An extension of strategic planning where we develop the IT operational plan linking IT activities to business goals and cascades to department, team and staﬀ performance plans.
FULL IT ASSESSMENT
A great step to take prior to tackling the IT strategic planning process. Get an independent assessment of your current structure, people and operations. Understanding your (true) current state is the ideal way to start your future state deliberations.
WHY CONDUCT A FULL ASSESSMENT?
This is the question that must be answered before any activity commences. Here are some common reasons for performing an assessment? Typically companies start an assessment because:
- Alignment with the business must be improved.
- New management wants to establish a benchmark.
- IT costs are too high.
- Better customer responsiveness is needed.
- The company is expanding globally.
- Greater standardisation is needed.
We can evaluate your current IT cost structure against plans and budgets and use our IT Cost Reduction checklist of over 100 tactical IT-specific cost components to help you identify opportunities for cost reduction. Current market conditions are forcing IT management to continuously look for ways to reduce costs without impacting business goals.
Our structured approach will identify spending that is not aligned with business priorities and formulate a remediation plan. We can also assist in budget development with detailed working papers and budget templates.
Whether you are the CIO, CEO, Board member, or a member of the management team you have a responsibility to protect the assets of your organisation, and this includes information and data. You draw comfort in the knowledge that your IT department runs regular backups of all data and stores copies off-site. Further you draw comfort from the fact that your computer network is protected from unwanted intrusion and viruses from the network hardware and software that is installed.
Our question to you is: Is the level of comfort that you draw from these controls that are in place warranted? There are dozens of activities that the IT department performs to give you this level of comfort, but how do you know that all of these activities in deed occur.
For example, backups may be taken every day, but has anyone checked that they have actually been successful? Has anyone performed a restore from the backups to confirm they contain all of the required data? You believe that you are protected from computer viruses and malware etc. But has anyone confirmed that the regular updates to virus definitions are occurring?
These are but two simple examples of key activities that you take for granted yet could have a devastating impact on your organisation if a failure occurred and damage resulted from these activities not occurring. As senior leaders you are ultimately accountable for the results. In summary, you must be certain that thorough and diligent monitoring of events, breaches and outages is being carried out and appropriate remediation undertaken to ensure no re-occurrence.
How Can We Help
We can conduct an independent review of your IT strategic and operational controls to confirm that the appropriate activities are occurring and report back to you on key findings and recommendations to ensure that appropriate controls are in place to give you the comfort you seek in the reliability of your computing environment.
VENDOR AND SOFTWARE SELECTION
Selecting the right enterprise software for your organisation can be a critical task – choosing the wrong solution can aﬀect the entire company. Too often software implementations fail, not because the team members were in any way incompetent, but because they did not suﬃciently analyse or evaluate the best solutions for the organisation in the ﬁrst place.
Whether a company is buying an oﬀ-the-shelf product, building software from scratch, or customising a commercial application, signiﬁcant planning and analysis must accompany the selection of the right solution. Many organisations avoid the up-front analysis required for a successful software selection process simply because they do not understand the importance of doing so. Instead, they jump right into building their own solution, or more likely, signing a contract with the ﬁrst vendor who seems to ﬁt their needs. The likely result is a product that does not meet the needs of the users or the expectations of the sponsors.
OUTSOURCING AND MANAGED SERVICES
The key aspect of these functions is the absolute need to monitor the activities that are outsourced.
For ﬁnancial institutions especially, though they can outsource most IT activities, they cannot outsource the responsibility for the outcomes. They are accountable to ensure appropriate controls are in place to protect the availability, 'conﬁdentiality and integrity of their data in an outsourced environment. They can minimise their expose through contractual agreements, strong SLA's and good monitoring techniques and reporting.