Blog 6 - Application Landscape: Staying One Step Ahead

“Operational Oversight”

Who is running and monitoring your “Day to Day” IT Operations?

This is something that is often taken for granted, and is so important to the day-to-day functioning of the business. It is only when there is a problem that the business realises how important the network, email and Internet access has become for the business. It is no longer acceptable to have your IT infrastructure unavailable during the business day. This covers anything from phones (latterly VOIP), company network, application systems to the Internet and the company website.

Where are the bottlenecks & risk areas? Have you outsourced the IT Operations? If so, inefficiencies in the operational process could be hidden by offshore resources working on manual workarounds. When was the last time you looked strategically at how the IT operational process could be improved. Perhaps your batch window is being squeezed? Is the business requesting that systems are available for longer? Do you need to offer 24/7 systems availability? Do you know which are your “Cash Register” systems and what are the major risk areas of your operational process that could cause loss of revenue, were the systems to be unavailable?

Security and Patch upgrades put a constant strain on the IT resources. Have you considered outsourcing the responsibility to an offshore team? Are all the systems running on supported versions and is there a clear understanding of who provides the support in the event of a problem?

Disaster Recovery Planning and BCP is something that can never really get tested to its full extent until it actually happens. This is because every BCP incident is different and can be as simple as your staff being blocked from entering the office, to a catastrophic failure to all systems such as caused by a fire in the data center. When was the last time that this was reviewed? Is the 4/12/24/48 hour RTC (Recovery Time Capability) still valid? When was the last DR test and have any failures or issues detected been addressed?

Staffing concerns can often be the most difficult problems to solve. Are your IT staff working as a team, and have their training & development goals been identified? When a member of the IT staff leaves there is always an element of knowledge that is lost. Whilst remuneration can be a primary factor when staff leave, it is more often that they feel they are losing touch with technology or they cannot see career progression. Do you have a “Key Person” risk that you need to address?

Operational oversight will monitor your day-to-day operations and identify issues for concern including the appropriateness of your DR processes. Do you have any inefficiencies? Where could savings be made? Do you have redundant hardware? Are the data stores reaching capacity? Is the software running on supported versions? Where are the risk areas? If no one is looking at this, then things can start to go wrong.

If the environment is stable, and there are minimal changes, then the risk is low. However it can be a simple interface, introducing some rogue data that falls outside the validation rules that gets through and causes systems to fail, or worse still data corruption. Obviously running an environment that has constant change increases the risk of failure. Operational Oversight can range from 1 day to 5 days a week depending on the complexity of the infrastructure environment, current staffing levels and the amount of oversight and governance required.

“1-3 monthly Reviews”

Once IT operations are stable and there are change management processes in place, you may need a regular update to make sure that everything continues to work as it should. Would the Senior Management Team benefit from a regular technology briefing, which could cover topics as simple as IT “tips and tricks” to London Market initiatives, regulatory updates such as GDPR, or cover latest technology trends.

No one likes surprises! Would the Senior Management Team benefit from an impartial regular review possibly to report at the quarterly board meetings on the “State of the IT Nation,” for example.

These reviews could provide guidance for the IT decision-making process, and IT Manager and possibly report into the Risk Manager.

“Virtual Chief Information Officer - CIO”

You may have a small IT department, with an IT Manager in place, but would like to have a CIO that would look at strategic IT initiatives.

This could cover things like:

● IT Strategy
● Operational Oversight
● Business Process Re-engineering (BPR) & IT Automation
● Business/IT Alignment
● “Shadow IT”
● Strategic Project/Program Management
● Ensure the company is making the most of IT
● Suggest new technology to create business value

A VCIO could work from anything from 1 to 20 days per month and would depend on the size of the company and the business directive. This VCIO service provides all the benefits of a dedicated CIO without the overhead of a dedicated employee.

“Next Step”

Operational Oversight is important as it provides the governance that will help to deliver a stable IT environment. Whether this is a hands-on role, or just a regular review, a Fifth Step Quickstart™ Assessment on your Infrastructure Environment or Application Landscape would allow you to ascertain the correct level of support required.

If you would like to learn more about the Fifth Step Quickstart™ Assessment, or the Fifth Step VCIO Service then please contact us at enquiries@fifthstep.com