CobiT definition:
Establish a process to monitor the business sector, industry, technology, infrastructure, legal and regulatory environment trends.
Incorporate the consequences of these trends into the development of the IT technology infrastructure plan.
Bill says,
For me one of the great things about using a governance framework such as CobiT is the attention it forces you to take to the little things that ordinarily would fall to the wayside. This is a great example. How do most companies monitor future trends and regulations? Probably by reading CIO magazine or other industry trade mags. By attending conferences. By networking with peers. By reading the Wall Street Journal.
And those are all perfectly fine ways to go about monitoring future trends and regulations. But like many things in life if there is not a process framework developed forcing you to ensure that you have done the legwork necessary to actually do that, it becomes something that is done haphazardly and sporadically – if at all. Without a conscious directive to be looking for these trends one could go through the motions of the above mentioned research without really focusing on thinking strategically about the long term effects of new legislation, for example.
So what this control objective does is remind us that we need to put a process in place. The process could be as simple as building a monthly reading list with a reminder to look specifically for trends and regulations or it could be a board of individuals tasked with looking for certain things within their niche.
What I prefer to do is to hold each of my managers, and myself, accountable for this topic in a special monthly staff meeting where one of the topics is “What new technologies, trends or regulations could change our business within 3 years?” Sometimes there is nothing to discuss, sometimes there are a lot of different things. It would come as no surprise that over the last couple of years the focus of discussion has been on green computing, cloud computing and the rise of social media such as Facebook and Twitter.
I know this doesn’t sound like rocket science and that you think you just do this as a matter of your job – but make sure you take it a step further and put a process in place around monitoring future trends and regulations.
The third step in Determining the Technological Direction is to Monitor Future Trends and Regulations.
Related posts:
- ME2 Monitor and Evaluate Internal Control CobiT definition: Establishing an effective internal control programme for IT requires a well-defined monitoring process. This process includes the monitoring...
- PO3.5 IT Architecture Board CobiT definition: Establish an IT architecture board to provide architecture guidelines and advice on their application, and to verify compliance....
- PO3.4 Technology Standards CobiT definition: To provide consistent, effective and secure technological solutions enterprisewide, establish a technology forum to provide technology guidelines, advice...
- PO4.1 IT Process Framework CobiT definition: Define an IT process framework to execute the IT strategic plan. This framework should include an IT process...
- ME1 Monitor and Evaluate IT Performance CobiT definition: Effective IT performance management requires a monitoring process. This process includes defining relevant performance indicators, systematic and timely...
{ 2 comments… read them below or add one }
Dear Mister Oxly,
I’d like to empathize how valuable your blog is. As it stands there is a lot of work to be done and I recon it will take a while before all CobiT processes and Controlobjectives have been blogged. But this makes a very nice freely available place where a practical approach to the CO’s is available.
Tanks for the effort you are putting into this!
Best Regards,
Jip
Hi Bill,
Monitoring future trends and regulations is a process I have proposed implementing at my current client. I have yet to see any IT organization that I have worked with do this systematically, and especially where I am working now everything is reactive. One of the approaches we are considering is creating a technical standards lifecycle; a process to evaluate current technical standards periodically to determine if the standard still makes sense to the business, or if that standard needs to be updated to reflect changing business needs or technological shifts. This process will force the architecture review board to keep existing standards fresh. It can also help identify technologies that are becoming obsolete, unsupportable, or that no longer have an ROI that meets business goals.
Another approach we are looking at is asking our architects to look at best practices in infrastructure. The organization has a cultural mindset of doing everything in-house, and doesn’t consider alternative approaches to sourcing either computing or human resources. With the advent of cloud computing, outsourcing and managed services, and other sourcing models, the infrastructure group could create significant cost savings with higher performance. The group can also evaluate process best practices such as through ITIL and COBIT.
I agree with you that it will take having an agenda that the architects work on periodically. I don’t think it matters so much as frequency (monthly or quarterly might make sense), but that the agenda is clear and the architects engage in the process.