Slide 1ObjectivesOverviewStrategic IT PlanningFirst Step in Developing an IT Strategic PlanLinking Business and ITIT Architecture vs. InfrastructureWorkgroup vs. Network Architecture (Google)IT StandardsPolicies & ProceduresCase: The Failure of CRMTechnology Risk ManagementCentralized Risk ManagementBusiness Unit Risk ManagementA Blended ApproachEffective Technology Risk Management ProgramEffective Technology Risk Management ProgramEffective Technology Risk Management ProgramAudit InvolvementClass ExerciseCHAPTER 5: IT STRATEGY AND STANDARDSMBAD 7090Fall, 20081IS Security, Audit, and Control (Dr. Zhao)ObjectivesBusiness and IT Strategic PlanIT Architecture vs. InfrastructureIT StandardsTechnology Risk ManagementFall, 20082IS Security, Audit, and Control (Dr. Zhao)OverviewIT has become a strategic part of most businesses. An IT Strategic Plan is a formal vision to guide in the acquisition, allocation, and management of information technology resources to fulfill the organization’s objectives.Fall, 20083IS Security, Audit, and Control (Dr. Zhao)Strategic IT PlanningProvides a roadmap for operating plansProvides a framework for evaluating technology investments“The truth is that those IT leaders who don't master the art of strategic planning won't last long.” (CIO.com, 2008)Challenges:Many companies lack well-defined strategiesFall, 20084IS Security, Audit, and Control (Dr. Zhao)First Step in Developing an IT Strategic PlanUnderstand the business objectives whether stated or implied.Guides management in evaluating investments, assessing risk, or implementing controlsExample: Business strategy for an online bookstore“The business should have desired outcomes-market share gains, higher customer satisfaction levels, and shortened cycle times.”Question: please figure out where IT factor into that.Fall, 20085IS Security, Audit, and Control (Dr. Zhao)Linking Business and IT Fall, 20086IS Security, Audit, and Control (Dr. Zhao)STRATEGIC IT PLANNING CYCLEPLAN REVIEW AND FEEDBACK Project And Application Driven RequestsOperations And Infrastructure Driven RequestsBUSINESS/IT ALIGNMENTBUSINESS STRATEGYPRIORITIZATION & FUNDINGPROJECTS & PROGRAMSOther Internal &External RequestsPROGRAM RESULTSPLAN UPDATESREVIEW PROCESSMONITORING & CONTROLTechnologyRequestsRequestEvaluationTechnologySteeringCommitteeLong Term BlueprintCorporate &Project-specific ArchitecturesIndustryAnalyst,Vendor, ExpertInputGlobalArchitectureDirectionP r o f i l e sC u s to m e rIn f oF in a n c i a lI n s ti t u t i o n sA g e n tIn f o r m a t i o nC la i m sC o m m e r c i a lP e r s o n a lL i f eA u toH o m eI m a g i n gD a taS p e c i a l tyP r o d u c tD e fi n i t o n sU W R u l e sR a ti n g T a b le sF i n a n c ia l sB i l li n gH u m a nR e s o u r c e sData MartsData WarehouseOperational DataBrowserWindowsTelephonePagerTerminalWirelessPDAEAI / BPI / BPMCore P&C / Life ApplicationsPolicy Issuance EnginePolicy Issuance EngineScheduled Activities EngineScheduled Activities EngineProductWorkbenchProductWorkbenchNeeds AnalysisEngineNeeds AnalysisEngineProducer ManagerProducer ManagerRatingWorkbenchRatingWorkbenchForms & Correspondence EngineForms & Correspondence EngineProposal ManagerProposal ManagerUnderwritingEngineUnderwritingEngineRating EngineRating EngineClaims ManagerClaims ManagerData Capture ManagerData Capture ManagerUnderwritingWorkbenchUnderwritingWorkbenchSupporting Business ApplicationsHuman ResourcesHuman ResourcesFinancials(SAP)Financials(SAP)CommissionsCommissionsBillingBillingLicensing / Appointment ManagerLicensing / Appointment ManagerContract / Registration ManagerContract / Registration ManagerReportingReportingB2B Electronic InterfacesB2B Electronic InterfacesCRMForms FulfillmentForms FulfillmentP r o f i l e sC u s to m e rIn f oF in a n c i a lI n s ti t u t i o n sA g e n tIn f o r m a t i o nC la i m sC o m m e r c i a lP e r s o n a lL i f eA u toH o m eI m a g i n gD a taS p e c i a l tyP r o d u c tD e fi n i t o n sU W R u l e sR a ti n g T a b le sF i n a n c ia l sB i l li n gH u m a nR e s o u r c e sData MartsData WarehouseOperational DataP r o f i l e sC u s to m e rIn f oF in a n c i a lI n s ti t u t i o n sA g e n tIn f o r m a t i o nC la i m sC o m m e r c i a lP e r s o n a lL i f eA u toH o m eI m a g i n gD a taS p e c i a l tyP r o d u c tD e fi n i t o n sU W R u l e sR a ti n g T a b le sF i n a n c ia l sB i l li n gH u m a nR e s o u r c e sData MartsData WarehouseOperational DataBrowserWindowsTelephonePagerTerminalWirelessPDAEAI / BPI / BPMCore P&C / Life ApplicationsPolicy Issuance EnginePolicy Issuance EngineScheduled Activities EngineScheduled Activities EngineProductWorkbenchProductWorkbenchNeeds AnalysisEngineNeeds AnalysisEngineProducer ManagerProducer ManagerRatingWorkbenchRatingWorkbenchForms & Correspondence EngineForms & Correspondence EngineProposal ManagerProposal ManagerUnderwritingEngineUnderwritingEngineRating EngineRating EngineClaims ManagerClaims ManagerData Capture ManagerData Capture ManagerUnderwritingWorkbenchUnderwritingWorkbenchSupporting Business ApplicationsHuman ResourcesHuman ResourcesFinancials(SAP)Financials(SAP)CommissionsCommissionsBillingBillingLicensing / Appointment ManagerLicensing / Appointment ManagerContract / Registration ManagerContract / Registration ManagerReportingReportingB2B Electronic InterfacesB2B Electronic InterfacesCRMForms FulfillmentForms FulfillmentIT Architecture vs. InfrastructureIT infrastructurePhysical facilities, services, and management that support all computing resources in an organization.IT architectureA high-level map or plan that explain & guide how IT elements work togetherBusiness activities and processesData sets and information flowsApplications, software, technologyFall, 20087IS Security, Audit, and Control (Dr. Zhao)Workgroup vs. Network Architecture (Google)Fall, 2008IS Security, Audit, and Control (Dr. Zhao)8Workgroup Centric:• Strategy: Capture desktops• Customer’s labor and capital• User-specific infrastructure• System control by users• Operating system dependency• License software• Data read from filesNetwork Centric:• Strategy: Occupy Internet• Labor and capital in network• Infrastructure is universal• Network controls in network • Open source browser• Pay for use• Data assembled in context• National Association of State Chief Information Officers (NASCIO)’s vision
View Full Document