Val IT FAQs 

 

Frequently Asked Questions

  1. What is the basis for Val IT?
  2. How is Val IT relevant to IT governance?
  3. What are the components of the Val IT series of publications?
  4. How can I secure copies of the Val IT publications?
  5. What are the principles upon which Val IT is based?
  6. How is the Val IT framework structured?
  7. What do management guidelines cover?
  8. What are the components of the business case, as presented in Val IT?
  9. On what real-life information is Val IT based?
  10. What future developments are planned for Val IT?
  11. What are the main differences between the original Val IT framework and 2.0? Can you summarize them?
  12. Where does a company begin to assess its Val IT position? Who should lead the assessment process?
  13. Where do you see the managing person for Val IT to be in the organization? Reports to whom? Chief information security officer (CISO), strategic management?
  14. How do you sell a portfolio, program and project management office (P3MO) environment to eliminate the knowledge-hoarding, hidden-agenda type people when these are the very people in power to whom you need to sell this idea?
  15. Will there be assessment/audit materials that go along with the Val IT guides to evaluate enterprises, and determine the maturity levels for enterprises?
  16. Do you mean then that we need to conduct audits for all three frameworks: ITIL, COBIT and Val IT?
  17. Can I implement Val IT without COBIT?
  18. Can I implement Val IT before ITIL?
  19. Will COBIT and Val IT converge into a single framework?
  20. Do you have any initiative for aligning Val IT to enterprise risk management (ERM)? Do you see this extending or replacing true ERM?
  21. At what level (i.e., business size) does Val IT become feasible/helpful? What would you suggest a small company with very limited resources and people implement relative to Val IT?
  22. In the case of government, who will then be initiating the Val IT program?
  23. How cost effective is implementation of Val IT, COBIT, and ITIL in an organization?
  24. What is your experience of the value and importance of a portfolio management tool (i.e. commercial software application) to help apply the processes and principles of Val IT?
  25. Should an organization first focus on generating an IT balanced scorecard, which will enable the IT department not only to automatically align with the business goals but also act as a catalyst to provide the required support in achieving such business goals? Will that not automatically optimize Val IT?

1. What is the basis for Val IT?

Val IT is based on Control Objectives for Information and related Technology (COBIT), from ITGI. COBIT provides a comprehensive framework for the management and delivery of high-quality information technology-based (IT-based) services. It sets best practices for the means of contributing to the process of value creation.

Val IT adds best practices for the ends of contributing to the process of value creation, thereby unambiguously measuring, monitoring and maximizing the realization of business value from investment in IT. Val IT complements COBIT  from a business and financial perspective and will help all those with an interest in value delivery from IT.

Specifically, Val IT focuses on IT-related investment decision processes (are we doing the right things?) and the realization of benefits from them (are we getting the benefits?). COBIT focuses more on the IT execution processes (are we doing them the right way? and are we getting them done well?).

Based on the "Four Ares"as described by John Thorp in his book, The Information Paradox—Realizing the Business Benefits of Information Technology, written jointly with Fujitsu, first published in 1998 and revised in 2003, McGraw-Hill, Canada.

2. How is Val IT relevant to IT governance?

ITGI regards value delivery as one of the five focus areas of IT governance, alongside strategic alignment, performance management, resource management and risk management. Indeed, it could be argued that unless success is achieved in the other four domains, achieving value delivery will remain elusive.

Effective governance starts with leadership, commitment and support from the top. However, such leadership, while critical, is not enough. Val IT supports the leadership by providing clear and consistently applied processes; a clear understanding of executive, business and IT roles and responsibilities; relevant information and appropriate organizational structures.

To maximize the return on IT-enabled investments, the preparation of formalized, consistent business cases, use of hurdle rates, attention to portfolio management and program management, and application of metrics such as internal rate of return, net present value and payback period, are essential.

Val IT provides a comprehensive, structured, and proven practice-based source, providing the overall governance framework and supporting processes to do this. Further, in doing so, Val IT fosters a close partnership between IT and the business, with clear and unambiguous accountabilities and measurements—another key requirement for effective governance.

3. What are the components of the Val IT series of publications?

There are four publication deliverables in the Val IT series of products:

  • Enterprise Value: Governance of IT Investments, The Val IT Framework 2.0
  • Enterprise Value: Governance of IT Investments, Getting Started With Value Management
  • Enterprise Value: Governance of IT Investments, The Business Case

4. How can I secure copies of the Val IT publications?

  Download Val IT

5. What are the principles upon which Val IT is based?

The seven Val IT principles are:

  • IT-enabled investments will be managed as a portfolio of investments.
  • IT-enabled investments will include the full scope of activities that are required to achieve business value.
  • IT-enabled investments will be managed through their full economic life cycle.
  • Value delivery practices will recognize that there are different categories of investments that will be evaluated and managed differently.
  • Value delivery practices will define and monitor key metrics and will respond quickly to any changes or deviations.
  • Value delivery practices will engage all stakeholders and assign appropriate accountability for the delivery of capabilities and the realization of business benefits.
  • Value delivery practices will be continually monitored, evaluated and improved.

6. How is the Val IT framework structured?

The Val IT framework is structured according to three domains:

  • Value Governance
  • Portfolio Management
  • Investment Management

Each of these domains contains a number of processes (22) that are each enabled by a number of key management practices (69).

7. What do management guidelines cover?

Management guidelines, as presented in Val IT, include for each Val IT process:

  • Inputs and outputs—What a process needs to receive from and deliver to other processes (including Val IT, COBIT and other sources)
  • RACI chart—Providing guidance on what roles should be responsible (R), accountable (A), consulted (C) or informed (I) for a particular activity (activities are derived from key management practices but are mostly at a more detailed level of granularity)
  • Goals and metrics—Defined top down from domain through process and activity

8. What are the components of the business case, as presented in Val IT?

Business cases must include answers to the four ares questions—answers based on relevant, business-focused information about the prospective programs:

  • Are we doing the right things? What is proposed, for what business outcome and how do the projects within the program contribute?
  • Are we doing them the right way? How will it be done, and what is being done to ensure that it will fit with other current or future capabilities?
  • Are we getting them done well? What is the plan for doing the work, and what resources and funds are needed?
  • Are we getting the benefits? How will the benefits be delivered? What is the value of the program?

(Based on the "Four Ares" as described by John Thorp in his book, The Information Paradox—Realizing the Business Benefits of Information Technology, written jointly with Fujitsu, first published in 1998 and revised in 2003, McGraw-Hill, Canada)

The business case for an IT-enabled investment considers the following causal relationships:

  • Resources are needed to develop:
  • A technology/IT service that will support:
  • An operational capability that will enable:
  • A business capability that will create:
  • Stakeholder value, which may be represented by a risk-adjusted financial return or total shareholders' return

Development of the business case occurs over an eight-step process that covers building a fact sheet with all the relevant data; analyzing the data regarding alignment, financial and nonfinancial benefits, and risk; appraising the risk/return of the investment; documentation and review.

9. On what real-life information is Val IT based?

Fujitsu shared its many years of experience with enterprise value management, which contributed significantly to the development of the Val IT management practices. ING's and SeaQuation's experience also formed a major contribution to the development of the Val IT management practices. ING, originally through its IT performance measurement and investment management workflow and since 2005 as SeaQuation, a wholly independent company, has done substantial investment research into IT and enterprise value. Their research constituted the basis of the case study. ITGI is grateful to Fujitsu, ING and SeaQuation for their generosity in sharing their expertise and experience.

10. What future developments are planned for Val IT?

Following the release of The Val IT Framework 2.0 and Getting Started With Value Management publications, there is a need to revise the current Business Case publication to bring it into line with the revised framework material and address market feedback on the existing volume.

Work is also planned to map the Val IT framework process to some key, widely-used frameworks to aid understanding and adoption in enterprises that use them.

The potential to support new research into this area of IT governance is also being explored.

11. What are the main differences between the original Val IT framework and 2.0? Can you summarize them?

Version 2.0, released in July 2008, aligns terminology more closely with COBIT, and extends the Val IT framework beyond new investments to encompass all IT expenditures including ongoing IT services, assets and other resources. It adds more depth to the framework by adding management guidelines that provide greater detail on the Val IT processes and key management practices, as well as maturity models for each Val IT domain.

More detail about the differences can be found in the Val IT framework 2.0 publication in appendix A.

12. Where does a company begin to assess its Val IT position? Who should lead the assessment process?

Leadership of the assessment process will vary by enterprise, but in determining this, it should be recognized that the issue of getting value from IT-related investments is not a technology issue—it is a business issue. Wherever leadership comes from, since a change in corporate culture is generally required to achieve sustainable changes, executive sponsorship and involvement are essential.

We suggest that recognizing pain points, trigger events and other symptoms of need in the value delivery area are a first step in the assessment process. A gap analysis between existing and desired future states should follow the developing of an action plan to implement the necessary changes. The Val IT publication Getting Started With Value Management expands further on these steps.

13. Where do you see the managing person for Val IT to be in the organization? Reports to whom? Chief information security officer (CISO), strategic management?

The governance of enterprise value delivery processes and activities, as with all other aspects of governance, rests with the board and executive management who deliver it through delegation and judicious use of the resources made available to them.

The Val IT framework process spans many areas of an enterprise, and in practice will cross and involve many functions. As such, management of the processes will be spread among managers within the enterprise and a collaborative approach to achievement of value objectives will be required.

14. How do you sell a portfolio, program and project management office (P3MO) environment to eliminate the knowledge-hoarding, hidden-agenda type people when these are the very people in power to whom you need to sell this idea?

The need for "transparency" in the investment activities of the enterprise is essential to eliminate the "games" referred to in the question. Establishing this can be hard for the reason given—and looking for others who could gain from a change may not result in an overall improvement (same "game," new winners). We suggest that, while ultimately you need support from those who gain from a transparent approach by better enterprise performance (the board or executive management), a more opportunistic approach may be required to "get the ball rolling"—find someone in the enterprise who recognizes the need for change, and who has the authority to implement it in their part of the enterprise, and then build on and leverage initial success.

15. Will there be assessment/audit materials that go along with the Val IT guides to evaluate enterprises, and determine the maturity levels for enterprises?

The Val IT Steering Committee is considering such suggestions.

16. Do you mean then that we need to conduct audits for all three frameworks: ITIL, COBIT and Val IT?

No—each of these three frameworks has a very broad scope and is likely too broad to allow for an effective assessment within an enterprise. In line with modern audit standards and approaches, a risk-based approach should be adopted to identify those aspects of the enterprise's operation that present the greatest risk to the achievement of its objectives, then these frameworks can be used to plan and support the evaluation of those enterprise activities.

17. Can I implement Val IT without COBIT?

Yes—Val IT has been designed as a complete framework covering Value Governance, Portfolio Management and Investment Management processes and activities. It complements COBIT but delivers value to enterprises in its own right. With version 2.0, however, the link to COBIT in terms of ensuring that the enterprise continues to realize value from the IT services, assets and other resources that result from an initial investment is more explicit and COBIT certainly complements Val IT in this regard.

18. Can I implement Val IT before ITIL?

Yes—as stated above, Val IT is a complete framework in its own right. The next question is "should you do so?"—this answer depends on many factors including the enterprise's current maturity, risk profile, capabilities, resources and senior-level support.

19. Will COBIT and Val IT converge into a single framework?

ITGI is moving toward having a comprehensive, complete, coherent and consistent suite of frameworks and supporting products which will be consistent with an overall architecture, and aligned with the needs of different ISACA/ITGI constituencies. To that end, work is currently underway on an IT risk management framework, which will complement and be consistent with Val IT and COBIT. The changes included in Val IT framework 2.0 are intended to move us in this direction.

20. Do you have any initiative for aligning Val IT to enterprise risk management (ERM)? Do you see this extending or replacing true ERM?

Yes—ISACA/ITGI is progressing research and development into a "twin" framework to Val IT, focused on governance and management of IT-related risks. This work is scheduled to be completed by 2009 and will reference both Val IT and COBIT in its results. Further information is available on the Research/Current Projects page on our web site.

21. At what level (i.e., business size) does Val IT become feasible/helpful? What would you suggest a small company with very limited resources and people implement relative to Val IT?

The Val IT principles are applicable to any type or size of enterprise. The implementation of the processes and key management practices can and should be scaled to fit the size (and culture) of a particular enterprise.

22. In the case of government, who will then be initiating the Val IT program?

As stated above The governance of enterprise value delivery processes and activities, as with all other aspects of governance, rests with the board and executive management who deliver it through delegation and judicious use of the resources made available to them.

In a public-sector enterprise, initiation (and ongoing support) by a senior officer within the government department/agency/division is ESSENTIAL.

23. How cost effective is implementation of Val IT, COBIT, and ITIL in an organization?

Implementation of frameworks IN THEIR ENTIRETY is often a recipe for disaster, since most enterprises do not NEED to change everything that the framework covers and will therefore not BENEFIT from such changes and may even lose something as a result. The key to cost-effective implementation of enterprise changes USING such frameworks is a sound analysis of the benefits that the investment will bring. Here, Val IT—and in particular, the Business Case guidance—can provide valuable guidance for enterprises.

24. What is your experience of the value and importance of a portfolio management tool (i.e.. commercial software application) to help apply the processes and principles of Val IT?

Clearly the issues involved in establishing value governance and management processes and activities are significant. Portfolio management tools can be useful both in supporting analysis of investments, communicating investment decisions and monitoring the performance of investments. They can be particularly useful in quickly testing a number of different (what if) scenarios. They must, however, be used to support the processes and practices contained within Val IT, not in lieu of them. Any tool must be appropriate for the size and culture of an enterprise, and optimized for the enterprise's specific needs. Users must trained in the principles and processes of Val IT, as well as the use of the tool to support those principles and processes.

25. Should an organization first focus on generating an IT balanced scorecard, which will enable the IT department not only to automatically align with the business goals but also act as a catalyst to provide the required support in achieving such business goals? Will that not automatically optimize Val IT?

The balanced scorecard (BSC) is a measurement technique that, effectively applied, supports planning and confirmation of the achievement of business goals and associated supporting IT process goals. This approach does not necessarily optimize the achievement of value from IT-related investments by itself. The application of the Val IT principles, appropriate use of the framework components and use of the supporting business-case approach will achieve such optimization of enterprise resources in the delivery of value from IT-related investments, thus supporting the achievement of the enterprise goals captured in the BSC.