Tag Archives: COBIT5

Cloud Sourcing, Cloud Brokerage and Hyper-Hybrid Clouds

Cloud Sourcing

Frances Karamouzis and David Mitchell Smith

During the next few years, market dynamics will determine whether cloud sourcing will be the demise of traditional outsourcing, if it will lead to the convergence of services and products currently marketed “as a service,” or if it will result in next-generation outsourcing.

Clients now have more choice, that choice is to turn away from internal IT and look at external vendors that can do all of those services at once

Get “SLAs with teeth” those that have business implications


How Cloud Brokers Will Differentiate

Gartner VP Tiffani Bova discusses how VARs, MSPs and technology consultants can become cloud brokers working within cloud aggregator services.

How many of you in the audience feel that you have being delivering Cloud for years?

How many of you today can do usage based billing?

It isn’t about the PC it’s about the Personal Cloud


Besol named ‘Cool Vendor’ in

Cloud Services Brokerage

Besol, the leading provider of next generation multi-cloud management platforms for private and public clouds, today announced that the world’s leading IT analyst firm, Gartner Inc., has selected the company as a Cool Vendor in Gartner’s “Cool Vendors in Cloud Services Brokerage Enablers, 2012” report published on 12 April 2012 by Tiffani Bova, Daryl C. Plummer, et al.

According to the Gartner report Key Findings, “The cloud services brokerage (CSB) is emerging, and first-mover advantage will be key to gaining awareness and share. CSBs are challenged to continuously build or buy the capabilities required to compete in the three CSB roles: aggregation, integration and customization”

“We in Besol believe being chosen as Gartner Cool Vendor is as a testament to the dedication, hard work and focus on innovation of our team” said Javier Perez-Griffo, Co-Founder and CEO of Besol. “The Tapp platform from Besol allows users to manage their cloud infrastructures independently of their cloud provider, but more importantly, enterprises can manage both their public and private clouds from a centralized point.”

Perez-Griffo continues “Cloud services are no longer restrained to large enterprises or IT-savvy organizations. Through our platform, SMBs of all kinds are now able to ‘tapp into’ the cloud and deploy and manage their infrastructures seamlessly, in a completely new user-friendly experience.”

Hyper-hybrid Clouds

Chris Weitz – Deloitte

Today, hyper-hybrid clouds are an advanced form of cloud services in the early stages of adoption, but the approach is rapidly becoming the norm for cloud services architecture.

A hybrid cloud is a cloud that works across different environments where you have services from vendor clouds working directly with clouds inside of an organization, thus forming a hybrid cloud.

Hyper-hybrid clouds are the multiplication of numerous hybrid clouds working together to serve an organization. The hype curve for cloud computing is at an all-time high, for pretty good reasons. Cloud computing can help increase agility, decrease costs and improve service delivery capabilities — and it can happen fast.

Tiffani Bova – has coined the term “born in the cloud”,  For me this is where new capabilities are forming on the cloud platform so that a different approach is required to manage the increased complexity of hyper-hybrid clouds.

Cloud Service Brokers add value by managing one or more cloud service on behalf of the service’s recipients.  Gartner says that cloud service brokers represent the single largest revenue growth opportunity in cloud computing through 2015, emphasizing that without cloud brokerage the cloud industry cannot survive.

I say that clients will need to design and implement Cloud Service Management practices [CloudSM] to govern the relationship with their cloud service brokers and external providers.

Services configured from Hyper-Hybrid clouds will set new delivery challenges for Next Generation Service Management CloudSM to overcome.

The guidance provided by the ITIL 2011 Edition and COBIT5 framework does not help define CloudSM practices required to address the dislocation of company compute assets which previously were on-premise and have now become “Place Less” being delivered from anywhere in the Hyper-hybrid Cloud. 

So what criteria do you apply in sourcing your Cloud Service Provider?

Do you need to engage a Cloud Service Broker?

Should you jump to Hyper-Hybrid clouds directly or be more risk averse?

I can only think of the classic consultant response “it depends”


Leave a comment

Filed under Business

COBIT 5 launched and ready for download

The new COBIT 5 framework covers the Governance of Enterpise IT and sets out the guidance to achieve business objectives and help increase business user satisfaction with IT.

The three COBIT 5 publications introduce, define and describe the principles, enabling processes and the implementation steps.

“COBIT 5 brings together the five principles that allow the enterprise to build an effective governance and management framework based on a holistic set of seven enablers that optimises information and technology investment and use for the benefit of stakeholders.”

Principle 1. Meeting Stakeholder Needs – Stakeholder needs are translated into specific Enterprise, IT-Related goals and Enabler goals

Principle 2. Covering the Enterprise End-to-End – Governance and Management of information and related technology is addressed from an enterprise-wide, end-to-end perspective.

Principle 3. Applying a Single Integrated Framework – COBIT 5 defines the overarching governance and management framework that has been designed to integrate seamlessly with other good practice guidance e.g. ISO 38500

Principle 4. Enabling a Holistic Approach – The seven categories of Interconnected Enterprise Enablers are set out below:

Principle 5. Separating Governance from Management

COBIT 5 advocates that organisations implement the key governance and management processes.

Significant attention should be given to the five Evaluate, Direct and Monitor processes.


COBIT 5 provides an end-to-end view of the 37 processes for successful governance and management of Enterprise IT.

 A separate publication describes the 7 Implementation Steps in detail.

Derek Oliver, Co-Chair COBIT 5 Task Force at ISACA, discusses the business benefits of using COBIT 5.

Access this link to reserve/download your copy of COBIT 5.  You will need to register with ISACA and state your affiliation before you are able to do so.

The COBIT 5 Framework of 3 concise Publications and supporting Toolkit provide fresh thinking and guidance on what is required to successfully Govern Enterprise IT. 

This version is an evolution of the previous guidance and sets out how to implement key Enterprise IT Governance and Management processes.

The COBIT 5 Process Capability Model and Training Curriculum will be released shortly.

The launch of the COBIT 5 Framework enables Business Executives to articulate their specific stakeholder needs in a language that is common to Internal and External IT Service Providers. 

Failure to understand and apply the new guidance will lead to an imperfect future for the IT organisation.

Business Executives have decision rights on how they source the provision of services. They will gravitate towards the IT organisations who can “talk the COBIT 5 talk” and can demonstrate value delivered.

Previously I have published two posts about COBIT 5

In my November 2011 POST – COBIT 5 is coming – will you be ready? there is a link to the Exposure Draft version of the Process Reference Guide.

and in my February 2012 POST – COBIT 5 is now approaching the finish line – there is a detailed description of the seven implementation steps.

For the two thirds of my readers who are in the US.  COBIT 5 is here – HOOYAH

Leave a comment

Filed under Business

Perspectives on Service Management Practices

Service Management Perspectives

Webinar on Friday 16-MAR-12

Ian Clayton (Principal – Service Management 101) and Kenneth Gonzalez “KENGON” (Managing Partner – Engaged Consulting)

Ian and Ken shared their perspectives in an informal manner.

Subject Matter

  • Fall from C-Level grace of ITSM, BSM and ITIL
  • How to successfully develop a service catalog
  • Next Generation Talk – what is around the corner?  Drop the IT from the front of ITSM
  • Framework Wars – futility of COBIT vs ITIL argument proposing that one is better than the other

Fall from C-Level grace of  ITSM, BSM and ITIL

Causes and Consequences

So what happened to the promise of ITIL and ITSM, why have they fallen from grace?

Dropping the IT from ITSM is not going to make a difference.

Need to explain ITSM and set senior stakeholder expectations.  Service Management applied to IT

What are the immediate and future consequences?

Budgets are constrained so explore concept of Quick Wins – which are only true if the customer declares it a quick win

Putting things in 30, 60 and 90 day containers is important.  Chop transformation project up into small bits

Build customer centric outcomes

There are so many sources of guidance that can be mined

Collaborate with communities of practice to solicit others viewpoints – LinkedIn, #Back2ITSM, #USMBOK etc.

How to successfully develop a service catalog

What is the definition of a service that a customer will recognise?

Example Product Catalogue.  Relates to a customer scenario and what they are doing on a daily basis

A service is a type of product

Bundling and Unbundling services

Build a service request catalog

Service offerings are different based on which customer segment is utilising it

Next Generation Talk

Is it time to press reset on the service management button?

Is it you or your management who have pressed the button?

How is what you have implemented working for you right now?

Define and agree what do you need

Practitioners believe that we need to do things differently.  Update or refresh our thinking

It is important to explore thinking and methods used by successful service provider organisations as a blueprint for next generation service management

Conversation is more vibrant around Next Generation.

We are not saying that anything is wrong however we must keep on the move – keep pace

Make sure are tools are sharp and training is even sharper

Do we need to press the reset button?  No we need a mechanism for maintaining momentum

Framework Wars

Futility of COBIT vs ITIL proposing that one is better than another

It is the height of lunacy to only choose one.

How do we compare and contrast guidance in order to apply it more effectively

Frameworks must be compared against the same criteria

Position USMBOK – 90% of which is outside of IT.  USMBOK – this is the language that I use

Customer centric thinking Outside-In conversation

What I consistently hear from clients is that ITIL is a dirty word because the significant project cost did not deliver the stated benefits or culture change.  The PINK folks talk about Attitudes, Behaviours and Culture.  Listen to what Troy has to say:  

Practitioner Radio Episode 21

Culture & ITSM Transformation Projects

Troy DuMoulin LINK

I agree that removing the IT from ITSM is not a panacea for all ills.  Service Management is not the exclusive domain of the IT organisation rather Customer Service Management, Field Service Management and Supply Chain Service Management have been around just as long.

How about we focus on defining and agreeing upon the set of Service Management Practices which become the overarching theme (roof) that sits above the different process frameworks (pillars).  (ITIL 2011 Edition, COBIT5, ISO/IEC 38500, ISO/IEC 20000, USMBOK, TIPU etc.)   

Service Management Practices aim to strengthen the focus on ‘Business and IT integration’ and also recognise the need for management of IT throughout the complete service lifecycle. 

You would not play a round of golf with only one club in your bag, so I agree with Ken that “it is the height of lunacy to choose one” over another framework.

 Internal / External Service providers should strive to achieve Service Excellence by choosing from a smorgasbord of good (not best) practice guidance rather than eat from the one dish.  Sitting at the table with the Business to talk about the desired outcomes they value is a given.  

“The Outside-In Service Management™ (OI-SM) program helps service organizations apply “Outside-In” thinking to service management initiatives, ensuring customer centricity, customer thinking, and the creation of value for customers.”

I have not religiously applied “Outside-In” to my client projects choosing to stay with proven Six Sigma Voice of the Customer [VOC] principles.  Basically the Voice of the Customer is a term that is used to describe the process of finding out what your customers want and need. This is accomplished by using surveys, stakeholder focus groups, workshops and actual interviews with your customers. 

In addition, Lean Six Sigma for Service also sets out the way to focus on customers.  LINK

A common mistake that I see with problem projects is that there is no concept of a joint Business and IT implementation team.  Moreover the delivery of stated benefits is not reviewed regularly with the customer and formal sign-off obtained before the project advances to the next stage.

Cracking video from the Process Excellence Network

It is about what your organisation does for Customers

[youtube http://youtu.be/8ckn9KjkgK0]

Process excellence improves the way you create and deliver value to customers,

In a Service Economy what you make is not the differentiator, it’s WHAT YOU DO and HOW YOU DO IT

02:22 You must understand and deliver what your customer needs better than your competitors

“No one knows everything, but everyone can learn something”

Sean Gregory Derrick

Have fun out in the market.  My next post will be after Easter

Leave a comment

Filed under Business

Journey from IT to Empowered Business Technology

The Brightalk folks organised another set of super Wednesday webinars.

The subject that caught my eye was entitled “The new normal for IT Management” and was presented by Forrester analyst Eveline Oehrlich.

Here is the LINK but please note that you may have to register in order to view the webinar.

The key messages that I took away from her presentation were as follows:

Clients are buckling up on IT Consulting spend which is down from 11% last year to 6%

The Business is bypassing IT and building their own Shadow IT capabilities.

Shadow IT is the BYOD [Bring Your Own Device], on demand software applications and customised services that sit outside the control of the traditional IT organization.

This means that collaboration between the Business and internal / external service providers is critical to success.

We are on a journey from IT to empowered Business Technology innovation.

What is Empowered Business Technology?

The empowered era has brought about a paradigm shift for IT organizations. Employees and customers are no longer relying on IT to provision and manage technology. They are using social, mobile, cloud, and video technologies to bypass IT.

Forrester believes that these changes bring a unique opportunity for CIOs to step up and transform their IT organizations into influential and critical business partners. The voyage will not be easy for many CIOs, and it will require a completely different mindset, organizational competency, governance model, and sourcing strategy.

How CIOs can enable an empowered Business

Forrester sees three forces reshaping IT by 2020: the explosion of business-ready, self-service technologies; the growing influence of a tech-savvy, self-sufficient workforce; and a radically new business market shaped by emerging economies that will soon dwarf the established ones. These may not sound like IT concerns, but they will profoundly affect how IT is viewed.

In the past, when new waves of technology swept into our businesses-beginning with PCs in the 1980s and continuing to today’s self-service technologies-the reaction has been a pendulum swinging between centralized, industrialized IT and decentralized, embedded IT.

Businesses must move to a model we call Empowered Business Technology (BT), which embeds enabling technology innovation into the business while providing just enough centralized coordination and oversight to meet enterprise wide goals and control costs.

Empowered BT lets businesses pursue opportunities with grassroots solutions while still balancing enterprise concerns.

Key to success is the interplay between four new meta-roles:

  • Visionaries, who look for new tech-enabled business opportunities;
  • Consultants, who provide on-demand expertise to turn these ideas into reality;
  • Integrators, who connect innovative solutions to each other and to core systems; and
  • Sustainability experts, who ensure solutions are scalable and sustainable in the enterprise.

These roles are combined with a new operating model based on guidelines, mentoring and inspection. Each business organization will fill these roles in their unique way.

What does this mean to CIOs?

First, work with your business colleagues to determine how radical a change your company envisions so you know what priority to place on transforming IT. Then work with the innovators in your company to craft a firm-specific vision and begin working toward it. To do this right, IT needs to embrace business ownership of technology decisions. As CIO, you should be poised to help your company profit from the massive change that’s afoot in the business climate.

Alex Cullen and James Staten are vice presidents at Forrester Research.

Beyond alignment a road map for business centric CIOs

by Nigel Fenwick with Khalid Kark, Lauren Blackburn

Extracts from the Full Article

Forrester characterizes the change in how CIOs must think about the emerging role of IT as part of the customer-value ecosystem as a move toward “empowered business technology.”

CIOs have successfully implemented any one or more of a wide range of frameworks, methodologies, and practices such as ITIL, COBIT, ISO 17799, CMM, PRINCE, MSP, PMBOK, Balanced Scorecard, and Six Sigma.

Yet despite all of these frameworks to run IT (or in some cases perhaps because of them), business units within our organizations continue to feel that IT cannot respond fast enough to needs of the business.


The successful CIO in the age of the customer will possess equal measures of business competency and technical understanding; will be a skilled communicator and a passionate leader, equally comfortable meeting customers and executives; and will be obsessed about customers. For tomorrow’s CIOs, an MBA will provide a stronger educational foundation than a degree in computer sciences.

And not all of today’s IT employees will feel comfortable moving toward empowered BT. Some roles, like business relationship managers, will evolve into more pivotal roles for IT’s success, while others, such as application development and operations have already started moving out of IT. While IT will still develop applications within an empowered BT environment, and operations will still maintain server farms and networks, more and more of these roles will shift toward vendor-provided solutions and services.

So what is my take on the journey from IT to Empowered Business Technology.

If you look back to any Investment Banking Trading Floor a few years ago you will have found a myriad of very high specification personal computer hardware sitting under peoples desks.  These configurations allowed the analyst to have full access and control of their custom applications and data.

About 5 years ago Hedge Funds needed more raw compute power for their Algo / Quants Trading so the Business would order in more blade servers and storage required to gain a competetive edge.  The IT folks would only find out about the new kit when it arrived on-site.

These are but two examples of old school “Shadow IT”.

What is different about the new normal is that the Business can now purchase and consume complete end to end solutions.  For example Salesforce CRM or Workday “Software-as-a-Service”.  This means that the portfolio of services that IT provide is being eroded and there is a real risk that IT will be left running legacy applications (Keep the Lights On / Keep the Show On the Road}

I definitely agree that the Business Relationship Manager or Business Partner role is a pivotal one.  The role is described in the ITIL 2011 Edition Service Strategy Core Volume.  

Going forward all IT organisations will need the BRM to sit at the intersection between Business and Technology.  This means that the BRM must be involved in Investment decisions and the prioritisation of Business projects.  Please note that there is no such thing as an IT project there are Business projects with Technology components.    

The immediate challenge we face in making the journey from IT to empowered business technology is to define, agree and implement just enough centralised co-ordination and governance oversight.  

I recommend that you look to COBIT5 for guidance on how to define Enterprise and IT related goals in order to stay relevant. Link to the Reference Guide.

Finally let’s hear what Forrester has to say about the age of the customer and the need to focus on customer facing processes / customer data.

Sharyn Leaver spends much of her time advising CIOs and firmly believes that the CIO can drive innovation because they are able to take a cross functional view

1 Comment

Filed under Business

COBIT 5 is now approaching the finish line


Robert E Stroud


00:40 – Drive Business value and Business success

01:17 – Technology is at the centre of everything we do

02:05 – COBIT 5 helps organisations drive Business value



COBIT 5 Executive Summary 

Dr. Derek J. Oliver  (co-chair COBIT 5 Task Force at ISACA)

Summary powered by Brightalk 

COBIT 5 provides a comprehensive framework that assists enterprises to achieve their goals and deliver value through effective governance and management of enterprise IT.


The new processes definitions of COBIT 5 are based on the principles in ISO 38500 and the ISO 15504 Process Capability Assessment Model.

Rob England states that COBIT 5 is muddying governance and management.

I recommend that you read the responses made  by Peter Hill to this blog post

Far from muddying the water the COBIT 5 framework makes a clear distinction between governance and management.  COBIT 5 is based on five high level principles and Principle 5 is about the separation of  Governance from Management. 

Governance ensures that enterprise objectives are achieved by evaluating stakeholder needs, conditions and options; setting direction through prioritisation and decision making; and monitoring performance, compliance and progress against agreed direction and objectives [EDM]

Management plans, builds, runs and monitors activities in alignment with the direction set by the governance body to achieve the enterprise objectives [PBRM]


Overview of COBIT 5 Public Exposure Commentary

The COBIT 5 Development Team has digested all of the feedback from the public exposure and has been working diligently to incorporate the significant observations.

The completion of the Framework and Process Reference Guide are on schedule and both will be published in March or April 2012, along with COBIT 5:

The Implementation Guide, which is intended to assist stakeholders in implementing COBIT 5 for governance and management of enterprise information and technology assets.


The COBIT 5 Implementation Guide is being finalised for release in March.

There are seven phases in the implementation lifecycle which describe how to establish an approach to deliver a sustainable set of governance and management processes for the enterprise.

Phase 1 starts with recognising and agreeing to the need for an implementation or improvement initiative

Phase 2 is focused on defining the scope of the implementation or improvement initiative using COBIT’s mapping of enterprise goals to IT‐related goals to the associated IT processes.

During phase 3, an improvement target is set, followed by a more detailed analysis leveraging COBIT’s guidance to identify gaps and potential solutions.

Phase 4 plans practical solutions by defining projects supported by justifiable business cases.

 The proposed solutions are implemented into day‐to‐day practices in phase 5.

Phase 6 focuses on the sustainable operation of the new or improved enablers and the monitoring of the achievement of expected benefits.

 During phase 7, the overall success of the initiative is reviewed.


A practical COBIT 5 and IT governance seminar is scheduled for London (23rd Feb) this seminar provide delegates with an understanding of COBIT 5, how to implement IT governance and management processes, measure capability and manage performance.


In my experience the implementation of a governance framework enables strategic decision making and ensures IS investments are optimized, aligned with business strategy, and deliver required value within acceptable risk boundaries.

The governance framework sets out the hierarchy of forums that should be in place to allow IS leadership to monitor, measure and drive IS alignment to business priorities.

Decision making in the governance hierarchy takes place at the right level – i.e. empower people

The new COBIT 5 governance processes [Evaluate, Direct,  Monitor] provide guidance on how to define and deliver Business value for identified stakeholders.

The role of IT is to serve the Business and the guidance provided in COBIT5 will help internal / external Service Providers take an Outside In approach. 

This can be achieved by aligning Governance objectives and mapping Enterprise related goals with IT related goals.

1 Comment

Filed under Business

Do metrics / KPIs help deliver real Business benefit?

This week Robert E Stroud posted a message asking whether #itil or #iso20000 metrics were more important in your organization.

RT @wdgll @RobertEStroud ITIL KPIs too broad. ISO20000 reqs are too easy. My choice is COBIT 5 where you are on the ISACA board so u know
@wdgll I am looking forward to #Cobit5 – it will assist business and IT to drive value whilst effectively managing #risk  
So what does the ITIL 2011 Edition have to say.  Continual Service Improvement core volume states that the treatment of service measurement and service reporting has been clarified. Because all processes have an element of measurement and reporting embedded within them, service measurement and service reporting are not considered to be processes.

Metric definition – (ITIL Continual Service Improvement) Something that is measured and reported to help manage a process, IT service or activity.

[youtube http://youtu.be/z5N-vPPP8SQ]

Malcolm Fry talks about the power of metrics. IT measures what we can do rather than what we can achieve.  IT must set targets that make sense to the Business.

KPI definition – (ITIL Continual Service Improvement) (ITIL Service Design) A metric that is used to help manage an IT service, process, plan, project or other activity. Key performance indicators are used to measure the achievement of critical success factors. Many metrics may be measured, but only the most important of these are defined as key performance indicators and used to actively manage and report on the process, IT service or activity. They should be selected to ensure that efficiency, effectiveness and cost effectiveness are all managed.

Achieving ISO/IEC 20000. Making Metrics Work – Jenny Dugmore and Shirley Lacy.  This book gives a practical view of metrics and service reports and explains their importance in delivering an effective service and to service improvements.

COBIT 5 describes Enterprise Goal Metrics and IT Related Goal Metrics.  Here is an example of the goals and metrics:

Enterprise Goal – Agile response to a changing businesss environment.

Enterprise Metric – Level of Board satisfaction with enterprise responsiveness to new requirements

IT Related Goal – Adequate use of applications, information and technology solutions

IT Related Metric – Percent of business process owners satisfied with supporting IT products and services

Regardless of whether a service organisation is measuring performance using metrics (efficiency, effectiveness) or KPIs the metrics that matter most are those that are aligned to Business outcomes.  A business metric is any type of measurement used to gauge some quantifiable component of a company’s performance, such as return on investment (ROI), employee and customer churn rates, revenues, and so on.

When a service organisation has identified and deployed the right capabilities major transformation is possible.  Here is an example: 

[youtube http://youtu.be/Ny5S8Kt7Txw]

The key stakeholders for any Transformation programme must be the CFO and the COO.  GBS has freed up $560-$690m of value

It is recommended that a service provider take an “Outside In” approach in order to define and agree the metrics that matter most to the Business. 

To all you Business Relationship Managers or Business Partners, I recommend that you become familiar with the Goals and Metrics set out in the COBIT 5 Process Reference Guide.  This will better enable you to focus on delivering real  benefits to the Business.

Leave a comment

Filed under Business