|
Measure What You Get
The following fact sends chills
down my spine. Intuition embedded audits provide a negligible
level of assurance that technology investment will hit the moving
window. BetaWatch provides peace of mind, lets you sleep at night,
knowing that your technology rollout is not driven by intuition.
Our audit process complies
with Control Objectives For Information and Related Technology
(CoBit), an open standard for technology audit that has been
developed and promoted by the IT Governance Institute. Our analysis
is predicated on International Organization for Standardization,
document ISO 9126 a worldwide documented standard for software-product
evaluation and quality characteristics. This comprehensive list
of terms enumerates globally accepted protocols that we use to
structure our audits. These include functionality, reliability,
usability, efficiency maintainability, portability, and security.
Recently BetaWatch was assigned
a technology audit. The purchaser of an IP wanted to know exactly
what he was buying. This Captain of Technology told me that when
he sits across the customer he wants to be sure that the features
and benefits he is selling and on which the customer is basing
his business case on, are in fact available.
Consequence, Probability,
Metric
Mr. David M. Griffith, http://internalaudit.biz,
has taught us the merit and method of measuring the two elements
of a risk, consequence and probability, as well as assigning
a metric to the risk.
After the Statement of Work
(SOW) when the assignment process is drawn up in decision-tree
format and of course, is agreed upon, BetaWatch provides
its clients with a draft consequence probability metric chart.
Since technology investors and users have varying degrees of
risk tolerance, we collaboratively devise the level of risk for
acceptance by our client.
For example, in the software
audit mentioned above we initially analyzed the application and
the investigative data was set in a grid as mapped below. The
client agreed upon the Legend describing the Elements of Risk.
Take the Right Measurements
Have you been involved in a
technology investment or rollout and found yourself looking at
complexity that required more than intuition to audit?
When purchasing technology, measure what you get.
With dreams of great technology,
courageous investors do not need sleepless nights worrying about
whether their intuition is sound. Though the standard four
pillars of 'best practice' technology: Architecture & Design,
Project Planning & Project Management, Product Support, and
the Business Case are seemingly adequate, it is advantageous
to conduct an ISO compliant
technology audit, designate, and apply the metric according to
ones' level of risk.
|
