itSMF Bulletin May 2023 | Page 7

The cost of providing such digital services needs to be outweighed by the business value to the bank. The digital services need to offer the customer and the bank sufficient protection against cyber security threats such as hacking, phishing, identity theft and also offer the customer and the bank other classic IT Service Management ‘Warranties’ : Availability, Capacity & Performance and Continuity.

Digital business services such as online banking and banking apps on mobile phone platforms are enabled by an integrated set of ICT capabilities within the enterprise. For example, the apps need to communicate with a host, which interfaces into the core banking app and the various application systems will be hosted on ‘on premise’ infrastructure within the bank or within one of their managed service providers and some systems may be hosted on a cloud infrastructure. If the end-to-end digital services need to be stable and secure, yet new features and innovations need to be added swiftly, the underpinning technical services and the management and governance structure around them need to enable that.

The complexity of applying controls to Digital Service Delivery

Research over the years[1] reveals that a large percentage of business executives

·        unclear value, 

·        uncontrolled cost, 

·        (perceived or actual) security, availability, scalability and continuity vulnerabilities,

·        disconnected planning and 

·        lack of agility.

ICT Groups over the years tend to embrace the latest ‘Best Practice Frameworks’ and technology solutions as the next ‘Shiny New Thing’ with an expectation that they will single handedly enable them to achieve outcomes and business value. These ‘Shiny New Things’ include (but are not limited to):

·        In past decades the introduction and supposed ‘implementation’ of ITIL®[1], COBIT®, ISO27000, PRINCE2®, Enterprise Architecture, etc.

·        More recently the adoption of SCRUM and Scaled Agile.

·        Embracing the promise of CI-CD tool chains.

·        Introducing the latest IT Service Management platforms with an expectation that it will solve their Service Management capability

o   Service Providers (on the right)

Unfortunately these ‘Shiny New Things’ mostly fail to fully achieve the intended outcome and – often after a change of leadership – are eventually replaced by yet another shiny new initiative. It seems to be a never-ending cycle, yet business environments have an existential need for the engine behind their

used under permission of AXELOS Limited. All rights reserved.ITIL® 4, PRINCE2®, MSP® and P3O® are registered trademark of AXELOS Limited, used under permission of AXELOS Limited. All rights reserved.

Clearly, enterprises need to control their ICT in order to aggregate ‘technical services’ and components into end-to-end digital business service, so as to survive and thrive.