CMGA 2005 24 - 26th August 2005 Melbourne Business School, MELBOURNE

Program Details

Managing IT Risk – understanding the fundamentals of IT risk assessment
Raoul Blignaut (Citibank, South Africa)
Post WorldCom, ENRON and a raft of other spectacular business failures, the business world is rapidly moving towards a risk-based approach to management with the advent of the likes of SOX and BASIL2. Although this started with the financial and accounting areas of large corporations this has rapidly encompassed the entire organization, the Information technology division not withstanding.

This presentation looks at understanding the fundamentals of IT evaluation (or assessment) as it is the individual human actors and social groups who are completing the regular assessments of the risks, that can be the weakest (or strongest) links in the assessment process. The worlds best IT controls, checks, risk indicators and monitoring is only as good as the individual or group who does the final analysis and assessment (and thus judgment) of the risk area under review.

This paper provides and a view some of the weakness identified in the assessment of risk in the realm of IT and proposes some proactive approaches to mitigating these within your organization. The second presentation provides a review of specific IT risks

Managing Risk in IT - a review and interactive workshop of the core IT disciplines and some proposed risks for consideration
Raoul Blignaut (Citibank, South Africa)
This is an interactive workshop provides a core Information technology structure within which to review the risks that would be associated within the domain of IT. The structure is based on globally accepted disciplines within Technology, covering and reviewing key risks in the areas:

Architecture, change management, capacity & resource management, disaster recovery, information security, project management, problem management, software management, vendor & contract management, operations and facilities management.

A few of these areas will be reviewed and example risks proposed. An assessment will then be made of the risks and some of the associated problem of trying to measure these risks. Based on attendee participation input will be solicited and made of what could be considered key risks.

It is proposed that this workshop provide, you the it manager / processional, a starting point to continue such workshops within your respective organizations, thus providing a way forward in introducing a risk based approach to your organization. Organizations with a risk assessment process in-place will be able to assess their risks against industry norms and input from the workshop.

Getting Beyond Monitoring, Pretty Damn Quickly
Presented by Peter Harding
on behalf of…Dr. Neil J. Gunther, Performance Dynamics Company™
Performance can be though of in terms of "Measure, Monitor, Control". The missing 'M' word is, Model. After you've measured and monitored, you'd like to use that data to forecast requirements to size application servers, for example, as part of future procurement. That's how you gain control in the long run.

Monitoring is akin to watching meter-needles wiggle. But UNIX performance 'meters' only convey the instantaneous state of the system. Such a purely reactive view provides no means for forecasting what lies ahead. Like weather forecasting, you need powerful tools that can take the data and convert it to performance predictions e.g., trends in resource consumption and bottleneck ranking. The classic tools used for predicting performance involve sophisticated queueing models. After all, you can't forecast the weather by simply listening to the leaves rustle. The bad news is, you don't have the time to create and validate sophisticated performance models. The good news is, your management doesn't have that kind of time either. Often, they're just looking for a sense of direction---not the actual compass bearing.

In this tutorial, I will present the necessary queueing concepts needed for fast performance prediction in an elementary and palatable style. We shall then throw those concepts at such apparently benign questions as: Does a single 2.4 GHz Pentium PC, a multi-way blade, or a racked cluster have the best performance? Finally, at the application level, we shall size web and middleware servers based on actual load-test measurements. All examples will be demonstrated using the open source queueing analyzer called "Pretty Damn Quick," available for free download from http://www.perfdynamics.com/Tools/PDQcode.html

Capacity Management a la ITIL
Peter Greening (Peter L. Greening & Associates P/L)
The focus of this extended session is to assist attendees appreciate the IT Infrastructure Library (ITIL) framework generally, and ITIL's definition and description of Capacity Management. No doubt ITIL will generate a sense of d'ja vu for long term IT Service Management practitioners, but it also offers an opportunity to engage CIOs. Despite the likelihood of familiarity for the capacity planner with many concepts and terms, this extended session will seek to provide:

(i) Summary of ITIL framework - What is ITIL? touching on origins, copyright/public domain, literature, accreditation, drivers, benefits, success stories, ITIL v3, itSMF, etc - the BS15000 standard (adopted locally as AS8018) - a brief description of each of the ITSM service support and delivery functions and disciplines, some key terms and principles, process relationships, applicability to business processes -a little more depth on the description and definition of Capacity Management as per the ITIL framework.

(ii) Capacity Management self-assessment - an open self-assessment of the Capacity Management discipline within a typical IT site with questions explained as required.

The Capacity Management component of the downloadable Excel spreadsheet (a modified version) will be provided for all attendees to simultaneously assess their own site.

NTFS Workshop
Craig Linn (University of Western Sydney) The New Technologies File System (NTFS) is the preferred and most functional native file system for the Windows family of operating systems. Though NTFS is complex in nature it offers significant benefits over the simpler File Allocation Table (FAT) based systems so common on earlier Microsoft systems.

This workshop/seminar is aimed at those who are users of NTFS but have never had the time or opportunity to look “under the hood” and learn how NTFS internals underpin both its operational and performance characteristics.

This is not a management overview. Rather, we will start at the foundations looking at disk layouts and gradually work our way up to NTFS’s place in the overall Windows storage stack. Pointers and recommendations to further sources of information will also be provided.

Plenary Sessions (Thursday)

History of SHARE thru' Buttons
Barry Merrril (Merrill Consultants)
Since this is the 50th anniversary of the SHARE organization, Barry has completed the photography of his 1170 buttons and will present a history of SHARE through these buttons.

Barry as put the button images on a CD and a copy will be available for all attendees. This session is sure to be fun and informative!

Technical Paper on SAS Clones
Barry Merrril (Merrill Consultants)

Plenary Session (Friday)

Data Centre Relocation - Risks, Issues, Logistics
David Cowell (Storage Tek)
Is your company considering relocating your data centre or consolidating multiple IT facilities ? If so, this presentation is for you. A Data Centre relocation is a complex IT infrastructure project. Planning is critical and there are many planning considerations that, if properly managed, will help ensure your relocation proceeds smoothly and with minimal impact to hardware availability service levels. This presentation will include multi-media footage of a relocation process and will discuss common risks and issues associated with moving data centres.

Plenary Session (Friday)

ITIL Panel Session
Geoff Grinton (IBM), Peter Greening (PLGA), Tony Allan (APMS)
Our ITIL experts will give their overview, then they will take questions from the floor in an open-forum discussion on this topical area. This session promises to be a thought-provoking and stimulating end to CMGA2005.