Rafael,
I think that you will find that it is implying that having more than one
technology platform for a specific function is a bad thing.
For example, if you have multiple different technology platforms perform
the same/similar function:
1) Increased support costs (no volume discount to vendor, no critical mass
as leverage)
2) Indirect support costs (more skills and training courses required to
maintain)
3) Increased user costs (more end user training and more processes to
maintain)
4) Lack of end-to-end cohesiveness. (having to import data between
different applications, or not having an end-to-end view and process)
5) Increased controls requirement
It's not saying that having a lot of technology is a bad thing, but it is
saying that having lots of different technology doing the same thing is a
bad thing.
For example, it's OK to have a change management system and a problem
management system. It's not so good to have 5 of each, but it's really
good to have both integrated into one.
If you have an IT strategy that states 'we will always use the XYZ
solution as our change management system' then that indicates control. If
you have a practice where every business unit selects their own change
management system based on what they like the look of, then you don't
really have any control at all!
That's my view at least.
Joe
Joe Dauncey
IT Security Manager
Scottish & Southern Energy
Rafael San Miguel Carrasco <smcsoc@yahoo.es>
29/01/2006 21:54
To
security-management@securityfocus.com
cc
Subject
Cobit question
I am reading Cobit 4.0 and I have found something confusing in process
"PO3 Determine Technological Direction".
The section "and is measured by" says "Number of technology platforms by
function across the enterprise".
In your opinion, is a higher number of platforms a good or a bad sypthom?
Fewer platforms makes the envronment more manageable, reduces TCO and
maintenance costs.
More platforms means that exhaustive use of IT is being done, automating
most functions within the organization.
What is the right approach then?
Thanks in advance. Regards,
Rafael San Miguel
**********************************************************************
The information in this e-mail is confidential and may be legally
privileged. It may not represent the views of Scottish and Southern
Energy Group.
It is intended solely for the addressees. Access to this e-mail by
anyone else is unauthorised. If you are not the intended recipient,
any disclosure, copying, distribution or any action taken or omitted
to be taken in reliance on it, is prohibited and may be unlawful.
Any unauthorised recipient should advise the sender immediately of
the error in transmission. Unless specifically stated otherwise, this
email (or any attachments to it) is not an offer capable of
acceptance or acceptance of an offer and it does not form part of a
binding contractual agreement.
Scottish Hydro-Electric, Southern Electric, SWALEC, Atlantic
Electric and Gas, S+S and SSE Power Distribution are trading names of
the Scottish and Southern Energy Group.
**********************************************************************
