A guide to implementing cloud services

The Australian Government’s policy on cloud computing is that agencies may choose to use cloud computing services where they provide value for money and adequate security, as stated in the April 2011 Australian Government Cloud Computing Strategic Direction Paper1 (the Strategic Direction Paper).   Readers new to cloud computing should read the Strategic Direction Paper which provides an introduction to cloud computing, a definition and an overview of its associated risks and benefits as they apply to Australian Government agencies. The guide supports the Strategic Direction Paper and provides an overarching risk-based approach for agencies to develop an organisational cloud strategy and implement cloud-based services. It is designed as an aid for experienced business strategists, architects, project managers, business analysts and IT staff to realise the benefits of cloud computing technology while managing risks

Implementing centralised IT service management: drawing lessons from the public sector

[Abstract]: The IT service management model represents a paradigm shift for IT organisations as it deemphasizes the management of IT assets and focuses on the provision of quality end-to-end IT services. This paper presents part of an in-depth study that examines the experience of a government agency, Queensland Health, in the implementation of a centralised IT service management model based on the ITIL framework. The paper sheds light on the challenges and breakthroughs, distils a set of critical success factors and offers a learning opportunity for other organisations. Outsourcing some activities and tool requirements to vendors was seen as one contributor to success although ensuring effective technology transfer to in-house staff was also necessary. Another success factor was centralisation of IT services. Commitment of senior management was also crucial as was a recognition of the need for effective change management to transform the organisational culture to a service-oriented focus

D3.2 Cost Concept Model and Gateway Specification

This document introduces a Framework supporting the implementation of a cost concept model against which current and future cost models for curating digital assets can be benchmarked. The value built into this cost concept model leverages the comprehensive engagement by the 4C project with various user communities and builds upon our understanding of the requirements, drivers, obstacles and objectives that various stakeholder groups have relating to digital curation. Ultimately, this concept model should provide a critical input to the development and refinement of cost models as well as helping to ensure that the curation and preservation solutions and services that will inevitably arise from the commercial sector as ‘supply’ respond to a much better understood ‘demand’ for cost-effective and relevant tools. To meet acknowledged gaps in current provision, a nested model of curation which addresses both costs and benefits is provided. The goal of this task was not to create a single, functionally implementable cost modelling application; but rather to design a model based on common concepts and to develop a generic gateway specification that can be used by future model developers, service and solution providers, and by researchers in follow-up research and development projects.<p></p> The Framework includes:<p></p> • A Cost Concept Model—which defines the core concepts that should be included in curation costs models;<p></p> • An Implementation Guide—for the cost concept model that provides guidance and proposes questions that should be considered when developing new cost models and refining existing cost models;<p></p> • A Gateway Specification Template—which provides standard metadata for each of the core cost concepts and is intended for use by future model developers, model users, and service and solution providers to promote interoperability;<p></p> • A Nested Model for Digital Curation—that visualises the core concepts, demonstrates how they interact and places them into context visually by linking them to A Cost and Benefit Model for Curation.<p></p> This Framework provides guidance for data collection and associated calculations in an operational context but will also provide a critical foundation for more strategic thinking around curation such as the Economic Sustainability Reference Model (ESRM).<p></p> Where appropriate, definitions of terms are provided, recommendations are made, and examples from existing models are used to illustrate the principles of the framework

An Integrated Six-Sigma and CMMI framework for software process improvement

A process improvement framework such as Capability Maturity Model (CMM) can help develop the maturity of a software development organization over time to achieve predictable and repeatable process performance. However, in the absence of a methodology for process performance measurement, ongoing data-oriented process improvement is hard to institutionalize. For organizations following CMMI, this makes navigating their way through higher-level process management and optimization activities called forth in CMMI Level 4 and Level 5 especially challenging. Altogether, this constitutes a major stumbling block for software organizations striving for higher process maturity as Level 4 and Level 5 Process Areas are essential to institutionalizing process improvement in an organization. Six-Sigma introduces tremendous process measurability through its statistical error-control focus and offers compelling tools and techniques that have strong applicability to software development. Six-Sigma focus on data and metrics married with the CMMI coverage of all aspects of software development through its Process Areas can together provide a powerful process control and improvement framework. A CMMI and Six-Sigma hybrid framework has been presented as a means of achieving software development performance and productivity improvements through statistical error control. Such a hybrid CMMI and Six Sigma framework provides not just greater guidance and rigor in certain areas than CMMI alone but also an inherent flexibility by making an extensive toolset available for use in a wide variety of scenarios. This integrated framework demonstrates that CMMI and Six Sigma are highly complementary and are capable of adding greater value when used in conjunction with each other. This is partly because together they address the weaknesses that may become apparent when either framework is used alone. Six Sigma answers the \u27how\u27 for areas where CMMI only provides the \u27what\u27. Conversely, CMMI provides the overall vision and roadmap that is lacking from individual Six Sigma improvements. It is hoped that this will serve as a blueprint for an implementation of CMMI that makes use of relevant Six Sigma tools and techniques

Reducing the Risks Faced by Small Businesses:The Lifecycle Concept

International audienceThe deployment of a comprehensive risk management approach within an SME (Small or Medium-sized Enterprise) requires reconsideration of enduring preconceptions. However, it also calls for a description and explanation of their idiosyncrasies, in relation to their specific needs and expectations, which change over time. It is therefore appropriate to use the lifecycle concept to study the various phases of development of SMEs. The concept highlights the modifications and changes in configuration that this type of organization experiences during its development. This article aims to define and legitimize the use of the lifecycle concept as a basic component of a global risk management approach in an SME. It describes an operational approach to reducing vulnerability based on the level of organizational maturity

Data driven decision support systems as a critical success factor for IT-Governance: an application in the financial sector

IT-Governance has a major impact not only on IT management but also and foremost in the Enterprises performance and control. Business uses IT agility, flexibility and innovation to pursue its objectives and to sustain its strategy. However being it more critical to the business, compliance forces IT on the opposite way of predictability, stability and regulations. Adding the current economical environment and the fact that most of the times IT departments are considered cost centres, IT-Governance decisions become more important and critical. Current IT-Governance research and practise is mainly based on management techniques and principles, leaving a gap for the contribution of information systems to IT-Governance enhancement. This research intends to provide an answer to IT-Governance requirements using Data Driven Decision Support Systems based on dimensional models. This seems a key factor to improve the IT-Governance decision making process. To address this research opportunity we have considered IT-Governance research (Peter Weill), best practises (ITIL), Body of Knowledge (PMBOK) and frameworks (COBIT). Key IT-Governance processes (Change Management, Incident Management, Project Development and Service Desk Management) were studied and key process stakeholders were interviewed. Based on the facts gathered, dimensional models (data marts) were modelled and developed to answer to key improvement requirements on each IT-Governance process. A Unified Dimensional Model (IT-Governance Data warehouse) was materialized. To assess the Unified Dimensional Model, the model was applied in a bank in real working conditions. The resulting model implementation was them assessed against Peter Weill‘s Governance IT Principles.Assessment results revealed that the model satisfies all the IT-Governance Principles. The research project enables to conclude that the success of IT-Governance implementation may be fostered by Data Driven Decision Support Systems implemented using Unified Dimensional Model concepts and based on best practises, frameworks and body of knowledge that enable process oriented, data driven decision support

A Study of Integrating the Security Engineering Process into the Software Lifecycle Process Standard (IEEE/EIA 12207)

In developing an information systems (IS), most organizations have preferred a traditional add-on approach that adds commercial security products after an IS development project is finished. However, a number of recent incidents with regard to IS security indicate that this approach does not guarantee IS security because commercial products are not designed for the specific organizational IS environments. As an alternative solution, previous studies suggested that organizations integrate both the security engineering (SE) process and software development lifecycle (SDLC) process standards. Unfortunately, a few studies tried to suggest the limited integration models. In this paper, as a practical way for the development of secure IS, we suggest two SE process models. First, we develop the generalized SE model that includes all SE activities through the whole SDLC. Secondly, we suggest the process integration model that interweaves SE with IEEE/EIA 12207 through Delphi analysis

Review of IT Service Management Tools Currently in Use in Finland : ITIL®, Implementation and Functionality

This thesis was carried out for itSMF Finland, an IT Service Management (ITSM) cooperation forum. The itSMF Finland is a non-profit organization dedicated to the development and promotion of best practice ITSM. ITSM is about providing a framework to structure IT-related activities and the interaction of IT technical personnel with business customers and users. ITSM practices have existed for some time already, but the technology to support it has only recently become more advanced and comprehensive. The purpose of this thesis was to investigate the requirements for ITSM tools and to create a “snapshot” of the current situation of the ITSM tool market in Finland. IT Infrastructure Library (ITIL®) was chosen as a framework for this thesis, which is considered as de-facto best practice model in ITSM. This research investigates the requirements stated in ITIL® for the ITSM technologies. Nine tools were chosen for interviews. The object of the interviews was to gain information about what functionalities are included in the tools, how the vendor supports the customer in the implementation project, and what the customer experiences are regarding the implementation and use of the tool. These results were then compared to the ITIL® framework. ITIL® recommends the tools to be utilized in the organization to provide data for analysis and improvement of the service provision and also to support the service lifecycle. All tools in this study were ITSM suites that have functionalities to support the service lifecycle widely. Based on the interviews the study shows that the tools are important for the organizations, but are not as widely used as they could be. The implementation projects varied greatly, but were relatively successful in all cases. All in all, the tools were considered beneficial for the organizations in all cases. This thesis provides important key-points to be kept in mind when selecting, implementing and using an ITSM tool. When selecting an ITSM tool it is extremely important to identify the benefits that it will bring to the organization. In the implementation phase it is essential to have clear goals, good design work and sufficient training. This ensures that the tool will be used as it was designed and opposition in the organization toward this change will be minimal.Tutkimus tehtiin itSMF Finlandille, IT-palveluhallinnan yhteistyöfoorumille, joka pyrkii parantamaan IT-palvelunhallinnan toimintatapoja Suomessa ja maailmalla. IT-palvelunhallintaan kuuluu muun muassa loppukäyttäjille tarkoitetut tukipalvelut, tietojärjestelmien vikatilojen selvittäminen ja yhteydenpito tietojärjestelmien toimittajiin. IT-palvelunhallinnan käytännöt ovat olleet käytössä jo kauan, mutta käytäntöjä tukeva teknologia on kehittynyt ja tullut entistä monipuolisemmaksi. Tutkimuksen tavoitteena oli selvittää IT-palveluhallinnan työkalujen vaatimuksia sekä tutkia Suomen markkinoilla käytössä olevien IT-palvelunhallinnan työkalujen toiminnallisuuksia sekä niiden käyttökokemuksia. Tutkimuksen viitekehykseksi valittiin IT Infrastructure Library (ITIL®) -malli, josta on muodostunut parhaiden käytäntöjen ohjeistus IT-palvelunhallinnalle. Tutkimuksessa selvitettiin ITIL®:n suosituksia IT-palvelunhallinan teknologioiden osalta. Tämän lisäksi tutkimukseen valittiin yhdeksän työkalua. Kaikkien työkalujen käytöstä haastateltiin sekä toimittajaa että yhtä heidän asiakastaan. Haastattelujen perusteella selvitettiin työkalujen toiminnallisuuksia ja kuinka implementaatioprojektia tuetaan toimittajan puolelta sekä käyttäjäkokemuksia työkalun käytöstä ja implementointivaiheesta asiakkaan puolelta. ITIL® suosittelee IT-palvelunhallinnan työkalua organisaatioille tukemaan jokapäiväisiä toimintoja ja tuottamalla tietoa organisaation palveluista sekä tukemaan yrityksen koko elinkaarimallia. Tutkimuksessa mukana olleet työkalut olivat IT-palvelunhallinnan-ohjelmistoja eli työkaluja, jotka tukevat elinkaarimallin monta osaa. Tutkimuksessa ilmeni, että työkalut ovat tärkeitä yrityksille, mutta niitä ei kuitenkaan käytetä koko laajuudessaan. Käyttöönottoprojektit työkaluille olivat hyvin erilaisia, mutta usein hyvin menestyneitä. Jokaisessa tapauksessa työkalu auttoi organisaatiota toimimaan paremmin. Tämä tutkimus esittää asioita, jotka on hyvä pitää mielessään IT-palvelunhallinnan työkalua valitessa, implementoitaessa ja käytettäessä. Työkalua valitessa on tärkeää ymmärtää, mitä työkalun tulee tuoda yritykseen. Työkalun käyttöönotossa tärkeitä asioita ovat selkeät tavoitteet, hyvä suunnittelu sekä onnistunut koulutus. Nämä edesauttavat työkalun omaksumista yrityksessä sekä vähentävät mahdollista muutosvastarintaa