- Home
- Products
- Services
- Support
- Getting Started
- Documentation
- System Governance Handbook
- Table of contents
- Chapter 1. Introduction
- 1.1. An overview of system governance
- 1.2. About this book
- 1.3. Uses of system governance
- 1.4. Principles of system governance
- Chapter 2. System governance roles and responsibilities
- 2.1. IT decision makers
- 2.2. System governance sponsor
- 2.3. System governance manager
- 2.4. System governance committee
- 2.5. Other roles
- Chapter 3. System governance tools and techniques
- 3.1. Metrici Advisor
- 3.2. Assessment
- 3.3. Validation
- 3.4. Analysis
- 3.5. Criterion maintenance
- Chapter 4. System governance processes
- 4.1. Process overview
- 4.2. Business case
- 4.3. Initiation
- 4.4. Roll out (waterfall)
- 4.5. Roll out (iterative)
- 4.6. Annual review
- 4.7. Interim review
- 4.8. Project review
- 4.9. System review
- 4.10. Comparison and evaluation
- 4.11. Compliance audit
- 4.12. Proof of concept
- Appendix A. System governance reports
- A.1. Terms of reference
- A.2. System portfolio review report
- A.3. Iterative review report
- A.4. System governance review report
- A.5. Interim review report
- A.6. Evaluation review report
- A.7. Compliance audit report
- Appendix B. Example reports
- B.1. Example terms of reference
- B.2. Example system portfolio review report
- Appendix C. System governance meetings
- C.1. Committee briefing
- C.2. Criteria development workshop
- C.3. Iterative review meeting
- C.4. System governance review workshop
- C.5. Interim review meeting
- C.6. Evaluation criteria development workshop
- Appendix D. System governance training
- D.1. System governance overview
- D.2. System governance with Metrici Advisor
- D.3. System governance alignment
- D.4. Comparison and evaluation
- Appendix E. Cross reference
- Index
- System governance: the missing link in IT governance
- System Governance Handbook
- Contact Support
- FAQs
- Customers
- Contact Us
- Sign On
3.2. Assessment
Previous | Next | Up | Contents
Assessment involves investigating one system and responding to all the criteria for that system.
Assessment takes place as part of a number of different processes.
- During the initiation of systems governance, some initial assessments are carried out to familiarise the organisation with system governance.
- During the roll out of systems governance, existing systems are assessed for the first time. Assessment of each system involves responding to every criterion. See Section 4.4, Roll out (waterfall) and Section 4.5, Roll out (iterative).
- Once system governance is established, new and changed systems are assessed as part of the systems development process. See Section 4.8, Project review.
- Once a year, systems that have not been changed are reassessed. The reassessment involves checking and updating existing assessments, and responding to new criteria. See Section 4.9, System review.
- During a system selection, assessment is used to compare and evaluate competing options. This is similar to a first time selection, but uses a modified set of criteria to include any specific requirements of the selection. See Section 4.10, Comparison and evaluation.
- Occasionally it may necessary to assess all the systems for a new requirement, as part of a compliance audit. The focus of the assessment is the new and changed criteria that represent the requirement, not a system-by-system assessment.
The assessment activity is similar across all these processes.
Assessment requires knowledge of the system. Assessment is much easier if systems have effective owners, who can find all the required information easily. If the system is not well documented, first time assessment will be difficult, but then the information captured as part of the assessment will be of extra value to the organisation as a consolidated source of documentation.
Metrici Advisor lets you carry out assessments in a number of ways:
- An assessor can use Metrici Advisor to interview a system owner to respond to all the questions, and fill in the responses on-line. If necessary, the questions and gradings can be printed out, and entered into Metrici Advisor after the interview. This approach provides good assessments, quickly, but requires an effective owner who has the information to hand.
- Metrici Advisor's permissions structure allows the assessment of a system to be delegated directly to the system owner, and for them to fill in responses themselves. This self-assessment approach takes some of the pressure off a central assessment team, but can lead to more work in the validation stage.
- The interview and self-assessment approaches can be combined. The owner initially responds themselves, which gives them the opportunity to investigate areas that are not currently known. An assessor then reviews the information with the owner, and helps complete any outstanding questions.
- Assessment of specialist subjects, such as networks and databases, can be delegated to an appropriate expert. Metrici Advisor's permission structure could, for example, allow a database administrator to respond to database criteria across all systems, but not permit them to respond to any other criteria. This can be useful where knowledge is split by subject area more than by system.
In practice, a mixture of approaches will be required. Some systems will be easy to assess, and others will require significant investigation, at least for first-time assessments.
Most criteria have two parts: a carefully-worded question which requires a textual response, and a carefully-worded grading scheme. The textual response is important because it makes the assessment readable and justifies the grading. Read the question and the grading scheme very carefully, and respond fully and concisely. One-line answers and a quick tick in the box will not provide the quality of information needed to drive improvements in IT.
Check the response and the grading with the system owner, or other authority. Ensure that they agree that the response is factually correct, and ensure that gradings are fully justified by the textual response.
In some cases, such as system selection, it might not be appropriate to discuss the grading at the same time as gathering responses. In this case, ensure that the system owner or other authority (such as the vendor) agrees with the textual response, and then grade the response separately.
It should always be possible to write a textual response that the system owner agrees with. Occasionally, however, system owners or other authorities might question the grading. Usually these disagreements can be resolved by reading the wording of the gradings carefully.
Sometimes, however, it is not possible to agree a grading. This might be because the criterion has not recognised the situation that applies to the system, or because the system owner wishes, despite the evidence, to claim a higher or lower grade. If agreement can not be reached, do not grade the response. Write a comment against the response that it has not been graded, and refer the grading to the system governance committee in the next interim review. If the committee can not agree, refer the issue to the sponsor. Do not let a disagreement on one criterion undermine the general progress of the assessments.
Remember that system governance is focused on providing the organisation as a whole with a tool for improving IT. Occasionally this will mean establishing gradings that are not popular with system owners, either because they imply the systems could be improved, or because they imply that the systems do not need additional investment. The system governance sponsor has final responsibility for navigating any issues that this may cause.
It is not usually possible to complete assessments for all systems. When planning assessments, set a target level of coverage, such as 95% coverage on 80% of systems, and 75% coverage on the remaining 20% of systems. This ensures that the overall assessment processes can complete even if some information is outstanding on some systems.
Metrici Advisor can report on the coverage, and analyses allow for missing data. Metrici Advisor provides a comment field on every response, which allows you to document issues with finding out the information.
Previous: 3.1. Metrici Advisor | Next: 3.3. Validation | Up | Contents
