• Home
• Services
  • IT Operations
    • Project Management
    • IT Strategy - Customer Specific Solutions
    • IT Infrastructure
    • Software Development and Customization
    • Security Policies, Practices and Systems
    • Project Development Methodology
    • IT Performance and Risk Management
    • Project Portfolio Management
    • Common Issues and Solutions
  • Business Operations
    • Sample Scenarios
    • IT Project Framework
• Our Clients
  • Testimonials
  • Cases
• Company
  • Guiding Principles
  • Our Team
  • Our Business Model
  • Partner Community
• News & Events
  • Newsletter
  • Media Info
  • Events
  • In the News
• Contact Us

IT Performance and Risk Management

Data Perceptions approach to IT Performance and Risk Management is based on the Control Objectives for Information and related Technology (COBIT) framework as defined by the IT Governance Institute (www.ITGI.org). This comprehensive approach is then tempered and enhanced by the practical lessons we have learned through years of hands-on experience.

IT Governance is an often misunderstood concept, and one that is just as frequently misapplied or even ignored until IT related business interruption has too great an impact both financially and operationally. Properly implemented, IT Governance should not create an unmanageable IT bureaucracy or a procedural nightmare for your business. On the contrary, it should minimize procedural foul-ups and provide clear, practical guidelines. According to ITGI’s Introduction to COBIT, effective IT Governance is “A structure of relationships and processes to direct and control the enterprise in order to achieve the enterprise’s goals by adding value while balancing risk versus return over IT and its processes.”

Typically, when things are not written down, they are not being done. Good IT Governance enables you, through well defined and documented policy and practices, to better...

• Align IT with your business objectives,
• Ensure that IT delivers value,
• Measure and monitor IT performance,
• Properly allocate IT resources, and
• Effectively mitigate IT risk.

Data Perceptions can also assist with a variety of IT Performance and Risk Management issues, some of the most important include:

Change Control

One of the most common causes of system down time is the unplanned, undocumented, or (on occasion) completely unknown change. To reduce system problems and unplanned business interruption, clear change control policies and procedures have to be enforced. They don’t have to be overly complex, as long as they provide clear direction on certain important aspects, including the following:

• Who can make changes and on whose authorization?
• How will changes be made? (implementation and planning)
• When can changes be made and when should they be avoided (eg. no changes to accounting applications during critical processing times)?
• How will changes be documented and by whom?
• What is the back-out procedure if the change plan runs into a problem?

One of the biggest benefits of change control is that better plans are made when they are written down. It allows time for the implementer to consider impacts, review their own plan, and pass it along for peer review and those involved.

Protecting and Restoring Data

Organizations are becoming increasingly reliant on technology in our knowledge based economy. Data critical to ongoing operations often exist only in electronic format within various IT systems. Knowing how your organization protects that information against loss is critical. Some questions you will want to consider about data protection include:

• Where and how often is various data backed up?
• Are backups manual or automated?
• Are backups stored locally or remotely and in what form?
• How often are backup procedures tested and by whom?
• How often is backup integrity verified and by whom?
• What is involved in restoring data and who is responsible?
• Are recovery plans and timeframes established for key systems?

System Redundancy

Well designed IT systems have varying levels and degrees of redundancy built in. Since greater redundancy equals higher cost, a balance must be achieved between protection and cost relative to the business objectives. There are three fundamental levels of redundancy, each providing a range of options and varying degrees of protection against business interruption:

1. Inside the box (server); including components such as redundant hard drives, duplicate cooling fans, back up power supply, etc.
2. Outside the box (clustered servers); including duplication of the entire server, operating systems and applications with automated failover of applications and data
3. Remote (site redundancy); offsite duplication of systems and data with polices and procedures for failover between sites.

The three levels of redundancy apply to all infrastructure components that support production systems.

Equipment Testing

Regularly scheduled equipment testing will ensure that built in redundancy actually functions as it should when one component fails. It also helps to keep staff familiar with redundancy management.

High Availability

High Availability is the combination of well defined, planned, tested, and implemented processes, operational practises, and redundancy in hardware and software components focused on supplying and maintaining application availability. High availability can be achieved in a variety of ways and focuses on eliminating any single point of failure and minimizing business interruption as a result of information technology failure. If the cost of business interruption, financial and otherwise, is prohibitive for your organization, you will likely want to consider a High Availability approach.

To discuss how we might help you optimize your IT Performance and Risk Management, please call 1-877-749-9319 or contact us today.