- Home
- Products
- Services
- Support
- Getting Started
- Documentation
- System Governance Handbook
- Table of contents
- Chapter 1. Introduction
- 1.1. An overview of system governance
- 1.2. About this book
- 1.3. Uses of system governance
- 1.4. Principles of system governance
- Chapter 2. System governance roles and responsibilities
- 2.1. IT decision makers
- 2.2. System governance sponsor
- 2.3. System governance manager
- 2.4. System governance committee
- 2.5. Other roles
- Chapter 3. System governance tools and techniques
- 3.1. Metrici Advisor
- 3.2. Assessment
- 3.3. Validation
- 3.4. Analysis
- 3.5. Criterion maintenance
- Chapter 4. System governance processes
- 4.1. Process overview
- 4.2. Business case
- 4.3. Initiation
- 4.4. Roll out (waterfall)
- 4.5. Roll out (iterative)
- 4.6. Annual review
- 4.7. Interim review
- 4.8. Project review
- 4.9. System review
- 4.10. Comparison and evaluation
- 4.11. Compliance audit
- 4.12. Proof of concept
- Appendix A. System governance reports
- A.1. Terms of reference
- A.2. System portfolio review report
- A.3. Iterative review report
- A.4. System governance review report
- A.5. Interim review report
- A.6. Evaluation review report
- A.7. Compliance audit report
- Appendix B. Example reports
- B.1. Example terms of reference
- B.2. Example system portfolio review report
- Appendix C. System governance meetings
- C.1. Committee briefing
- C.2. Criteria development workshop
- C.3. Iterative review meeting
- C.4. System governance review workshop
- C.5. Interim review meeting
- C.6. Evaluation criteria development workshop
- Appendix D. System governance training
- D.1. System governance overview
- D.2. System governance with Metrici Advisor
- D.3. System governance alignment
- D.4. Comparison and evaluation
- Appendix E. Cross reference
- Index
- System governance: the missing link in IT governance
- System Governance Handbook
- Contact Support
- FAQs
- Customers
- Contact Us
- Sign On
3.4. Analysis
Previous | Next | Up | Contents
System governance analysis interprets the information gathered during assessment, and derives measures and guidance to feed into IT decision making.
There are two main analysis methods: numerical analysis, and issue detection. This section gives an overview of both, with examples which can be used as templates for your own analysis.
![[Note]](../sites/default/files/handbook/note.png) |
Metrici Advisor analysis functions |
|---|---|
|
Many of the analysis activities are supported by Metrici Advisor. Please check with your Metrici representative for an up-to-date view of its analysis and reporting capabilities. |
During assessment, every system is graded against every criterion. Each grade has a score. The outputs to assessment, which are the inputs to analysis, can be thought of as a table in which the rows are systems, columns are criteria, and individual cells are scores.
The table below shows a simplified example of what assessment delivers.
| Task alignment | Service availability | System security | Test quality | Technology viability | |
|---|---|---|---|---|---|
| Distribution | 80% | 95% | 90% | 100% | 100% |
| ePOS | 80% | 100% | 100% | 100% | 80% |
| Finance | 100% | 80% | 100% | 55% | 100% |
| HR | 55% | 70% | 65% | 80% | 100% |
| MIS | 80% | 90% | 80% | 70% | 60% |
| Supply Chain | 60% | 80% | 100% | 60% | 60% |
Give missing assessments a score of 0.
Each criterion has a weighting. The total weighting is 100%.
| Task alignment | Service availability | System security | Test quality | Technology viability | Total | |
|---|---|---|---|---|---|---|
| Weighting: | 30% | 25% | 15% | 10% | 20% | 100% |
To calculate a score for each system, multiply the scores for each criterion by the criterion weight, and then sum these weighted scores for each system.
| Task alignment | Service availability | System security | Test quality | Technology viability | Total | |
|---|---|---|---|---|---|---|
| Distribution | 24% | 24% | 14% | 10% | 20% | 91.3% |
| ePOS | 24% | 25% | 15% | 10% | 16% | 90.0% |
| Finance | 30% | 20% | 15% | 6% | 20% | 90.5% |
| HR | 17% | 18% | 10% | 8% | 20% | 71.8% |
| MIS | 24% | 23% | 12% | 7% | 12% | 77.5% |
| Supply Chain | 18% | 20% | 15% | 6% | 12% | 71.0% |
You can use the system scores to identify the “good” systems and the “bad” systems. Perhaps more importantly, you can use the system scores to shows which systems are improving, and which are declining, and to set and check targets.
Criteria are arranged in groups which represent different areas of IT management, such as support, technology and usage. You can repeat this analysis one group at a time, to find out in which areas systems are strong or weak, improving or declining.
Not all systems are of equal size and complexity. A small problem on a big system can be more serious than a big problem on a small system. You need to take account of this when calculating an overall score across all your systems.
Estimate a relative size for each of your systems. You can use any scale you like, as long as it is consistent. Use the relative sizes to calculate a weighted average of all the system scores, to give an overall score across the entire system portfolio.
To calculate a weighted average, multiply the size of each system by its score, and then add up this figure for all systems. Divide this total by the sum of the sizes to give the weighted average.
| Size | Score | Size × Score | |
|---|---|---|---|
| Distribution | 5 | 91.3% | 4.56 |
| ePOS | 5 | 90.0% | 4.50 |
| Finance | 2 | 90.5% | 1.81 |
| HR | 2 | 71.8% | 1.44 |
| MIS | 1 | 77.5% | 0.78 |
| Supply Chain | 10 | 71.0% | 7.10 |
| Total: | 25 | 20.18 | |
| Weighted score: | 80.7% |
The overall score across all systems is a measure of the IT organisation's overall performance at looking after systems. It is a good measure to use for systems that are outsourced.
Improvement points are a relative scale that measures how valuable improvements are to the organisation. You can calculate improvement points for an individual criterion on an individual system, for one criterion across all systems, for all the criteria in one system, or for all criteria across all systems.
To find improvement points, calculate the difference between the assessment score and 100%, and multiply this by criterion weighting and system size.
For example, the improvement points for service availability on the HR system is (100 – 70) × 25% × 2 = 15
If you arrange the individual improvement points in a table as before, then the improvement points for individual systems are the row totals, and the improvement points for individual criteria are the column totals. You can use these improvement points to assess the priority for improvements in different systems and across different criteria.
| Task alignment | Service availability | System security | Test quality | Technology viability | Total | |
|---|---|---|---|---|---|---|
| Distribution | 30 | 6 | 7 | 0 | 0 | 44 |
| ePOS | 30 | 0 | 0 | 0 | 20 | 50 |
| Finance | 0 | 10 | 0 | 9 | 0 | 19 |
| HR | 27 | 15 | 11 | 4 | 0 | 57 |
| MIS | 6 | 3 | 3 | 3 | 8 | 23 |
| Supply Chain | 120 | 50 | 0 | 40 | 80 | 290 |
| Total: | 213 | 84 | 21 | 56 | 108 | 482 |
The improvement point total (482 in our example) is important because it can be used as the basis for calculating a notional value for improvements.
The improvement points measure the relative value to the organisation of improving the qualities and capabilities of systems. This can be converted to a notional value by multiplying it by a monetary figure, which we will term the improvement point value (IPV).
You can calculate an IPV based on a complete assessment of your systems. To do this you need to put a value on fully meeting all criteria, and then divide this by the improvement point total.
One way of estimating the value of fully meeting all the criteria is to estimate the annual cost saving that this would bring, and then multiplying this by a payback period. For example, you might estimate that meeting all the criteria would save £560,000 per year (in reduced user and support costs, reduced downtime, and reduced project costs). Your organisation might require a 2.5 year payback period on investments, in which case it is worth spending £560,000 × 2.5 = £1.4m to achieve this saving.
Another, perhaps light hearted, way of estimating the value of fully meeting all the criteria is to imagine a miracle that transformed all your systems so that they met all the criteria perfectly. How much would you pay for that miracle?
In our example above, you might decide that meeting all the criteria is worth £1.4m. The IPV is therefore £1.4m ÷ 482 = £2,906.
You do not have to use the IPV that you calculate. Agree a figure a little below the calculated IPV, to allow for inaccuracies in weighting, scoring and sizing. Having calculated an IPV of £2,906, you might decide to use £2,000.
The table below shows a notional value for improvements in each area, by multiplying the improvement points by 2,000.
| System | Task alignment | Service availability | System security | Test quality | Technology viability | Total |
|---|---|---|---|---|---|---|
| Distribution | 60,000 | 12,500 | 15,000 | 0 | 0 | 87,500 |
| ePOS | 60,000 | 0 | 0 | 0 | 40,000 | 100,000 |
| Finance | 0 | 20,000 | 0 | 18,000 | 0 | 38,000 |
| HR | 54,000 | 30,000 | 21,000 | 8,000 | 0 | 113,000 |
| MIS | 12,000 | 5,000 | 6,000 | 6,000 | 16,000 | 45,000 |
| Supply Chain | 240,000 | 100,000 | 0 | 80,000 | 160,000 | 580,000 |
| Total: | 426,000 | 167,500 | 42,000 | 112,000 | 216,000 | 963,500 |
These figures estimate a notional value for an improvement in the systems' fit to criteria assuming that the systems then meet criteria fully. Of course, the changes might not aim to meet criteria fully, and the value of the changes will be less.
The accuracy of the notional values depends on the criterion weightings, scoring scheme and system size. If you set these parameters to reflect their financial value to your organisation, then the calculated notional values will be a reasonable input to your planning. You should, of course, treat this figure as only indicative, and not rely on it solely in your work planning and justification.
Some notes on IPVs:
- Do not recalculate your IPV every year. Calculate an IPV during the first annual review, and use this to help you decide a standard IPV that you will use from then on. You can revise the IPV up or down according to priorities and experience.
- You do not need to change the IPV when you change weightings and scoring schemes to reflect new priorities, provided that the overall score across all your systems does not change significantly. If, however, weighting and scoring changes shift the average up, then you need to increase the IPV; if they shift the average down, you need to reduce the IPV.
- You do not need to change the IPV when you include new systems, provided that you use the same relative sizings.
- You do need to change the IPV if you change your system sizing scheme. If, for example, you double each size, you need to half your IPV.
As part of criterion definition, rules are defined which specify combinations of grades that trigger issues. Issue detection involves running these rules. This issue detection is normally carried out within Metrici Advisor. Some simplified illustrations of rule processing are given below.
Some rules are triggered by individual grades.
IF system can not be recovered after a hardware failure
THEN
risk of permanent system lossEach issue (such as “risk of permanent system loss”) is associated with a recommendation which outlines what needs to be done to overcome the issue.
Many rules are more complicated and involve a combination of grades.
IF system holds sensitive data
AND system security is weak
THEN
risk of compromising sensitive data
Issues have a priority. The priority scheme used by Metrici Advisor is:
- Requires very urgent action: significant disruption, likely.
- Requires urgent action: significant disruption, possible; or moderate disruption, likely.
- Requires action: significant disruption, not likely; moderate disruption, possible; or minor disruption, likely.
- Requires consideration: moderate disruption, not likely; or minor disruption, possible.
- Requires awareness: minor disruption, not likely.
Some issues have a fixed priority. For example, the “risk of compromising sensitive data” issue always has a high priority, irrespective of the system in which it occurs. Many issues are more context dependent and for these the priority can be adjusted up and down.
IF system is business critical
OR system is very large
THEN
increase priority
IF system is not business critical
AND system is very small
THEN
decrease priorityIssues are calculated one system at a time. Issues across multiple systems can be collated.
Issues can be independent of the scoring scheme. Criteria with a weighting of 0 can still trigger issues. This lets you identify things that you must do even if there is no specific payback, such as a legal requirement.
In most cases, the issues do reflect the scoring scheme. The recommendation suggests what needs to be done to improve the score. These recommendations can be used with the notional values to determine what needs to be done, and to put a value on it.
Previous: 3.3. Validation | Next: 3.5. Criterion maintenance | Up | Contents
