IT Best Practices

THE BUSINESS ISSUE

Today’s information services must meet criteria related to cost control and user satisfaction, as well as new quality and security standards. Best practices recommendations (e.g., COBIT, ITIL, and CMM) that address these needs have gained much attention in recent years. From among various frameworks, you can choose the one that best supports your objectives for improving your organization, solutions, and services.

Moving your company to best practices standards is a lot of work. However, the good news is that applying these frameworks helps move IT into the automation age. IT managers appreciate the value that standards add in terms of improved quality and reliability. The obvious additional benefits that software tools offer in this scenario will help you convince your management that SCM, documentation, and help-desk solutions are a good investment.

Standards, Frameworks and ARCAD

COBIT

Lets talk first about the COBIT (Control objectives for information and technology); initialized by ISACA (the Information Systems Audit and Control Association), it has been developed to support the risks management specific to the IT domain.
Created in 1996 to answer the need of an IT security and control framework, its objective is to bridge the gap between control requirements, technical issues and business risks by establishing best practices in information system audit. It is mainly used in the context of the Sarbanes-Oxley act; it comes from the IT Governance Institute (www.itgi.org) to help the evolution and the formalization of the risks control in the IT domain.
Bringing a company to the compliance to these standards is truly a heavy process; it is however healthy in various aspects. The positive point in this approach is that moving companies smoothly to use these best practices frameworks helps bringing the IT into the industrial age.

The COBIT and the ARCAD solution

COBIT
CobiT (Control Objectives for Information and related Technology) was created in 1996 as an IT security and control framework. It is published by ISACA (Information Systems Audit and Control Association), an international association whose aim is to improve the processes and methodology of IT audits.

CobiT bridges the gap between control requirements, technical issues, and business risks. The framework also provides performance indicators that enable you to evaluate your situation vs. best practices (by level of maturity). The Sarbanes-Oxley legislation has widely popularized CobiT. If you must face auditors, in CobiT you will find the subjects on which they will judge your information system and your organization.

Although the original objective of the ARCAD tools is to guarantee the quality of applications, they bring substantial, practical capabilities that help you address many of the CobiT objectives:

Our solutions make it possible to attain a better level of controls maturity for more than half of the hundreds of CobiT control points, and for nearly one out of three, our tools are indispensible.
ARCAD tools have an important role in the audit phase because they provide the auditor with the information that he is seeking

ITIL
ITIL (Information Technology Infrastructure Library)is based on 10 key processes. It recommends that you define service levels and have formal service level agreements. It then proposes a set of best practices that will help you fulfill these agreements. Among the domains that ITIL covers, you will find operation and production services together with some issues handled by the engineering department, such as change management. You can read more about ITIL on the www.itsmf.com Web site.

Our Skipper, Observer, and Customer software suites are a perfect fit for a company adopting an ITIL approach. These solutions cover the following aspects of ITIL:

Service desk,
Incident management,
Problem management,
Configuration management,
Change management,
Release management, and
Service level management.

ARCAD manages all software changes within an organized and secure process through a clearly identified version, thus preserving the knowledge of previous versions. Our
solutions allow you to establish a solid and secure architecture in which all software changes are archived and tracked, a basic requirement of a quality process. This approach will help you reach the quality level your users require.

CMM
CMM (Capability Maturity Model) was developed in 1987 with the introduction of a five-level maturity scale. It is an efficient tool to help you evaluate your processes in the area of software development. It is based on best practices from various companies, which is the source of its worldwide success. For example, compliance with the CMM model is required to work with the U.S. Department of Defense. This model is maintained by the SEI (Software Engineering Institute). You can find more information on the CMM site: www.sei.cmu.edu/cmm
Here again, adopting CMM presents an opportunity to improve your organization, to enter the automation age with clearly established processes, and to enhance productivity.

GAINS