Governance Consulting Services
In our role as advisors in IT Service Management and Project Management, Lucid IT has gained hands on experience with the implementation of process controls to manage IT risk and ensure value delivery from the IT service portfolio. The business’ decision rights have always been paramount in our implementation work, to ensure alignment of processes with business requirements.
It was therefore logical with the advent of COBIT 4.1, for Lucid IT to work with our customers in designing Governance assessments, governance frameworks and assuring the ongoing alignment of these with business requirements.
IT Governance has been on the agenda of both business and IT for some time and yet minimal value has been derived from initiatives to date. This is all changing. With the convergence of frameworks such as COBIT 4.1, ITIL V3, TOGAF 8.1, Val-IT2.0 and standards such as ISO 27001, ISO 38500 and ISO 20000, the possibility of alignment between the IT Governance model and IT management practices has emerged. COBIT 4.1 can be harnessed as an umbrella over the other frameworks.
COBIT/Governance Assessment
Our Governance assessment is designed to give a snapshot of governance maturity, current risk and improvement opportunities across the whole of IT governance. Based on the COBIT 4.1 framework, the assessment covers all major components of a best practice governance framework. The assessment delivers the following:
• Capability Maturity levels for each of the 34 IT Management processes
• General capability in each of the 4 governance domains:
o Plan and Organise
o Acquire and Implement
o Deliver and Support
o Monitor and Evaluate
• Capability in each of the main governance components of:
o Performance Management
o Value Delivery
o Strategic Alignment
o Resource Management
o Risk Management
• Benchmarking of your IT function compared to others with similar characteristics in the ISACA database
• Conclusions, Recommendations and Priorities for resolution of the issues discovered
• Optional: Inclusion of additional components or mappings from Sarbanes Oxley, Val-IT 2.0, ISO 38500, ISO 20000 or others as required
The diagram below shows the process maturity snapshot. This is a valuable tool in baselining and communicating current maturity levels to various stakeholders from the board to IT operations. Relative importance, priorities and target maturity levels can also be included.
COBIT/Governance Implementation
It is important to clearly define the objectives, scope and deliverables of a governance implementation initiative if it is to be successful in adding real value. Many initiatives are too much about the method and not enough about the goal and value sought.
In essence, governance implementation is the implementation of controls to ensure that value is delivered by IT at appropriate levels of managed risk and that the business decision rights are effectively articulated and implemented through IT governance forums and management processes.
In many ways governance implementation is an integration activity of pulling together a framework of components including:
• Methodologies e.g. ITIL, Prince2™
• In-house practices e.g. bespoke approaches
• Governance forums e.g. IT Steering Committee, PMO, SMO
• Roles and Responsibilities integrated into the people management system
• Alignment of business and IT goals, measures and reporting systems
• Assurance practices e.g. Audit, External Assessments, Internal Assessments
Of course the implementation must deliver a framework that meets the regulatory and compliance requirements of your organisation. It is also key to match the maturity of your organisation’s IT governance approach to the maturity of your business and with due consideration of your current IT maturity.
Lucid IT has experience in developing and implementing these frameworks and ensuring that you capture maximum value out of your current capabilities and create a platform for maturing governance in your IT organisation that matches the needs of the business.
