IT Organization – Flashcards

A company's IT organization consists of the people who create, purchase, and maintain the IT services and architecture. Deciding how to structure an IT organization requires consideration of many factors, including the competing goals and priorities that exist within the company.

About thirty years ago practitioners of IT were literally kept in the company's basement, along with the bulk of the hardware. Back then, the IT organization was typically called Information Systems (IS) or Management Information Services (MIS). As technology has moved out into the business units, so too has the IT professionals. IT organizations can vary in their structure: They may be highly centralized, or they can be decentralized across small IT groups within each business unit or functional area. Many large firms use a blended model. Control, integration, cost, and response time are just some of the pertinent elements to consider in structuring an IT organization. As IT's primary focus has shifted from technology to business processes, companies increasingly need a coherent strategy that aligns IT goals with business goals, senior managers to run the IT organization, and coordination among executives. Many large organizations now employ a chief information officer (CIO), a chief technology officer (CTO), and a chief security officer (CSO) to lead their IT organizations.

The chief information officer is the senior executive most often responsible for managing IT within a company. Most large firms now have an individual in a CIO role, even if they do not use that title. CIOs must often be tenacious, since a company's IT organization can be considered an ancillary service.IT often has a large budget, and it does not contribute directly to a company's profitability in the way that manufacturing or services do. Thus, IT can be taken for granted by other senior executives. The CIO explains the value of IT to the rest of the management team. Most often the CIO reports to the CEO. But, whatever the reporting structure, the CIO must appreciate that IT is not merely a group of tasks to be completed but a set of strategic processes that can affect the entire firm.

The roles and responsibilities of a chief technology officer are defined in different ways at different companies. At firms without a CIO, a CTO might fill that role, although that scenario is uncommon. More often, the CIO executes the responsibilities of a CTO. The "T" in CTO highlights the CTO's greater emphasis on technology than a CIO might have. Most often, this manifests itself in one of several responsibilities.

The CTO establishes the company's technical vision and leads all aspects of technology development. The CTO must have a strong background in the technical aspects of IT, including but not limited to infrastructure, software, and telecommunications. Enterprise architecture management is a responsibility of the CTO.

The chief security officer is the leader of a company's security function, which includes the physical security and safety of employees, facilities, and assets. This position unifies what often used to be separate corporate and information-security functions, which were themselves frequently decentralized among business unitsThe CSO is the executive responsible for the organization's entire security posture, both physical and digital. CSOs also frequently run or participate in related areas such as business-continuity planning, loss and fraud prevention, and privacy. These roles in reality are often merged and many professionals working in Information Security will often hold dual roles, such as CSO and CTO.

IT departments are transforming themselves into self-sustaining business units. A customer service-centric IT organization increases productivity and service levels, improves project-success rates, and creates a higher profile for IT within a company. Services and practices provided by IT can be viewed as a service model.

One of the most important services provided by IT is application software acquisition. Today, companies use models of acquisition that may be mixed and matched into hybrid solutions: In-house development Commercial development Open-source development Community-source development

IT success, as in many fields, has to do with inspired leadership, excellent execution, motivated people, attention to details, etc. One of the critical factors for IT success is integration with company strategy. IT planning can be constrained by many factors: the rate of technology change, short-term business pressures, vendor influences, etc. The IT planning process comprises a planning cycle, planning deliverables, managerial participation, and change management. The IT planning cycle is conducted on a periodic basis, typically annual. All initiatives and proposals related to business vision and needs are eventually formalized into strategic, tactical, and operational plans, which are the principal deliverables.

Strategic plan focuses on a three to five year horizon. High-level statement, initiative, scope, benefits, and costs. A tactical plan focuses on a one to two year horizon. Scope, benefits, and costs are more refined than in the strategic plan. An operational plan focuses on initiated or to be initiated projects. Detailed project plans and concrete deliverables.

Upwards of 2% of our nation's power is consumed by our nation's data centers, computer rooms, and engineering spaces. It is estimated that annual growth in data center energy consumption is around 16%. Energy efficiency solutions exist for data centers for improving efficiency of power usage (National Data Center Power Reduction Incentive Program).

Corus360, a leader in infrastructure technologies, builds data centers using: Advanced power and cooling techniques Occupancy-sensing compact fluorescent lighting Water-saving plumbing Special windows maximizing natural lighting Efficient AC units White roof technology

In a joint project between the Syracuse University, the state of New York, and IBM, the data center at the SU is among the world's most efficient. It uses an on-site electrical co-generation system fueled by natural gas micro-turbine engines, which generate 100 % of the center's electricity. These emerging technologies will be used to reduce the carbon footprint of tomorrow's data centers.

Business continuity (also known as disaster recovery planning, or DRP) refers to a company's restoration of IT resources and chain of command after a disaster. Planning and recovery from natural disasters has always been important for organizations including its IT facilities and services. Given the importance of IT-enabled services, business continuity plans must be made regularly.

The increasing importance of applications and data to company's operations necessitates regular backups. Networked storage systems such as network attached storage (NAS) and storage area network (SAN) have made backing up data easier to manage centrally. In order to fulfill business continuity requirements, a business continuity plan identifies critical information and instructions that are needed during actual operational disruption. Many of the processes and instructions should be regularly practiced to ensure understanding and to promote successful execution during the pressure and stress of a catastrophe.

A business continuity plan should address the following: Emergency contact list Employee responsibilities during an event Data backup and recovery Data retention policy Alternate infrastructure site Alternate operational responsibilities and instructions Alternate physical location of employees Alternate communication between management and employees Alternate communication between employees and customers Alternate communication between employees and suppliers Critical business partnerships, especially financial partnerships Interaction with government agencies, especially first responders