Key Best Practices and International Standards Used
A wide range of standards and best practices have been developed for different phases of ICT(Information and Communication Technology) systems.
A natural question is: Why so many different best practices and standards, why not one standard or best practice for all
The simplest way to answer this question is that different best practices and standards/guidelines address different issues. Thus there is no one size fits all. The users have to decide which standards to use when and under what type of situations In many cases, these best practices/standards have to be specialized for specific situations.
For example:
- ITIL covers service management
- SOA covers interoperability and integration
- COBIT covers security and controls
Figure 1 shows a simplified view of standards used in SPACE and Table 1 and Table2 show more detailed views of what standards are used by what specific tools in SPACE .
Figure 1:Best Practices and Standards for SPACE
Table 1: SPACE Planner & Tools, Techniques and Standards Used
| Planning Phases | Activities Performed | Tools, Techniques &Standards Used |
|---|---|---|
| P0 (Government Modeler) Choose a Country and create a GovernmentPattern |
S1: Define the country Profile and specify the level of use for the ICT |
Fetch and use various indicators from sources such as World Economic Forum, UNPAN, ITU |
|
S2: Create a government pattern for the chosen country |
Use the Patterns Repository to fetch and display a generic government pattern |
|
|
S3: Customize the pattern based on user inputs |
Defaults for the patterns are based on external data sources |
|
|
P1 (Initializer): Choose an Area (Domain) andDo Information Gathering
|
S1: Define a service in different areas that support the MDGs (e.g., healthcare, education, economic development) |
The services are based on the government pattern and use the ITIL ITIL (IT Infrastructure Library: www.itil-officialsite.com |
|
S2: Get general information, educational resources and best practices |
Extensive literature from diverse sources is accessedand displayed. |
|
|
S3: Do a self assessment of the PMO (present method of operation) and FMO (Future Method of Operaation) |
Uses the Capability Maturity Model (CMM) measures (0 to 5) for assessment. |
|
|
P2 (Strategic Planning): High Level Planning (Management Focus)
|
Cost-benefits tradeoffs |
Uses the McFarlandModel |
|
Strategic analysis (buy, rent, outsource) |
Uses an intuitive decision model based on time, in-house expertise, |
|
|
Policies and procedures needed for the service |
Policies from different sourcesare fetched and displayed. Oracle Policy Automation |
|
|
Business processes needed |
TOGAF (The Open Architecture Framework) and US-FEA (Federal Enterprise Architecture) |
|
|
Technologies (apps, platforms, networks) |
OAG (Open Application Group -Website: www.oag.org,W3C (www.w3c,org), ISODP (ISODistributedProcessing), Cisco guidelines |
|
|
Security & business continuity planning |
SSI (System Security Institute), and ISO 9000 (for quality mgmt) |
|
|
Project Management & Governance |
PMBOK (Project Management Book of Knowledge) by Proj Mgmt In.(PMI) COBIT (Control Objectives for Information |
|
|
Interoperability and Integration Considerations |
SOA, SPOCS(large European initiative for interoperability http://www.eu-spocs.eu/) |
|
|
P3 (Detailed Planner): (Technology Focus)-- Through Simulations
|
Consolidated Report that shows:
|
Requirements document is based on IIBA ((International Institute of Business Analysis): Website: www.theiiba.org
|
|
Detailed Planning & Implementation Tools |
Games, simulations, planning tools, |
|
|
P4: Monitoring and Control (Quality Focus) |
Detailed project management for monitoring and controls with quality focus |
PMBOK (Project Management Book of Knowledge) by Project Mgmt In.(PMI), COBIT (Control Objectives for Information), ValIT and RiskIT. |
Table 2: MoreDetailed Discussion of Best Practices, International Standards and De-factoStandards Used
| Phases | Key Best Practices, International Standardsand De-facto Standards Used | Related SPACE Toolset |
|---|---|---|
| General Information Gathering and Requirements |
IIBA ((International Institute of Business Analysis): an independent non-profit professional association concerned with the over all field of Business Analysis. Provides best practices and guidelines in requirements management, systems analysis, business analysis, requirements analysis, and project management. Website:http://www.theiiba.org/
UML (Universal Modeling Language): a heavily used graphical language to represent business requirements and process flows. Introduced by OMG (Object Management Group). Website: http://www.omg.org/.
|
SPACE ( General Information Gathering and Requirements) uses the IIBA standards for requirement definitions and UML to represent requirements
|
| Strategic Analysis |
ITIL (IT Infrastructure Library): a widelyaccepted approach to IT service management. Originated in Britain, ITILprovides a cohesive set of best practice, drawn from the public and privatesectorsinternationally. Website: http://www.itil-officialsite.com/
US FEA (Federal Enterprise Architecture): a widely used framework for developing enterprise wide architectures for US government agencies. Website: http://www.whitehouse.gov/omb/e-gov/fea/
Oracle Policy Automation: a business rules management system that helps governments to automate complex, rapidly changing policies as well as to provide consistent advice to citizens across multiple service delivery channels. Website: http://www.oracle.com/
|
SPACE (Strategy Analyzer) usesITIL for service definitions andUS FEA for developing a well architected plan. Oracle Policy Automation tool is currently being explored. |
| Detailed Phases | Key Best Practices, International Standardsand De-facto Standards Used |
PISA Advisors (PISA is used in Detailed Planning Tasks) |
| Detailed IT Planning (application planning, platform planning, network planning) |
ITIL(described previously)
OAG (Open Application Group):An active group involved in publishing the best practices in applications. Website: http://www.oag.org/.
W3C (World Wide Web Consortium): the home of web technologies and widely used as a source of open standards in web technologies. Website:http://www.w3c,org/.
ISODP (ISO Distributed Processing):a popular framework to define distributed systems. Website: http://www.iso.org/
|
PlanIT (Planner for IT) has several advisors that conform to these standards and collaborate with each other for complete plans |
|
Architecture, Integration and Interoperability |
SOA (Service Oriented Architecture): A comprehensive architecture for building integrated and flexible applications based on services. Good website: www.ibm.com/soa/
FEA: Described above
SPOCS: This is a large European initiative for interoperability. The focus is on EU
cross-border systems.
|
AIM (Architecture and Integration Module) advisors conform heavilyto SOA and FEA to these standards and collaborate with each other for complete integrated architectures. We are looking at SPOC. |
|
Security and Administration (security planning, audits and controls, business continuity planning, project planning, quality management) |
PMBOK (Project Management Book of Knowledge): Published by Project Management Institute (PMI), this book clearly specifies the best practices in different aspects of project management (e.g., risk management, cost management). Website: http://www.pmi.org/.
COBIT (Control Objectives for Information and related Technology): an approach to standardize good IT security and control practices. COBIT provides tools to measure the performance of 34 IT processes. Website: http://www.cobit.org/.
ISO 9000: ISOspecifications for quality management with highly respected certification. ISO 9001 is most heavily used. Specifies requirements for certifications (e.g., quality policy, quality manual, quality objectives, quality procedures, quality documentation). Website: http://www.iso9000.org/
|
SAM (Security and Administration Module) advisors heavily use PMBOK and COBIIT.We are reviewing ISO9000. |