HCSC’s Process Excellence Program
Supporting HCSC’s Strategic Vision
Agenda
Process Excellence Program Overview
Implementation of a Governance Model
Critical Success Factors
Lessons Learned To date
2
Program Business Drivers
2010 Vision
Significant Membership Growth
Best in Class Service
Leading Brand
Center for Process Excellence
Our goal was to improve our business processes.
We soon realized that we had to do more.
We needed to focus on
• doing business differently;
• behaving differently; and
• providing a foundation on which we can achieve our strategic objectives and move
into the future.
Regulatory Compliance
3
PEP is aligned with ITG’s Vision Points
ENSURE RELIABILITY AND
AVAILABILITY IN
DELIVERY OF ALL DELIVER FLEXIBLE
SERVICES SOLUTIONS THROUGH
SEAMLESS INTEGRATION
CAPABILITIES
MANAGE CAPACITY TO
SCALE WITH CHANGING
DEMAND SUPPORT HCSC’S
INDUSTRY AND OPINION
PEP
LEADER ROLE Goals & Outcomes
BE A CUSTOMER
FOCUSED SERVICE Responsive
ORGANIZATION Reliable
ACCELERATE PRODUCT
SPEED TO MARKET Compliant
BE A TRUSTED PARTNER
Scalable
IN THE MANAGEMENT OF
INFORMATION
BE THE IT PARTNER OF
CHOICE
ENABLE MERGER
EXCELLENCE
4
PEP Phase I - In A Nutshell
Reliable control over changes to the production
environment
Responsive development and delivery of reliable new
business systems
Responsive and reliable resolution of IT incidents
Achieving regulatory compliance
Supporting cultural change
5
Just enough process…
Project Significant Moderate Process Minimum Related Items Out of
Workstream Reengineering Reengineering Necessary for Scope for Phase I
SOx
Systems Additional CMMi
Development & processes for Level 3 and
Project Lifecycle beyond
Management
Change Control & Additional ITIL Processes
Management
Incident Problem Management
Management (Excluded from PEP
Phase I, but being
addressed by ITG)
IT Policy & N/A
Procedures
Documentation
IT Risk Wide Risk N/A
Assessment
Internal Control N/A
Assessment &
Compliance
Monitoring
3rd Party Services N/A
6
Agenda
Process Excellence Program Overview
Implementation of a Governance Model
Critical Success Factors
Lessons Learned To date
7
Frameworks for Governance at HCSC
COSO – Governance Framework that was developed
and is targeted at controlling and governing financial
reporting processes.
CobiT – IT Governance Framework that was developed
originally to support IT Auditors. Since SOx it has
become a helpful tool for IT Managers to IT
Governance with regulatory compliance.
ITIL – A set of best practices for IT Service
Management.
CMMi SEI – A process improvement approach for
Software Engineering
8
COSO: Internal Control Framework
Part of Sarbanes-Oxley Compliance is COSO Adoption
Control Activities
Monitoring
Assessment of a control system’s performance over Policies/procedures that ensure management
directives are carried out.
time.
Combination of ongoing and separate evaluation. Range of activities including approvals,
authorizations, verifications, recommendations,
Management and supervisory activities. performance reviews, asset security and
segregation of duties.
Internal audit activities.
Information and Communication Control Environment Risk Assessment
Pertinent information identified, captured and Sets tone of organization-influencing control Risk assessment is the identification and analysis of
communicated in a timely manner. consciousness of its people. relevant risks to achieving the entity’s objectives-
forming the basis for determining control activities.
Access to internal and externally generated Factors include integrity, ethical values,
information. competence, authority, responsibility.
Flow of information that allows for successful Foundation for all other components of control.
control actions from instructions on responsibilities
to summary of findings for management action.
9
Using the Frameworks for ITG
CobiT – Risk & Control focused; What we should doing;
Foundation of our policies.
ITIL – IT Service Delivery and Service Support focused; How we
should meet the objectives related to IT Operations and
Production Support. HCSC is focused on Service Delivery &
Service Support components
CMMi – IT Systems Development and Project focused; How we
should meet the objectives related to Systems Development.
HCSC is focused on CMMi level 2 and some level 3 capabilities.
Plan Build Run Report
CMMi ITIL
CobiT
10
COSO – As it relates to IT Governance & PEP
Control Environment
Policy team
Tone at the top through Organizational Change & Communication
Risk Assessment
Risk Management team
Information & Communication
Organizational Change and Communication
Control Activities
Process & Control Frameworks CobIT, ITIL, CMMi
Monitoring
Internal Control Monitoring
Metrics and Measures
11
Implementation Roadmap
Creation of Governance Framework: defined where we wanted to be
Development of Process Model for ITG
Team formation with team leads and process owners
Process Design Sessions
Project Initiation & Business Case
Customer Engagement
Detailed Design
Communication &
Org Design
Process Design
Technology Design
Construction
Development of roles, responsibilities, incentives and measures
Development of procedures, job aids, and other user guides
Development and integration of technology environments
Development of training
Pilots
Implementation
Training
Acceptance Criteria
Go Live
M easurement & Adoption Tracking
Continuous Improvement 12
Agenda
Process Excellence Program Overview
Implementation of a Governance Model
Critical Success Factors
Lessons Learned To date
13
How will we sustain our progress?
Adoption model and measurement
Program wide and Project specific metrics
Substantial training and continuous development
On site coaches and advisors supporting the new process
teams
New PDR/Assessment tools and metrics to shift thinking to
a process organization
Revised ITG Incentive plan that supports process
behaviors
An ongoing “Process Center/Team” to ensure
sustainability and process growth on an ongoing basis into
the future
14
Agenda
Process Excellence Program Overview
Implementation of a Governance Model
Critical Success Factors
Lessons Learned To date
15
Lesson’s Learned
Manage the scope of the change effort (Phase I, Phase II)
There are no one sized fits all solutions
Deemphasize the frameworks as soon as you can (they are a
means to an end, not the end)
Business Engagement and buy-in is critical
16