Strategic Planning Aligning Business and IT in Government

Strategic Planning: Aligning Business and IT in Government David McClure Managing Vice President Global Government Research Columbus, Ohio June 25, 2008 Notes accompany this presentation. Please select Notes Page view. These materials can be reproduced only with written approval from Gartner. Such approvals must be requested via e-mail: vendor.relations@gartner.com. Gartner is a registered trademark of Gartner, Inc. or its affiliates. Is This Your IT Strategic Plan? APPLICATIONS DATA Intrnet Cust Or does it read like this? Cust Support CNN/fn site Investor Relations Email Systems Corp User Group 1 Srvc Cntr Tbls Dealer Settlement RMAC DR Model/Qty Sears Pymt System DB2 Mkt Info Credit Card System Service Center POS Retail Str POS Telecom Dept RS Invt Sumry Retail Store Equifax, Martel, Checkfast or Input of Texas (3rd Party) Lofty Goal 1: A24 RS.COM A28 - Store Msgs A8 - Comm System A10 - Order Routing A49 - Hitlist Use the best-available commercial technology to meet city needs. A26 - Answers Online A22 - Web Store Locator A23 - Service Center Web Locator A29 - Corp Elec Msg A4 - Store File Sys A57 - Cust Trk Load A15 - RadioShack Replenishment A50 - Customer Load A39 - Srvc Pln Rnwl A52 - Profiler Report A53 - Name & Addr Hygiene A58 - Customer Mnt A48 - Flyer Selection A33 - RS Srv Pln Srv Cntr Cust Mnt A1 -Credit Card Apps A60 - Economic Census A38 - Srvc Pln Cnfrm Letter S T O R E RSTS DSA Tbls Email Server Rebuy Dept Advertise/ Ad Support Ad Circulation Real Estate Promo Dist Order Routing C U S T O M E R IT Strategic 24/7 service have Operational Plan? delivery via Plan? the Web. Or does it look Lofty Goal 2: like this… IT Ensure that our citizens A12 - Model Quantity A30 - RS One-Each Customer TPS History Experion Cellular Act Daily Reports System Intern‟l Stores A2 - Credit Plan Mnt A5 - Prepaid Cellular A9 - RS Store Perpetual Inventory A37 - Srvc Pln Display A32 - New Bus SVP Mail A25 Price Lookup A17 - Stock Mnt A19 - Merch Promo Pln A31, A45 - Service Plan Price Cntrl & Tranmt A27 -Srv Pln Rpt/Mnt A13 - Srvc Cntr Phy Inv & On-line Recaps Loss Prev Store Systems Python POS Support Replenishment System Merch Adj DC Order Mgt System DC Billing Printer Financial Sys DB2 Load Corp Stk File Intrnl Audit Distribution System Contract Srvc RSU Central POS Rcv Invc Fran Store Payroll/HRMS Perp Inventory Warehouse Billing NAILS WinLook Invent Merch POS Sales Rpt Web Dev Service Center RS Merch (RSMS) RSTS System Acct/Bookkeep Stock Mnt Comm System Store File Multi-Mkt Price Census Bureau American Banker Assoc Promo Order A&A Import/ Export Journaling System POS Invt Tran National Parts VSAM Stock, Store or Control Files Stock File Eff Pricing P R O D U C T Lofty Goal 4: Lofty Goal 3: A46 - Srvc Pln Sales Entry A18 - Merch Pricing A34- Srv Plns Amercican Bankers A11 - RS Inventory & Sales Month End Reporting Have a modernized, reliable enterprise-focused IT infrastructure. Legend Facility Product Party Activity A47 EBIS ODS A62 - Flash Sales A40 - RS Validation and DB2 Load A43 - TRACE A59 - LOOK! Reasons Why These May Not Happen: S A L E S Jan 2006 Feb 2006 Mar 2006 A14 - POS Sales Processing A3 - Return Check Apps A6 - BANCTEC A20 - RS Buyer Sales Planning /Proj Sys IT Vision 1 Install PMO 1/16/2006 1/16/2006 2/17/2006 1/31/2006 6/20/2006 8/1/2006 1/30/2006 2/16/2006 3/30/2006 6/19/2006 7/31/2006 9/11/2006 2 Upgrade LAN 3 Upgrade Desktops 4 Install ERP System 5 Install SCM System 6 Install CRM System 7 Implement Customer Self-Service 8 Implement HR System 9 Institute Employee Self Service 10 Institute Rewards System 11 Implement BPM System 12 Implement other BPM System 13 Implement BAM System 14 Implement Enterprise DW 15 Execute Mobility Strategy 9/12/2006 6/20/2006 8/1/2006 10/24/2006 9/12/2006 10/24/2006 11/14/2006 11/28/2006 12/19/2006 10/23/2006 7/31/2006 8/18/2006 11/20/2006 10/23/2006 11/13/2006 11/27/2006 12/18/2006 12/25/2006 ID Task Name Start Finish Duration 2w 1d 4w 4d 6w 1/15 1/22 1/29 2/5 2/12 2/19 2/26 3/5 3/12 3/19 3/26 4/2 4/9 4/16 4/23 4/30 5/7 5/14 5/21 5/28 6/4 6/11 6/18 6/25 7/2 7/9 7/16 7/23 7/30 8/6 8/13 8/20 8/27 9/3 9/10 9/17 9/24 10/1 10/8 10/15 10/22 10/29 11/5 11/12 11/19 11/26 12/3 12/10 12/17 20w 6w 6w 6w 6w A61 - Sales Reporting A64 - Fran DR Entry A42 - Online Inquiry Sys A51 - Geostore Analysis 2w 4d 4w 6w 3w 2w 3w 1w A44 - Mkt Incremtal Rpts A16 - Service Center Reporting (Magnifying glasses are at the back of the room) Secure an IT workforce skilled to build, operate, and maintain IT service excellence. Apr 2006 May 2006 Jun 2006 Jul 2006 Aug 2006 Sep 2006 Oct 2006 Nov 2006 Dec 2006 Key Issues 1. What are the primary steps in establishing a good IT strategic plan? 2. What critical questions should an IT strategic plan answer? 3. How should you use IT strategic plans in your governance processes? A Government IT Strategic Planning Process is Codified Common Sense Start of Planning Process Budgets Completed • Mission • Goals • Objectives • Information Needs • Critical Success Factors • Processes • Information • Applications • Infrastructure • IT Organization • Processes • Information • Applications • Infrastructure • IT Organization Project and Asset Portfolio Capture “Business” Strategy Capture Current IT Environment Develop View of Where You Want to Be Develop HighLevel Plan to Get You There • Strategic Projects • Tactical Projects • Work Plan • Budget • Business Case Monitor and Adjust Plan However, Common Sense Is Stymied by Mental Models of Planning … Assumptions Experts with recommendations gets better results than stakeholders making commitments Once the vision is clear, implementation is easy The plan should be updated when it is redone or when its planning horizon expires Pitfalls Strategic plans that make recommendations rather than recording/driving commitments Inability to use strategies in operational mechanisms that drive implementation Out-of-date plans that do not address current challenges and quickly lose confidence and use A non-user friendly plan that few people outside IT know about or understand its content/relevance Unresolved power struggles paralyze and scuttle planning or make it meaningless These create mental models that block effective planning To earn respect and credibility, the plan must be filled with an inventory of technical information The planning process should not be about conflict resolution Adapted from Jon Kohl, Mental Models That Block Strategic Plan Implementation … and the Road to Implementing Plans Has Many Bumps and Turns Glide Path to Realized Outcomes Desired IT Strategic Results IT Strategic Intent Emergent IT Strategies IT Strategies in Action City County Agency Impact and IT Effectiveness Things you know you should do to put technology to best business use Influenced by internal needs and external drivers (emergent, unplanned, or crises Activities in-play beginning to have impact on processes and performance Strategic Learning Adapted from James Moncrieff's Model of Strategy Dynamics in "Is Strategy Making a Difference?" IT Strategic Plan Development: Road Map Agency Business Needs Develop Target “Business” Model Agency Strategy Solutions Strategy (Business View) Summarize Strategic “Business” Direction Develop Changes Needed in IT Direction Conduct IT Assessment & Gap Analysis Address Mgmt. & Governance Processes Develop Migration Approach & Road Map Technology Trends Develop Target IT Service Delivery Model Delivery Strategy (IT View) Updates/Adjustments Agency IT Needs Technology Trends: Emerging Trend Radar Screen Time to mainstream TECHNOLOGY Real World Web Teraarchitectures Environmental Interfaces Human Augmentation Semantic Web Radical Healthcare Innovation more than 10 years Sensor Mesh Networks Mobile Robots BUSINESS 5 to 10 years 3D Printing Augmented Reality Virtual Worlds Portable Personality Telepresence Collaboration Web Platforms SOCIETAL Aging Population/ Single Living Challenges Behavioral Economics Collective Intelligence Social Software RFID SaaS/Alternate China and India Electronic Paper Crowdsourcing Delivery Models 2 to 5 Impact years Service-Oriented Web 2.0 Workplace Architecture Globalized Microbusiness Technologies Green IT Mashups less than 2 years Open Web 2.0 Business to mainstream Source Models adoption Voice/Data Convergence Consumerization Discussing Technology Trends Source: State of Michigan, IT Strategy, 2008 Getting Proper Engagement Put the “Right” Team Together Build/Confirm Agency Business Strategy  Define core business drivers, strategies, process change requirements  Match to general information and technology needs Validate & Communicate for the IT Plan  Set expectations  Conduct preliminary work  Communicate  Sign-offs  Roll into IT strategic plan and budget preparation  Avoid excessive detail Source: Aligning Agency Business and IT Strategy, Gartner, March 2008 Example: SLG Drivers and Trends Analogy: Common Requirements Vision “Business” Change Requirements “Business” Information Requirements ……..but without the perceived (or real) end focus being development of the Enterprise Architecture BCR IT Requirements BIR ITR The discussion of city/county strategies and related requirements will be very enlightening! BSR “Business” Solutions Requirements Example: Pinellas County, FL County Business Strategy Encourage the growth of cross-agency communication, thereby improving business relationships and communicating with a consistent voice, to our citizens, promoting a competent “One County”. Business Change Requirements 1 Reach agreement through the TSC/ITARB/SLT on project decisions resulting from the Discovery and Business Plan phases. Appoint subject matter experts with decision making authority to provide input, guidance and testing for projects. Reach majority adoption through the TSC/ITARB/SLT of resulting enterprise solutions. Develop the means to identify gaps and opportunities for improvement in cross-agency communication. Develop the means of regularly identifying Pinellas County Government demonstrations of business value and competency. Develop an internal inventory of available vertical solutions to be shared cross-agency. Adopt enterprise solutions where appropriate and be different when necessary to meet the needs of the business. 2 3 4 15 County Government Competency E-Government Business Continuity and Disaster Recovery Information Sharing Business Process Improvement Preservation of Knowledge Re-establish credibility with Citizens Business Solution Requirements 1 2 11 14 Construct a service catalog and define a common vocabulary to facilitate cross-agency communication. Build requisite mechanisms supporting cross-agency communication. Leverage vertical solutions and contracts with cost savings as a forethought where appropriate. Provide cost-effective, alternative means of electronic communication for cross-agency use. 20 21 Business Information Requirements 1 2 3 4 Provide an inventory of current agency services, as required for Discovery. Provide an inventory of agency business terms, as required for Discovery. Provide a list of opportunities for improvement with crossagencycommunication, as required for Discovery. Provide a list of Pinellas County Government demonstrations of business value and competency on a regular basis, as required for Discovery. Provide a list of internal vertical solutions, as required for Discovery. 17 Associated IT Strategic Initiatives Internal Collaboration Program Mobile Strategy Program Oracle Project Unified Solution (OPUS) Program Information Technology Requirements 1 Provide the means for agencies to regularly collaborate and share information compliant with agreed upon standards and policies. Exactly How Does This Help? • Identify, discuss and document strategies: - Question the meaning and implications of each. - Analyze the compatibility. - Highlight the inconsistencies. - Clarify the confusion. Intended Outcomes 1. Agency program and IT leadership collaborate on business processes and IT planning. 2. IT is planned and executed holistically, end to end, to support specific agency needs and associated application changes. 3. Infrastructure and application life cycles are tightly linked with business process life cycles. 4. You save time and money and reduce risk through repeatable, reusable solutions that are developed and applied to similar problems. 5. Mission/program value takes precedence over IT product-centricity. • Go deeper than the strategies. • Articulate what's needed. In short, you create a common forum of discussion on matters of strategic alignment. Some Practical Advice Never Hurts • Understand role/perceptions Let's Take • Use a workshop to baseline gaps a Closer Look • Don‟t forget essential IT plan components (apps, architecture, at These infrastructure, etc.) • Produce a multiyear road map with clear timelines • Segment major initiatives by purpose What Role Is IT Playing? Role of IT IT possesses detailed business process and relationship skills. High Role & Perceptions IT Counselor • Good listener Use IT • Big picture understanding and proposing • Good atinformation solutions to improve business • Slow operations. at implementing IT Value Seeker • Internal consultant Embed IT • Understands programs into services, • Good rapport with senior managers operations • Recognized contributor and processes. Power Plant IT Doer • Just gets by • Does no more than Remove technical what is operational and requested IT Service Provider • Internal vendor • Responsive • Fulfills needs, but not Runinnovator business. an IT as a • Does not anticipate needs IT has limited feel for business needs and processes. obstacles. Low Low Gas Station Responsiveness High Extremely reactive Extremely proactive IT Performance Image Mission Value Understanding of Business Requirements Workshop Self-Assessment: How Do You Rate? As a General Rule of Thumb: - Clearly defined business strategy - … Then Your IT strategy Is … Strategy clear to all and contribution recognized - Major systems support the business strategy explicitly - Right tools are in place to get the job done - Timely information is available and of the right quality SelfAssessment This is an informal assessment. For each area, rate these factors, where 1 means you have not started or have a largely ad hoc approach and 5 means you have reached leading practice. SCORE A1. Business strategy _____ _____ _____ _____ _____ If Your A2. IT strategy Total Score Is … B1. Business applications B2. Personal productivity B3. Information management C1. Service management C3. Asset management D1. Architecture framework D2. Progress achieved E1. Human resources E2. Organization E3. Client relationships - Internal IT processes conform to quality framework; e.g., ITIL _____ overtly optimistic) >60 environment Robust and effective (ordelivery C2. Technology - Reliable and cost-effective IT service _____ - Resources are well managed Middle _____ _____ _____ _____ _____ _____ _____ _____ _____ - Well-defined and stable architectural plan 40 to 59 Understood, but some clear areas for - Getting progressively closer to desired architecture each year improvement in place - Right skills and teams - Structure best to deliver IT services - Strong relationships exist with our clients Middle <39 F1. IT governance F2. Performance metrics F3. Budgets We need who makes decisions - Clarity about Gartner! - Scorecards highlight critical success factors - Quality of budget processes and charges for services Source: "How to Run an IT Strategy Self-Assessment Workshop" (G00129417) Core Ingredients of IT Strategy Core Components Core Building Blocks    Management and services are moving to enterprise consolidation and shared services. Business Strategy Application Strategy Infrastructure Strategy Architecture People/Sourcing Financial Essential Ingredients to Address the Building Blocks of IT Strategies: • Direct Link Between Business and IT Strategy • Sound IT Governance • Definition of the IT Environment    • Major Initiatives • People/Resources • Risks • Measures of Success Source: "A Primer for Strategic IT Plans" (G00144281) Create a Segmented Road Map IT Investments LOB Service Improv. Projects Transition Road Map IT Program 2006/07 2007/08 2008/09 2009/10 Most Strategic IT Plans Have a Threeto-Five-Year Planning Horizon. CustomerServiceFacing Projects IT CostSavings Projects Rather than having a laundry list of initiatives, demonstrate how the plan will be implemented. This will indicate priorities, synergies and set proper expectations (especially support for priority business-side needs). Six Key Questions for Your IT Strategy 1. Does the IT Strategy Substantiate Mutually Owned Expectations Developed by All Stakeholders? Who is the IT strategic plan is being written for? Does it effectively communicate to those stakeholders the essence of what information management and technology investments are expected to accomplish? 2. Are Critical Drivers Influencing the Direction of the IT Strategy Accounted For? What are the primary environmental (political, economic, performance improvement, etc.) drivers influencing the directions being proposed by the IT strategic plan? 3. Is the IT Investment Direction and Alignment with Business/Mission Needs and Priorities Made Explicitly Clear? Does the plan amply demonstrate how the proposed technology investment direction and major projects are connected with business needs and priorities? Six Key Questions for Your IT Strategy 4. Is the IT Strategic Plan Customer Centric? Does the strategy make it clear how it is responding to and meeting defined external customer and internal customer needs, expectations, and demands? 5. Does the IT Plan Contain Performance Measures That Can be Used to Gauge Progress and Success? How will you know if the plan is successful or not? For major resource commitments being made in the plan, are performance measures or indicators present that are defined in results-oriented (not activity) terms? 6. Does the Plan Outline the Governance Process to Execute the Strategic Plan and Approved IT Investment Decisions? How will you manage the implementation of the strategic plan and the decisions it requires? IT Success Is Dependent on These Processes Being Integrated • Mission-Specific Policy by Itself: - Vision and goals, but needs capacity and capabilities to make it happen Three Enterprise-Level Disciplines Should Come Together • IT Strategy by Itself: - Nice plans, but no direct link to business case for projects, or an understanding of future-state requirements Mission Planning and Strategy Information & Technology Strategy • Enterprise Architecture by Itself: - Standards without the ability to change behaviors • Project/Portfolio Planning Only: - Short-term view, no view of long-term needs/direction Enterprise IT Portfolio Management Enterprise Architecture • Otherwise, Status Quo Remains: Silos of activities Increased costs Duplicate systems and processes Inflexible to change One-legged stools…are neither sturdy Across Processes, Should See Integrationnor reliable! Governance and Value Assessments Show How IT Management Actions Will Change Your IT Investment Decisions Current State Near Term Sci. and Eng. Applications Project Mgmt. Applications Steady State Sci. and Eng. Applications Project Mgmt. Applications Business Applications Infrastructure Applications Business Applications Infrastructure Applications • Thousands of applications • High-level analysis indicates substantial redundancy • Application integration not architected at the enterprise level and primarily point to point • Establish robust governance, portfolio process and stewardship • Create accurate inventory of all application assets • Develop architectural strategy for apps integration • Recurring, lifecycle approach • All application demand captured, and managed dynamically • CIO: performance goals and EA compliance. Portfolio owners set business standards Make Your Plan Relevant to Tough IT Portfolio Decisions and Priorities Without active application management, the investment candidate pool will be rich in new projects, but it will underestimate or ignore opportunities to migrate, enhance or retire current applications. Proposals & Concepts ID Opportunities As-Is Environment Asset Retirement Not all projects are equal, so investment decisions must be made against New Project ITIM Proposals criteria highlighting the Select New appropriate values, costs Proposals and risks, alignment with Mature business-related priorities Business and political agenda Case Approved New Projects support. Adjust Enterprise Portfolio Assess Feasibility & Value To-Be Environment IT Services Assess Value Soon-to-Be Environment Existing APM Applications ITAM and Assets Manage Asset Use Identify Asset Improvements In/Outsourced Assess Value Ongoing Manage PPM Development the Portfolio Enterprise & Initiatives Implement Projects New Modified Assets Example: Linking Policy Agenda to IT Strategic Goals, Activities and Measures Expand Michigan's services to reachState of Michigan IT Goalsanywhere. anyone, at anytime, from State of Michigan GOAL ONE Sample Projects Sex Offender Registry (SOR)/Public Goals Targets Registry (PSOR) Strategies Sex Offenderand Metrics Self-Service Stations • plan  Provide Michigan customers one Approximately 20 customer self-service stations haveDevelopIn anto provide provide citizens withaccess point effortself-services by 2008 to a multi-channel, single the most to state government simple access joint to to follow at been installed, with moregovernment Secretary of the up-to-date information, the SOR and the PSOR State branch office locations, to provide access to a• Double the adoption rate of electronic self-service channels are being rewritten to retrieve real-time data services in the next 18 months limited number of customer self-service transactions. from the new Criminal History Record system. • Double the number of transactional based self-services In the short period of time since deployment, these These applications have a direct relationship in the next themonths stations have generated more than 10,000 transactions, to 18 National Sex Offender Public Registry. • customer satisfaction of Michigan information and demonstrated the demand for self-service by the ImproveThis is just an example of howself-service citizens of Michigan as well as the need to provide can be made available to citizens. • Ensure that all servers are current with security patches more of this type of access for other services.  Secure State of Michigan's systems and and compliant with security policy data and the privacy of personal data Michigan Talent Bank Careers in Manufacturing Web Site (www.michigan.gov/mfgcareers)  Expand access to government • Implement Identity and Access Management solution by 2007 (MI Internship Expansion) services This new site will support manufacturing careers in • Broadband services availableMichigan by offering them attract students in to all Michigan citizens Michigan. Various resources for learning about the and business by year-end 2007 internships with Michigan-based companies types of manufacturing, exploring the careers that exist and Michigan residents will phase has identified • 90 percent ofemployers. This first utilize online services in manufacturing, and for more references and statistics all Michigan-Talent-Bank-registered employers to conduct business with the State of Michigan in 2007 about manufacturing will be available here. Future Web who have internship information on their Web site access supporting economic development in • Migrate sites. The next phase adds the remote data or eliminate 1,000 servers from functionality,  Leveragecurrently being reviewed. Michigan is and maximize centers and enables employers to enter postings through consolidation or centralization by 2008 technology for internships and students to search these • Internet-protocol-telephony and voice over IP architecture postings for opportunities. and standards in place in 70 percent of State of Michigan managed buildings by 2010 The MI worker pilot programs utilizing early 2005 • Begin two mobileInternship project began in wireless technologies in 2006the Governor's plan to keep and to support Example: Strategy Alignment Map Business Drivers Business Goals Business Strategies IT Strategies IT Projects/Investments Source: "IT Strategic Plan: Linking IT to the Business of OPERS," OPERS Division, March 2007 Example: From County IT Projects to Investments Proposal Scoring Criteria Investment Category Mandate/Contract • • • • Central PMO function PPM function and criteria Cost, benefit, risk evaluation Portfolios defined Improves Internal Program Definition Percent of Services Spending Arlington County, Virginia County Commissioners Projects necessitated by legal As or policy requirement or binding Plans Necessary Linkage to County Master contract is in place (as necessary) Improves Service to the Public Department Business Model Leverage Current Investments Was Refresh of Existing Capabilities Continued investments to extend Level of Interest capabilities of existing systems 33% Executive Steering Committee Interdepartmental Impact Investments that refresh or replace infrastructure components Schedule Risk Refresh Infrastructure Was Investments That Furthered Strategic Goals Business Process Redesign 33% Cost Sensitivity New Capabilities Reserve for Emergencies Was New Technologies Projects to bring automation to a Technical Risk previously non-automated function 23% PMO 10% Department Projects and Initiatives Organizational Risk Contingency fund to cover Risk of Not Doing It unforeseen needs Benefit to Cost Impact Source: Toolkit Case Study: Arlington County Moves From Project to Investment Management, March 2007 Example: Link Goals, Programs and Target Measures Activities Goal Desired Results and Measures Objective Example: Showing Performance Results Geospatial Investment Usage Fairfax County, VA Five minute response time areas for fire stations Spatial patterns in crime incidents for more effective resource deployment and reporting West Nile Virus: More cost effective County spraying and health monitoring Enhanced and cost effective zoning and tax enforcement; building permit site status Source: Fairfax County, VA Department of Information Technology, FY2007 Information Technology Plan IT Scorecards Linked to Strategic Plans Can Assist in Governance  IT Performance Overview • • • Performance against budget Effective Benchmarks Alignment System/application reliability Business & Public Value of IT  Operations Service-Level ITCustomer Performance • SLA performance Satisfaction  Business Value Management of • IT Investments to IT contribution performance goals/ outcomes • Value contributions in time/quality/cost impact Staff Capability & Effectiveness Agenda Contribution Customer Orientation • Business risk reduction • Security/EA assessments Business/IT Partnership  ITApplication Organization Performance Delivery • Quarterly/annual assessment Performance surveys • Benchmarks and trends Process Excellence  Major Program/Project Performance Responsiveness Vision and Strategy  Business Satisfaction Customer Innovation Architecture • Help desk performance Evolution Improvement • Problem resolution cycle times Knowledge • Choice of vendor satisfaction Management Service Capability Improvement Emerging Technologies Research Operational Internal Cost of • Cost/schedule and benefits Excellence realization performance Quality Measures (variances) Information • Contribution to political Assurance agenda/drivers and high-risk list and Disposition Asset Retirementreduction assessments Advice  Follow a continuous learning process in creating your IT strategy and plan; it isn't about producing a document or fulfilling a "requirement" or data call.  Strategic IT planning isn't self-directed or self-implementing — it should be “business-driven” and implemented through effective IT portfolio management. basic questions.  Ensure that your completed process can answer the six  Use your strategic plan in your governance processes by populating it with performance measures to demonstrate progress, success and to focus on effective problem resolution for areas needing additional attention. Addendum – Sample IT Strategic Plan Outline Executive Summary Recommended length: Half a page Purpose: A summary of the document, written for senior business executives. Contents: This section should capture the essence of the strategy, including the „trail of evidence‟ from IT strategy to business value. Business Context Recommended length: Half a page Purpose: A summary of key facts about the area(s) of the business in scope, used as context to clarify why the major directional decisions in the IT strategy have been taken. Contents: This section should include: business mission, vision, goals and high-level business principles, competitive pressures, regulatory and other macro-issues. It should also ideally include some formal expression of how the business will succeed, such as the value disciplines framework[1]. The purpose of this section is to make clear why the major directional decisions in the IT strategy have been taken. This section should reference relevant enterprise and business unit strategy documents. IT Contribution to Business Success Recommended length: One page Purpose: An expression of how IT capabilities and plans will contribute value to the business. It is the IT equivalent of the enterprise mission and vision statements. Contents: This specifically connects IT activities and business success factors described in the previous section. For example, „by making customer service business process costs more variable, IT will reduce the impact of demand volatility‟. It may be possible to include the business measures that are expected to be driven by IT activities (for example, cost per transaction, concept-to-product cycle time.) Addendum – Sample IT Strategic Plan Outline IT Principles Recommended length: Half a page Purpose: A high-level set of about five to ten principles that guide IT decision making and reflect the IT contribution. The IT principles guide day-to-day IT decision making and IT governance, while clearly showing business executives how IT is embedding the contribution. It is desirable to present these IT principles alongside a set of business principles, if they are available. Contents: Typical topics in the IT principles include: where agility is needed, how the IS organization will be structured, approach to sourcing, what kind of staff/skills are key. An example around agility is, “We will prepare IT assets and services that can rapidly scale to support acquisitions”. An organization example would be: “We will centralize every asset and process that is identified as a business commodity”. In this section, it is important to avoid „truisms‟ that apply to all IS organizations, for example, “we will provide highquality, reliable IT services.” The test is — „will these principles guide decisions that contribute to business success in my enterprise or could these apply to any enterprise?‟ IT Governance Recommended length: One page Purpose: An expression of how IT decisions will be made. Contents: This section explains who will have input, who will make the decision and what mechanisms will be used for making, communicating and enforcing the decision, for each type of IT-related decision. Typical types of decision include: IT principles, Investment, Infrastructure, Architecture, Security and Risks. The governance matrix developed by MIT and Gartner is a concise way of outlining governance. (See references section below.) Addendum – Sample IT Strategic Plan Outline IT Financial Management Recommended length: One page Purpose: An explanation of sources, uses and control of funds for IT. Contents: Explains whether the IS organization is operating as a cost center, profit center or investment center. Also explains how funds will be supplied to IT, for example whether discretionary IT project funds will be separate from overall business project funds. And whether, and what type, of chargeback will be used for recovering IT costs. This would typically refer to detailed IT budget and enterprise financial strategy documents. IT Architecture Recommended length: One page Purpose: To clarify how IT assets and services are designed to support the current and potential future business models. Contents: A high-level overview of the IT architecture, and how it will be used to align business and IS, guide investment and change behaviors. May be based on standards such as Zachman, FEAF or TOGAF. Will probably refer to detailed business, information and technical architecture documents. IT Services and Processes Recommended length: One page Purpose: An explanation of how IT service is made efficient, effective, reliable and repeatable. Contents: a) A summary of approach to services and processes (for example, use of standards such as ISO 20000 and ITIL). b) A note of any „non-standard choices‟ of services included/excluded, different to the normal scope of an IS organization, for example inclusion of business process design/change services, information management services, or services that form part of the end-customer product. c) Reference to any detailed service/process documents Addendum – Sample IT Strategic Plan Outline IT Applications Portfolio Recommended length: One page Purpose: A high-level description of the set of applications available now, and planned in the future. Contents: Summarizes the as-is and to-be applications portfolio, and initiatives to improve. Normally, there will be names of the most important applications and statistics about the rest. Details of the initiatives, in terms of timing and resources, should be kept in the strategic plan and other documents, and only referenced in this document. IT Infrastructure Recommended length: One page Purpose: A summary of the underlying infrastructure, including locations, cost and robustness, to give visibility of the platform for current and future business. Contents: Summarizes IT infrastructure assets and operations, and how they will change to better support business goals and IT services. This section would typically include how the assets and people are split around locations, costs (ideally compared to benchmarks), major vendors/ partners, robustness and scalability of the platform. It is likely that approach to virtualization would be dealt with here. Information Management [Optional – only if in scope of IS] Recommended length: One page Purpose: Explains how information is managed to meet regulatory, operational and strategic needs of the enterprise. Contents: Information management roles, responsibilities and the major approach recommended for each major category of information. This should refer to, and be closely related to, the information layer in the architecture section above. Addendum – Sample IT Strategic Plan Outline IS Structure, Staffing and Sourcing Recommended length: One page Purpose: To summarize the arrangement and sourcing of resources to deliver the strategy. Contents: Summarizes resource needs associated with the IT strategy and how they will be sourced. This will likely include a high-level organization chart, a high-level skills inventory and needs, and references to detailed organization chart, skills inventories, training and recruitment plans and the strategic sourcing approach. IT Risk Management Recommended length: One page Purpose: To explain how IT risk management takes place and how it is linked to enterprise risk management. Contents: A high-level summary the IT risk management approach, including the names of any standards and tools employed. Also how IT risk management and governance is linked to enterprise-wide risk management, including references to policy documents on business continuity/disaster recovery, security, privacy and risk. This should be aligned with the risk domain in the governance section (above). An important issue to be highlighted here is the reporting lines for strategic and operational risk management, for example: “For strategy and policy issues, the CISO (Chief Information Security Officer) reports to the enterprise risk committee, but for day-to-day IT risk management activities, the CISO reports to the CIO.” Addendum – Sample IT Strategic Plan Outline Risks and Issues Recommended length: One page Purpose: To outline the major risks and issues associated with the IT strategy outlined above, and the approaches taken to mitigate them. Contents: Summarizes the risks and issues associated with the IT strategy, and how they will be mitigated. This should be similar to the risks section of annual reports and business plans, and should focus on the most material high-level categories of risk — rather than a laundry list of hundreds of detailed risks. For example, if the IT strategy is heavily dependent external partners, this is a high-level category of risk, and the mitigation might be to ensure partners use standard methodologies that are well documented. Appendices Recommended length: Variable Purpose: To support the brief statements in the document with more detailed facts and figures not easily available in other documents. Contents: Typically includes a glossary of relevant terms, and extended details for each of the above areas, as well as references to other documents.