Abstract image of a woman sitting on books and studying on a laptop

Application Management Framework

Download as DOCX, PDF
Rory Mackay, profile picture
Rory Mackay

The document outlines an application management framework aimed at structuring business ICT services to manage application development and lifecycle effectively. It identifies key areas such as business relationship management, compliance, governance, and documentation, emphasizing the importance of stakeholder collaboration throughout the application lifecycle. The framework is designed to address unseen risks, implement continuous improvements, and ultimately enhance business value and operational efficiency.

1 of 18
Downloaded 494 times
1
2
Most read
3
4
5
Most read
6
7
8
Most read
9
10
11
12
13
14
15
16
17
18
Framework Application Management Framework DEDTA 29/10/2012 Version Number: 1
Contents Project Information ............................................................................................................................ 2 The Framework .................................................................................................................................. 3 Business Relationship Management .................................................................................................. 6 Application Development/ Acquisition ............................................................................................. 8 Compliance ...................................................................................................................................... 10 Governance ...................................................................................................................................... 13 Environment ..................................................................................................................................... 14 Documentation ................................................................................................................................. 14 Conclusion ....................................................................................................................................... 18 Project Information Application Management Framework Title: Create a suggested framework of how Business ICT Services can Purpose/Objective: structure application development and application lifecycle management into the future. Business ICT Services don’t have a complete view of all the applications Problem Statement: developed or in use by the business. This exposes the unit to unseen risks and an inability to implement continuous improvements to the business and applications. An Application Management registration program has been created but has not Background: been completed. This project is part of the completion of that project. This project aims to gather as much information as possible about as many applications as identified. The project then aims to build a roadmap for key applications based on a suggested application management framework and best practises for that application. This document articulates the framework to be used in application management for the business ICT services unit. A Framework does not contain answers; rather it is a source of guidance that Framework: encourages thought in a certain way. A framework encourages a step back and helps the thought process cover all bases. Frameworks help ask the tough questions. In building this framework a number of highly regarded management frameworks Research: were investigated. They included PMBOK, ITIL, ASL, COBIT5, Microsoft compliance, CMMI. Tools investigated to help drive continuous improvement of applications and application management included Six Sigma, TQM and Balanced score card. Page 2 of 18
The Framework Application management is not just about managing the software it is also about managing the relationships and expectations of those that use, deliver and are involved with the software and the problems which the software is designed to address. In building an applications management framework that considers the application software as well as expectations that stakeholders have of the application, six areas of significance are suggested. These six key areas of impact are 1. Business Relationship Management 2. Application Development 3. Compliance of the application to standards, policies and legal requirements 4. Governance of the application and any development work 5. Environment which includes the tools, skills and resources in delivering an application 6. Documentation As the ICT services unit manages these six areas over an applications life cycle the unit will be able to create a platform in order to drive an increase of business value to the agency. When a customer (business unit) first puts forward the request for help with a business problem, it is important from the outset to understand the business needs. From this starting point working with the customer is essential. This working relationship should continue through application development and should not end once the application is delivered but continue until that application is farewelled into the sun set. Achieving this culture of ongoing improvement and partnership with those that use an application is not easy as there are so many demands on the ICT Services units’ time and resources. Often the pressing nature of current projects drowns out the follow up and ongoing management of past projects and applications that have been developed. With new projects constantly being worked on and changes in staff assignment the ICT Services unit struggles to keep ahead and have a full understanding of all the applications being used by the business. During this project 63 applications and systems were identified. 67 Questions were asked to help understand these applications and their usage, compliance, management and cost better. While many of the questions could be answered these answers often resided at an operational level within individuals heads. There are many factors that contribute to an incomplete picture of a particular application. It is the aim of this framework to help create a fuller picture of each application from its inception through to sun setting. Factors that contribute to an incomplete picture leading to poor support of an application are; not all procedures are followed correctly, poor documentation, changes in staff and end users adaptation of the system or changes in business requirements. This in turn leads to dissonance in those that use the application. Page 3 of 18
Combating this dissonance is what continuous improvement and relationship building tries to accomplish. To implement continuous improvement it is important to understand the landscape for each application and make sure that each application is standing on a solid foundation of correct application development that it complies with all needed policies, legal requirements and is correctly governed through its life cycle. Once this base foundation is in place and understood it is easier to allocate time to reviewing, managing and improving application offerings. This will translate into clearer vision of current applications and more flexibility and speed in delivering new applications that meet business needs. As part of this framework each key area is broken down into more manageable chunks that explain what the key area encompasses. A set of questions to help crystallise the intent within a key area is proposed. These questions will not by themselves create an effective base foundation for an application but are the prompts to make sure that the work conducted in delivering an application are sound and cover all needed steps. Page 4 of 18
Application Management Framework diagram Business Relationship Management Tools Understand Formalise Champion Resources Governance Application Environment Development/Acquisition Compliance Review/ Continual Improvement Unit Goals Practices/ Policies Documentation Figure 1 Page 5 of 18
Business Relationship Management Business relationship management taken from the ITIL body of knowledge helps understand business requests and requirements, formalise and agree with business on deliverables, champion business requirements through the development/acquisition process and review the delivered product in order to take advantage of opportunities for improvement. Business relationship management is the process of delivering real business value while managing expectation. Business Relations Management follows the path of 1. Understand the business needs and requirements surrounding a request of service or application software 2. Formalise the needs into a specific request that is agreed to 3. Championing the business needs and requirements during the application life cycle 4. Reviewing the deliverables to achieve continual improvement and identify opportunities. Overview Questions In this section of the framework 10 questions are suggested to help improve Business Relationship Management in the delivery of services and applications. 1 Why does the business want to develop/change this system? 2 What business need will this system fill? What does the system look like and do you have all the information needed to 3 deliver the end result? 4 Do all the stakeholders agree as to what will be delivered? 5 Do you have sign off from all needed stakeholders? 6 Is the Customer happy right now? 7 Will the Customer be happy in the future? 8 Have/Are we provided/ing the Customer with value? 9 Is the system meeting Customer expectations? 10 What more can we do to improve the Customer experience? These questions are not part of the business analysis process that will be undertaken when identifying business needs and drawing up business requirements documentation. What these questions aim at achieving is verifying that the business analysis work under taken has answered questions with the customers end goal in mind. Service Portfolios A service’s portfolio is a needed input into managing business relations. A service’s portfolio is an information repository of all information relating to current applications and services. This portfolio should include a number of distinct catalogues 1. Current supported applications and related information 2. Environment information of resources, skills and tools available 3. Current commitments 4. Learning’s from past developments 5. Policies and procedures These catalogues will be usedduring the assessment of business needs. The catalogues will help determine ICT Services capacity to accomplish the business request or to identify overlapping Page 6 of 18
services or applications that might suit business needs reducing time and effort in meeting the business demands. Areas in more detail and suggested tools Understand Business needs and requirements This is a business analyst activity and should be conducted using business analyst skills and tools. Documentation that should be produced because of this activity include Project initiation document Current state documentation Project vision documentation Business requirements documentation Business process design documentation This information helps in deciding on project feasibility refining the requirements of what is needed as opposed to what is expected what will be delivered what resources will be needed Formalise the needs into a request Before a project starts it is important to make sure that stakeholders’ and sponsors understand all the information and the impacts of a project. These elements need to be agreed to before the project work is started. Champion the business needs and requirements when working on the request This is an ongoing process and is “Customer Centric”. It stems from the requirements and is a mindset of making sure that what is being produced or worked on is meeting the Customers’ Requirements. Is the Customer happy right now? Will the Customer be happy in the future? Review Application for continual improvement There are two points to application review 1. At completion of the development or project work or an element thereof 2. As a matter of continuous improvement In carrying out application review to make sure that the application is meeting business demands a balanced score card reviewed on a yearly basis is proposed. The balanced score cardsobjectives are set when the application is initially launched. It is suggested that each Application use a Balanced score card approach. This will help highlight problems with applications opportunities to deliver better services to the business. Page 7 of 18
Balanced score card template for application review tool USER ORIENTATION BUSINESS CONTRIBUTION How do users view the Application? How does business owner view the Application? Mission: Mission: To be the preferred Application for performing the To obtain a reasonable business outcome from IT task Investments. Objectives: Objectives: User satisfaction Control of Application Expenses Partnership with users Business Value of Application Measure/Response: Measure/Response: Initiatives/Fixes: Initiatives/Fixes: OPERATIONAL EXCELLENCE FUTURE ORIENTATION Does Application meet standards and How well is the Application Positioned to meet requirements? future needs? How well is ICT situated to deliver new application needs? Mission: To maintain standards, connectivity, version Mission: control, security and business objectives To develop opportunities to answer future challenges. Objectives: Efficient and Effective Developments Objectives: Efficient and Effective Operations Meet changing business needs Application Compliance Expertise of IT Staff Measure/Response: Research into emerging technologies Age of Application Initiatives/Fixes: Measure/Response: Initiatives/Fixes: Figure 2 Application Development/ Acquisition The development or acquisition of an application should be conducted in such a way that “best practise” processes are used in making sure that the application delivered meets the formalised needs Page 8 of 18
agreed to. This development cycle taken from PMBOK (project management body of knowledge) and the Tasmanian Government project management framework is the suggested way in which application development/acquisition is conducted and the following areas of project management have been singled out as things to concentrate on Application development / acquisition core areas include o Scope management o Time management o Risk management o Procurement management o Cost management o Communications o Development quality Overview Questions There are 13 top level questions that can be asked. These questions help determine the robustness of work done in running a development project for an application. 1 Do you have an agreed scope statement? 2 Do you know what activities you will be expected to do to achieve the scope? 3 Do you have the needed resources, People, Time, and Money? 4 Are you able to tell people when things will happen by referring to a time line estimate? 5 Have you been able to identify risks to the project and risk mitigation plans? Have you created the appropriate procurement documentation, including requests and 6 responses? 7 Have you planned for the procurement selection process? 8 Do you have a budget? 9 Who needs information and status updates? 10 How will people get the updates or information that they need? 11 Is there a place where all the documentation is stored that is safe and central? 12 Do you know what you will need to test? 13 Do you have a test plan for testing? Areas in more detail and suggested tools Scope management Make sure that all required work is understood. Make sure that only required work is undertaken to complete the project and avoid scope creep through clear documentation and communication. Create an agreed and signed scope statement Create a list of task categories to help understand requirements of the agreed scope Time management Manage the time taken in completing the project Schedule resources Create an estimated timeline Risk management Identification, analysing and response planning to risks or opportunities that occur as a result of the project Page 9 of 18
Create a project risk register. Suggested format below Risk Progress Consequence Vulnerability Trigger Actions Statement Report Cost/Time/ What will descriptio What will What can What is being Quality cause the n of risk happen being done done Benefit/ problem It is suggested that a spread sheet be populated with information as the result of a brain storm session from those involved in the project. Procurement management Management of the process to purchase or acquire products or services Create appropriate RFQ documentation Get appropriate responses Conduct selection and appointment process This must be completed so that it meets department rules and requirements. Cost management Management to keep costs within agreed limits Create a budget Communications Management of project information making sure that stakeholders are informed and information is correctly captured Identify who needs information Plan how information will be communicated Create a central communication repository especially for documentation, maybe for team member collaboration Development quality Managing the quality of the delivered service or product Create a list of deliverable features Create a test plan of the deliverables Compliance Page 10 of 18
Adapted from Microsoft’s compliance framework this part of the framework clarifies the steps that must be taken to make sure that an application meets laws, regulations and policies. Compliance has six areas to consider. Each application or subsystem should be considered in conjunction with each of these areas. o Information Security / Access o Business Continuity management o Risk Management o Legal compliance o Business aligned (strategy) o Procurement Overview Questions To help manage compliance eight top level questions can be asked. 1 Does the application meet information security needs? 2 Is the system able to withstand a disaster? 3 Have you identified all possible risks and opportunities? 4 Do you have a plan in place regarding the risks and opportunities? 5 Does the application meet all legal requirements? 6 Does the application adhere to all policies that impact the application? 7 Does the application meet strategic business goals? 8 Have all procurements and contractual arrangements been carried out correctly? A suggested tool to help tease out all the compliance issues for an application could be something along the following lines. Here an application is rated against each area of compliance, with questions being asked about the expected compliance or the goal. What would constitute compliance or what test applied would allow a positive rating. And then what actions need to be taken to make the application compliant? Application Name : Recommended Compliant Domain Expected/Goal Test Compliant Y/N Remedy Action Information security Business continuity Risk Legal Business aligned Procurement Areas in more detail and suggested tools Information security / access Making sure that information is securely housed and that all reasonable steps have been taken to safe guard private and confidential information is an important compliance goal. Business continuity management Page 11 of 18
Can the business continue working in the case of a disaster? Under what circumstances can an application recovery take place? How long will it take to recover all the data? Who is the first point of call in a disaster? These questions are an example of the type of questions that should be asked when ascertaining wether business continuity needs have been met. The Good Practice Guidelines for business continuity should be reviewed for information when implementing business continuity practises. Risk management Many of the compliance areas for consideration if not managed correctly will impose risks. “Risk management is the identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities.” - Wikipedia “If it can’t be identified, it can’t be managed”. In dealing with risks that are inherent in the management of applications the following is important that a sufficiently robust risk analysis be conducted that uncovers any risks that need to be managed. Tools in accessing and managing risk are Risk impact assessment matrix Risk register Risk Impact matrix Catastrophic 5 High risks Significant risks Moderate risks Low risks 4 Consequence 3 2 1 4 5 Rare 2 3 Almost Certain Likelihood Figure 3 Page 12 of 18
Raw risks identified as high or significant should receive further attention. Current risk mitigation plans should be considered to ascertain if the application risk is within a tolerant range of if further risk management plans need to be looked at. Legal compliance Making sure that an application development meets all legal standards and that IP and other such legal matters are not compromised is important. When in doubt crown legal should be contacted for support and information. Business aligned (strategy) The business goals and objectives while not being a legal requirement are extremely important to make sure that they are implemented correctly. In doing this for each application it ensures that application development and services time is not spent in areas that do not contribute to the overall identified business goals and objectives Procurement There are procurement guidelines and policies and these need to be followed making sure that all interaction between the agency and external suppliers is conducted correctly and according to the laid out guidelines and directions. Governance Governance is normally something that applies to a government body or organisation as a whole. In providing value to stakeholders when delivering application development services it is useful in taking the concept of governance that is used at a helicopter view for an entire organisation or even a large project and refining this to simple statements that help drive real value in the correct direction keeping the correct focus (priority) of the applications business value. Governance taken from COBIT5 works towards making sure benefits, risks and opportunities are managed in a manner that provides comfort to all stakeholders Governance talked about in this documentis concerned with governance of the application and the applications life cycle only. Correct governance translates into consistent management, effective guidance and granted power in achieving application value. In viewing an applications life cycle there are three areas of governance thatneed to be controlled 1. Resources and how they are used during the application life cycle 2. Risks that are associated with an application and its life cycle 3. Benefits that can be realised because of an application through its life cycle These areas of governance are driven by the governance scope and who is responsible for governance. Governance should not hinder management but rather assist management in achieving the desired outcomes. What governance does do is make sure that allocated resources, risks and benefits are balanced responsibly. Overview Questions To allow correct governance the following governance questions help clarify if governance is being conducted appropriately. Page 13 of 18
1 Who is responsible for the governance decision? 2 Is there a defined capacity for action? 3 Do they have enough information to provide guidance? 4 What are the interactions points between governance and management? Environment A factor with significant impact is the environment within which an application will be developed. The environment captures tools, resources, unit goals and process & practices. All of these impact an applications development and life cycle. The Environment is all of those elements that form part of the way in which the unit delivers its services. This includes Tools used Resources of time, money and skill The Units strategic goals as they relate to the agency goals Practices, policies and culture of the unit All of these things will impact the delivery of services and the unit’s outputs. A number of management frameworks or methodologies can be used in managing these elements. Documentation Documentation is a constant and a very important part of every effort that is undertaken in delivering an outcome. There is documentation in all aspects of the suggested activities in this framework. Documentation is part of the expected activities of Business Analysis, Project management, Governance, Compliance and Unit management. What happens to this documentation and the ongoing need to make the information available is an important element of this framework.A good documentation foundation enhances an applications ability to meet business needs throughout its life cycle and especially looking into the future. The documentation of an application should be maintained with consideration for static documentation or documentation that is rarely changed and live documentation which is updated regularly. Archive Documentation 1. Development or implementation documentation including compliance and governance setup 2. Technical and end user documentation 3. Learning’s from project implementation (can be part of implementation documentation) Live Documentation 4. Quick – Key application and management information 5. Issues tracking and resolution information Page 14 of 18
Development or implementation documentation Documentation that is generated during the analysis and implementation of an application should be stored. This should be stored somewhere that is accessible and easy to find and link to other documentation relating to an application. It will be infrequently accessed but will be of great help if that type of information is needed e.g. a review of business analysis as to why an application was chosen or procurement documentation. The TRIM system should be considered as the best place for this type of information. This type of documentation should be expected to be versioned and easily referenced. It will be the baseline and include changes and enhancements that happen to an application over time. Technical and end user documentation Technical and end – user documentation should also be stored in a secure and accessible place. Technical documentation gives developers, support staff and users the information that they need when working with the application. It is important that this documentation be maintained up to date as un-maintained documentation is frustrating and reflects badly on the application. Technical documentation includes diagrams, interactive flow diagrams and written information. This documentations accessibility is important especially for new users. Application Management Matrix: Quick – Key application and management information The ICT Business Services unit deals with many applications. It is important to be able to understand an applications basic structure. Areas of knowledge that enhance managements knowledge of an application are as follows Business unit information - Information relating to the business unit that initiated and use the application Hardware infrastructure – What hardware is the application using Software Infrastructure – Warranty, versioning, upgrade strategy Application Management – Application interconnectivity, Dealing with the application internal to ICT business system Software Information – Proprietor information, contact details Software usage and maintenance – Upgrade strategy, issues management Skills and People – Skills needed, who has the skills Cost of Ownership – What cost is there for running the application All this information should be easily available in a database that is maintained allowing information to improve management of applications. A software project has been started with the creation of the Application Management Database as its goal. It is suggested that a database like this should be expanded to house all of the relevant application management information pertaining to an applications life cycle. Information that should form part of this database would include user perception and balanced score card information relevant to each application. This information is live or active information and needs to be searchable and allow the manager to create dynamic reports. Page 15 of 18
In providing a database of this capacity one of the below alternatives will need to be adopted 1. The current application management database could be enhanced 2. A SharePoint solution could be investigated using SharePoint 2013 and many of the enhancements within this system especially if SharePoint is to be relaunched and made the central point of agency user knowledge and connectivity. 3. Look for an off the shelf application management software that will allow the above information to be captured. In considering what the application management software should achieve the following should be considered General application knowledge Accessibility to the information Ability to store external documentation e.g. .doc .vsd .xls and other files not just field entered information Ability to search the information Easy and intuitive information maintenance Easy to use interface paying attention to usability Bugtracker/IT Helpdesk: Issues tracking and resolution information This documentation really is part of the ongoing documentation that should be kept and is important in understanding an applications usefulness, struggle points and cost of maintenance. There are two systems being used at the moment The TT system used by infrastructure help desk for support tickets Bugnet Querying issue tracking information and making this available as part of a management tool, allows a clearer understanding of trends and future requirements that an application will need. Often this information is used during the issue resolution by the technical support but not as a whole of application overview. Drawing intelligence from what users are reporting can be very beneficial when considering an application as a whole and should feed into the balanced score card suggested earlier. Bugnet at the moment is used only during application development. The TT system is used for user incoming requests and raised problems. There may be the possibility to somehow integrate the information from these systems. It may also be decided that having different systems is working well at the moment. The struggle is that the more systems there are to maintain the less chance that the systems or applications get usedeffectively. Key questions to be asked when managing documentation 1 Do we have all the Key application information for ongoing management? 2 Have we captured and stored all generated documentation during implementation? 3 Are we recording all issues and problems effectively? Page 16 of 18
Documentation and Storage for Static and Live Information Figure 4 Page 17 of 18
Conclusion This framework is not a definitive structure for managing applications but is a suggestion of how it can be approached. It has strived to make the management of an application as simple as possible. All along the way it has strived to put forward a group of questions that stimulate thoroughness, out of the box thinking and accountability. It has considered frameworks from a number of disciplines and selected elements that make sense for use by DEDTA ICT Business Services application framework. It is anticipated that elements of this framework if implemented will grow and be refined as learning’s occur. When implementing this framework it is suggested that the Deming cycle of PDCA (Plan, Do, Check, Act) be adopted. This paper should be considered as the first element in the cycle being a plan of what could be implemented to improve application management. The ideas here need to be implemented and tested to see if they are producing the desired results. Following this a replanning covering shortfalls and gaps and ways to improve should then be undertaken making sure that the unit is not burdened down with tasks that produce no value. Figure 5 Page 18 of 18

More Related Content

PPTX
Application Management Services
venu1506
 
PPT
Testing capability ppt
anilreddyqa
 
PPTX
Introduction to Data Management Maturity Models
Kingland
 
PDF
Software Maintenance Project Proposal PowerPoint Presentation Slides
SlideTeam
 
PPTX
Testing as a Managed Service using SLAs and KPIs
Prolifics
 
PPTX
Standard operating process in freight forwarding
NITIN RAJAN
 
PDF
Implementing Effective Data Governance
Christopher Bradley
 
PDF
SAP ATP check for Sales Order
Lee Scott
 
Application Management Services
venu1506
 
Testing capability ppt
anilreddyqa
 
Introduction to Data Management Maturity Models
Kingland
 
Software Maintenance Project Proposal PowerPoint Presentation Slides
SlideTeam
 
Testing as a Managed Service using SLAs and KPIs
Prolifics
 
Standard operating process in freight forwarding
NITIN RAJAN
 
Implementing Effective Data Governance
Christopher Bradley
 
SAP ATP check for Sales Order
Lee Scott
 

What's hot (20)

PDF
Structured Approach to Solution Architecture
Alan McSweeney
 
PPTX
ITIL Introduction
Ravi Kiran
 
PPTX
IT4IT - The Full Story for Digital Transformation - Part 1
Mohamed Zakarya Abdelgawad
 
PPTX
Implementing Effective Enterprise Architecture
Leo Shuster
 
PPTX
Application Management and Support - Shared Services Featuring the Pay Per Ti...
Jade Global
 
PDF
EA Intensive Course "Building Enterprise Architecture" by mr.danairat
Software Park Thailand
 
PDF
ITIL 4 - Make sense of what BA, UI/UX Designer, Coder, QA, PM and DevOps do
CliffordEgbomeade
 
PPT
Approach To It Strategy And Architecture
Alan McSweeney
 
PPTX
Togaf 9.2 Introduction
Mohamed Zakarya Abdelgawad
 
PDF
ArchiMate application and data architecture layer - Simplify the models
COMPETENSIS
 
PDF
Marlabs Capabilities Overview: Application Maintenance Support Services
Marlabs
 
PDF
IT4IT real life examples & myths and rumors dispelled
Tony Price
 
PPTX
Define an EA Operating Model
Info-Tech Research Group
 
PPTX
A tailored enterprise architecture maturity model
Paul Sullivan
 
PPTX
Practical Enterprise Architecture in Medium-size Corporation using TOGAF
Michael Sukachev
 
PDF
Incident Management Powerpoint Presentation Slides
SlideTeam
 
PPT
It Service Management Implementation Overview
Alan McSweeney
 
PPTX
IT4IT Overview (A new standard for IT management)
Charles Betz
 
PPTX
ITSM and Service Catalog Overview
Christopher Glennon
 
PPTX
ITIL PPT
Vikas Aryan
 
Structured Approach to Solution Architecture
Alan McSweeney
 
ITIL Introduction
Ravi Kiran
 
IT4IT - The Full Story for Digital Transformation - Part 1
Mohamed Zakarya Abdelgawad
 
Implementing Effective Enterprise Architecture
Leo Shuster
 
Application Management and Support - Shared Services Featuring the Pay Per Ti...
Jade Global
 
EA Intensive Course "Building Enterprise Architecture" by mr.danairat
Software Park Thailand
 
ITIL 4 - Make sense of what BA, UI/UX Designer, Coder, QA, PM and DevOps do
CliffordEgbomeade
 
Approach To It Strategy And Architecture
Alan McSweeney
 
Togaf 9.2 Introduction
Mohamed Zakarya Abdelgawad
 
ArchiMate application and data architecture layer - Simplify the models
COMPETENSIS
 
Marlabs Capabilities Overview: Application Maintenance Support Services
Marlabs
 
IT4IT real life examples & myths and rumors dispelled
Tony Price
 
Define an EA Operating Model
Info-Tech Research Group
 
A tailored enterprise architecture maturity model
Paul Sullivan
 
Practical Enterprise Architecture in Medium-size Corporation using TOGAF
Michael Sukachev
 
Incident Management Powerpoint Presentation Slides
SlideTeam
 
It Service Management Implementation Overview
Alan McSweeney
 
IT4IT Overview (A new standard for IT management)
Charles Betz
 
ITSM and Service Catalog Overview
Christopher Glennon
 
ITIL PPT
Vikas Aryan
 
Ad

Similar to Application Management Framework (20)

DOCX
DEFINITION.docx
AbdetaImi
 
PDF
Application Rationalization | Torry Harris Whitepaper
Torry Harris Business Solutions
 
PDF
Application Portfolio Management
Randy Robinson
 
DOCX
ShivamThakur_CV_Business Analyst
Shivam Thakur
 
PDF
HP Project and Portfolio Management
HP Enterprise Italia
 
PDF
Maturity modle proposal v1 networked business quickversion
Jan Kwiecien
 
PDF
International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
PDF
Development Of Practice Management Software Essay
Sherry Bailey
 
PDF
5 Essential Steps for Successful Application Modernization Strategy
JohnAdams514191
 
PDF
2012 04 16 Iso38500 Governance V1
Michael Boyle
 
PDF
Measurement_Information Needs_paper_Crosstalk
pbaxter
 
PDF
Application rationalization- Invest today to save tomorrow!
Vivek Mishra
 
DOCX
RUNNING HEAD ERP SYSTEM IMPLIMENTATION PROJECT .docx
susanschei
 
PDF
How IT Can Empower Citizen Developers to Build Apps
Dreamforce
 
PDF
Hp application portfolio management software
HP Enterprise Italia
 
PDF
Build Or Subscribe For Spm 3
pstakenas
 
PDF
Managing model-driven applications
Thei Geurts
 
PDF
Business Rule Management Framework for N-Tier E-Business Applications
ijmpict
 
PDF
Business Rule Management Framework for N-Tier E-Business Applications
ijmpict
 
PPT
Enterprise Software Implementation
brh184
 
DEFINITION.docx
AbdetaImi
 
Application Rationalization | Torry Harris Whitepaper
Torry Harris Business Solutions
 
Application Portfolio Management
Randy Robinson
 
ShivamThakur_CV_Business Analyst
Shivam Thakur
 
HP Project and Portfolio Management
HP Enterprise Italia
 
Maturity modle proposal v1 networked business quickversion
Jan Kwiecien
 
International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
Development Of Practice Management Software Essay
Sherry Bailey
 
5 Essential Steps for Successful Application Modernization Strategy
JohnAdams514191
 
2012 04 16 Iso38500 Governance V1
Michael Boyle
 
Measurement_Information Needs_paper_Crosstalk
pbaxter
 
Application rationalization- Invest today to save tomorrow!
Vivek Mishra
 
RUNNING HEAD ERP SYSTEM IMPLIMENTATION PROJECT .docx
susanschei
 
How IT Can Empower Citizen Developers to Build Apps
Dreamforce
 
Hp application portfolio management software
HP Enterprise Italia
 
Build Or Subscribe For Spm 3
pstakenas
 
Managing model-driven applications
Thei Geurts
 
Business Rule Management Framework for N-Tier E-Business Applications
ijmpict
 
Business Rule Management Framework for N-Tier E-Business Applications
ijmpict
 
Enterprise Software Implementation
brh184
 
Ad

Application Management Framework

  • 1. Framework Application Management Framework DEDTA 29/10/2012 Version Number: 1
  • 2. Contents Project Information ............................................................................................................................ 2 The Framework .................................................................................................................................. 3 Business Relationship Management .................................................................................................. 6 Application Development/ Acquisition ............................................................................................. 8 Compliance ...................................................................................................................................... 10 Governance ...................................................................................................................................... 13 Environment ..................................................................................................................................... 14 Documentation ................................................................................................................................. 14 Conclusion ....................................................................................................................................... 18 Project Information Application Management Framework Title: Create a suggested framework of how Business ICT Services can Purpose/Objective: structure application development and application lifecycle management into the future. Business ICT Services don’t have a complete view of all the applications Problem Statement: developed or in use by the business. This exposes the unit to unseen risks and an inability to implement continuous improvements to the business and applications. An Application Management registration program has been created but has not Background: been completed. This project is part of the completion of that project. This project aims to gather as much information as possible about as many applications as identified. The project then aims to build a roadmap for key applications based on a suggested application management framework and best practises for that application. This document articulates the framework to be used in application management for the business ICT services unit. A Framework does not contain answers; rather it is a source of guidance that Framework: encourages thought in a certain way. A framework encourages a step back and helps the thought process cover all bases. Frameworks help ask the tough questions. In building this framework a number of highly regarded management frameworks Research: were investigated. They included PMBOK, ITIL, ASL, COBIT5, Microsoft compliance, CMMI. Tools investigated to help drive continuous improvement of applications and application management included Six Sigma, TQM and Balanced score card. Page 2 of 18
  • 3. The Framework Application management is not just about managing the software it is also about managing the relationships and expectations of those that use, deliver and are involved with the software and the problems which the software is designed to address. In building an applications management framework that considers the application software as well as expectations that stakeholders have of the application, six areas of significance are suggested. These six key areas of impact are 1. Business Relationship Management 2. Application Development 3. Compliance of the application to standards, policies and legal requirements 4. Governance of the application and any development work 5. Environment which includes the tools, skills and resources in delivering an application 6. Documentation As the ICT services unit manages these six areas over an applications life cycle the unit will be able to create a platform in order to drive an increase of business value to the agency. When a customer (business unit) first puts forward the request for help with a business problem, it is important from the outset to understand the business needs. From this starting point working with the customer is essential. This working relationship should continue through application development and should not end once the application is delivered but continue until that application is farewelled into the sun set. Achieving this culture of ongoing improvement and partnership with those that use an application is not easy as there are so many demands on the ICT Services units’ time and resources. Often the pressing nature of current projects drowns out the follow up and ongoing management of past projects and applications that have been developed. With new projects constantly being worked on and changes in staff assignment the ICT Services unit struggles to keep ahead and have a full understanding of all the applications being used by the business. During this project 63 applications and systems were identified. 67 Questions were asked to help understand these applications and their usage, compliance, management and cost better. While many of the questions could be answered these answers often resided at an operational level within individuals heads. There are many factors that contribute to an incomplete picture of a particular application. It is the aim of this framework to help create a fuller picture of each application from its inception through to sun setting. Factors that contribute to an incomplete picture leading to poor support of an application are; not all procedures are followed correctly, poor documentation, changes in staff and end users adaptation of the system or changes in business requirements. This in turn leads to dissonance in those that use the application. Page 3 of 18
  • 4. Combating this dissonance is what continuous improvement and relationship building tries to accomplish. To implement continuous improvement it is important to understand the landscape for each application and make sure that each application is standing on a solid foundation of correct application development that it complies with all needed policies, legal requirements and is correctly governed through its life cycle. Once this base foundation is in place and understood it is easier to allocate time to reviewing, managing and improving application offerings. This will translate into clearer vision of current applications and more flexibility and speed in delivering new applications that meet business needs. As part of this framework each key area is broken down into more manageable chunks that explain what the key area encompasses. A set of questions to help crystallise the intent within a key area is proposed. These questions will not by themselves create an effective base foundation for an application but are the prompts to make sure that the work conducted in delivering an application are sound and cover all needed steps. Page 4 of 18
  • 5. Application Management Framework diagram Business Relationship Management Tools Understand Formalise Champion Resources Governance Application Environment Development/Acquisition Compliance Review/ Continual Improvement Unit Goals Practices/ Policies Documentation Figure 1 Page 5 of 18
  • 6. Business Relationship Management Business relationship management taken from the ITIL body of knowledge helps understand business requests and requirements, formalise and agree with business on deliverables, champion business requirements through the development/acquisition process and review the delivered product in order to take advantage of opportunities for improvement. Business relationship management is the process of delivering real business value while managing expectation. Business Relations Management follows the path of 1. Understand the business needs and requirements surrounding a request of service or application software 2. Formalise the needs into a specific request that is agreed to 3. Championing the business needs and requirements during the application life cycle 4. Reviewing the deliverables to achieve continual improvement and identify opportunities. Overview Questions In this section of the framework 10 questions are suggested to help improve Business Relationship Management in the delivery of services and applications. 1 Why does the business want to develop/change this system? 2 What business need will this system fill? What does the system look like and do you have all the information needed to 3 deliver the end result? 4 Do all the stakeholders agree as to what will be delivered? 5 Do you have sign off from all needed stakeholders? 6 Is the Customer happy right now? 7 Will the Customer be happy in the future? 8 Have/Are we provided/ing the Customer with value? 9 Is the system meeting Customer expectations? 10 What more can we do to improve the Customer experience? These questions are not part of the business analysis process that will be undertaken when identifying business needs and drawing up business requirements documentation. What these questions aim at achieving is verifying that the business analysis work under taken has answered questions with the customers end goal in mind. Service Portfolios A service’s portfolio is a needed input into managing business relations. A service’s portfolio is an information repository of all information relating to current applications and services. This portfolio should include a number of distinct catalogues 1. Current supported applications and related information 2. Environment information of resources, skills and tools available 3. Current commitments 4. Learning’s from past developments 5. Policies and procedures These catalogues will be usedduring the assessment of business needs. The catalogues will help determine ICT Services capacity to accomplish the business request or to identify overlapping Page 6 of 18
  • 7. services or applications that might suit business needs reducing time and effort in meeting the business demands. Areas in more detail and suggested tools Understand Business needs and requirements This is a business analyst activity and should be conducted using business analyst skills and tools. Documentation that should be produced because of this activity include Project initiation document Current state documentation Project vision documentation Business requirements documentation Business process design documentation This information helps in deciding on project feasibility refining the requirements of what is needed as opposed to what is expected what will be delivered what resources will be needed Formalise the needs into a request Before a project starts it is important to make sure that stakeholders’ and sponsors understand all the information and the impacts of a project. These elements need to be agreed to before the project work is started. Champion the business needs and requirements when working on the request This is an ongoing process and is “Customer Centric”. It stems from the requirements and is a mindset of making sure that what is being produced or worked on is meeting the Customers’ Requirements. Is the Customer happy right now? Will the Customer be happy in the future? Review Application for continual improvement There are two points to application review 1. At completion of the development or project work or an element thereof 2. As a matter of continuous improvement In carrying out application review to make sure that the application is meeting business demands a balanced score card reviewed on a yearly basis is proposed. The balanced score cardsobjectives are set when the application is initially launched. It is suggested that each Application use a Balanced score card approach. This will help highlight problems with applications opportunities to deliver better services to the business. Page 7 of 18
  • 8. Balanced score card template for application review tool USER ORIENTATION BUSINESS CONTRIBUTION How do users view the Application? How does business owner view the Application? Mission: Mission: To be the preferred Application for performing the To obtain a reasonable business outcome from IT task Investments. Objectives: Objectives: User satisfaction Control of Application Expenses Partnership with users Business Value of Application Measure/Response: Measure/Response: Initiatives/Fixes: Initiatives/Fixes: OPERATIONAL EXCELLENCE FUTURE ORIENTATION Does Application meet standards and How well is the Application Positioned to meet requirements? future needs? How well is ICT situated to deliver new application needs? Mission: To maintain standards, connectivity, version Mission: control, security and business objectives To develop opportunities to answer future challenges. Objectives: Efficient and Effective Developments Objectives: Efficient and Effective Operations Meet changing business needs Application Compliance Expertise of IT Staff Measure/Response: Research into emerging technologies Age of Application Initiatives/Fixes: Measure/Response: Initiatives/Fixes: Figure 2 Application Development/ Acquisition The development or acquisition of an application should be conducted in such a way that “best practise” processes are used in making sure that the application delivered meets the formalised needs Page 8 of 18
  • 9. agreed to. This development cycle taken from PMBOK (project management body of knowledge) and the Tasmanian Government project management framework is the suggested way in which application development/acquisition is conducted and the following areas of project management have been singled out as things to concentrate on Application development / acquisition core areas include o Scope management o Time management o Risk management o Procurement management o Cost management o Communications o Development quality Overview Questions There are 13 top level questions that can be asked. These questions help determine the robustness of work done in running a development project for an application. 1 Do you have an agreed scope statement? 2 Do you know what activities you will be expected to do to achieve the scope? 3 Do you have the needed resources, People, Time, and Money? 4 Are you able to tell people when things will happen by referring to a time line estimate? 5 Have you been able to identify risks to the project and risk mitigation plans? Have you created the appropriate procurement documentation, including requests and 6 responses? 7 Have you planned for the procurement selection process? 8 Do you have a budget? 9 Who needs information and status updates? 10 How will people get the updates or information that they need? 11 Is there a place where all the documentation is stored that is safe and central? 12 Do you know what you will need to test? 13 Do you have a test plan for testing? Areas in more detail and suggested tools Scope management Make sure that all required work is understood. Make sure that only required work is undertaken to complete the project and avoid scope creep through clear documentation and communication. Create an agreed and signed scope statement Create a list of task categories to help understand requirements of the agreed scope Time management Manage the time taken in completing the project Schedule resources Create an estimated timeline Risk management Identification, analysing and response planning to risks or opportunities that occur as a result of the project Page 9 of 18
  • 10. Create a project risk register. Suggested format below Risk Progress Consequence Vulnerability Trigger Actions Statement Report Cost/Time/ What will descriptio What will What can What is being Quality cause the n of risk happen being done done Benefit/ problem It is suggested that a spread sheet be populated with information as the result of a brain storm session from those involved in the project. Procurement management Management of the process to purchase or acquire products or services Create appropriate RFQ documentation Get appropriate responses Conduct selection and appointment process This must be completed so that it meets department rules and requirements. Cost management Management to keep costs within agreed limits Create a budget Communications Management of project information making sure that stakeholders are informed and information is correctly captured Identify who needs information Plan how information will be communicated Create a central communication repository especially for documentation, maybe for team member collaboration Development quality Managing the quality of the delivered service or product Create a list of deliverable features Create a test plan of the deliverables Compliance Page 10 of 18
  • 11. Adapted from Microsoft’s compliance framework this part of the framework clarifies the steps that must be taken to make sure that an application meets laws, regulations and policies. Compliance has six areas to consider. Each application or subsystem should be considered in conjunction with each of these areas. o Information Security / Access o Business Continuity management o Risk Management o Legal compliance o Business aligned (strategy) o Procurement Overview Questions To help manage compliance eight top level questions can be asked. 1 Does the application meet information security needs? 2 Is the system able to withstand a disaster? 3 Have you identified all possible risks and opportunities? 4 Do you have a plan in place regarding the risks and opportunities? 5 Does the application meet all legal requirements? 6 Does the application adhere to all policies that impact the application? 7 Does the application meet strategic business goals? 8 Have all procurements and contractual arrangements been carried out correctly? A suggested tool to help tease out all the compliance issues for an application could be something along the following lines. Here an application is rated against each area of compliance, with questions being asked about the expected compliance or the goal. What would constitute compliance or what test applied would allow a positive rating. And then what actions need to be taken to make the application compliant? Application Name : Recommended Compliant Domain Expected/Goal Test Compliant Y/N Remedy Action Information security Business continuity Risk Legal Business aligned Procurement Areas in more detail and suggested tools Information security / access Making sure that information is securely housed and that all reasonable steps have been taken to safe guard private and confidential information is an important compliance goal. Business continuity management Page 11 of 18
  • 12. Can the business continue working in the case of a disaster? Under what circumstances can an application recovery take place? How long will it take to recover all the data? Who is the first point of call in a disaster? These questions are an example of the type of questions that should be asked when ascertaining wether business continuity needs have been met. The Good Practice Guidelines for business continuity should be reviewed for information when implementing business continuity practises. Risk management Many of the compliance areas for consideration if not managed correctly will impose risks. “Risk management is the identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities.” - Wikipedia “If it can’t be identified, it can’t be managed”. In dealing with risks that are inherent in the management of applications the following is important that a sufficiently robust risk analysis be conducted that uncovers any risks that need to be managed. Tools in accessing and managing risk are Risk impact assessment matrix Risk register Risk Impact matrix Catastrophic 5 High risks Significant risks Moderate risks Low risks 4 Consequence 3 2 1 4 5 Rare 2 3 Almost Certain Likelihood Figure 3 Page 12 of 18
  • 13. Raw risks identified as high or significant should receive further attention. Current risk mitigation plans should be considered to ascertain if the application risk is within a tolerant range of if further risk management plans need to be looked at. Legal compliance Making sure that an application development meets all legal standards and that IP and other such legal matters are not compromised is important. When in doubt crown legal should be contacted for support and information. Business aligned (strategy) The business goals and objectives while not being a legal requirement are extremely important to make sure that they are implemented correctly. In doing this for each application it ensures that application development and services time is not spent in areas that do not contribute to the overall identified business goals and objectives Procurement There are procurement guidelines and policies and these need to be followed making sure that all interaction between the agency and external suppliers is conducted correctly and according to the laid out guidelines and directions. Governance Governance is normally something that applies to a government body or organisation as a whole. In providing value to stakeholders when delivering application development services it is useful in taking the concept of governance that is used at a helicopter view for an entire organisation or even a large project and refining this to simple statements that help drive real value in the correct direction keeping the correct focus (priority) of the applications business value. Governance taken from COBIT5 works towards making sure benefits, risks and opportunities are managed in a manner that provides comfort to all stakeholders Governance talked about in this documentis concerned with governance of the application and the applications life cycle only. Correct governance translates into consistent management, effective guidance and granted power in achieving application value. In viewing an applications life cycle there are three areas of governance thatneed to be controlled 1. Resources and how they are used during the application life cycle 2. Risks that are associated with an application and its life cycle 3. Benefits that can be realised because of an application through its life cycle These areas of governance are driven by the governance scope and who is responsible for governance. Governance should not hinder management but rather assist management in achieving the desired outcomes. What governance does do is make sure that allocated resources, risks and benefits are balanced responsibly. Overview Questions To allow correct governance the following governance questions help clarify if governance is being conducted appropriately. Page 13 of 18
  • 14. 1 Who is responsible for the governance decision? 2 Is there a defined capacity for action? 3 Do they have enough information to provide guidance? 4 What are the interactions points between governance and management? Environment A factor with significant impact is the environment within which an application will be developed. The environment captures tools, resources, unit goals and process & practices. All of these impact an applications development and life cycle. The Environment is all of those elements that form part of the way in which the unit delivers its services. This includes Tools used Resources of time, money and skill The Units strategic goals as they relate to the agency goals Practices, policies and culture of the unit All of these things will impact the delivery of services and the unit’s outputs. A number of management frameworks or methodologies can be used in managing these elements. Documentation Documentation is a constant and a very important part of every effort that is undertaken in delivering an outcome. There is documentation in all aspects of the suggested activities in this framework. Documentation is part of the expected activities of Business Analysis, Project management, Governance, Compliance and Unit management. What happens to this documentation and the ongoing need to make the information available is an important element of this framework.A good documentation foundation enhances an applications ability to meet business needs throughout its life cycle and especially looking into the future. The documentation of an application should be maintained with consideration for static documentation or documentation that is rarely changed and live documentation which is updated regularly. Archive Documentation 1. Development or implementation documentation including compliance and governance setup 2. Technical and end user documentation 3. Learning’s from project implementation (can be part of implementation documentation) Live Documentation 4. Quick – Key application and management information 5. Issues tracking and resolution information Page 14 of 18
  • 15. Development or implementation documentation Documentation that is generated during the analysis and implementation of an application should be stored. This should be stored somewhere that is accessible and easy to find and link to other documentation relating to an application. It will be infrequently accessed but will be of great help if that type of information is needed e.g. a review of business analysis as to why an application was chosen or procurement documentation. The TRIM system should be considered as the best place for this type of information. This type of documentation should be expected to be versioned and easily referenced. It will be the baseline and include changes and enhancements that happen to an application over time. Technical and end user documentation Technical and end – user documentation should also be stored in a secure and accessible place. Technical documentation gives developers, support staff and users the information that they need when working with the application. It is important that this documentation be maintained up to date as un-maintained documentation is frustrating and reflects badly on the application. Technical documentation includes diagrams, interactive flow diagrams and written information. This documentations accessibility is important especially for new users. Application Management Matrix: Quick – Key application and management information The ICT Business Services unit deals with many applications. It is important to be able to understand an applications basic structure. Areas of knowledge that enhance managements knowledge of an application are as follows Business unit information - Information relating to the business unit that initiated and use the application Hardware infrastructure – What hardware is the application using Software Infrastructure – Warranty, versioning, upgrade strategy Application Management – Application interconnectivity, Dealing with the application internal to ICT business system Software Information – Proprietor information, contact details Software usage and maintenance – Upgrade strategy, issues management Skills and People – Skills needed, who has the skills Cost of Ownership – What cost is there for running the application All this information should be easily available in a database that is maintained allowing information to improve management of applications. A software project has been started with the creation of the Application Management Database as its goal. It is suggested that a database like this should be expanded to house all of the relevant application management information pertaining to an applications life cycle. Information that should form part of this database would include user perception and balanced score card information relevant to each application. This information is live or active information and needs to be searchable and allow the manager to create dynamic reports. Page 15 of 18
  • 16. In providing a database of this capacity one of the below alternatives will need to be adopted 1. The current application management database could be enhanced 2. A SharePoint solution could be investigated using SharePoint 2013 and many of the enhancements within this system especially if SharePoint is to be relaunched and made the central point of agency user knowledge and connectivity. 3. Look for an off the shelf application management software that will allow the above information to be captured. In considering what the application management software should achieve the following should be considered General application knowledge Accessibility to the information Ability to store external documentation e.g. .doc .vsd .xls and other files not just field entered information Ability to search the information Easy and intuitive information maintenance Easy to use interface paying attention to usability Bugtracker/IT Helpdesk: Issues tracking and resolution information This documentation really is part of the ongoing documentation that should be kept and is important in understanding an applications usefulness, struggle points and cost of maintenance. There are two systems being used at the moment The TT system used by infrastructure help desk for support tickets Bugnet Querying issue tracking information and making this available as part of a management tool, allows a clearer understanding of trends and future requirements that an application will need. Often this information is used during the issue resolution by the technical support but not as a whole of application overview. Drawing intelligence from what users are reporting can be very beneficial when considering an application as a whole and should feed into the balanced score card suggested earlier. Bugnet at the moment is used only during application development. The TT system is used for user incoming requests and raised problems. There may be the possibility to somehow integrate the information from these systems. It may also be decided that having different systems is working well at the moment. The struggle is that the more systems there are to maintain the less chance that the systems or applications get usedeffectively. Key questions to be asked when managing documentation 1 Do we have all the Key application information for ongoing management? 2 Have we captured and stored all generated documentation during implementation? 3 Are we recording all issues and problems effectively? Page 16 of 18
  • 17. Documentation and Storage for Static and Live Information Figure 4 Page 17 of 18
  • 18. Conclusion This framework is not a definitive structure for managing applications but is a suggestion of how it can be approached. It has strived to make the management of an application as simple as possible. All along the way it has strived to put forward a group of questions that stimulate thoroughness, out of the box thinking and accountability. It has considered frameworks from a number of disciplines and selected elements that make sense for use by DEDTA ICT Business Services application framework. It is anticipated that elements of this framework if implemented will grow and be refined as learning’s occur. When implementing this framework it is suggested that the Deming cycle of PDCA (Plan, Do, Check, Act) be adopted. This paper should be considered as the first element in the cycle being a plan of what could be implemented to improve application management. The ideas here need to be implemented and tested to see if they are producing the desired results. Following this a replanning covering shortfalls and gaps and ways to improve should then be undertaken making sure that the unit is not burdened down with tasks that produce no value. Figure 5 Page 18 of 18