Best Practices: What Other Executives / Enterprises Are Doing
Information Technology Strategic Roadmap
Encompasses financial (IT spend), personnel (skills/abilities/fit), business process (automation), security/compliance/risk management (including policy review), technology (consumption/utilization) and on-going governance / operations. This usually starts with an assessment and roadmap and is then updated quarterly where CCO shares best practices of what other executives/organizations in a similar industry are doing to address challenges and opportunities.
In addition to the assessment and quarterly review, CCO’s team of partners are available real-time as a sounding board on any business, IT, personnel, or operational questions that arise.
Financially-focused Planning for a Cost-Optimized, Value-driven IT
Resource (Hardware, Software and Subscription) Utilization Assessment
CCO finds many organizations own hardware/software and license subscriptions but are not using the functionality they have OR more commonly paying for multiple products that do the same thing. CCO reviews what the organization has/owns/uses and identifies overlap in technologies, and identifies key functionality not being utilized by the organization (but should). CCO provides guidance how the organization can consolidate or eliminate overlapping technologies, enable unused services, and understand best practices in optimizing cost and functionality.
Operational Cost Control Review
This assessment reviews the operational runtime of systems and services to determine whether an organization is spending money on unutilized or underutilized IT resources. As an example, for cloud resources paid for by operation/consumption (i.e. servers running in the cloud paid for by the hour of runtime), many organizations have systems setup for test purposes that were never decommissioned and costing the organization $100-$400/month idly running. Another example is for systems that are purchased running at sub-5% utilization where 95% of the capacity is unused all while the organization goes out and buys more systems and additional capacity, when existing capacity is grossly underutilized. This assessment sheds light on systems and operational utilization and produces guidance on which systems can be shut down or consolidated, as well as advances a discussion on governance that prevents systems from being built (and unused) in the future.
IT Personnel Skills Assessment
As technologies have rapidly evolved over the past several years, organizations are struggling with having highly paid IT personnel that lack the skill and expertise to do much of the IT work that is needed today and into the future. CCO assesses the technical skills of IT personnel and provides an analysis of each individual relative to the current tasks needed at the organization as well as relative to current market skills and cost.
IT Personnel Skills Development
CCO provides skills development assistance for organizations to help executives challenge their IT personnel on learning new skills and assess the progress the employee makes in completing training tasks and advancing his/her skills. This service leverages online learning, online lab sessions, and mentors to validate the progress of individuals in their learning efforts.
CCO conducts an assessment on the organizations security posture and provides a health check assessment on how an organization compares against the best practices of organizations in a similar industry and the general marketplace. This is different than a traditional security audit that very tactically grades the current operational state of security (which CCO does conduct tactical security audits and reviews if desired). This security health check steps back and looks holistically at security and how technology and business practices can to be changed to strengthen the overall security posture of the organization from a strategy and cultural perspective. Instead of telling an organization they need 15-character super complex passwords, the security health check can provide alternatives to passwords such as the use of low cost ($45) USB keys or biometric (finger/facial recognition) that provides better security and is easier for users to adopt and support.
Creating and Enforcing an Enterprise Architecture Model
CCO helps organizations create "standards" that are clearly documented and enforced through the enterprise. Standards include application development models, security standards, operational governance standards, process workloads, approval models, documentation standards, and operational control models. All systems in the enterprise are to follow the enterprise architecture standards and can prove to auditors that clear controls are in place, followed, and managed to such standards.
Creating and Enforcing an IT Governance Model
Similar to the Enterprise Architecture model for systems and applications, the I.T. Governance model focuses on datacenter and cloud systems, and the standards, security models, operational standards, documentation standards, maintenance controls, change control, and management of I.T. operations. CCO helps organizations adhere to common standards like ITIL, COBIT, ISO 27017, ISO 19086, or other document best practice models.
Project Process Standards and Enforcement
CCO helps organizations that lack an internal project management office (PMO) or formal standards on project process to build project standards, documentation, controls, and operations based on best practices. CCO assists and oversees the implementation of the foundation for successful project management and process so that personnel within the organization follow the prescriptive guidance to instill consistency and controls in place of a formal PMO in the enterprise.