Home > IT Management > Frameworks for IT Management or WTF are we (really) doing?!

Frameworks for IT Management or WTF are we (really) doing?!

We’re always forever talking about IT and Business Alignment and there’s A LOT of stuff written about it as you can see. So, given that this very topic is so beaten to death and yet so far from resolution, you would think that somehow, we would find a way to simplify, keep it simple and stupid, our IT management…. Bzzt! Thank you for playing!.

As I try to go through some of my CGEIT materials, I thought to pick up an intro book (or so I thought), innocently titled, “Frameworks for IT Management“. After looking into it, I’m not getting a warm and fuzzy feeling about this “project” and really wondering if I haven’t made a terrible mistake going down this route to being a better and more informed IT guy…

Take a look at the various Frameworks one needs to master:

    Quality Management
    Quality Improvement
    IT Management
    Project Management

And Bodies of Knowledge of each:

    1. Quality Management

  • TQM,
  • ISO9000,
  • TickIT (Software Quality),
  • ISO20000 (IT Service Management)
  • ISO27001 (Information Security), ISO17799 (Information Security)
    2. Quality Improvement

  • eSCM-MP (e-Sourcing Capability Model for Service Providers),
  • Balanced Scorecard,
  • IT Service – CMM,
  • Six Sigma
    3. IT Governance

  • AS 8015 (Australia Standard for Corporate Governance of IT),
  • CoBIT (Control Objectives for Information and related Technology)
  • M_o_R (Management of Risk)

It is really little wonder how IT and Business can never seem to find common ground and understanding of each other given this massive technical body of jargon. Communications, communications, communications – asking (the right) questions is a critically important IT competency. Practicing this often will help us toward successfully “bridging the gap between Business and IT” (check out Laura Brandau’s excellent blog by this name).

Categories: IT Management
  1. June 5, 2009 at 11:18 PM


    In the area of IT Governance, there are 2 more frameworks worth noting:

    1. ValIT – A framework addressing the governance of IT-enabled business investments; and
    2. RiskIT – An enterprise risk management framework designed to allow business managers to identify and assess IT-related business risks and manage them effectively.

    Both come from the ISACA organization (www.isaca.org).


  2. June 6, 2009 at 12:22 AM

    Hi Long,

    Thanks for pointing out both ValIT and RiskIT as additional IT Frameworks. These are included in the expanded CGEIT studies. Frameworks for IT Management which I based my posting on states:

    This itSMF publication covers the most important frameworks in use, in a neutral and objective way, so that readers can better understand the potential value of each instrument.

    It may be slightly outdated without the ValIT and RiskIT inclusions now.

    For myself, I think ValIT is a bit of an overkill – I can’t imagining IT investments done without supporting business goals, optimizing business investment in IT, and appropriately managing IT- related risks and opportunities. The question seems to me at what level does all these need to be done at? PPM by the PMO or functional PMO? Of course, the effectiveness is a question and ValIT’s ‘Four Ares” questions – Are we doing the right things, Are we doing them the right way, Are we getting them done well, Are we getting the benefits – are very important to be asked at many levels to ensure IT projects are delivering the important strategic business goals.

    Many thanks,

  3. June 5, 2009 at 11:53 PM


    interesting post. I agree with you, there is a huge problem with IT and Business alignment. What is interesting to me is that none of the five areas you listed ever asks the question: “What does the business do and how can we help it succeed?”

    If you can answer that one question, don’t you think you’ll have better alignment than if you’re a master of the five areas listed?

  4. June 6, 2009 at 12:28 AM

    Hi Andrew,

    Great – you asked the right question and what my posting was driving at. It’s hard for me to reconcile all these IT Frameworks with “What does the business do and how can we help it succeed”? So long as the IT manager can apply these frameworks to make the business succeed, then super, but it seems…er, challenging.

    I suppose that these are part of an overall “IT Toolkit” which the IT manager can use depending on need. Whether that’s most of them…I’m skeptical frankly but depending on the IT management scale and scope we’re talking about, it may be important to have many of these processes in place. Definitely I need to digest some more and read on…

    Many thanks,

  5. June 6, 2009 at 12:57 PM


    it seems to me that if there is a need to have someone on board that knows some particular skill set, that it’s easy enough to get a contractor or hire someone who know ITIL or Six Sigma or Lean or any other discipline.

    Understanding the business and how to enhance the business or make the business succeed; you cannot hire. That takes time and learning. Understanding how the corporation operates, who the key people are and what can be achieved and in what time frame requires knowledge that can only be developed, not hired.

    If one is going to align IT and business goals, one need to know the business and have it flow through their veins. Once that understanding has been developed. You can evaluate and hire whatever acronym laced skill set is necessary. And whether you pay them $10/hr or $100/hr or $1,000/hr, that is all their worth.

    Understanding the business you cannot hire. Seeing how IT can enhance the business you cannot hire. Those things take time and can only be developed and refined. Once those skills have been refined, the other skill sets can be rented.

    Don’t you think?

  6. June 6, 2009 at 6:54 PM

    Hi Andrew,

    From what I gather now and also from scoping out the blogosphere for other IT Governance people, they seem to be “in-house” managers, not consultants. My take on the IT Governance body of knowledge represented by the CGEIT is similar to the PMP or other type of certification. If you’re going to do the job, you need to get up to speed on the subject matter. That there are SME’s selling their consulting expertise in this area is expected but their effectiveness requires a deep knowledge and understanding of how the organization “works”.

    As IT Governance blogger Bill Oxley, writes, sometimes it’s about satisfying external requirements. I like his approach to his journey of learning about these sort of things.

    Thanks for your comments,

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: