NHS Infrastructure Maturity ModelBenchmarking Event Taunton 8th October 2008

Andy Savvides

http://nww.connectingforhealth.nhs.uk/pspg/

Sound Familiar?

How do I compare with other Trusts?

No infrastructure roadmap so we

just react to demands on our IT infrastructure as best we can

What IT Infrastructure

initiatives should I invest in next?

Has somebody else done this

before?

We are locked in to old software that we cannot

upgrade

Not enough time to plan ahead,

too many projects!

Infrastructure Challenges Summary

• Too many IM&T Managers rely on just gut feel when setting investment priorities

• Infrastructure is mostly “invisible” which makes it difficult to understand its value as an enabler• Hard to justify and prioritise investment• Difficult to measure return on investment• Often not viewed in a strategic context

• We are undervaluing our own intellectual property • Lack of visibility and focus - NHS is not getting the full

value of some excellent local infrastructure work• Nationally we don’t share knowledge, patterns and

practices which means we re-invent the wheel and the NHS pays twice

• Lack of strategy aligned infrastructure roadmaps means that many essential capabilities loose out to “my favourite project”

• Some suppliers don’t create infrastructure solutions that NHS Trusts request, actually need or are ready for

NHS Infrastructure - a day in the life

Product Guidance from Vendors

GPG from NHS CFH

Constant Pressure to Deliver Local Projects (Many re-inventing the wheel)

Legacy Systems & Components

Tacit KnowledgeEmerging

Technology

Methodologies & Frameworks

Increasing need for accountability

Increasing IT complexity

Increasing need for business & process alignment

Growing IT security attack surface

Increasing demands to manage TCO & show ROI

Gre

ater choice &

awarene

ss me

ans the busine

ss demands a better service

Constant Change

Greater expectations of what IT can deliver

IT Infrastructure Standards & Best Practice

CUI GuidanceEnterprise Wide

AgreementsIG Toolkit

Keep an Eye on the Bigger Picture?

Create a Path to Increased Maturity

NIMM Key Features

• Intuitive and easy to use IT management tool• Developed in “plain English” by the NHS for the NHS

• Modular allowing Trusts to focus on high priority areas first

• Will be adapted and extended to reflect feedback changing priorities

• Can be used in either Descriptive and/or Prescriptive modes

• Provides the big picture - knowledge driven self assessment approach, calibrated for the NHS

• Technology & vendor independent, focus is on capabilities, standards and NHS needs

• Holistic approach covering both the technology and management scope of IT infrastructure• Being linked to other complementary initiatives

• Can be shared with suppliers to help NHS Trusts become smart(er) buyers

Infrastructure Numbers Game

Estimated Number of PCs in the NHS

NIMM “Scope” for Guidance

Management “Scope” of Infrastructure

Technology “Scope” of Infrastructure

NIMM Benchmarking using KPIs

What factors are critical for a specific capability to be successfully exploited? What do you have to get right?

Credible, measurable & relevant metrics to measure achievement

Capability body of knowledge

Infrastructure Maturity Level Summary Not Drawn to Scale

NIMM to Microsoft IO Model Mapping

DynamicStandardized RationalizedBasic

Desktop, Server, and Device ManagementDesktop, Server, and Device ManagementSoftware distribution, Patch management, Mobility, Imaging, VirtualizationSoftware distribution, Patch management, Mobility, Imaging, Virtualization

Data Protection and RecoveryData Protection and RecoveryBackup, Restore, Storage managementBackup, Restore, Storage management

Security and NetworkingSecurity and NetworkingPolicy, Anti-malware, Firewall, Access control, Network protection, QuarantinePolicy, Anti-malware, Firewall, Access control, Network protection, Quarantine

IT and Security ProcessIT and Security ProcessBest practice guidance on cost-effective solution design, development, operation, and support

Identity & Access ManagementIdentity & Access ManagementDirectory services, User provisioning, Directory-based authenticationDirectory services, User provisioning, Directory-based authentication

NIMM to Gartner Model Mapping

Basic

RationalizedVirtualized

Service-Based

Standardized Infrastructure resources

pooled

Services managed holistically

Uncoordinated infrastructure

Standard resources,

configurations

Consolidate to fewer

Policy/Value-Based

Dynamic optimization to

meet SLAs

Objective

Ability to Change

Pricing Scheme

Business Interface

Resource Utilization

Organization

IT Management

Processes

Reduce complexity

Economies of scale

Flexibility, reduce costs

Service-level deliveryReact

Weeks Weeks to days

Weeks to minutes MinutesMonths to

weeks

Fixed costs Reduced, fixed costs

Fixed shared costs

Variable usage costsNone, ad hoc

Business agility

Minutes to seconds

Variable business costs

Class-of-service SLAs

Class-of-service SLAs Flexible SLAs End-to-end

SLAsNo SLAs

Known Rationalized Shared pools Service-based poolsUnknown

Central control Consolidated Pooled ownership

Service-orientedNone

Business SLAs

Policy-based sharingBusiness-oriented

Reactive -ProactiveLife cycle management

ProactiveMature problem mgmt

ProactivePrediction, dynamic capacity

ServiceEnd-to-end service management

Chaotic – ReactiveAd hoc

ValuePolicy management

Infrastructure Numbers Game

Number high severity vulnerabilities in Windows XP discovered during

2007 according to National Vulnerability Database (NIST)

Typical Start Point for Many Trusts

Focus on “Weakest” Capabilities

Drive Standardisation

Optimise & Innovate

NIMM Prescriptive Guidance “Package”

Description of the capability at level n. This will include the critical success factors which describe what characteristics the capability

must have and why they are important.

A set of metrics that can be used to measure and monitor achieving this capability at level n.

What will it take (financial and non-financial) to achieve this level of capability. To be used in creating a business case.

What benefit can realistically be expected (financial and non-financial) when operating at this level of capability. To be used in determining the to-be profile.

Major impact/effect on other upstream or downstream capabilities when this capability reaches level n.

Weighting used when calculating overall Class or Trust maturity level

When will the NIMM be Finished?

Infrastructure Numbers Game

No of Electronic Identities a typical NHS Worker has

NIMM Applications

Financial Management Maturity

Infrastructure TCO Challenge

Mythical Gartner TCO Benchmark

Some government departments and the wider public sector have paid at least £2,000 per PC, partly because this is regarded as the standard price for fully supported, networked PCs.

John Suffolk told Gartner, "I think we have fundamentally failed …. to understand the cost of what we do. And I roundly blame Gartner for this, because you guys are the ones who come up with TCO [total cost of ownership] benchmarking. It has become a self-fulfilling prophecy.

"So, I go out and I pick boring desktop infrastructure. What price do you think the suppliers broadly pitch? You will not be shocked to know that it is somewhere around the Gartner TCO benchmark."

Suffolk said a business will be told that the price of a desktop is value for money because it is the same or a little below Gartner's benchmark.

Value Management Framework

“Little visibility of true costs”

Little or no visibility of

costs

Gut feel and subjective measures

Ad-hoc Chart of Accounts

Non repeatable processes

“Controls in place, some consistency”

Costs visible

Appropriate categorisation

of spend

Locally Consistent

chart of accounts

Some consistency in

Process

“Consistency enables TCO

benchmarking”

Standardised cost control

Follows Best Practice

Nationally Consistent

chart of accounts

RepeatableProcess

“ROI Enabled”

Costs and benefitsvisible

Detailed business case based on ROI

Consideration of risk and time value of money

Performance and value

benchmarking

“Portfolio driving the business

agenda”

Dashboard performance

review

IT influencing business agenda

Portfolio risk return

perspective

External industry

benchmarking

TCO Model

• In order to drive standardisation the NIMM TCO Model supports Level 3 Financial Management and provides:• Common Chart of Accounts• Takes into account Organisational

Complexity• Adjusts results for Confidence based upon

NIMM maturity

Feedback? Questions? Ideas?

andy.savvides@nhs.net

http://nww.connectingforhealth.nhs.uk/pspg/