Scenario: Understanding IT Service and Security Management - 70173

Report Details

This research note is the first of series of documents describing KuppingerCole’s basic positions and providing insights into IT Service and Information Security Management. It describes the fundamental building blocks of, including what IT should be able to deliver to the business as well as the technical production of IT services. Together, these form the basis for effective organization of IT departments, as well as for improving Business/IT alignment, and making the procurement or production of IT services more efficient.

The fundamental role of IT within an organization is simple to describe: It must provide the IT services that business requires in the way business wants them – nothing more, nothing less. The elements involved in providing these services, namely Service Management and Information Security, are what we at KuppingerCole call “IT Management and Security”. They are wholly responsible for procuring, orchestrating and managing IT services and ensuring that they are provided securely by protecting valuable and sensitive information.

Underneath the IT Management and Security layer there are various IT service producers. These can include both internal on-premise IT providers and external “cloud” providers. However, they are both simply service providers. Opting for the cloudis therefore not really a strategic decision at all; it’s just the result of decisions made at the IT Management and Security level.  IT strategy is actually set at this middle layer, so that is where IT management needs to focus its attention. Making sure this layer is running smoothly is the necessary first step towards creating an IT that can provide the necessary business services in a secure and timely manner.

Unfortunately, corporate IT departments tend to concentrate more on technology than on the needs of the business. What IT professionals need to understand is that the “I” in “IT” is much more important than the “T”. By getting hung up on technology issues, IT departments are doing both themselves and their partners in the business units a disservice, besides misspending money the company needs to conduct its business successfully.

Thankfully, a growing number of IT decision makers, as well as many in top management, are awakening to the fact that classical, technology-centric investment is to IT what the Ford Model T is to a modern automobile: quaintly anachronistic and hopelessly inefficient. What today’s organizations need is a  business-style approach to IT management, including fine-grain accounting for IT service consumed by business and the industrialization of IT services with the aim of achieving true “ERP for IT”.  IT must be capable of accurately measuring the direct costs of business services and billing for them accordingly. It needs to be able to plan ahead so it can focus on the most cost-efficient way of developing or procuring the IT services needed by business.

That doesn’t automatically mean the end of on-premise IT service production, but it does mean that this will be just one model among many, depending on the nature of the required services and the speed and flexibility with which they need to be provided. Producing services is only part of IT’s job; its main focus should be on providing the right kind of ser-vice to business. This is a major paradigm shift for most IT professionals, and one which will be dis-cussed in more detail over the course of this research note.
You can get access to this document for free, if you register for KuppingerCole Select access now.

Date Title Price
Aug 02, 2011

Scenario: Understanding IT Service and Security Management - 70173

This research note is the first of series of documents describing KuppingerCole’s basic positions and providing insights into IT Service and Information Security Management. It describes the fundamental building blocks of, including what IT should be able to deliver to the business as…

€995.00 Get Access

Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Latest Insights

Hot Topics

Spotlight

Learn more

Cyber Defence Center

Today, the Cyber Defence Center (CDC) or Security Operations Center (SOC) is at the heart of enterprise security management. It is used to monitor and analyze security alerts coming from the various systems across the enterprise and to take actions against detected threats. However, the rapidly growing number and sophistication of modern advanced cyber-attacks make running a SOC an increasingly challenging task even for the largest enterprises with their fat budgets for IT security. The overwhelming number of alerts puts a huge strain even on the best security experts, leaving just minutes [...]

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00