Key Best Practices and International Standards Used

A wide range of standards and best practices have been developed for different phases of ICT(Information and Communication Technology) systems.

A natural question is: Why so many different best practices and standards, why not one standard or best practice for all

The simplest way to answer this question is that different best practices and standards/guidelines address different issues. Thus there is no one size fits all. The users have to decide which standards to use when and under what type of situations In many cases, these best practices/standards have to be specialized for specific situations.

For example:

Figure 1 shows a simplified view of standards used in SPACE and Table 1 and Table2 show more detailed views of what standards are used by what specific tools in SPACE .

Figure 1:Best Practices and Standards for SPACE

Table 1: SPACE Planner & Tools, Techniques and Standards Used

Planning Phases Activities Performed Tools, Techniques &Standards Used
P0 (Government Modeler) Choose a Country and create a GovernmentPattern

S1: Define the country Profile and specify the level of use for the ICT

Fetch and use various indicators from sources such as World Economic Forum, UNPAN, ITU

S2: Create a government pattern for the chosen country

Use the Patterns Repository to fetch and display a generic government pattern

S3: Customize the pattern based on user inputs

Defaults for the patterns are based on external data sources

P1 (Initializer): Choose an Area (Domain) andDo Information Gathering

S1: Define a service in different areas that support the MDGs (e.g., healthcare, education, economic development)

The services are based on the government pattern and use the ITIL ITIL (IT Infrastructure Library: www.itil-officialsite.com

S2: Get general information, educational resources and best practices

Extensive literature from diverse sources is accessedand displayed.

S3: Do a self assessment of the PMO (present method of operation) and FMO (Future Method of Operaation)

Uses the Capability Maturity Model (CMM) measures (0 to 5) for assessment.

P2 (Strategic Planning): High Level Planning (Management Focus)

Cost-benefits tradeoffs

Uses the McFarlandModel

Strategic analysis (buy, rent, outsource)

Uses an intuitive decision model based on time, in-house expertise,

Policies and procedures needed for the service

Policies from different sourcesare fetched and displayed. Oracle Policy Automation

Business processes needed

TOGAF (The Open Architecture Framework) and US-FEA (Federal Enterprise Architecture)

Technologies (apps, platforms, networks)

OAG (Open Application Group -Website: www.oag.org,W3C (www.w3c,org), ISODP (ISODistributedProcessing), Cisco guidelines

Security & business continuity planning

SSI (System Security Institute), and ISO 9000 (for quality mgmt)

Project Management & Governance

PMBOK (Project Management Book of Knowledge) by Proj Mgmt In.(PMI)

COBIT (Control Objectives for Information

Interoperability and Integration Considerations

SOA, SPOCS(large European initiative for interoperability http://www.eu-spocs.eu/)

P3 (Detailed Planner): (Technology Focus)-- Through Simulations

Consolidated Report that shows:

  1. Summary of the interactions
  2. Requirements (RFP) format
  3. Standards used (with explanations)

Requirements document is based on IIBA ((International Institute of Business Analysis):

Website: www.theiiba.org

Detailed Planning & Implementation Tools

Games, simulations, planning tools,

P4: Monitoring and Control (Quality Focus)

Detailed project management for monitoring and controls with quality focus

PMBOK (Project Management Book of Knowledge) by Project Mgmt In.(PMI),

COBIT (Control Objectives for Information), ValIT and RiskIT.

 

Table 2: MoreDetailed Discussion of Best Practices, International Standards and De-factoStandards Used

Phases Key Best Practices, International Standardsand De-facto Standards Used Related SPACE Toolset
General Information Gathering and Requirements

IIBA ((International Institute of Business Analysis): an independent non-profit professional association concerned with the over all field of Business Analysis. Provides best practices and guidelines in requirements management, systems analysis, business analysis, requirements analysis, and project management.

Website:http://www.theiiba.org/

UML (Universal Modeling Language): a heavily used graphical language to represent business requirements and process flows. Introduced by OMG (Object Management Group).

Website: http://www.omg.org/.

SPACE ( General Information Gathering and Requirements) uses the IIBA standards for requirement definitions and UML to represent requirements

Strategic Analysis

ITIL (IT Infrastructure Library): a widelyaccepted approach to IT service management. Originated in Britain, ITILprovides a cohesive set of best practice, drawn from the public and privatesectorsinternationally.

Website: http://www.itil-officialsite.com/

US FEA (Federal Enterprise Architecture): a widely used framework for developing enterprise wide architectures for US government agencies.

Website: http://www.whitehouse.gov/omb/e-gov/fea/

Oracle Policy Automation: a business rules management system that helps governments to automate complex, rapidly changing policies as well as to provide consistent advice to citizens across multiple service delivery channels.

Website: http://www.oracle.com/

SPACE (Strategy Analyzer) usesITIL for service definitions andUS FEA for developing a well architected plan. Oracle Policy Automation tool is currently being explored.

Detailed Phases Key Best Practices, International Standardsand De-facto Standards Used PISA Advisors
(PISA is used in Detailed Planning Tasks)
Detailed IT Planning (application planning, platform planning, network planning)

ITIL(described previously)

OAG (Open Application Group):An active group involved in publishing the best practices in applications.

Website: http://www.oag.org/.

W3C (World Wide Web Consortium): the home of web technologies and widely used as a source of open standards in web technologies.

Website:http://www.w3c,org/.

ISODP (ISO Distributed Processing):a popular framework to define distributed systems.

Website: http://www.iso.org/

PlanIT (Planner for IT) has several advisors that conform to these standards and collaborate with each other for complete plans

Architecture, Integration and Interoperability

SOA (Service Oriented Architecture): A comprehensive architecture for building integrated and flexible applications based on services.

Good website: www.ibm.com/soa/

FEA: Described above

SPOCS: This is a large European initiative for interoperability. The focus is on EU cross-border systems.
Website: http://www.eu-spocs.eu/

AIM (Architecture and Integration Module) advisors conform heavilyto SOA and FEA to these standards and collaborate with each other for complete integrated architectures. We are looking at SPOC.

Security and Administration (security planning, audits and controls, business continuity planning, project planning, quality management)

PMBOK (Project Management Book of Knowledge): Published by Project Management Institute (PMI), this book clearly specifies the best practices in different aspects of project management (e.g., risk management, cost management).

Website: http://www.pmi.org/.

COBIT (Control Objectives for Information and related Technology): an approach to standardize good IT security and control practices. COBIT provides tools to measure the performance of 34 IT processes.

Website: http://www.cobit.org/.

ISO 9000: ISOspecifications for quality management with highly respected certification. ISO 9001 is most heavily used. Specifies requirements for certifications (e.g., quality policy, quality manual, quality objectives, quality procedures, quality documentation).

Website: http://www.iso9000.org/

SAM (Security and Administration Module) advisors heavily use PMBOK and COBIIT.We are reviewing ISO9000.