ties
Flash coordination
Organizing a mass
Emergent structures
Unearthing reality
Social
Mobile Consumer Service Opportunities Proliferate
Video calling
Social networking
Low
High
Mobile advertising
Music (streaming
and downloading)
Mobile healthcare
Mobile payment
Ring tones Mobile e-mail
Mobile search
Mobile
virtual
worlds
Mobile TV
Consumer Impact Low High
Matu
rity
Consumer
telepresence
Mobile gaming
Indoor navigation
Likely rate of change: faster slower
Mobile
MS Clipart
(pixelated)
Many Elements Form a Context Impression
Device orientation
Voice tone /stress
Direction of movement
Speed of movement
Location
Light level
Social network
tie strength
Process stage
Acceleration Recent
interactions Heart rate
Temperature
Sentiment
Context
Governance in the near future perspective
• What are your challenges?
• How do you think should be the better approach to deal with this scenario?
• What change should be taken in Government regarding auditing?
40
This presentation, including any supporting materials, is owned by Gartner, Inc. and/or its affiliates and is for the sole use of the intended Gartner audience or other authorized recipients. This presentation may contain information that is confidential, proprietary or otherwise legally protected, and it may not be further copied, distributed or publicly displayed without the express written permission of Gartner, Inc. or its affiliates. © 2012 Gartner, Inc. and/or its affiliates. All rights reserved.
II Encontro Nacional de Auditores da Tecnologia da Informação-ENAUTI
Governança de TIC – Uma Visão do
Mercado
Claudio Chauke
Executive Partner, Gartner LATAM
Brasília, 06 de junho de 2013