Business Innovation Homepage > Governance
Organizations can deploy standards such as ITIL and COBIT to improve processes and reduce risk.
August 8, 2007
The push for greater IT governance, along with efforts to achieve compliance with regulations such as Sarbanes-Oxley and HIPAA, is fueling lots of interest in technology frameworks and standards that help organizations improve controls, processes and IT service levels.
Implementing these frameworks, some of which weren’t even on the radar screens of CIOs a few years ago, has suddenly become a priority for many IT departments. While they certainly don’t all apply to every organization, these standards and best-practices models can help many companies improve the way they deliver IT services to the business.
Among the most common standards are IT Infrastructure Library (ITIL), control objectives for information and related technology (COBIT) and Capability Maturity Model Integration (CMMI).
ITIL consists of a set of books containing best practices that are designed to help organizations improve the quality of IT services and reduce costs. The model, developed by the Office of Government Commerce (OGC) in the U.K., includes rules outlining how organizations can deliver services more efficiently through improvements in management processes across IT components such as systems, networks, applications and databases.
The OGC earlier this year released the latest version of ITIL, with five core publications, including Service Strategy, Service Design, Service Transition, Service Operation and Continual Service Improvement.
“There is no doubt that external regulatory and legislative requirements have been a major driver for organizations implementing ITIL,” says Gary Case, executive consultant at Pink Elephant, a consultancy specializing in IT services. “Achieving IT governance requires that the standards, controls accountability, monitoring and reporting become a part of the everyday execution of an IT organization. This is where ITIL adds value.”
Those who follow ITIL developments or have adopted the standard say it’s difficult to estimate the total cost of adoption, including training, consulting and software. Costs can vary depending on the size of the implementation.
The framework is often used along with other best-practices models such as COBIT and CMMl. COBIT was developed by the Information Systems Audit and Control Association and IT Governance Institute (ITGI) as a framework for IT security and control practices.
COBIT is an IT governance framework and supporting set of tools designed to help organizations gain better control of IT and information security environments. Like ITIL, it has gained popularity as a guideline for controlling information, systems and IT-related risks in organizations.
The ITGI in May released the latest version of COBIT, version 4.1.
Experts say COBIT can be especially effective in helping organizations comply with regulations. Among the potential key benefits are clearer accountability of IT and a shared understanding of corporate risks.
CMMI, developed by the Software Engineering Institute at Carnegie Mellon University, is a framework for evaluating and improving the performance of development organizations. The model can be used to guide process improvements across a project, division or entire organization, according to the Software Engineering Institute.
Companies use CMMI to help guide process improvements in software development, systems engineering, research and development, with the goal of improving quality and reducing the risks associated with development initiatives.
Click here for more Governance articles
|
