Mercury IT Governance Center
Crossing the Business-Technology Chasm in the Financial & Banking Sector
Moti Krispil, Director, Mercury
May 2006, Bucharest
IT Governance
A Pillar to Corporate Governance
Crossing the Business-Technology Chasm in the Financial Sector
Moti Krispil, Director, Mercury
May, 2006 - Bucharest
Objectives
• Banking & Financial Sector Unique IT
Challenges
• IT Governance – A Pillar to a true
Business-Technology Alignment
• Mercury IT Governance Center benefits
Mercury Confidential & Proprietary
3
Unique IT Challenges in the Financial &
Banking Sector
• Multiple & parallel regulations
• IT alignment is confined to
business-units
• Lagging cross-LOB prioritization
• Poor IT decision making visibility by
the business & CXO
• IT general controls vital to
compliance
• Islands of IT management
information & point-solutions
Mercury Confidential & Proprietary
4
IT Governance & Compliance
$6.1B
Amount U.S. companies will spend to comply with
Sarbanes-Oxley in 2005
AMR Research
52%
Increase in spending on IT for Sarbanes-Oxley
2004-2005
AMR Research
$4B
Amount European banks will spend on IT to comply
with Basel II over next two years
Datamonitor
Mercury Confidential & Proprietary
5
Compliance is a Business and IT Issue
Changes in
regulations and
internal policies
Changes in
business
processes
Changes in
software
applications
Effective IT governance structures have one thing in
common: they create a framework for corporate
governance.
EU Data Protection Directive
Mercury Confidential & Proprietary
6
IT Governance & Enterprise Risk Management
A huge majority (82%) said corporate risk
management has increased in importance for their
CIO or other senior IT executive in the past 12
months.
Mercury Confidential & Proprietary
7
IT Governance : Practical Definition
A framework containing:
• Mechanisms that facilitate decision making
• Processes that ensure alignment between
technology and business goals
• Best practices for daily IT operations and functions
with minimal supervision
• Organizational infrastructure to measure and
facilitate communication throughout the
organization
Mercury Confidential & Proprietary
8
Successful IT Governance …
• Is not about control
• Is about having and using the means to
build visibility and consensus
• Must consist of two aligned
governance structures
• The strategic planning : who decides
what is going to be done
• The operational process : by what
means are the chosen actions
executed
Mercury Confidential & Proprietary
9
Is IT Governance a possible answer?
“Firms with superior IT governance have
more than 25% higher profits than firms
with poor governance, given the same
strategic objectives.”
Weill & Ross, 2004
“Evolving from a cost center, IT is taking on the
character, rigor, and practices of a business
within a business. It won't be easy, but for
CIOs it's a matter of survival.”
CIO Magazine,
“How to Run IT Like a Business”
Mercury Confidential & Proprietary
10
It Can Be, but…
“If Information Technology has a
God, his name is Governance.”
• Good but elusive,
• Pervasive but difficult to quantify,
• Powerful but intangible,
• Hard to enforce, coordinate and
maintain
Mercury Confidential & Proprietary
11
In Search for an Integrated Governance
Solution
• An integrated governance solution
• IT Governance SOX, Risk
Management, Portfolio Management,
PMO, Demand Management, Change
Management, Executive dashboards,
Scorecards, etc…
• A process driven framework
•
•
•
•
Built in compliance “accelerators”
Communication & visibility
Business alignment “mindset”
Built-in best-practices
• A “field tested” solution
Mercury Confidential & Proprietary
12
Business Technology Optimization
A practical framework for governing IT
Optimize the Business
Value of Information
Technology
Mercury Confidential & Proprietary
13
Business Technology Optimization
BUSINESS
Demand
Are we working
on the right things?
Applications
IT GOVERNANCE
Are we doing them
right?
Are we delivering
business value?
APPLICATION
DELIVERY
DEVELOPMENT
APPLICATION
MANAGEMENT
INFRASTRUCTURE
Mercury Confidential & Proprietary
14
Mercury IT Governance Center Solution
Mercury Confidential & Proprietary
15
Mercury IT Governance Center Solution
“Doing the Right Things, Doing Things Right.”
Control
• Real-time visibility
• Consistent,enforce,
repeatable processes
• Reliable metrics
Compliance
Alignment
• Comprehensive data
capture
• Highest-value
projects
• Transparency
• Drive out waste
• Automatic audit trail
• Fast and flexible
Both Strategic and Operational
Mercury Confidential & Proprietary
16
Running IT Like a Business?
Visibility
Priorities
Processes
People
Alignment
Control
Driving alignment of IT investments
with business objectives
Executing processes within IT as
efficiently as possible
Ensuring people are working on
high value activities
Mercury Confidential & Proprietary
17
Mercury ITG Center : Providing Answers
• What IT is and will be
investing in, to maximize the
value and ensure compliance
(portfolio management)
• What is asked of IT
(demand management)
• How projects and services
delivered to the business
(project visibility and control)
IT
Governance
Portfolio
Management
Cross Company
Communication
Demand
Management
Project
Visibility
and Control
Mercury Confidential & Proprietary
18
Portfolio Management
Align Investments, Stakeholders, and Priorities
Risk / Value
Current Investments
Application Assets
What-if Analysis
IT Portfolio
In-Flight Projects
IT Steering
Committee
Prioritization
Proposed Investments
Proposals
Business
Cases
Business Ops
Review
Funded
Assets
Funded
Projects
Enforced Processes
Architecture
& Standards
Review
Investment Class
Mercury Confidential & Proprietary
19
Project Visibility and Control
TODAY
•
•
•
•
Poor visibility into status and spend
Projects late and over budget
Inefficient resource utilization
Difficult to justify IT budget
Earned Value
PROJECT DASHBOARD
Resources
Variances
WITH MERCURY
•
•
•
•
•
•
Health by BU
Real-time visibility of project status
Detailed resource management
Earned value analysis, NPV, ROI
Managed risk and scope changes
Stage gates best practices
SOP 98-1 Compliance
Project Gantt
Budgets
Digitized Processes
Issues, Risks, Scope Changes
Mercury Confidential & Proprietary
20
IT Services Automation
TODAY
•
•
•
•
•
Disconnected tools for requests
Paper-based SLAs, manual tracking
No visibility—IT as black box
Manual processes
Parallel redundant regulatory efforts
WITH MERCURY
•
•
•
•
•
•
Consolidated view of all IT demand
Automation of tasks
Visibility and collaboration
Full audit trail visibility
Enforced best practices
Catalogue of services with SLA’s
Mercury Confidential & Proprietary
21
IT Services Automation
Demand Consolidation: Digitize Shared Services
DASHBOARD VISIBILITY
IT
Customers
Web Based
Request Forms
Real-time
Dashboard
Strategic and
KTLO Requests
Shared IT
Services
• Service Catalog
• Services Forms
• Workflows
• SLAs
• Objectives
• Reporting
• Metrics
IT Service
Fulfillment
Outsourced
Insourced
• Work Queues
• Metrics
• Deployment
• Costing
• Tracking
• Exception Alerts
• Escalation Process
Mercury Confidential & Proprietary
22
Reduced Cost-to-Compliance
With Mercury IT Governance Center
Automated audit processes and
documented controls, risks,
and assessment schedules
Successfully implemented ITIL change
management processes
Enforced stage gates and tracking
required metrics
Achieved the highest level of
certification (Level 5)
The first local exchange provider
certified for ISO-9000
Mercury Confidential & Proprietary
23
Mercury ITG : "One Ring To Rule Them all"
A unified IT governance &
compliance foundation
IT Governance & Controls
DRP & BC Support
Compliance Management
Risk Management
Mercury Confidential & Proprietary
24
Customer Momentum in EMEA
Financial Services
Pharm. & Healthcare
Manufacturing
Federal
American Express
AXA Financial
Bank of America
Bank One
Bear Stearns
Capital One
Citigroup
Fannie Mae
Fidelity
JPMorganChase
Lehman Bros.
Standard & Poor’s
TD Bank
Visa
Wells Fargo
Washington Mutual
American Red Cross
Blue Cross Blue Shield
GlaxoSmithKline
Johnson and Johnson
Merck
Pfizer
WebMD
Wyeth
Airbus
Air Force
Ford
Social Security
General Electric (GE)
USMint
Gillette
USPS
Honeywell
US Army
Nissan
Telco
Toyota
AT&T
Retail
Insurance
Cingular Wireless
DHL
Lands End
Marriott
Proctor & Gamble
Royal Carribean
Williams-Sonoma
Gymboree
Aetna
BellSouth
Allmerica
Nextel
Hartford
SBC
MetLife
Sprint
Nationwide
T-Mobile
Prudential
Verizon
Over 500 highly satisfied customers
spanning major enterprises worldwide
Mercury Confidential & Proprietary
25
Governance is Even Hotter for Romania
Romania & the EU
• Combating Corruption
• Corporate Governance Discipline –
Mandatory!
• Privatization
• Restructuring
• Globalization & Competitiveness
• M&A & Equity Value
Mercury Confidential & Proprietary
26
Thank You!
Mercury Confidential & Proprietary
27