Tag Archive | ISACA

1-Minute Assessment: Value Management

Take today’s 1-minute assessment:

  1. Organizations typically have a framework for Risk Management.  Do you have one for Value Management, to enable business and IT decisions to maximize the value from IT-enabled business investments?
  2. Is your Value Management integrated with your financial planning?
  3. Do you have a targeted investment mix for your IT Portfolio?
  4. Are you happy with the Value/Return side of your business cases?
  5. Do you plan for people and talent in line with the managed Portfolio?
  6. Do you watch and report on Portfolio performance?
  7. Do you retire programs that crowd out potentially more lucrative investments?

Did you answer NO to any of these questions?  If so, you aren’t realizing ideal value from your IT-enabled business investments, and potentially flying blind with respect to practices to aid the Board and executive management in understanding and carrying out their roles related to such investments.

A framework for Value Management will enable you to:

  • Manage costs, risks, and benefits, in an integrated way
  • Increase the chances for a Portfolio mix having the potential to generate the highest return
  • Reduce the number of losing propositions in the mix, and so cut cost and free-up talent
  • Increase business value and goodwill

ISACA’s ValIT, one such framework for Value Management, provides a foundation for you to manage strategy, architecture, delivery, and value, from a common set of principles and practice.  Are you doing the right things?  Are you doing them the right way?  Are you getting them done well?  Are you seeing the benefits?

© Michael C. Simonelli, onthegocio.com, 2013

1-Minute Assessment: Risk Management

Take today’s 1-minute assessment:

  1. Do you have a strategy and procedure to find, analyze, and mitigate risks?
  2. Is your team familiar with industry frameworks, like ISACA Risk IT, or NIST RMF ?
  3. Does the Business acknowledge risk-mitigating projects as important, deserving of IT investment?

Did you answer NO to any of these questions?  If so, you might be lacking a continuous and forward-looking process, at the project, program, portfolio, and enterprise levels, that would enable IT and the Business to effectively manage risk.

Consider sources for risk, internal and external, like staff, contractors, partners, competitors, the market, regulators, the disgruntled ex-employee, the organized and syndicated hacker.  Risk will manifest through acts of omission and commission.  Remember what’s at risk – your people, facilities, information, value, brand, intellectual property, perhaps even your very existence as a practical public or private entity.

© Michael C. Simonelli, onthegocio.com, 2013