...

NHS Infrastructure Maturity Model Andy Savvides Benchmarking Event Taunton 8th October 2008

by user

on
Category: Documents
43

views

Report

Comments

Transcript

NHS Infrastructure Maturity Model Andy Savvides Benchmarking Event Taunton 8th October 2008
NHS Infrastructure Maturity Model
Benchmarking Event Taunton 8th October 2008
Andy Savvides
http://nww.connectingforhealth.nhs.uk/pspg/
Sound Familiar?
No infrastructure
roadmap so we
just react to
demands on our
IT infrastructure
as best we can
Not enough time
to plan ahead,
too many
projects!
How do I
compare with
other Trusts?
What IT
Infrastructure
initiatives should
I invest in next?
Has somebody
else done this
before?
We are locked in
to old software
that we cannot
upgrade
Infrastructure Challenges Summary
• Too many IM&T Managers rely on just gut feel when setting
investment priorities
• Infrastructure is mostly “invisible” which makes it difficult to
understand its value as an enabler
• Hard to justify and prioritise investment
• Difficult to measure return on investment
• Often not viewed in a strategic context
• We are undervaluing our own intellectual property
• Lack of visibility and focus - NHS is not getting the full value of
some excellent local infrastructure work
• Nationally we don’t share knowledge, patterns and practices
which means we re-invent the wheel and the NHS pays twice
• Lack of strategy aligned infrastructure roadmaps means that many
essential capabilities loose out to “my favourite project”
• Some suppliers don’t create infrastructure solutions that NHS
Trusts request, actually need or are ready for
NHS Infrastructure - a day in the life
IT vendors triggering
change
Increasing need for
accountability
Increasing demands to
manage TCO & show ROI
Constant Change
IT Infrastructure Standards & Best Practice
Emerging
Technology
Legacy Systems &
Components
Tacit Knowledge
Methodologies &
Frameworks
Product Guidance
from Vendors
GPG from NHS
CFH
IG Toolkit
CUI Guidance
Enterprise Wide
Agreements
Constant Pressure to Deliver Local Projects (Many reinventing the wheel)
Growing IT security
attack surface
Increasing IT
complexity
Increasing need for business &
process alignment
Greater choice & awareness means the
business demands a better service
Regulatory and
accreditation demands
Greater expectations of
what IT can deliver
Keep an Eye on the Bigger Picture?
Create a Path to Increased Maturity
NIMM Key Features
• Intuitive and easy to use IT management tool
• Developed in “plain English” by the NHS for the NHS
• Modular allowing Trusts to focus on high priority areas first
• Will be adapted and extended to reflect feedback changing
priorities
• Can be used in either Descriptive and/or Prescriptive modes
• Provides the big picture - knowledge driven self assessment
approach, calibrated for the NHS
• Technology & vendor independent, focus is on capabilities,
standards and NHS needs
• Holistic approach covering both the technology and management
scope of IT infrastructure
• Being linked to other complementary initiatives
• Can be shared with suppliers to help NHS Trusts become smart(er)
buyers
Infrastructure Numbers Game
Estimated Number of PCs in the
NHS
NIMM “Scope” for Guidance
Management
“Scope” of
Infrastructure
Technology
“Scope” of
Infrastructure
NIMM Benchmarking using KPIs
Credible, measurable &
relevant metrics to
measure achievement
What factors are critical
for a specific capability
to be successfully
exploited? What do you
have to get right?
Capability
body of
knowledge
KPIs
Critical
Success
Factors
Best Practice,
Standards, Patterns
& Practices
Infrastructure Maturity Level Summary
Level 1
Basic
Level 2
Controlled
Level 3
Standardised
Level 4
Optimised
Not Drawn to
Scale
Level 5
Innovative
Disjointed,
manual
Infrastructure
Coordinated,
manual
Infrastructure.
Standardized
Infrastructure
Consolidated
and virtualized
Infrastructure
IT & business
stakeholders
work in
partnership
Knowledge not
shared
Knowledge silos
exist
Individual Level
collaboration
and knowledge
sharing
Team level
knowledge
sharing &
collaboration
Enterprise level
knowledge
sharing &
collaboration
Reactive & adhoc
Reactive with
some planning
in place
Reactive &
becoming
proactive
Proactive &
accountable
Strategic asset
Unpredictable
service
performance
Services
manageable &
getting
predictable
Stable &
architected IT
Infrastructure
Continuous
service
improvement
Drives service
innovation
User driven
“who shouts
loudest”
Problem driven
Request driven
Service driven
Value driven
Focus is to
Avoid
Downtime
Focus is to
Get Control
Focus is to
Adopt
Standards &
Best Practice
Focus is on
Efficiency
Focus is to
become a
Catalyst for
Innovation
NIMM to Microsoft IO Model Mapping
Basic
Standardized
Rationalized
Dynamic
Identity & Access Management
Directory services, User provisioning, Directory-based authentication
Desktop, Server, and Device Management
Software distribution, Patch management, Mobility, Imaging, Virtualization
Security and Networking
Policy, Anti-malware, Firewall, Access control, Network protection, Quarantine
Data Protection and Recovery
Backup, Restore, Storage management
IT and Security Process
Best practice guidance on cost-effective solution design, development, operation, and support
NIMM to Gartner Model Mapping
Basic
Uncoordinated
infrastructure
Objective
React
Standardized
Standard
resources,
configurations
Rationalized
Consolidate to
fewer
Virtualized
Infrastructure
resources
pooled
Reduce
complexity
Economies
of scale
Flexibility,
reduce costs
ServiceBased
Services
managed
holistically
Servicelevel
delivery
Ability to
Change
Months to
weeks
Weeks
Weeks to
days
Weeks to
minutes
Minutes
Pricing
Scheme
None, ad hoc
Fixed costs
Reduced,
fixed costs
Fixed shared
costs
Variable
usage costs
Business
Interface
No SLAs
Class-ofservice SLAs
Class-ofservice SLAs
Flexible SLAs
End-to-end
SLAs
Resource
Utilization
Unknown
Known
Rationalized
Shared pools
None
Central control Consolidated
Chaotic –
Reactive Proactive
Life cycle
management
Organization
IT
Management Reactive
Processes Ad hoc
Proactive
Mature
problem mgmt
Pooled
ownership
Proactive
Prediction,
dynamic
capacity
Servicebased pools
Serviceoriented
Service
End-to-end
service
management
Policy/ValueBased
Dynamic
optimization to
meet SLAs
Business
agility
Minutes to
seconds
Variable
business
costs
Business
SLAs
Policy-based
sharing
Businessoriented
Value
Policy
management
Infrastructure Numbers Game
Number high severity vulnerabilities
in Windows XP discovered during
2007 according to National
Vulnerability Database (NIST)
Typical Start Point for Many Trusts
Focus on “Weakest” Capabilities
Drive Standardisation
Optimise & Innovate
NIMM Prescriptive Guidance “Package”
NIMM
Capability Data
Set
Description & CSF
Description of the capability at level n. This will include the critical
success factors which describe what characteristics the capability
must have and why they are important.
A set of metrics that can be used to measure and monitor
achieving this capability at level n.
Metrics & KPIs to get
there
Investment (TCO) to
get there
Benefits (ROI) when
there
Dependencies &
Secondary Effects
What will it take (financial and non-financial) to achieve this level of
capability. To be used in creating a business case.
What benefit can realistically be expected (financial and nonfinancial) when operating at this level of capability. To be used in
determining the to-be profile.
Major impact/effect on other upstream or downstream capabilities
when this capability reaches level n.
Weighting
Weighting used when calculating overall Class or Trust maturity
level
When will the NIMM be Finished?
Infrastructure Numbers Game
No of Electronic Identities a typical
NHS Worker has
NIMM Applications
Financial Management
Maturity
Infrastructure TCO Challenge
Mythical Gartner TCO Benchmark
Some government departments and the wider public sector have paid at least
£2,000 per PC, partly because this is regarded as the standard price for fully
supported, networked PCs.
John Suffolk told Gartner, "I think we have fundamentally failed …. to
understand the cost of what we do. And I roundly blame Gartner for this,
because you guys are the ones who come up with TCO [total cost of ownership]
benchmarking. It has become a self-fulfilling prophecy.
"So, I go out and I pick boring desktop infrastructure. What price do you think
the suppliers broadly pitch? You will not be shocked to know that it is
somewhere around the Gartner TCO benchmark."
Suffolk said a business will be told that the price of a desktop is value for money
because it is the same or a little below Gartner's benchmark.
Value Management Framework
Level 1
Basic
Level 2
Controlled
Level 3
Standardised
Level 4
Optimised
Level 5
Innovative
“Little visibility of
true costs”
“Controls in place,
some consistency”
“Consistency
enables TCO
benchmarking”
“ROI Enabled”
“Portfolio driving
the business
agenda”
Little or no
visibility of
costs
Costs
visible
Standardised
cost control
Costs and
benefits
visible
Dashboard
performance
review
Ad-hoc Chart
of Accounts
Locally
Consistent
chart of
accounts
Nationally
Consistent
chart of
accounts
Consideration
of risk and time
value of money
Portfolio risk
return
perspective
Gut feel and
subjective
measures
Appropriate
categorisation
of spend
Follows Best
Practice
Detailed
business case
based on ROI
IT influencing
business
agenda
Non
repeatable
processes
Some
consistency in
Process
Repeatable
Process
Performance
and value
benchmarking
External
industry
benchmarking
TCO Model
• In order to drive standardisation the NIMM TCO Model
supports Level 3 Financial Management and provides:
• Common Chart of Accounts
• Takes into account Organisational Complexity
• Adjusts results for Confidence based upon NIMM
maturity
Feedback? Questions? Ideas?
[email protected]
http://nww.connectingforhealth.nhs.uk/pspg/
Fly UP