Document Actions
Key Issues
Business Continuity / Disaster Recovery
Service Areas Involved:
Process Management
Risk Management
Architecture
Financial Management
See Also: Answers for CEO’s
Client Success Story:
Business Continuity / Disaster Recovery (BCDR) refers to a company's ability to recover from a disaster or an unexpected event and return to normal operations. Many companies face challenges understanding the business continuity planning process well enough to develop a solution that mitigates significant risk. Key BCDR activities include:
- Performing a comprehensive business impact analysis
- Determining mission critical business functions
- Identifying critical business processes
- Assessing the financial impact to the business
- Identifying and inventorying critical data, hardware, software, services, and personnel
- Determining recovery times
- Developing alternative processing methodologies.
IT Asset Management
Service Areas Involved:
Process Management
Risk Management
Architecture
Financial Management
See Also: Answers for CFO’s
Client Success Story:
IT Asset Management (ITAM) is a set of business practices that join financial, contractual, and inventory functions to support life cycle management and strategic decision making for the IT environment. Many IT organizations often look at assets as something you buy, not something you manage. Typical assets include the software, hardware and services of a business environment. To effectively manage IT assets you should address the following activities:
-
Developing a governance framework
-
Identifying standard assets
-
Performing a current asset inventory
-
Developing purchasing procedures
-
Developing Installation and configuration procedures
-
Developing a replacement and disposition strategy.
Telecom Expense Management
Service Areas Involved:
See Also: Answers for CFO’s
Telecom Expense Management (TEM) refers to the combined set of procedures and software tools & services used to control costs associated with voice and data telecommunications expenses. Telecom cost is usually one of the leading operational expenses for IT organizations (along with annual maintenance and labor), but often suffers from inaccurate billing; incomplete asset inventories; decentralized invoice processing; and hard separation of responsibilities between contract managers, financial analysts, and network engineers. It includes activities related to:
-
Circuit provisioning (adds, moves, changes, deletes)
-
Circuit inventory (including all billable components - ports, PVC’s, etc.)
-
Invoice reconciliation, payment procedures, & audit - against contract terms, current inventory, and provisioning activity
-
Network optimization - ensuring you get the most "bang for the buck."
Vendor Assessment / Selection / Management
Service Areas Involved:
Process Management
Risk Management
Architecture
Financial Management
IT Management
See Also: Answers for CIO’s
Vendors are the IT organization's upstream value chain, but are rarely managed that way - in many cases, the most time IT managers can afford to spend with their vendors is during contract negotiations. While an "I buy, you sell" relationship is all that's required, sometimes the IT organization needs more value. Some vendors are willing to partner with their clients, but others are not. This service area includes activities to:
-
Assess the kind of relationship your organization needs with its vendors
-
Rigorously select key vendors that best meet the organization's needs - not the best advertisers
-
Negotiate lasting contracts that meet the needs of all stakeholders – you, the business, and your vendor
-
Periodically measure the results of the relationship to determine if contract terms are being met or if anticipated value is being derived
-
Continuously improve existing relationships - or end them, if necessary.
Data Center Relocation / Consolidation
Service Areas Involved:
See Also: Answers for IT Senior Managers
Client Success Story:
A Data Center Relocation effort consists of moving an organization's entire data processing operation. Many organizations leverage a move or relocation as an opportunity to improve services, reduce IT costs, enhance disaster recovery capabilities, reengineer processes, and address compliance issues. These projects can be complex and risky (depending on the architecture, scale, and operational needs of the business). Due to the dependency on contracts (for services, real estate, telecommunications, and other areas) as well as the potential for renovation or construction, they can be very lengthy – 18 months or longer is not uncommon from inception to final shutdown of the legacy sites. Finally, these are often "negative-return" efforts in hard dollars – the benefits are most often realized in other aspects of IT service delivery. This service area includes the following activities:
-
Identifying business requirements
-
Determining the location (co-location, managed host, company-owned site, etc.)
-
Taking inventories of equipment, software, telecommunications, and networking
-
Developing the physical and logical design
-
Implementation steps that include the test plan, quality assurance, the actual move, and build documentation
-
Developing process documentation.
Sarbanes-Oxley Compliance
Service Areas Involved:
Process Management
Risk Management
Architecture
Financial Management
IT Management
See Also: Answers for CFO’s
Client Success Story:
The Sarbanes-Oxley Act of 2002 requires that public companies evaluate and disclose the effectiveness of their internal controls as they relate to financial reporting, and that independent auditors "attest" to such disclosure. SOX compliance has been a challenging and costly experience for many organizations as the compliance effort introduces new policies, procedures, roles, and responsibilities throughout the organization. In an effort to help reduce costs, the PCAOB stated that external auditors must rely on an independent third parties' assessment as to the effectiveness of the organizations internal controls. Ingenuity can assist you with your SOX compliance program. Our typical activities include the following:
-
An assessment to determine the current state of internal controls
-
Testing the effectiveness of existing controls
-
Developing remediation plans to address ineffective controls
-
Actual remediation effort
-
Retesting to validate the control activities
-
Documentation, documentation, and even more documentation
Sarbanes-Oxley compliance is only one of several areas of law, regulation, and policy our clients are currently struggling with. HIPAA, Freedom of Information Act and the Payment Card Industry standards are all driving technical and process changes within IT organizations. Compliance strategies ensure that appropriate organizational controls are established and personnel are cognizant of and take the necessary steps to comply with relevant laws and regulations.
Value Chain Integration & Partnering
Service Areas Involved:
See Also: Answers for CEO’s
While Ingenuity's definition of Vendor Management deals with the IT value chain, this service area deals with how IT can enable the integration of systems and processes of the business' key partners - suppliers, distributors, and other external stakeholders. In some industries this is an increasingly important way to differentiate from the competition, while in others it is an absolute requirement for continued operations. This service area entails the following activities:
-
IT Architecture: the infrastructure must enable application integration (e.g., connectivity), the business applications must support the required interfaces / data feeds, and the security subsystems must protect all partners while still allowing the integration to occur. Ingenuity's particular focus is on the infrastructure and security architectures.
-
Processes: IT procedures have to change as well. Key handoffs between suppliers, buyers, and other valuable channel partners can be improved and automated; reducing overall costs while increasing quality and improving channel throughput.
-
Management: integrating with partners in the value chain requires a different mentality than in the past. While cross-accountability of partners to each other absolutely must be maintained, few if any of the partners can dictate terms to the others. These relationships must be maintained through management of mutual value – and this must extend into the IT organizations that must work together to enable the integration.
Identity Management
Service Areas Involved:
See Also: Answers for CIO’s
Identity Management (IDM) is an integrated system of business processes, policies, and technologies that enable organizations to facilitate and control their users' access to critical online applications and resources - while protecting confidential, personal, and business information from unauthorized users. In essence, the purpose of an IDM initiative is to rationalize the many separate user accounts that have "grown" out of separate business applications into a consolidated solution. The goal is to provide at least "simplified" sign-on (i.e., the same username and password) for as many functions as possible using a combination of techniques including integration, replication, and meta-directories. This is generally a long-term program, built on an initial security infrastructure / framework designed for a few priority applications and extended over time.
Project Portfolio Management
Service Areas Involved:
Process Management
Risk Management
Financial Management
IT Management
See Also: Answers for CIO’s
Client Success Story:
Project Portfolio Management is the process of managing a collection of inter-dependent, current projects that are specifically selected to support the organization’s strategy. The concept is borrowed from financial "modern portfolio theory". It is intended to maximize the value (while minimizing the risk) of the financial and labor investments the organization can make, while balancing these investments across the many different areas of the business. Therefore, there is a strong focus and dependency on effectively managing resource availability, budget dollars, and prioritization across projects, departments and entities.
Business Process Management / Reengineering / Outsourcing
Service Areas Involved:
Process Management
Risk Management
Architecture
IT Management
See Also: Answers for CFO’s
Business Process Management (BPM) focuses on the activities that businesses perform in order to adapt and optimize their processes. The activities include design, execution, and monitoring. From an IT perspective, this entails the development of systems to measure the current health of these processes, and is used as the basis for ongoing improvements.
The goal of Business Process Reengineering (BPR) is to improve the effectiveness of the underlying business processes. While this concept has been around a while, many application development efforts include a component of BPR. At its foundation, ITIL or SDLC process initiatives are simply BPR within the IT organization.
Business Process Outsourcing (BPO) is the process of transferring an existing business function to an external provider that specializes in that business function, generally enabled through integrated IT systems (see also Value Chain Integration & Partnering). The benefits of outsourcing are (in theory) to allow the outsourcing organization to focus on core competencies or lower existing costs by leveraging the expertise and economies of scale of the external provider. The initial wave of BPO for IT functions (particularly to offshore providers) may have subsided, but a new round is underway for other portions of business services.
Server Consolidation / Virtualization
Service Areas Involved:
See Also: Answers for IT Senior Managers
Not too long ago, a handful of Novell NetWare servers, and perhaps a mid-range and a UNIX server, were all it took to deliver IT services. Today, even mid-size companies can have hundreds of servers spread across multiple locations – each of them requiring operating costs, inventory, and system administration costs. This all equates to money – lots of money – being "sunk" into IT infrastructure with marginal incremental value. IT managers have tried to consolidate servers before but have never quite trusted applications to coexist on the same server, so after a brief period of limited consolidation the growth begins anew.
Today, the availability of virtualization technologies (such as Virtual Server and VMWare) beyond the high-end UNIX and mainframe space has changed this. Now, separate operating system instances can run on a single server, allowing consolidation without risking application incompatibility. This technology also puts the creation and maintenance of separate development and QA environments within reach of even small businesses – helping ease potential process and compliance issues surrounding change management.
Infrastructure consolidation is finally within reach. Ingenuity can help you think through the financial, architectural, process, and organizational implications to take advantage of it.
Service Level Management & Metrics
Service Areas Involved:
See Also: Answers for CIO’s
The purpose of Service Level Management (SLM) is to set expectations between the IT organization and its customers regarding how well the products and solutions should function, how to measure that service delivery, and to openly discuss with the business the successes and areas for improvements. Beyond the absolute necessity to communicate regularly and honestly with the business regarding service delivery, metrics serve as the bedrock for fact-based communication about what actually did happen – rather than arguing about anecdotes and perceptions. Service Level Management is not about writing a service level agreement (SLA), signing it, and filing it away. It and other artifacts of SLM are simply mechanisms to facilitate dialog about what’s right and what needs to be improved.
There is often reluctance on the part of IT managers to agree to service levels they’re not absolutely sure they can meet, under the assumption that if they don’t meet them they’ll disappoint their users. Since most IT organizations don’t necessarily have the data to support that level of certainty, SLM efforts therefore often don’t move forward.
Our experience indicates that the value of SLM is not in the guarantee, but in the mechanism for dialog between the business users and the IT organization – and ironically, once SLAs are in place, the IT organization is more motivated to find ways to measure results than they were before. It is the conversation – not the guarantee – that brings value.