Hi Keith,
We built a toolkit to give us a structure to build off of. It is a process of discovering where you are, Listening and Learning from the organization of where IT needs to be, then build your plans and projects to close that gap.
- IT CURRENT STATE.
- Current Skills and Work in Progress
- Current IT Budget
- Strengths, Weaknesses, Opportunities, Threats-SWOT
- Current Maturity of IT
- IT TARGET STATE.
- Understanding the Organizations Strategic Plan and Goals
- Understanding IT Implications
- IT Implications Checklist
- IT Strategy Scope
- IT Target State Components
- IT Vision, Mission, and Guiding Principles
- IT Goal Setting
- Target IT Maturity Level
- CLOSING THE GAP.
- Gap Analysis
- Identify Initiatives to Address Gaps
- Creating Initiative Profiles
- Identifying Risks of Pursuing the Strategy
- Prioritization Matrix
- Presenting the IT Roadmap
- Create a Refresh Plan
This does not address a hidden question that you may be wondering about. What domains or functional areas does the IT Strategy cover. In our case I have four primary IT Domains;
- IT Operations
- Data Center
- In House Servers
- Physical
- Virtual
- In House Data Storage
- SAN
- NAS
- File Servers
- Cloud or Offsite Servers
- Cloud or Offsite Storage
- IT Operations Monitoring Systems
- Network
- Wired
- Wireless
- Incoming service providers
- Internet
- SIP
- Telco
- MPLS
- Cyber Security
- Virus protection
- Awareness
- Indentify
- Protect
- Detect
- Respond
- Recover
- Security
- Door Access
- Camera systems
- DVR
- NVR
- End Point Computing Devices
- Desktops
- Thin Clients
- Laptops
- Tablets
- Phones
- Vendor Management
- Productivity Software
- MS Office
- Word
- Excel
- PowerPoint
- Publisher
- Project
- Visio
- File Servers
- Peer Filesharing
- One Drive
- BOX
- Drop Box
- Communications
- Public Web
- Web Conference
- Social Media
- Chat
- SharePoint
- Microsoft Teams
- Yammer
- Exchange
- Spam and Virus Filter
- Telecommunications
- VOIP
- Voicemail
- FAX
- POTS
- Emergency Services
- Elevators
- Fire
- Burglary
- Building Services
- HVAC
- Business Systems
- HR Payroll
- HR Employee Management
- Recruitment
- Onboarding
- Applicant Tracking
- Background Checking
- Volunteer Management
- Benefits
- Expense management & Reporting
- Work Flow
- Employee Portal
- Volunteer Management
- Payroll
- Compensation Planning
- Direct Deposit and Pay Checks
- Tax filing and reporting
- W2 Processing
- Time & Attendance
- Time Card
- Time Clock
- Scheduling
- Time off Request/Approval/Record
- Shift Swap Request/Approval/Record
- Learning Development
- LMS (Learning Management System)
- Training and Skills Management
- Certification and License Management
- Succession Planning
- Performance and Goal Management
- Employee Satisfaction
- Membership and Programs
- Resident Camp
- Day Camp
- Before and After School Care
- Internet Registration for Members
- Member Fitness Tracking
- Child Care
- Mentoring
- Student Record keeping
- Mentor Record Keeping
- Personal Training Appointment Scheduling
- Evidence Based Health Interventions (EBHI)
- HIPAA Training
- Insurance reporting and billing
- Philanthropy
- Donor Management
- Online Giving
- Event Management
- Social Peer to peer giving
- Finance
- AP
- PO
- Check Printing
- AR
- Collections
- GL
- Fixed Assests
- Budget
- Compliance and Best Practice
- PCI
- Survey
- Scans
- HIPAA
- Training
- Ensure the confidentiality, integrity and availability of all ePHI, including the protection of patient privacy by encrypting medical records.
- Protect against reasonably anticipated threats or hazards to the ePHI the entity creates, receives, maintains or transmits.
- Deliver visibility, control and detailed auditing of data transfer.
- Protect against reasonably anticipated uses or disclosures of ePHI, including preventing the loss of confidential medical records via removable devices.
- Ensure that the organization's workforce complies with HIPAA and minimizes the threat of data being stolen for financial gain.
- Review security measures as needed to ensure reasonable and appropriate protection of ePHI.
- Audit
- Data gathering and reporting
- Disaster Recovery
- Develop a Business Continuity Plan
- Obtaining top management commitment
- Establishing a planning committee
- Performing a risk assessment
- Establishing priorities for processing and operations
- Determining recovery strategies
- Collecting data
- Organizing and documenting a written plan
- Developing testing criteria and procedures
- Testing the plan
- Obtaining plan approval
- Data Governance
- Data Stewardship
- Accountable for various portions of the data.
- Data Quality
- Accuracy, completeness and consistency across data sources are the crucial hallmarks of successful initiatives.
- Master Data Management
- A discipline that establishes a master reference to ensure consistent use of data across large organizations.
- Use Cases
- Particularly important component of business process management, legacy modernization, financial and regulatory compliance, analytics, business intelligence applications, and data warehouses.
- General Data Protection Regulation (GDPR) as a best practice
- Reporting and Segmentation
- Historical Analytics
I hope this helps you as you move forward in your IT Strategy.
------------------------------
David Fritzke
IT Executive
YMCA of Metropolitan Milwaukee
Milwaukee, WI
------------------------------
Original Message:
Sent: Oct 10, 2018 12:59
From: Keith Berner
Subject: Strategic Planning
Does anyone have written guidance for IT strategic planning best practices they would be willing to share? I'm most interested in what elements are commonly included in strategic plans. I would be interested in white papers on the topic or even a copy of your strategic plan that I could learn from.
------------------------------
Keith Berner
IT Project Manager
OSIbeyond
Bethesda, MD
kberner@osibeyond.com
301.588.5080
------------------------------