What about Enterprise Architecture and IT auditors ?
February 21, 2008
As Enterprise Architecture buzz is gaining ground within IT Divisions, what auditors, may think about it ? Since version 4.0, one of Cobit focuses is strategic alignment which is attained by a 3 stages macro process : translating by the business into objectives related to IT-enabled initiatives, defining IT’s own objectives, defining the IT resources and capabilities required to successfully execute IT’s part of the enterprise’s strategy. Although the CIO is responsible for the whole process, the IT Chief architect contributes to stage 1 and stage 2, and is responsible for IT architecture design.
With ITIL, the situation is much more confusing. In its post “ITIL v3, Enterprise architecture…“, Steve Thorn who made a research on TOGAF 8.1.1 and ITIL v2 relationships for the Open Group, points out that service strategy process is not very clear about Enterprise Architect responsibility alongside project portfolio manager and IT service manager responsibilities. Enterprise Architect role may be shared by both of them.
TOGAF 8.1.1 addresses strategic alignment as well, but focus on Architecture life cycle. It gives the responsibility of identifying business requirements and designing IT architecture to IT architects, up to them to identify stakeholders and to set up the detailed process.
According to Cobit Togaf 8.1 mapping document, Cobit and TOGAF cover more or less the same extent regarding entreprise architecture. They may be considered as complementary in respect of TOGAF is adressing detailed activities of Cobit Chief Architect.
With Cobit, auditors find support to assess architecture macro process regarding deliverables and performance through KPI assessment. But, as design decisions are critical, it is interesting to detect flaws earlier than system go in live time. Because TOGAF is compatible with setting up a Quality Insurance Activity dedicated to Enterprise Architecture, it is a very interesting reference for managers and auditors.
Nevertheless, in accordance with framework approach, process are loosely defined, each company has to decide of its own implementation. Then, auditing Enterprise Architecture requires for the auditor to be able to assess not only if the process implementation is appropriate to company goals, but the same about methods and if indicators enable to detect quality risks early.
When Cobit enables to manage and drive globally strategic alignment, TOGAF, although restricted to architecture function, may be used equally on the scope of a whole company, a business domain or a program. With TOGAF, IT Divisions are able to manage alignment locally and globally at design time. Often Business Divisions focus on time to market and time-scale, when companies mainly focus on compliance and costs. TOGAF allows to build a comprehensive framework which may drive all design activities of the IT Division in accordance with Business Goals.
Regarding IT Divisions, should the scales always tip in favour of process management ?
February 2, 2008
” Too heavy, too slow, too expensive “, which French CIO did not once hear the echo of these Pascal LAMY’s words, by the times he was EDF CIO ? Statements of weakness of practices, lack of professionalism, moving in a hurry, loom frequently among IT Division criticism when projects fail. Even software editors, pointing out their industrial practices, dare sometimes to blame customers whose failure could darken their reputation.
By the times of Mainframes era, IT Divisions had a role of development and applications management, close to a software editor or an internal software administrator job. Comparing their jobs as well as refering to industrial practices, was then significant. Today, IT Divisions contribute furthermore in strategic and tactical decision-making. The part of studies in budgets increased exponentially. How to figure out objectively performance and productivity when metrics, like function points or lines of code, are unsuitable with respect to a job of internal consultant, manager, integrator and components assembler which requires much more to decide quickly.
As example, IT architecture quality for which effort is hardly quantified appears more and more a key factor of projects good achievement. In such a landscape, the belief in industrial practices via business processes formalization and Quality management methods was never so powerful. While the job of computer engineers is changing boosted by innovations and technological breaks, methods based on repetitive tasks and continuous improvement are spreading. Did I not read recently an IT manager writer wondering in a review about the necessity of being certified ISO 27000:2005 besides the certification ISO 20 000 ?
The stake of modern IT Divisions, is not any more toward processes, but with skills which allow to facing new situations and make organisations adaptable. How to acquire, maintain and develop these complex skills which fuel optimal Decision-making and increase quality of IT Division job ? Being able to have a strategic and management vision, to drive complex relationships between suppliers, business divisions, and IT, being aware of last practices and technologies, are required skills in diverse proportions for every IT Division worker.
It is a fascinating challenge to find out for each IT Division worker the way of enhancing his skills. Besides motivated people which contribute to a common project, it is a way, for IT Divisions, to enhancing competences and know-how globally. The profit is a better capacity to adapt to change, a greater adequacy and reactivity with respect to business requirements. This leads to improve stakeholders satisfaction and to get IT strategic alignement.
Times come for IT Divisions to focus more on people than on processes. It is the main stake for the post industrial age set by societies of knowledge workers.
Powered by ScribeFire.
