Skip to main content

Best practice in running an IT operation

(draft)

I am doing a project for a large company, a bank. One of the issues that I have to dealt with is IT organization, especially in operation. There are numerous issues that we have to solve. Unfortunately, I am having difficulties finding references relating to IT operation. Even the web that I thought is a botomless fountain of knowledge produces nothing. I hit the bottom.

One of the things I am looking for is organizational structure within this bank. Is there a best practice in running a large IT support? What do people do to separate the duties? (ie. planning, development, QA, operation, help desk, network, sysadmin, security) How do you structure it? Do you outsource? Which part? Why? Horror stories?

Regarding workplace, what is the best IT office for these people? (I am looking at various interior design web sites, but none talks about IT support.) Most references I found are related to software house. There are references to good office design for programmers. (You might want to read Joel Spolsky's Joel on Software article[s] on office for programmers. He designed his company's office to lure great programmes.) Well, IT operation in Banking is not software house. Do you have to go such extra miles?

Any pointers would be appreciated. Post your comments here ...

Comments

fankychristian said…
Interesting, mr.gbt. We can say, there are no best practice for IT org in a bank. I think, each bank has its own focuses, which is the IT should support this focuses. And that's for the best. For example, in retail bank, supporting team should be wide enough to support the bank and it's branches. In foreign bank, they are focuses on IT management, and outsource the support team to other company. But for sure, the quality & performance management is a must to assurance the services. This one is what we missed..
Budi Rahardjo said…
Although there are different types of bank, I thought that there should be some standard practice(s) in running an IT operation. At least the majority of work should be similar, don't you think.

I speculate that the lack of information is due to the fact that many enterprises (including banks) do not have a good practice to share. Some of the things that they have done are not up to the standard. (ie. many bad practices.) Thus, they cannot document this.

I am thinking of writing a book on this to share with other people who are in similar situation (looking for best practice). But, it has to wait. I am so busy right now.
Harry Sufehmi said…
Satu contoh bisa dibaca disini. Mudah-mudahan akan ada menyusul dari yang lainnya lainnya.
Budi Rahardjo said…
Menarik juga melihat struktur organisasi di tempat anda. Hanya sayangnya itu di Pemerintahaan ya, bukan di Perbankan. (Tapi bagus untuk contoh eGovernment.)

Kalau setiap divisi / bagian memiliki help desk sendiri-sendiri apa jadinya tidak lebih mahal? Koordinasi apakah mudah? Khususnya untuk masalah security, apakah masing-masing memiliki unit yang menangani security ataukah tersentralisasi?
Harry Sufehmi said…
Maaf sedang jarang browsing, baru mampir lagi sekarang... anyway, memang mahal (support cost kita 5x dari IT industry average), karena itu saat ini sedang konsolidasi / restruktur, sehingga nantinya cuma ada satu Helpdesk.

Kita sudah lama berusaha sebetulnya, tapi resistansi dari departemen2 sangat besar dalam mempertahankan otonomi mereka ini (office politics, duh). Baru akhir-akhir ini saja akhirnya ada "tangan dari atas" yang membantu, walhasil bisa mulai menyatukan helpdesk yang ada.

Koordinasi ? he he.. jadi malu saya :-)
Ya, lagi-lagi dengan restruktur ini menjadi Central Helpdesk, maka baru bisa diharapkan adanya koordinasi yang baik.

Security belum terkoordinasi oleh satu bagian tertentu. Jadi masing2 bagian menjaga security-nya sendiri-sendiri. Ini hasilnya kurang optimal, karena jadinya ada duplikasi usaha di berbagai tempat; jadi ada banyak staf yang dobel tugas (mengerjakan tugasnya plus jadi staf security). Dan jelas kerja dobel-dobel begini beresiko, karena staf2 tsb tidak bisa menjadi betul2 ahli di bidang security.
Tapi sayangnya belum kelihatan ada minat untuk itu disini.

Saat ini saya sedang berusaha menterjemahkan dokumen-dokumen kebijakan IT di kantor, saya pikir akan ada manfaatnya bagi para profesional IT di Indonesia. Mudah-mudahan bisa segera menjadi kenyataan.

Popular posts from this blog

Himbauan Kepada Hacker & Cracker Indonesia & Malaysia

Kepada Hacker & Cracker Indonesia & Malaysia, Saya mengharapkan anda tidak melakukan penyerangan atau/dan pengrusakan situs-situs Indonesia dan Malaysia. Saya mengerti bahwa akhir-akhir ini beberapa masalah di dunia nyata membuat kita kesal dan marah. Namun kekesalan tersebut sebaiknya tidak dilimpahkan ke dunia maya (cyberspace). Semestinya sebelum melakukan aksi yang berdampak negatif, kita bisa melakukan langkah-langkah positif seperti melakukan dialog (melalui email, mailing list, bulletin board, blog, dan media elektronik lainnya). Kita harus ingat bahwa kita hidup bertetangga dan bersaudara. Yang namanya hidup bertetangga pasti mengalami perbedaan pendapat. Mari kita belajar bertetangga dengan baik. Saya berharap agar kita yang hidup di dunia maya mencontohkan bagaimana kita menyelesaikan permasalahan dengan kepala dingin dan hati yang lapang, sehingga para pemimpin kita di dunia nyata dapat mencontoh penyelesaian damai. Mudah-mudahan mereka dapat lebih arif dan bijaksana...

Say NO to APJII!

Prolog At the end of 1997, I went back to Indonesia from my studies and work in Canada. The .ID domain management in Indonesia at that time was in a confusing state. Nobody wanted to manage it. Universitas Indonesia (UI) - the original maintainer - was in a fight with APJII (the Association of Indonesian ISP). In the end, IANA gave me a mandate to manage the .ID domain. Since then, I manage the .ID domain with open management. There are problems, but mostly minors. Until recently, when APJII (again) is trying to take over the .ID domain management from my team. Here's a short info to give you a head start. Short summary APJII (the association of ISP in Indonesia) is trying to takeover the .ID domain management in Indonesia. They have tried and will try everything to take over. Long description I've been managing the .ID domain since the end of 1997. At that time, nobody wanted to run the domain management. First of all, a brief description of how we run things. To run the .ID d...

More bad news with Malaysia - Indonesia

I've got more emails and news about bad news between Indonesia and Malaysia. To be exact, there was a news about RELA (not sure what that is) that goes out after Indonesians in Malaysia. There were incidents where they hit Indonesians, rob, and do horrible things. I cannot even write this is my blog. I am so sad and frustrated. What's going on with Malaysia (and Malaysians)? What did we - Indonesian(s) - do to deserve this? I thought there should be less boundary between Indonesia and Malaysia. But ... What's going on there, bro & sis? You know, more Indonesians now feel that they are offended by Malaysians. I can tell you that this bad feeling is increasing. This is a bad publicity towards Malaysia. People are now creating various calling names, such as "Malingsia" (it's a short of "maling" [thief] "siah" [you, Sundanese]), and worse.