E. Manage

The establishment and oversight of an organisation's approach to the use of Information systems and digital services, and associated technology, in line with the needs of the principal stakeholders of the organisation and overall organisational corporate governance requirements. The determination and accountability for evaluation of current and future needs; directing the planning for both supply and demand of these services; the quality, characteristics, and level of IT services; and for monitoring the conformance to obligations (including regulatory, legislation, control, and other standards) to ensure positive contribution of IT to the organisation's goals and objectives.

The overall governance of how all types of information, structured and unstructured, whether produced internally or externally, are used to support decision-making, business processes and digital services. Encompasses development and promotion of the strategy and policies covering the design of information structures and taxonomies, the setting of policies for the sourcing and maintenance of the data content, and the development of policies, procedures, working practices and training to promote compliance with legislation regulating all aspects of holding, use and disclosure of data.

The protection of integrity, availability, authenticity, non-repudiation and confidentiality of information and data in storage and in transit. The management of risk in a pragmatic and cost effective manner to ensure stakeholder confidence.

The analysis and proactive management of business demand for new services or modifications to existing service features or volumes. Collaborating with the business to prioritise demand in order to improve business value. Developing and communicating insights into patterns of demand. Proposing responses to meet both short-term and long-term demand and facilitating decision making and planning. Integrating demand analysis and planning with complementary strategic, operational and change planning processes.

The overall financial management, control and stewardship of the IT assets and resources used in the provision of IT services, including the identification of materials and energy costs, ensuring compliance with all governance, legal and regulatory requirements.

The planning and implementation of organisation-wide processes and procedures for the management of risk to the success or integrity of the business, especially those arising from the use of information technology, reduction or non-availability of energy supply or inappropriate disposal of materials, hardware or data.

The provision of service continuity planning and support, as part of, or in close cooperation with, the function which plans business continuity for the whole organisation. The identification of information systems which support critical business processes. The assessment of risks to critical systems' availability, integrity and confidentiality. The co-ordination of planning, designing, testing and maintenance procedures and contingency plans to address exposures and maintain agreed levels of continuity.

The identification, planning and coordination of a set of related projects within a programme of business change, to manage their interdependencies in support of specific business strategies and objectives. The maintenance of a strategic view over the set of projects, providing the framework for implementing business initiatives, or large-scale change, by conceiving, maintaining and communicating a vision of the outcome of the programme and associated benefits. (The vision, and the means of achieving it, may change as the programme progresses). Agreement of business requirements, and translation of requirements into operational plans. Determination, monitoring, and review of programme scope, costs, and schedule, programme resources, inter-dependencies and programme risk.

The management of projects, typically (but not exclusively) involving the development and implementation of business processes to meet identified business needs, acquiring and utilising the necessary resources and skills, within agreed parameters of cost, timescales, and quality. The adoption and adaptation of project management methodologies based on the context of the project and selecting appropriately from predictive (plan-driven) approaches or adaptive (iterative/agile) approaches.

The provision of support and guidance on portfolio, programme and project management processes, procedures, tools and techniques. Support includes definition of portfolios, programmes, and projects; advice on the development, production and maintenance of business cases; time, resource, cost and exception plans, and the use of related software tools. Tracking and reporting of programme/project progress and performance are also covered, as is the capability to facilitate all aspects of portfolio/ programme/ project meetings, workshops and documentation.

The definition and management of the process for deploying and integrating new digital capabilities into the business in a way that is sensitive to and fully compatible with business operations.

Establishing an approach for forecasting, planning and monitoring the emergence and effective realisation of anticipated benefits. Identifying and implementing the actions needed to optimise the business impact of individual and combined benefits. The confirmation of the achievement of expected benefits.

Validation of systems, products or services, to assure that the stakeholder and organisational requirements have been met, required practice has been followed, and systems in use continue to meet organisational and user needs. Iterative assessment (from early prototypes to final live implementation) of effectiveness, efficiency, user satisfaction, health and safety, and accessibility to measure or improve the usability of new or existing processes, with the intention of achieving optimum levels of product or service usability.

The provision of operational security management and administrative services. Typically includes the authorisation and monitoring of access to IT facilities or infrastructure, the investigation of unauthorised access and compliance with relevant legislation.

The overall resource management of the workforce to enable effective operation of the organisation. Provision of advice on any aspect of acquiring resources, including employees, consultants and contractors.

The process of ensuring, through independent assessment and review, that appropriate working practices, quality control activities, organisational processes and quality standards are in place and adhered to and that best practices are promoted throughout the organisation. Quality assurance provides confidence to internal management and external bodies, such as customers or regulators, that quality requirements will be fulfilled. Quality assurance may relate to any area where quality standards are applied, including products, data, services and business processes.

The development and operation of a measurement capability to support agreed organisational information needs. The planning, implementation, and control of activities to measure attributes of processes, products, and services in order to assess performance, progress, and provide indications and insights to actual or potential problems, issues, and risks. The identification of requirements, selecting measures and measurement scales, establishing data collection and analysis methods, setting target values and thresholds. Measurement can be applied to organizations, projects, processes, and work products.

The independent assessment of the conformity of any activity, process, deliverable, product or service to the criteria of specified standards, best practice, or other documented requirements. May relate to, for example, asset management, network security tools, firewalls and internet security, sustainability, real-time systems, application design and specific certifications.

The systematic identification, analysis, management, monitoring and improvement of stakeholder relationships in order to target and improve mutually beneficial outcomes. Gains commitment to action through consultation and consideration of impacts. Design the relationship management approach to be taken; including roles and responsibilities, governance, policies, processes, and tools, and support mechanisms. Creatively combines formal and informal communication channels in order to achieve the desired result.