1. eMedia Technologie IT Best practices overview, mapping and implementation Thierry Brunet, Director Associates 18/01/12 The Legacy Modernization Company

3. IT Best Practices, Framework, & Standards overview “ the quality of a system or product is highly influenced by the quality of the process used to develop and maintain it,” (SEI) 18/01/12

4. Stabilizing IT with Process Methodologies IT organization activity Continuous Improvement Point Improvement Certification and documentation Schema Planning Decision Developpement and Acquisition Deployement Exploitation IT Best practices roles 18/01/12

5. COBIT 4.1 18/01/12

7. COBIT 4.1 18/01/12

8. Defined Responsibilities for Each Process RACI Chart A RACI chart identifies who is R esponsible, A ccountable, C onsulted and/or I nformed. 18/01/12

9. COBIT 4.1 Tools 18/01/12

11. ITIL (Information Technology Information Library) 18/01/12

13. ITIL V2 Process Reference Framework Financial Management for IT services Capacity Management Availability Management IT Service Continuity Management Incident Management Problem Management Change Management Configuration Management Release Management Service Delivery Set Service Support Set Service Level Management IT Infrastructure security Service Desk

14. Service reports Incident statistics Audit reports CMDB Incident Management Problem Management Change Management Release Management Configuration Management Incidents Problems Known Errors Changes Releases CIs Relationships Incidents Management Tools CMD reports CMDB statistics Policy/standards Audit reports Incidents Service Desk Difficulties Queries Enquires Communications Updates Work-arounds Customer survey reports Changes Releases The Business, Customers, or Users Release schedule Release statistics Release reviews Secure library Testing Standards Audit reports Change schedule CAB minutes Change statistics Change reviews Audit reports Problem statistics Trend analysis Problem reports Problem reviews Diagnostic aids Audit reports THE SERVICE SUPPORT PROCESS MODEL 18/01/12

15. Maintainability Reliability Serviceability Statistics& incidents Audit reports CMDB Availability Management Capacity Management Business Continuity Management Financial Management Configuration Management Incidents Problems Known Errors Changes Releases CIs Relationships Incidents Incidents (SLM) Service Desk Difficulties Queries Enquires Communications Updates Workarounds Customer survey reports Standards Statistics Reports Audit reports Reviews Plans Tests Audit reports Performance statistics& incidents Plans Trend analysis Diagnostic aids Audit reports THE SERVICE DELIVERY PROCESS MODEL CMD reports CMDB statistics Policy/standards Audit reports The Business, Customers, or Users 18/01/12

16. ITIL V3 reference framework 18/01/12

18. ISO 20000 18/01/12

19. CMMI-DEV CMMI-ACQ – CMMI-SERV 18/01/12

20. CMMI-DEV Processes 18/01/12 Causal Analysis and Resolution (CAR) Configuration Management (CM) Decision Analysis and Resolution (DAR) Integrated Project Management (IPM) Measurement and Analysis (MA) Organizational Process Definition (OPD) Organizational Process Focus (OPF) Organizational Performance Management (OPM) Organizational Process Performance (OPP) Organizational Training (OT) Product Integration (PI) Project Monitoring and Control (PMC) Project Planning (PP) Process and Product Quality Assurance (PPQA) Quantitative Project Management (QPM) Requirements Development (RD) Requirements Management (REQM) Risk Management (RSKM) Supplier Agreement Management (SAM) Technical Solution (TS) Validation (VAL) Verification (VER)

21. CMMI Staged Representation - 5 Maturity Levels Level 5 Initial Level 1 Processes are unpredictable, poorly controlled, reactive. Managed Level 2 Processes are planned, documented, performed, monitored, and controlled at the project level. Often reactive. Defined Level 3 Processes are well characterized and understood. Processes, standards, procedures, tools, etc. are defined at the organizational (Organization X ) level. Proactive. Quantitatively Managed Level 4 Processes are controlled using statistical and other quantitative techniques. Optimizing Process Maturity Process performance continually improved through incremental and innovative technological improvements. 18/01/12

23. IT Best Practices, Frameworks & Standards mapping COBIT, ITIL, ISO2700x, CMMi 18/01/12

24. Deliver and Support (DS Process Domain) Monitor and Evaluate (ME Process Domain) Acquire and Implement (AI Process Domain) Plan and Organise (PO Process Domain) 18/01/12

25. Deliver and Support Monitor and Evaluate Planning & Organization Acquire and Implement Plan and Organise Define Strategic IT Plan Define IT Processes Organisation and Relationships Manage IT Investment Determine Technological Direction Communicate Managementt Aims and Direction Manage IT Human Resource Assess and Manage IT Risks Manage Projects Manage IT Quality Identify Automated Solutions Acquire and Maintain Application Software Acquire and Maintain Technology Infrastructure Manage Change Install and Accredit Systems Enable operation and use Manage Performance and Capacity Ensure Continuous Service Ensure System Security Identify and Allocate Costs Manage Third-party Services Define and Manage Service Levels Educate and Train Users Manage Operations Manage Configuration Manage Service Desk and Incidents Manage Data Manage Physical environment Manage Manage Problems Monitor And Evaluate IT Performance Monitor and Evaluate Internal Controls Ensure Compliance With External Standards Provide IT Governance Define Information Architecture ITIL V2 mapping with COBIT 4.1 Service Delivery Service Support Service Desk Incident Management Change Management Release Management Problem Management Configuration Management Service Level Management Availability Management Financial Management Continuity Management Capacity Management Procure IT Ressources 18/01/12

26. Deliver and Support Monitor and Evaluate Planning & Organization Acquire and Implement Plan and Organise Define Strategic IT Plan Define IT Processes Organisation and Relationships Manage IT Investment Determine Technological Direction Communicate Managementt Aims and Direction Manage IT Human Resource Assess and Manage IT Risks Manage Projects Manage IT Quality Identify Automated Solutions Acquire and Maintain Application Software Acquire and Maintain Technology Infrastructure Manage Change Install and Accredit Systems Enable operation and use Manage Performance and Capacity Ensure Continuous Service Ensure System Security Identify and Allocate Costs Manage Third-party Services Define and Manage Service Levels Educate and Train Users Manage Operations Manage Configuration Manage Service Desk and Incidents Manage Data Manage Physical environment Manage Problems Monitor And Evaluate IT Performance Monitor and Evaluate Internal Controls Ensure Compliance With External Standards Provide IT Governance Define Information Architecture ITIL V2 mapping with COBIT 4.1 Service Delivery Service Support Service Desk Incident Management Change Management Release Management Problem Management Configuration Management Service Level Management Availability Management Financial Management Continuity Management Capacity Management Procure IT Ressources 18/01/12

27. Deliver and Support Monitor and Evaluate Planning & Organization Acquire and Implement Plan and Organise Define Strategic IT Plan Define IT Processes Organisation and Relationships Manage IT Investment Determine Technological Direction Communicate Managementt Aims and Direction Manage IT Human Resource Assess and Manage IT Risks Manage Projects Manage IT Quality Identify Automated Solutions Acquire and Maintain Application Software Acquire and Maintain Technology Infrastructure Manage Change Install and Accredit Systems Enable operation and use Manage Performance and Capacity Ensure Continuous Service Ensure System Security Identify and Allocate Costs Manage Third-party Services Define and Manage Service Levels Educate and Train Users Manage Operations Manage Configuration Manage Service Desk and Incidents Manage Data Manage Physical environment Manage Problems Monitor And Evaluate IT Performance Monitor and Evaluate Internal Controls Ensure Compliance With External Standards Provide IT Governance Define Information Architecture ITIL V3 mapping with COBIT 4.1 Procure IT Ressources 18/01/12

28. Deliver and Support Monitor and Evaluate Planning & Organization Acquire and Implement Plan and Organise Define Strategic IT Plan Define IT Processes Organisation and Relationships Manage IT Investment Determine Technological Direction Communicate Managementt Aims and Direction Manage IT Human Resource Assess and Manage IT Risks Manage Projects Manage IT Quality Identify Automated Solutions Acquire and Maintain Application Software Acquire and Maintain Technology Infrastructure Manage Change Install and Accredit Systems Enable operation and use Manage Performance and Capacity Ensure Continuous Service Ensure System Security Identify and Allocate Costs Manage Third-party Services Define and Manage Service Levels Educate and Train Users Manage Operations Manage Configuration Manage Service Desk and Incidents Manage Data Manage Physical environment Manage Problems Monitor And Evaluate IT Performance Monitor and Evaluate Internal Controls Ensure Compliance With External Standards Provide IT Governance Define Information Architecture ISO 2700x Family mapping with COBIT 4.1 Procure IT Ressources 18/01/12

29. Deliver and Support Monitor and Evaluate Planning & Organization Acquire and Implement Plan and Organise Define Strategic IT Plan Define IT Processes Organisation and Relationships Manage IT Investment Determine Technological Direction Communicate Managementt Aims and Direction Manage IT Human Resource Assess and Manage IT Risks Manage Projects Manage IT Quality Identify Automated Solutions Acquire and Maintain Application Software Acquire and Maintain Technology Infrastructure Manage Change Install and Accredit Systems Enable operation and use Manage Performance and Capacity Ensure Continuous Service Ensure System Security Identify and Allocate Costs Manage Third-party Services Define and Manage Service Levels Educate and Train Users Manage Operations Manage Configuration Manage Service Desk and Incidents Manage Data Manage Physical environment Manage Manage Problems Monitor And Evaluate IT Performance Monitor and Evaluate Internal Controls Ensure Compliance With External Standards Provide IT Governance Define Information Architecture CMMI for Development 1.3 mapping with COBIT 4.1 Procure IT Ressources 18/01/12

30. IT Best Practices, Standards & Frameworks Implementation A pragmatical approach 18/01/12

33. 18/01/12 Comprehensive Approach to Improvement Six σ IT Operational Processes — ITIL App. Development Processes — CMMI Project Management Processes — PMI 1. Establish the Work 2. Align Roles With Work RACI 3. Identify Appropriate Measures 4. Apply Governance CobiT

34. Implementing IT Governance 18/01/12

37. Enterprise Change Management Manage Change 18/01/12 Organization Culture Leadership Sponsorship People Engagement Training Processes Reuse Automate Templates Measure Technology ITIL (at least) Configuration Management Asset Management Service Desk Supervision tool COBIT Excel or IT Governance & Risk Management tool

38. Culture Program 18/01/12

40. Questions - Réponses 18/01/12