ITSM and Clo d Comp tingITSM and Cloud Computing:Integrating ITSM and Cloud into 

Enterprise IT Governanced b

Eric Marks

AgilePath Corporation

Presented by:

AgilePath Corporation

President & CEO

AgendaAgenda

• ITSM in Enterprise Governance ContextITSM in Enterprise Governance Context

• ITSM Integration to IT Governance operational governance processesg p

• ITSM and Cloud computing governance– Gaps, Integration, p , g ,

– Opportunities and Challenges

• Things to do tomorrow

2

AgilePath’s Enterprise Governance FrameworksAgilePath s Enterprise Governance Frameworks

• AgilePath’s Enterprise Governance Framework provides a g p pfunctional/sequence view of Enterprise Governance Requirements

• The Four Tiered Model provides an organizational, functional and process relationship view of Enterprise Governance to help IT Governance p p pownership, organizational placement, and governance integration threads

3

AgilePath’s Enterprise Governance Framework:

Strategic Planning & Alignment

AgilePath s Enterprise Governance Framework:  Where does ITSM fit? 

Alignment

Compliance, Security & Risk

Requirements & Demand Mgt

P M t & P i iti ti

AgilePath Enterprise

ITIL

Program Mgt. & Strategy Execution

Prioritization & Focus

Enterprise Governance Framework

Business & Enterprise Architecture

Portfolio Mgt. & Acquisition

Funding & Budgeting & Resource AllocationSlide 4

AgilePath’s Four Tiers of Enterprise GovernanceEnterprise & Strategic Governance

Business & IT Strategic Planning, Funding & Budgeting, Business & Technology Alignment, Enterprise Portfolio Mgt., Enterprise

g p

gy g p g pArchitecture, Tech Acquisition, Reqts & Demand Mgt, PMO

Operating Model Governance

SOA Portfolio Management with a review driven continuous improvement model

Business, Operations & IT Management, Strategy Execution, Process Management, Domain Governance, Service Delivery and Management,

Customer & Supplier Mgt , Management and Process Reviews ITSMSIT Delivery Lifecycle Governance

SOA Portfolio Management with a review driven continuous improvement model

Service ID, Modeling, Design & Development, QA/Testing, Publishing, Discovery, Consumption, Composition, Orchestration, Integration

Testing Operations Maintenance Deprecation Retirement

Scope

Testing, Operations, Maintenance, Deprecation, Retirement

Governance Enabling Technology

SOA Portfolio Management with a reviewDesign-time, Publishing/Discovery, Runtime, Repositories, Registries,SOA Portfolio Management with a review driven continuous improvement model

Design time, Publishing/Discovery, Runtime, Repositories, Registries, Intermediaries, Policy Engines, Distributed Policy Enforcement Points,

QA/Test tools, Et alSlide 5

Unpacking the Enterprise Governance Bundle?Unpacking the Enterprise Governance Bundle?

• Corporate Governance– Alignment to Business and IT Governance

• Business Governance and SBU Governance (Vs. Management)Management)

• IT Governance– Investment Planning

– Program Mgt. Office & Portfolio Mgt.

– Enterprise Architecture & ARB

– SOA Governance, Data Governance, SDLC Governance, ,

– SDLC Governance

• SOA Governance, Mobile, Cloud…

• Compliance and Risk, e.g. PCI, HIPAA et al

Slide 6

Common Enterprise Governance ChallengesCommon Enterprise Governance Challenges

• Governance Silos

• Governance “Clouds”

• “Hidden” Governance (via ad hoc and/or heroic efforts of )wise veterans)

• IT Shareholder‐Stakeholder Paradox

• “Overboard” Governance vs Event Driven Governance• Overboard  Governance vs. Event‐Driven Governance

• Governance “Overconfidence”

ITIL often is the next “silver bullet” deployed to address IT governance and operational challenges.

Slide 7

Silos of IT Governance Operating IndependentlyStrategic Planning &

Alignment

Compliance Requirements

p g p y

Compliance, Security & Risk

Requirements & Demand Mgt

Program Mgt. & Strategy Execution

Prioritization & Focus

AgilePath Enterprise

Governancegy Governance Framework

Business & Enterprise Architecture

Portfolio Mgt. & Acquisition

Funding & Budgeting & Resource Allocation

Slide 8

Best Practice: Replace Silos with GearsStrategic Planning &

Alignment

Compliance Requirements &

Best Practice: Replace Silos with Gears

Compliance, Security & Risk

Requirements & Demand MgtStrategic 

Planning & Inv. 

Planning

Program Mgt. & Strategy Execution

Prioritization & Focus

AgilePath Enterprise

Governance

gITIL

Rqts & Demand Mgtgy Governance

FrameworkARB / 

PMO & Portfolio Mgt.

Business & Enterprise Architecture

Portfolio Mgt. & Acquisition

EA

Funding & Budgeting & Resource Allocation

Slide 9

Governance “Clouds” – Opacity of policy and Go e a ce C ouds Opac ty o po cy a dprocess; ad hoc processesIT Strategic Planning &

Investment Planning

ARBPMO

ITIL

Characterized by Unclear or Opaque Policies PoorlyCharacterized by Unclear or Opaque Policies, Poorly Integrated Processes & Ad Hoc Oversight

MechanismsSlide 10

IT Process Excellence Connects IT ShareholdersIT Process Excellence Connects IT Shareholders to ITIL (One Possible Outcome)

IT Strategic Planning & Investment Planningg

ITIL

Slide 11

Hidden or Shadow GovernanceHidden or Shadow Governance

• Shadow governance is performed bottom up or in hidden silos withbottom‐up or in hidden silos with out clear alignment to enterprise strategies, goals and objectives

• Performed under cover or via ad hoc processes with heros

• Pockets of governance that are not• Pockets of governance that are not visible or shared as an enterprise best practice

• Lack of integration with upstream and downstream governance processes & decisionsprocesses & decisions

Slide 12

Often ARB & SDLC Governance is Immature & Inconsistent

• Silos of processes, inconsistently executed…

ARB/EA SOA SOA/ESB

SDLC

Deploy &SupportTestDevelopDesignDefine

ITILITIL

Slide 13

Define and link IT Processes as “Governance Threads” that Connect the PMO to ITIL

St t iStrategic Planning & Inv. Planning PMO

ARB

SOA

Portfolio

Mgt.

Deploy &TestDevelopDesignDefine SupportTestDevelopDesignDefine

ITILReplace silos with “Governance Threads” that link core IT Governance Processes to ITILv3.

Slide 14

Designing and Implementing Cloud GovernanceDesigning and Implementing Cloud Governance

• Cloud Governance Introduction and Overview• Cloud Governance Introduction and Overview

• Cloud Governance Lifecycle Overviewy

• ITSM coverage for Cloud Governance

Slide 15

DefinitionsDefinitions

• Cloud Governance refers to the decision making processes criteria and policiesmaking processes, criteria and policies involved in the planning, architecture, acquisition, deployment, operation and 

f l d imanagement of a Cloud computing capability

• The Cloud Governance Lifecycle describes the end‐to‐end requirements of Cloud Governance from planning architecture andGovernance, from planning, architecture and deployment to bursting, switching Cloud providers, and offboarding from a Cloud

Slide 16

Five Reasons for Cloud GovernanceFive Reasons for Cloud Governance

• Enable “Business at Cloud Speed” and establish a Cloud‐Centric IT operating model based on the speed, agility p g p , g yand cost of Cloud computing

• Enable appropriate Cloud decision‐making without f i ifriction

• Integrated with existing Enterprise IT Governance processes, policies, boards and toolsprocesses, policies, boards and tools

• Balanced appropriate coverage for key decisions, investments and risks while achieving the benefits of l dClouds

• Proactive to anticipate and prevent Shadow Clouds and unauthorized Cloud activities that expose organizationalunauthorized Cloud activities that expose organizational risks

Slide 17

Risks of Poor/No Cloud GovernanceRisks of Poor/No Cloud Governance

• Cloud Security Risks

• Cloud Proliferation and Sprawl (vs. VM Sprawl)

• Cloud Integration (post proliferation)

• Cloud Portability & Interoperability• Cloud Portability & Interoperability

• Cloud Vendor Lock‐In

• Cloud Applications Governance – designing andCloud Applications Governance  designing and migrating applications to appropriate Cloud pattern(s)

• Lack of Incentives for Consumers to Onboard/Consume Cloud resources

• Shadow IT and Hidden Clouds

Slide 18

Cloud in an Enterprise Governance Framework pContext

19

Challenge:  Inserting Cloud Governance into Existing Enterprise Governance Models

Corporate Governancep

Enterprise/Strategic GovernanceCloud Governance

p / g

Bus. Ops G

IT GovernanceNew Governance Requirement(s) Governance

IT Governance

Domain Governance

Requirement(s)

• Cloud Governance Domain Governance

Lifecycle/Systems Engineering 

• SOA Governance• New compliance requirements• Revised Investment Planning

process

20

y y g gGovernance

process

Cloud Architecture and Interoperability Roadmap

Cloud Governance

Cloud Governance LifecycleEvolution & Sustainment

Cloud Vision & Strategy

Governance Model Cloud Transition 

Architecture

Interoperability & Portability Model

Cl d ImplementationCloud Reference Model

Cloud Reference A hit t

Cloud Prescriptive

Implementation & Deployment

21

Architecture Prescriptive Architecture

A Cloud Computing Reference Model (CC‐RM)A Cloud Computing Reference Model (CC RM) Overview

• CC RM framework for discovering repeatable• CC‐RM framework for discovering repeatableCloud Patterns that address mission needs based on Cloud‐enabled resources

• A robust framework for Cloud Modeling and Architecture efforts

• Four supporting sub Models• Four supporting sub‐Models– Cloud Enablement Model

– Cloud Deployment Model

– Cloud Governance and Operations Model

– Cloud Ecosystem Model

• Applied in Federal Government DoD andApplied in Federal Government, DoD  and Commercial Clients

Slide 22

AgilePath’s Cloud Reference Model: Cloud Governance Lifecycle & Operations Model

23

Cloud Governance SPOT FrameworkCloud Governance SPOT Framework 

S & S k h ldCloud 

• Scope & Stakeholders

• Policies & ProcessesGovernance

• Organizations

• Tools and Enabling Technologies

Slide 24

Cloud Governance DecompositionCloud Governance Decomposition

Cloud Strategy and Planning

Cloud Architecture, Design and Deployment

ers

rs

Cloud Acquisition, Vendor Selection & Contract Negotiation` `nsum

e

ovid

er

Resource Provisioning & Management

Con Pr

o

Resource  Provisioning & Management

Cl d O ti & R ti M tCloud Operations & Runtime Management

Slide 25

Cloud Governance Lifecycle OverviewCloud Governance Lifecycle Overview

Slide 26

Cloud Governance Includes Many Diverse RequirementsCloud Governance Includes Many Diverse Requirements

ITSMScope

Slide 27

Things to Do TomorrowThings to Do Tomorrow• Establish clear, measurable business and IT goals for Cloud 

computing (Cloud Strategy)p g ( gy)

• Align and design your Cloud Governance Model to achieve business goals, e.g. “Business at CloudSpeed”, cost reductions, efficiencies, agilityg y

• Integrate Cloud Governance with IT governance processes, policies, organizations and tools (PP/OT)

• Balance your Cloud governance model to achieve speed andBalance your Cloud governance model to achieve speed and capability enablement, without friction and politics

• Ensure ITSM coverage and integration for new Governance requirements, e.g. Cloud, Mobile, Social and othersrequirements, e.g. Cloud, Mobile, Social and others

Govern Clouds early and often.  Cloud Governance will ensure realization of business, IT and operational objectives.  Risks of poor Cloud Governance are dire.

Slide 28

Thank You!

Eric A. Marks

President & CEO

AgilePath Corporation

978 265 0772cell978 265 0772cell

emarks@agile‐path.com

www.agile‐path.com