บริษัทได้ให้ความสำคัญในการพัฒนา ส่งเสริมด้านการวิจัยแก่สถาบันวิจัยและร่วมมือกับมหาวิทยาลัยทั้งภาครัฐและเอกชน ทั้งในด้านการพัฒนางานวิจัยเพื่อตีพิมพ์ในวารสารระดับนานาชาติและการพัฒนาโมเดลเพื่อเป็นอุปกรณ์ที่ใช้งานจริง เช่น งานวิจัยด้านเครือข่ายโทรคมนาคมความเร็วสูง ด้านการสื่อสารไร้สาย ด้านการจัดการเครือข่าย และการรักษาความมั่นคงปลอดภัยสารสนเทศ
บริษัทยังได้พัฒนาการให้บริการด้านการเป็นที่ปรึกษาเพื่อให้คำแนะนำ พัฒนา และควบคุมระบบเทคโนโลยี ทั้งหน่วยงานภาครัฐและเอกชน อาทิเช่น การจัดทำแผนแม่บทเทคโนโลยีสารสนเทศและการสื่อสาร การจัดทำแผนสำรองและการกู้คืนระบบ การจัดทำแนวนโยบายการรักษาความมั่นคงปลอดภัยสารสนเทศ การตรวจประเมินความเสี่ยงและการจัดทำแผนบริหารความเสี่ยง การควบคุมและบริหารโครงการด้านเทคโนโลยี
1. Enterprise Architect
WHAT IS ENTERPRISE ARCHITECTURE?
Enterprise Architecture (EA) identifies the business processes that execute or support an organization’s mission and defines how Information Technology (IT) assets directly enable those processes. The purpose of EA is to optimize and transform the often fragmented processes, information, application systems and technologies into an efficient and integrated environment supportive of the execution of business strategy.
To help execute business strategy and realize strategic goals, EA defines a desired target state view of an enterprise’s processes, information, application systems and technologies and an enterprise roadmap to progressively implement this target state through a series of projects.
WHY DO WE NEED EA?
State agencieshave their respective missions. They execute their mission through a set of business processes and provide government services through various programs. To improve program outcomes and drive business forward, agencies establish goals and objectives through strategic planning. Clearly defined goals and objectives, in turn, establish the business outcomes the agencies want to achieve.
Government leaders know that efficient business processes, and effective management and use of IT to support them are necessary for achieving the desired business outcomes – to efficiently and effectively delivergovernment services. This requires a business-outcome-driven approach to first analyze and determine the necessary improvements to business processes and IT assets and then to determine where to invest to make sure every dollar invested in implementing changes to processes and/or IT assets provides the best possible return on investment in terms of the business outcomes. EA helps identify these necessary improvements and how to progressively implement those improvements by defining the desired target state and an enterprise roadmap. In defining the desired target state, EA leverages or creates best-practice-based solutions which contribute to building business and technical capabilities that can be reused and shared throughout the state government.
The strategic context provided by EA through the desired target state architecture and enterprise roadmap is important to make sure individual projects build business and IT capabilities in support of the long-term business strategy – rather than just fulfill immediate needs. This is why EA is recognized as a key business and technology best practice and is needed to enable the achievement of business outcomes.
It should be noted that the state organizations that do not have a defined strategic plan, or have an extensive focus on ongoing projects due to their criticality, can also gain near-term benefits by adopting EA services to assist with business and IT strategies, and to provide solution architecture guidance and oversight to projects.
WHAT ARE THE BENEFITS OF EA?
When EA is effectively defined, implemented and followed, it can provide the following key benefits:
- Bridge the gap between business strategy and implementation: By defining the target business processes and IT assets required to satisfy the business objectives, and a roadmap for reaching that target, EA provides a clear vision to implement business strategy and helps reduce ad hoc implementations driven by a tactical and reactive approach.
- Improve alignment of IT with mission, goals, and objectives: By identifying how IT assets directly enable business processes and how those processes execute the organization’s mission, EA promotes IT solutions that are more pertinent and relevant for the business.
- Improve service delivery, business operations and business capabilities: Adoption of EA results in streamlining business processes and in making IT operations more efficient. EA processes help identify gaps in business capabilities (such as business analytics and case management) and provide a long-term vision to improve and/or acquire those capabilities.
- Improve interoperability and information sharing: By defining enterprise-wide standards and specifications for how systems will “talk to each other”, EA makes the job of integrating multiple systems and sharing information easier.
- Improve flexibility to dynamically respond to customer needs and statutory changes: EA enables faster design of new systems and extensions to existing systems by pre-defining standards. By advancing service orientation, EA promotes creation of user applications as a composition of reused services, which results in faster adaptation to changes.
- Reduce cost and cost of ownership: EA enables economies of scale in purchasing and reduces training requirements and support costs by establishing a less complex environment (due to technical homogeneity), which is easier to support and results in faster repairs.
- Reduce redundancy, duplication, complexity and information silos: EA enables portfolio rationalization and simplification to promote more effective use of IT and other resources to efficiently support business processes.
- Reduce business risk associated with IT and reduce risk for future IT investment: Focus on strategic goals allows EA to identify weaknesses and threats in the existing IT portfolio and to address them in the target architecture. The risk of future IT investments not delivering business value is greatly reduced when investments are made in accordance with a well-defined enterprise roadmap.
- Enable faster, simpler and cheaper procurement: By defining the target architecture and a roadmap, EA facilitates “architect – invest – implement” approach that simplifies procurement decisions and ensures architectural coherence of multi-vendor solutions.
- Enable predictable success of projects and realization of their defined objectives: EA promotes undertaking projects within the context of a defined enterprise roadmap. EA provides guidance to these projects to ensure their progress towards the target architecture and to help realize their defined business objectives.
HOW DO WE IMPLEMENT EA?
EA must be developed, implemented and maintained effectively to be useful and provide benefits. EA, as the name indicates, is about the whole enterprise – not just about IT. Analysis, design and modeling together comprise only one essential component of the EA work; effective communication and governance are the other two critical components. Developing and sustaining an EA is a complex process due to the breadth and depth of the analysis and design,and the communication and governance which involves many stakeholders and decision processes in the organization. The following key activities are intended to provide salient points associated with establishing EA :
- Establish an architecture team and charter them to provide clearly defined services and deliverables
- Adopt an enterprise architecture framework which, at a minimum, provides:
- Common understanding of EA, its domains, and building blocks of each EA domain
- A structure to support EA “models” by defining building blocks and their relationships
- Effective methods, tools and guidance for developing actionable EA deliverables
- Guidance for effective EA governance
- Best-practice-based solutions to build common business and/or technical capabilities
- Analyze the business strategy and goals, and understand the business operating model
- Define a set of principles, enterprise-level requirements and constraints for the architecture
- Divide the EA into segments, and prioritize the EA work across these segments to incrementally develop EA in accordance with the business priorities
- Determine target maturity levels across EA segments to support the business operating model and long-term business strategy
- Develop and communicate the EA Plan including its incremental and federated approach, and gain stakeholder buy-in
- Execute the EA Plan to incrementally define target EA and a roadmap
- Measure the progress, maturity and effectiveness of EA program, and refine as necessary
2. Corporate And ICT Master Plan
CORPORATE STRATEGIC PLANNING
Systematic process of determining goals to be achieved in the foreseeable future. It consists of:
(1) Management’s fundamental assumptions about the future economic, technological, and competitive environments.
(2) Setting of goals to be achieved within a specified timeframe.
(3) Performance of SWOT analysis.
(4) Selecting main and alternative strategies to achieve the goals.
(5) Formulating, implementing, and monitoring the operational or tactical plans to achieve interim objectives.
3. Enterprise Data Management (EDM)
ENTERPRISE DATA MANAGEMENT (EDM) IS :
A concept – referring to the ability of an organization to precisely define, easily integrate and effectively retrieve data for both internal applications and external communication.
A business objective – focused on the creation of accurate, consistent and transparent content. EDM emphasizes data precision, granularity and meaning and is concerned with how the content is integrated into business applications as well as how it is passed along from one business process to another.
EDM arose to address circumstances where users within organizations independently source, model, manage and store data. Uncoordinated approaches by various segments of the organization can result in data conflicts and quality inconsistencies – lowering the trustworthiness of the data as it is used for operations and reporting.
The goal of EDM is trust and confidence in data assets. Its components are :
STRATEGY AND GOVERNANCE
EDM requires a strategic approach to choosing the right processes, technologies and resources (i.e. data owners, governance, stewardship, data analysts and data architects). EDM is a challenge for organizations because it requires alignment among multiple stakeholders (including IT, operations, finance, strategy and end-users) and relates to an area (creation and use of common data) that has not traditionally had a clear “owner.”
The governance challenge can be a big obstacle to the implementation of an effective EDM because of the difficulties associated with providing a business case on the benefits of data management. The core of the challenge is due to the fact that data quality has no intrinsic value. It is an enabler of other processes and the true benefits of effective data management are systematic and intertwined with other processes. This makes it hard to quantify all the downstream implications or upstream improvements.
The difficulties associated with quantification of EDM benefits translate into challenges with the positioning of EDM as an organizational priority. Achieving organizational alignment on the importance of data management (as well as managing data as an ongoing area of focus) is the domain of governance. In recent years the establishment of an EDM and the EDM governance practice has become commonplace despite these difficulties.
Implementation of an EDM program encompasses many processes – all of which need to be coordinated throughout the organization and managed while maintaining operational continuity. Below are some of the major components of EDM implementation that should be given consideration:
EDM requires alignment among multiple stakeholders (at the right level of authority) who all need to understand and support the EDM objectives. EDM begins with a thorough understanding of the requirements of the end users and the organization as a whole. Managing stakeholder requirements is a critical, and ongoing, process based in an understanding of workflow, data dependencies and the tolerance of the organization for operational disruption. Many organizations use formal processes such as service level agreements to specify requirements and establish EDM program objectives.
POLICIES AND PROCEDURES
Effective EDM usually includes the creation, documentation and enforcement of operating policies and procedures associated with change management, (i.e. data model, business glossary, master data shared domains, data cleansing and normalization), data stewardship, security constraints and dependency rules. In many cases, these policies and procedures are documented for the first time as part of the EDM initiative.
DATA DEFINITIONS AND TAGGING
One of the core challenges associated with EDM is the ability to compare data that is obtained from multiple internal and external sources. In many circumstances, these sources use inconsistent terms and definitions to describe the data content itself – making it hard to compare data, hard to automate business processes, hard to feed complex applications and hard to exchange data. This frequently results in a difficult process of data mapping and cross-referencing. Normalization of all the terms and definitions at the data attribute level is referred to as the metadata component of EDM and is an essential prerequisite for effective data management.
Even though EDM is fundamentally a data content challenge, there is a core technology dimension that must be addressed. Organizations need to have a functional storage platform, a comprehensive data model and a robust messaging infrastructure. They must be able to integrate data into applications and deal with the challenges of the existing (i.e. legacy) technology infrastructure. Building the platform or partnering with an established technology provider on how the data gets stored and integrated into business applications is an essential component of the EDM process.
Enterprise data management as an essential business requirement has emerged as a priority for many organizations. The objective is confidence and trust in data as the glue that holds business strategy together.
4. Corporate and ICT Risk Management
While there are many varied definitions of riskwidely available, often incorporating industry
specific terminology, it is generally accepted thatif we know for certain something is going tohappen it has no risk attached to it. Should there be an element of uncertainty surrounding it,then risk exists.For the purposes of this Guide, risk encompasses both possible threats and opportunities andthe potential impact these may have on the ability ofthe agency to meet its objectives. Thatis, risk relates to both challenges to, and opportunities for, the agency.The Standard separates risk into two types –strategic risk and operational risk. Strategicrisks relate directly to an agency’s strategic planning and management processes. Strategicrisks are those which could significantly impacton the achievement of the agency’s visionand strategic objectives.
Risk management embodies an organizational culture of prudent risk-taking within an agency. It is the process of identifying, assessing and responding to risks, andcommunicating the outcomes of these processes to the appropriate parties in a timelymanner. An effective risk management system:
- improves planning processes by enablingthe key focus to remain on core business andhelping to ensure continuity of service delivery
- reduces the likelihood of potentially costly‘surprises’ and assists with preparing forchallenging and undesirable events and outcomes
- contributes to improved resource allocationby targeting resources to the highest levelrisks
- improves efficiency and general performance
- contributes to the development of a positive organizational culture, in which people andagencies understand their purpose, roles and direction
- improves accountability, responsibility, transparency and governance in relation to bothdecision-making and outcomes.
- adds value as a key component of decision-making, planning, policy, performance andresource allocation, when subject to continual improvement.
FACTORS THAT INHIBIT EFFECTIVE RISK MANAGEMENT CAN INCLUDE :
- a lack of time and resources allocated to risk management
- a lack of support for a risk management culture from executive management
- difficulty in identifying and assessing emergingrisks, especially cross-agency risks
- a lack of independent assurance overthe effectiveness of the risk management
- a lack of clarity over risk ownershipand the responsibility for risk management
- over- or under-treatment of risks, and
- unnecessarily complex risk documentation.When risk management has commitment fromexecutive management by encouraging astrong organizational culture and awarenessof risk, an agency should be able to overcomethe factors which inhibit effective risk management.
5. Business Process Management
BUSINESS PROCESS MANAGEMENT (BPM)
Business process management (BPM) is a systematic approach to making an organization’s workflow more effective, more efficient and more capable of adapting to an ever-changing environment. A business process is an activity or set of activities that will accomplish a specific organizational goal.
The goal of BPM is to reduce human error and miscommunication and focus stakeholders on the requirements of their roles. BPM is a subset of infrastructure management, an administrative area concerned with maintaining and optimizing an organization’s equipment and core operations.
BPM is often a point of connection within a company between the line-of-business (LOB) and the IT department. Business Process Execution Language (BPEL) and Business Process Management Notation (BPMN) were both created to facilitate communication between IT and the LOB. Both languages are easy to read and learn, so that business people can quickly learn to use them and design processes. Both BPEL and BPMN adhere to the basic rules of programming, so that processes designed in either language are easy for developers to translate into hard code.
6. IT Services Quality Improvement and Standard
INFORMATION TECHNOLOGY INFRASTRUCTURE LIBRARY (ITIL)
ITIL is a widely accepted approach to IT Service Management (ITSM), which has been adopted by individuals and organizations across the world. ITIL provides a cohesive set of best practice, drawn from the public and private sectors internationally.
Because ITSM is driven both by technology and the huge range of organizational environments in which it operates, it is constantly evolving.
CONTROL OBJECTIVES FOR INFORMATION AND RELATED TECHNOLOGY (COBIT)
COBIT is a framework for developing, implementing, monitoring and improving information technology (IT) governance and management practices.
The COBIT framework is published by the IT Governance Institute and the Information Systems Audit and Control Association (ISACA). The goal of the framework is to provide a common language for business executives to communicate with each other about goals, objectives and results. The original version, published in 1996, focused largely on auditing. The latest version, published in 2013, emphasizes the value that information governance can provide to a business’ success. It also provides quite a bit of advice about enterprise risk management.
The name COBIT originally stood for “Control Objectives for Information and Related Technology,” but the spelled-out version of the name was dropped in favor of the acronym in the fifth iteration of the framework.
COBIT 5 IS BASED ON FIVE KEY PRINCIPLES FOR GOVERNANCE AND MANAGEMENT OF ENTERPRISE IT :
Principle 1: Meeting Stakeholder Needs
Principle 2: Covering the Enterprise End-to-End
Principle 3: Applying a Single, Integrated Framework
Principle 4: Enabling a Holistic Approach
Principle 5: Separating Governance From Management
7. ICT Project Management
PROJECT MANAGEMENT OFFICE (PMO)
A Project Management Office (PMO) is a group or department within a business, agency or enterprise that defines and maintains standards for project management within the organization.
The primary goal of a PMO is to achieve benefits from standardizing and following project management policies, processes and methods. Over time, a PMO generally will become the source for guidance, documentation, and metrics related to the practices involved in managing and implementing projects within the organization. A PMO may also get involved in project-related tasks and follow up on project activities through completion. The office may report on project activities, problems and requirements to executive management as a strategic tool in keeping implementers and decision makers moving toward consistent, business- or mission-focused goals and objectives.
How a project management office (PMO) is designed and staffed for maximum effectiveness depends on a variety of organizational factors, including targeted goals, traditional strengths and cultural imperatives. There are three basic organizational styles for a project management office.
8. ICT Infrastructure
ICT Infrastructure offers a range of technologies to assist organizations in running efficiently. These services are essential to the everyday mechanics of an organization and integral to effective service delivery. These include hardware, software, networking and implementation.
9. Software Architect
Software architect is a computer programmer or computer manager or expert who makes high-level design choices and dictates technical standards, including software coding standards, tools, and platforms.
DEFINING SOFTWARE ARCHITECTURE
The software architecture of a program or computing system is a depiction of the system that aids in the understanding of how the system will behave.
Software architecture serves as the blueprint for both the system and the project developing it, defining the work assignments that must be carried out by design and implementation teams. The architecture is the primary carrier of system qualities such as performance, modifiability, and security, none of which can be achieved without a unifying architectural vision. Architecture is an artifact for early analysis to make sure that a design approach will yield an acceptable system. By building effective architecture, you can identify design risks and mitigate them early in the development process.