Control over the IT process of Define the IT Processes, Organisation and Relationships that satisfies the business requirement for IT of
- being agile in responding to the business strategy whilst complying with governance requirements and providing defined and competent points of contact
- establishing transparent, flexible and responsive IT organizational structures and defining and implementing IT processes with owners, roles and responsibilities integrated into business and decision processes
- Defining an IT process framework
- Establishing appropriate organizational bodies and structure
- Defining roles and responsibilities
- Percent of roles with documented position and authority descriptions
- Number of business units/processes not supported by the IT organization that should be supported, according to the strategy
- Number of core IT activities outside of the IT organization that are not approved or are not subject to IT organizational standards
1 Non-existent
2 Initial/Ad Hoc
3 Repeatable but Intuitive
4 Defined
5 Managed and Measurable
6 Optimized
Benchmarks/Guidelines for Scoring
1 Non-existent when
The IT organization is not effectively established to focus on the achievement of business objectives.
2 Initial/Ad Hoc when
IT activities and functions are reactive and inconsistently implemented. IT is involved in business projects only in later stages. The IT function is considered a support function, without an overall organization perspective. There is an implicit understanding of the need for an IT organization; however, roles and responsibilities are neither formalized nor enforced.
3 Repeatable but Intuitive when
The IT function is organized to respond tactically, but inconsistently, to customer needs and vendor relationships. The need for a structured organisation and vendor management is communicated, but decisions are still dependent on the knowledge and skills of key individuals. There is an emergence of common techniques to manage the IT organization and vendor relationships.
4 Defined when
Defined roles and responsibilities for the IT organization and third parties exist. The IT organization is developed, documented, communicated and aligned with the IT strategy. The internal control environment is defined. There is formalization of relationships with other parties, including steering committees, internal audit and vendor management. The IT organization is functionally complete. There are definitions of the functions to be performed by IT personnel and those to be performed by users. Essential IT staffing requirements and expertise are defined and satisfied. There is a formal definition of relationships with users and third parties. The division of roles and responsibilities is defined and implemented.
5 Managed and Measurable when
The IT organization proactively responds to change and includes all roles necessary to meet business requirements. IT management, process ownership, accountability and responsibility are defined and balanced. Internal good practices have been applied in the organisation of the IT functions. IT management has the appropriate expertise and skills to define, implement and monitor the preferred organization and relationships. Measurable metrics to support business objectives and user-defined critical success factors (CSFs) are standardized. Skill inventories are available to support project staffing and professional development. The balance between the skills and resources available internally and those needed from external organizations is defined and enforced. The IT organizational structure appropriately reflects the business needs by providing services aligned with strategic business processes, rather than with isolated technologies.
6 Optimized when
The IT organizational structure is flexible and adaptive. Industry good practices are deployed. There is extensive use of technology to assist in monitoring the performance of the IT organization and processes. Technology is leveraged in line to support the complexity and geographic distribution of the organization. There is a continuous improvement process in place.