8 - Manage Information Technology (IT)

Managing process groups relevant to the business of information technology within an organization. The process groups include "Develop and manage IT customer relationships", "Develop and manage IT business strategy", " Develop and manage IT resilience and risk", " Manage information", " Develop and manage services/solutions", "Deploy services/solutions", and " Create and manage support services/solutions".

8.0Manage Information Technology (IT)  
8.1 Develop and manage IT customer relationships
8.1.1  Understand IT customer needs   Understand IT customer communities   Assess IT customer operational capabilities
8.1.2  Identify IT customer transformation needs   Understand business requirements for IT capabilities   Understand IT landscape   Develop IT visioning   Outline IT service expectations
8.1.3  Plan and communicate IT services   Manage IT customer expectations   Define future IT services   Determine  IT performance indicators   Create IT marketing messages   Create IT service marketing plan
8.1.4  Provide IT transformation guidance   Develop IT transformation plans   Collect IT customer requirements   Analyze IT customer requirements   Identify and prioritize IT opportunities   Facilitate solution design activities   Prioritize IT outcomes   Develop business cases   Support business case   Develop transformation roadmap
8.1.5  Develop and manage IT service levels   Understand IT service requirements   Forecast IT service demand   Maintain IT services catalog   Define service level agreement   Maintain IT customer contracts   Negotiate and establish service level agreements   Develop and maintain improvement processes
8.1.6  Manage IT customer relationships   Establish relationship management mechanisms   Understand IT customer strategy   Understand  IT customer environment   Communicate IT capabilities   Manage IT requirements
8.1.7  Analyze service performance   Assess SLA compliance   Triage SLA compliance issues   Collect feedback about IT products and services   Synthesize and distribute IT performance information
8.2 Develop and manage IT business strategy
8.2.1  Define business technology and governance strategy   Build and maintain IT strategic intelligence   Monitor and map current and emerging technologies   Define and communicate digital transformation strategy   Develop IT strategic alignment   Articulate IT alignment principles   Maintain IT strategic alignment
8.2.2  Manage IT portfolio strategy   Establish and validate IT value criteria   Determine IT portfolio investment balance   Evaluate  proposed IT investment projects   Prioritize IT projects   Align IT resources to strategic priorities   Align IT portfolio to business objectives
8.2.3  Define and maintain enterprise architecture   Create and publish enterprise architecture principles   Establish and operate enterprise architecture governance   Research technologies to innovate IT services and solutions   Provide input to definition and prioritization of IT projects
8.2.4  Define IT service management strategy   Establish  IT service management strategy and goals   Identify  IT service operating and process requirements   Define IT service catalog   Establish IT service management framework   Define and implement IT service management   Define and deploy support service management process tools and methods   Monitor and report IT performance
8.2.5  Control IT management system   Determine IT performance measures   Define IT control points and assurance procedures governance model   Monitor and analyze overall IT performance   Monitor and analyze IT financial performance   Monitor and analyze IT value and benefits   Optimize IT resource allocation   Manage IT projects and services interdependencies   Report  IT service and project performance   Select, deploy, and operate IT performance analytics tools
8.2.6  Manage IT value portfolio   Assess performance against IT service and project value criteria   Quantify value of IT service and project portfolio investments   Communicate business technology value contribution   Determine and implement IT portfolio adjustments
8.2.7  Define and manage technology innovation   Establish selection criteria for research initiatives   Analyze emerging technology concepts   Identify technology concepts and capabilities   Execute IT research projects   Evaluate IT research project outcomes   Identify and promote viable concepts   Develop and plan  IT investment projects
8.3 Develop and manage IT resilience and risk
8.3.1  Develop IT compliance, risk, and security strategy   Determine and evaluate IT regulatory and audit requirements   Understand business unit risk tolerance   Establish IT risk tolerance   Establish risk ownership   Establish and maintain risk management roles   Establish compliance objectives   Identify systems to support compliance   Identify and evaluate IT risk   Evaluate  IT-related risks resiliency   Create IT risk mitigation strategies and approaches
8.3.2  Develop IT resilience strategy   Determine IT delivery resiliency   Determine critical IT risks   Prioritize IT risks   Establish mitigation approaches for IT risks
8.3.3  Control IT risk, compliance, and security   Evaluate enterprise regulatory and compliance obligations   Analyze IT security threat impact   Create and maintain IT compliance requirements   Create and maintain IT security policies, standards, and procedures   Develop and deploy risk management training   Establish risk reporting capabilities and responsibilities   Establish communication standards   Conduct IT risk and threat assessments   Monitor and manage IT activity risk   Identify, supervise and monitor IT risk mitigation measures
8.3.4  Plan and manage IT continuity   Evaluate IT continuity   Identify IT continuity gaps   Manage IT business continuity
8.3.5  Develop and manage IT security, privacy, and data protection   Assess IT regulatory and confidentiality requirements and policies   Create IT security, privacy, and data protection risk governance   Define IT data security and privacy policies, standards, and procedures   Review and monitor physical and logical IT data security measures   Review and monitor application security controls   Review and monitor IT physical environment security controls   Monitor/analyze network intrusion detection data and resolve threats
8.3.6  Conduct and analyze IT compliance assessments   Conduct projects to enhance IT compliance and remediate risk   Conduct IT compliance control auditing of internal and external services   Perform IT compliance reporting   Identify and escalate IT compliance issues and remediation requirements   Support external audits and reports
8.3.7  Develop and execute IT resilience and continuity operations   Conduct IT resilience improvement projects   Develop, document, and maintain IT business continuity planning   Implement and enforce change control procedures   Execute recurring IT service provider business continuity   Provide  IT resilience training   Execute recurring IT business operations continuity
8.3.8  Manage IT user identity and authorization   Support integration of identity and authorization policies   Manage IT user directory   Manage IT user authorization   Manage IT user authentication mechanisms   Audit IT user identity and authorization systems   Respond to IT information security and network breaches   Conduct penetration testing   Audit integration of user identity and authorization systems
8.4 Manage information  
8.4.1  Define business information and analytics strategy   Establish data, information, and analytic objectives   Establish data, information, and analytic governance   Access IT data/analytic capabilities
8.4.2  Define and maintain business information architecture   Determine enterprise business information requirements   Define enterprise data models   Identify and understand external data sources   Establish  data ownership and stewardship responsibilities   Maintain and evolve enterprise data and information architecture
8.4.3  Define and execute business information lifecycle planning and control   Define and maintain enterprise information policies, standards, and procedures   Implement and execute data administration responsibilities
8.4.4  Manage business information content   Monitor and control business information   Maintain business information feeds and repositories   Perform internal usage audits   Implement and administer business information access
8.5 Develop and manage services/solutions
8.5.1  Develop service/solution and integration strategy   Determine IT service/solution development   Define IT service/solution development processes/standards   Identify, deploy, and support development methodologies and tools   Establish service component criteria   Understand and select reusable service components   Maintain service component portfolio   Establish development standards exception governance
8.5.2  Manage service/solution lifecycle planning   Monitor and track emerging technology capabilities   Identify IT services/solutions   Determine IT service/solution approach   Define IT solution lifecycle   Develop IT service/solution "sunset" plans
8.5.3  Develop and manage service/solution architecture   Assess IT application and infrastructure architecture constraints   Assess business constraints on IT service/solution   Determine IT component integration requirements   Identify opportunities for IT component reuse   Promote adoption of existing service/solution architecture   Develop and maintain service/solution architectures   Assess IT service/solution architecture conformance   Manage architectural exceptions
8.5.4  Execute IT service/solution creation and testing   Execute IT service/solution development lifecycle    Assess and validate IT service/solution requirements    Create service/solution design    Build and test IT service/solution components    Integrate IT components and services    Execute IT service/solution validation    Bundle service/solution deployment packaging    Manage service/solution process exceptions
8.5.5  Perform service/solution maintenance and testing   Execute IT service/solution maintenance lifecycle    Assess IT remediation    Modify service/solution design    Perform IT service/solution remediation    Manage service/solution operations    Prepare fixed/enhanced service/solution packaging
8.6 Deploy services/solutions  
8.6.1  Develop and manage service/solution deployment strategy   Assess IT deployment business impact   Establish IT deployment policies   Define and create deployment procedure workflow   Define IT change/release standards   Assign deployment approval responsibilities   Analyze deployments outcomes
8.6.2  Plan service and solution implementation   Assess IT deployment risk   Define implementation schedule and roll-out sequence   Determine implementation requirements   Plan and align user testing and resources   Develop IT training   Create implementation communications   Manage IT roll-back procedures
8.6.3  Manage change deployment control   Asses IT change/release impact   Confirm change/release compliance   Assess IT change/release risk   Consolidate IT change   Create and communicate deployment schedule   Approve change/release deployment   Document IT change/release outcome
8.6.4  Implement technology solutions   Confirm hardware/software operational status   Confirm operational availability   Execute internal IT implementation plan   Confirm implementation completion   Implement software change/release   Perform post-installation testing   Distribute software components network-wide   Verify change/release implementation success   Execute roll-back plan
8.6.5  Perform service and solution rollout   Conduct IT training   Prepare and distribute service/solution communications   Support organizational changes   Execute rollout plans   Provide rollout support   Manage rollout support capabilities   Monitor and record rollout issues
8.7 Create and manage support services/solutions
8.7.1  Define and establish service delivery strategy   Assess business objectives and IT service delivery   Define IT service delivery portfolio   Create and maintain IT service delivery model   Determine IT service delivery locations and activities   Define IT service delivery sourcing strategy
8.7.2  Define and develop service support strategy   Assess business objectives and IT service support delivery   Define IT service support portfolio   Create and maintain IT support model   Develop IT support service sourcing strategy   Establish support service framework   Provide service support tools and technology
8.7.3  Plan and manage service delivery control   Plan operational activities for IT service delivery    Schedule service delivery resources    Maintain/optimize batch job schedule    Schedule change/release windows    Schedule/optimize backup and archive activities    Balance operational workloads across available infrastructure components    Determine specific problem support procedures
8.7.4  Develop and manage infrastructure resource planning   Develop IT service delivery strategy   Assess IT infrastructure business objectives   Determine ongoing IT infrastructure capabilities   Plan IT infrastructure change   Plan and budget IT license usage volumes
8.7.5  Define service support planning   Understand IT support demand patterns   Determine required support resource levels, responsibilities, and capabilities   Maintain service support knowledge repository   Maintain service support learning   Communicate service support needs   Define IT escalation mechanisms   Manage IT service support resources   Coordinate with external support providers   Triage IT service delivery incidents   Monitor IT service support performance
8.7.6  Develop and manage service delivery operations   Operate and monitor online systems   Run and monitor batch job schedule   Manage service delivery workloads   Manage infrastructure performance and capacity   Respond to unplanned operational issues   Produce and distribute output media   Monitor IT infrastructure security   Manage IT infrastructure/data recovery
8.7.7  Manage infrastructure resource administration   Manage infrastructure configuration   Perform infrastructure component maintenance   Install/configure/upgrade infrastructure components   Maintain IT asset records   Administer IT licenses/user agreements   Provide IT infrastructure service and capabilities
8.7.8  Operate IT user support   Triage IT issues/requests   Provide IT resolution capabilities   Manage IT user requests   Escalate IT requests   Resolve IT issues/requests   Execute IT continuity and recovery action

 Process and performance improvement, helps organizations adapt to rapidly changing environments, build new and better ways to work, and succeed in a competitive marketplace. With a focus on productivity, knowledge management, benchmarking, and quality improvement initiatives, organisations such as the APQC works with its member organizations to identify best practices; discover effective methods of improvement; broadly disseminate findings; and connect individuals with one another and the knowledge, training, and tools they need to succeed.
This APQC Process Classification Framework® (“PCF”) is an open standard developed by APQC, a nonprofit that promotes benchmarking and best practices worldwide. The PCF is intended to facilitate organizational improvement through process management and benchmarking, regardless of industry, size, or geography. To download the full PCF or industry-specific versions of the PCF, as well as associated measures and benchmarking, please visit www.apqc.org/pcf.

APQC logo


Sponsor information

APQC logo

Latest News