nhs infrastructure maturity model benchmarking event taunton 8th october 2008
DESCRIPTION
NHS Infrastructure Maturity Model Benchmarking Event Taunton 8th October 2008. Andy Savvides. http://nww.connectingforhealth.nhs.uk/pspg/. Sound Familiar?. Not enough time to plan ahead, too many projects!. - PowerPoint PPT PresentationTRANSCRIPT
NHS Infrastructure Maturity ModelBenchmarking Event Taunton 8th October 2008
Andy Savvides
http://nww.connectingforhealth.nhs.uk/pspg/
Sound Familiar?
How do I compare with other Trusts?
No infrastructure roadmap so we
just react to demands on our IT infrastructure as best we can
What IT Infrastructure
initiatives should I invest in next?
Has somebody else done this
before?
We are locked in to old software that we cannot
upgrade
Not enough time to plan ahead,
too many projects!
Infrastructure Challenges Summary
• Too many IM&T Managers rely on just gut feel when setting investment priorities
• Infrastructure is mostly “invisible” which makes it difficult to understand its value as an enabler• Hard to justify and prioritise investment• Difficult to measure return on investment• Often not viewed in a strategic context
• We are undervaluing our own intellectual property • Lack of visibility and focus - NHS is not getting the full
value of some excellent local infrastructure work• Nationally we don’t share knowledge, patterns and
practices which means we re-invent the wheel and the NHS pays twice
• Lack of strategy aligned infrastructure roadmaps means that many essential capabilities loose out to “my favourite project”
• Some suppliers don’t create infrastructure solutions that NHS Trusts request, actually need or are ready for
NHS Infrastructure - a day in the life
Product Guidance from Vendors
GPG from NHS CFH
Constant Pressure to Deliver Local Projects (Many re-inventing the wheel)
Legacy Systems & Components
Tacit KnowledgeEmerging
Technology
Methodologies & Frameworks
Increasing need for accountability
Increasing IT complexity
Increasing need for business & process alignment
Growing IT security attack surface
Increasing demands to manage TCO & show ROI
Gre
ater choice &
awarene
ss me
ans the busine
ss demands a better service
Constant Change
Greater expectations of what IT can deliver
IT Infrastructure Standards & Best Practice
CUI GuidanceEnterprise Wide
AgreementsIG Toolkit
Keep an Eye on the Bigger Picture?
Create a Path to Increased Maturity
NIMM Key Features
• Intuitive and easy to use IT management tool• Developed in “plain English” by the NHS for the NHS
• Modular allowing Trusts to focus on high priority areas first
• Will be adapted and extended to reflect feedback changing priorities
• Can be used in either Descriptive and/or Prescriptive modes
• Provides the big picture - knowledge driven self assessment approach, calibrated for the NHS
• Technology & vendor independent, focus is on capabilities, standards and NHS needs
• Holistic approach covering both the technology and management scope of IT infrastructure• Being linked to other complementary initiatives
• Can be shared with suppliers to help NHS Trusts become smart(er) buyers
Infrastructure Numbers Game
Estimated Number of PCs in the NHS
NIMM “Scope” for Guidance
Management “Scope” of Infrastructure
Technology “Scope” of Infrastructure
NIMM Benchmarking using KPIs
What factors are critical for a specific capability to be successfully exploited? What do you have to get right?
Credible, measurable & relevant metrics to measure achievement
Capability body of knowledge
Infrastructure Maturity Level Summary Not Drawn to Scale
NIMM to Microsoft IO Model Mapping
DynamicStandardized RationalizedBasic
Desktop, Server, and Device ManagementDesktop, Server, and Device ManagementSoftware distribution, Patch management, Mobility, Imaging, VirtualizationSoftware distribution, Patch management, Mobility, Imaging, Virtualization
Data Protection and RecoveryData Protection and RecoveryBackup, Restore, Storage managementBackup, Restore, Storage management
Security and NetworkingSecurity and NetworkingPolicy, Anti-malware, Firewall, Access control, Network protection, QuarantinePolicy, Anti-malware, Firewall, Access control, Network protection, Quarantine
IT and Security ProcessIT and Security ProcessBest practice guidance on cost-effective solution design, development, operation, and support
Identity & Access ManagementIdentity & Access ManagementDirectory services, User provisioning, Directory-based authenticationDirectory services, User provisioning, Directory-based authentication
NIMM to Gartner Model Mapping
Basic
RationalizedVirtualized
Service-Based
Standardized Infrastructure resources
pooled
Services managed holistically
Uncoordinated infrastructure
Standard resources,
configurations
Consolidate to fewer
Policy/Value-Based
Dynamic optimization to
meet SLAs
Objective
Ability to Change
Pricing Scheme
Business Interface
Resource Utilization
Organization
IT Management
Processes
Reduce complexity
Economies of scale
Flexibility, reduce costs
Service-level deliveryReact
Weeks Weeks to days
Weeks to minutes MinutesMonths to
weeks
Fixed costs Reduced, fixed costs
Fixed shared costs
Variable usage costsNone, ad hoc
Business agility
Minutes to seconds
Variable business costs
Class-of-service SLAs
Class-of-service SLAs Flexible SLAs End-to-end
SLAsNo SLAs
Known Rationalized Shared pools Service-based poolsUnknown
Central control Consolidated Pooled ownership
Service-orientedNone
Business SLAs
Policy-based sharingBusiness-oriented
Reactive -ProactiveLife cycle management
ProactiveMature problem mgmt
ProactivePrediction, dynamic capacity
ServiceEnd-to-end service management
Chaotic – ReactiveAd hoc
ValuePolicy management
Infrastructure Numbers Game
Number high severity vulnerabilities in Windows XP discovered during
2007 according to National Vulnerability Database (NIST)
Typical Start Point for Many Trusts
Focus on “Weakest” Capabilities
Drive Standardisation
Optimise & Innovate
NIMM Prescriptive Guidance “Package”
Description of the capability at level n. This will include the critical success factors which describe what characteristics the capability
must have and why they are important.
A set of metrics that can be used to measure and monitor achieving this capability at level n.
What will it take (financial and non-financial) to achieve this level of capability. To be used in creating a business case.
What benefit can realistically be expected (financial and non-financial) when operating at this level of capability. To be used in determining the to-be profile.
Major impact/effect on other upstream or downstream capabilities when this capability reaches level n.
Weighting used when calculating overall Class or Trust maturity level
When will the NIMM be Finished?
Infrastructure Numbers Game
No of Electronic Identities a typical NHS Worker has
NIMM Applications
Financial Management Maturity
Infrastructure TCO Challenge
Mythical Gartner TCO Benchmark
Some government departments and the wider public sector have paid at least £2,000 per PC, partly because this is regarded as the standard price for fully supported, networked PCs.
John Suffolk told Gartner, "I think we have fundamentally failed …. to understand the cost of what we do. And I roundly blame Gartner for this, because you guys are the ones who come up with TCO [total cost of ownership] benchmarking. It has become a self-fulfilling prophecy.
"So, I go out and I pick boring desktop infrastructure. What price do you think the suppliers broadly pitch? You will not be shocked to know that it is somewhere around the Gartner TCO benchmark."
Suffolk said a business will be told that the price of a desktop is value for money because it is the same or a little below Gartner's benchmark.
Value Management Framework
“Little visibility of true costs”
Little or no visibility of
costs
Gut feel and subjective measures
Ad-hoc Chart of Accounts
Non repeatable processes
“Controls in place, some consistency”
Costs visible
Appropriate categorisation
of spend
Locally Consistent
chart of accounts
Some consistency in
Process
“Consistency enables TCO
benchmarking”
Standardised cost control
Follows Best Practice
Nationally Consistent
chart of accounts
RepeatableProcess
“ROI Enabled”
Costs and benefitsvisible
Detailed business case based on ROI
Consideration of risk and time value of money
Performance and value
benchmarking
“Portfolio driving the business
agenda”
Dashboard performance
review
IT influencing business agenda
Portfolio risk return
perspective
External industry
benchmarking
TCO Model
• In order to drive standardisation the NIMM TCO Model supports Level 3 Financial Management and provides:• Common Chart of Accounts• Takes into account Organisational
Complexity• Adjusts results for Confidence based upon
NIMM maturity
Feedback? Questions? Ideas?
http://nww.connectingforhealth.nhs.uk/pspg/