Governance, Architecture and IT Strategy



Governance Architecture IT Strategy and ITSM


IT Governance is defined as a responsibility of the Board of Directors and of executive management. It is a component of enterprise governance and consists of the leadership, organizational structures and processes that ensure an organization’s IT function sustains and fulfills business strategies and objectives.

IT Management is increasingly being challenged to understand and articulate the risks and benefits of IT, and to find ways to deal with:

  • Aligning IT with the business strategy
  • Adding value to the business
  • Managing the risk of IT
  • Managing the IT resources
  • Managing IT’s Performance


Some of the business drivers for IT governance include:


  • Growth in regulation and compliance
  • Enhanced returns on investment
  • Increased maturity of IT best practices and standards
  • Mitigation of operational risks related to IT applications and infrastructure
  • Requirements for improved oversight and control over outsourcing/ off-shoring


Qualisys Consulting offers IT consulting services that assist organizations in all aspects of implementing and managing IT Governance and strategy. Our IT Governance consulting services are based on the principles and guidelines of the CobiT and related frameworks, and are aimed to assist IT management in integrating and institutionalizing IT management best practices to ensure that IT supports the business' objectives. Some of the key IT Governance consulting services we offer include:


Corporate Governance Assistance

Conducting business in today’s environment poses unique complexities, such as digital disruptions, radical changes to business models, shifts in political and societal views and unexpected economic shocks. Companies face major disruptions to their operating structures, and executive and non-executive board members must be prepared to navigate a myriad of rapidly-changing challenges.

At QUALISYS Consulting, we serve as trusted partners to boards, helping to identify critical business issues and how best to mobilize their organizations whilst keeping operations running smoothly and efficiently.

Our restructuring heritage and depth of senior resources gives us a rounded view of the methods by which boards can better manage their internal and external stakeholders when challenges present themselves. We work with boards to provide assurance that the risk management strategies being employed are effective, regularly monitored and are reducing risk within agreed upon and accepted tolerance levels.

There are no simple solutions, as each company situation varies and their needs are unique. QUALISYS specifically tailors its course of action to your board’s responsibilities across the governance spectrum, by providing expertise in the areas of: Corporate Assessment, Board Composition / Performance Evaluation, Corporate Risk Definition, Tolerance and Oversight; Executive Succession Planning, Crisis Management & Business Resilience and Compliance.


For more information and details in this section, Contact us.

Enterprise Risk Management

We assist the Board, Audit and Risk Committees, Senior Executives, Management and General Staff through assessments, advisory and training in the following ERM services:

  • Aligning Risk appetite and strategy
  • Enhancing risk response decisions
  • Reducing operational surprises and loses
  • Identifying and managing cross-enterprise risks
  • Providing integrated responses' to multiple risks
  • Seizing opportunities and improving deployment of capital
  • Implementation of Risk Framework: Risk Governance, Risk Evaluation and Risk Response


Our Enterprise Risk Management services provide a structured, practical, results-oriented approach that assists organisations to design and implement an appropriate Enterprise Risk Management System, incorporating the policies, procedures, practices, and accountability required to establish the right levels of Risk Management in compliance with the Corporate Governance requirements for their organisations. Our consultants have a sound understanding of the COSO – Enterprise Risk Management framework, ISO 31000, and ISO 27005 standards. The Risk Management solutions and methodologies can be implemented by organisations of all sizes, in all sectors, e.g. public, private, non-profit, educational, manufacturing, and include:


  • Implementing Enterprise Risk Management frameworks
  • Reviewing and developing Risk Management strategies, policies and procedures
  • Recommending key Risk Management tools
  • Determining the major risks facing your organisation
  • Develop risk models that determines various essential organisation-specific risk parameters


For more information and details in this section, Contact us.

Enterprise Architecture

As you look to get clear insight into your complex enterprise, come to us for sound ideas. We’re experts at analyzing, optimizing, planning and managing enterprise architectures.

In fact, we offer you enterprise architecture expertise along with industry and product expertise. Many of our experts are TOGAF™ trained and certified. That assures you quality services and products conveniently from a single source.

Services include:

  • Enterprise architecture maturity assessment
  • Enterprise architecture governance implementation
  • Enterprise architecture modeling and analysis
  • Business- and architecture-driven solution analysis and design
  • Communications Services help you build a positive image of your program and gain the right visibility


Based on proven modeling techniques and standards like TOGAF, our approach gives you a toolset for mapping your entire IT system in terms of their business-IT transformation with an accurate, real-time picture of the IT landscape, including all applications and technologies, the inter-relationships between them, the information they exchange as well as the business organizations and processes they support.


Key Benefits of our service include:


  • Ensure business results

    Align IT structures with business objectives and processes to ensure that IT transformation goes hand-in-hand with the transformation of business.

  • Improve agility and flexibility

    Transform your IT into a responsive and flexible construct to increase business productivity. Respond quickly and flexibly to new business challenges and meet business demands.

  • Improve compliance and control

    Increase project control with a holistic approach to governance. Enforce compliance controls effectively. Improve governance via defined responsibilities and auditable processes.

  • Innovate faster

    Increase transparency into the IT landscape to accelerate IT’s ability to innovate for the business.


For more information and details in this section, Contact us.

IT Strategy and Plan Development

The development of an IT strategy and Master Plan that manages and directs all IT resources in line with the business strategy and operations is a key requirement and challenge for business as well as IT management.


Our IT Strategy services cover the following areas:

  • Strategic Alignment - these services include IT strategy facilitation and development aimed at ensuring the linkage of business and IT plans that articulate and define the IT value proposition. This will enable you to align your IT operations with the business operations

  • Value Delivery – these services are about assisting you to execute IT’s value proposition throughout the delivery cycle and ensuring that IT delivers the promised benefits against the strategy. This involves assistance on how to optimize costs and proving the value of IT

  • Performance Measurement – these services will assist you to track and monitor implementation, project completion, resources usage, process performance and service delivery, using Balanced Scorecards that translate strategy into action to achieve objectives beyond conventional accounting.

  • Resource Management – this service is about assistance to optimize the IT investment, and the proper management of critical IT resources, applications, information infrastructure and people

  • ICT Master Plan development: This service is about identify ICT projects within the organization, required infrastructure for these projects and provide guidance for implementing those projects. It specifies the implementation strategies, action plans and estimates resources that are needed to realize ICT policy. The ICT Master Plan is a key document to support the future ICT activities of the organization.

  • IT Balanced Scorecard Development: The Balanced Scorecard has emerged as a proven and effective performance management tool that can be leveraged to enable alignment of the IT strategy with that of the business. The IT Balanced Scorecard can also be an effective means for IT management to communicate with, and report to the executive management about the performance and value if IT. Our approach to the development of IT Balanced Scorecard, involves combining the Balanced Scorecard with the CobiT guidelines for IT strategy, as part of the strategic planning process, thereby creating a solid foundation for a balanced IT strategy development approach for your organisation.


For more information and details in this section, Contact us.

CobiT Assessment

Our CobiT Assessment service is designed to provide an assessment of your current IT process control environment, risks and maturity levels, utilising a range of information gathering techniques including interviews, facilitated workshops, observations and the study of relevant records and documentation.The aim of the CobiT assessment is to provide management the means to make informed decisions on which IT areas to focus on, which areas to improve, to derive maximum value.A review of the existing IT related documentation is necessary in order to evaluate the adequacy of your IT control as well as the maturity of your IT processes.The CobiT Assessment utilises the following CobiT components:

  • CobiT Control Objectives to measure the adequacy of the controls of the selected IT processes, and to identify how to address the Gaps
  • CobiT Control practices
  • CobiT maturity models for the IT processes included in the scope, to establish the “As-is” maturity, in order to plan the enhancement of process maturity to the “To-be” levels


Based on the current objectives and risks, we assist you to identify and select the priority CobiT processes that require initial focus and action. This will enable the organisation to show senior executives the “Quick Wins” and define an effective CobiT implementation plan. The output of the process is a CobiT Assessment report which includes a quality review of the IT operation against the CobiT guidelines, with gaps and actions identified against the CobiT framework’s guidelines. In addition, we provide maturity and risk assessments against each CobiT area.


For more information and details in this section, Contact us.

CobiT Implementation

CobiT has become the de facto model for IT Governance. A major challenge for organisations wishing to implement CobiT is to identify where to begin, and how to do it. According to ISACA, “CobiT is implemented when you have executed the improvement projects that have been translated from the gaps that linked where you are and where you want to be relative to the important things to do for IT control and governance, identified based on an analysis of your organisation’s values and risks.”The requirements and effort associated with a CobiT implementation, could be daunting, and could involve months and even years of effort to execute.

Our IT Governance Implementation Services provide a structured, practical, results-oriented approach that assists organisations in all the aspects of implementing CobiT, thereby bridging the gap between the “As-is” and “To-be” positions, i.e. enhancing the current capability of the IT processes as determined with the assessment and the target capability planned, as measured against the CobiT frameworks guidelines.


Covering the full lifecycle of IT Governance implementation, the services include:

  • Integrating IT governance with Corporate Governance
  • Ensuring accountability for IT throughout the organisation
  • Defining appropriate IT organisational structures (IT Steering Committees, IT Strategy Committees, IT investment Committees)
  • Developing, documenting and clearly communicating IT policies, standards and processes for IT governance and control
  • Effecting cultural change
  • Driving a process and culture of continuous improvement
  • Creating optimum monitoring and reporting structures


For more information and details in this section, Contact us.

IT Service Management Assessment

Our IT Service Management Assessment Service involves on-site consultancy to critically review your IT Service Management operation. This includes conducting workshops; interviewing key stakeholders, management, customers; and reviewing documentation, current work practices and procedures. The assessment will identify strengths, weakness and opportunities, including quick wins.

Our Service Management assessment services will assess your present IT service and support capabilities to define a benchmark of your "as-is" situation and to identify the areas most in need of improvement in order to realize your management goals and objectives. Examples of assessment services include:


  • Assessment of how well end-users and customers’ expectations are met by your current service portfolio
  • Assessment of the maturity of one or more services or ITIL processes
  • Assessment and selection of high-priority processes for improvement
  • Assessment of your current processes for adherence to ITIL
  • The outcome of the assessment will define and prioritize a set of one or more projects that will allow your organization to realize the intent of ITIL: align your IT with business requirements, improve service quality and lower the long-term cost of IT service provision



For more information and details in this section, Contact us.

ITIL Process Design

Our approach to IT service management process design involves a practical and iterative approach to process definition and documentation. We use facilitated workshops with key client personnel to define and document your service management processes.

These workshops focus on the single IT service management process and are attended by a small group of client personnel with intimate knowledge of each current state process and a clear vision of the ultimate desired state process.


Our consultant leads each workshop, during which the participants examine the ITIL best practice guidelines for that process in terms of:


  • Process workflow
  • Process roles (owners and participants)
  • Review the current state process and compare that process with ITIL best practice
  • Define and document the desired state process workflow in terms of workflow and roles


This ITIL design process involves translation of the business requirements into a technical “how to” for the project team to implement.



Typical outputs of the process design phase include:


  • Detailed process flow indicating the major process inputs, activities, outputs and control requirements for the selected process (level 2 and 3);
  • The compilation of a RACI matrix, detailing the resources that would be Responsible, Accountable, Consulted or Informed during the execution of the specific process;
  • The compilation of Functional Allocation Diagrams (Fad’s) describing the key inputs, activities, outputs and control requirements for the specific sub-process contained within the main process


For more information and details in this section, Contact us.

ITSMS ISO 20000 Assistance

Our ISO 20000 assessments are designed to examine and measure the compliance to ISO 20000 service management requirements within the organization, and to identify areas of non-compliance where further work needs to be carried out in readiness for the ISO 20000 Certification. Depending on the type of assessment, the deliverables may include:

  • The production of an Executive Summary report
  • An ISO 20000 Compliance score that can be used as a baseline
  • Details of major and minor non-compliances found
  • Identification of recommendations for correcting non-compliances
  • A Statement of Applicability
  • A route map for moving forward to achieve ISO 20000


Benefits of the ISO 20000 assessment:


  • Provides an independent assessment tailored to your organization’s needs carried out by experienced consultants
  • The approach is applicable to organizations of different sizes and whose existing Service Management processes vary in maturity
  • For organizations wishing to initiate the improvement programme, the assessment can be used to provide a baseline upon which continuous improvement can be measured
  • Provides a starting point for building a business case to achieve ISO 20000 Certification


For more information and details in this section, Contact us.

Quality Management System Assistance

At QUALISYS we help our clients to implement quality management systems that not only meet their needs and certification requirements but also bring significant business benefits. These include:

  • Increased client confidence and satisfaction
  • Improved efficiency and increased productivity
  • Reduced costs due to reduced errors and rework
  • Positive impact on company profile and reputation
  • Improved staff motivation


We steer you through the entire process, and our quality management services include:



  • Design and implementation of formal quality management system
  • Gap analysis of quality management systems to the international standards requirements
  • Setting quality objectives and targets
  • Process mapping
  • Pre-assessment and internal audits
  • Customer satisfaction measurement


We provide professional and expert quality management consultancy to businesses across all sectors, and can tailor these services to suit your particular needs.



For more information and details in this section, Contact us.