cut to f.it
DESCRIPTION
Cut to F.IT. Using IT Governance Standard ISO38500. What kind of Charity are You?. Two Layer Team < Board. Single Layer Board = Team. COOKIE. CUP CAKE. SLICE. SUNDAE. Three Layers Board + CE + Team Team > Board. Multi-Layered Executive Team Departments. ISO 38500. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Cut to F.IT](https://reader035.vdocument.in/reader035/viewer/2022062310/56815dc7550346895dcbf307/html5/thumbnails/1.jpg)
CUT TO F.ITUsing IT Governance Standard ISO38500
![Page 2: Cut to F.IT](https://reader035.vdocument.in/reader035/viewer/2022062310/56815dc7550346895dcbf307/html5/thumbnails/2.jpg)
WHAT KIND OF CHARITY ARE YOU?
COOKIE CUP CAKE
Three LayersBoard + CE + Team
Team > Board
SLICEMulti-LayeredExecutive TeamDepartments
Two LayerTeam < Board
Single LayerBoard = Team
SUNDAE
![Page 3: Cut to F.IT](https://reader035.vdocument.in/reader035/viewer/2022062310/56815dc7550346895dcbf307/html5/thumbnails/3.jpg)
ISO 38500
![Page 4: Cut to F.IT](https://reader035.vdocument.in/reader035/viewer/2022062310/56815dc7550346895dcbf307/html5/thumbnails/4.jpg)
SIX PRINCIPLES
![Page 5: Cut to F.IT](https://reader035.vdocument.in/reader035/viewer/2022062310/56815dc7550346895dcbf307/html5/thumbnails/5.jpg)
RESPONSIBILITY
• CEO must make business cases
• Develop Datakeepers
• IT responsibility on exec team• Specify when to
use external advisors
Outsource• Recruit tech
volunteer to manage suppliers
• Don’t abdicate responsibilities
Assign distinct roles - • Technician
• Applications• Planning
• Compliance
![Page 6: Cut to F.IT](https://reader035.vdocument.in/reader035/viewer/2022062310/56815dc7550346895dcbf307/html5/thumbnails/6.jpg)
STRATEGY
• Consider what your stakeholders
expect.
• ICT planning to support strategic plan
• Include vision for technology
• Get expert input for strategic plans and project evaluations
• Keep risk register
Separate long term planning from short
term tasks
![Page 7: Cut to F.IT](https://reader035.vdocument.in/reader035/viewer/2022062310/56815dc7550346895dcbf307/html5/thumbnails/7.jpg)
ACQUISITION
• Policy controlled• Business sponsors
for tech projects• Project plan ≠
business case
• No major IT Projects - ONLY business projects that include technology
• Independent PM
• Off-the-shelf• Outsource within
policy framework• External review of
major projects
Use “hosts” service where possible.
![Page 8: Cut to F.IT](https://reader035.vdocument.in/reader035/viewer/2022062310/56815dc7550346895dcbf307/html5/thumbnails/8.jpg)
PERFORMANCE
• KPIs in place• Use standards and
frameworks• Drive technology
performance• Optimise asset
lifespan
• Does IT performance impact operational
performance?
• Measure and review IT performance
• Manage IT suppliers
![Page 9: Cut to F.IT](https://reader035.vdocument.in/reader035/viewer/2022062310/56815dc7550346895dcbf307/html5/thumbnails/9.jpg)
CONFORMANCE
• Understand basic SWOT for
Technologies• Compliance
reporting• Independent
oversight
• Regular audit, some external
• Consider specialist auditors
Core policies• Privacy• Electronic ID• Data management
(includes security)
• Back-ups• Plan reaction to
compliance changes
• Widely used packages mitigate
some risks
![Page 10: Cut to F.IT](https://reader035.vdocument.in/reader035/viewer/2022062310/56815dc7550346895dcbf307/html5/thumbnails/10.jpg)
HUMAN BEHAVIOUR
• Staff tech capability is part
of PD
• Expect technology management capability
• Work-life balance in policies
• Make time to train• Avoid patch
protection
![Page 11: Cut to F.IT](https://reader035.vdocument.in/reader035/viewer/2022062310/56815dc7550346895dcbf307/html5/thumbnails/11.jpg)
[email protected]: hazeldjay+64 2102 349 095
![Page 12: Cut to F.IT](https://reader035.vdocument.in/reader035/viewer/2022062310/56815dc7550346895dcbf307/html5/thumbnails/12.jpg)
RESOURCES
![Page 13: Cut to F.IT](https://reader035.vdocument.in/reader035/viewer/2022062310/56815dc7550346895dcbf307/html5/thumbnails/13.jpg)
ISSUES MATRIX
![Page 14: Cut to F.IT](https://reader035.vdocument.in/reader035/viewer/2022062310/56815dc7550346895dcbf307/html5/thumbnails/14.jpg)
LINKS My website www.dalejennings.co.nz has an ever developing DIY toolbox.
Ask if you want something added!
“Waltzing with the Elephant” by Australia’s own Mark Toomey is possibly the best in depth guide in plain English. Sample or buy at the Infonomics web site
The NZ Privacy Commissioner has an excellent plain English guide to cloud computing covering many risk areas as well as compliance
IITP Cloud Computing Code has questions to ask suppliers.
Conference Offer – sign up for our newsletter and get a free “coffee consultation” about your challenges.
LinkedIn groups: several address technology issues and include
governance or discuss governance and include IT. My profile links to several.
If in doubt - Google your question and watch the videos!