5 goals to better manage solution identification and build through COBIT 5

In our most recent post on COBIT 5, we considered what it prescribes for programs and projects. This week, we turn our attention to the solutions identification and build process, which aims to keep solutions in line with enterprise requirements. As such, it includes the topics of design, development, procurement/sourcing, and partnering with suppliers/vendors. For this reason, the activities for this process are configuration management; test preparation; testing; requirements management; and maintenance of business processes, applications, information, infrastructure, and services. With this mouthful, the process’s purpose is to establish timely and cost-effective solutions capable of supporting enterprise strategic and operational objectives.

 

Goals for solutions identification and build

To improve the management of solutions identification and build, COBIT 5 suggests IT organizations measure themselves against five process-improvement goals. Let’s explore each along with the recommended metrics: 

 

1.                  The solution design meets enterprise needs, aligns with standards, and addresses all identified risk. When programs and projects are delivered, they need to conform to requirements and enterprise architecture standards, and consider and address risks. Two metrics measure success: number of reworked solution designs due to misalignment with requirements, and time taken to approve that a design deliverable has met requirements.

 

Imagine a failure under the first metric:The solution is built, and what is delivered does not meet its requirements. As a product manager, I’ve had the pain of cutting features, but I’ve never had to redo the product due to a failure to deliver what is required in the areas that remain. And clearly, the second metric goes after the quality of stakeholder involvement and of the approval process as a whole.

 

2.                  The solution conforms to the design and is in accordance with organization standards and appropriate control, security, and auditability. This simply says that you design solutions that conform to the enterprise architecture and have security designed in. The metric selected for this process goal is the number of solutions exceptions to design during stage reviews. We clearly want to minimize exceptions to enterprise architecture in particular because it impacts not only the ability to control a solution, but also overall enterprise agility.

 

3.                  The solution is of acceptable quality and has been successfully tested. This to me is where the rubber meets the road. It seems obvious with such slogans as “quality is job one,” but how often do we release buggy software or simply reclassify a bug type to keep a release date? Two metrics help manage this process goal: number of errors found during testing, and time and effort to complete tests. To reduce high bug counts, we want developers to test and fix code as they create it. At the same time, we want to reduce the time and effort to complete testing in order to become more efficient.  We, also, want to increase the effective testing coverage swath.

 

4.                  Approved changes to requirements are correctly incorporated into the solution. This is so simple. It says to me that we do what we say. Recommended metric: Number of tracked approved changes that generate new errors. Naturally, we want changes to take out risk. This measures whether this, in fact, happens.

 

5.                  Maintenance activities successfully address business and technological needs. COBIT 5 suggests here once again that quality does not stop at release—its role is continuing. This is why we often have VPs of applications versus VPs of development. One metric is recommended here: number of demands for maintenance that go unsatisfied. It’s scary when a solution needs maintenance to keep on going and doesn’t get it. Hopefully, this is rarely happening at your company.

 

So where should you start?

Once again, my suggestion is to start where the most immediate value can be driven. But if it were up to me, I’d start by showing acceptable quality and successfully testing. What do you think? I would love to hear back from you.

 

Related links:

Blog post: 3 ways IT leaders can strengthen compliance and control

Blog post: Making COBIT 5 part of your IT strategy

Blog post: COBIT 5 guides IT leaders to better manage future orientation in their organizations

Blog post: 7 goals in COBIT 5 that will improve your operational excellence

Blog post: COBIT 5’s scorecard measures IT’s relationship with its customers

Blog post: COBIT 5 scorecard measures the quality of IT’s financial performance

COBIT 5

Solution page:  IT Performance Management

Twitter: @MylesSuer

Comments
Education Portal of India(anon) | ‎12-06-2012 05:35 AM

nice piece of information, I had come to know about your internet site from my friend vinay, delhi,i have read atleast 12 posts of yours by now, and let me tell you, your website gives the best and the most interesting information. This is just the kind of information that i had been looking for, i'm already your rss reader now and i would regularly watch out for the new post, once again hats off to you! Thanx a ton once again, Regards, Indian Education information

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
Mr. Suer is a senior manager for IT Performance Management. Prior to this role, Mr. Suer headed IT Performance Management Analytics Product ...


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation