Problem statement...

« Cost control » and « user satisfaction » are essential today for a good management of the information services. To face these new quality and security criteria, IT managers should consider them in the choice of the implemented solutions as well as in the provided services.

In theory, user satisfaction should be the result of an efficient management of application changes; however, this is sometimes a difficult challenge due to the increasing systems complexity, their heterogeneity, and the lack of resources.

Because of this, multiple standards and best practices recommendations came up these last years (COBIT, ITIL, CMM); IT manager are pleased to refer them to implement their objectives in term of quality and reliability.

Standards, Frameworks and ARCAD

COBIT
Lets talk first about the COBIT (Control objectives for information and technology); initialized by ISACA (the Information Systems Audit and Control Association), it has been developed to support the risks management specific to the IT domain.
Created in 1996 to answer the need of an IT security and control framework, its objective is to bridge the gap between control requirements, technical issues and business risks by establishing best practices in information system audit. It is mainly used in the context of the Sarbanes-Oxley act; it comes from the IT Governance Institute (www.itgi.org) to help the evolution and the formalization of the risks control in the IT domain.
Bringing a company to the compliance to these standards is truly a heavy process; it is however healthy in various aspects. The positive point in this approach is that moving companies smoothly to use these best practices frameworks helps bringing the IT into the industrial age.

The COBIT and the ARCAD solution
Although ARCAD tools original objective is to guarantee the quality of the applications, they bring substantial and practical answers to various aspects that COBIT framework points out.
ARCAD tools have been studied in the light of the 300 control points of the framework and it appears that:

• ARCAD tools bring an added value in 80% on the control points;
• ARCAD tools can be seen as essential for some of the control points;
• They have globally an important role in the audit phase (by providing the auditor with the information he is looking for); they are a success factor impact in the level of control maturity (from 0 [None] to 5 [optimized]).

ITIL
ITIL (IT Infrastructure Library) customizable framework has been created in 1980 from real-life experience; it proposes an approach for the industrialization of the services provided by the IT department, and is based on 10 key processes. With this approach, it is recommended to define service levels and have service level agreements formalized towards the business objectives of the company. ITIL then proposes a set of best practices to reach fulfill these agreements. Among the domains that ITIL covers, the main activities of operation and production services can be found together with some issues handled by the engineering department, such as the change management. You can find more details on ITIL on the www.itsmf.com web site.

ITIL and the ARCAD solutions
ARCAD-Skipper, ARCAD-Observer and ARCAD-Customer software suites answer perfectly the needs resulting of an ITIL approach. They cover the following aspects:

• Service desk
• Incident management,
• Problem management,
• Configuration management,
• Change management,
• Release management,
• Service level management.

All evolutions are managed within an organized and secure process through clearly identified version, thus allowing keeping the knowledge in the previous versions.
In addition to the audit part, the ARCAD solutions allow you to set a solid and secure architecture, where all software evolutions can be archived and tracked, thus meeting the basic rules of a quality process.
These best practices are more than a constraint for an organization; they give it a chance to put in place a structured and professional management for its information system that often represents their first wealth.
Using this approach will hopefully help to reach a quality level required by the users.

CMM
CMM (Capability Maturity Model) is an IT process evaluation and evolution model. It has been developed in 1987 with the introduction of a 5 levels maturity scale. It makes an efficient tool for process evaluation in the software development domain. It is based on best practices coming from various companies; that is the source of its worldwide success. For example, compliance to the CMM model is required to work with the American Department of Defense.
This model is maintained by the SEI (Software Engineering Institute). You can find more information on the CMM site: www.sei.cmu.edu/cmm

CMM and ARCAD
Here again, adopting CMM as a model is a real opportunity for the companies: the opportunity for IT services to improve its organization; the opportunity to enter an industrial era with clearly established processes; finally the opportunity to improve its productivity.

Actually, conformity to standards in an information system where a huge amount of information is processed is an important factor of productivity, even though it is not the common opinion.
Considering the work to be done to comply with standards, implementing tools is justified. If a company does not want to support the associated constraints passively, it is in his interest to adopt a tool approach, the only guaranty for a long-term efficiency
By providing the protection of the application asset, the security of the components, the protection of the environment, the traceability of evolutions, ARCAD offer again represents the methodological basis that is mandatory in such a context.

CONCLUSION

It is difficult for IT services managers to convince that software configuration management, documentation and help-desk solutions bring added value. Thanks to these new standards and frameworks, you have good arguments to enter the CEO desk without any anxiety.