1. Information and
Communication Technology
(ICT) System Risk
Management,
Organizational processes,
management roles and
competencies
The ICT System group
should transform into a
high-performing team by
acquiring the technical
management
competencies to envision
and create an ICT-enabled
enterprise and manage the
core ICT functions to
deliver the required
business value.
2. ICT risk management
• ICT infrastructure needs to be simplified significantly. The ICT infrastructure constitutes the platform of shared ICT resources,
processes, policies and people that allow business applications to be delivered reliably. Simplification of ICT infrastructure involves
the following steps :
• Centralization : consolidating infrastructure resources into fewer data centers, with more centralized management.
• Standardization : using fewer types and versions of hardware and software.
• Rationalization : moving to less hardware and less software, with more sharing of resources between business units, less
duplication, and fewer inefficiencies
• A key element of the ICT risk management strategy is an effective ICT Enterprise Architecture as outlined below :
• The organizing logic for business processes and ICT infrastructure, reflecting the integration and standardization
requirements of the enterprise operating model.
• Effective architectures reflect
• The business’s vision of how the enterprise’s processes should perform
• ICT’s understanding of the technology needed to support that vision.
• A well-defined architecture framework, consistently applied, helps an enterprise avoid those bad decisions that inevitably
compound over time into an ICT foundation that is overly complex, difficult to manage, and riddled with risky holes.
11-07-2018 Gartner recommended Best Practices 2
3. ICT Co
management
Processes
• Enterprise wide ICT functions and services are
delivered (sourced) through a mix of in-house
and outsourced service providers. The
following oragnisational processes must be
deployed to derive the desired outcome.
• Strategy
• Responsibility
• Integration
• Equity
• Audit and Assessment
• Communication and Feedback
4. ICT Co management Processes - Strategy
• Mechanism for communicating changes in goals, priorities, policies and procedures as
they affect the sourcing relationship.
• In the service consumer-to-service provider relationship, this primarily involves an
understanding of, and alignment with, the changing business strategy and service needs
of business units.
• In the enterprise-to-service provider relationship, this involves alignment with higher-
level enterprise goals, and which goals have priority when there is conflict between
enterprise’s and service consumers’ goals
• In the provider-to-provider relationship, this process focuses on ensuring that the service
providers have a common understanding of the practical impacts of strategy, along with
the common goals and outcomes expected from all parties.
11-07-2018 Gartner recommended Best Practices 4
5. ICT Co management Processes - Responsibility
• Determine who is responsible for each of the service delivery tasks
• Document and define handoffs between each of the layers of the service’s value chain when
different parties are responsible for these different levels.
• Clarifies the needed competencies and identifies gaps in skills
• Decision to move work between service providers or to add new parties to cover this gap.
• Unassigned responsibilities lead to service disruptions and underperformance
• The management of sourcing risk in this area means paying specific attention to the handoff
points between any two organizations (provider to provider or provider to client organization).
The careful and documented assignment of responsibilities is the single most effective
mechanism to mitigate these sourcing risks.
11-07-2018 Gartner recommended Best Practices 5
6. ICT Co management Processes - Integration
• Day-to-day interaction of service consumers and service providers
• Rules of engagement between parties involved in service delivery
• Coordination and management of handoffs defined in the responsibility process
• Day-to-day implementation of responsibility process
• Identifies, creates and documents any new procedures necessary to ensure
seamless service between all parties.
11-07-2018 Gartner recommended Best Practices 6
7. ICT Co management Processes - Equity
• Value and funding mechanisms
• Prioritize funds according to business value
• Service recipient’s goals being met at a reasonable price
• Review of contract price
11-07-2018 Gartner recommended Best Practices 7
8. ICT Co management Processes
Audit and Assessment
• Reported performance against service levels
• Benchmarking
• Balancing of risks between recipient and provider
• Regulatory schemes
• Safeguarding of customer data
• Continuous improvement based on audited facts
• Develop and implement reporting schemes and schedules
11-07-2018 Gartner recommended Best Practices 8
9. ICT Co management Processes
Communication and Feedback
• Transfer of information generated by all the other co management processes
throughout the service recipient and service provider organizations
• Reporting process and schedule for regular monitoring of the progress or
problems relative to outcomes expected
• Procedure for problem resolution and continuous improvement
11-07-2018 Gartner recommended Best Practices 9
10. Key ICT Management Roles that should not be
outsourced
• These roles must be played by the in-house team to
envision and create an ICT-enabled enterprise and
manage the ICT functions.
• ICT leadership
• Strategic direction of the service
• Delineate business value and future needs of
the enterprise in relation to the service
• Architecture and standards development
• Architecture planning and decision making
• Security standards and management
• System links with outsourcers
• Process-based work
• Levels of standardization/ customisation
• Business Enhancement
• ICT – business integration
• Business orientation
• Shift from cost-centric to value-centric focus
• Technology Advancement
• Introduction of emerging technologies
• Innovation
• Value addition
• Provider/Vendor Management
• Contract management
• Performance monitoring
11-07-2018 Gartner recommended Best Practices 10
11. ICT Management competencies
• The mix of twenty-five basic core competencies (six technical, nine business-based and
ten behavioral) are necessary to develop a high-performing ICT Team to play the above
roles effectively.
• ICT specific (S)
1. Designing technical architecture
2. Integrating systems
3. Application design and development
4. Applying procedures, tools and methods
5. Understanding existing systems and technologies
6. Understanding emerging technologies
• Business (B) - solid business and industry knowledge, deep knowledge of
how the enterprise functions and provides services
1. Understanding business practices and approaches
2. Business organization and culture
3. Behaving commercially
4. Understanding and analyzing competitive situation
5. Project management
6. Change management
7. Planning, prioritizing and administering work
8. Communicating and gathering information
9. Focusing on customers
• Behavioral (H) - skills needed to gain support for initiatives and maintain
momentum in innovation.
1. Leading, inspiring and building trust
2. Creative thinking and innovation
3. Focusing on results
4. Thinking strategically
5. Coaching, delegating and developing
6. Building relationships and teamwork
7. Influencing and persuading
8. Principled negotiating
9. Resolving conflicts and other problems
10. Being adaptable
11-07-2018 Gartner recommended Best Practices 11