Become a Strategic CIO

  • Buy Link or Shortcode: {j2store}80|cart{/j2store}
  • member rating overall impact: 9.5/10 Overall Impact
  • member rating average dollars saved: $10,000 Average $ Saved
  • member rating average days saved: 15 Average Days Saved
  • Parent Category Name: IT Strategy
  • Parent Category Link: /it-strategy
  • As a CIO, you are currently operating in a stable and trusted IT environment, but you would like to advance your role to strategic business partner.
  • CIOs are often overlooked as a strategic partner by their peers, and therefore face the challenge of proving they deserve a seat at the table.

Our Advice

Critical Insight

  • To become a strategic business partner, you must think and act as a business person that works in IT, rather than an IT person that works for the business.
  • Career advancement is not a solo effort. Building relationships with your executive business stakeholders will be critical to becoming a respected business partner.

Impact and Result

  • Create a personal development plan and stakeholder management strategy to accelerate your career and become a strategic business partner. For a CIO to be considered a strategic business partner, he or she must be able to:
    • Act as a business person that works in IT, rather than an IT person that works for the business. This involves meeting executive stakeholder expectations, facilitating innovation, and managing stakeholder relationships.
    • Align IT with the customer. This involves providing business stakeholders with information to support stronger decision making, keeping up with disruptive technologies, and constantly adapting to the ever-changing end-customer needs.
    • Manage talent and change. This involves performing strategic workforce planning, and being actively engaged in identifying opportunities to introduce change in your organization, suggesting ways to improve, and then acting on them.

Become a Strategic CIO Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should become a strategic CIO, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Launch

Analyze strategic CIO competencies and assess business stakeholder satisfaction with IT using Info-Tech's CIO Business Vision Diagnostic and CXO-CIO Alignment Program.

  • Become a Strategic CIO – Phase 1: Launch

2. Assess

Evaluate strategic CIO competencies and business stakeholder relationships.

  • Become a Strategic CIO – Phase 2: Assess
  • CIO Strategic Competency Evaluation Tool
  • CIO Stakeholder Power Map Template

3. Plan

Create a personal development plan and stakeholder management strategy.

  • Become a Strategic CIO – Phase 3: Plan
  • CIO Personal Development Plan
  • CIO Stakeholder Management Strategy Template

4. Execute

Develop a scorecard to track personal development initiatives.

  • Become a Strategic CIO – Phase 4: Execute
  • CIO Strategic Competency Scorecard
[infographic]

Workshop: Become a Strategic CIO

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Assess Competencies & Stakeholder Relationships

The Purpose

Gather and review information from business stakeholders.

Assess strategic CIO competencies and business stakeholder relationships.

Key Benefits Achieved

Gathered information to create a personal development plan and stakeholder management strategy.

Analyzed the information from diagnostics and determined the appropriate next steps.

Identified and prioritized strategic CIO competency gaps.

Evaluated the power, impact, and support of key business stakeholders.

Activities

1.1 Conduct CIO Business Vision diagnostic

1.2 Conduct CXO-CIO Alignment program

1.3 Assess CIO competencies

1.4 Assess business stakeholder relationships

Outputs

CIO Business Vision results

CXO-CIO Alignment Program results

CIO competency gaps

Executive Stakeholder Power Map

2 Take Control of Your Personal Development

The Purpose

Create a personal development plan and stakeholder management strategy.

Track your personal development and establish checkpoints to revise initiatives.

Key Benefits Achieved

Identified personal development and stakeholder engagement initiatives to bridge high priority competency gaps.

Identified key performance indicators and benchmarks/targets to track competency development.

Activities

2.1 Create a personal development plan

2.2 Create a stakeholder management strategy

2.3 Establish key performance indicators and benchmarks/targets

Outputs

Personal Development Plan

Stakeholder Management Strategy

Strategic CIO Competency Scorecard

Optimize Software Pricing in a Volatile Competitive Market

  • Buy Link or Shortcode: {j2store}566|cart{/j2store}
  • member rating overall impact: N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Marketing Solutions
  • Parent Category Link: /marketing-solutions

Your challenge:

  • Rising supplier costs and inflation are eroding margins and impacting customers' budgets.
  • There is pressure from management to make a gut-feeling decision because of time, lack of skills, and process limitations.
  • You must navigate competing pricing-related priorities among product, sales, and finance teams.
  • Product price increases fail because discovery lacks understanding of costs, price/value equation, and competitive price points.
  • Customers can react negatively, and results are seen much later (more than 12 months) after the price decision.

Our Advice

Critical Insight

Product leaders will price products based on a deep understanding of the buyer price/value equation and alignment with financial and competitive pricing strategies, and make ongoing adjustments based on an ability to monitor buyer, competitor, and product cost changes.

Impact and Result

  • Success for many SaaS product managers requires a reorganization and modernization of pricing tools, techniques, and assumptions. Leaders will develop the science of tailored price changes versus across-the-board price actions and account for inflation exposure and the customers’ willingness to pay.
  • This will build skills on how to price new products or adjust pricing for existing products. The disciplines using our pricing strategy methodology will strengthen efforts to develop repeatable pricing models and processes and build credibility with senior management.

Optimize Software Pricing in a Volatile Competitive Market Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Optimize Software Pricing in a Volatile Competitive Market Executive Brief - A deck to build your skills on how to price new products or adjust pricing for existing products.

This Executive Brief will build your skills on how to price new products or adjust pricing for existing products.

  • Optimize Software Pricing in a Volatile Competitive Market Executive Brief

2. Optimize Software Pricing in a Volatile Competitive Market Storyboard – A deck that provides key steps to complete the project.

This blueprint will build your skills on how to price new products or adjust pricing for existing products with documented key steps to complete the pricing project and use the Excel workbook and customer presentation.

  • Optimize Software Pricing in a Volatile Competitive Market – Phases 1-3

3. Optimize Software Pricing in a Volatile Competitive Market Workbook – A tool that enables product managers to simplify the organization and collection of customer and competitor information for pricing decisions.

These five organizational workbooks for product pricing priorities, interview tracking, sample questions, and critical competitive information will enable the price team to validate price change data through researching the three pricing schemes (competitor, customer, and cost-based).

  • Optimize Software Pricing in a Volatile Competitive Market Workbook

4. Optimize Software Pricing in a Volatile Competitive Market Presentation Template – A template that serves as a guide to communicating the Optimize Pricing Strategy team's results for a product or product line.

This template includes the business case to justify product repricing, contract modifications, and packaging rebuild or removal for launch. This template calls for the critical summarized results from the Optimize Software Pricing in a Volatile Competitive Market blueprint and the Optimize Software Pricing in a Volatile Competitive Market Workbook to complete.

  • Optimize Software Pricing in a Volatile Competitive Market Presentation Template

Infographic

Further reading

SoftwareReviews — A Division of INFO~TECH RESEARCH GROUP

Optimize Software Pricing in a Volatile Competitive Market

Leading SaaS product managers align pricing strategy to company financial goals and refresh the customer price/value equation to avoid leaving revenues uncaptured.

Table of Contents

Section Title Section Title
1 Executive Brief 2 Key Steps
3 Concluding Slides

Optimize Software Pricing in a Volatile Competitive Market

Leading SaaS product managers align pricing strategy to company financial goals and refresh the customer price/value equation to avoid leaving revenues uncaptured.

EXECUTIVE BRIEF

Analyst Perspective

Optimized Pricing Strategy

Product managers without well-documented and repeatable pricing management processes often experience pressure from “Agile” management to make gut-feel pricing decisions, resulting in poor product revenue results. When combined with a lack of customer, competitor, and internal cost understanding, these process and timing limitations drive most product managers into suboptimal software pricing decisions. And, adding insult to injury, the poor financial results from bad pricing decisions aren’t fully measured for months, which further compounds the negative effects of poor decision making.

A successful product pricing strategy aligns finance, marketing, product management, and sales to optimize pricing using a solid understanding of the customer perception of price/value, competitive pricing, and software production costs.

Success for many SaaS product managers requires a reorganization and modernization of pricing tools, techniques, and data. Leaders will develop the science of tailored price changes versus across-the-board price actions and account for inflation exposure and the customers’ willingness to pay.

This blueprint will build your skills on how to price new products or adjust pricing for existing products. The discipline you build using our pricing strategy methodology will strengthen your team’s ability to develop repeatable pricing and will build credibility with senior management and colleagues in marketing and sales.

Photo of Joanne Morin Correia, Principal Research Director, SoftwareReviews.

Joanne Morin Correia
Principal Research Director
SoftwareReviews

Executive Summary

Organizations struggle to build repeatable pricing processes:
  • A lack of alignment and collaboration among finance, marketing, product development, and sales.
  • A lack of understanding of customers, competitors, and market pricing.
  • Inability to stay ahead of complex and shifting software pricing models.
  • Time is wasted without a deep understanding of pricing issues and opportunities, and revenue opportunities go unrealized.
Obstacles add friction to the pricing management process:
  • Pressure from management to make quick decisions results in a gut-driven approach to pricing.
  • A lack of pricing skills and management processes limits sound decision making.
  • Price changes fail because discovery often lacks competitive intelligence and buyer value to price point understanding. Customers’ reactions are often observed much later, after the decision is made.
  • Economic disruptions, supplier price hikes, and higher employee salaries/benefits are driving costs higher.
Use SoftwareReviews’ approach for more successful pricing:
  • Organize for a more effective pricing project including roles & responsibilities as well as an aligned pricing approach.
  • Work with CFO/finance partner to establish target price based on margins and key factors affecting costs.
  • Perform a competitive price assessment and understand the buyer price/value equation.
  • Arrive at a target price based on the above and seek buy-in and approvals.

SoftwareReviews Insight

Product leaders will price products based on a deep understanding of the buyer price/value equation and alignment with financial and competitive pricing strategies, and they will make ongoing adjustments based on an ability to monitor buyers, competitors, and product cost changes.

What is an optimized price strategy?

“Customer discovery interviews help reduce the chance of failure by testing your hypotheses. Quality customer interviews go beyond answering product development and pricing questions.” (Pricing Strategies, Growth Ramp, March 2022)

Most product managers just research their direct competitors when launching a new SaaS product. While this is essential, competitive pricing intel is insufficient to create a long-term optimized pricing strategy. Leaders will also understand buyer TCO.

Your customers are constantly comparing prices and weighing the total cost of ownership as they consider your competition. Why?

Implementing a SaaS solution creates a significant time burden as buyers spend days learning new software, making sure tools communicate with each other, configuring settings, contacting support, etc. It is not just the cost of the product or service.

Optimized Price Strategy Is…
  • An integral part of any product plan and business strategy.
  • Essential to improving and maintaining high levels of margins and customer satisfaction.
  • Focused on delivering the product price to your customer’s business value.
  • Understanding customer price-value for your software segment.
  • Monitoring your product pricing with real-time data to ensure support for competitive strategy.
Price Strategy Is Not…
  • Increasing or decreasing price on a gut feeling.
  • Changing price for short-term gain.
  • Being wary of asking customers pricing-related questions.
  • Haphazardly focusing entirely on profit.
  • Just covering product costs.
  • Only researching direct competitors.
  • Focusing on yourself or company satisfaction but your target customers.
  • Picking the first strategy you see.

SoftwareReviews Insight

An optimized pricing strategy establishes the “best” price for a product or service that maximizes profits and shareholder value while considering customer business value vs. the cost to purchase and implement – the total cost of ownership (TCO).

Challenging environment

Product managers are currently experiencing the following:
  • Supplier costs and inflation are rising, eroding product margins and impacting customers’ budgets.
  • Pressure from management to make a gut-feeling decision because of time, lack of skills, and process limitations.
  • Navigating competing pricing-related priorities among product, sales, and finance.
  • Product price increases that fail because discovery lacks understanding of costs, price/value equation, and competitive price points.
  • Slowing customer demand due to poorly priced offerings may not be fully measured for many months following the price decision.
Doing nothing is NOT an option!
Offense Double Down

Benefit: Leverage long-term financial and market assets

Risk: Market may not value those assets in the future
Fight Back

Benefit: Move quickly

Risk: Hard to execute and easy to get pricing wrong
Defense Retrench

Benefit: Reduce threats from new entrants through scale and marketing

Risk: Causes managed decline and is hard to sell to leadership
Move Away

Benefit: Seize opportunities for new revenue sources

Risk: Diversification is challenging to pull off
Existing Markets and Customers New Markets and Customers

Pricing skills are declining

Among product managers, limited pricing skills are big obstacles that make pricing difficult and under-optimized.

Visual of a bar chart with descending values, each bar has written on it: 'Limited - Limits in understanding of engineering, marketing, and sales expectations or few processes for pricing and/or cost', 'Inexperienced - Inexperience in pricing project skills and corporate training', 'Lagging - Financial lag indicators (marketing ROI, revenue, profitability, COGs)', 'Lacking - Lack of relevant competitive pricing/packaging information', 'Shifting - Shift to cloud subscription-based revenue models is challenging'.

The top three weakest product management skills have remained constant over the past five years:
  • Competitive analysis
  • Pricing
  • End of life
Pricing is the weakest skill and has been declining the most among surveyed product professionals every year. (Adapted from 280 Group, 2022)

Key considerations for more effective pricing decisions

Pricing teams can improve software product profitability by:
  • Optimizing software profit with four critical elements: properly pricing your product, giving complete and accurate quotations, choosing the terms of the sale, and selecting the payment method.
  • Implementing tailored price changes (versus across-the-board price actions) to help account for inflation exposure, customer willingness to pay, and product attribute changes.
  • Accelerating ongoing pricing decision-making with a dedicated cross-functional team ready to act quickly.
  • Resetting discounting and promotion, and revisiting service-level agreements.
Software pricing leaders will regularly assess:

Has it been over a year since prices were updated?

Have customers told you to raise your prices?

Do you have the right mix of customers in each pricing plan?

Do 40% of your customers say they would be very disappointed if your product disappeared? (Adapted from Growth Ramp, 2021)

Case Study

Middleware Vendor

INDUSTRY
Technology Middleware
SOURCE
SoftwareReviews Custom Pricing Strategy Project
A large middleware vendor, who is running on Microsoft Azure, known for quality development and website tools, needed to react strategically to the March 2022 Microsoft price increase.

Key Initiative: Optimize New Pricing Strategy

The program’s core objective was to determine if the vendor should implement a price increase and how the product should be packaged within the new pricing model.

For this initiative, the company interviewed buyers using three key questions: What are the core capabilities to focus on building/selling? What are the optimal features and capabilities valued by customers that should be sold together? And should they be charging more for their products?

Results
This middleware vendor saw buyer support for a 10% price increase to their product line and restructuring of vertical contract terms. This enabled them to retain customers over multi-year subscription contracts, and the price increase enabled them to protect margins after the Microsoft price increase.

The Optimize New Pricing Strategy included the following components:

Components: 'Product Feature Importance & Satisfaction', 'Correlation of Features and Value Drivers', 'Fair Cost to Value Average for Category', 'Average Discounting for Category', 'Customer Value Is an Acceptable Multiple of Price'. First four: 'Component fails into the scope of optimizing price strategy to value'; last one: 'They are optimizing their price strategy decisions'.

New product price approach

As a collaborative team across product management, marketing, and finance, we see leaders taking a simple yet well-researched approach when setting product pricing.

Iterating to a final price point is best done with research into how product pricing:

  • Delivers target margins.
  • Is positioned vs. key competitors.
  • Delivers customer value at a fair price/value ratio.
To arrive at our new product price, we suggest iterating among 3 different views:

New Target Price:

  • Buyer Price vs. Value
  • Cost - Plus
  • Vs. Key Competitors
We analyzed:
  • Customer price/value equation interviews
  • Impacts of Supplier cost increases
  • Competitive pricing research
  • How product pricing delivers target margins

Who should care about optimized pricing?

Product managers and marketers who:

  • Support the mandate for optimizing pricing and revenue generation.
  • Need a more scientific way to plan and implement new pricing processes and methods to optimize revenues and profits.
  • Want a way to better apply customer and competitive insights to product pricing.
  • Are evaluating current pricing and cost control to support a refreshed pricing strategy.

Finance, sales, and marketing professionals who are pricing stakeholders in:

  • Finding alternatives to current pricing and packaging approaches.
  • Looking for ways to optimize price within the shifting market momentum.

How will they benefit from this research?

  • Refine the ability to effectively target pricing to specific market demands and customer segments.
  • Strengthen product team’s reputation for reliable and repeatable price-management capabilities among senior leadership.
  • Recognize and plan for new revenue opportunities or cost increases.
  • Allow for faster, more accurate intake of customer and competitive data. 
  • Improve pricing skills for professional development and business outcomes.
  • Create new product price, packaging, or market opportunities. 
  • Reduce financial costs and mistakes associated with manual efforts and uneducated guessing.
  • Price software products that better achieve financial goals optimizing revenue, margins, or market share.
  • Enhance the product development and sales processes with real competitive and customer expectations.

Is Your Pricing Strategy Optimized?

With the right pricing strategy, you can invest more money into your product, service, or growth. A 1% price increase will improv revenues by:

Three bars: 'Customer acquisition, 3.32%', 'Customer retention, 6.71%', 'Price monetization, 12.7%'.

Price monetization will almost double the revenue increases over customer acquisition and retention. (Pricing Strategies, Growth Ramp, March 2022)

DIAGNOSE PRICE CHALLENGES

Prices of today's cloud-based services/products are often misaligned against competition and customers' perceived value, leaving more revenues on the table.
  • Do you struggle to price new products with confidence?
  • Do you really know your SaaS product's costs?
  • Have you lost pricing power to stronger competitors?
  • Has cost focus eclipsed customer value focus?
If so, you are likely skipping steps and missing key outputs in your pricing strategy.

OPTIMIZE THESE STEPS

ALIGNMENT
  1. Assign Team Responsibilities
  2. Set Timing for Project Deliverables
  3. Clarify Financial Expectations
  4. Collect Customer Contacts
  5. Determine Competitors
  6. BEFORE RESEARCH, HAVE YOU
    Documented your executive's financial expectations? If "No," return.

RESEARCH & VALIDATE
  1. Research Competitors
  2. Interview Customers
  3. Test Pricing vs. Financials
  4. Create Pricing Presentation
  5. BEFORE PRESENTING, HAVE YOU:
    Clarified your customer and competitive positioning to validate pricing? If "No," return.

BUY-IN
  1. Executive Pricing Presentation
  2. Post-Mortem of Presentation
  3. Document New Processes
  4. Monitor the Pricing Changes
  5. BEFORE RESEARCH, HAVE YOU:
    Documented your executive's financial expectations? If "No," return.

DELIVER KEY OUTPUTS

Sponsoring executive(s) signs-offs require a well-articulated pricing plan and business case for investment that includes:
  • Competitive features and pricing financial templates
  • Customer validation of price value
  • Optimized price presentation
  • Repeatable pricing processes to monitor changes

REAP THE REWARDS

  • Product pricing is better aligned to achieve financial goals
  • Improved pricing skills or professional development
  • Stronger team reputation for reliable price management

Key Insights

  1. Gain a competitive edge by using market and customer information to optimize product financials, refine pricing, and speed up decisions.
  2. Product leaders will best set software product price based on a deep understanding of buyer/price value equation, alignment with financial strategy, and an ongoing ability to monitor buyer, competitor, and product costs.

SoftwareReviews’ methodology for optimizing your pricing strategy

Steps

1.1 Establish the Team and Responsibilities
1.2 Educate/Align Team on Pricing Strategy
1.2 Document Portfolio & Target Product(s) for Pricing Updates
1.3 Clarify Product Target Margins
1.4 Establish Customer Price/Value
1.5 Identify Competitive Pricing
1.6 Establish New Price and Gain Buy-In

Outcomes

  1. Well-organized project
  2. Clarified product pricing strategy
  3. Customer value vs. price equation
  4. Competitive price points
  5. Approvals

Insight summary

Modernize your price planning

Product leaders will price products based on a deep understanding of the buyer price/value equation and alignment with financial and competitive pricing strategies, and make ongoing adjustments based on an ability to monitor buyer, competitor, and product cost changes.

Ground pricing against financials

Meet and align with financial stakeholders.
  • Give finance a heads-up that you want to work with them.
  • Find out the CFO’s expectations for pricing and margins.
  • Ask for a dedicated finance team member.

Align on pricing strategy

Lead stakeholders in SaaS product pricing decisions to optimize pricing based on four drivers:
  • Customer’s price/value
  • Competitive strategy
  • Reflective of costs
  • Alignment with financial goals

Decrease time for approval

Drive price decisions, with the support of the CFO, to the business value of the suggested change:
  • Reference current product pricing guidelines
  • Compare to the competition and our strategy and weigh results against our customer’s price/value
  • Compare against the equation to business value for the suggested change
Develop the skill of pricing products

Increase product revenues and margins by enhancing modern processes and data monetization. Shift from intuitive to information-based pricing decisions.

Look at other options for revenue

Adjust product design, features, packaging, and contract terms while maintaining the functionality customers find valuable to their business.

Blueprint deliverables

Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:
Key deliverable:

New Pricing Strategy Presentation Template

Capture key findings for your price strategy with the Optimize Your Pricing in a Volatile Competitive Market Strategy Presentation Template

Sample of the 'Acme Corp New Product Pricing' blueprint.

Optimize Software Pricing in a Volatile Competitive Market Executive Brief

This executive brief will build your knowledge on how to price new products or adjust pricing for existing products.

Sample of the 'Optimize Software Pricing in a Volatile Competitive Market' blueprint.

Optimize Software Pricing in a Volatile Competitive Market Workbook

This workbook will help you prioritize which products require repricing, hold customer interviews, and capture competitive insights.

Sample of the 'Optimize Software Pricing in a Volatile Competitive Market' workbook.

Guided Implementation

A Guided Implementation (GI) is a series of calls with a SoftwareReviews analyst to help implement our best practices in your organization.

A typical GI is 4 to 8 calls over the course of 2 to 4 months.

What does a typical GI on optimizing software pricing look like?

Alignment

Research & Reprice

Buy-in

Call #1: Share the pricing team vision and outline activities for the pricing strategy process. Plan next call – 1 week.

Call #2: Outline products that require a new pricing approach and steps with finance. Plan next call – 1 week.

Call #3: Discuss the customer interview process. Plan next call – 1 week.

Call #4 Outline competitive analysis. Plan next call – 1 week.

Call #5: Review customer and competitive results for initial new pricing business case with finance for alignment. Plan next call – 3 weeks.

Call #6: Review the initial business case against financial plans across marketing, sales, and product development. Plan next call – 1 week.

Call #7 Review the draft executive pricing presentation. Plan next call – 1 week.

Call #8: Discuss gaps in executive presentation. Plan next call – 3 days.

SoftwareReviews Offers Various Levels of Support to Meet Your Needs

Included in Advisory Membership Optional add-ons

DIY Toolkit

Guided Implementation

Workshop

Consulting

"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

Desire a Guided Implementation?

  • A GI is where your SoftwareReviews engagement manager and executive advisor/counselor will work with SoftwareReviews research team members to craft with you a Custom Key Initiative Plan (CKIP).
  • A CKIP guides your team through each of the major steps, outlines responsibilities between members of your team and SoftwareReviews, describes expected outcomes, and captures actual value delivered.
  • A CKIP also provides you and your team with analyst/advisor/counselor feedback on project outputs, helps you communicate key principles and concepts to your team, and helps you stay on project timelines.
  • If Guided Implementation assistance is desired, contact your engagement manager.

Workshop overview

Contact your account representative for more information.
workshops@infotech.com1-888-670-8889
Day 1 Day 2 Day 3 Day 4 Day 5
Align Team, Identify Customers, and Document Current Knowledge
Validate Initial Insights and Identify Competitors and Market View
Schedule and Hold Buyer Interviews
Summarize Findings and Provide Actionable Guidance to Stakeholders
Present, Go Forward, and Measure Impact and Results
Activities

1.1 Identify Team Members, roles, and responsibilities

1.2 Establish timelines and project workflow

1.3 Gather current product and future financial margin expectations

1.4 Review the Optimize Software Executive Brief and Workbook Templates

1.4 Build prioritized pricing candidates hypothesis

2.1 Identify customer interviewee types by segment, region, etc.

2.2 Hear from industry analysts their perspectives on the competitors, buyer expectations, and price trends

2.3 Research competitors for pricing, contract type, and product attributes

3.2 Review pricing and attributes survey and interview questionnaires

3.2 Hold interviews and use interview guides (over four weeks)

A gap of up to 4 weeks for scheduling of interviews.

3.3 Hold review session after initial 3-4 interviews to make adjustments

4.1 Review all draft price findings against the market view

4.2 Review Draft Executive Presentation

5.1 Review finalized pricing strategy plan with analyst for market view

5.2 Review for comments on the final implementation plan

Deliverables
  1. Documented steering committee and working team
  2. Current and initial new pricing targets for strategy
  3. Documented team knowledge
  1. Understanding of market and potential target interviewee types
  2. Objective competitive research
  1. Initial review – “Are we going in the right direction with surveys?”
  2. Validate or adjust the pricing surveys to what you hear in the market
  1. Complete findings and compare to the market
  2. Review and finish drafting the Optimize Software Pricing Strategy presentation
  1. Final impute on strategy
  2. Review of suggested next steps and implementation plan

Our process

Align team, perform research, and gain executive buy-in on updated price points

  1. Establish the team and responsibilities
  2. Educate/align team on pricing strategy
  3. Document portfolio & target product(s) for pricing updates
  4. Clarify product target margins
  5. Establish customer price/value
  6. Identify competitive pricing
  7. Establish new price and gain buy-in

Optimize Software Pricing in a Volatile Competitive Market

Our process will help you deliver the following outcomes:

  • Well-organized project
  • Clarified product pricing strategy
  • Customer value vs. price equation
  • Competitive price points
  • Approvals

This project involves the following participants:

  • Product management
  • Program leadership
  • Product marketing
  • CFO or finance representative/partner
  • Others
  • Representative(s) from Sales

1.0 Assign team responsibilities

Input: Steering committee roles and responsibilities, Steering committee interest and role

Output: List of new pricing strategy steering committee and workstream members, roles, and timelines, Updated Software Pricing Strategy presentation

Materials: Optimize Software Pricing in a Volatile Competitive Market Presentation Template

Participants: CFO, sponsoring executive, Functional leads – development, product marketing, product management, marketing, sales, customer success/support

1-2 hours
  1. The product manager/member running this pricing/repricing program should review the entire Optimize Software Pricing in a Volatile Competitive Market blueprint and each blueprint attachment.
  2. The product manager should also refer to slide 19 of the Optimize Software Pricing in a Volatile Competitive Market blueprint and decide if help via a Guided Implementation (GI) is of value. If desired, alert your SoftwareReviews engagement manager.
1-2 hours
  1. The product manager should meet with the chief product officer/CPO and functional leaders, and set the meeting agenda to:
    1. Nominate steering committee members.
    2. Nominate work-stream leads.
    3. Establish key pricing project milestones.
    4. Schedule both the steering committee (suggest monthly) and workstream lead meetings (suggest weekly) through the duration of the project.
    5. Ask the CPO to craft, outside this meeting, his/her version of the "Message from the chief product officer.”
    6. If a Guided Implementation is selected, inform the meeting attendees that a SoftwareReviews analyst will join the next meeting to share his/her Executive Brief on Pricing Strategy.
  2. Record all above findings in the Optimize Software Pricing in a Volatile Competitive Market Presentation Template.

Download the Optimize Software Pricing in a Volatile Competitive Market Presentation Template

SoftwareReviews Advisory Insight:

Pricing steering committees are needed to steer overall product, pricing, and packaging decisions. Some companies include the CEO and CFO on this committee and designate it as a permanent body that meets monthly to give go/no-go decisions to “all things product and pricing related” across all products and business units.

2.0 Educate the team

1 hour

Input: Typically, a joint recognition that pricing strategies need upgrading and have not been fully documented, Steering committee and working team members

Output: Communication of team members involved and the makeup of the steering committee and working team, Alignment of team members on a shared vision of “why a new price strategy is critical” and what key attributes define both the need and impact on business

Materials: Optimize Your Software Strategy Executive Brief PowerPoint presentation

Participants: Initiative manager – individual leading the new pricing strategy, CFO/sponsoring executive, Working team – typically representatives in product marketing, product management, and sales, SoftwareReviews marketing analyst (optional)

  1. Walk the team through the Optimize Software Pricing in a Volatile Competitive Market Executive Brief PowerPoint presentation.
  2. Optional – Have the SoftwareReviews Advisory (SRA) analyst walk the team through the Optimize Software Pricing in a Volatile Competitive Market Executive Brief PowerPoint presentation as part of your session. Contact your engagement manager to schedule.
  3. Walk the team through the current version of the Optimize Software Pricing in a Volatile Competitive Market Presentation Template outlining project goals, steering committee and workstream make-up and responsibilities, project timeline and key milestones, and approach to arriving at new product pricing.
  4. Set expectations among team members of their specific roles and responsibilities for this project, review the frequency of steering committee and workstream meetings to set expectations of key milestones and deliverable due dates.

Download the Optimize Software Pricing in a Volatile Competitive Market Executive Brief

3.0 Document portfolio and target products for pricing update

1-3 Hours

Input: List of entire product portfolio

Output: Prioritized list of product candidates that should be repriced

Materials: Optimize Software Pricing in a Volatile Competitive Market Executive Brief presentation, Optimize Software Pricing in a Volatile Competitive Market Workbook

Participants: Initiative manager – individual leading the new pricing strategy, CFO/sponsoring executive, Working team – typically representatives in product marketing, product management, and sales

  1. Walk the team through the current version of Optimize Software Pricing in a Volatile Competitive Market workbook, tab 2: “Product Portfolio Organizer.” Modify sample attributes to match your product line where necessary.
  2. As a group, record the product attributes for your entire portfolio.
  3. Prioritize the product price optimization candidates for repricing with the understanding that it might change after meeting with finance.

Download the Optimize Software Pricing in a Volatile Competitive Market Workbook

4.0 Clarify product target margins

2-3 sessions of 1 Hour each

Input: Finance partner/CFO knowledge of target product current and future margins, Finance partner/CFO who has information on underlying costs with details that illustrate supplier contributions

Output: Product finance markup target percentage margins and revenues

Materials: Finance data on the product family, Optimize Software Pricing in a Volatile Competitive Market Workbook, Optimize Software Pricing in a Volatile Competitive Market Presentation Template

Participants: Initiative manager, Finance partner/CFO

  1. Schedule a meeting with your finance partner/CFO to validate expectations for product margins. The goal is to understand the detail of underlying costs/margins and if the impacts of supplier costs affect the product family. The information will be placed into the Optimize Software Pricing in a Volatile Competitive Market Workbook on tab 2, Product Portfolio Organizer under the “Unit Margins” heading.
  2. Arrive at a final “Cost-Plus New Price” based on underlying costs and target margins for each of the products. Record results in the Optimize Software Pricing in a Volatile Competitive Market Workbook, tab 2, under the “Cost-Plus New Price” heading.
  3. Record product target finance markup price under “Cost-Plus” in Optimize Software Pricing in a Volatile Competitive Market Presentation Template, slide 9, and details in Appendix, “Cost-Plus Analysis,” slide 11.
  4. Repeat this process for any other products to be repriced.

Download the Optimize Software Pricing in a Volatile Competitive Market Workbook

Download the Optimize Software Pricing in a Volatile Competitive Market Presentation Template

5.0 Establish customer price to value

1-4 weeks

Input: Identify segments within which you require price-to-value information, Understand your persona insight gaps, Review Sample Interview Guide using the Optimize Software Pricing in a Volatile, Competitive Market Workbook, Tab 4. Interview Guide.

Output: List of interviewees, Updated Interview Guide

Materials: Optimize Software Pricing in a Volatile Competitive Market Workbook, Optimize Software Pricing in a Volatile Competitive Market Presentation Template

Participants: Initiative manager, Customer success to help identify interviewees, Customers, prospects

  1. Identify a list of customers and prospects that best represent your target persona when interviewed. Choose interviewees who will inform key differences among key segments (geographies, company size, a mix of customers and prospects, etc.) and who are decision makers and can best inform insights on price/value and competitors.
  2. Recruit interviewees and schedule 30-minute interviews.
  3. Keep track of interviewees using the Optimize Software Pricing in a Volatile Competitive Market Workbook, tab 3: “Interviewee Tracking.”
  4. Review the Optimize Software Pricing in a Volatile Competitive Market Workbook, tab 4: “Interview Guide,” and modify/update it where appropriate.
  5. Record interviewee perspectives on the “price they are willing to pay for the value received” (price/value equation) using the Optimize Software Pricing in a Volatile Competitive Market Workbook, tab 4: “Interview Guide.”
  6. Summarize findings to result in an average “customer’s value price.” Record product target ”customer’s value price” in Optimize Software Pricing in a Volatile Competitive Market Presentation Template, slide 9 and supporting details in Appendix, “Customer Pricing Analysis,” slide 12.

Download the Optimize Software Pricing in a Volatile Competitive Market Workbook

Download the Optimize Software Pricing in a Volatile Competitive Market Presentation Template

6.0 Identify competitive pricing

1-2 weeks

Input: Identify price candidate competitors, Your product pricing, contract type, and product attribute information to compare against, Knowledge of existing competitor information, websites, and technology research sites to guide questions

Output: Competitive product average pricing

Materials: Optimize Software Pricing in a Volatile Competitive Market Workbook, Optimize Software Pricing in a Volatile Competitive Market Presentation Template

Participants: Initiative manager, Customers, prospects

  1. Identify the top 3-5 competitors’ products that you most frequently compete against with your selected product.
  2. Perform competitive intelligence research on deals won or lost that contain competitive pricing insights by speaking with your sales force.
  3. Use the interviews with key customers to also inform competitive pricing insights. Include companies which you may have lost to a competitor in your customer interviewee list.
  4. Modify and add key competitive pricing, contract, or product attributes in the Optimize Software Pricing in a Volatile Competitive Market Workbook, tab 5: “Competitive Information.”
  5. Place your product’s information into the Optimize Software Pricing in a Volatile Competitive Market Workbook, tab 5: “Competitive Information.”
  6. Research your competitors’ summarized pricing and product attribute insights into the workbook.
  7. Record research in the Summarize research on competitors to arrive at an average “Competitors Avg. Price”. Record in ”Customer’s Value Price” in Optimize Software Pricing in a Volatile Competitive Market Presentation Template, slide 9, and details in Appendix, “Competitor Pricing Analysis,” slide 13.

Download the Optimize Software Pricing in a Volatile Competitive Market Workbook

Download the Optimize Software Pricing in a Volatile Competitive Market Presentation Template

7.0 Establish new price and gain buy-in

2-3 hours

Input: Findings from competitive, cost-plus, and customer price/value analysis

Output: Approvals for price change

Materials: Optimize Software Pricing in a Volatile Competitive Market Presentation Template

Participants: Initiative manager, Steering committee, Working team – typically representatives in product marketing, product management, sales

  1. Using prior recorded findings of Customer’s Value Price, Competitors’ Avg. Price, and Finance Markup Price, arrive at a recommended “New Price” and record in Optimize Software Pricing in a Volatile Competitive Market Presentation Template, slide 9 and the Appendix for Project Analysis Details.
  2. Present findings to steering committee. Be prepared to show customer interviews and competitive analysis results to support your recommendation.
  3. Plan internal and external communications and discuss the timing of when to “go live” with new pricing. Discuss issues related to migration to a new price, how to handle currently low-priced customers, and how to migrate them over time to the new pricing.
  4. Identify if it makes sense to target a date to launch the new pricing in the future, so customers can be alerted in advance and therefore take advantage of “current pricing” to drive added revenues.
  5. Confer with IT to assess times required to implement within CPQ systems and with product marketing for time to change sales proposals, slide decks, and any other affected assets and systems.

Download the Optimize Software Pricing in a Volatile Competitive Market Presentation Template

Summary of Accomplishment

Problem Solved

With the help of this blueprint, you have deepened your and your company’s understanding of how to look at new pricing opportunities and what the market and the buyer will pay for your product. You are among the minority of product and marketing leaders that have thoroughly documented their new pricing strategy and processes – congratulations!

The benefits of having led your team through the process are significant and include the following:

  • Allow for faster, more accurate intake of customer and competitive data 
  • Refine the ability to effectively target pricing to specific market demands and customer segments 
  • Understand the association between the value proposition of products and services
  • Reduce financial costs and mistakes associated with manual efforts & uneducated guessing
  • Recognize and plan for new revenue opportunities or cost increases
  • Create new market or product packaging opportunities
And finally, by bringing your team along with you in this process, you have also led your team to become more customer-focused while pricing your products – a strategic shift that all organizations should pursue.

If you would like additional support, contact us and we’ll make sure you get the professional expertise you need.

Contact your account representative for more information.

info@softwarereviews.com
1-888-670-8889

Bibliography

“Chapter 4 Reasons for Project Failure.” Kissflow's Guide to Project Management. Kissflow, n.d. Web.

Edie, Naomi. “Microsoft Is Raising SaaS Prices, and Other Vendors Will, Too.” CIO Dive, 8 December 2021. Web.

Gruman, Galen, Alan S. Morrison, and Terril A. Retter. “Software Pricing Trends.” PricewaterhouseCoopers, 2018. Web.

Hargrave, Marshall. “Example of Economic Exposure.” Investopedia, 12 April 2022. Web.

Heaslip, Emily. “7 Smart Pricing Strategies to Attract Customers.” CO—, 17 November 2021. Web.

Higgins, Sean. “How to Price a Product That Your Sales Team Can Sell.” HubSpot, 4 April 2022. Web.

“Pricing Strategies.” Growth Ramp, March 2022. Web.

“Product Management Skills Benchmark Report 2021.” 280 Group, 9 November 2021. Web.

Quey, Jason. “Price Increase: How to Do a SaaS Pricing Change in 8 Steps.” Growth Ramp, 22 March 2021. Web.

Steenburg, Thomas, and Jill Avery. “Marketing Analysis Toolkit: Pricing and Profitability Analysis.” Harvard Business School, 16 July 2010. Web.

“2021 State of Competitive Intelligence.” Crayon and SCIO, n.d. Web.

Valchev, Konstantin. “Cost of Goods Sold (COGS) for Software-as-a-Service (SaaS) Business.” OpenView Venture Partners, OV Blog, 20 April 2020. Web.

“What Is Price Elasticity?” Market Business News, n.d. Web.

Build Your Security Operations Program From the Ground Up

  • Buy Link or Shortcode: {j2store}263|cart{/j2store}
  • member rating overall impact: 9.7/10 Overall Impact
  • member rating average dollars saved: $56,299 Average $ Saved
  • member rating average days saved: 43 Average Days Saved
  • Parent Category Name: Security Processes & Operations
  • Parent Category Link: /security-processes-and-operations
  • Analysts cannot monitor and track events coming from multiple tools because they have no visibility into the threat environment.
  • Incident management takes away time from problem management because processes are ad hoc and the continuous monitoring, collection, and analysis of massive volumes of security event data is responsive rather than tactical.
  • Organizations are struggling to defend against and prevent threats while juggling business, compliance, and consumer obligations.

Our Advice

Critical Insight

  • Security operations is no longer a center but a process. The need for a physical security hub has evolved into the virtual fusion of prevention, detection, analysis, and response efforts. When all four functions operate as a unified process, your organization will be able to proactively combat changes in the threat landscape.
  • Raw data without correlation is a waste of time, money, and effort. A SIEM on its own will not provide this contextualization and needs configuration. Prevention, detection, analysis, and response processes must contextualize threat data and supplement one another – true value will only be realized once all four functions operate as a unified process.
  • If you are not communicating, then you are not secure. Collaboration eliminates siloed decisions by connecting people, processes, and technologies. You leave less room for error, consume fewer resources, and improve operational efficiency with a transparent security operations process.

Impact and Result

  • A centralized security operations process actively transforms security events and threat information into actionable intelligence, driving security prevention, detection, analysis, and response processes that address the increasing sophistication of cyberthreats while guiding continuous improvement.
  • This blueprint will walk through the steps of developing a flexible and systematic security operations program relevant to your organization.

Build Your Security Operations Program From the Ground Up Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should build a security operations program, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Establish your foundation

Determine how to establish the foundation of your security operations.

  • Build Your Security Operations Program From the Ground Up – Phase 1: Establish Your Foundation
  • Information Security Pressure Analysis Tool

2. Assess your current state

Assess the maturity of your prevention, detection, analysis, and response processes.

  • Build Your Security Operations Program From the Ground Up – Phase 2: Assess Your Current State
  • Security Operations Roadmap Tool

3. Design your target state

Design a target state and improve your governance and policy solutions.

  • Build Your Security Operations Program From the Ground Up – Phase 3: Design Your Target State
  • Security Operations Policy

4. Develop an implementation roadmap

Make your case to the board and develop a roadmap for your prioritized security initiatives.

  • Build Your Security Operations Program From the Ground Up – Phase 4: Develop an Implementation Roadmap
  • In-House vs. Outsourcing Decision-Making Tool
  • Security Operations MSSP RFP Template
  • Security Operations Project Charter Template
  • Security Operations RACI Tool
  • Security Operations Metrics Summary Document
[infographic]

Workshop: Build Your Security Operations Program From the Ground Up

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Establish Your Foundation

The Purpose

Identify security obligations and the security operations program’s pressure posture.

Assess current people, process, and technology capabilities.

Determine foundational controls and complete system and asset inventory.

Key Benefits Achieved

Identified the foundational elements needed for planning before a security operations program can be built

Activities

1.1 Define your security obligations and assess your security pressure posture.

1.2 Determine current knowledge and skill gaps.

1.3 Shine a spotlight on services worth monitoring.

1.4 Assess and document your information system environment.

Outputs

Customized security pressure posture

Current knowledge and skills gaps

Log register of essential services

Asset management inventory

2 Assess Current Security Operations Processes

The Purpose

Identify the maturity level of existing security operations program processes.

Key Benefits Achieved

Current maturity assessment of security operations processes

Activities

2.1 Assess the current maturity level of the existing security operations program processes.

Outputs

Current maturity assessment

3 Design a Target State

The Purpose

Design your optimized target state.

Improve your security operations processes with governance and policy solutions.

Identify and prioritize gap initiatives.

Key Benefits Achieved

A comprehensive list of initiatives to reach ideal target state

Optimized security operations with repeatable and standardized policies

Activities

3.1 Complete standardized policy templates.

3.2 Map out your ideal target state.

3.3 Identify gap initiatives.

Outputs

Security operations policies

Gap analysis between current and target states

List of prioritized initiatives

4 Develop an Implementation Roadmap

The Purpose

Formalize project strategy with a project charter.

Determine your sourcing strategy for in-house or outsourced security operations processes.

Assign responsibilities and complete an implementation roadmap.

Key Benefits Achieved

An overarching and documented strategy and vision for your security operations

A thorough rationale for in-house or outsourced security operations processes

Assigned and documented responsibilities for key projects

Activities

4.1 Complete a security operations project charter.

4.2 Determine in-house vs. outsourcing rationale.

4.3 Identify dependencies of your initiatives and prioritize initiatives in phases of implementation.

4.4 Complete a security operations roadmap.

Outputs

Security operations project charter

In-house vs. outsourcing rationale

Initiatives organized according to phases of development

Planned and achievable security operations roadmap

Maximize Value From Your Value-Added Reseller (VAR)

  • Buy Link or Shortcode: {j2store}215|cart{/j2store}
  • member rating overall impact: 10.0/10 Overall Impact
  • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
  • member rating average days saved: Read what our members are saying
  • Parent Category Name: Vendor Management
  • Parent Category Link: /vendor-management

Organizations need to understand their value-added reseller (VAR) portfolio and the greater VAR landscape to better:

  • Manage the VAR portfolio.
  • Understand additional value each VAR can provide.
  • Maximize existing VAR commitments.
  • Evaluate the VARs’ performance.

Our Advice

Critical Insight

VARs typically charge more for products because they are in some way adding value. If you’re not leveraging any of the provided value, you’re likely wasting money and should use a basic commodity-type reseller for procurement.

Impact and Result

This project will provide several benefits to Vendor Management and Procurement:

  • Defined VAR value and performance tracking.
  • Manageable portfolio of VARs that fully benefit the organization.
  • Added training, licensing advice, faster quoting, and invoicing resolution.
  • Reduced deployment and logistics costs.

Maximize Value From Your Value-Added Reseller (VAR) Research & Tools

Start here – read the Executive Brief

Read our informative Executive Brief to find out why you should maximize value from your value-added reseller, review Info-Tech’s methodology, and understand the three ways to better manage your VARs improve performance and reduce costs.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Organize and prioritize

Organize all your VARs and create a manageable portfolio detailing their value, specific, product, services, and certifications.

  • Maximize Value From Your Value-Added Reseller – Phase 1: Organize and Prioritize
  • VAR Listing and Prioritization Tool

2. “EvaluRate” your VARs

Create an in-depth evaluation of the VARs’ capabilities.

  • Maximize Value From Your Value-Added Reseller – Phase 2: EvaluRate Your VARs
  • VAR Features Checklist Tool
  • VAR Profile and EvaluRation Tool

3. Consolidate and reduce

Assess each VAR for low performance and opportunity to increase value or consolidate to another VAR and reduce redundancy.

  • Maximize Value From Your Value-Added Reseller – Phase 3: Consolidate and Reduce

4. Maximize their value

Micro-manage your primary VARs to ensure performance to commitments and maximize their value.

  • Maximize Value From Your Value-Added Reseller – Phase 4: Maximize Their Value
  • VAR Information and Scorecard Workbook
[infographic]

Build a Security Compliance Program

  • Buy Link or Shortcode: {j2store}257|cart{/j2store}
  • member rating overall impact: 9.6/10 Overall Impact
  • member rating average dollars saved: $23,879 Average $ Saved
  • member rating average days saved: 15 Average Days Saved
  • Parent Category Name: Governance, Risk & Compliance
  • Parent Category Link: /governance-risk-compliance
  • Most organizations spend between 25 and 40 percent of their security budget on compliance-related activities.
  • Despite this growing investment in compliance, only 28% of organizations believe that government regulations help them improve cybersecurity.
  • The cost of complying with cybersecurity and data protection requirements has risen to the point where 58% of companies see compliance costs as barriers to entering new markets.
  • However, recent reports suggest that while the costs of complying are higher, the costs of non-compliance are almost three times greater.

Our Advice

Critical Insight

  • Test once, attest many. Having a control framework allows you to satisfy multiple compliance requirements by testing a single control.
  • Choose your own conformance adventure. Conformance levels allow your organization to make informed business decisions on how compliance resources will be allocated.
  • Put the horse before the cart. Take charge of your audit costs by preparing test scripts and evidence repositories in advance.

Impact and Result

  • Reduce complexity within the control environment by using a single framework to align multiple compliance regimes.
  • Provide senior management with a structured framework for making business decisions on allocating costs and efforts related to cybersecurity and data protection compliance obligations.
  • Reduces costs and efforts related to managing IT audits through planning and preparation.
  • This blueprint can help you comply with NIST, ISO, CMMC, SOC2, PCI, CIS, and other cybersecurity and data protection requirements.

Build a Security Compliance Program Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should manage your security compliance obligations, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

Infographic

Workshop: Build a Security Compliance Program

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Establish the Program

The Purpose

Establish the security compliance management program.

Key Benefits Achieved

Reviewing and adopting an information security control framework.

Understanding and establishing roles and responsibilities for security compliance management.

Identifying and scoping operational environments for applicable compliance obligations.

Activities

1.1 Review the business context.

1.2 Review the Info-Tech security control framework.

1.3 Establish roles and responsibilities.

1.4 Define operational environments.

Outputs

RACI matrix

Environments list and definitions

2 Identify Obligations

The Purpose

Identify security and data protection compliance obligations.

Key Benefits Achieved

Identifying the security compliance obligations that apply to your organization.

Documenting obligations and obtaining direction from management on conformance levels.

Mapping compliance obligation requirements into your control framework.

Activities

2.1 Identify relevant security and data protection compliance obligations.

2.2 Develop conformance level recommendations.

2.3 Map compliance obligations into control framework.

2.4 Develop process for operationalizing identification activities.

Outputs

List of compliance obligations

Completed Conformance Level Approval forms

(Optional) Mapped compliance obligation

(Optional) Identification process diagram

3 Implement Compliance Strategy

The Purpose

Understand how to build a compliance strategy.

Key Benefits Achieved

Updating security policies and other control design documents to reflect required controls.

Aligning your compliance obligations with your information security strategy.

Activities

3.1 Review state of information security policies.

3.2 Recommend updates to policies to address control requirements.

3.3 Review information security strategy.

3.4 Identify alignment points between compliance obligations and information security strategy.

3.5 Develop compliance exception process and forms.

Outputs

Recommendations and plan for updates to information security policies

Compliance exception forms

4 Track and Report

The Purpose

Track the status of your compliance program.

Key Benefits Achieved

Tracking the status of your compliance obligations.

Managing exceptions to compliance requirements.

Reporting on the compliance management program to senior stakeholders.

Activities

4.1 Define process and forms for self-attestation.

4.2 Develop audit test scripts for selected controls.

4.3 Review process and entity control types.

4.4 Develop self-assessment process.

4.5 Integrate compliance management with risk register.

4.6 Develop metrics and reporting process.

Outputs

Self-attestation forms

Completed test scripts for selected controls

Self-assessment process

Reporting process

Recommended metrics

Mergers & Acquisitions: The Sell Blueprint

  • Buy Link or Shortcode: {j2store}324|cart{/j2store}
  • member rating overall impact: N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: IT Strategy
  • Parent Category Link: /it-strategy

There are four key scenarios or entry points for IT as the selling/divesting organization in M&As:

  • IT can suggest a divestiture to meet the business objectives of the organization.
  • IT is brought in to strategy plan the sale/divestiture from both the business’ and IT’s perspectives.
  • IT participates in due diligence activities and complies with the purchasing organization’s asks.
  • IT needs to reactively prepare its environment to enable the separation.

Consider the ideal scenario for your IT organization.

Our Advice

Critical Insight

Divestitures are inevitable in modern business, and IT’s involvement in the process should be too. This progression is inspired by:

  • The growing trend for organizations to increase, decrease, or evolve through these types of transactions.
  • A maturing business perspective of IT, preventing the difficulty that IT is faced with when invited into the transaction process late.
  • Transactions that are driven by digital motivations, requiring IT’s expertise.
  • There never being such a thing as a true merger, making the majority of M&A activity either acquisitions or divestitures.

Impact and Result

Prepare for a sale/divestiture transaction by:

  • Recognizing the trend for organizations to engage in M&A activity and the increased likelihood that, as an IT leader, you will be involved in a transaction in your career.
  • Creating a standard strategy that will enable strong program management.
  • Properly considering all the critical components of the transaction and integration by prioritizing tasks that will reduce risk, deliver value, and meet stakeholder expectations.

Mergers & Acquisitions: The Sell Blueprint Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out how your organization can excel its reduction strategy by engaging in M&A transactions. Review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Proactive Phase

Be an innovative IT leader by suggesting how and why the business should engage in an acquisition or divestiture.

  • One-Pager: M&A Proactive
  • Case Study: M&A Proactive
  • Information Asset Audit Tool
  • Data Valuation Tool
  • Enterprise Integration Process Mapping Tool
  • Risk Register Tool
  • Security M&A Due Diligence Tool
  • Service Catalog Internal Service Level Agreement Template

2. Discovery & Strategy

Create a standardized approach for how your IT organization should address divestitures or sales.

  • One-Pager: M&A Discovery & Strategy – Sell
  • Case Study: M&A Discovery & Strategy – Sell

3. Due Diligence & Preparation

Comply with due diligence, prepare the IT environment for carve-out possibilities, and establish the separation project plan.

  • One-Pager: M&A Due Diligence & Preparation – Sell
  • Case Study: M&A Due Diligence & Preparation – Sell
  • IT Due Diligence Charter
  • IT Culture Diagnostic
  • M&A Separation Project Management Tool (SharePoint)
  • SharePoint Template: Step-by-Step Deployment Guide
  • M&A Separation Project Management Tool (Excel)

4. Execution & Value Realization

Deliver on the separation project plan successfully and communicate IT’s transaction value to the business.

  • One-Pager: M&A Execution & Value Realization – Sell
  • Case Study: M&A Execution & Value Realization – Sell

Infographic

Workshop: Mergers & Acquisitions: The Sell Blueprint

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Pre-Transaction Discovery & Strategy

The Purpose

Establish the transaction foundation.

Discover the motivation for divesting or selling.

Formalize the program plan.

Create the valuation framework.

Strategize the transaction and finalize the M&A strategy and approach.

Key Benefits Achieved

All major stakeholders are on the same page.

Set up crucial elements to facilitate the success of the transaction.

Have a repeatable transaction strategy that can be reused for multiple organizations.

Activities

1.1 Conduct the CIO Business Vision and CEO-CIO Alignment diagnostics.

1.2 Identify key stakeholders and outline their relationship to the M&A process.

1.3 Understand the rationale for the company's decision to pursue a divestiture or sale.

1.4 Assess the IT/digital strategy.

1.5 Identify pain points and opportunities tied to the divestiture/sale.

1.6 Create the IT vision statement and mission statement and identify IT guiding principles and the transition team.

1.7 Document the M&A governance.

1.8 Establish program metrics.

1.9 Create the valuation framework.

1.10 Establish the separation strategy.

1.11 Conduct a RACI.

1.12 Create the communication plan.

1.13 Prepare to assess target organizations.

Outputs

Business perspectives of IT

Stakeholder network map for M&A transactions

Business context implications for IT

IT’s divestiture/sale strategic direction

Governance structure

M&A program metrics

IT valuation framework

Separation strategy

RACI

Communication plan

Prepared to assess target organization(s)

2 Mid-Transaction Due Diligence & Preparation

The Purpose

Establish the foundation.

Discover the motivation for separation.

Identify expectations and create the carve-out roadmap.

Prepare and manage employees.

Plan the separation roadmap.

Key Benefits Achieved

All major stakeholders are on the same page.

Methodology identified to enable compliance during due diligence.

Employees are set up for a smooth and successful transition.

Separation activities are planned and assigned.

Activities

2.1 Gather and evaluate the stakeholders involved, M&A strategy, future-state operating model, and governance.

2.2 Review the business rationale for the divestiture/sale.

2.3 Establish the separation strategy.

2.4 Create the due diligence charter.

2.5 Create a list of IT artifacts to be reviewed in the data room.

2.6 Create a carve-out roadmap.

2.7 Create a service/technical transaction agreement.

2.8 Measure staff engagement.

2.9 Assess the current culture and identify the goal culture.

2.10 Create employee transition and functional workplans.

2.11 Establish the separation roadmap.

2.12 Establish and align project metrics with identified tasks.

2.13 Estimate integration costs.

Outputs

Stakeholder map

IT strategy assessed

IT operating model and IT governance structure defined

Business context implications for IT

Separation strategy

Due diligence charter

Data room artifacts

Carve-out roadmap

Service/technical transaction agreement

Engagement assessment

Culture assessment

Employee transition and functional workplans

Integration roadmap and associated resourcing

3 Post-Transaction Execution & Value Realization

The Purpose

Establish the transaction foundation.

Discover the motivation for separation.

Plan the separation roadmap.

Prepare employees for the transition.

Engage in separation.

Assess the transaction outcomes.

Key Benefits Achieved

All major stakeholders are on the same page.

Separation activities are planned and assigned.

Employees are set up for a smooth and successful transition.

Separation strategy and roadmap are executed to benefit the organization.

Review what went well and identify improvements to be made in future transactions.

Activities

3.1 Identify key stakeholders and outline their relationship to the M&A process.

3.2 Gather and evaluate the M&A strategy, future-state operating model, and governance.

3.3 Review the business rationale for the divestiture/sale.

3.4 Establish the separation strategy.

3.5 Prioritize separation tasks.

3.6 Establish the separation roadmap.

3.7 Establish and align project metrics with identified tasks.

3.8 Estimate separation costs.

3.9 Measure staff engagement.

3.10 Assess the current culture and identify the goal culture.

3.11 Create employee transition and functional workplans.

3.12 Complete the separation by regularly updating the project plan.

3.13 Assess the service/technical transaction agreement.

3.14 Confirm separation costs.

3.15 Review IT’s transaction value.

3.16 Conduct a transaction and separation SWOT.

3.17 Review the playbook and prepare for future transactions.

Outputs

M&A transaction team

Stakeholder map

IT strategy assessed

IT operating model and IT governance structure defined

Business context implications for IT

Separation strategy

Separation roadmap and associated resourcing

Engagement assessment

Culture assessment

Employee transition and functional workplans

Updated separation project plan

Evaluated service/technical transaction agreement

SWOT of transaction

M&A Sell Playbook refined for future transactions

Further reading

Mergers & Acquisitions: The Sell Blueprint

For IT leaders who want to have a role in the transaction process when their business is engaging in an M&A sale or divestiture.

EXECUTIVE BRIEF

Analyst Perspective

Don’t wait to be invited to the M&A table, make it.

Photo of Brittany Lutes, Research Analyst, CIO Practice, Info-Tech Research Group.
Brittany Lutes
Research Analyst,
CIO Practice
Info-Tech Research Group
Photo of Ibrahim Abdel-Kader, Research Analyst, CIO Practice, Info-Tech Research Group.
Ibrahim Abdel-Kader
Research Analyst,
CIO Practice
Info-Tech Research Group

IT has always been an afterthought in the M&A process, often brought in last minute once the deal is nearly, if not completely, solidified. This is a mistake. When IT is brought into the process late, the business misses opportunities to generate value related to the transaction and has less awareness of critical risks or inaccuracies.

To prevent this mistake, IT leadership needs to develop strong business relationships and gain respect for their innovative suggestions. In fact, when it comes to modern M&A activity, IT should be the ones suggesting potential transactions to meet business needs, specifically when it comes to modernizing the business or adopting digital capabilities.

IT needs to stop waiting to be invited to the acquisition or divestiture table. IT needs to suggest that the table be constructed and actively work toward achieving the strategic objectives of the business.

Executive Summary

Your Challenge

There are four key scenarios or entry points for IT as the selling/divesting organization in M&As:

  • IT can suggest a divestiture to meet the business objectives of the organization.
  • IT is brought in to strategy plan the sale/divestiture from both the business’ and IT’s perspectives.
  • IT participates in due diligence activities and complies with the purchasing organization’s asks.
  • IT needs to reactively prepare its environment to enable the separation.

Consider the ideal scenario for your IT organization.

Common Obstacles

Some of the obstacles IT faces include:

  • IT is often told about the transaction once the deal has already been solidified and is now forced to meet unrealistic business demands.
  • The business does not trust IT and therefore does not approach IT to define value or reduce risks to the transaction process.
  • The people and culture element is forgotten or not given adequate priority.

These obstacles often arise when IT waits to be invited into the transaction process and misses critical opportunities.

Info-Tech's Approach

Prepare for a sale/divestiture transaction by:

  • Recognizing the trend for organizations to engage in M&A activity and the increased likelihood that, as an IT leader, you will be involved in a transaction in your career.
  • Creating a standard strategy that will enable strong program management.
  • Properly considering all the critical components of the transaction and integration by prioritizing tasks that will reduce risk, deliver value, and meet stakeholder expectations.

Info-Tech Insight

As the number of merger, acquisition, and divestiture transactions continues to increase, so too does IT’s opportunity to leverage the growing digital nature of these transactions and get involved at the onset.

The changing M&A landscape

Businesses will embrace more digital M&A transactions in the post-pandemic world

  • When the pandemic occurred, businesses reacted by either pausing (61%) or completely cancelling (46%) deals that were in the mid-transaction state (Deloitte, 2020). The uncertainty made many organizations consider whether the risks would be worth the potential benefits.
  • However, many organizations quickly realized the pandemic is not a hindrance to M&A transactions but an opportunity. Over 16,000 American companies were involved in M&A transactions in the first six months of 2021 (The Economist). For reference, this had been averaging around 10,000 per six months from 2016 to 2020.
  • In addition to this transaction growth, organizations have increasingly been embracing digital. These trends increase the likelihood that, as an IT leader, you will engage in an M&A transaction. However, it is up to you when you get involved in the transactions.

The total value of transactions in the year after the pandemic started was $1.3 billion – a 93% increase in value compared to before the pandemic. (Nasdaq)

71% of technology companies anticipate that divestitures will take place as a result of the COVID-19 pandemic. (EY, 2020)

Your challenge

IT is often not involved in the M&A transaction process. When it is, it’s often too late.

  • The most important driver of an acquisition is the ability to access new technology (DLA Piper), and yet 50% of the time, IT isn’t involved in the M&A transaction at all (IMAA Institute, 2017).
  • Additionally, IT’s lack of involvement in the process negatively impacts the business:
    • Most organizations (60%) do not have a standardized approach to integration (Steeves and Associates), let alone separation.
    • Two-thirds of the time, the divesting organization and acquiring organization will either fail together or succeed together (McKinsey, 2015).
    • Less than half (47%) of organizations actually experience the positive results sought by the M&A transaction (Steeves and Associates).
  • Organizations pursuing M&A and not involving IT are setting themselves up for failure.

Only half of M&A deals involve IT (Source: IMAA Institute, 2017)

Common Obstacles

These barriers make this challenge difficult to address for many organizations:

  • IT is rarely afforded the opportunity to participate in the transaction deal. When IT is invited, this often happens later in the process where separation will be critical to business continuity.
  • IT has not had the opportunity to demonstrate that it is a valuable business partner in other business initiatives.
  • One of the most critical elements that IT often doesn’t take the time or doesn’t have the time to focus on is the people and leadership component.
  • IT waits to be invited to the process rather then actively involving themselves and suggesting how value can be added to the process.

In hindsight, it’s clear to see: Involving IT is just good business.

47% of senior leaders wish they would have spent more time on IT due diligence to prevent value erosion. (Source: IMAA Institute, 2017)

“Solutions exist that can save well above 50 percent on divestiture costs, while ensuring on-time delivery.” (Source: SNP)

Info-Tech's approach

Acquisitions & Divestitures Framework

Acquisitions and divestitures are inevitable in modern business, and IT’s involvement in the process should be too. This progression is inspired by:

  1. The growing trend for organizations to increase, decrease, or evolve through these types of transactions.
  2. Transactions that are driven by digital motivations, requiring IT’s expertise.
  3. A maturing business perspective of IT, preventing the difficulty that IT is faced with when invited into the transaction process late.
  4. There never being such a thing as a true merger, making the majority of M&A activity either acquisitions or divestitures.
A diagram highlighting the 'IT Executives' Role in Acquisitions and Divestitures' when they are integrated at different points in the 'Core Business Timeline'. There are four main entry points 'Proactive', 'Discovery and Strategy', 'Due Diligence and Preparation', and 'Execution and Value Realized'. It is highlighted that IT can and should start at 'Proactive', but most organizations start at 'Execution and Value Realized'. 'Proactive': suggest opportunities to evolve the organization; prove IT's value and engage in growth opportunities early. Innovators start here. Steps of the business timeline in 'Proactive' are 'Organization strategies are defined' and 'M and A is considered to enable strategy'. After a buy or sell transaction is initiated is 'Discovery and Strategy': pre-transaction state. If it is a Buy transaction, 'Establish IT's involvement and approach'. If it is a Sell transaction, 'Prepare to engage in negotiations'. Business Partners start here. Steps of the business timeline in 'Discovery and Strategy' are 'Searching criteria is set', 'Potential candidates are considered', and 'LOI is sent/received'. 'Due Diligence and Preparation': mid-transaction state. If it is a Buy transaction, 'Identify potential transaction benefits and risks'. If it is a Sell transaction, 'Comply, communicate, and collaborate in transaction'. Trusted Operators start here. Steps of the business timeline in 'Due Diligence and Preparation' are 'Due diligence engagement occurs', 'Final agreement is reached', and 'Preparation for transaction execution occurs'. 'Execution and Value Realization': post-transaction state. If it is a Buy transaction, 'Integrate the IT environments and achieve business value'. If it is a Sell transaction, 'Separate the IT environment and deliver on transaction terms'. Firefighters start here. Steps of the business timeline in 'Execution and Value Realization' are 'Staff and operations are addressed appropriately', 'Day 1 of implementation and integration activities occurs', '1st 100 days of new entity state occur' and 'Ongoing risk mitigating and value creating activities occur'.

The business’ view of IT will impact how soon IT can get involved

There are four key entry points for IT

A colorful visualization of the four key entry points for IT and a fifth not-so-key entry point. Starting from the top: 'Innovator', Information and Technology as a Competitive Advantage, 90% Satisfaction; 'Business Partner', Effective Delivery of Strategic Business Projects, 80% Satisfaction; 'Trusted Operator', Enablement of Business Through Application and Work Orders, 70% Satisfaction; 'Firefighter', Reliable Infrastructure and IT Service Desk, 60% Satisfaction; and then 'Unstable', Inability to Consistently Deliver Basic Services, <60% Satisfaction.
  1. Innovator: IT suggests a sale or divestiture to meet the business objectives of the organization.
  2. Business Partner: IT is brought in to strategy plan the sale/divestiture from both the business’ and IT’s perspective.
  3. Trusted Operator: IT participates in due diligence activities and complies with the purchasing organization’s asks.
  4. Firefighter: IT needs to reactively prepare its environment in order to enable the separation.

Merger, acquisition, and divestiture defined

Merger

A merger looks at the equal combination of two entities or organizations. Mergers are rare in the M&A space, as the organizations will combine assets and services in a completely equal 50/50 split. Two organizations may also choose to divest business entities and merge as a new company.

Acquisition

The most common transaction in the M&A space, where an organization will acquire or purchase another organization or entities of another organization. This type of transaction has a clear owner who will be able to make legal decisions regarding the acquired organization.

Divestiture

An organization may decide to sell partial elements of a business to an acquiring organization. They will separate this business entity from the rest of the organization and continue to operate the other components of the business.

Info-Tech Insight

A true merger does not exist, as there is always someone initiating the discussion. As a result, most M&A activity falls into acquisition or divestiture categories.

Selling vs. buying

The M&A process approach differs depending on whether you are the selling or buying organization

This blueprint is only focused on the sell side:

  • Examples of sell-related scenarios include:
    • Your organization is selling to another organization with the intent of keeping its regular staff, operations, and location. This could mean minimal separation is required.
    • Your organization is selling to another organization with the intent of separating to be a part of the purchasing organization.
    • Your organization is engaging in a divestiture with the intent of:
      • Separating components to be part of the purchasing organization permanently.
      • Separating components to be part of a spinoff and establish a unit as a standalone new company.
  • As the selling organization, you could proactively seek out suitors to purchase all or components of your organization, or you could be approached by an organization.

The buy side is focused on:

  • More than two organizations could be involved in a transaction.
  • Examples of buy-related scenarios include:
    • Your organization is buying another organization with the intent of having the purchased organization keep its regular staff, operations, and location. This could mean minimal integration is required.
    • Your organization is buying another organization in its entirety with the intent of integrating it into your original company.
    • Your organization is buying components of another organization with the intent of integrating them into your original company.
  • As the purchasing organization, you will probably be initiating the purchase and thus will be valuating the selling organization during due diligence and leading the execution plan.

For more information on acquisitions or purchases, check out Info-Tech’s Mergers & Acquisitions: The Buy Blueprint.

Core business timeline

For IT to be valuable in M&As, you need to align your deliverables and your support to the key activities the business and investors are working on.

Info-Tech’s methodology for Selling Organizations in Mergers, Acquisitions, or Divestitures

1. Proactive

2. Discovery & Strategy

3. Due Diligence & Preparation

4. Execution & Value Realization

Phase Steps

  1. Identify Stakeholders and Their Perspective of IT
  2. Assess IT’s Current Value and Future State
  3. Drive Innovation and Suggest Growth Opportunities
  1. Establish the M&A Program Plan
  2. Prepare IT to Engage in the Separation or Sale
  1. Engage in Due Diligence and Prepare Staff
  2. Prepare to Separate
  1. Execute the Transaction
  2. Reflection and Value Realization

Phase Outcomes

Be an innovative IT leader by suggesting how and why the business should engage in an acquisition or divestiture.

Create a standardized approach for how your IT organization should address divestitures or sales.

Comply with due diligence, prepare the IT environment for carve-out possibilities, and establish the separation project plan.

Deliver on the separation project plan successfully and communicate IT’s transaction value to the business.

Metrics for each phase

1. Proactive

2. Discovery & Strategy

3. Valuation & Due Diligence

4. Execution & Value Realization

  • % Share of business innovation spend from overall IT budget
  • % Critical processes with approved performance goals and metrics
  • % IT initiatives that meet or exceed value expectation defined in business case
  • % IT initiatives aligned with organizational strategic direction
  • % Satisfaction with IT's strategic decision-making abilities
  • $ Estimated business value added through IT-enabled innovation
  • % Overall stakeholder satisfaction with IT
  • % Percent of business leaders that view IT as an Innovator
  • % IT budget as a percent of revenue
  • % Assets that are not allocated
  • % Unallocated software licenses
  • # Obsolete assets
  • % IT spend that can be attributed to the business (chargeback or showback)
  • % Share of CapEx of overall IT budget
  • % Prospective organizations that meet the search criteria
  • $ Total IT cost of ownership (before and after M&A, before and after rationalization)
  • % Business leaders that view IT as a Business Partner
  • % Defects discovered in production
  • $ Cost per user for enterprise applications
  • % In-house-built applications vs. enterprise applications
  • % Owners identified for all data domains
  • # IT staff asked to participate in due diligence
  • Change to due diligence
  • IT budget variance
  • Synergy target
  • % Satisfaction with the effectiveness of IT capabilities
  • % Overall end-customer satisfaction
  • $ Impact of vendor SLA breaches
  • $ Savings through cost-optimization efforts
  • $ Savings through application rationalization and technology standardization
  • # Key positions empty
  • % Frequency of staff turnover
  • % Emergency changes
  • # Hours of unplanned downtime
  • % Releases that cause downtime
  • % Incidents with identified problem record
  • % Problems with identified root cause
  • # Days from problem identification to root cause fix
  • % Projects that consider IT risk
  • % Incidents due to issues not addressed in the security plan
  • # Average vulnerability remediation time
  • % Application budget spent on new build/buy vs. maintenance (deferred feature implementation, enhancements, bug fixes)
  • # Time (days) to value realization
  • % Projects that realized planned benefits
  • $ IT operational savings and cost reductions that are related to synergies/divestitures
  • % IT staff–related expenses/redundancies
  • # Days spent on IT separation
  • $ Accurate IT budget estimates
  • % Revenue growth directly tied to IT delivery
  • % Profit margin growth

IT's role in the selling transaction

And IT leaders have a greater likelihood than ever of needing to support a merger, acquisition, or divestiture.

  1. Reduced Risk

    IT can identify risks that may go unnoticed when IT is not involved.
  2. Increased Accuracy

    The business can make accurate predictions around the costs, timelines, and needs of IT.
  3. Faster Integration

    Faster integration means faster value realization for the business.
  4. Informed Decision Making

    IT leaders hold critical information that can support the business in moving the transaction forward.
  5. Innovation

    IT can suggest new opportunities to generate revenue, optimize processes, or reduce inefficiencies.

The IT executive’s critical role is demonstrated by:

  • Reduced Risk

    47% of senior leaders wish they would have spent more time on IT due diligence to prevent value erosion (IMAA Institute, 2017).
  • Increased Accuracy

    Sellers often only provide 15 to 30 days for the acquiring organization to decide (Forbes, 2018), increasing the necessity of accurate pricing.
  • Faster Integration

    36% of CIOs have visibility into only business unit data, making the divestment a challenge (EY, 2021).
  • Informed Decision Making

    Only 38% of corporate and 22% of private equity firms include IT as a significant aspect in their transaction approach (IMAA Institute, 2017).
  • Innovation

    Successful CIOs involved in M&As can spend 70% of their time on aspects outside of IT and 30% of their time on technology and delivery (CIO).

Playbook benefits

IT Benefits

  • IT will be seen as an innovative partner to the business, and its suggestions and involvement in the organization will lead to benefits, not hindrances.
  • Develop a streamlined method to prepare the IT environment for potential carve-out and separations, ensuring risk management concerns are brought to the business’ attention immediately.
  • Create a comprehensive list of items that IT needs to do during the separation that can be prioritized and actioned.

Business Benefits

  • The business will get accurate and relevant information about its IT environment in order to sell or divest the company to the highest bidder for a true price.
  • Fewer business interruptions will happen, because IT can accurately plan for and execute the high-priority separation tasks.
  • The business can obtain a high-value offer for the components of IT being sold and can measure the ongoing value the sale will bring.

Insight summary

Overarching Insight

IT controls if and when it gets invited to support the business through a purchasing growth transaction. Take control of the process, demonstrate the value of IT, and ensure that separation of IT environments does not lead to unnecessary and costly decisions.

Proactive Insight

CIOs on the forefront of digital transformation need to actively look for and suggest opportunities to acquire or partner on new digital capabilities to respond to rapidly changing business needs.

Discovery & Strategy Insight

IT organizations that have an effective M&A program plan are more prepared for the transaction, enabling a successful outcome. A structured strategy is particularly necessary for organizations expected to deliver M&As rapidly and frequently.

Due Diligence & Preparation Insight

IT often faces unnecessary separation challenges because of a lack of preparation. Secure the IT environment and establish how IT will retain employees early in the transaction process.

Execution & Value Realization Insight

IT needs to demonstrate value and cost savings within 100 days of the transaction. The most successful transactions are when IT continuously realizes synergies a year after the transaction and beyond.

Blueprint deliverables

Key Deliverable: M&A Sell Playbook

The M&A Sell Playbook should be a reusable document that enables your IT organization to successfully deliver on any divestiture transaction.

Screenshots of the 'M and A Sell Playbook' deliverable.

M&A Sell One-Pager

See a one-page overview of each phase of the transaction.

Screenshots of the 'M and A Sell One-Pagers' deliverable.

M&A Sell Case Studies

Read a one-page case study for each phase of the transaction.

Screenshots of the 'M and A Sell Case Studies' deliverable.

M&A Separation Project Management Tool (SharePoint)

Manage the separation process of the divestiture/sale using this SharePoint template.

Screenshots of the 'M and A Separation Project Management Tool (SharePoint)' deliverable.

M&A Separation Project Management Tool (Excel)

Manage the separation process of the divestiture/sale using this Excel tool if you can’t or don’t want to use SharePoint.

Screenshots of the 'M and A Separation Project Management Tool (Excel)' deliverable.

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

Guided Implementation

Workshop

Consulting

"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

Diagnostics and consistent frameworks used throughout all four options

Guided Implementation

What does a typical GI on this topic look like?

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is between 6 to 10 calls over the course of 2 to 4 months.

    Proactive Phase

  • Call #1: Scope requirements, objectives, and your specific challenges.
  • Discovery & Strategy Phase

  • Call #2: Determine stakeholders and business perspectives on IT.
  • Call #3: Identify how M&A could support business strategy and how to communicate.
  • Due Diligence & Preparation Phase

  • Call #4: Establish a transaction team and divestiture/sale strategic direction.
  • Call #5: Create program metrics and identify a standard separation strategy.
  • Call #6: Prepare to carve out the IT environment.
  • Call #7: Identify the separation program plan.
  • Execution & Value Realization Phase

  • Call #8: Establish employee transitions to retain key staff.
  • Call #9: Assess IT’s ability to deliver on the divestiture/sale transaction.

The Sell Blueprint

Phase 1

Proactive

Phase 1

Phase 2 Phase 3 Phase 4
  • 1.1 Identify Stakeholders and Their Perspective of IT
  • 1.2 Assess IT’s Current Value and Future State
  • 1.3 Drive Innovation and Suggest Reduction Opportunities
  • 2.1 Establish the M&A Program Plan
  • 2.2 Prepare IT to Engage in the Separation or Sale
  • 3.1 Engage in Due Diligence and Prepare Staff
  • 3.2 Prepare to Separate
  • 4.1 Execute the Transaction
  • 4.2 Reflection and Value Realization

This phase will walk you through the following activities:

  • Conduct the CEO-CIO Alignment diagnostic
  • Conduct the CIO Business Vision diagnostic
  • Visualize relationships among stakeholders to identify key influencers
  • Group stakeholders into categories
  • Prioritize your stakeholders
  • Plan to communicate
  • Valuate IT
  • Assess the IT/digital strategy
  • Determine pain points and opportunities
  • Align goals to opportunities
  • Recommend reduction opportunities

This phase involves the following participants:

  • IT and business leadership

What is the Proactive phase?

Embracing the digital drivers

As the number of merger, acquisition, or divestiture transactions driven by digital means continues to increase, IT has an opportunity to not just be involved in a transaction but actively seek out potential deals.

In the Proactive phase, the business is not currently considering a transaction. However, the business could consider one to reach its strategic goals. IT organizations that have developed respected relationships with the business leaders can suggest these potential transactions.

Understand the business’ perspective of IT, determine who the critical M&A stakeholders are, valuate the IT environment, and examine how it supports the business goals in order to suggest an M&A transaction.

In doing so, IT isn’t waiting to be invited to the transaction table – it’s creating it.

Goal: To support the organization in reaching its strategic goals by suggesting M&A activities that will enable the organization to reach its objectives faster and with greater-value outcomes.

Proactive Prerequisite Checklist

Before coming into the Proactive phase, you should have addressed the following:

  • Understand what mergers, acquisitions, and divestitures are.
  • Understand what mergers, acquisitions, and divestitures mean for the business.
  • Understand what mergers, acquisitions, and divestitures mean for IT.

Review the Executive Brief for more information on mergers, acquisitions, and divestitures for selling organizations.

Proactive

Step 1.1

Identify M&A Stakeholders and Their Perspective of IT

Activities

  • 1.1.1 Conduct the CEO-CIO Alignment diagnostic
  • 1.1.2 Conduct the CIO Business Vision diagnostic
  • 1.1.3 Visualize relationships among stakeholders to identify key influencers
  • 1.1.4 Group stakeholders into categories
  • 1.1.5 Prioritize your stakeholders
  • 1.16 Plan to communicate

This step involves the following participants:

  • IT executive leader
  • IT leadership
  • Critical M&A stakeholders

Outcomes of Step

Understand how the business perceives IT and establish strong relationships with critical M&A stakeholders.

Business executives' perspectives of IT

Leverage diagnostics and gain alignment on IT’s role in the organization

  • To suggest or get involved with a merger, acquisition, or divestiture, the IT executive leader needs to be well respected by other members of the executive leadership team and the business.
  • Specifically, the Proactive phase relies on the IT organization being viewed as an Innovator within the business.
  • Identify how the CEO/business executive currently views IT and where they would like IT to move within the Maturity Ladder.
  • Additionally, understand how other critical department leaders view IT and how they view the partnership with IT.
A colorful visualization titled 'Maturity Ladder' detailing levels of IT function that a business may choose from based on the business executives' perspectives of IT. Starting from the bottom: 'Struggle', Does not embarrass, Does not crash; 'Support', Keeps business happy, Keeps costs low; 'Optimize', Increases efficiency, Decreases costs; 'Expand', Extends into new business, Generates revenue; 'Transform', Creates new industry.

Misalignment in target state requires further communication between the CIO and CEO to ensure IT is striving toward an agreed-upon direction.

Info-Tech’s CIO Business Vision (CIO BV) diagnostic measures a variety of high-value metrics to provide a well-rounded understanding of stakeholder satisfaction with IT.

Sample of Info-Tech's CIO Business Vision diagnostic measuring percentages of high-value metrics like 'IT Satisfaction' and 'IT Value' regarding business leader satisfaction. A note for these two reads 'Evaluate business leader satisfaction with IT this year and last year'. A section titled 'Relationship' has metrics such as 'Understands Needs' and 'Trains Effectively'. A note for this section reads 'Examine relationship indicators between IT and the business'. A section titled 'Security Friction' has metrics such as 'Regulatory Compliance-Driven' and 'Office/Desktop Security'.

Business Satisfaction and Importance for Core Services

The core services of IT are important when determining what IT should focus on. The most important services with the lowest satisfaction offer the largest area of improvement for IT to drive business value.

Sample of Info-Tech's CIO Business Vision diagnostic specifically comparing the business satisfaction of 12 core services with their importance. Services listed include 'Service Desk', 'IT Security', 'Requirements Gathering', 'Business Apps', 'Data Quality', and more. There is a short description of the services, a percentage for the business satisfaction with the service, a percentage comparing it to last year, and a numbered ranking of importance for each service. A note reads 'Assess satisfaction and importance across 12 core IT capabilities'.

1.1.1 Conduct the CEO-CIO Alignment diagnostic

2 weeks

Input: IT organization expertise and the CEO-CIO Alignment diagnostic

Output: An understanding of an executive business stakeholder’s perception of IT

Materials: M&A Sell Playbook, CEO-CIO Alignment diagnostic

Participants: IT executive/CIO, Business executive/CEO

  1. The CEO-CIO Alignment diagnostic can be a powerful input. Speak with your Info-Tech account representative to conduct the diagnostic. Use the results to inform current IT capabilities.
  2. You may choose to debrief the results of your diagnostic with an Info-Tech analyst. We recommend this to help your team understand how to interpret and draw conclusions from the results.
  3. Examine the results of the survey and note where there might be specific capabilities that could be improved.
  4. Determine whether there are any areas of significant disagreement between the you and the CEO. Mark down those areas for further conversations. Additionally, take note of areas that could be leveraged to support transactions or support your rationale in recommending transactions.

Download the sample report.

Record the results in the M&A Sell Playbook.

1.1.2 Conduct the CIO Business Vision diagnostic

2 weeks

Input: IT organization expertise, CIO BV diagnostic

Output: An understanding of business stakeholder perception of certain IT capabilities and services

Materials: M&A Buy Playbook, CIO Business Vision diagnostic

Participants: IT executive/CIO, Senior business leaders

  1. The CIO Business Vision (CIO BV) diagnostic can be a powerful tool for identifying IT capability focus areas. Speak with your account representative to conduct the CIO BV diagnostic. Use the results to inform current IT capabilities.
  2. You may choose to debrief the results of your diagnostic with an Info-Tech analyst. We recommend this to help your team understand how to interpret the results and draw conclusions from the diagnostic.
  3. Examine the results of the survey and take note of any IT services that have low scores.
  4. Read through the diagnostic comments and note any common themes. Especially note which stakeholders identified they have a favorable relationship with IT and which stakeholders identified they have an unfavorable relationship. For those who have an unfavorable relationship, identify if they will have a critical role in a growth transaction.

Download the sample report.

Record the results in the M&A Sell Playbook.

Create a stakeholder network map for M&A transactions

Follow the trail of breadcrumbs from your direct stakeholders to their influencers to uncover hidden stakeholders.

Example:

Diagram of stakeholders and their relationships with other stakeholders, such as 'Board Members', 'CFO/Finance', 'Compliance', etc. with 'CIO/IT Leader' highlighted in the middle. There are unidirectional black arrows and bi-directional green arrows indicating each connection.

    Legend
  • Black arrows indicate the direction of professional influence
  • Dashed green arrows indicate bidirectional, informal influence relationships

Info-Tech Insight

Your stakeholder map defines the influence landscape that the M&A transaction will occur within. This will identify who holds various levels of accountability and decision-making authority when a transaction does take place.

Use connectors to determine who may be influencing your direct stakeholders. They may not have any formal authority within the organization, but they may have informal yet substantial relationships with your stakeholders.

1.1.3 Visualize relationships among stakeholders to identify key influencers

1-3 hours

Input: List of M&A stakeholders

Output: Relationships among M&A stakeholders and influencers

Materials: Flip charts, Markers, Sticky notes, M&A Sell Playbook

Participants: IT executive leadership

  1. The purpose of this activity is to list all the stakeholders within your organization that will have a direct or indirect impact on the M&A transaction.
  2. Determine the critical stakeholders, and then determine the stakeholders of your stakeholders and consider adding each of them to the stakeholder list.
  3. Assess who has either formal or informal influence over your stakeholders; add these influencers to your stakeholder list.
  4. Construct a diagram linking stakeholders and their influencers together.
    • Use black arrows to indicate the direction of professional influence.
    • Use dashed green arrows to indicate bidirectional, informal influence relationships.

Record the results in the M&A Sell Playbook.

Categorize your stakeholders with a prioritization map

A stakeholder prioritization map helps IT leaders categorize their stakeholders by their level of influence and ownership in the merger, acquisition, or divestiture process.

A prioritization map of stakeholder categories split into four quadrants. The vertical axis is 'Influence', from low on the bottom to high on top. The horizontal axis is 'Ownership/Interest', from low on the left to high on the right. 'Spectators' are low influence, low ownership/interest. 'Mediators' are high influence, low ownership/interest. 'Noisemakers' are low influence, high ownership/interest. 'Players' are high influence, high ownership/interest.

There are four areas in the map, and the stakeholders within each area should be treated differently.

Players – players have a high interest in the initiative and the influence to effect change over the initiative. Their support is critical, and a lack of support can cause significant impediment to the objectives.

Mediators – mediators have a low interest but significant influence over the initiative. They can help to provide balance and objective opinions to issues that arise.

Noisemakers – noisemakers have low influence but high interest. They tend to be very vocal and engaged, either positively or negatively, but have little ability to enact their wishes.

Spectators – generally, spectators are apathetic and have little influence over or interest in the initiative.

1.1.4 Group stakeholders into categories

30 minutes

Input: Stakeholder map, Stakeholder list

Output: Categorization of stakeholders and influencers

Materials: Flip charts, Markers, Sticky notes, M&A Sell Playbook

Participants: IT executive leadership, Stakeholders

  1. Identify your stakeholders’ interest in and influence on the M&A process as high, medium, or low by rating the attributes below.
  2. Map your results to the model to the right to determine each stakeholder’s category.

Same prioritization map of stakeholder categories as before. This one has specific stakeholders mapped onto it. 'CFO' is mapped as low interest and middling influence, between 'Mediator' and 'Spectator'. 'CIO' is mapped as higher than average interest and high influence, a 'Player'. 'Board Member' is mapped as high interest and high influence, a 'Player'.

Level of Influence
  • Power: Ability of a stakeholder to effect change.
  • Urgency: Degree of immediacy demanded.
  • Legitimacy: Perceived validity of stakeholder’s claim.
  • Volume: How loud their “voice” is or could become.
  • Contribution: What they have that is of value to you.
Level of Interest

How much are the stakeholder’s individual performance and goals directly tied to the success or failure of the product?

Record the results in the M&A Sell Playbook.

Prioritize your stakeholders

There may be too many stakeholders to be able to manage them all. Focus your attention on the stakeholders that matter most.

Level of Support

Supporter

Evangelist

Neutral

Blocker

Stakeholder Category Player Critical High High Critical
Mediator Medium Low Low Medium
Noisemaker High Medium Medium High
Spectator Low Irrelevant Irrelevant Low

Consider the three dimensions for stakeholder prioritization: influence, interest, and support. Support can be determined by answering the following question: How significant is that stakeholder to the M&A or divestiture process?

These parameters are used to prioritize which stakeholders are most important and should receive your focused attention.

1.1.5 Prioritize your stakeholders

30 minutes

Input: Stakeholder matrix

Output: Stakeholder and influencer prioritization

Materials: Flip charts, Markers, Sticky notes, M&A Sell Playbook

Participants: IT executive leadership, M&A/divestiture stakeholders

  1. Identify the level of support of each stakeholder by answering the following question: How significant is that stakeholder to the M&A transaction process?
  2. Prioritize your stakeholders using the prioritization scheme on the previous slide.

Stakeholder

Category

Level of Support

Prioritization

CMO Spectator Neutral Irrelevant
CIO Player Supporter Critical

Record the results in the M&A Sell Playbook.

Define strategies for engaging stakeholders by type

A revisit to the map of stakeholder categories, but with strategies listed for each one, and arrows on the side instead of an axis. The vertical arrow is 'Authority', which increases upward, and the horizontal axis is Ownership/Interest which increases as it moves to the right. The strategy for 'Players' is 'Engage', for 'Mediators' is 'Satisfy', for 'Noisemakers' is 'Inform', and for 'Spectators' is 'Monitor'.

Type

Quadrant

Actions

Players High influence, high interest – actively engage Keep them updated on the progress of the project. Continuously involve Players in the process and maintain their engagement and interest by demonstrating their value to its success.
Mediators High influence, low interest – keep satisfied They can be the game changers in groups of stakeholders. Turn them into supporters by gaining their confidence and trust and including them in important decision-making steps. In turn, they can help you influence other stakeholders.
Noisemakers Low influence, high interest – keep informed Try to increase their influence (or decrease it if they are detractors) by providing them with key information, supporting them in meetings, and using Mediators to help them.
Spectators Low influence, low interest – monitor They are followers. Keep them in the loop by providing clarity on objectives and status updates.

Info-Tech Insight

Each group of stakeholders draws attention and resources away from critical tasks. By properly identifying stakeholder groups, the IT executive leader can develop corresponding actions to manage stakeholders in each group. This can dramatically reduce wasted effort trying to satisfy Spectators and Noisemakers while ensuring the needs of Mediators and Players are met.

1.1.6 Plan to communicate

30 minutes

Input: Stakeholder priority, Stakeholder categorization, Stakeholder influence

Output: Stakeholder communication plan

Materials: Flip charts, Markers, Sticky notes, M&A Sell Playbook

Participants: IT executive leadership, M&A/divestiture stakeholders

The purpose of this activity is to make a communication plan for each of the stakeholders identified in the previous activities, especially those who will have a critical role in the M&A transaction process.

  1. In the M&A Sell Playbook, input the type of influence each stakeholder has on IT, how they would be categorized in the M&A process, and their level of priority. Use this information to create a communication plan.
  2. Determine the methods and frequency of communication to keep the necessary stakeholder satisfied and maintain or enhance IT’s profile within the organization.

Record the results in the M&A Sell Playbook.

Proactive

Step 1.2

Assess IT’s Current Value and Method to Achieve a Future State

Activities

  • 1.2.1 Valuate IT
  • 1.2.2 Assess the IT/digital strategy

This step involves the following participants:

  • IT executive leader
  • IT leadership
  • Critical stakeholders to M&A

Outcomes of Step

Identify critical opportunities to optimize IT and meet strategic business goals through a merger, acquisition, or divestiture.

How to valuate your IT environment

And why it matters so much

  • Valuating your current organization’s IT environment is a critical step that all IT organizations should take, whether involved in an M&A or not, to fully understand what it might be worth.
  • The business investments in IT can be directly translated into a value amount. For every $1 invested in IT, the business might be gaining $100 in value back or possibly even loosing $100.
  • Determining, documenting, and communicating this information ensures that the business takes IT’s suggestions seriously and recognizes why investing in IT is so critical.
  • There are three ways a business or asset can be valuated:
    • Cost Approach: Look at the costs associated with building, purchasing, replacing, and maintaining a given aspect of the business.
    • Market Approach: Look at the relative value of a particular aspect of the business. Relative value can fluctuate and depends on what the markets and consequently society believe that particular element is worth.
    • Discounted Cash Flow Approach: Focus on what the potential value of the business could be or the intrinsic value anticipated due to future profitability.
  • (Source: “Valuation Methods,” Corporate Finance Institute)

Four ways to create value through digital

  1. Reduced costs
  2. Improved customer experience
  3. New revenue sources
  4. Better decision making
  5. (Source: McKinsey & Company)

1.2.1 Valuate IT

1 day

Input: Valuation of data, Valuation of applications, Valuation of infrastructure and operations, Valuation of security and risk

Output: Valuation of IT

Materials: Relevant templates/tools listed on the following slides, Capital budget, Operating budget, M&A Sell Playbook

Participants: IT executive/CIO, IT senior leadership

The purpose of this activity is to demonstrate that IT is not simply an operational functional area that diminishes business resources. Rather, IT contributes significant value to the business.

  1. Review each of the following slides to valuate IT’s data, applications, infrastructure and operations, and security and risk. These valuations consider several tangible and intangible factors and result in a final dollar amount.
  2. Input the financial amounts identified for each critical area into a summary slide. Use this information to determine where IT is delivering value to the organization.

Info-Tech Insight

Consistency is key when valuating your IT organization as well as other IT organizations throughout the transaction process.

Record the results in the M&A Sell Playbook.

Data valuation

Data valuation identifies how you monetize the information that your organization owns.

Create a data value chain for your organization

When valuating the information and data that exists in an organization, there are many things to consider.

Info-Tech has two tools that can support this process:

  1. Information Asset Audit Tool: Use this tool first to take inventory of the different information assets that exist in your organization.
  2. Data Valuation Tool: Once information assets have been accounted for, valuate the data that exists within those information assets.

Data Collection

Insight Creation

Value Creation

Data Valuation

01 Data Source
02 Data Collection Method
03 Data
04 Data Analysis
05 Insight
06 Insight Delivery
07 Consumer
08 Value in Data
09 Value Dimension
10 Value Metrics Group
11 Value Metrics
Screenshots of Tab 2 of Info-Tech's Data Valuation Tool.

Instructions

  1. Using the Data Valuation Tool, start gathering information based on the eight steps above to understand your organization’s journey from data to value.
  2. Identify the data value spectrum. (For example: customer sales service, citizen licensing service, etc.)
  3. Fill out the columns for data sources, data collection, and data first.
  4. Capture data analysis and related information.
  5. Then capture the value in data.
  6. Add value dimensions such as usage, quality, and economic dimensions.
    • Remember that economic value is not the only dimension, and usage/quality has a significant impact on economic value.
  7. Collect evidence to justify your data valuation calculator (market research, internal metrics, etc.).
  8. Finally, calculate the value that has a direct correlation with underlying value metrics.

Application valuation

Calculate the value of your IT applications

When valuating the applications and their users in an organization, consider using a business process map. This shows how business is transacted in the company by identifying which IT applications support these processes and which business groups have access to them. Info-Tech has a business process mapping tool that can support this process:

  • Enterprise Integration Process Mapping Tool: Complete this tool first to map the different business processes to the supporting applications in your organization.

Instructions

  1. Start by calculating user costs. This is the multiplication of: (# of users) × (% of time spent using IT) × (fully burdened salary).
  2. Identify the revenue per employee and divide that by the average cost per employee to calculate the derived productivity ratio (DPR).
  3. Once you have calculated the user costs and DPR, multiply those total values together to get the application value.
  4. User Costs

    Total User Costs

    Derived Productivity Ratio (DPR)

    Total DPR

    Application Value

    # of users % time spent using IT Fully burdened salary Multiply values from the 3 user costs columns Revenue per employee Average cost per employee (Revenue P.E) ÷ (Average cost P.E) (User costs) X (DPR)

  5. Once the total application value is established, calculate the combined IT and business costs of delivering that value. IT and business costs include inflexibility (application maintenance), unavailability (downtime costs, including disaster exposure), IT costs (common costs statistically allocated to applications), and fully loaded cost of active (full-time equivalent [FTE]) users.
  6. Calculate the net value of applications by subtracting the total IT and business costs from the total application value calculated in step 3.
  7. IT and Business Costs

    Total IT and Business Costs

    Net Value of Applications

    Application maintenance Downtime costs (include disaster exposure) Common costs allocated to applications Fully loaded costs of active (FTE) users Sum of values from the four IT and business costs columns (Application value) – (IT and business costs)

(Source: CSO)

Infrastructure valuation

Assess the foundational elements of the business’ information technology

The purpose of this exercise is to provide a high-level infrastructure valuation that will contribute to valuating your IT environment.

Calculating the value of the infrastructure will require different methods depending on the environment. For example, a fully cloud-hosted organization will have different costs than a fully on-premises IT environment.

Instructions:

  1. Start by listing all of the infrastructure-related items that are relevant to your organization.
  2. Once you have finalized your items column, identify the total costs/value of each item.
    • For example, total software costs would include servers and storage.
  3. Calculate the total cost/value of your IT infrastructure by adding all of values in the right column.

Item

Costs/Value

Hardware Assets Total Value +$3.2 million
Hardware Leased/Service Agreement -$
Software Purchased +$
Software Leased/Service Agreement -$
Operational Tools
Network
Disaster Recovery
Antivirus
Data Centers
Service Desk
Other Licenses
Total:

For additional support, download the M&A Runbook for Infrastructure and Operations.

Risk and security

Assess risk responses and calculate residual risk

The purpose of this exercise is to provide a high-level risk assessment that will contribute to valuating your IT environment. For a more in-depth risk assessment, please refer to the Info-Tech tools below:

  1. Risk Register Tool
  2. Security M&A Due Diligence Tool

Instructions

  1. Review the probability and impact scales below and ensure you have the appropriate criteria that align to your organization before you conduct a risk assessment.
  2. Identify the probability of occurrence and estimated financial impact for each risk category detail and fill out the table on the right. Customize the table as needed so it aligns to your organization.
  3. Probability of Risk Occurrence

    Occurrence Criteria
    (Classification; Probability of Risk Event Within One Year)

    Negligible Very Unlikely; ‹20%
    Very Low Unlikely; 20 to 40%
    Low Possible; 40 to 60%
    Moderately Low Likely; 60 to 80%
    Moderate Almost Certain; ›80%

Note: If needed, you can customize this scale with the severity designations that you prefer. However, make sure you are always consistent with it when conducting a risk assessment.

Financial & Reputational Impact

Budgetary and Reputational Implications
(Financial Impact; Reputational Impact)

Negligible (‹$10,000; Internal IT stakeholders aware of risk event occurrence)
Very Low ($10,000 to $25,000; Business customers aware of risk event occurrence)
Low ($25,000 to $50,000; Board of directors aware of risk event occurrence)
Moderately Low ($50,000 to $100,000; External customers aware of risk event occurrence)
Moderate (›$100,000; Media coverage or regulatory body aware of risk event occurrence)

Risk Category Details

Probability of Occurrence

Estimated Financial Impact

Estimated Severity (Probability X Impact)

Capacity Planning
Enterprise Architecture
Externally Originated Attack
Hardware Configuration Errors
Hardware Performance
Internally Originated Attack
IT Staffing
Project Scoping
Software Implementation Errors
Technology Evaluation and Selection
Physical Threats
Resource Threats
Personnel Threats
Technical Threats
Total:

1.2.2 Assess the IT/digital strategy

4 hours

Input: IT strategy, Digital strategy, Business strategy

Output: An understanding of an executive business stakeholder’s perception of IT, Alignment of IT/digital strategy and overall organization strategy

Materials: Computer, Whiteboard and markers, M&A Sell Playbook

Participants: IT executive/CIO, Business executive/CEO

The purpose of this activity is to review the business and IT strategies that exist to determine if there are critical capabilities that are not being supported.

Ideally, the IT and digital strategies would have been created following development of the business strategy. However, sometimes the business strategy does not directly call out the capabilities it requires IT to support.

  1. On the left half of the corresponding slide in the M&A Sell Playbook, document the business goals, initiatives, and capabilities. Input this information from the business or digital strategies. (If more space for goals, initiatives, or capabilities is needed, duplicate the slide).
  2. On the other half of the slide, document the IT goals, initiatives, and capabilities. Input this information from the IT strategy and digital strategy.

For additional support, see Build a Business-Aligned IT Strategy.

Record the results in the M&A Sell Playbook.

Proactive

Step 1.3

Drive Innovation and Suggest Growth Opportunities

Activities

  • 1.3.1 Determine pain points and opportunities
  • 1.3.2 Align goals with opportunities
  • 1.3.3 Recommend reduction opportunities

This step involves the following participants:

  • IT executive leader
  • IT leadership
  • Critical M&A stakeholders

Outcomes of Step

Establish strong relationships with critical M&A stakeholders and position IT as an innovative business partner that can suggest reduction opportunities.

1.3.1 Determine pain points and opportunities

1-2 hours

Input: CEO-CIO Alignment diagnostic, CIO Business Vision diagnostic, Valuation of IT environment, IT-business goals cascade

Output: List of pain points or opportunities that IT can address

Materials: Computer, Whiteboard and markers, M&A Sell Playbook

Participants: IT executive/CIO, IT senior leadership, Business stakeholders

The purpose of this activity is to determine the pain points and opportunities that exist for the organization. These can be external or internal to the organization.

  1. Identify what opportunities exist for your organization. Opportunities are the potential positives that the organization would want to leverage.
  2. Next, identify pain points, which are the potential negatives that the organization would want to alleviate.
  3. Spend time considering all the options that might exist, and keep in mind what has been identified previously.

Opportunities and pain points can be trends, other departments’ initiatives, business perspectives of IT, etc.

Record the results in the M&A Sell Playbook.

1.3.2 Align goals with opportunities

1-2 hours

Input: CEO-CIO Alignment diagnostic, CIO Business Vision diagnostic, Valuation of IT environment, IT-business goals cascade, List of pain points and opportunities

Output: An understanding of an executive business stakeholder’s perception of IT, Foundations for reduction strategy

Materials: Computer, Whiteboard and markers, M&A Sell Playbook

Participants: IT executive/CIO, IT senior leadership, Business stakeholders

The purpose of this activity is to determine whether a growth or separation strategy might be a good suggestion to the business in order to meet its business objectives.

  1. For the top three to five business goals, consider:
    1. Underlying drivers
    2. Digital opportunities
    3. Whether a growth or reduction strategy is the solution
  2. Just because a growth or reduction strategy is a solution for a business goal does not necessarily indicate M&A is the way to go. However, it is important to consider before you pursue suggesting M&A.

Record the results in the M&A Sell Playbook.

1.3.3 Recommend reduction opportunities

1-2 hours

Input: Growth or separation strategy opportunities to support business goals, Stakeholder communication plan, Rationale for the suggestion

Output: M&A transaction opportunities suggested

Materials: M&A Sell Playbook

Participants: IT executive/CIO, Business executive/CEO

The purpose of this activity is to recommend a merger, acquisition, or divestiture to the business.

  1. Identify which of the business goals the transaction would help solve and why IT is the one to suggest such a goal.
  2. Leverage the stakeholder communication plan identified previously to give insight into stakeholders who would have a significant level of interest, influence, or support in the process.

Info-Tech Insight

With technology and digital driving many transactions, leverage your organizations’ IT environment as an asset and reason why the divestiture or sale should happen, suggesting the opportunity yourself.

Record the results in the M&A Sell Playbook.

By the end of this Proactive phase, you should:

Be prepared to suggest M&A opportunities to support your company’s goals through sale or divestiture transactions

Key outcome from the Proactive phase

Develop progressive relationships and strong communication with key stakeholders to suggest or be aware of transformational opportunities that can be achieved through sale or divestiture strategies.

Key deliverables from the Proactive phase
  • Business perspective of IT examined
  • Key stakeholders identified and relationship to the M&A process outlined
  • Ability to valuate the IT environment and communicate IT’s value to the business
  • Assessment of the business, digital, and IT strategies and how M&As could support those strategies
  • Pain points and opportunities that could be alleviated or supported through an M&A transaction
  • Sale or divestiture recommendations

The Sell Blueprint

Phase 2

Discovery & Strategy

Phase 1

Phase 2

Phase 3Phase 4
  • 1.1 Identify Stakeholders and Their Perspective of IT
  • 1.2 Assess IT’s Current Value and Future State
  • 1.3 Drive Innovation and Suggest Reduction Opportunities
  • 2.1 Establish the M&A Program Plan
  • 2.2 Prepare IT to Engage in the Separation or Sale
  • 3.1 Engage in Due Diligence and Prepare Staff
  • 3.2 Prepare to Separate
  • 4.1 Execute the Transaction
  • 4.2 Reflection and Value Realization

This phase will walk you through the following activities:

  • Create the mission and vision
  • Identify the guiding principles
  • Create the future-state operating model
  • Determine the transition team
  • Document the M&A governance
  • Create program metrics
  • Establish the separation strategy
  • Conduct a RACI
  • Create the communication plan
  • Assess the potential organization(s)

This phase involves the following participants:

  • IT executive/CIO
  • IT senior leadership
  • Company M&A team

Workshop Overview

Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889

Pre-Work

Day 1

Day 2

Day 3

Day 4

Day 5

Establish the Transaction FoundationDiscover the Motivation for Divesting or SellingFormalize the Program PlanCreate the Valuation FrameworkStrategize the TransactionNext Steps and Wrap-Up (offsite)

Activities

  • 0.1 Conduct the CIO Business Vision and CEO-CIO Alignment diagnostics
  • 0.2 Identify key stakeholders and outline their relationship to the M&A process
  • 0.3 Identify the rationale for the company's decision to pursue a divestiture or sale
  • 1.1 Review the business rationale for the divestiture/sale
  • 1.2 Assess the IT/digital strategy
  • 1.3 Identify pain points and opportunities tied to the divestiture/sale
  • 1.4 Create the IT vision statement, create the IT mission statement, and identify IT guiding principles
  • 2.1 Create the future-state operating model
  • 2.2 Determine the transition team
  • 2.3 Document the M&A governance
  • 2.4 Establish program metrics
  • 3.1 Valuate your data
  • 3.2 Valuate your applications
  • 3.3 Valuate your infrastructure
  • 3.4 Valuate your risk and security
  • 3.5 Combine individual valuations to make a single framework
  • 4.1 Establish the separation strategy
  • 4.2 Conduct a RACI
  • 4.3 Review best practices for assessing target organizations
  • 4.4 Create the communication plan
  • 5.1 Complete in-progress deliverables from previous four days
  • 5.2 Set up review time for workshop deliverables and to discuss next steps

Deliverables

  1. Business perspectives of IT
  2. Stakeholder network map for M&A transactions
  1. Business context implications for IT
  2. IT’s divestiture/sale strategic direction
  1. Operating model for future state
  2. Transition team
  3. Governance structure
  4. M&A program metrics
  1. IT valuation framework
  1. Separation strategy
  2. RACI
  3. Communication plan
  1. Completed M&A program plan and strategy
  2. Prepared to assess target organization(s)

What is the Discovery & Strategy phase?

Pre-transaction state

The Discovery & Strategy phase during a sale or divestiture is a unique opportunity for many IT organizations. IT organizations that can participate in the transaction at this stage are likely considered a strategic partner of the business.

For one-off sales/divestitures, IT being invited during this stage of the process is rare. However, for organizations that are preparing to engage in many divestitures over the coming years, this type of strategy will greatly benefit from IT involvement. Again, the likelihood of participating in an M&A transaction is increasing, making it a smart IT leadership decision to, at the very least, loosely prepare a program plan that can act as a strategic pillar throughout the transaction.

During this phase of the pre-transaction state, IT may be asked to participate in ensuring that the IT environment is able to quickly and easily carve out components/business lines and deliver on service-level agreements (SLAs).

Goal: To identify a repeatable program plan that IT can leverage when selling or divesting all or parts of the current IT environment, ensuring customer satisfaction and business continuity

Discovery & Strategy Prerequisite Checklist

Before coming into the Discovery & Strategy phase, you should have addressed the following:

  • Understand the business perspective of IT.
  • Know the key stakeholders and have outlined their relationship to the M&A process.
  • Be able to valuate the IT environment and communicate IT's value to the business.
  • Understand the rationale for the company's decision to pursue a sale or divestiture and the opportunities or pain points the sale should address.

Discovery & Strategy

Step 2.1

Establish the M&A Program Plan

Activities

  • 2.1.1 Create the mission and vision
  • 2.1.2 Identify the guiding principles
  • 2.1.3 Create the future-state operating model
  • 2.1.4 Determine the transition team
  • 2.1.5 Document the M&A governance
  • 2.1.6 Create program metrics

This step involves the following participants:

  • IT executive/CIO
  • IT senior leadership
  • Company M&A team

Outcomes of Step

Establish an M&A program plan that can be repeated across sales/divestitures.

The vision and mission statements clearly articulate IT’s aspirations and purpose

The IT vision statement communicates a desired future state of the IT organization, whereas the IT mission statement portrays the organization’s reason for being. While each serves its own purpose, they should both be derived from the business context implications for IT.

Vision Statements

Mission Statements

Characteristics

  • Describe a desired future
  • Focus on ends, not means
  • Concise
  • Aspirational
  • Memorable
  • Articulate a reason for existence
  • Focus on how to achieve the vision
  • Concise
  • Easy to grasp
  • Sharply focused
  • Inspirational

Samples

To be a trusted advisor and partner in enabling business innovation and growth through an engaged IT workforce. (Source: Business News Daily) IT is a cohesive, proactive, and disciplined team that delivers innovative technology solutions while demonstrating a strong customer-oriented mindset. (Source: Forbes, 2013)

2.1.1 Create the mission and vision statements

2 hours

Input: Business objectives, IT capabilities, Rationale for the transaction

Output: IT’s mission and vision statements for reduction strategies tied to mergers, acquisitions, and divestitures

Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

Participants: IT executive/CIO, IT senior leadership, Company M&A team

The purpose of this activity is to create mission and vision statements that reflect IT’s intent and method to support the organization as it pursues a reduction strategy.

  1. Review the definitions and characteristics of mission and vision statements.
  2. Brainstorm different versions of the mission and vision statements.
  3. Edit the statements until you get to a single version of each that accurately reflects IT’s role in the reduction process.

Record the results in the M&A Sell Playbook.

Guiding principles provide a sense of direction

IT guiding principles are shared, long-lasting beliefs that guide the use of IT in constructing, transforming, and operating the enterprise by informing and restricting IT investment portfolio management, solution development, and procurement decisions.

A diagram illustrating the place of 'IT guiding principles' in the process of making 'Decisions on the use of IT'. There are four main items, connecting lines naming the type of process in getting from one step to the next, and a line underneath clarifying the questions asked at each step. On the far left, over the question 'What decisions should be made?', is 'Business context and IT implications'. This flows forward to 'IT guiding principles', and they are connected by 'Influence'. Next, over the question 'How should decisions be made?', is the main highlighted section. 'IT guiding principles' flows forward to 'Decisions on the use of IT', and they are connected by 'Guide and inform'. On the far right, over the question 'Who has the accountability and authority to make decisions?', is 'IT policies'. This flows back to 'Decisions on the use of IT', and they are connected by 'Direct and control'.

IT principles must be carefully constructed to make sure they are adhered to and relevant

Info-Tech has identified a set of characteristics that IT principles should possess. These characteristics ensure the IT principles are relevant and followed in the organization.

Approach focused. IT principles should be focused on the approach – how the organization is built, transformed, and operated – as opposed to what needs to be built, which is defined by both functional and non-functional requirements.

Business relevant. Create IT principles that are specific to the organization. Tie IT principles to the organization’s priorities and strategic aspirations.

Long lasting. Build IT principles that will withstand the test of time.

Prescriptive. Inform and direct decision making with actionable IT principles. Avoid truisms, general statements, and observations.

Verifiable. If compliance can’t be verified, people are less likely to follow the principle.

Easily Digestible. IT principles must be clearly understood by everyone in IT and by business stakeholders. IT principles aren’t a secret manuscript of the IT team. IT principles should be succinct; wordy principles are hard to understand and remember.

Followed. Successful IT principles represent a collection of beliefs shared among enterprise stakeholders. IT principles must be continuously communicated to all stakeholders to achieve and maintain buy-in.

In organizations where formal policy enforcement works well, IT principles should be enforced through appropriate governance processes.

Consider the example principles below

IT Principle Name

IT Principle Statement

1. Risk Management We will ensure that the organization’s IT Risk Management Register is properly updated to reflect all potential risks and that a plan of action against those risks has been identified.
2. Transparent Communication We will ensure employees are spoken to with respect and transparency throughout the transaction process.
3. Separation for Success We will create a carve-out strategy that enables the organization and clearly communicates the resources required to succeed.
4. Managed Data We will handle data creation, modification, separation, and use across the enterprise in compliance with our data governance policy.
5.Deliver Better Customer Service We will reduce the number of products offered by IT, enabling a stronger focus on specific products or elements to increase customer service delivery.
6. Compliance With Laws and Regulations We will operate in compliance with all applicable laws and regulations for both our organization and the potentially purchasing organization.
7. Defined Value We will create a plan of action that aligns with the organization’s defined value expectations.
8. Network Readiness We will ensure that employees and customers have immediate access to the network with minimal or no outages.
9. Value Generator We will leverage the current IT people, processes, and technology to turn the IT organization into a value generator by developing and selling our services to purchasing organizations.

2.1.2 Identify the guiding principles

2 hours

Input: Business objectives, IT capabilities, Rationale for the transaction, Mission and vision statements

Output: IT’s guiding principles for reduction strategies tied to mergers, acquisitions, and divestitures

Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

Participants: IT executive/CIO, IT senior leadership, Company M&A team

The purpose of this activity is to create the guiding principles that will direct the IT organization throughout the reduction strategy process.

  1. Review the role of guiding principles and the examples of guiding principles that organizations have used.
  2. Brainstorm different versions of the guiding principles. Each guiding principle should start with the phrase “We will…”
  3. Edit and consolidate the statements until you have a list of approximately eight to ten statements that accurately reflect IT’s role in the reduction process.
  4. Review the guiding principles every six months to ensure they continue to support the delivery of the business’ reduction strategy goals.

Record the results in the M&A Sell Playbook.

Create two IT teams to support the transaction

IT M&A Transaction Team

  • The IT M&A Transaction Team should consist of the strongest members of the IT team who can be expected to deliver on unusual or additional tasks not asked of them in normal day-to-day operations.
  • The roles selected for this team will have very specific skills sets or deliver on critical separation capabilities, making their involvement in the combination of two or more IT environments paramount.
  • These individuals need to have a history of proving themselves very trustworthy, as they will likely be required to sign an NDA as well.
  • Expect to have to certain duplicate capabilities or roles across the M&A Team and Operational Team.

IT Operational Team

  • This group is responsible for ensuring the business operations continue.
  • These employees might be those who are newer to the organization but can be counted on to deliver consistent IT services and products.
  • The roles of this team should ensure that end users or external customers remain satisfied.

Key capabilities to support M&A

Consider the following capabilities when looking at who should be a part of the IT Transaction Team.

Employees who have a significant role in ensuring that these capabilities are being delivered will be a top priority.

Infrastructure & Operations

  • System Separation
  • Data Management
  • Helpdesk/Desktop Support
  • Cloud/Server Management

Business Focus

  • Service-Level Management
  • Enterprise Architecture
  • Stakeholder Management
  • Project Management

Risk & Security

  • Privacy Management
  • Security Management
  • Risk & Compliance Management

Build a lasting and scalable operating model

An operating model is an abstract visualization, used like an architect’s blueprint, that depicts how structures and resources are aligned and integrated to deliver on the organization’s strategy.

It ensures consistency of all elements in the organizational structure through a clear and coherent blueprint before embarking on detailed organizational design.

The visual should highlight which capabilities are critical to attaining strategic goals and clearly show the flow of work so that key stakeholders can understand where inputs flow in and outputs flow out of the IT organization.

As you assess the current operating model, consider the following:

  • Does the operating model contain all the necessary capabilities your IT organization requires to be successful?
  • What capabilities should be duplicated?
  • Are there individuals with the skill set to support those roles? If not, is there a plan to acquire or develop those skills?
  • A dedicated project team strictly focused on M&A is great. However, is it feasible for your organization? If not, what blockers exist?
A diagram with 'Initiatives' and 'Solutions' on the left and right of an area chart, 'Customer' at the top, the area between them labelled 'Functional Area n', and six horizontal bars labelled 'IT Capability' stacked on top of each other. The 'IT Capability' bars are slightly skewed to the 'Solutions' side of the chart.

Info-Tech Insight

Investing time up-front getting the operating model right is critical. This will give you a framework to rationalize future organizational changes, allowing you to be more iterative and allowing your model to change as the business changes.

2.1.3 Create the future-state operating model

4 hours

Input: Current operating model, IT strategy, IT capabilities, M&A-specific IT capabilities, Business objectives, Rationale for the transaction, Mission and vision statements

Output: Future-state operating model for divesting organizations

Materials: Operating model, Capability overlay, Flip charts/whiteboard, Markers, M&A Sell Playbook

Participants: IT executive/CIO, IT senior leadership, Company M&A team

The purpose of this activity is to establish what the future-state operating model will be if your organization needs to adjust to support a divestiture transaction. If your organization plans to sell in its entirety, you may choose to skip this activity.

  1. Ensuring that all the IT capabilities are identified by the business and IT strategy, document your organization’s current operating model.
  2. Identify what core capabilities would be critical to the divesting transaction process and separation. Highlight and make copies of those capabilities in the M&A Sell Playbook. As a result of divesting, there may also be capabilities that will become irrelevant in your future state.
  3. Ensure the capabilities that will be decentralized are clearly identified. Decentralized capabilities do not exist within the central IT organization but rather in specific lines of businesses, products, or locations to better understand needs and deliver on the capability.

An example operating model is included in the M&A Sell Playbook. This process benefits from strong reference architecture and capability mapping ahead of time.

Record the results in the M&A Sell Playbook.

2.1.4 Determine the transition team

3 hours

Input: IT capabilities, Future-state operating model, M&A-specific IT capabilities, Business objectives, Rationale for the transaction, Mission and vision statements

Output: Transition team

Materials: Reference architecture, Organizational structure, Flip charts/whiteboard, Markers

Participants: IT executive/CIO, IT senior leadership, Company M&A team

The purpose of this activity is to create a team that will support your IT organization throughout the transaction. Determining which capabilities and therefore which roles will be required ensures that the business will continue to get the operational support it needs.

  1. Based on the outcome of activity 2.1.3, review the capabilities that your organization will require on the transition team. Group capabilities into functional groups containing capabilities that are aligned well with one another because they have similar responsibilities and functionalities.
  2. Replace the capabilities with roles. For example, stakeholder management, requirements gathering, and project management might be one functional group. Project management and stakeholder management might combine to create a project manager role.
  3. Review the examples in the M&A Sell Playbook and identify which roles will be a part of the transition team.

For more information, see Redesign Your Organizational Structure

What is governance?

And why does it matter so much to IT and the M&A process?

  • Governance is the method in which decisions get made, specifically as they impact various resources (time, money, and people).
  • Because M&A is such a highly governed transaction, it is important to document the governance bodies that exist in your organization.
  • This will give insight into what types of governing bodies there are, what decisions they make, and how that will impact IT.
  • For example, funds to support separation need to be discussed, approved, and supplied to IT from a governing body overseeing the acquisition.
  • A highly mature IT organization will have automated governance, while a seemingly non-existent governance process will be considered ad hoc.
A pyramid with four levels representing the types of governing bodies that are available with differing levels of IT maturity. An arrow beside the pyramid points upward. The bottom of the arrow is labelled 'Traditional (People and document centric)' and the top is labelled 'Adaptive (Data centric)'. Starting at the bottom of the pyramid is level 1 'Ad Hoc Governance', 'Governance that is not well defined or understood within the organization. It occurs out of necessity but often not by the right people'. Level 2 is 'Controlled Governance', 'Governance focused on compliance and decisions driven by hierarchical authority. Levels of authority are defined and often driven by regulatory'. Level 3 is 'Agile Governance', 'Governance that is flexible to support different needs and quick response in the organization. Driven by principles and delegated throughout the company'. At the top of the pyramid is level 4 'Automated Governance', 'Governance that is entrenched and automated into organizational processes and product/service design. Empowered and fully delegated governance to maintain fit and drive organizational success and survival'.

2.1.5 Document M&A governance

1-2 hours

Input: List of governing bodies, Governing body committee profiles, Governance structure

Output: Documented method on how decisions are made as it relates to the M&A transaction

Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

Participants: IT executive/CIO, IT senior leadership, Company M&A team

The purpose of this activity is to determine the method in which decisions are made throughout the M&A transaction as it relates to IT. This will require understanding both governing bodies internal to IT and those external to IT.

  1. First, determine the other governance structures within the organization that will impact the decisions made about M&A. List out these bodies or committees.
  2. Create a profile for each committee that looks at the membership, purpose of the committee, decision areas (authority), and the process of inputs and outputs. Ensure IT committees that will have a role in this process are also documented. Consider the benefits realized, risks, and resources required for each.
  3. Organize the committees into a structure, identifying the committees that have a role in defining the strategy, designing and building, and running.

Record the results in the M&A Sell Playbook.

Current-state structure map – definitions of tiers

Strategy: These groups will focus on decisions that directly connect to the strategic direction of the organization.

Design & Build: The second tier of groups will oversee prioritization of a certain area of governance as well as design and build decisions that feed into strategic decisions.

Run: The lowest level of governance will be oversight of more-specific initiatives and capabilities within IT.

Expect tier overlap. Some committees will operate in areas that cover two or three of these governance tiers.

Measure the IT program’s success in terms of its ability to support the business’ M&A goals

Upper management will measure IT’s success based on your ability to support the underlying reasons for the M&A. Using business metrics will help assure business stakeholders that IT understands their needs and is working with the business to achieve them.

Business-Specific Metrics

  • Revenue Growth: Increase in the top line as seen by market expansion, product expansion, etc. by percentage/time.
  • Synergy Extraction: Reduction in costs as determined by the ability to identify and eliminate redundancies over time.
  • Profit Margin Growth: Increase in the bottom line as a result of increased revenue growth and/or decreased costs over time.

IT-Specific Metrics

  • IT operational savings and cost reductions due to synergies: Operating expenses, capital expenditures, licenses, contracts, applications, infrastructure over time.
  • Reduction in IT staff expense and headcount: Decreased budget allocated to IT staff, and ability to identify and remove redundancies in staff.
  • Meeting or improving on IT budget estimates: Delivering successful IT separation on a budget that is the same or lower than the budget estimated during due diligence.
  • Meeting or improving on IT time-to-separation estimates: Delivering successful IT carve-out on a timeline that is the same or shorter than the timeline estimated during due diligence.
  • Business capability support: Delivering the end state of IT that supports the expected business capabilities and growth.

Establish your own metrics to gauge the success of IT

Establish SMART M&A Success Metrics

S pecific Make sure the objective is clear and detailed.
M easurable Objectives are measurable if there are specific metrics assigned to measure success. Metrics should be objective.
A ctionable Objectives become actionable when specific initiatives designed to achieve the objective are identified.
R ealistic Objectives must be achievable given your current resources or known available resources.
T ime-Bound An objective without a timeline can be put off indefinitely. Furthermore, measuring success is challenging without a timeline.
  • What should IT consider when looking to identify potential additions, deletions, or modifications that will either add value to the organization or reduce costs/risks?
  • Provide a definition of synergies.
  • IT operational savings and cost reductions due to synergies: Operating expenses, capital expenditures, licenses, contracts, applications, infrastructure.
  • Reduction in IT staff expense and headcount: Decreased budget allocated to IT staff, and ability to identify and remove redundancies in staff.
  • Meeting or improving on IT budget estimates: Delivering successful IT separation on a budget that is the same or lower than the budget estimated during due diligence.
  • Meeting or improving on IT time-to-separation estimates: Delivering successful IT carve-out on a timeline that is the same or shorter than the timeline estimated during due diligence.
  • Revenue growth: Increase in the top line as a result, as seen by market expansion, product expansion, etc., as a result of divesting lines of the business and selling service-level agreements to the purchasing organization.
  • Synergy extraction: Reduction in costs, as determined by the ability to identify and eliminate redundancies.
  • Profit margin growth: Increase in the bottom line as a result of increased revenue growth and/or decreased costs.

Metrics for each phase

1. Proactive

2. Discovery & Strategy

3. Valuation & Due Diligence

4. Execution & Value Realization

  • % Share of business innovation spend from overall IT budget
  • % Critical processes with approved performance goals and metrics
  • % IT initiatives that meet or exceed value expectation defined in business case
  • % IT initiatives aligned with organizational strategic direction
  • % Satisfaction with IT's strategic decision-making abilities
  • $ Estimated business value added through IT-enabled innovation
  • % Overall stakeholder satisfaction with IT
  • % Percent of business leaders that view IT as an Innovator
  • % IT budget as a percent of revenue
  • % Assets that are not allocated
  • % Unallocated software licenses
  • # Obsolete assets
  • % IT spend that can be attributed to the business (chargeback or showback)
  • % Share of CapEx of overall IT budget
  • % Prospective organizations that meet the search criteria
  • $ Total IT cost of ownership (before and after M&A, before and after rationalization)
  • % Business leaders that view IT as a Business Partner
  • % Defects discovered in production
  • $ Cost per user for enterprise applications
  • % In-house-built applications vs. enterprise applications
  • % Owners identified for all data domains
  • # IT staff asked to participate in due diligence
  • Change to due diligence
  • IT budget variance
  • Synergy target
  • % Satisfaction with the effectiveness of IT capabilities
  • % Overall end-customer satisfaction
  • $ Impact of vendor SLA breaches
  • $ Savings through cost-optimization efforts
  • $ Savings through application rationalization and technology standardization
  • # Key positions empty
  • % Frequency of staff turnover
  • % Emergency changes
  • # Hours of unplanned downtime
  • % Releases that cause downtime
  • % Incidents with identified problem record
  • % Problems with identified root cause
  • # Days from problem identification to root cause fix
  • % Projects that consider IT risk
  • % Incidents due to issues not addressed in the security plan
  • # Average vulnerability remediation time
  • % Application budget spent on new build/buy vs. maintenance (deferred feature implementation, enhancements, bug fixes)
  • # Time (days) to value realization
  • % Projects that realized planned benefits
  • $ IT operational savings and cost reductions that are related to synergies/divestitures
  • % IT staff–related expenses/redundancies
  • # Days spent on IT separation
  • $ Accurate IT budget estimates
  • % Revenue growth directly tied to IT delivery
  • % Profit margin growth

2.1.6 Create program metrics

1-2 hours

Input: IT capabilities, Mission, vision, and guiding principles, Rationale for the acquisition

Output: Program metrics to support IT throughout the M&A process

Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

Participants: IT executive/CIO, IT senior leadership, Company M&A team

The purpose of this activity is to determine how IT’s success throughout a growth transaction will be measured and determined.

  1. Document a list of appropriate metrics on the whiteboard. Remember to include metrics that demonstrate the business impact. You can use the sample metrics listed on the previous slide as a starting point.
  2. Set a target and deadline for each metric. This will help the group determine when it is time to evaluate progression.
  3. Establish a baseline for each metric based on information collected within your organization.
  4. Assign an owner for tracking each metric as well as someone to be accountable for performance.

Record the results in the M&A Sell Playbook.

Discovery & Strategy

Step 2.2

Prepare IT to Engage in the Separation or Sale

Activities

  • 2.2.1 Establish the separation strategy
  • 2.2.2 Conduct a RACI
  • 2.2.3 Create the communication plan
  • 2.2.4 Assess the potential organization(s)

This step involves the following participants:

  • IT executive/CIO
  • IT senior leadership
  • Company M&A team

Outcomes of Step

Identify IT’s plan of action when it comes to the separation/sale and align IT’s separation/sale strategy with the business’ M&A strategy.

Separation strategies

There are several IT separation strategies that will let you achieve your target technology environment.

IT Separation Strategies
  • Divest. Carve out elements of the IT organization and sell them to a purchasing organization with or without a service-level agreement.
  • Sell. Sell the entire IT environment to a purchasing organization. The purchasing organization takes full responsibility in delivering and running the IT environment.
  • Spin-Off Joint Venture. Carve out elements of the IT organization and combine them with elements of a new or purchasing organization to create a new entity.

The approach IT takes will depend on the business objectives for the M&A.

  • Generally speaking, the separation strategy is well understood and influenced by the frequency of and rationale for selling.
  • Based on the initiatives generated by each business process owner, you need to determine the IT separation strategy that will best support the desired target technology environment, especially if you are still operating or servicing elements of that IT environment.

Key considerations when choosing an IT separation strategy include:

  • What are the main business objectives of the M&A?
  • What are the key synergies expected from the transaction?
  • What IT separation strategy best helps obtain these benefits?
  • What opportunities exist to position the business for sustainable and long-term growth?

Separation strategies in detail

Review highlights and drawbacks of different separation strategies

Divest
    Highlights
  • Recommended for businesses striving to reduce costs and potentially even generate revenue for the business through the delivery of SLAs.
  • Opportunity to reduce or scale back on lines of business or products that are not driving profits.
    Drawbacks
  • May be forced to give up critical staff that have been known to deliver high value.
  • The IT department is left to deliver services to the purchasing organization with little support or consideration from the business.
  • There can be increased risk and security concerns that need to be addressed.
Sell
    Highlights
  • Recommended for businesses looking to gain capital to exit the market profitably or to enter a new market with a large sum of capital.
  • The business will no longer exist, and as a result all operational costs, including IT, will become redundant.
    Drawbacks
  • IT is no longer needed as an operating or capital service for the organization.
  • Lost resources, including highly trained and critical staff.
  • May require packaging employees off and using the profit or capital generated to cover any closing costs.
Spin-Off or Joint Venture
    Highlights
  • Recommended for businesses looking to expand their market presence or acquire new products. Essentially aligning the two organizations in the same market.
  • Each side has a unique offering but complementing capabilities.
    Drawbacks
  • As much as the organization is going through a separation from the original company, it will be going through an integration with the new company.
  • There could be differences in culture.
  • This could require a large amount of investment without a guarantee of profit or success.

2.2.1 Establish the separation strategy

1-2 hours

Input: Business separation strategy, Guiding principles, M&A governance

Output: IT’s separation strategy

Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

Participants: IT executive/CIO, IT senior leadership, Company M&A team

The purpose of this activity is to determine IT’s approach to separating or selling. This approach might differ slightly from transaction to transaction. However, the businesses approach to transactions should give insight into the general separation strategy IT should adopt.

  1. Make sure you have clearly articulated the business objectives for the M&A, the technology end state for IT, and the magnitude of the overall separation.
  2. Review and discuss the highlights and drawbacks of each type of separation.
  3. Use Info-Tech’s Separation Posture Selection Framework on the next slide to select the separation posture that will appropriately enable the business. Consider these questions during your discussion:
    1. What are the main business objectives of the M&A? What key IT capabilities will need to support business objectives?
    2. What key synergies are expected from the transaction? What opportunities exist to position the business for sustainable growth?
    3. What IT separation best helps obtain these benefits?

Record the results in the M&A Sell Playbook.

Separation Posture Selection Framework

Business M&A Strategy

Resultant Technology Strategy

M&A Magnitude (% of Seller Assets, Income, or Market Value)

IT Separation Posture

A. Horizontal Adopt One Model ‹100% Divest
›99% Sell
B. Vertical Create Links Between Critical Systems Any Divest
C. Conglomerate Independent Model Any Joint Venture
Divest
D. Hybrid: Horizontal & Conglomerate Create Links Between Critical Systems Any Divest
Joint Venture

M&A separation strategy

Business M&A Strategy Resultant Technology Strategy M&A Magnitude (% of Seller Assets, Income, or Market Value) IT Separation Posture

You may need a hybrid separation posture to achieve the technology end state.

M&A objectives may not affect all IT domains and business functions in the same way. Therefore, the separation requirements for each business function may differ. Organizations will often choose to select and implement a hybrid separation posture to realize the technology end state.

Each business division may have specific IT domain and capability needs that require an alternative separation strategy.

  • Example: Even when conducting a joint venture by forming a new organization, some partners might view themselves as the dominant partner and want to influence the IT environment to a greater degree.
  • Example: Some purchasing organizations will expect service-level agreements to be available for a significant period of time following the divestiture, while others will be immediately independent.

2.2.2 Conduct a RACI

1-2 hours

Input: IT capabilities, Transition team, Separation strategy

Output: Completed RACI for Transition team

Materials: Reference architecture, Organizational structure, Flip charts/whiteboard, Markers, M&A Sell Playbook

Participants: IT executive/CIO, IT senior leadership, Company M&A team

The purpose of this activity is to identify the core accountabilities and responsibilities for the roles identified as critical to your transition team. While there might be slight variation from transaction to transaction, ideally each role should be performing certain tasks.

  1. First, identify a list of critical tasks that need to be completed to support the sale or separation. For example:
    • Communicate with the company M&A team.
    • Identify the key IT solutions that can and cannot be carved out.
    • Gather data room artifacts and provide them to acquiring organization.
  2. Next, identify at the activity level which role is accountable or responsible for each activity. Enter an A for accountable, R for responsible, or A/R for both.

Record the results in the M&A Sell Playbook.

Communication and change

Prepare key stakeholders for the potential changes

  • Anytime you are starting a project or program that will depend on users and stakeholders to give up their old way of doing things, change will force people to become novices again, leading to lost productivity and added stress.
  • Change management can improve outcomes for any project where you need people to adopt new tools and procedures, comply with new policies, learn new skills and behaviors, or understand and support new processes.
  • M&As move very quickly, and it can be very difficult to keep track of which stakeholders you need to be communicating with and what you should be communicating.
  • Not all organizations embrace or resist change in the same ways. Base your change communications on your organization’s cultural appetite for change in general.
    • Organizations with a low appetite for change will require more direct, assertive communications.
    • Organizations with a high appetite for change are more suited to more open, participatory approaches.

Three key dimensions determine the appetite for cultural change:

  • Power Distance. Refers to the acceptance that power is distributed unequally throughout the organization.
    In organizations with a high power distance, the unequal power distribution is accepted by the less powerful employees.
  • Individualism. Organizations that score high in individualism have employees who are more independent. Those who score low in individualism fall into the collectivism side, where employees are strongly tied to one another or their groups.
  • Uncertainty Avoidance. Describes the level of acceptance that an organization has toward uncertainty. Those who score high in this area find that their employees do not favor uncertain situations, while those that score low in this area find that their employees are comfortable with change and uncertainty.

2.2.3 Create the communication plan

1-2 hours

Input: IT’s M&A mission, vision, and guiding principles, M&A transition team, IT separation strategy, RACI

Output: IT’s M&A communication plan

Materials: Flip charts/whiteboard, Markers, RACI, M&A Sell Playbook

Participants: IT executive/CIO, IT senior leadership, Company M&A team

The purpose of this activity is to create a communication plan that IT can leverage throughout the initiative.

  1. Create a structured communication plan that allows for continuous communication with the integration management office, senior management, and the business functional heads.
  2. Outline key topics of communication, with stakeholders, inputs, and outputs for each topic.
  3. Review Info-Tech’s example communication plan in the M&A Sell Playbook and update it with relevant information.
  4. Does this communication plan make sense for your organization? What doesn’t make sense? Adjust the communication guide to suit your organization.

Record the results in the M&A Sell Playbook.

Assessing potential organizations

As soon as you have identified organizations to consider, it’s imperative to assess critical risks. Most IT leaders can attest that they will receive little to no notice when the business is pursuing a sale and IT has to assess the IT organization. As a result, having a standardized template to quickly assess the potential acquiring organization is important.

Ways to Assess

  1. News: Assess what sort of news has been announced in relation to the organization. Have they had any risk incidents? Has a critical vendor announced working with them?
  2. LinkedIn: Scan through the LinkedIn profiles of employees. This will give you a sense of what platforms they have based on employees. It will also give insight into positive or negative employee experiences that could impact retention.
  3. Trends: Some industries will have specific solutions that are relevant and popular. Assess what the key players are (if you don’t already know) to determine the solution.
  4. Business Architecture: While this assessment won’t perfect, try to understand the business’ value streams and the critical business and IT capabilities that would be needed to support them. Will your organization or employee skills be required to support these long term?

Info-Tech Insight

Assessing potential organizations is not just for the purchaser. The seller should also know what the purchasing organization’s history with M&As is and what potential risks could occur if remaining connected through ongoing SLAs.

2.2.4 Assess the potential organization(s)

1-2 hours

Input: Publicized historical risk events, Solutions and vendor contracts likely in the works, Trends

Output: IT’s valuation of the potential organization(s) for selling or divesting

Materials: M&A Sell Playbook

Participants: IT executive/CIO

The purpose of this activity is to assess the organization(s) that your organization is considering selling or divesting to.

  1. Complete the Historical Valuation Worksheet in the M&A Sell Playbook to understand the type of IT organization that your company may support.
    • The business likely isn’t looking for in-depth details at this time. However, as the IT leader, it is your responsibility to ensure critical risks are identified and communicated to the business.
  2. Use the information identified to help the business narrow down which organizations could be the right organizations to sell or divest to.

Record the results in the M&A Sell Playbook.

By the end of this pre-transaction phase you should:

Have a program plan for M&As and a repeatable M&A strategy for IT when engaging in reduction transactions

Key outcomes from the Discovery & Strategy phase
  • Prepare the IT environment to support the potential sale or divestiture by identifying critical program plan elements and establishing a separation or carve-out strategy that will enable the business to reach its goals.
  • Create a M&A strategy that accounts for all the necessary elements of a transaction and ensures sufficient governance, capabilities, and metrics exist.
Key deliverables from the Discovery & Strategy phase
  • Create vision and mission statements
  • Establish guiding principles
  • Create a future-state operating model
  • Identify the key roles for the transaction team
  • Identify and communicate the M&A governance
  • Determine target metrics
  • Identify the M&A operating model
  • Select the separation strategy framework
  • Conduct a RACI for key transaction tasks for the transaction team
  • Document the communication plan

M&A Sell Blueprint

Phase 3

Due Diligence & Preparation

Phase 1Phase 2

Phase 3

Phase 4
  • 1.1 Identify Stakeholders and Their Perspective of IT
  • 1.2 Assess IT’s Current Value and Future State
  • 1.3 Drive Innovation and Suggest Reduction Opportunities
  • 2.1 Establish the M&A Program Plan
  • 2.2 Prepare IT to Engage in the Separation or Sale
  • 3.1 Engage in Due Diligence and Prepare Staff
  • 3.2 Prepare to Separate
  • 4.1 Execute the Transaction
  • 4.2 Reflection and Value Realization

This phase will walk you through the following activities:

  • Drive value with a due diligence charter
  • Gather data room artifacts
  • Measure staff engagement
  • Assess culture
  • Create a carve-out roadmap
  • Prioritize separation tasks
  • Establish the separation roadmap
  • Identify the buyer’s IT expectations
  • Create a service/transaction agreement
  • Estimate separation costs
  • Create an employee transition plan
  • Create functional workplans for employees
  • Align project metrics with identified tasks

This phase involves the following participants:

  • IT executive/CIO
  • IT senior leadership
  • Company M&A team
  • Business leaders
  • Purchasing organization
  • Transition team

Workshop Overview

Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889

Pre-Work

Day 1

Day 2

Day 3

Day 4

Day 5

Establish the Transaction FoundationDiscover the Motivation for SeparationIdentify Expectations and Create the Carve-Out RoadmapPrepare and Manage EmployeesPlan the Separation RoadmapNext Steps and Wrap-Up (offsite)

Activities

  • 0.1 Identify the rationale for the company's decision to pursue a divestiture/sale.
  • 0.2 Identify key stakeholders and determine the IT transaction team.
  • 0.3 Gather and evaluate the M&A strategy, future-state operating model, and governance.
  • 1.1 Review the business rationale for the divestiture/sale.
  • 1.2 Identify pain points and opportunities tied to the divestiture/sale.
  • 1.3 Establish the separation strategy.
  • 1.4 Create the due diligence charter.
  • 2.1 Identify the buyer’s IT expectations.
  • 2.2 Create a list of IT artifacts to be reviewed in the data room.
  • 2.3 Create a carve-out roadmap.
  • 2.4 Create a service/technical transaction agreement.
  • 3.1 Measure staff engagement.
  • 3.2 Assess the current culture and identify the goal culture.
  • 3.3 Create an employee transition plan.
  • 3.4 Create functional workplans for employees.
  • 4.1 Prioritize separation tasks.
  • 4.2 Establish the separation roadmap.
  • 4.3 Establish and align project metrics with identified tasks.
  • 4.4 Estimate separation costs.
  • 5.1 Complete in-progress deliverables from previous four days.
  • 5.2 Set up review time for workshop deliverables and to discuss next steps.

Deliverables

  1. IT strategy
  2. IT operating model
  3. IT governance structure
  4. M&A transaction team
  1. Business context implications for IT
  2. Separation strategy
  3. Due diligence charter
  1. Data room artifacts identified
  2. Carve-out roadmap
  3. Service/technical transaction agreement
  1. Engagement assessment
  2. Culture assessment
  3. Employee transition plans and workplans
  1. Separation roadmap and associated resourcing
  1. Divestiture separation strategy for IT

What is the Due Diligence & Preparation phase?

Mid-transaction state

The Due Diligence & Preparation phase during a sale or divestiture is a critical time for IT. If IT fails to proactively participate in this phase, IT will have to merely react to separation expectations set by the business.

If your organization is being sold in its entirety, staff will have major concerns about their future in the new organization. Making this transition as smooth as possible and being transparent could go a long way in ensuring their success in the new organization.

In a divestiture, this is the time to determine where it’s possible for the organization to divide or separate from itself. A lack of IT involvement in these conversations could lead to an overcommitment by the business and under-delivery by IT.

Goal: To ensure that, as the selling or divesting organization, you comply with regulations, prepare staff for potential changes, and identify a separation strategy if necessary

Due Diligence Prerequisite Checklist

Before coming into the Due Diligence & Preparation phase, you must have addressed the following:

  • Understand the rationale for the company's decision to pursue a sale or divestiture and what opportunities or pain points the sale should alleviate.
  • Identify the key roles for the transaction team.
  • Identify the M&A governance.
  • Determine target metrics.
  • Select a separation strategy framework.
  • Conduct a RACI for key transaction tasks for the transaction team.

Before coming into the Due Diligence & Preparation phase, we recommend addressing the following:

  • Create vision and mission statements.
  • Establish guiding principles.
  • Create a future-state operating model.
  • Identify the M&A operating model.
  • Document the communication plan.
  • Examine the business perspective of IT.
  • Identify key stakeholders and outline their relationship to the M&A process.
  • Be able to valuate the IT environment and communicate IT’s value to the business.

The Technology Value Trinity

Delivery of Business Value & Strategic Needs

  • Digital & Technology Strategy
    The identification of objectives and initiatives necessary to achieve business goals.
  • IT Operating Model
    The model for how IT is organized to deliver on business needs and strategies.
  • Information & Technology Governance
    The governance to ensure the organization and its customers get maximum value from the use of information and technology.

All three elements of the Technology Value Trinity work in harmony to deliver business value and achieve strategic needs. As one changes, the others need to change as well.

  • Digital and IT Strategy tells you what you need to achieve to be successful.
  • IT Operating Model and Organizational Design is the alignment of resources to deliver on your strategy and priorities.
  • Information & Technology Governance is the confirmation of IT’s goals and strategy, which ensures the alignment of IT and business strategy. It’s the mechanism by which you continuously prioritize work to ensure that what is delivered is in line with the strategy. This oversight evaluates, directs, and monitors the delivery of outcomes to ensure that the use of resources results in the achieving the organization’s goals.

Too often strategy, operating model and organizational design, and governance are considered separate practices. As a result, “strategic documents” end up being wish lists, and projects continue to be prioritized based on who shouts the loudest – not based on what is in the best interest of the organization.

Due Diligence & Preparation

Step 3.1

Engage in Due Diligence and Prepare Staff

Activities

  • 3.1.1 Drive value with a due diligence charter
  • 3.1.2 Gather data room artifacts
  • 3.1.3 Measure staff engagement
  • 3.1.4 Assess culture

This step involves the following participants:

  • IT executive/CIO
  • IT senior leadership
  • Company M&A team
  • Business leaders
  • Prospective IT organization
  • Transition team

Outcomes of Step

This step of the process is when IT should prepare and support the business in due diligence and gather the necessary information about staff changes.

3.1.1 Drive value with a due diligence charter

1-2 hours

Input: Key roles for the transaction team, M&A governance, Target metrics, Selected separation strategy framework, RACI of key transaction tasks for the transaction team

Output: IT Due Diligence Charter

Materials: M&A Sell Playbook

Participants: IT executive/CIO, IT senior leadership, Company M&A team

The purpose of this activity is to create a charter leveraging the items completed in the previous phase, as listed on the Due Diligence Prerequisite Checklist slide, to gain executive sign-off.

  1. In the IT Due Diligence Charter in the M&A Sell Playbook, complete the aspects of the charter that are relevant for you and your organization.
  2. We recommend including these items in the charter:
    • Communication plan
    • Transition team roles
    • Goals and metrics for the transaction
    • Separation strategy
    • Sale/divestiture RACI
  3. Once the charter has been completed, ensure that business executives agree to the charter and sign off on the plan of action.

Record the results in the M&A Sell Playbook.

3.1.2 Gather data room artifacts

4 hours

Input: Future-state operating model, M&A governance, Target metrics, Selected separation strategy framework, RACI of key transaction tasks for the transaction team

Output: List of items to acquire and verify can be provided to the purchasing organization while in the data room

Materials: Critical domain lists on following slides, M&A Sell Playbook

Participants: IT executive/CIO, IT senior leadership, Company M&A team, Transition team, Legal team, Compliance/privacy officers

The purpose of this activity is to create a list of the key artifacts that you could be asked for during the due diligence process.

  1. Review the lists on the following pages as a starting point. Identify which domains, stakeholders, artifacts, and information should be requested for the data room.
  2. IT leadership may or may not be asked to enter the data room directly. The short notice for having to find these artifacts for the purchasing organization can leave your IT organization scrambling. Identify the critical items worth obtaining ahead of time.
  3. Once you have identified the artifacts, provide the list to the legal team or compliance/privacy officers and ensure they also agree those items can be provided. If changes to the documents need to be made, take the time to do so.
  4. Store all items in a safe and secure file or provide to the M&A team ahead of due diligence.

**Note that if your organization is not leading/initiating the data room, then you can ignore this activity.

Record the results in the M&A Sell Playbook.

Critical domains

Understand the key stakeholders and outputs for each domain

Domain

Stakeholders

Key Artifacts

Key Information to request

Business
  • Enterprise Architecture
  • Business Relationship Manager
  • Business Process Owners
  • Business capability map
  • Capability map (the M&A team should be taking care of this, but make sure it exists)
  • Business satisfaction with various IT systems and services
Leadership/IT Executive
  • CIO
  • CTO
  • CISO
  • IT budgets
  • IT capital and operating budgets (from current year and previous year)
Data & Analytics
  • Chief Data Officer
  • Data Architect
  • Enterprise Architect
  • Master data domains, system of record for each
  • Unstructured data retention requirements
  • Data architecture
  • Master data domains, sources, and storage
  • Data retention requirements
Applications
  • Applications Manager
  • Application Portfolio Manager
  • Application Architect
  • Applications map
  • Applications inventory
  • Applications architecture
  • Copy of all software license agreements
  • Copy of all software maintenance agreements
Infrastructure
  • Head of Infrastructure
  • Enterprise Architect
  • Infrastructure Architect
  • Infrastructure Manager
  • Infrastructure map
  • Infrastructure inventory
  • Network architecture (including which data centers host which infrastructure and applications)
  • Inventory (including separation capabilities of vendors, versions, switches, and routers)
  • Copy of all hardware lease or purchase agreements
  • Copy of all hardware maintenance agreements
  • Copy of all outsourcing/external service provider agreements
  • Copy of all service-level agreements for centrally provided, shared services and systems
Products and Services
  • Product Manager
  • Head of Customer Interactions
  • Product lifecycle
  • Product inventory
  • Customer market strategy

Critical domains (continued)

Understand the key stakeholders and outputs for each domain

Domain

Stakeholders

Key Artifacts

Key Information to request

Operations
  • Head of Operations
  • Service catalog
  • Service overview
  • Service owners
  • Access policies and procedures
  • Availability and service levels
  • Support policies and procedures
  • Costs and approvals (internal and customer costs)
IT Processes
  • CIO
  • IT Management
  • VP of IT Governance
  • VP of IT Strategy
  • IT process flow diagram
  • Processes in place and productivity levels (capacity)
  • Critical processes/processes the organization feels they do particularly well
IT People
  • CIO
  • VP of Human Resources
  • IT organizational chart
  • Competency & capacity assessment
  • IT organizational structure (including resources from external service providers such as contractors) with appropriate job descriptions or roles and responsibilities
  • IT headcount and location
Security
  • CISO
  • Security Architect
  • Security posture
  • Information security staff
  • Information security service providers
  • Information security tools
  • In-flight information security projects
Projects
  • Head of Projects
  • Project portfolio
  • List of all future, ongoing, and recently completed projects
Vendors
  • Head of Vendor Management
  • License inventory
  • Inventory (including what will and will not be transitioning, vendors, versions, number of licenses)

Retain top talent throughout the transition

Focus on retention and engagement

  • People are such a critical component of this process, especially in the selling organization.
  • Retaining employees, especially the critical employees who hold specific skills or knowledge, will ensure the success and longevity of the divesting organization, purchasing organization, or the new company.
  • Giving employees a role in the organization and ensuring they do not see their capabilities as redundant will be critical to the process.
  • It is okay if employees need to change what they were doing temporarily or even long-term. However, being transparent about these changes and highlighting their value to the process and organization(s) will help.
  • The first step to moving forward with retention is to look at the baseline engagement and culture of employees and the organization. This will help determine where to focus and allow you to identify changes in engagement that resulted from the transaction.
  • Job engagement drivers are levers that influence the engagement of employees in their day-to-day roles.
  • Organizational engagement drivers are levers that influence an employee’s engagement with the broader organization.
  • Retention drivers are employment needs. They don’t necessarily drive engagement, but they must be met for engagement to be possible.

3.1.3 Measure staff engagement

3-4 hours

Input: Engagement survey

Output: Baseline engagement scores

Materials: Build an IT Employee Engagement Program

Participants: IT executive/CIO, IT senior leadership, IT employees of current organization

The purpose of this activity is to measure current staff engagement to have a baseline to measure against in the future state. This is a good activity to complete if you will be divesting or selling in entirety.

The results from the survey should act as a baseline to determine what the organization is doing well in terms of employee engagement and what drivers could be improved upon.

  1. Review Info-Tech’s Build an IT Employee Engagement Program research and select a survey that will best meet your needs.
  2. Conduct the survey and note which drivers employees are currently satisfied with. Likewise, note where there are opportunities.
  3. Document actions that should be taken to mitigate the negative engagement drivers throughout the transaction and enhance or maintain the positive engagement drivers.

Record the results in the M&A Sell Playbook.

Assess culture as a part of engagement

Culture should not be overlooked, especially as it relates to the separation of IT environments

  • There are three types of culture that need to be considered.
  • Most importantly, this transition is an opportunity to change the culture that might exist in your organization’s IT environment.
  • Make a decision on which type of culture you’d like IT to have post transition.

Target Organization's Culture. The culture that the target organization is currently embracing. Their established and undefined governance practices will lend insight into this.

Your Organization’s Culture. The culture that your organization is currently embracing. Examine people’s attitudes and behaviors within IT toward their jobs and the organization.

Ideal Culture. What will the future culture of the IT organization be once separation is complete? Are there aspects that your current organization and the target organization embrace that are worth considering?

Culture categories

Map the results of the IT Culture Diagnostic to an existing framework

Competitive
  • Autonomy
  • Confront conflict directly
  • Decisive
  • Competitive
  • Achievement oriented
  • Results oriented
  • High performance expectations
  • Aggressive
  • High pay for good performance
  • Working long hours
  • Having a good reputation
  • Being distinctive/different
Innovative
  • Adaptable
  • Innovative
  • Quick to take advantage of opportunities
  • Risk taking
  • Opportunities for professional growth
  • Not constrained by rules
  • Tolerant
  • Informal
  • Enthusiastic
Traditional
  • Stability
  • Reflective
  • Rule oriented
  • Analytical
  • High attention to detail
  • Organized
  • Clear guiding philosophy
  • Security of employment
  • Emphasis on quality
  • Focus on safety
Cooperative
  • Team oriented
  • Fair
  • Praise for good performance
  • Supportive
  • Calm
  • Developing friends at work
  • Socially responsible

Culture Considerations

  • What culture category was dominant for each IT organization?
  • Do you share the same dominant category?
  • Is your current dominant culture category the most ideal to have post-separation?

3.1.4 Assess Culture

3-4 hours

Input: Cultural assessments for current IT organization, Cultural assessment for target IT organization

Output: Goal for IT culture

Materials: IT Culture Diagnostic

Participants: IT executive/CIO, IT senior leadership, IT employees of current organization, IT employees of target organization, Company M&A team

The purpose of this activity is to assess the different cultures that might exist within the IT environments of the organizations involved. By understanding the culture that exists in the purchasing organization, you can identify the fit and prepare impacted staff for potential changes.

  1. Complete this activity by leveraging the blueprint Fix Your IT Culture, specifically the IT Culture Diagnostic.
  2. Fill out the diagnostic for the IT department in your organization:
    1. Answer the 16 questions in tab 2, Diagnostic.
    2. Find out your dominant culture and review recommendations in tab 3, Results.
  3. Document the results from tab 3, Results, in the M&A Sell Playbook if you are trying to record all artifacts related to the transaction in one place.
  4. Repeat the activity for the purchasing organization.
  5. Leverage the information to determine what the goal for the culture of IT will be post-separation if it will differ from the current culture.

Record the results in the M&A Sell Playbook.

Due Diligence & Preparation

Step 3.2

Prepare to Separate

Activities

  • 3.2.1 Create a carve-out roadmap
  • 3.2.2 Prioritize separation tasks
  • 3.2.3 Establish the separation roadmap
  • 3.2.4 Identify the buyer’s IT expectations
  • 3.2.5 Create a service/transaction agreement
  • 3.2.6 Estimate separation costs
  • 3.2.7 Create an employee transition plan
  • 3.2.8 Create functional workplans for employees
  • 3.2.9 Align project metrics with identified tasks

This step involves the following participants:

  • IT executive/CIO
  • IT senior leadership
  • Transition team
  • Company M&A team
  • Purchasing organization

Outcomes of Step

Have an established plan of action toward separation across all domains and a strategy toward resources.

Don’t underestimate the importance of separation preparation

Separation involves taking the IT organization and dividing it into two or more separate entities.

Testing the carve capabilities of the IT organization often takes 3 months. (Source: Cognizant, 2014)

Daimler-Benz lost nearly $19 billion following its purchase of Chrysler by failing to recognize the cultural differences that existed between the two car companies. (Source: Deal Room)

Info-Tech Insight

Separating the IT organization requires more time and effort than business leaders will know. Frequently communicate challenges and lost opportunities when carving the IT environment out.

Separation needs

Identify the business objectives of the sale to determine the IT strategy

Set up a meeting with your IT due diligence team to:

  • Ensure there will be no gaps in the delivery of products and services in the future state.
  • Discuss the people and processes necessary to achieve the target technology environment and support M&A business objectives.

Use this opportunity to:

  • Identify data and application complexities between the involved organizations.
  • Identify the IT people and process gaps, initiatives, and levels of support expected.
  • Determine your infrastructure needs to ensure effectiveness and delivery of services:
    • Does IT have the infrastructure to support the applications and business capabilities?
    • Identify any gaps between the current infrastructure in both organizations and the infrastructure required.
    • Identify any redundancies/gaps.
    • Determine the appropriate IT separation strategies.
  • Document your gaps, redundancies, initiatives, and assumptions to help you track and justify the initiatives that must be undertaken and help estimate the cost of separation.

Separation strategies

There are several IT separation strategies that will let you achieve your target technology environment.

IT Separation Strategies
  • Divest. Carve out elements of the IT organization and sell them to a purchasing organization with or without a service-level agreement.
  • Sell. Sell the entire IT environment to a purchasing organization. The purchasing organization takes full responsibility in delivering and running the IT environment.
  • Spin-Off Joint Venture. Carve out elements of the IT organization and combine them with elements of a new or purchasing organization to create a new entity.

The approach IT takes will depend on the business objectives for the M&A.

  • Generally speaking, the separation strategy is well understood and influenced by the frequency of and rationale for selling.
  • Based on the initiatives generated by each business process owner, you need to determine the IT separation strategy that will best support the desired target technology environment, especially if you are still operating or servicing elements of that IT environment.

Key considerations when choosing an IT separation strategy include:

  • What are the main business objectives of the M&A?
  • What are the key synergies expected from the transaction?
  • What IT separation strategy best helps obtain these benefits?
  • What opportunities exist to position the business for sustainable and long-term growth?

Separation strategies in detail

Review highlights and drawbacks of different separation strategies

Divest
    Highlights
  • Recommended for businesses striving to reduce costs and potentially even generate revenue for the business through the delivery of SLAs.
  • Opportunity to reduce or scale back on lines of business or products that are not driving profits.
    Drawbacks
  • May be forced to give up critical staff that have been known to deliver high value.
  • The IT department is left to deliver services to the purchasing organization with little support or consideration from the business.
  • There can be increased risk and security concerns that need to be addressed.
Sell
    Highlights
  • Recommended for businesses looking to gain capital to exit the market profitably or to enter a new market with a large sum of capital.
  • The business will no longer exist, and as a result all operational costs, including IT, will become redundant.
    Drawbacks
  • IT is no longer needed as an operating or capital service for the organization.
  • Lost resources, including highly trained and critical staff.
  • May require packaging employees off and using the profit or capital generated to cover any closing costs.
Spin-Off or Joint Venture
    Highlights
  • Recommended for businesses looking to expand their market presence or acquire new products. Essentially aligning the two organizations in the same market.
  • Each side has a unique offering but complementing capabilities.
    Drawbacks
  • As much as the organization is going through a separation from the original company, it will be going through an integration with the new company.
  • There could be differences in culture.
  • This could require a large amount of investment without a guarantee of profit or success.

Preparing the carve-out roadmap

And why it matters so much

  • When carving out the IT environment in preparation for a divestiture, it’s important to understand the infrastructure, application, and data connections that might exist.
  • Much to the business’ surprise, carving out the IT environment is not easy, especially when considering the services and products that might depend on access to certain applications or data sets.
  • Once the business has indicated which elements they anticipate divesting, be prepared for testing the functionality and ability of this carve-out, either through automation or manually. There are benefits and drawbacks to both methods:
    • Automated requires a solution and a developer to code the tests.
    • Manual requires time to find the errors, possibly more time than automated testing.
  • Identify if there are dependencies that will make the carve-out difficult.
    • For example, the business is trying to divest Product X, but that product is integrated with Product Y, which is not being sold.
    • Consider all the processes and products that specific data might support as well.
    • Moreover, the data migration tool will need to enter the ERP system and identify not just the data but all supporting and historical elements that underlie the data.

Critical components to consider:

  • Selecting manual or automated testing
  • Determining data dependencies
  • Data migration capabilities
  • Auditing approval
  • People and skills that support specific elements being carved out

3.2.1 Create a carve-out roadmap

6 hours

Input: Items included in the carve-out, Dependencies, Whether testing is completed, If the carve-out will pass audit, If the carve-out item is prepared to be separated

Output: Carve-out roadmap

Materials: Business’ divestiture plan, M&A Sell Playbook

Participants: IT executive/CIO, IT senior leadership, Business leaders, Transition team

The purpose of this activity is to prepare the IT environment by identifying a carve-out roadmap, specifically looking at data, infrastructure, and applications. Feel free to expand the roadmap to include other categories as your organization sees fit.

  1. In the Carve-Out Roadmap in the M&A Sell Playbook, identify the key elements of the carve-out in the first column.
  2. Note any dependencies the items might have. For example:
    • The business is selling Product X, which is linked to Data X and Data Y. The organization does not want to sell Data Y. Data X would be considered dependent on Data Y.
  3. Once the dependencies have been confirmed, begin automated or manual testing to examine the possibility of separating the data sets (or other dependencies) from one another.
  4. After identifying an acceptable method of separation, inform the auditing individual or body and confirm that there would be no repercussions for the planned process.

Record the results in the M&A Sell Playbook.

3.2.2 Prioritize separation tasks

2 hours

Input: Separation tasks, Transition team, M&A RACI

Output: Prioritized separation list

Materials: Separation task checklist, Separation roadmap

Participants: IT executive/CIO, IT senior leadership, Company M&A team

The purpose of this activity is to prioritize the different separation tasks that your organization has identified as necessary to this transaction. Some tasks might not be relevant for this particular transaction, and others might be critical.

  1. Begin by downloading the SharePoint or Excel version of the M&A Separation Project Management Tool.
  2. Identify which separation tasks you want to have as part of your project plan. Alter or remove any tasks that are irrelevant to your organization. Add in tasks you think are missing.
  3. When deciding criticality of the task, consider the effect on stakeholders, those who are impacted or influenced in the process of the task, and dependencies (e.g. data strategy needs to be addressed first before you can tackle its dependencies, like data quality).
  4. Feel free to edit the way you measure criticality. The standard tool leverages a three-point scale. At the end, you should have a list of tasks in priority order based on criticality.

Record the updates in the M&A Separation Project Management Tool (SharePoint).

Record the updates in the M&A Separation Project Management Tool (Excel).

Separation checklists

Prerequisite Checklist
  • Build the project plan for separation and prioritize activities
    • Plan first day
    • Plan first 30/100 days
    • Plan first year
  • Create an organization-aligned IT strategy
  • Identify critical stakeholders
  • Create a communication strategy
  • Understand the rationale for the sale or divestiture
  • Develop IT's sale/divestiture strategy
    • Determine goal opportunities
    • Create the mission and vision statements
    • Create the guiding principles
    • Create program metrics
  • Consolidate reports from due diligence/data room
  • Conduct culture assessment
  • Create a transaction team
  • Establish a service/technical transaction agreement
  • Plan and communicate culture changes
  • Create an employee transition plan
  • Assess baseline engagement
Business
  • Design an enterprise architecture
  • Document your business architecture
  • Meet compliance and regulatory standards
  • Identify and assess all of IT's risks
Applications
  • Prioritize and address critical applications
    • CRM
    • HRIS
    • Financial
    • Sales
    • Risk
    • Security
    • ERP
    • Email
  • Develop method of separating applications
  • Model critical applications that have dependencies on one another
  • Identify the infrastructure capacity required to support critical applications
  • Prioritize and address critical applications
Leadership/IT Executive
  • Build an IT budget
  • Structure operating budget
  • Structure capital budget
  • Identify the workforce demand vs. capacity
  • Establish and monitor key metrics
  • Communicate value realized/cost savings
Data
  • Confirm data strategy
  • Confirm data governance
  • Build a data architecture roadmap
  • Analyze data sources and domains
  • Evaluate data storage (on-premises vs. cloud)
  • Develop an enterprise content management strategy and roadmap
  • Ensure cleanliness/usability of data sets
  • Identify data sets that can remain operational if reduced/separated
  • Develop reporting and analytics capabilities
  • Confirm data strategy
Operations
  • Manage sales access to customer data
  • Determine locations and hours of operation
  • Separate/terminate phone lists and extensions
  • Split email address books
  • Communicate helpdesk/service desk information

Separation checklists (continued)

Infrastructure
  • Manage organization domains
  • Consolidate data centers
  • Compile inventory of vendors, versions, switches, and routers
  • Review hardware lease or purchase agreements
  • Review outsourcing/service provider agreements
  • Review service-level agreements
  • Assess connectivity linkages between locations
  • Plan to migrate to a single email system if necessary
  • Determine network access concerns
Vendors
  • Establish a sustainable vendor management office
  • Review vendor landscape
  • Identify warranty options
  • Identify the licensing grant
  • Rationalize vendor services and solutions
People
  • Design an IT operating model
  • Design your future IT organizational structure
  • Conduct a RACI for prioritized activities
  • Conduct a culture assessment and identify goal IT culture
  • Build an IT employee engagement program
  • Determine critical roles and systems/process/products they support
  • Define new job descriptions with meaningful roles and responsibilities
  • Create employee transition plans
  • Create functional workplans
Projects
  • Identify projects to be on hold
  • Communicate project intake process
  • Reprioritize projects
Products & Services
  • Redefine service catalog
  • Ensure customer interaction requirements are met
  • Select a solution for product lifecycle management
  • Plan service-level agreements
Security
  • Conduct a security assessment
  • Develop accessibility prioritization and schedule
  • Establish an information security strategy
  • Develop a security awareness and training program
  • Develop and manage security governance, risk, and compliance
  • Identify security budget
  • Build a data privacy and classification program
IT Processes
  • Evaluate current process models
  • Determine productivity/capacity levels of processes
  • Identify processes to be changed/terminated
  • Establish a communication plan
  • Develop a change management process
  • Establish/review IT policies
  • Evaluate current process models

3.2.2 Establish the separation roadmap

2 hours

Input: Prioritized separation tasks, Carve-out roadmap, Employee transition plan, Separation RACI, Costs for activities, Activity owners

Output: Separation roadmap

Materials: M&A Separation Project Plan Tool (SharePoint), M&A Separation Project Plan Tool (Excel), SharePoint Template: Step-by-Step Deployment Guide

Participants: IT executive/CIO, IT senior leadership, Transition team, Company M&A team

The purpose of this activity is to create a roadmap to support IT throughout the separation process. Using the information gathered in previous activities, you can create a roadmap that will ensure a smooth separation.

  1. Use our Separation Project Management Tool to help track critical elements in relation to the separation project. There are a few options available:
    1. Follow the instructions on the next slide if you are looking to upload our SharePoint project template. Additional instructions are available in the SharePoint Template Step-by-Step Deployment Guide.
    2. If you cannot or do not want to use SharePoint as your project management solution, download our Excel version of the tool.
      **Remember that this your tool, so customize to your liking.
  2. Identify who will own or be accountable for each of the separation tasks and establish the time frame for when each project should begin and end. This will confirm which tasks should be prioritized.

Record the updates in the M&A Separation Project Management Tool (SharePoint).

Record the updates in the M&A Separation Project Management Tool (Excel).

Separation Project Management Tool (SharePoint Template)

Follow these instructions to upload our template to your SharePoint environment

  1. Create or use an existing SP site.
  2. Download the M&A Separation Project Management Tool (SharePoint) .wsp file from the Mergers & Acquisitions: The Sell Blueprint landing page.
  3. To import a template into your SharePoint environment, do the following:
    1. Open PowerShell.
    2. Connect-SPO Service (need to install PowerShell module).
    3. Enter in your tenant admin URL.
    4. Enter in your admin credentials.
    5. Set-SPO Site https://YourDomain.sharepoint.com/sites/YourSiteHe... -DenyAddAndCustomizePages 0
    OR
    1. Turn on both custom script features to allow users to run custom
  4. Screenshot of the 'Custom Script' option for importing a template into your SharePoint environment. Feature description reads 'Control whether users can run custom script on personal sites and self-service created sites. Note: changes to this setting might take up to 24 hours to take effect. For more information, see http://go.microsoft.com/fwlink/?LinkIn=397546'. There are options to prevent or allow users from running custom script on personal/self-service created sites.
  5. Enable the SharePoint Server feature.
  6. Upload the .wsp file in Solutions Gallery.
  7. Deploy by creating a subsite and select from custom options.
    • Allow or prevent custom script
    • Security considerations of allowing custom script
    • Save, download, and upload a SharePoint site as a template
  8. Refer to Microsoft documentation to understand security considerations and what is and isn’t supported:

For more information, check out the SharePoint Template: Step-by-Step Deployment Guide.

Supporting the transition and establishing service-level agreements

The purpose of this part of the transition is to ensure both buyer and seller have a full understanding of expectations for after the transaction.

  • Once the organizations have decided to move forward with a deal, all parties need a clear level of agreement.
  • IT, since it is often seen as an operational division of an organization, is often expected to deliver certain services or products once the transaction has officially closed.
  • The purchasing organization or the new company might depend on IT to deliver these services until they are able to provide those services on their own.
  • Having a clear understanding of what the buyer’s expectations are and what your company, as the selling organization, can provide is important.
  • Have a conversation with the buyer and document those expectations in a signed service agreement.

3.2.4 Identify the buyer's IT expectations

3-4 hours

Input: Carve-out roadmap, Separation roadmap, Up-to-date version of the agreement

Output: Buyer’s IT expectations

Materials: Questions for meeting

Participants: IT executive/CIO, IT senior leadership, Company M&A team, Purchasing company M&A team, Purchasing company IT leadership

The purpose of this activity is to determine if the buyer has specific service expectations for your IT organization. By identifying, documenting, and agreeing on what services your IT organization will be responsible for, you can obtain a final agreement to protect you as the selling organization.

  1. Buyers should not assume certain services will be provided. Organize a meeting with IT leaders and the company M&A teams to determine what services will be provided.
  2. The next slide has a series of questions that you can start from. Ensure you get detailed information about each of the services.
  3. Once you fully understand the buyer’s IT expectations, create an SLA in the next activity and obtain sign-off from both organizations.

Questions to ask the buyer

  1. What services would you like my IT organization to provide?
  2. How long do you anticipate those services will be provided to you?
  3. How do you expect your staff/employees to communicate requests or questions to my staff/employees?
  4. Are there certain days or times that you expect these services to be delivered?
  5. How many staff do you expect should be available to support you?
  6. What should be the acceptable response time on given service requests?
  7. When it comes to the services you require, what level of support should we provide?
  8. If a service requires escalation to Level 2 or Level 3 support, are we still expected to support this service? Or are we only Level 1 support?
  9. What preventative security methods does your organization have to protect our environment during this agreement period?

3.2.5 Create a service/ transaction agreement

6 hours

Input: Buyer's expectations, Separation roadmap

Output: SLA for the purchasing organization

Materials: Service Catalog Internal Service Level Agreement Template, M&A Separation Project Plan Tool (SharePoint), M&A Separation Project Plan Tool (Excel)

Participants: IT executive/CIO, IT senior leadership, Company M&A team, Purchasing company M&A team, Purchasing company IT leadership

The purpose of this activity is to determine if the buyer has specific service expectations for your IT organization post-transaction that your IT organization is agreeing to provide.

  1. Document the expected services and the related details in a service-level agreement.
  2. Provide the SLA to the purchasing organization.
  3. Obtain sign-off from both organizations on the level of service that is expected of IT.
  4. Update the M&A Separation Project Management Tool Excel or SharePoint document to reflect any additional items that the purchasing organization identified.

*For organizations being purchased in their entirety, this activity may not be relevant.

Modify the Service Catalog Internal Service Level Agreement with the agreed-upon terms of the SLA.

Importance of estimating separation costs

Change is the key driver of separation costs

Separation costs are dependent on the following:
  • Meeting synergy targets – whether that be cost saving or growth related.
    • Employee-related costs, licensing, and reconfiguration fees play a huge part in meeting synergy targets.
  • Adjustments related to compliance or regulations – especially if there are changes to legal entities, reporting requirements, or risk mitigation standards.
  • Governance or third party–related support required to ensure timelines are met and the separation is a success.
Separation costs vary by industry type.
  • Certain industries may have separation costs made up of mostly one type, differing from other industries, due to the complexity and demands of the transaction. For example:
    • Healthcare separation costs are mostly driven by regulatory, safety, and quality standards, as well as consolidation of the research and development function.
    • Energy and Utilities tend to have the lowest separation costs due to most transactions occurring within the same sector rather than as cross-sector investments. For example, oil and gas transactions tend to be for oil fields and rigs (strategic fixed assets), which can easily be added to the buyer’s portfolio.

Separation costs are more related to the degree of change required than the size of the transaction.

3.2.6 Estimate separation costs

3-4 hours

Input: Separation tasks, Transition team, Valuation of current IT environment, Valuation of target IT environment, Outputs from data room, Technical debt, Employees

Output: List of anticipated costs required to support IT separation

Materials: Separation task checklist, Separation roadmap, M&A Sell Playbook

Participants: IT executive/CIO, IT senior leadership, Company M&A team, Transition team

The purpose of this activity is to estimate the costs that will be associated with the separation. Identify and communicate a realistic figure to the larger M&A team within your company as early in the process as possible. This ensures that the funding required for the transaction is secured and budgeted for in the overarching transaction.

  1. On the associated slide in the M&A Sell Playbook, input:
    • Task
    • Domain
    • Cost type
    • Total cost amount
    • Level of certainty around the cost
  2. Provide a copy of the estimated costs to the company’s M&A team. Also provide any additional information identified earlier to help them understand the importance of those costs.

Record the results in the M&A Sell Playbook.

Employee transition planning

Considering employee impact will be a huge component to ensure successful separation

  • Meet With Leadership
  • Plan Individual and Department Redeployment
  • Plan Individual and Department Layoffs
  • Monitor and Manage Departmental Effectiveness
  • For employees, the transition could mean:
    • Changing from their current role to a new role to meet requirements and expectations throughout the transition.
    • Being laid off because the role they are currently occupying has been made redundant.
  • It is important to plan for what the M&A separation needs will be and what the IT operational needs will be.
  • A lack of foresight into this long-term plan could lead to undue costs and headaches trying to retain critical staff, rehiring positions that were already let go, and keeping redundant employees longer then necessary.

Info-Tech Insight

Being transparent throughout the process is critical. Do not hesitate to tell employees the likelihood that their job may be made redundant. This will ensure a high level of trust and credibility for those who remain with the organization after the transaction.

3.2.7 Create an employee transition plan

3-4 hours

Input: IT strategy, IT organizational design

Output: Employee transition plans

Materials: M&A Sell Playbook, Whiteboard, Sticky notes, Markers

Participants: IT executive/CIO, IT senior leadership, Company M&A team, Transition team

The purpose of this activity is to create a transition plan for employees.

  1. Transition planning can be done at specific individual levels or more broadly to reflect a single role. Consider these four items in the transition plan:
    • Understand the direction of the employee transitions.
    • Identify employees that will be involved in the transition (moved or laid off).
    • Prepare to meet with employees.
    • Meet with employees.
  2. For each employee that will be facing some sort of change in their regular role, permanent or temporary, create a transition plan.
  3. For additional information on transitioning employees, review the blueprint Streamline Your Workforce During a Pandemic.

**Note that if someone’s future role is a layoff, then there is no need to record anything for skills needed or method for skill development.

Record the results in the M&A Sell Playbook.

3.2.8 Create functional workplans for employees

3-4 hours

Input: Prioritized separation tasks, Employee transition plan, Separation RACI, Costs for activities, Activity owners

Output: Employee functional workplans

Materials: M&A Sell Playbook, Learning and development tools

Participants: IT executive/CIO, IT senior leadership, IT management team, Company M&A team, Transition team

The purpose of this activity is to create a functional workplan for the different employees so that they know what their key role and responsibilities are once the transaction occurs.

  1. First complete the transition plan from the previous activity (3.2.7) and the separation roadmap. Have these documents ready to review throughout this process.
  2. Identify the employees who will be transitioning to a new role permanently or temporarily. Creating a functional workplan is especially important for these employees.
  3. Identify the skills these employees need to have to support the separation. Record this in the corresponding slide in the M&A Sell Playbook.
  4. For each employee, identify someone who will be a point of contact for them throughout the transition.

It is recommended that each employee have a functional workplan. Leverage the IT managers to support this task.

Record the results in the M&A Sell Playbook.

Metrics for separation

Valuation & Due Diligence

  • % Defects discovered in production
  • $ Cost per user for enterprise applications
  • % In-house-built applications vs. enterprise applications
  • % Owners identified for all data domains
  • # IT staff asked to participate in due diligence
  • Change to due diligence
  • IT budget variance
  • Synergy target

Execution & Value Realization

  • % Satisfaction with the effectiveness of IT capabilities
  • % Overall end-customer satisfaction
  • $ Impact of vendor SLA breaches
  • $ Savings through cost-optimization efforts
  • $ Savings through application rationalization and technology standardization
  • # Key positions empty
  • % Frequency of staff turnover
  • % Emergency changes
  • # Hours of unplanned downtime
  • % Releases that cause downtime
  • % Incidents with identified problem record
  • % Problems with identified root cause
  • # Days from problem identification to root cause fix
  • % Projects that consider IT risk
  • % Incidents due to issues not addressed in the security plan
  • # Average vulnerability remediation time
  • % Application budget spent on new build/buy vs. maintenance (deferred feature implementation, enhancements, bug fixes)
  • # Time (days) to value realization
  • % Projects that realized planned benefits
  • $ IT operational savings and cost reductions that are related to synergies/divestitures
  • % IT staff–related expenses/redundancies
  • # Days spent on IT separation
  • $ Accurate IT budget estimates
  • % Revenue growth directly tied to IT delivery
  • % Profit margin growth

3.2.9 Align project metrics with identified tasks

3-4 hours

Input: Prioritized separation tasks, Employee transition plan, Separation RACI, Costs for activities, Activity owners, M&A goals

Output: Separation-specific metrics to measure success

Materials: Separation roadmap, M&A Sell Playbook

Participants: IT executive/CIO, IT senior leadership, Transition team

The purpose of this activity is to understand how to measure the success of the separation project by aligning metrics to each identified task.

  1. Review the M&A goals identified by the business. Your metrics will need to tie back to those business goals.
  2. Identify metrics that align to identified tasks and measure achievement of those goals. For each metric you consider, ask the following questions:
    • What is the main goal or objective that this metric is trying to solve?
    • What does success look like?
    • Does the metric promote the right behavior?
    • Is the metric actionable? What is the story you are trying to tell with this metric?
    • How often will this get measured?
    • Are there any metrics it supports or is supported by?

Record the results in the M&A Sell Playbook.

By the end of this mid-transaction phase you should:

Have successfully evaluated your IT people, processes, and technology to determine a roadmap forward for separating or selling.

Key outcomes from the Due Diligence & Preparation phase
  • Participate in due diligence activities to comply with regulatory and auditing standards and prepare employees for the transition.
  • Create a separation roadmap that considers the tasks that will need to be completed and the resources required to support separation.
Key deliverables from the Due Diligence & Preparation phase
  • Drive value with a due diligence charter
  • Gather data room artifacts
  • Measure staff engagement
  • Assess culture
  • Create a carve-out roadmap
  • Prioritize separation tasks
  • Establish the separation roadmap
  • Identify the buyer’s IT expectations
  • Create a service/transaction agreement
  • Estimate separation costs
  • Create an employee transition plan
  • Create functional workplans for employees
  • Align project metrics with identified tasks

M&A Sell Blueprint

Phase 4

Execution & Value Realization

Phase 1Phase 2Phase 3

Phase 4

  • 1.1 Identify Stakeholders and Their Perspective of IT
  • 1.2 Assess IT’s Current Value and Future State
  • 1.3 Drive Innovation and Suggest Reduction Opportunities
  • 2.1 Establish the M&A Program Plan
  • 2.2 Prepare IT to Engage in the Separation or Sale
  • 3.1 Engage in Due Diligence and Prepare Staff
  • 3.2 Prepare to Separate
  • 4.1 Execute the Transaction
  • 4.2 Reflection and Value Realization

This phase will walk you through the following activities:

  • Monitor service agreements
  • Continually update the project plan
  • Confirm separation costs
  • Review IT’s transaction value
  • Conduct a transaction and separation SWOT
  • Review the playbook and prepare for future transactions

This phase involves the following participants:

  • IT executive/CIO
  • IT senior leadership
  • Vendor management team
  • IT transaction team
  • Company M&A team

Workshop Overview

Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889

Pre-Work

Day 1

Day 2

Day 3

Engage in Separation

Day 4

Establish the Transaction FoundationDiscover the Motivation for IntegrationPlan the Separation RoadmapPrepare Employees for the TransitionEngage in SeparationAssess the Transaction Outcomes (Must be within 30 days of transaction date)

Activities

  • 0.1 Identify the rationale for the company's decision to pursue a divestiture/sale.
  • 0.2 Identify key stakeholders and determine the IT transaction team.
  • 0.3 Gather and evaluate the M&A strategy, future-state operating model, and governance.
  • 1.1 Review the business rationale for the divestiture/sale.
  • 1.2 Identify pain points and opportunities tied to the divestiture/sale.
  • 1.3 Establish the separation strategy.
  • 1.4 Create the due diligence charter.
  • 2.1 Prioritize separation tasks.
  • 2.2 Establish the separation roadmap.
  • 2.3 Establish and align project metrics with identified tasks.
  • 2.4 Estimate separation costs.
  • 3.1 Measure staff engagement
  • 3.2 Assess the current culture and identify the goal culture.
  • 3.3 Create an employee transition plan.
  • 3.4 Create functional workplans for employees.
  • S.1 Complete the separation by regularly updating the project plan.
  • S.2 Assess the service/technical transaction agreement.
  • 4.1 Confirm separation costs.
  • 4.2 Review IT’s transaction value.
  • 4.3 Conduct a transaction and separation SWOT.
  • 4.4 Review the playbook and prepare for future transactions.

Deliverables

  1. IT strategy
  2. IT operating model
  3. IT governance structure
  4. M&A transaction team
  1. Business context implications for IT
  2. Separation strategy
  3. Due diligence charter
  1. Separation roadmap and associated resourcing
  1. Engagement assessment
  2. Culture assessment
  3. Employee transition plans and workplans
  1. Evaluate service/technical transaction agreement
  2. Updated separation project plan
  1. SWOT of transaction
  2. M&A Sell Playbook refined for future transactions

What is the Execution & Value Realization phase?

Post-transaction state

Once the transaction comes to a close, it’s time for IT to deliver on the critical separation tasks. As the selling organization in this transaction, you need to ensure you have a roadmap that properly enables the ongoing delivery of your IT environment while simultaneously delivering the necessary services to the purchasing organization.

Throughout the separation transaction, some of the most common obstacles IT should prepare for include difficulty separating the IT environment, loss of key personnel, disengaged employees, and security/compliance issues.

Post-transaction, the business needs to understands the value they received by engaging in the transaction and the ongoing revenue they might obtain as a result of the sale. You also need to ensure that the IT environment is functioning and mitigating any high-risk outcomes.

Goal: To carry out the planned separation activities and deliver the intended value to the business.

Execution Prerequisite Checklist

Before coming into the Execution & Value Realization phase, you must have addressed the following:

  • Understand the rationale for the company's decisions to pursue a sale or divestiture and what opportunities or pain points the sale should alleviate.
  • Identify the key roles for the transaction team.
  • Identify the M&A governance.
  • Determine target metrics.
  • Select a separation strategy framework.
  • Conduct a RACI for key transaction tasks for the transaction team.
  • Create a carve-out roadmap.
  • Prioritize separation tasks.
  • Establish the separation roadmap.
  • Create employee transition plans.

Before coming into the Execution & Value Realization phase, we recommend addressing the following:

  • Create vision and mission statements.
  • Establish guiding principles.
  • Create a future-state operating model.
  • Identify the M&A operating model.
  • Document the communication plan.
  • Examine the business perspective of IT.
  • Identify key stakeholders and outline their relationship to the M&A process.
  • Establish a due diligence charter.
  • Be able to valuate the IT environment and communicate IT’s value to the business.
  • Gather and present due diligence data room artifacts.
  • Measure staff engagement.
  • Assess and plan for culture.
  • Estimate separation costs.
  • Create functional workplans for employees.
  • Identify the buyer’s IT expectations.
  • Create a service/ transaction agreement.

Separation checklists

Prerequisite Checklist
  • Build the project plan for separation and prioritize activities
    • Plan first day
    • Plan first 30/100 days
    • Plan first year
  • Create an organization-aligned IT strategy
  • Identify critical stakeholders
  • Create a communication strategy
  • Understand the rationale for the sale or divestiture
  • Develop IT's sale/divestiture strategy
    • Determine goal opportunities
    • Create the mission and vision statements
    • Create the guiding principles
    • Create program metrics
  • Consolidate reports from due diligence/data room
  • Conduct culture assessment
  • Create a transaction team
  • Establish a service/technical transaction agreement
  • Plan and communicate culture changes
  • Create an employee transition plan
  • Assess baseline engagement
Business
  • Design an enterprise architecture
  • Document your business architecture
  • Meet compliance and regulatory standards
  • Identify and assess all of IT's risks
Applications
  • Prioritize and address critical applications
    • CRM
    • HRIS
    • Financial
    • Sales
    • Risk
    • Security
    • ERP
    • Email
  • Develop method of separating applications
  • Model critical applications that have dependencies on one another
  • Identify the infrastructure capacity required to support critical applications
  • Prioritize and address critical applications
Leadership/IT Executive
  • Build an IT budget
  • Structure operating budget
  • Structure capital budget
  • Identify the workforce demand vs. capacity
  • Establish and monitor key metrics
  • Communicate value realized/cost savings
Data
  • Confirm data strategy
  • Confirm data governance
  • Build a data architecture roadmap
  • Analyze data sources and domains
  • Evaluate data storage (on-premises vs. cloud)
  • Develop an enterprise content management strategy and roadmap
  • Ensure cleanliness/usability of data sets
  • Identify data sets that can remain operational if reduced/separated
  • Develop reporting and analytics capabilities
  • Confirm data strategy
Operations
  • Manage sales access to customer data
  • Determine locations and hours of operation
  • Separate/terminate phone lists and extensions
  • Split email address books
  • Communicate helpdesk/service desk information

Separation checklists (continued)

Infrastructure
  • Manage organization domains
  • Consolidate data centers
  • Compile inventory of vendors, versions, switches, and routers
  • Review hardware lease or purchase agreements
  • Review outsourcing/service provider agreements
  • Review service-level agreements
  • Assess connectivity linkages between locations
  • Plan to migrate to a single email system if necessary
  • Determine network access concerns
Vendors
  • Establish a sustainable vendor management office
  • Review vendor landscape
  • Identify warranty options
  • Identify the licensing grant
  • Rationalize vendor services and solutions
People
  • Design an IT operating model
  • Design your future IT organizational structure
  • Conduct a RACI for prioritized activities
  • Conduct a culture assessment and identify goal IT culture
  • Build an IT employee engagement program
  • Determine critical roles and systems/process/products they support
  • Define new job descriptions with meaningful roles and responsibilities
  • Create employee transition plans
  • Create functional workplans
Projects
  • Identify projects to be on hold
  • Communicate project intake process
  • Reprioritize projects
Products & Services
  • Redefine service catalog
  • Ensure customer interaction requirements are met
  • Select a solution for product lifecycle management
  • Plan service-level agreements
Security
  • Conduct a security assessment
  • Develop accessibility prioritization and schedule
  • Establish an information security strategy
  • Develop a security awareness and training program
  • Develop and manage security governance, risk, and compliance
  • Identify security budget
  • Build a data privacy and classification program
IT Processes
  • Evaluate current process models
  • Determine productivity/capacity levels of processes
  • Identify processes to be changed/terminated
  • Establish a communication plan
  • Develop a change management process
  • Establish/review IT policies
  • Evaluate current process models

Execution & Value Realization

Step 4.1

Execute the Transaction

Activities

  • 4.1.1 Monitor service agreements
  • 4.1.2 Continually update the project plan

This step will walk you through the following activities:

  • Monitor service agreements
  • Continually update the project plan

This step involves the following participants:

  • IT executive/CIO
  • IT senior leadership
  • Vendor management team
  • IT transaction team
  • Company M&A team

Outcomes of Step

Successfully execute the separation of the IT environments and update the project plan, strategizing against any roadblocks as they come.

Key concerns to monitor during separation

If you are entering the transaction at this point, consider and monitor the following three items above all else.

Your IT environment, reputation as an IT leader, and impact on key staff will depend on monitoring these aspects.

  • Risk & Security. Make sure that the channels of communication between the purchasing organization and your IT environment are properly determined and protected. This might include updating or removing employees’ access to certain programs.
  • Retaining Employees. Employees who do not see a path forward in the organization or who feel that their skills are being underused will be quick to move on. Make sure they are engaged before, during, and after the transaction to avoid losing employees.
  • IT Environment Dependencies. Testing the IT environment several times and obtaining sign-off from auditors that this has been completed correctly should be completed well before the transaction occurs. Have a strong architecture outlining technical dependencies.

For more information, review:

  • Reduce and Manage Your Organization’s Insider Threat Risk
  • Map Technical Skills for a Changing Infrastructure Operations Organization
  • Build a Data Architecture Roadmap

4.1.1 Monitor service agreements

3-6 months

Input: Original service agreement, Risk register

Output: Service agreement confirmed

Materials: Original service agreement

Participants: IT executive/CIO, IT senior leadership, External organization IT senior leadership

The purpose of this activity is to monitor the established service agreements on an ongoing basis. Your organization is most at risk during the initial months following the transaction.

  1. Ensure the right controls exist to prevent the organization from unnecessarily opening itself up to risks.
  2. Meet with the purchasing organization/subsidiary three months after the transaction to ensure that everyone is satisfied with the level of services provided.
  3. This is not a quick and completed activity, but one that requires ongoing monitoring. Repeatedly identify potential risks worth mitigating.

For additional information and support for this activity, see the blueprint Build an IT Risk Management Program.

4.1.2 Continually update the project plan

Reoccurring basis following transition

Input: Prioritized separation tasks, Separation RACI, Activity owners

Output: Updated separation project plan

Materials: M&A Separation Project Plan Tool (SharePoint), M&A Separation Project Plan Tool (Excel)

Participants: IT executive/CIO, IT senior leadership, IT transaction team, Company M&A team

The purpose of this activity is to ensure that the project plan is continuously updated as your transaction team continues to execute on the various components outlined in the project plan.

  1. Set a regular cadence for the transaction team to meet, update the project plan, review the status of the various separation task items, and strategize how to overcome any roadblocks.
  2. Employ governance best practices in these meetings to ensure decisions can be made effectively and resources allocated strategically.

Record the updates in the M&A Separation Project Management Tool (SharePoint).

Record the updates in the M&A Separation Project Management Tool (Excel).

Execution & Value Realization

Step 4.2

Reflection and Value Realization

Activities

  • 4.2.1 Confirm separation costs
  • 4.2.2 Review IT’s transaction value
  • 4.2.3 Conduct a transaction and separation SWOT
  • 4.2.4 Review the playbook and prepare for future transactions

This step involves the following participants:

  • IT executive/CIO
  • IT senior leadership
  • Transition team
  • Company M&A team

Outcomes of Step

Review the value that IT was able to generate around the transaction and strategize about how to improve future selling or separating transactions.

4.2.1 Confirm separation costs

3-4 hours

Input: Separation tasks, Carve-out roadmap, Transition team, Previous RACI, Estimated separation costs

Output: Actual separation costs

Materials: M&A Sell Playbook

Participants: IT executive/CIO, IT senior leadership, Transaction team, Company M&A team

The purpose of this activity is to confirm the associated costs around separation. While the separation costs would have been estimated previously, it’s important to confirm the costs that were associated with the separation in order to provide an accurate and up-to-date report to the company’s M&A team.

  1. Taking all the original items identified previously in activity 3.2.6, identify if there were changes in the estimated costs. This can be an increase or a decrease.
  2. Ensure that each cost has a justification for why the cost changed from the original estimation.

Record the results in the M&A Sell Playbook.

Track cost savings and revenue generation

Throughout the transaction, the business would have communicated its goals, rationales, and expectations for the transaction. Sometimes this is done explicitly, and other times the information is implicit. Either way, IT needs to ensure that metrics have been defined and are measuring the intended value that the business expects. Ensure that the benefits realized to the organization are being communicated regularly and frequently.

  1. Define Metrics: Select metrics to track synergies through the separation.
    1. You can track value by looking at percentages of improvement in process-level metrics depending on the savings or revenue being pursued.
    2. For example, if the value being pursued is decreasing costs, metrics could range from capacity to output, highlighting that the output remains high despite smaller IT environments.
  2. Prioritize Value-Driving Initiatives: Estimate the cost and benefit of each initiative's implementation to compare the amount of business value to the cost. The benefits and costs should be illustrated at a high level. Estimating the exact dollar value of fulfilling a synergy can be difficult and misleading.
      Steps
    • Determine the benefits that each initiative is expected to deliver.
    • Determine the high-level costs of implementation (capacity, time, resources, effort).
  3. Track Cost Savings and Revenue Generation: Develop a detailed workplan to resource the roadmap and track where costs are saved and revenue is generated as the initiatives are undertaken.

4.2.2 Review IT’s transaction value

3-4 hours

Input: Prioritized separation tasks, Separation RACI, Activity owners, M&A company goals

Output: Transaction value

Materials: M&A Sell Playbook

Participants: IT executive/CIO, IT senior leadership, Company's M&A team

The purpose of this activity is to track how your IT organization performed against the originally identified metrics.

  1. If your organization did not have the opportunity to identify metrics, determine from the company M&A what those metrics might be. Review activity 3.2.9 for more information on metrics.
  2. Identify whether the metric (which should support a goal) was at, below, or above the original target metric. This is a very critical task for IT to complete because it allows IT to confirm that they were successful in the transaction and that the business can count on them in future transactions.
  3. Be sure to record accurate and relevant information on why the outcomes (good or bad) are supporting the M&A goals set out by the business.

Record the results in the M&A Sell Playbook.

4.2.3 Conduct a transaction and separation SWOT

2 hours

Input: Separation costs, Retention rates, Value that IT contributed to the transaction

Output: Strengths, weaknesses, opportunities, and threats

Materials: Flip charts, Markers, Sticky notes

Participants: IT executive/CIO, IT senior leadership, Business transaction team

The purpose of this activity is to assess the positive and negative elements of the transaction.

  1. Consider the internal and external elements that could have impacted the outcome of the transaction.
    • Strengths. Internal characteristics that are favorable as they relate to your development environment.
    • Weaknesses Internal characteristics that are unfavorable or need improvement.
    • Opportunities External characteristics that you may use to your advantage.
    • Threats External characteristics that may be potential sources of failure or risk.

Record the results in the M&A Sell Playbook.

M&A Sell Playbook review

With an acquisition complete, your IT organization is now more prepared then ever to support the business through future M&As

  • Now that the transaction is more than 80% complete, take the opportunity to review the key elements that worked well and the opportunities for improvement.
  • Critically examine the M&A Sell Playbook your IT organization created and identify what worked well to help the transaction and where your organization could adjust to do better in future transactions.
  • If your organization were to engage in another sale or divestiture under your IT leadership, how would you go about the transaction to make sure the company meets its goals?

4.2.4 Review the playbook and prepare for future transactions

4 hours

Input: Transaction and separation SWOT

Output: Refined M&A playbook

Materials: M&A Sell Playbook

Participants: IT executive/CIO

The purpose of this activity is to revise the playbook and ensure it is ready to go for future transactions.

  1. Using the outputs from the previous activity, 4.2.3, determine what strengths and opportunities there were that should be leveraged in the next transaction.
  2. Likewise, determine which threats and weaknesses could be avoided in the future transactions.
    Remember, this is your M&A Sell Playbook, and it should reflect the most successful outcome for you in your organization.

Record the results in the M&A Sell Playbook.

By the end of this post-transaction phase you should:

Have completed the separation post-transaction and be fluidly delivering the critical value that the business expected of IT.

Key outcomes from the Execution & Value Realization phase
  • Ensure the separation tasks are being completed and that any blockers related to the transaction are being removed.
  • Determine where IT was able to realize value for the business and demonstrate IT’s involvement in meeting target goals.
Key deliverables from the Execution & Value Realization phase
  • Monitor service agreements
  • Continually update the project plan
  • Confirm separation costs
  • Review IT’s transaction value
  • Conduct a transaction and separation SWOT
  • Review the playbook and prepare for future transactions

Summary of Accomplishment

Problem Solved

Congratulations, you have completed the M&A Sell Blueprint!

Rather than reacting to a transaction, you have been proactive in tackling this initiative. You now have a process to fall back on in which you can be an innovative IT leader by suggesting how and why the business should engage in a separation or sale transaction. You have:

  • Created a standardized approach for how your IT organization should address divestitures or sales.
  • Retained critical staff and complied with any regulations throughout the transaction.
  • Delivered on the separation project plan successfully and communicated IT’s transaction value to the business.

Now that you have done all of this, reflect on what went well and what can be improved if you were to engage in a similar divestiture or sale again.

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

Contact your account representative for more information
workshops@infotech.com 1-888-670-8899

Research Contributors and Experts

Ibrahim Abdel-Kader
Research Analyst | CIO
Info-Tech Research Group
Brittany Lutes
Senior Research Analyst | CIO
Info-Tech Research Group
John Annand
Principal Research Director | Infrastructure
Info-Tech Research Group
Scott Bickley
Principal Research Director | Vendor Management
Info-Tech Research Group
Cole Cioran
Practice Lead | Applications
Info-Tech Research Group
Dana Daher
Research Analyst | Strategy & Innovation
Info-Tech Research Group
Eric Dolinar
Manager | M&A Consulting
Deloitte Canada
Christoph Egel
Director, Solution Design & Deliver
Cooper Tire & Rubber Company
Nora Fisher
Vice President | Executive Services Advisory
Info-Tech Research Group
Larry Fretz
Vice President | Industry
Info-Tech Research Group

Research Contributors and Experts

David Glazer
Vice President of Analytics
Kroll
Jack Hakimian
Senior Vice President | Workshops and Delivery
Info-Tech Research Group
Gord Harrison
Senior Vice President | Research & Advisory
Info-Tech Research Group
Valence Howden
Principal Research Director | CIO
Info-Tech Research Group
Jennifer Jones
Research Director | Industry
Info-Tech Research Group
Nancy McCuaig
Senior Vice President | Chief Technology and Data Office
IGM Financial Inc.
Carlene McCubbin
Practice Lead | CIO
Info-Tech Research Group
Kenneth McGee
Research Fellow | Strategy & Innovation
Info-Tech Research Group
Nayma Naser
Associate
Deloitte
Andy Neill
Practice Lead | Data & Analytics, Enterprise Architecture
Info-Tech Research Group

Research Contributors and Experts

Rick Pittman
Vice President | Research
Info-Tech Research Group
Rocco Rao
Research Director | Industry
Info-Tech Research Group
Mark Rosa
Senior Vice President & Chief Information Officer
Mohegan Gaming and Entertainment
Tracy-Lynn Reid
Research Lead | People & Leadership
Info-Tech Research Group
Jim Robson
Senior Vice President | Shared Enterprise Services (retired)
Great-West Life
Steven Schmidt
Senior Managing Partner Advisory | Executive Services
Info-Tech Research Group
Nikki Seventikidis
Senior Manager | Finance Initiative & Continuous Improvement
CST Consultants Inc.
Allison Straker
Research Director | CIO
Info-Tech Research Group
Justin Waelz
Senior Network & Systems Administrator
Info-Tech Research Group
Sallie Wright
Executive Counselor
Info-Tech Research Group

Bibliography

“5 Ways for CIOs to Accelerate Value During Mergers and Acquisitions.” Okta, n.d. Web.

Altintepe, Hakan. “Mergers and acquisitions speed up digital transformation.” CIO.com, 27 July 2018. Web.

“America’s elite law firms are booming.” The Economist, 15 July 2021. Web.

Barbaglia, Pamela, and Joshua Franklin. “Global M&A sets Q1 record as dealmakers shape post-COVID world.” Nasdaq, 1 April 2021. Web.

Boyce, Paul. “Mergers and Acquisitions Definition: Types, Advantages, and Disadvantages.” BoyceWire, 8 Oct. 2020. Web.

Bradt, George. “83% Of Mergers Fail -- Leverage A 100-Day Action Plan For Success Instead.” Forbes, 27 Jan. 2015. Web.

Capgemini. “Mergers and Acquisitions: Get CIOs, IT Leaders Involved Early.” Channel e2e, 19 June 2020. Web.

Chandra, Sumit, et al. “Make Or Break: The Critical Role Of IT In Post-Merger Integration.” IMAA Institute, 2016. Web.

Deloitte. “How to Calculate Technical Debt.” The Wall Street Journal, 21 Jan. 2015. Web.

Ernst & Young. “IT As A Driver Of M&A Success.” IMAA Institute, 2017. Web.

Fernandes, Nuno. “M&As In 2021: How To Improve The Odds Of A Successful Deal.” Forbes, 23 March 2021. Web.

“Five steps to a better 'technology fit' in mergers and acquisitions.” BCS, 7 Nov. 2019. Web.

Fricke, Pierre. “The Biggest Opportunity You’re Missing During an M&Aamp; IT Integration.” Rackspace, 4 Nov. 2020. Web.

Garrison, David W. “Most Mergers Fail Because People Aren't Boxes.” Forbes, 24 June 2019. Web.

Harroch, Richard. “What You Need To Know About Mergers & Acquisitions: 12 Key Considerations When Selling Your Company.” Forbes, 27 Aug. 2018. Web.

Hope, Michele. “M&A Integration: New Ways To Contain The IT Cost Of Mergers, Acquisitions And Migrations.” Iron Mountain, n.d. Web.

“How Agile Project Management Principles Can Modernize M&A.” Business.com, 13 April 2020. Web.

Hull, Patrick. “Answer 4 Questions to Get a Great Mission Statement.” Forbes, 10 Jan. 2013. Web.

Kanter, Rosabeth Moss. “What We Can Learn About Unity from Hostile Takeovers.” Harvard Business Review, 12 Nov. 2020. Web.

Koller, Tim, et al. “Valuation: Measuring and Managing the Value of Companies, 7th edition.” McKinsey & Company, 2020. Web.

Labate, John. “M&A Alternatives Take Center Stage: Survey.” The Wall Street Journal, 30 Oct. 2020. Web.

Lerner, Maya Ber. “How to Calculate ROI on Infrastructure Automation.” DevOps.com, 1 July 2020. Web.

Loten, Angus. “Companies Without a Tech Plan in M&A Deals Face Higher IT Costs.” The Wall Street Journal, 18 June 2019. Web.

Low, Jia Jen. “Tackling the tech integration challenge of mergers today” Tech HQ, 6 Jan. 2020. Web.

Lucas, Suzanne. “5 Reasons Turnover Should Scare You.” Inc. 22 March 2013. Web.

“M&A Trends Survey: The future of M&A. Deal trends in a changing world.” Deloitte, Oct. 2020. Web.

Maheshwari, Adi, and Manish Dabas. “Six strategies tech companies are using for successful divesting.” EY, 1 Aug. 2020. Web.

Majaski, Christina. “Mergers and Acquisitions: What's the Difference?” Investopedia, 30 Apr. 2021.

“Mergers & Acquisitions: Top 5 Technology Considerations.” Teksetra, 21 Jul. 2020. Web.

“Mergers Acquisitions M&A Process.” Corporate Finance Institute, n.d. Web.

“Mergers and acquisitions: A means to gain technology and expertise.” DLA Piper, 2020. Web.

Nash, Kim S. “CIOs Take Larger Role in Pre-IPO Prep Work.” The Wall Street Journal, 5 March 2015. Web.

O'Connell, Sean, et al. “Divestitures: How to Invest for Success.” McKinsey, 1 Aug. 2015. Web

Paszti, Laila. “Canada: Emerging Trends In Information Technology (IT) Mergers And Acquisitions.” Mondaq, 24 Oct. 2019. Web.

Patel, Kiison. “The 8 Biggest M&A Failures of All Time” Deal Room, 9 Sept. 2021. Web.

Peek, Sean, and Paula Fernandes. “What Is a Vision Statement?” Business News Daily, 7 May 2020. Web.

Ravid, Barak. “How divestments can re-energize the technology growth story.” EY, 14 July 2021. Web.

Ravid, Barak. “Tech execs focus on growth amid increasingly competitive M&A market.” EY, 28 April 2021. Web.

Resch, Scott. “5 Questions with a Mergers & Acquisitions Expert.” CIO, 25 June 2019. Web.

Salsberg, Brian. “Four tips for estimating one-time M&A integration costs.” EY, 17 Oct. 2019. Web.

Samuels, Mark. “Mergers and acquisitions: Five ways tech can smooth the way.” ZDNet, 15 Aug. 2018. Web.

“SAP Divestiture Projects: Options, Approach and Challenges.” Cognizant, May, 2014. Web.

Steeves, Dave. “7 Rules for Surviving a Merger & Acquisition Technology Integration.” Steeves and Associates, 5 Feb. 2020. Web.

Tanaszi, Margaret. “Calculating IT Value in Business Terms.” CSO, 27 May 2004. Web.

“The CIO Playbook. Nine Steps CIOs Must Take For Successful Divestitures.” SNP, 2016. Web.

“The Role of IT in Supporting Mergers and Acquisitions.” Cognizant, Feb. 2015. Web.

Torres, Roberto. “M&A playbook: How to prepare for the cost, staff and tech hurdles.” CIO Dive, 14 Nov. 2019. Web.

“Valuation Methods.” Corporate Finance Institute, n.d. Web.

Weller, Joe. “The Ultimate Guide to the M&A Process for Buyers and Sellers.” Smartsheet, 16 May 2019. Web.

Drive Innovation With an Exponential IT Mindset

  • Buy Link or Shortcode: {j2store}107|cart{/j2store}
  • member rating overall impact: N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Innovation
  • Parent Category Link: /innovation

To drive a rapid shift towards the adoption of emerging technology, CIOs need:

  • Highly specialized knowledge of emerging technology and trends
  • The ability to engage the business in co-creating value via emerging technology
  • The skills to manage complex enterprise risk
  • Strong governance processes which support enterprise change management

Our Advice

Critical Insight

IT must lead the innovation capabilities that will drive the adoption of emerging technology across the enterprise. In an exponential world, IT needs to adopt business value targets and become a value creator rather limit itself to IT service targets and remain a cost center in the organization.

Impact and Result

Assess your innovation capability in five key areas supporting Exponential IT:

  • Organizational Excellence
  • Insights & Intelligence
  • Agile Ideation
  • Team Capabilities
  • Innovation Operations

Drive Innovation With an Exponential IT Mindset Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Drive Innovation With an Exponential IT Mindset – Learn about the new era of exponential innovation and the capabilities needed to succeed.

This research walks you through how to assess your capabilities to lead enterprise innovation and drive Exponential IT.

  • Drive Innovation With an Exponential IT Mindset Storyboard

2. Innovation Readiness Assessment – Assess your readiness to drive innovation and the adoption of emerging technology.

This tool will facilitate your readiness assessment.

  • Innovation Readiness Assessment
[infographic]

Further reading

Drive Innovation With an Exponential IT Mindset

Are you ready to drive the adoption of autonomous business capabilities?

A diagram that shows exponential IT

Analyst Perspective

IT must develop new capabilities to drive emerging tech adoption

Traditionally, CIOs have struggled to gain the trust of the executive leadership team and be recognized as business leaders rather than just technical leaders. In fact, based on a 2023 study by Info-Tech Research Group, only 36% of CIOs report directly to the CEO with most of the remainder reporting through either the CFO or COO.

Exponential IT requires that CIOs gain a seat at the table and build the capabilities necessary to not only lead the transformation of their business but also drive the innovation that will lead to enterprise adoption of emerging technologies. CIOs will be required to gain a detailed understanding of their business and in-depth knowledge of emerging technologies so that they can match business opportunities with technology capabilities, while managing risk and change.

This research will help CIOs identify the capabilities they need to transform the business, and better understand where they must mature their capabilities to drive Exponential IT.

Photo of Kim Osborne Rodriguez
Kim Osborne Rodriguez
Research Director, CIO Advisory
Info-Tech Research Group

Executive Summary

Your Challenge

To drive a rapid shift toward adopting emerging technology, CIOs need:

  • Highly specialized knowledge of emerging technology and trends
  • The ability to engage the business in co-creating value via emerging technology
  • The skills to manage complex enterprise risk
  • Strong governance processes which support enterprise change management

Common Obstacles

Exponential IT is dramatically shifting how IT engages the business. Many CIOs are unprepared.

  • Innovation is increasingly important for competitive advantage and business growth, narrowing the gap between large and small players.
  • Over 80% of CXOs believe their CIOs are currently unable to drive change within the business.[1]
  • 40% of CXOs anticipate that IT must be able to transform the business to maintain relevance.[1]

Info-Tech's Approach

Is your IT team ready to drive the adoption of emerging technology? Assess your innovation capability in five key areas supporting Exponential IT:

  • Organizational Excellence
  • Insights & Intelligence
  • Agile Ideation
  • Team Capabilities
  • Innovation Operations

[1] Info-Tech CXO-CIO diagnostic benchmark data, 2022, n=76

Info-Tech Insight

IT must lead the innovation capabilities that will drive the adoption of emerging technology across the enterprise. In an exponential world, IT needs to adopt business value targets and become a value creator rather than limit itself to IT service targets and remain a cost center in the organization.

Drive innovation with an Exponential IT mindset

Your ability to capture enterprise value from autonomization relies on your innovation capabilities and potential. Is your IT team ready to drive the adoption of AI-driven business processes? Assess your innovation readiness in five key areas supporting Exponential IT.

A diagram that shows 5 key areas of exponential IT

IT must rapidly mature

If IT leaders cannot lead the transformation, then the business will move forward without them.

Only 3% of CXOs report that their IT department can transform the business. Most IT organizations (81%) still struggle to adequately support the business.

A diagram that shows IT maturity and exponential IT

A diagram that shows IT capabilities Based on a Survey of CXOs (n=76)

Common obstacles

Leverage Exponential IT to drive value from the adoption of emerging tech

The most common obstacles to innovation are cultural, including politics, lack of alignment on goals, misaligned culture, and an inability to act on indicators of change.[1]

CIOs struggle to get a seat at the table and influence change. Info-Tech research shows that only 36% of CIOs report directly to the CEO, with over a third reporting to another C-suite leader such as a COO or CFO.[2]

[1] Harvard Business Review, 2018
[2] Info-Tech Research Group CIO Time Study, 2023

Info-Tech Insight

To drive change, CIOs need to gain the trust of their senior leadership team. Getting a seat at the table should be the first step for any CIO looking to transform their business.

Many CIOs struggle to be seen as business leaders

36%

Only 36% of CIOs report directly to the CEO.

Source: Info-Tech Research Group, 2023.

48%

48% of Boards report that they lack frequent or direct lines of communication with their CIOs.

Source: CIO Dive, 2022

Executive Brief: Case Study

Logo of RBC Royal Bank

  • INDUSTRY: Financial Services
  • SOURCE: Borealis AI

Borealis AI drives AI-powered transformation at Royal Bank of Canada

Borealis AI is a research center backed by RBC Royal Bank, tasked with researching, designing, and building AI products and tools which transform the financial services industry. It gathers researchers with backgrounds in artificial intelligence (AI), computer vision, natural language processing (NLP), computer science, computational finance, mathematics, and machine learning (ML) to create solutions in areas including asynchronous temporal models, non-cooperative learning in competing markets, and causal machine learning from observational data.

Results

Borealis AI has created many innovative products for RBC, including:

  • NOMI Forecast: an award-winning personal financial management tool
  • Turing by Borealis AI: a text-to-SQL database interface using NLP
  • Aiden: an AI-powered electronic trading tool using reinforcement learning

In 2023, Borealis AI won the Best Use of AI for Customer Experience award from The Digital Banker, for the NOMI Forecast app, which has been downloaded by nearly a million RBC clients since launching in 2021.


"NOMI Forecast is a cutting-edge AI solution that uses deep learning to offer timely and accurate predictions of our clients' cashflow. Powered by our unique datasets, these AI models have been trained to deliver personalized experiences for RBC clients,"
— Foteini Agrafioti, Chief Science Officer at RBC and Head of Borealis AI

IT needs to connect emerging technology with business opportunities

A diagram that shows exponential innovation, emerging technology, business opportunities.

Emerging tech is driving business change

A diagram that shows exponential innovation and its 5 elements.

Innovation is critical for business success, but succeeding is more difficult than ever

Emerging tech brings new challenges for organizations looking to create a competitive advantage. Access to sophisticated tools with minimal upfront costs have lowered the barriers to entry and democratized innovation, particularly among smaller players. The explosion of data processing & collaboration tools has allowed more focused and data-driven innovation efforts through analysis and insights, increasing the competitive advantage for those who get it right.

This has led to an accelerated pace of change as autonomous business processes start driving their own market shifts. The rise of autonomous business processes creates exponential reward, but also exponential risk for early adopters.

Innovation is increasingly critical for competitive growth

IT innovation leadership explains 75% of the variation in satisfaction with IT (Source: Info-Tech Research Group survey, n=305) and is the fourth-highest priority for IT end users.

A 7-year review by McKinsey (2020) showed that the most innovative companies[1] outperformed the market by upwards of 30%.

A 25-year study by Business Development Canada & Statistics Canada showed that innovation was more important to business success than management, human resources, marketing, or finance.

[1]Top innovators are defined as companies which were listed on Fast Company World's 50 Most Innovative Companies for 2+ years.

Adapt your approach to innovation

Both traditional and exponential (AI-driven) innovation is important for business success

IT as a fast execution engine

Ideal for developing new methods, products, or services which provide value to the organization

Can be led by IT or the business, depending on the scope of innovation (IT generally leads IT/internal innovation while the business leads customer-focused innovation)

Often follows the pace of the business

IT is a fast executor on requests generated by the business

Leverages Agile to develop new ideas and products, and uses DevOps to put into production


Use Info-Tech's research to Build your Enterprise Innovation Program

IT as an exponential innovation leader

Ideal for driving the enterprise adoption of emerging tech and autonomous business capabilities

Led by IT, which brings the understanding of emerging technology and can link opportunities to business problems

Driven by a faster pace of change, which requires more frequent assessment of emerging technology

IT is a fast executor on ideas and uses partnerships to drive execution

Leverages Agile, machine learning operations (MLOps), DataOps and product design to test and implement ideas

Use this research to successfully drive innovation with an Exponential IT mindset

Measure the value of this blueprint

Transformation efforts fail over 75% of the time[1] resulting in millions of dollars of lost revenue[2]

Our research indicates that most organizations would take months to prepare this type of assessment without our resources. That's nearly 70 work hours spent researching and gathering data to support due diligence, for a total cost of thousands of dollars. Improve your success rate by understanding what's needed to successfully drive innovation.

[1] Lombard, 2022
[2] FutureCIO, 2022

A photo of Establish a baseline

A diagram that shows Estimated time commitment without Info-Tech's research (person-hours)

Establish a baseline

Gauge the effectiveness of this research by completing the following table before and after using this blueprint:

A diagram that shows Establish a baseline

How to use this research

Five tips to get the most out of your readiness assessment

  1. Each category consists of five competencies, with a maximum of five points each. The maximum score on this assessment is 100 points.
  2. Effectiveness levels range from basic (Level 1) to advanced (Level 5). Level 1 is generally considered the baseline for most effectively operating organizations. If your organization is struggling with Level 1 competencies, focus on those before pursuing higher maturity areas.
  3. This assessment is qualitative. Complete the assessment to the best of your ability, based on the scoring rubric provided. If you fall between levels, use the lower one in your assessment.
  4. The scoring rubric may not perfectly fit the processes and practices within every organization. Consider the spirit of the description and score accordingly.
  5. Other industry- and region-specific competencies may be required to succeed at exponential innovation. The competencies in this assessment are a starting point, and internal validation and assessments should be conducted to uncover additional competencies and skills.

Assess your innovation readiness:

1. Organizational Excellence

  • Innovation mandate
  • Transformational leadership
  • Culture of innovation
  • Vision & strategy

Organizational excellence sets the stage for innovation.

"Innovation distinguishes between a leader and a follower." – Steve Jobs, Apple Founder

Without strong leadership, innovation efforts are almost certain to fail. Innovation requires buy-in and support, a leader who walks the talk, culture which supports risk taking and allows failure, and a clear and compelling vision. Without these elements in place, transformation efforts are a fifteen times more likely to fail [1] – and waste time and money along the way.

[1] Lombard, 2022.

Focus on innovation to deliver business value

Satisfaction drives IT value, and innovation leadership drives satisfaction with IT

Strong leadership is critical to the success of innovation. A global survey of 600 business leaders pointed to leadership as the best predictor of innovation success[1] and showed a strong correlation between leadership ability and innovation capabilities.

Innovation leadership starts with a mandate from the senior leadership team and requires a clearly articulated vision and strategy to deliver the intended benefits to the organization. A survey of 270 business leaders showed that over a third of them struggled with articulating the right strategy or vision, hindering their efforts to innovate.[2]

45% of business leaders report that cultural issues stifle their innovation efforts, and 55% report unhealthy politics which cause infighting that negatively affects their organization.[2]

[1] McKinsey, 2008
[2] Harvard Business Review, 2018

The importance of leadership

75% of high IT satisfaction scores are associated with a strong ability to lead innovation.
Source: Info-Tech Research Group survey, n=305

Struggling to get a seat at the table?

It can be challenging to drive innovation efforts without trust and buy-in from senior leadership. Start with small initiatives and build your reputation by consistently delivering on your commitments.

Leadership starts with a mandate

Build your innovation leadership with the following capabilities:

Innovation mandate: There is strong support and trust from the senior leadership team, which gives IT leaders the opportunity to lead innovation despite any temporary failure. IT leaders are well-informed about and have input into business decisions.

Transformational leadership: IT leaders are influential change agents, not only within their organization but across their industry or community. They inspire others and actively collaborate with external partners, driving change beyond their organization.

Culture of innovation: Innovative cultures generally demonstrate ten behaviors that are most closely correlated with innovation success: growth mindset, learning-focused, psychological safety, curiosity, trust, willingness to fail, collaboration, diverse perspectives, autonomy, and appropriate risk-taking. These behaviors are embedded in the organization and strongly demonstrated in daily work.

Vision & strategy: The innovation vision and strategy are continuously refined and adapted to changing market and emerging technology trends. Emerging technology innovation is second nature in the organization, and it becomes a leader in driving change across the industry.

Additional resources for Organizational Excellence

Photo of Build your Enterprise Innovation Program

Build your Enterprise Innovation Program

Define your innovation mandate
Articulate your vision and guiding principles
Build a culture of innovation

Photo of Manage Your CXO Relations

Manage Your CXO Relations

Successfully manage CXO relationships to get a seat at the table and build your mandate to drive innovation

Photo of CIO

Become a Transformational CIO

Build the capabilities to drive transformation as an IT leader in your organization

Assess your innovation readiness:

2. Insights & Intelligence

  • Business context
  • Strategic foresight
  • Emerging tech expertise
  • Strategic alignment

The foundation of innovation is data.

"Without data you're just another person with an opinion." – Edwards Deming, Statistician

Having comprehensive and accurate data about the problems you hope to solve is critical to realizing the benefits of innovation. Build your understanding of the business and ability to predict how trends will impact your industry, then stay on top of emerging tech and align solutions with strategic business capabilities.

Act on strategic indicators

Build the ability to go from data to intelligence to insights

Info-Tech data shows that businesses are 93% more likely to be satisfied with IT when their IT teams have a better understanding of the business. Teams need to understand who your organization serves, how it delivers value, and what its goals are.

When seeking to capitalize on emerging technology opportunities, businesses face an execution challenge. 82% of business leaders report being able to identify leading indicators of change, but less than two thirds of them are confident in their ability to act on those indicators.[1]

A report by Leadership IQ noted that only 29% of the 21,008 employees surveyed considered their leader's vision consistently well aligned with the organizational vision.[2] Strategic alignment is not just important from a results perspective. It impacts employee motivation: employees with strong leadership alignment are 24% more likely to give their best at work.[2]

[1] Harvard Business Review, 2018
[2] Leadership IQ, 2020

Strategic Foresight Challenges

82% of business leaders say they can correctly identify leading indicators of change…

…however, only 58% feel confident in their abilities to act on these indicators.

Source: Harvard Business Review, 2018

You must understand the business

Develop key insights and intelligence with the following capabilities:

Business context: IT actively participates in the business as a value creator and innovator, proactively disrupting the business and driving the adoption of emerging tech that drives exponential value.

Strategic foresight: IT not only embraces emerging technologies, but actively drives innovation and disruption through their adoption. IT is adept at using trends to drive exploration and can quickly execute on initiatives.

Emerging tech expertise: There is an expert-level understanding of emerging technologies including their capabilities, limitations, risks, trends, and potential use cases. IT proactively drives the adoption of emerging technology.

Strategic alignment: IT proactively uses the business strategy to drive adoption of emerging technology and identify new opportunities. Each initiative has clear metrics and targets which directly impact business targets.

Additional resources for Intelligence & Insights

Photo of Tech Trends 2023

Tech Trends 2023

Like a chess grandmaster, CIOs must play both sides of the board. Emerging technologies present opportunities to attack, but it's necessary to protect from a volatile board.

Photo of innovation

Establish a Foresight Capability

To be recognized and validated as a forward-thinking CIO, you must establish a structured approach to innovation that considers external trends alongside internal processes.

Photo of Build a Business-Aligned IT Strategy

Build a Business-Aligned IT Strategy

Elicit the business context and identify strategic initiatives that are most important to the organization while building a plan to execute on it.

Assess your innovation readiness:

3. Agile Ideation

  • Data-driven decision making
  • Ability to identify opportunities
  • Business engagement
  • Risk management

IT must use data to drive the ideation process, engaging the business to identify opportunities – all while managing risk.

"Innovation is key. Only those who have the agility to change with the market and innovate quickly will survive."- Robert Kiyosaki, Entrepreneur & Author

Many Agile concepts are used in the process of innovation, regardless of whether the formal Agile methodology is used. Fast iterations ("fail fast"), lessons learned, and risk management are equally important for ideation as they are for execution. This category evaluates IT's ability to drive the ideation process at the enterprise level.

Use data to drive agility

Effectively using data has a threefold impact in the quality of decisions

A diagram that shows data-driven journey

Agility is critical for innovation, particularly when adopting emerging technology. AI and other emerging technologies are accelerating the pace of change and driving a necessary increase in how quickly organizations must adapt.

Data is also critical when building a case for change. A survey of over 1,000 senior business leaders showed that organizations that effectively use data to drive decision making are three times more likely to report significant improvements in the quality of their decisions.[1]

[1] Harvard Business School Online, 2019

Start with the business

The business must be involved in ideation. Develop the skills needed to engage the business and identify challenges and opportunities.

Engage the business to deliver value

Build your proficiency in the following ideation capabilities:

Data-driven decision making: Data is proactively collected from multiple internal and external sources to inform innovation strategies. Continuous monitoring of innovation provides a strong rationale for outcomes and benefits. Data governance, quality, and privacy measures are in place to ensure data quality.

Ability to identify opportunities: IT actively shapes the future of the organization and the industry by proactively identifying business opportunities for emerging technology and leading the way in their adoption. Experiments and pilots are often industry firsts.

Business engagement: IT enables the business by engaging at all levels to identify and refine emerging technology opportunities. They effectively communicate benefits and risks in business terms, while understanding business needs and challenges. IT collaborates with the business to establish innovation centers or communities of practice.

Risk management: There is a proactive and holistic approach to risk management, considering both opportunities and threats associated with emerging technology adoption. IT and the business continually anticipate and monitor emerging risks, evaluate the effectiveness of risk management practices, and adapt them to evolving technology landscapes.

Additional resources for Agile Ideation

Photo of Develop Your Agile Approach for a Successful Transformation

Develop Your Agile Approach for a Successful Transformation

Understand Agile fundamentals, principles, and practices so you can apply them effectively in your organization.

Photo of Build an IT Risk Management Program

Build an IT Risk Management Program

Risk is inevitable. Without a formal management program, you may be unaware of your greatest IT risks.

Reacting to risks after they occur can be costly and devastating, yet this is one of the most common tactics used by IT departments.

Photo of business innovation

Kick-Start IT-Led Business Innovation

Business demand for new technology is intensifying pressure to innovate and executive stakeholders expect more from IT. If IT is not considered a source of innovation, its perceived value decreases, and the threat of shadow IT grows. Don't wait to start finding and capitalizing on opportunities for IT-led innovation.

Assess your innovation readiness:

4. Team Capabilities

  • Resourcing & investment
  • Talent & skills
  • Change management
  • Partnerships & ecosystem

Ensure you have the right resources and skills needed to drive innovation.

"The best way to predict the future is to invent it." – Alan Kay, Computer Scientist

Resourcing and skills are critical building blocks for driving innovation, and without a strong understanding of emerging technology and the processes needed to adopt it, organizations will falter at driving change.

Develop the right resourcing, skills, change management, and partnerships to drive Exponential IT.

Develop key skills

Scaled Agile (SAFe): Scaled Agile is a framework for implementing Agile and lean methodologies at the enterprise level or outside of a single team.

Development operations (DevOps): A methodology for software development which includes practices and tools that support the development lifecycle.

Data operations (DataOps): A set of tools and processes that support data management within an organization. Typically used when training AI on a specialized data set.

Analytics: The systematic analysis of information used to discover, interpret, and communicate insights gleaned from patterns in data. Analytics typically generate insights that support data-driven decision making.

Machine learning operations (MLOps): Tools and processes that support the development of machine learning (ML) models, including AI and large language models (LLM). Can include expertise in computer science, natural language processing (NLP), computer vision, computational algorithms, mathematics, and ML expertise.

Artificial intelligence operations (AIOps): Leveraging AI to develop autonomous business processes at the enterprise level.

Mature your emerging technology capabilities

Agile: Build the methodologies to drive execution
DevOps: Drive the software development lifecycle
DataOps: Effectively manage data
Analytics: Develop insights from data
MLOps: Develop machine learning tools
AIOps: Build autonomous business processes

Manage the building blocks of innovation

Resourcing & investment: IT manages a well-defined and substantial budget dedicated to innovation, which is integrated into the overall strategic planning and decision-making processes. Investments are made in a holistic and forward-looking manner, considering the long-term implications and potential disruption caused by emerging technologies.

Talent & skills: Teams exhibit thought leadership and innovate within emerging technologies, including advanced machine learning engineering, MLOps, DataOps, and analytics. Employees actively contribute to the advancement of these technologies, engage in research and development, and explore new applications and use cases.

Change management: This is a core competency led by change champions and change management professionals. There is a strategic approach to driving and sustaining change, focusing on long-term adoption and continuous improvement. Change management is embedded in the organizational culture, and there is a proactive effort to foster change agility and build change capability at all levels.

Partnerships & ecosystems: IT builds an orchestrated innovation ecosystem for the adoption of emerging technology. They take a proactive role in orchestrating collaboration among ecosystem partners. The organization acts as a catalyst for innovation, bringing together diverse partners to address complex challenges and drive transformative solutions.

Additional resources for Team Capabilities

Photo of Drive Technology Adoption

Drive Technology Adoption

The project isn't over if the new product or system isn't being used. How do you ensure that what you've put in place will not be ignored or only partially adopted? People are more complicated than any new system and managing them through change requires careful planning.

Photo of team discussion

Extend Agile Practices Beyond IT

Further the benefits of Agile by extending a scaled Agile framework to the business.

Not all lessons from scaling Agile to IT are transferable. IT Agile scaling processes are tailored to IT's scope, team, and tools, which may not account for diverse attributes within your organization.

Photo of Managing Exponential Value Relationships

Managing Exponential Value Relationships

Successfully managing outcome-based relationships requires a higher degree of trust than traditional vendor relationships. Building trust comes from sharing risks and rewards between organizations and vendors.

Assess your innovation readiness:

5. Innovation Execution

  • Governance
  • Embedded security
  • Infrastructure
  • Ability to execute

Can you deliver results? Develop the capability to execute on innovative ideas.

"What good is an idea if it remains an idea? Try. Experiment. Fail. Try again. Change the world." – Simon Sinek, Author, Motivational Speaker

The foundational elements of innovation significantly overlap with the activities you must do to excel at core IT operations. Build your ability to execute quickly on innovative ideas and build the trust of the enterprise.

Rapidly execute on innovative ideas

IT must be able to successfully manage the foundational capabilities of innovation

The foundational capabilities of innovation are central to many core IT processes: governance, security, supporting infrastructure, and the ability to execute on ideas are all critical to running an effective IT shop.

IT governance is a critical and embedded practice ensuring information and technology investments, risks, and resources are aligned in the organization's best interests while producing business value. Effective governance ensures that the right technology investments are made at the right time to support and enable your organization's mission, vision, and goals.

A diagram that shows Info-Tech's IT Governance Framework and Security Framework

Build foundational capabilities

The ability to rapidly execute on ideas is fundamental not only to innovation but also running an effective IT organization.

Develop foundational IT capabilities

The ability to execute is based on key foundational capabilities, including:

Governance: Adaptable and automated governance guides effective innovation and supports the adoption of emerging technology. Decision making is flexible and can move quickly to enable the implementation of new technologies. Responsibility and authority are aligned across all levels of the organization.

Embedded security: Security and privacy controls are embedded in the applications and technologies deployed across the enterprise. Security is built into the organizational culture, with a strong focus on promoting security awareness and fostering a security-first mindset.

Infrastructure: IT infrastructure is modern, adaptive, and future-proof. Infrastructure should support a range of emerging technology applications, including the flexibility to adapt to future use cases. There is a focus on agility, scalability, flexibility, and interoperability.

Ability to execute: The IT team drives rapid innovation across the organization and can reliably execute and collaborate with internal and external partners. They are pivotal in driving innovation initiatives that align with the organization's strategic objectives. Agile methodologies and practices are embedded in the culture of the team.

Additional resources for Innovation Execution

Photo of Make Your IT Governance Adaptable

Make Your IT Governance Adaptable

Produce more value from IT by developing a governance framework optimized for your current needs and context, with the ability to adapt as your needs shift.

Create the foundation and ability to delegate and empower governance to enable agile delivery.

Photo of Build an Information Security Strategy

Build an Information Security Strategy

Many security leaders struggle to decide how best to prioritize their scarce information security resources.

The need to move from a reactive security approach toward a strategic planning approach is clear. The path to getting there is less so.

Photo of Exploit Disruptive Infrastructure Technology

Exploit Disruptive Infrastructure Technology

Accurate predicting isn't easy. Most IT leaders fail to realize how quickly technology increases in capability. Even for the tech savvy, it's difficult to predict which specific technologies will become disruptive.

Activity 1: Assess your readiness for exponential innovation

Input: Core competencies; Knowledge of internal processes and capabilities
Output: Readiness assessment
Materials: Exponential Innovation Assessment Tool; Whiteboard/Flip charts
Participants: Executive leadership team, including CIO; Other internal stakeholders of vendor partnerships

1-3 hours

  1. Gather key stakeholders from across your organization to participate in the readiness assessment exercise.
  2. As a group, review the core competencies from the following five sections and determine where your organization's effectiveness lies for each competency. Record your responses in the Exponential Innovation Assessment Tool.

Download the Exponential Innovation Assessment Tool

Interpret your results

Understand your readiness and determine the next steps to operationalize exponential innovation.

Once you have completed the readiness assessment, use Info-Tech's maturity ladder to identify next steps and recommendations.

It is usually very challenging to lead innovation with a total score less than 50. Lower maturity organizations should focus on maturing the foundational aspects of innovation, such as those in the Innovation Execution and Team Capabilities categories, and core IT processes.

For higher maturity organizations (those with total scores 50 or higher), first focus on getting all capabilities to a minimum of Level 3, then work on progressing maturity starting with foundational categories and working upwards:

A diagram that shows innovation readiness

Determine your readiness

A diagram that shows Innovation Maturity ladder

Activity 2: Create an action plan

Input: Readiness assessment
Output: Action plan to improve maturity of capabilities
Materials: Exponential Innovation Assessment Tool; Whiteboard/Flip charts
Participants: Executive leadership team, including CIO; Other internal stakeholders of vendor partnerships

1 hour

  1. Gather the stakeholders who participated in the readiness assessment exercise.
  2. As a group, review the results of the readiness assessment. Were there any surprises? Do the results reflect your understanding of the organization's maturity?
  3. Determine which areas are likely to limit the organization's innovation capability, based on lowest scoring areas and relative importance to the organization.
  4. Break out into groups and have each group identify three actions the organization could take to mature the lowest scoring areas.
  5. Bring the group back together and prioritize the actions. Note who will be accountable for each next step.
  6. Identify additional Info-Tech research that can assist with improving your maturity (see additional resources in this blueprint).

Author

Photo of Kim Osborne Rodriguez
Kim Osborne Rodriguez
Research Director, CIO Advisory
Info-Tech Research Group

Kim is a professional engineer and Registered Communications Distribution Designer (RCDD) with over a decade of experience in management and engineering consulting spanning healthcare, higher education, and commercial sectors. She has worked on some of the largest hospital construction projects in Canada, from early visioning and IT strategy through to design, specifications, and construction administration. She brings a practical and evidence-based approach, with a track record of supporting successful projects.

Kim holds a Bachelor's degree in Honours Mechatronics Engineering and an option in Management Sciences from University of Waterloo.

Research Contributors and Experts

Photo of Jack Hakimian
Jack Hakimian
Senior Vice President
Info-Tech Research Group

Jack has more than 25 years of Technology and Management Consulting experience. He has served multi-billion-dollar organizations in multiple industries including Financial Services and Telecommunications. Jack also served many large public sector institutions.

He is a frequent speaker and panelist at technology and innovation conferences and events and holds a Master's degree in Computer Engineering and an MBA from the ESCP-EAP European School of Management.


Photo of Mark Tauschek
Mark Tauschek
Vice President, Infrastructure & Operations Research
Info-Tech Research Group

Mark has hands-on network design and deployment experience across verticals including healthcare, education, manufacturing, retail, and entertainment. He has extensive knowledge in the areas of technology research, process development, vendor selection, and project management. He holds specific expertise in wireless networking and mobile technologies.

Mark holds an MBA from the Richard Ivey School of Business at the University of Western Ontario and many professional wireless technology certifications.


Photo of Michael Tweedie
Michael Tweedie
Practice Lead, CIO Strategy
Info-Tech Research Group

Mike Tweedie brings over 25 years as a technology executive. He's led several large transformation projects across core infrastructure, application and IT services as the head of Technology at ADP Canada. He was also the Head of Engineering and Service Offerings for a large French IT services firm, focused on cloud adoption and complex ERP deployment and management.

Mike holds a Bachelor's degree in Architecture from Ryerson University.


Photo of Donna Bales
Donna Bales
Principal Research Director
Info-Tech Research Group

Donna Bales is a Principal Research Director in the CIO Practice at Info-Tech Research Group specializing in research and advisory services in IT risk, governance, and compliance. She brings over 25 years of experience in strategic consulting and product development and has a history of success in leading complex, multi-stakeholder industry initiatives.

Donna has a Bachelor's degree in Economics from the University of Western Ontario.


Photo of Isabelle Hertanto
Isabelle Hertanto
Principal Research Director, Security & Privacy
Info-Tech Research Group

Isabelle Hertanto has over 15 years of experience delivering specialized IT services to the security and intelligence community. As a former federal officer for Public Safety Canada, Isabelle trained and led teams on data exploitation and digital surveillance operations in support of Canadian national security investigations. Since transitioning into the private sector, Isabelle has held senior management and consulting roles across a variety of industry sectors, including retail, construction, energy, healthcare, and the broader Canadian public sector.


Photo of Aaron Shum
Aaron Shum
Vice President, Security, Privacy, Risk & Compliance
Info-Tech Research Group

Aaron Shum is a Vice President in the Security & Privacy Research and Advisory Practice at Info-Tech Research Group. With 25+ years of experience across IT, InfoSec, and Data Privacy, he currently specializes in helping organizations implement comprehensive information security and cybersecurity programs and comply with data privacy regulations such as the European Union's General Data Protection Regulation and the California Privacy Rights Act.


Photo of Reiaz Somji
Reiaz Somji
Managing Director, Consulting
Info-Tech Research Group

As a client-focused strategist with strong organizational acumen, Reiaz leverages his 20+ years of management consulting experience to help C-suite executives and managers navigate the integration of changing technology with business goals. He is currently a managing director in Info-Tech's consulting division and leads its Infrastructure practice.


Photo of Hans Eckman
Hans Eckman
Principal Research Director, Applications
Info-Tech Research Group

Hans Eckman is a business transformation leader helping organizations connect business strategy and innovation to operational excellence. He supports Info-Tech members in SDLC optimization, Agile and DevOps implementation, CoE/CoP creation, innovation program development, application delivery, and leadership development. Hans is based out of Atlanta, Georgia.


Photo of Irina Sedenko
Irina Sedenko
Research Director, Data & Analytics
Info-Tech Research Group

Irina brings more than 20 years of information management experience and demonstrated expertise in big data, advanced analytics, machine learning, and AI. Her experience includes designing and implementing enterprise content management systems, defining data and analytics strategy to support business goals and objectives, creating data governance to enable data initiatives, and providing guidance to the client teams. She led teams through data lake implementation to enable advanced analytics capabilities and has hands-on data science and machine learning experience.

Research Contributors

Photo of Bill Macgowan
Bill Macgowan
Director, Smart Building Digitization
Cisco


Photo of Barry Wiech
Barry Wiech
Chief Digital and Information Officer
Sime Darby Industrial


Photo of Tim Dunn
Tim Dunn
Chief Information Officer
Department of Energy & Public Works (Queensland)


Photo of Sudip Ghosh
Sudip Ghosh
Group Manager, Office of the CIO
Star Entertainment Group



Samantha Rose
Contract Manager
Department of Energy & Public Works (Queensland)

Bibliography

Altringer, Beth. "A New Model for Innovation in Big Companies." Harvard Business Review. 19 Nov. 2013. Accessed 15 June 2023. https://hbr.org/2013/11/a-new-model-for-innovation-in-big-companies

Bar Am, Jordan et al. "Innovation in a Crisis: Why it is More Critical Than Ever." McKinsey & Company, 17 June 2020. Accessed 15 June 2023. https://www.mckinsey.com/capabilities/strategy-and-corporate-finance/our-insights/innovation-in-a-crisis-why-it-is-more-critical-than-ever

Barsh, Joanna et al. "Leadership and Innovation." McKinsey Quarterly, 1 Jan 2008. Accessed 7 July 2023. https://www.mckinsey.com/capabilities/strategy-and-corporate-finance/our-insights/leadership-and-innovation

Borealis AI. "RBC Wins Best Use of AI for Customer Experience for NOMI Forecast." Borealis AI Blog, 28 Apr 2023. Accessed 13 June 2023. https://www.borealisai.com/news/rbc-wins-best-use-of-ai-for-customer-experience-for-nomi-forecast/

Boston Consulting Group, "Most Innovative Companies 2022." BGC, 15 Sept. 2022. Accessed 15 June 2023. https://www.bcg.com/en-ca/publications/2022/innovation-in-climate-and-sustainability-will-lead-to-green-growth

BrainyQuote. "Innovation Quotes." Accessed 19 June 2023. https://www.brainyquote.com/topics/innovation-quotes

Christensen, Clayton M. The Innovator's Dilemma: When New Technologies Cause Great Firms to Fail. Harvard Business Review Press, 2016.

Cleroux, Pierre. The "I" Word. BDC. Accessed 1 Aug 2023. https://www.bdc.ca/en/articles-tools/blog/innovation-no-1-factor-business-success

FutureCIO Editors. "Failed transformation can result in US$6 million in lost revenue." FutureCIO, 29 Apr 2022. Accessed 10 Jul 2023. https://futurecio.tech/failed-transformation-can-result-in-us6-million-in-lost-revenue/

Goodreads. "W. Edwards Deming Quotes." Accessed 19 June 2023. https://www.goodreads.com/quotes/7327935-without-data-you-re-just-another-person-with-an-opinion

Haefner, Naomi et al. "Artificial intelligence and innovation management: A review, framework, and research agenda." Technological Forecasting and Social Change, Volume 162, 2021. Accessed 15 June 2023. https://www.sciencedirect.com/science/article/pii/S004016252031218X

IBM. "The new AI innovation equation." IBM Website. 13 Oct 2016. Accessed 15 June 2023. https://www.ibm.com/watson/advantage-reports/future-of-artificial-intelligence/ai-innovation-equation.html

Isomaki, Atte. "60+ Innovation Quotes and What They Can Teach You." Viima, 19 Mar 2019. Accessed 6 July 2023. https://www.viima.com/blog/innovation-quotes

Kay, Alan. "The best way to predict the future is to invent it." Quote Park, 3 June 2021. Accessed 15 June 2023. https://quotepark.com/quotes/1893243-alan-kay-the-best-way-to-predict-the-future-is-to-invent-it/

Kirsner, Scott. "The Biggest Obstacles to Innovation in Large Companies." Harvard Business Review, 30 July 2018. Accessed 15 June 2023. https://hbr.org/2018/07/the-biggest-obstacles-to-innovation-in-large-companies

Kiyosaki, Robert. "Innovation is key. Only those who have the agility to change with the market and innovate quickly will survive." AZ Quotes, 11 Dec. 2013. Accessed 15 June 2023.

Leadership IQ. "The State Of Leadership Development." Leadership IQ, 2020. Accessed 6 July 2023. https://www.leadershipiq.com/blogs/leadershipiq/leadership-development-state

Lombard, Charl. "Defining Digital: A New Approach to Digital Transformation." Info-Tech LIVE Conference, 2022. https://tymansgrpup.com/videos/defining-digital-a-new-approach-to-digital-transformation

Murphy, Mark. "A Shocking Number Of Leaders Are Not Aligned With Their Companies' Visions." Forbes, 28 Aug 2020. Accessed 6 Jul 2023. https://www.forbes.com/sites/markmurphy/2020/08/28/a-shocking-number-of-leaders-are-not-aligned-with-their-companies-visions

Seymour, Harriet et al. "How to unlock a scientific approach to change management with powerful data insights." IBM, 11 Jan 2023. Accessed 6 July 2023. https://www.ibm.com/blog/how-to-unlock-a-scientific-approach-to-change-management-with-powerful-data-insights/

Sinek, Simon. "What good is an idea if it remains an idea? Try. Experiment. Fail. Try again. Change the world." Praxie, n.d. https://praxie.com/top-innovation-quotes/

Stobierski, Tim. "The Advantages of Data-Driven Decision-Making." Harvard Business School Online, 26 Aug 2019. Accessed 6 July 2023. https://online.hbs.edu/blog/post/data-driven-decision-making

Torres, Roberto. "How tech leaders can earn C-suite trust." CIO Dive, 1 Jul 2022. Accessed 7 Jul 2023. https://www.ciodive.com/news/C-suite-trust-CIO-executives/626476/

Tushman, Michael et al. "Change Management Is Becoming Increasingly Data-Driven. Companies Aren't Ready." Harvard Business Review, 23 Oct 2017. Accessed 6 Jul 2023. https://hbr.org/2017/10/change-management-is-becoming-increasingly-data-driven-companies-arent-ready

Weick, Karl and Kathleen Sutcliffe. Managing the Unexpected: Sustained Performance in a Complex World, Third Edition. John Wiley & Sons, 2015.

Master the Secrets of Adobe’s Creative Cloud Contracts to Right-Size Your Adobe Spend

  • Buy Link or Shortcode: {j2store}139|cart{/j2store}
  • member rating overall impact: 10.0/10 Overall Impact
  • member rating average dollars saved: $63,667 Average $ Saved
  • member rating average days saved: 110 Average Days Saved
  • Parent Category Name: Licensing
  • Parent Category Link: /licensing
  • Adobe operates in its own niche in the creative space, and Adobe users have grown accustomed to their products, making switching very difficult.
  • With Adobe’s transition to a cloud-based subscription model, it’s important for organizations to actively manage licenses, software provisioning, and consumption.
  • Without a detailed understanding of Adobe’s various purchasing models, overspending often occurs.
  • Organizations have experienced issues in identifying commercial licensed packages with their install files, making it difficult to track and assign licenses.

Our Advice

Critical Insight

  • Focus on user needs first. Examine which products are truly needed versus nice to have to prevent overspending on the Creative Cloud suite.
  • Examine what has been deployed. Knowing what has been deployed and what is being used will greatly aid in completing your true-up.
  • Compliance is not automatic with products that are in the cloud. Shared logins or computers that have desktop installs that can be access by multiple users can cause noncompliance.

Impact and Result

  • Visibility into license deployments and needs
  • Compliance with internal audits

Master the Secrets of Adobe’s Creative Cloud Contracts to Right-Size Your Adobe Spend Research & Tools

Start here – read the Executive Brief

Procuring Adobe software is not the same game as it was just a few years ago. Adopt a comprehensive approach to understanding Adobe licensing to avoid overspending and to maximize negotiation leverage.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Manage your Adobe agreements

Use Info-Tech’s licensing best practices to avoid overspending on Adobe licensing and to remain compliant in case of audit.

  • Adobe ETLA vs. VIP Pricing Table
  • Adobe ETLA Forecasted Costs and Benefits
  • Adobe ETLA Deployment Forecast
[infographic]

Further reading

Master the Secrets of Adobe’s Creative Cloud Contracts to Right-Size Your Adobe Spend

Learn the essential steps to avoid overspending and to maximize negotiation leverage with Adobe.

ANALYST PERSPECTIVE

Only 18% of Adobe licenses are genuine copies: are yours?

"Adobe has designed and executed the most comprehensive evolution to the subscription model of pre-cloud software publishers with Creative Cloud. Adobe's release of Document Cloud (replacement for the Acrobat series of software) is the final nail in the coffin for legacy licensing for Adobe. Technology procurement functions have run out of time in which to act while they still retain leverage, with the exception of some late adopter organizations that were able to run on legacy versions (e.g. CS6) for the past five years. Procuring Adobe software is not the same game as it was just a few years ago. Adopt a comprehensive approach to understanding Adobe licensing, contract, and delivery models in order to accurately forecast your software needs, transact against the optimal purchase plan, and maximize negotiation leverage. "

Scott Bickley

Research Lead, Vendor Practice

Info-Tech Research Group

Our understanding of the problem

This Research is Designed For:

  • IT managers scoping their Adobe licensing requirements and compliance position.
  • CIOs, CTOs, CPOs, and IT directors negotiating licensing agreements in search of cost savings.
  • ITAM/Software asset managers responsible for tracking and managing Adobe licensing.
  • IT and business leaders seeking to better understand Adobe licensing options (Creative Cloud).
  • Vendor management offices in the process of a contract renewal.

This Research Will Help You:

  • Understand and simplify licensing per product to help optimize spend.
  • Ensure agreement type is aligned to needs.
  • Navigate the purchase process to negotiate from a position of strength.
  • Manage licenses more effectively to avoid compliance issues, audits, and unnecessary purchases.

This Research Will Also Assist:

  • CFOs and the finance department
  • Enterprise architects
  • ITAM/SAM team
  • Network and IT architects
  • Legal
  • Procurement and sourcing

This Research Will Help Them:

  • Understand licensing methods in order to make educated and informed decisions.
  • Understand the future of the cloud in your Adobe licensing roadmap.

Executive summary

Situation

  • Adobe’s dominant market position and ownership of the creative software market is forcing customers to refocus the software acquisition process to ensure a positive ROI on every license.
  • In early 2017, Adobe announced it would stop selling perpetual Creative Suite 6 products, forcing future purchases to be transitioned to the cloud.

Complication

  • Adobe operates in its own niche in the creative space, and Adobe users have grown accustomed to their products, making switching very difficult.
  • With transition to a cloud-based subscription model, organizations need to actively manage licenses, software provisioning, and consumption.
  • Without a detailed understanding of Adobe’s various purchasing models, overspending often occurs.
  • Organizations have experienced issues in identifying commercial licensed packages with their install files, making it difficult to track and assign licenses.

Resolution

  • Gain visibility into license deployments and needs with a strong SAM program/tool; this will go a long way toward optimizing spend.
    • Number of users versus number of installs are not the same, and confusing the two can result in overspending. Device-based licensing historically would have required two licenses, but now only one may be required.
  • Ensure compliance with internal audits. Adobe has a very high rate of piracy stemming from issues such as license overuse, misunderstanding of contract language, using cracks/keygens, virtualized environments, indirect access, and sharing of accounts.
  • A handful of products are still sold as perpetual – Acrobat Standard/Pro, Captivate, ColdFusion, Photoshop, and Premiere Elements – but be aware of what is being purchased and used in the organization.
    • Beware of products deployed on server, where the number of users accessing that product cannot easily be counted.

Info-Tech Insight

  1. Your user-need analysis has shifted in the new subscription-based model. Determine which products are needed versus nice to have to prevent overspending on the Creative Cloud suite.
  2. Examine what you need, not what you have. You can no longer mix and match applications.
  3. Compliance is not automatic with products that are in the cloud. Shared logins or computers with desktop installs that can be accessed by multiple users can cause noncompliance.

The aim of this blueprint is to provide a foundational understanding of Adobe

Why Adobe

In 2011 Adobe took the strategic but radical move toward converting its legacy on-premises licensing to a cloud-based subscription model, in spite of material pushback from its customer base. While revenues initially dipped, Adobe’s resolve paid off; the transition is mostly complete and revenues have doubled. This was the first enterprise software offering to effect the transition to the cloud in a holistic manner. It now serves as a case study for those following suit, such as Microsoft, Autodesk, and Oracle.

What to know

Adobe elected to make this market pivot in a dramatic fashion, foregoing a gradual transition process. Enterprise clients were temporarily allowed to survive on legacy on-premises editions of Adobe software; however, as the Adobe Creative Cloud functionality was quickly enhanced and new applications were launched, customer capitulation to the new subscription model was assured.

The Future

Adobe is now leveraging the power of connected customers, the availability of massive data streams, and the ongoing digitalization trend globally to supplement the core Creative Cloud products with online services and analytics in the areas of Creative Cloud for content, Marketing Cloud for marketers, and Document Cloud for document management and workflows. This blueprint focuses on Adobe's Creative Cloud and Document Cloud solutions and the enterprise term license agreement (ETLA).

Info-Tech Insight

Beware of your contract being auto-renewed and getting locked into the quantities and product subset that you have in your current agreement. Determining the number of licenses you need is critical. If you overestimate, you're locked in for three years. If you underestimate, you have to pay a big premium in the true-up process.

Learn the “Adobe way,” whether you are reviewing existing spend or considering the purchase of new products

  1. Legacy on-premises Adobe Creative Suite products used to be available in multiple package configurations, enabling right-sized spend with functionality. Adobe’s support for legacy Creative Suites CS6 products ended in May 2017.
  2. While early ETLAs allowed customer application packaging at a lower price than the full Creative Cloud suite, this practice has been discontinued. Now, the only purchasing options are the full suite or single-application subscriptions.
  3. Buyers must now assess alternative Adobe products as an option for non-power users. For example, QuarkXPress, Corel PaintShop Pro, CorelDRAW, Bloom, and Affinity Designer are possible replacements for some Creative Cloud applications.
  4. Document Cloud, Adobe’s latest step in creating an Acrobat-focused subscription model, limits the ability to reduce costs with an extended upgrade cycle. These changes go beyond the licensing model.
  5. Organizations need to perform a cost-benefit analysis of single app purchases vs. the full suite to right-size spend with functionality.

As Adobe’s dominance continues to grow, organizations must find new ways to maintain a value-added relationship

Adobe estimates the total addressable market for creative and document cloud to be $21 billion. With no sign of growth slowing down, Adobe customers must learn how to work within the current design monopoly.

The image contains two pie graphs. The first is labelled FY2014 Revenue Mix, and the second graph is titled FY2017E Revenue Mix.

Source: Adobe, 2017

"Adobe is not only witnessing a steady increase in Creative Cloud subscriptions, but it also gained more visibility into customers’ product usage, which enables it to consistently push out software updates relevant to user needs. The company also successfully transformed its sales organization to support the recurring revenue model."

– Omid Razavi, Global Head of Success, ServiceNow

Consider your route forward

Consider your route forward, as ETLA contract commitments, scope, and mechanisms differ in structure to the perpetual models previously utilized. The new model shortchanges technology procurement leaders in their expectations of cost-usage alignment and opex flexibility (White, 2016).

☑ Implement a user profile to assign licenses by version and limit expenditures. Alternatives can include existing legacy perpetual and Acrobat classic versions that may already be owned by the organization.

☑ Examine the suitability and/or dependency on Document Cloud functions, such as existing business workflows and e-signature integration.

☑ Involve stakeholders in the evaluation of alternate products for use cases where dependency on Acrobat-specific functionality is limited.

☑ Identify not just the installs and active use of the applications but also the depth and breadth of use across the various features so that the appropriate products can be selected.

The image contains a screenshot of a diagram listing the adobe toolkit. The toolkit includes: Adobe ETLA Deployment Forecast Tool, Adobe ETLA Forecasted Cost and Benefits, Adobe ETLA vs. VIP Pricing Table.

Use Info-Tech’s Adobe toolkit to prepare for your new purchases or contract renewal

Info-Tech Insight

IT asset management (ITAM) and software asset management (SAM) are critical! An error made in a true-up can cost the organization for the remaining years of the ETLA. Info-Tech worked with one client that incurred a $600k error in the true-up that they were not able to recoup from Adobe.

Apply licensing best practices and examine the potential for cost savings through an unbiased third-party perspective

Establish Licensing Requirements

  • Understand Adobe’s product landscape and transition to cloud.
  • Analyze users and match to correct Adobe SKU.
  • Conduct an internal software assessment.
  • Build an effective licensing position.

Evaluate Licensing Options

  • Value Incentive Plan (VIP)
  • Cumulative Licensing Program (CLP)
  • Transactional Licensing Program (TLP)
  • Enterprise Term License Agreement (ETLA)

Evaluate Agreement Options

  • Price
  • Discounts
  • Price protection
  • Terms and conditions

Purchase and Manage Licenses

  • Learn negotiation tactics to enhance your current strategy.
  • Control the flow of communication.
  • Assign the right people to manage the environment.

Preventive practices can help find measured value ($)

Time and resource disruption to business if audited

Lost estimated synergies in M&A

Cost of new licensing

Cost of software audit, penalties, and back support

Lost resource allocation and time

Third party, legal/SAM partners

Cost of poor negotiation tactics

Lost discount percentage

Terms and conditions improved

Explore Adobe licensing and optimize spend – project overview

Establish Licensing Requirements

Evaluate Licensing Options

Evaluate Agreement Options

Purchase and Manage Licenses

Best-Practice Toolkit

  • Assess current state and align goals; review business feedback.
  • Interview key stakeholders to define business objectives and drivers.
  • Review licensing options.
  • Review licensing rules.
  • Determine the ideal contract type.
  • Review final contract.
  • Discuss negotiation points.
  • License management.
  • Future licensing strategy.

Guided Implementations

  • Engage in a scoping call.
  • Assess the current state.
  • Determine licensing position.
  • Review product options.
  • Review licensing rules.
  • Review contract option types.
  • Determine negotiation points.
  • Finalize the contract.
  • Discuss license management.
  • Evaluate and develop a roadmap for future licensing.

PHASE 1

Manage Your Adobe Agreements

Phase 1 outline

Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

Guided Implementation 1: Managing Adobe Contracts

Proposed Time to Completion: 3-6 weeks

Step 1.1: Establish Licensing Requirements

Start with a kick-off call:

  • Assess the current state.
  • Determine licensing position.

Then complete these activities…

  • Complete a deployment count, needs analysis, and internal audit.

With these tools & templates:

Adobe ETLA Deployment Forecast

Step 1.2: Determine Licensing Options

Review findings with analyst:

  • Review licensing options.
  • Review licensing rules.
  • Review contract option types.

Then complete these activities…

  • Select licensing option.
  • Document forecasted costs and benefits.

With these tools & templates:

Adobe ETLA vs. VIP Pricing Table

Adobe ETLA Forecasted Costs and Benefits

Step 1.3: Purchase and Manage Licenses

Review findings with analyst:

  • Review final contract.
  • Discuss negotiation points.
  • Plan a roadmap for SAM.

Then complete these activities…

  • Negotiate final contract.
  • Evaluate and develop a roadmap for SAM.

With these tools & templates:

Adobe ETLA Deployment Forecast

Adobe’s Cloud – Snapshot of what has changed

  1. Since Adobe has limited the procurement and licensing options with the introduction of Creative Cloud, there are three main choices:
    1. Direct online purchase at Adobe.com
    2. Value Incentive Plan (VIP): Creative Cloud for teams–based purchase with a volume discount (minimal, usually ~10%); may have some incentives or promotional pricing
    3. Enterprise Term License Agreement (ETLA): Creative Cloud for Enterprise (CCE)
  2. Adobe has discontinued support for legacy perpetual licenses, with the latest version being CS6, which is steering organizations to prioritize their options for products in the creative and document management space.
  3. Document Cloud (DC) is the cloud product replacing the Acrobat perpetual licensing model. DC extends the subscription-based model further and limits options to extend the lifespan of legacy on-premises licenses through a protracted upgrade process.
  4. The subscription model, coupled with limited discount options on transactional purchases, forces enterprises to consider the ETLA option. The ETLA brings with it unique term commitments, new pricing structures, and true-up mechanisms and inserts the "land and expand" model vs. license reassignment.

Info-Tech Insight

Adobe’s move from a perpetual license to a per-user subscription model can be positive in some scenarios for organizations that experienced challenges with deployment, management of named users vs. devices, and license tracking.

Core concepts of Adobe agreements: Discounting, pricing, and bundling

ETLA

Adobe has been systematically reducing discounts on ETLAs as they enter the second renewal cycle of the original three-year terms.

Adobe Cloud Bundling

Adobe cloud services are being bundled with ETLAs with a mandate that companies that do not accept the services at the proposed cost have Adobe management’s approval to unbundle the deal, generally with no price relief.

Custom Bundling

The option for custom bundling of legacy Creative Suite component applications has been removed, effectively raising the price across the board for licensees that require more than two Adobe applications who must now purchase the full Creative Cloud suite.

Higher and Public Education

Higher education/public education agreements have been revamped over the past couple of years, increasing prices for campus-wide agreements by double-digit percentages (~10-30%+). While they still receive an 80% discount over list price, IT departments in this industry are not prepared to absorb the budget increase.

Info-Tech Insight

Adobe has moved to an all-or-one bundle model. If you need more than two application products, you will likely need to purchase the full Creative Cloud suite. Therefore, it is important to focus on creating accurate user profiles to identify usage needs.

Use Info-Tech’s Adobe deployment tool for SAM: Track deployment and needs

The image contains a screenshot of Info-Tech's Adobe deployment tool for SAM: Track deployment and needs.

Use Info-Tech’s Adobe deployment tool for SAM: Audit

The image contains a screenshot of the Adobe Deployment Tool for SAM, specifically the Audit tab.

Use Info-Tech’s Adobe deployment tool for SAM: Cost

The image contains a screenshot of the Adobe Deployment Tool for SAM, specifically the Cost tab.

Use Info-Tech’s tools to compare ETLA vs. VIP and to document forecasted costs and benefits

Is the ETLA or VIP option better for your organization?

Use Info-Tech’s Adobe ETLA vs. VIP Pricing Table tool to compare ETLA costs against VIP costs.

The image contains a screenshot of Info-Tech's Adobe ETLA vs. VIP Pricing Table.

Your ETLA contains multiple products and is a multi-year agreement.

Use Info-Tech’s ETLA Forecasted Costs and Benefits tool to forecast your ETLA costs and document benefits.

The image contains a screenshot of Info-Tech's ETLA Forecasted Costs and Benefits.

Adobe’s Creative Cloud Complete offering provides access to all Adobe creative products and ongoing upgrades

Why subscription model?

The subscription model forces customers to an annuity-based pricing model, so Adobe has recurring revenue from a subscription-based product. This increases customer lifetime value (CLTV) for Adobe while providing ongoing functionality updates that are not version/edition dependent.

Key Characteristics:

  • Available as a month-to-month or annual subscription license
  • Can be purchased for one user, for a team, or for an enterprise
  • Subject to annual payment and true-up of license fees
  • Can only true-up during lifespan of contract; quantities cannot be reduced until renewal
  • May contain auto-renewal clauses – beware!

Key things to know:

  1. Applications can be purchased individually if users require only one specific product. A few products continue to have on-premises licensing options, but most are offered by per-user subscriptions.
  2. At the end of the subscription period, the organization no longer has any rights to the software and would have to return to a previously owned version.
  3. True-downs are not possible (in contrast to Microsoft’s Office 365).
  4. Downgrade rights are not included or are limited by default.

Which products are in the Creative Cloud bundle?

Adobe Acrobat® XI Pro

Adobe After Effects® CC

Adobe Audition® CC

Adobe Digital Publishing Suite, Single Edition

Adobe InDesign® CC

Adobe Dreamweaver® CC

Adobe Edge Animate

Adobe Edge Code preview

Adobe Edge Inspect

Adobe Photoshop CC

Adobe Edge Reflow preview

Adobe Edge Web Fonts

Adobe Extension Manager

ExtendScript Toolkit

Adobe Fireworks® CS6

Adobe Flash® Builder® 4.7 Premium Edition

Adobe Flash Professional CC

Adobe Illustrator® CC

Adobe Prelude® CC

Adobe Premiere® Pro CC

Adobe Scout

Adobe SpeedGrade® CC

Adobe Muse CC

Adobe Photoshop Lightroom 6

Adobe offers different solutions for teams vs. enterprise licensing

Evaluate the various options for Creative Cloud, as they can be purchased individually, for teams, or for enterprise.

Bundle Name

Target Customer

Included Applications

Features

CC (for Individuals)

Individual users

The individual chooses

  • Sync, store, and share assets
  • Adobe Portfolio website
  • Adobe Typekit font collection
  • Microsoft Teams integration
  • Can only be purchased through credit card

CC for Teams (CCT)

Small to midsize organizations with a small number of Adobe users who are all within the same team

Depends on your team’s requirements. You can select all applications or specific applications.

Everything that CC (for individuals) does, plus

  • One license per user; can reassign CC licenses
  • Web-based admin console
  • Centralized deployment
  • Usage tracking and reporting
  • 100GB of storage per user
  • Volume discounts for 10+ seats

CC for Enterprise (CCE)

Large organizations with users who regularly use multiple Adobe products on multiple machines

All applications including Adobe Stock for images and Adobe Enterprise Dashboard for managing user accounts

Everything that CCT does, plus

  • Employees can activate a second copy of software on another device (e.g. home computer) as long as they share the same Adobe ID and are not used simultaneously
  • Ability to reassign licenses from old users to new users
  • Custom storage options
  • Greater integration with other Adobe products
  • Larger volume discounts with more seats

For further information on specific functionality differences, reference Adobe’s comparison table.

A Cloud-ish solution: Considerations and implications for IT organizations

☑ True cloud products are typically service-based, scalable and elastic, shared resources, have usage metering, and rely upon internet technologies. Currently, Adobe’s Creative Cloud and Document Cloud products lack these characteristics. In fact, the core products are still downloaded and physically installed on endpoint devices, then anchored to the cloud provisioning system, where the software can be automatically updated and continuously verified for compliance by ensuring the subscription is active.

☑ Adobe Cloud allows Adobe to increase end-user productivity by releasing new features and products to market faster, but the customer will increase lock-in to the Adobe product suite. The fast-release approach poses a different challenge for IT departments, as they must prepare to test and support new functionality and ensure compatibility with endpoint devices.

☑ There are options at the enterprise level that enable IT to exert more granular control over new feature releases, but these are tied to the ETLA and the provided enterprise portal and are not available on other subscription plans. This is another mechanism by which Adobe has been able to spur ETLA adoption.

Not all CIOs consider SaaS/subscription applications their first choice, but the Adobe’s dominant position in the content and document management marketplace is forcing the shift regardless. It is significant that Adobe bypassed the typical hybrid transition model by effectively disrupting the ability to continue with perpetual licensing without falling behind the functionality curve.

VIP plans do allow for annual terms and payment, but you lose the price elasticity that comes with multi-year terms.

Download Info-Tech’s Adobe ETLA vs. VIP Pricing Table tool to compare ETLA costs against VIP costs.

When moving to Adobe cloud, validate that license requirements meet organizational needs, not a sales quota

Follow these steps in your transition to Creative Cloud.

Step 1: Make sure you have a software asset management (SAM) tool to determine Adobe installs and usage within your environment.

Step 2: Look at the current Adobe install base and usage. We recommend reviewing three months’ worth of reliable usage data to decide which users should have which licenses going forward.

Step 3: Understand the changes in Adobe packages for Creative Cloud (CC). Also, take into account that the license types are based on users, not devices.

Step 4: Identify those users who only need a single license for a single application (e.g. Photoshop, InDesign, Muse).

Step 5: Identify the users who require CC suites. Look at their usage of previous Adobe suites to get an idea of which CC suite they require. Did they have Design Suite Standard installed but only use one or two elements? This is a good way to ensure you do not overspend on Adobe licenses.

Source: The ITAM Review

Download Info-Tech’s Adobe ETLA Deployment Forecast tool to track Adobe installs within your environment and to determine usage needs.

Acquiring Adobe Software

Adobe offers four common licensing methods, which are reviewed in detail in the following slides.

Most common purchasing models

Points for consideration

  • Value Incentive Plan (VIP)
  • Cumulative Licensing Program (CLP)
  • Transactional Licensing Program (TLP)
  • Enterprise Term License Agreement (ETLA)
  • Adobe, as with many other large software providers, includes special benefits and rights when its products are purchased through volume licensing channels.
  • Businesses should typically refrain from purchasing individual OEM (shrink wrap) licenses or those meant for personal use.
  • Purchase record history is available online, making it easier for your organization to manage entitlements in the case of an audit.

"Customers are not even obliged to manage all the licenses themselves. The reseller partners have access to the cloud console and can manage licenses on behalf of their customers. Even better, they can seize cross and upsell opportunities and provide good insight into the environment. Additionally, Adobe itself provides optimization services."

B-lay

CLP and TLP

The CLP and TLP are transactional agreements generally used for the purchase of perpetual licenses. For example, they could be used for making Acrobat purchases if Creative Suite products are purchased on the ETLA.

The image contains a screenshot of a table comparing CLP and TLP.

Source: “Adobe Buying Programs Comparison Guide for Commercial and Government Organizations”

VIP and ETLA

The Value Incentive Plan is aimed at small- to medium-sized organizations with no minimum quantity required. However, there is limited flexibility to reduce licenses and limited price protection for future purchases. The ETLA is aimed at large organizations who wish to have new functionality as it comes out, license management portal, services, and security/IT control aspects.

The image contains a screenshot of a table comparing VIP and ETLA.

Source: “Adobe Buying Programs Comparison Guide for Commercial and Government Organizations”

ETLA commitments risk creating “shelfware-as-a-service”

The Adobe ETLA’s rigid contract parameters, true-up process, and unique deployment/provisioning mechanisms give technology/IT procurement leaders fewer options to maximize cost-usage alignment and to streamline opex costs.

☑ No ETLA price book is publicly published; pricing is controlled by the Adobe enterprise sales team.

☑ Adobe's retail pricing is a good starting point for negotiating discounted pricing.

☑ ETLA commitments are usually for three years, and the lack of a true-down option increases the risk involved in overbuying licenses should the organization encounter a business downturn or adverse event.

☑ Pricing discounts are the highest at the initial ETLA signing for the upfront volume commitment. The true-up pricing is discounted from retail but still higher than the signing cost per license.

☑ Technical support is included in the ETLA.

☑ While purchases typically go through value-added resellers (VARs), procurement can negotiate directly with Adobe.

"For cloud products, it is less complex when it comes to purchasing and pricing. If larger quantities are purchased on a longer term, the discount may reach up to 15%. As soon as you enroll in the VIP program, you can control all your licenses from an ‘admin console’. Any updates or new functionalities are included in the original price. When the licenses expire, you may choose to renew your subscriptions or remove them. Partial renewal is also accepted. Of course, you can also re-negotiate your price if more subscriptions are added to your console."

B-lay

ETLA recommendations

  1. Assess the end-user requirements with a high degree of scrutiny. Perform an analysis that matches the licensee with the correct Adobe product SKU to reduce the risk of overspending.
  • Leverage metering data that identifies actual usage and lack thereof, match to user profile functional requirements, and then determine end users’ actual license requirements.
  • Build in time to evaluate alternative products where possible and position the organization to leverage a Plan B vendor to replace or mitigate growth on the Adobe platform. Re-evaluate options well in advance of the ETLA renewal.
  • Secure price protection through negotiating a price cap or an extended ETLA term beyond the standard three-year term. Short of obtaining an escalation cap, which Adobe is strongly resisting, build in price increases for the ETLA renewal years.
    • Demand price transparency and granularity in the proposal process.
    • Validate that volume discounts are appropriate and show through to the true-up line item pricing.
  • Negotiate a true-down mechanism upfront with Adobe if usage decline is inevitable or expected due to a merger or acquisition, divestiture, or material restructuring event.
  • INFO-TECH TIP: For further guidance on ETLAs and pricing, contact your Info-Tech representative to set up a call with an analyst.

    Use Info-Tech’s Adobe ETLA Deployment Forecast tool to match licensees with Adobe product SKUs.

    Prepare for Adobe’s true-up process

    How the true-up process works

    When adding a license, the true-up price will be prorated to 50% of the license cost for previous year’s usage plus 100% of the license cost for the next year. This back-charging adds up to 150% of the overall true-up license cost. In some rare cases, Adobe has provided an “unlimited” quantity for certain SKUs; these Unlimited ETLAs generally align with FTE counts and limit FTE increases to about 5%. Procurement must monitor and work with SAM/ITAM and stakeholder groups to restrain unnecessary growth during the term of an Unlimited ETLA to avoid the risk of cost escalation at renewal time.

    Higher-education specific

    Higher-education clients can license under the ETLA based on a prescribed number of user and classroom/lab devices and/or on a FTE basis. In these cases, the combination of Creative Cloud and Acrobat Pro volume must equal the FTE total, creating an enterprise footprint. FTE calculations establish the full-time faculty plus one-third of part-time faculty plus one-half of part-time staff.

    Info-Tech Insight

    Compliance takes a different form in terms of the ETLA true-up process. The completion of Adobe's transition to cloud-based licensing and verification has improved compliance rates via phone home telemetry such that pirated software is less available and more easily detected. Adobe has actually decommissioned its audit arm in the Americas and EMEA.

    Audits and software asset management with Adobe

    Watch out for:

    • Virtual desktops, freeware, and test and trial licenses
    • Adobe products that may be bundled into a suite; a manual check will be needed to ensure the suite isn’t recognized as a standalone license
    • Pirated licenses with a “crack” built into the software

    Simplify your process – from start to finish – with these steps:

    Determine License Entitlements

    Obtain documentation from internal records and Adobe to track licenses and upgrades to determine what licenses you own and have the right to use.

    Gather Deployment Information

    Leverage a software asset management tool or process to determine what software is deployed and what is/is not being used.

    Determine Effective License Position

    Compare license entitlements with deployment data to uncover surpluses and deficits in licensing. Look for opportunities.

    Plan Changes to License Position

    Meet with IT stakeholders to discuss the enterprise license program (ELP), short- and long-term project plans, and budget allocation. Plan and document licensing requirements.

    Adobe Genuine Software Integrity Service

    • This service was started in 2014 to combat non-genuine software sold by non-authorized resellers.
    • The service works hand in hand with the cloud movement to reduce piracy.
    • Every Adobe product now contains an executable file that will scan your machine for non-genuine software.
    • If non-genuine software is detected, the user will be notified and directed to the official Adobe website for next steps.

    Detailed list of Adobe licensing contract types

    The table below describes Adobe contract types beyond the four typical purchasing models explained in the previous slides:

    Option

    What is it?

    What’s included?

    For

    Term

    CLP (Cumulative Licensing Program)

    10,000 plus points, support and maintenance optional

    Select Adobe perpetual desktop products

    Business

    2 years

    EA (Adobe Enterprise Agreement)

    100 licenses plus maintenance and support for eligible Adobe products

    All applications

    100+ users requirement

    3 years

    EEA (Adobe Enterprise Education Agreement)

    Creative Cloud enterprise agreement for education establishments

    Creative Cloud applications without services

    Education

    1 or 2 years

    ETLA (Enterprise Term License Agreement)

    Licensing program designed for Adobe’s top commercial, government, and education customers

    All Creative Cloud applications

    Large enterprise companies

    3 years

    K-12 – Enterprise Agreement

    Enterprise agreement for primary and secondary schools

    Creative Cloud applications without services

    Education

    1 year

    K-12 – School Site License

    Allows a school to install a Creative Cloud on up to 500 school-owned computers regardless of school size

    Creative Cloud applications without services

    Education

    1 year

    TLP (Transactional Licensing Program)

    Agreement for SMBs that want volume licensing bonuses

    Perpetual desktop products only

    Aimed at SMBs, but Enterprise customers can use the TLP for smaller requirements

    N/A

    Upgrade Plan

    Insurance program for software purchased under a perpetual license program such as CLP or TLP for Creative Cloud upgrade

    Dependent on the existing perpetual estate

    Anyone

    N/A

    VIP (Value Incentive Plan)

    VIP allows customers to purchase, deploy, and manage software through a term-based subscription license model

    Creative Cloud of teams

    Business, government, and education

    Insight breakdown

    Insight 1

    Adobe operates in its own niche in the creative space, and Adobe users have grown accustomed to their products, making switching very difficult.

    Insight 2

    Adobe has transitioned the vast majority of its software offerings to the cloud-based subscription model. Active management of licenses, software provisioning, and consumption of cloud services is now an ongoing job.

    Insight 3

    With the vendor lock-in process nearly complete via the transition to a SaaS subscription model, Adobe is raising prices on an annual basis. Advance planning and strategic use of the ETLA is key to avoid budget-breaking surprises.

    Summary of accomplishment

    Knowledge Gained

    • The key pieces of licensing information that should be gathered about the current state of your own organization.
    • An in-depth understanding of the required licenses across all of your products.
    • Clear methodology for selecting the most effective contract type.
    • Development of measurable, relevant metrics to help track future project success and identify areas of strength and weakness within your licensing program.

    Processes Optimized

    • Understanding of the importance of licensing in relation to business objectives.
    • Understanding of the various licensing considerations that need to be made.
    • Contract negotiation.

    Deliverables Completed

    • Adobe ETLA Deployment Forecast
    • Adobe ETLA Forecasted Cost and Benefits
    • Adobe ETLA vs. VIP Pricing Table

    Related Info-Tech Research

    Take Control of Microsoft Licensing and Optimize Spend

    Create an Effective Plan to Implement IT Asset Management

    Establish an Effective System of Internal IT Controls to Mitigate Risks

    Optimize Software Asset Management

    Take Control of Compliance Improvement to Conquer Every Audit

    Cut PCI Compliance and Audit Costs in Half

    Bibliography

    “Adobe Buying Programs: At-a-glance comparison guide for Commercial and government organizations.” Adobe Systems Incorporated, 2014. Web. 1 Feb. 2018.

    “Adobe Buying Programs Comparison Guide for Commercial and Government Organizations.” Adobe Systems Incorporated, 2018. Web.

    “Adobe Buying Programs Comparison Guide for Education.” Adobe Systems Incorporated, 2018. Web. 1 Feb 2018.

    “Adobe Education Enterprise Agreement: Give your school access to the latest industry-leading creative tools.” Adobe Systems Incorporated, 2014. Web. 1 Feb. 2018.

    “Adobe Enterprise Term License Agreement for commercial and government organizations.” Adobe Systems Incorporated, 2016. Web. 1 Feb. 2018.

    Adobe Investor Presentation – October 2017. Adobe Systems Incorporated, 2017. Web. 1 Feb. 2018.

    Cabral, Amanda. “Students react to end of UConn-Adobe contract.” The Daily Campus (Uconn), 5 April 2017. Web. 1 Feb. 2018.

    de Veer, Patrick and Alecsandra Vintilescu. “Quick Guide to Adobe Licensing.” B-lay, Web. 1 Feb. 2018.

    “Find the best program for your organization.” Adobe, Web. 1 Feb 2018.

    Foxen, David. “Adobe Upgrade Simplified.” Snow Software, 7 Oct. 2016. Web.

    Frazer, Bryant. “Adobe Stops Reporting Subscription Figures for Creative Cloud.” Studio Daily. Access Intelligence, LLC. 17 March 2016. Web.

    “Give your students the power to create bright futures.” Adobe, Web. 1 Feb 2018.

    Jones, Noah. “Adobe changes subscription prices, colleges forced to pay more.” BG Falcon Media. Bowling Green State University, 18 Feb. 2015. Web. 1 Feb. 2018.

    Mansfield, Adam. “Is Your Organization Prepared for Adobe’s Enterprise Term License Agreements (ETLA)?” UpperEdge,30 April 2013. Web. 1 Feb. 2018.

    Murray, Corey. “6 Things Every School Should Know About Adobe’s Move to Creative Cloud.” EdTech: Focus on K-12. CDW LLC, 10 June 2013. Web.

    “Navigating an Adobe Software Audit: Tips for Emerging Unscathed.” Nitro, Web. 1 Feb. 2018.

    Razavi, Omid. “Challenges of Traditional Software Companies Transitioning to SaaS.” Sand Hill, 12 May 2015. Web. 1 Feb. 2018.

    Rivard, Ry. “Confusion in the Cloud.” Inside Higher Ed. 22 May 2013. Web. 1 Feb. 2018.

    Sharwood, Simon. “Adobe stops software licence audits in Americas, Europe.” The Register. Situation Publishing. 12 Aug. 2016. Web. 1 Feb. 2018.

    “Software Licensing Challenges Faced In The Cloud: How Can The Cloud Benefit You?” The ITAM Review. Enterprise Opinions Limited. 20 Nov. 2015. Web.

    White, Stephen. “Understanding the Impacts of Adobe’s Cloud Strategy and Subscriptions Before Negotiating an ETLA.” Gartner, 22 Feb. 2016. Web.

    Legacy Active Directory Environment

    • Buy Link or Shortcode: {j2store}471|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Cloud Strategy
    • Parent Category Link: /cloud-strategy

    You are looking to lose your dependency on Active Directory (AD), and you need to tackle infrastructure technical debt, but there are challenges:

    • Legacy apps that are in maintenance mode cannot shed their AD dependency or have hardware upgrades made.
    • You are unaware of what processes depend on AD and how integrated they are.
    • Departments invest in apps that are integrated with AD without informing you until they ask for Domain details after purchasing.

    Our Advice

    Critical Insight

    • Remove your dependency on AD one application at a time. If you are a cloud-first organization, rethink your AD strategy to ask “why” when you add a new device to your Active Directory.
    • With the advent of hybrid work, AD is now a security risk. You need to shore up your security posture. Think of zero trust architecture.
    • Take inventory of your objects that depend on Kerberos and NTML and plan on removing that barrier through applications that don’t depend on AD.

    Impact and Result

    Don’t allow Active Directory services to dictate your enterprise innovation and modernization strategies. Determine if you can safely remove objects and move them to a cloud service where your Azure AD Domain Services can handle your authentication and manage users and groups.

    Legacy Active Directory Environment Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Legacy Active Directory Environment Deck – Legacy AD was never built for modern infrastructure. Understand the history and future of Active Directory and what alternatives are in the market.

    Build all new systems with cloud integration in mind. Many applications built in the past had built-in AD components for access, using Kerberos and NTLM. This dependency has prevented organizations from migrating away from AD. When assessing new technology and applications, consider SaaS or cloud-native apps rather than a Microsoft-dependent application with AD ingrained in the code.

    • Legacy Active Directory Environment Storyboard
    [infographic]

    Further reading

    Legacy Active Directory Environment

    Kill the technical debt of your legacy Active Directory environment.

    Analyst Perspective

    Understand what Active Directory is and why Azure Active Directory does not replace it.

    It’s about Kerberos and New Technology LAN Manager (NTLM).

    The image contains a picture of John Donovan.

    Many organizations that want to innovate and migrate from on-premises applications to software as a service (SaaS) and cloud services are held hostage by their legacy Active Directory (AD). Microsoft did a good job taking over from Novell back in the late 90s, but its hooks into businesses are so deep that many have become dependent on AD services to manage devices and users, when in fact AD falls far short of needed capabilities, restricting innovation and progress.

    Despite Microsoft’s Azure becoming prominent in the world of cloud services, Azure AD is not a replacement for on-premises AD. While Azure AD is a secure authentication store that can contain users and groups, that is where the similarities end. In fact, Microsoft itself has an architecture to mitigate the shortcomings of Azure AD by recommending organizations migrate to a hybrid model, especially for businesses that have an in-house footprint of servers and applications.

    If you are a greenfield business and intend to take advantage of software, infrastructure, and platform as a service (SaaS, IaaS, and PaaS), as well as Microsoft 365 in Azure, then Azure AD is for you and you don’t have to worry about the need for AD.

    John Donovan
    Principal Director, I&O Practice
    Info-Tech Research Group

    Insight Summary

    Legacy AD was never built for modern infrastructure

    When Microsoft built AD as a free component for the Windows Server environment to replace Windows NT before the demise of Novell Directory Services in 2001, it never meant Active Directory to work outside the corporate network with Microsoft apps and devices. While it began as a central managing system for users and PCs on Microsoft operating systems, with one user per PC, the IT ecosystem has changed dramatically over the last 20 years, with cloud adoption, SaaS, IaaS, PaaS, and everything as a service. To make matters worse, work-from-anywhere has become a serious security challenge.

    Build all new systems with cloud integration in mind

    Many applications built in the past had built-in AD components for access, using Kerberos and NTLM. This dependency has prevented organizations from migrating away from AD. When assessing new technology and applications, consider SaaS or cloud-native apps rather than a Microsoft-dependent application with AD ingrained in the code. Ensure you are engaged when the business is assessing new apps. Stop the practice of the business purchasing apps without IT’s involvement; for example, if your marketing department is asking you for your Domain credentials for a vendor when you were not informed of this purchase.

    Hybrid AD is a solution but not a long-term goal

    Economically, Microsoft has no interest in replacing AD anytime soon. Microsoft wants that revenue and has built components like Azure AD Connect to mitigate the AD dependency issue, which is basically holding your organization hostage. In fact, Microsoft has advised that a hybrid solution will remain because, as we will investigate, Azure AD is not legacy AD.

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    You are looking to lose your dependency on Active Directory, and you need to tackle infrastructure technical debt, but there are challenges.

    • Legacy apps that are in maintenance mode cannot shed their AD dependency or have hardware upgrades made.
    • You are unaware of what processes depend on AD and how integrated they are.
    • Departments invest in apps that are integrated with AD without informing you until they ask for Domain details after purchasing.
    • Legacy applications can prevent you from upgrading servers or may need to be isolated due to security concerns related to inadequate patching and upgrades.
    • You do not see any return on investment in AD maintenance.
    • Mergers and acquisitions can prevent you from migrating away from AD if one company is dependent on AD and the other is fully in the cloud. This increases technical debt.
    • Remove your dependency on AD one application at a time. If you are a cloud-first organization, rethink your AD strategy to ask “why” when you add a new device to your Active Directory.
    • With the advent of hybrid work, AD is now a security risk. You need to shore up your security posture. Think of zero trust architecture.
    • Take inventory of your objects that depend on Kerberos and NTML and plan on removing that barrier through applications that don’t depend on AD.

    Info-Tech Insight

    Don’t allow Active Directory services to dictate your enterprise innovation and modernization strategies. Determine if you can safely remove objects and move them to a cloud service where your Azure AD Domain Services can handle your authentication and manage users and groups.

    The history of Active Directory

    The evolution of your infrastructure environment

    From NT to the cloud

    AD 2001 Exchange Server 2003 SharePoint 2007 Server 2008 R2 BYOD Security Risk All in Cloud 2015
    • Active Directory replaces NT and takes over from Novell as the enterprise access and control plane.
    • With slow WAN links, no cellphones, no tablets, and very few laptops, security was not a concern in AD.
    • In 2004, email becomes business critical.
    • This puts pressure on links, increases replication and domains, and creates a need for multiple identities.
    • Collaboration becomes pervasive.
    • Cross domain authentication becomes prevalent across the enterprise.
    • SharePoint sites need to be connected to multiple Domain AD accounts. More multiple identities are required.
    • Exchange resource forest rolls out, causing the new forest functional level to be a more complex environment.
    • Fine-grained password policies have impacted multiple forests, forcing them to adhere to the new password policies.
    • There are powerful Domain controllers, strong LAN and WAN connections, and an increase in smartphones and laptops.
    • Audits and compliance become a focus, and mergers and acquisitions add complexity. Security teams are working across the board.
    • Cloud technology doesn’t work well with complicated, messy AD environment. Cloud solutions need simple, flat AD architecture.
    • Technology changes after 15+ years. AD becomes the backbone of enterprise infrastructure. Managers demand to move to cloud, building complexity again.

    Organizations depend on AD

    AD is the backbone of many organizations’ IT infrastructure

    73% of organizations say their infrastructure is built on AD.

    82% say their applications depend on AD data.

    89% say AD enables authenticated access to file servers.

    90% say AD is the main source for authentication.

    Source: Dimensions research: Active Directory Modernization :

    Info-Tech Insight

    Organizations fail to move away from AD for many reasons, including:

    • Lack of time, resources, budget, and tools.
    • Difficulty understanding what has changed.
    • Migrating from AD being a low priority.

    Active Directory components

    Physical and logical structure

    Authentication, authorization, and auditing

    The image contains a screenshot of the active directory components.

    Active Directory has its hooks in!

    AD creates infrastructure technical debt and is difficult to migrate away from.

    The image contains a screenshot of an active directory diagram.

    Info-Tech Insight

    Due to the pervasive nature of Active Directory in the IT ecosystem, IT organizations are reluctant to migrate away from AD to modernize and innovate.

    Migration to Microsoft 365 in Azure has forced IT departments’ hand, and now that they have dipped their toe in the proverbial cloud “lake,” they see a way out of the mounting technical debt.

    AD security

    Security is the biggest concern with Active Directory.

    Neglecting Active Directory security

    98% of data breaches came from external sources.

    Source: Verizon, Data Breach Report 2022

    85% of data breach took weeks or even longer to discover.

    Source: Verizon Data Breach Report, 2012

    The biggest challenge for recovery after an Active Directory security breach is identifying the source of the breach, determining the extent of the breach, and creating a safe and secure environment.

    Info-Tech Insight

    Neglecting legacy Active Directory security will lead to cyberattacks. Malicious users can steal credentials and hijack data or corrupt your systems.

    What are the security risks to legacy AD architecture?

    • It's been 22 years since AD was released by Microsoft, and it has been a foundational technology for most businesses over the years. However, while there have been many innovations over those two decades, like Amazon, Facebook, iPhones, Androids, and more, Active Directory has remained mostly unchanged. There hasn’t been a security update since 2016.
    • This lack of security innovation has led to several cyberattacks over the years, causing businesses to bolt on additional security measures and added complexity. AD is not going away any time soon, but the security dilemma can be addressed with added security features.

    AD event logs

    84% of organizations that had a breach had evidence of that breach in their event logs.

    Source: Verizon Data Breach Report, 2012

    What is the business risk

    How does AD impact innovation in your business?

    It’s widely estimated that Active Directory remains at the backbone of 90% of Global Fortune 1000 companies’ business infrastructure (Lepide, 2021), and with that comes risk. The risks include:

    • Constraints of AD and growth of your digital footprint
    • Difficulty integrating modern technologies
    • Difficulty maintaining consistent security policies
    • Inflexible central domains preventing innovation and modernization
    • Inability to move to a self-service password portal
    • Vulnerability to being hacked
    • BYOD not being AD friendly

    AD is dependent on Windows Server

    1. Even though AD is compliant with LDAP, software vendors often choose optional features of LDAP that are not supported by AD. It is possible to implement Kerberos in a Unix system and establish trust with AD, but this is a difficult process and mistakes are frequent.
    2. Restricting your software selection to Windows-based systems reduces innovation and may hamper your ability to purchase best-in-class applications.

    Azure AD is not a replacement for AD

    AD was designed for an on-premises enterprise

    The image contains a screenshot of a Azure AD diagram.

    • Despite Microsoft’s Azure becoming prominent in the world of cloud services, Azure AD is not a replacement for on-premises AD.
    • In fact, Microsoft itself has an architecture to mitigate the shortcomings of Azure AD by recommending organizations migrate to a hybrid model, especially those businesses that have an in-house footprint of servers and applications.
    • If you are a greenfield business and intend to take advantage of SaaS, IaaS, and PaaS, as well as Microsoft 365 in Azure, then Azure AD is for you and you don’t have to worry about the need for AD.

    "Azure Active Directory is not designed to be the cloud version of Active Directory. It is not a domain controller or a directory in the cloud that will provide the exact same capabilities with AD. It actually provides many more capabilities in a different way.

    That’s why there is no actual ‘migration’ path from Active Directory to Azure Active Directory. You can synchronize your on-premises directories (Active Directory or other) to Azure Active Directory but not migrate your computer accounts, group policies, OU etc."

    – Gregory Hall,
    Brand Representative for Microsoft
    (Source: Spiceworks)

    The hybrid model for AD and Azure AD

    How the model works

    The image contains a screenshot of a hybrid model for AD and Azure AD.

    Note: AD Federated Services (ADFS) is not a replacement for AD. It’s a bolt-on that requires maintenance, support, and it is not a liberating service.

    Many companies are:

    • Moving to SaaS solutions for customer relationship management, HR, collaboration, voice communication, file storage, and more.
    • Managing non-Windows devices.
    • Moving to a hybrid model of work.
    • Enabling BYOD.

    Given these trends, Active Directory is becoming obsolete in terms of identity management and permissions.

    The difference between AD Domain Services and Azure AD DS

    One of the core principles of Azure AD is that the user is the security boundary, not the network.

    Kerberos is the default authentication and authorization protocol for AD. Kerberos is involved in nearly everything from the time you log on to accessing Sysvol, which is used to deliver policy and logon scripts to domain members from the Domain Controller.

    Info-Tech Insight

    If you are struggling to get away from AD, Kerberos and NTML are to blame. Working around them is difficult. Azure AD uses SAML2.0 OpenID Connect and OAuth2.0.

    Feature Azure AD DS Self-managed AD DS
    Managed service
    Secure deployments Administrator secures the deployment
    DNS server ✓ (managed service)
    Domain or Enterprise administrator privileges
    Domain join
    Domain authentication using NTLM and Kerberos
    Kerberos-constrained delegation Resource-based Resource-based and account-based
    Custom OU structure
    Group Policy
    Schema extensions
    AD domain/forest trusts ✓ (one-way outbound forest trusts only)
    Secure LDAP (LDAPS)
    LDAP read
    LDAP write ✓ (within the managed domain)
    Geo-distributed deployments

    Source: “Compare self-managed Active Directory Domain Services...” Azure documentation, 2022

    Impact of work-from-anywhere

    How AD poses issues that impact the user experience

    IT organizations are under pressure to enable work-from-home/work-from-anywhere.

    • IT teams regard legacy infrastructure, namely Active Directory, as inadequate to securely manage remote workloads.
    • While organizations previously used VPNs to access resources through Active Directory, they now have complex webs of applications that do not reside on premises, such as AWS, G-Suite, and SaaS customer relationship management and HR management systems, among others. These resources live outside the Windows ecosystem, complicating user provisioning, management, and security.
    • The work environment has changed since the start of COVID-19, with businesses scrambling to enable work-from-home. This had a huge impact on on-premises identity management tools such as AD, exposing their limitations and challenges. IT admins are all too aware that AD does not meet the needs of work-from-home.
    • As more IT organizations move infrastructure to the cloud, they have the opportunity to move their directory services to the cloud as well.
      • JumpCloud, OneLogin, Okta, Azure AD, G2, and others can be a solution for this new way of working and free up administrators from the overloaded AD environment.
      • Identity and access management (IAM) can be moved to the cloud where the modern infrastructure lives.
      • Alternatives for printers using AD include Google Cloud Print, PrinterOn, and PrinterLogic.

    How AD can impact your migration to Microsoft 365

    The beginning of your hybrid environment

    • Businesses that have a large on-premises footprint have very few choices for setting up a hybrid environment that includes their on-premises AD and Azure AD synchronization.
    • Microsoft 365 uses Azure AD in the background to manage identities.
    • Azure AD Connect will need to be installed, along with IdFix to identify errors such as duplicates and formatting problems in your AD.
    • Password hash should be implemented to synchronize passwords from on-premises AD so users can sign in to Azure without the need for additional single sign-on infrastructure.
    • Azure AD Connect synchronizes accounts every 30 minutes and passwords within two minutes.

    Alternatives to AD

    When considering retiring Active Directory from your environment, look at alternatives that can assist with those legacy application servers, handle Kerberos and NTML, and support LDAP.

    • JumpCloud: Cloud-based directory services. JumpCloud provides LDAP-as-a-Service and RADIUS-as-a-Service. It authenticates, authorizes, and manages employees, their devices, and IT applications. However, domain name changes are not supported.
    • Apache Directory Studio Pro: Written in Java, it supports LDAP v3–certified directory services. It is certified by Eclipse-based database utilities. It also supports Kerberos, which is critical for legacy Microsoft AD apps authentication.
    • Univention Corporate Server (UCS): Open-source Linux-based solution that has a friendly user interface and gets continuous security and feature updates. It supports Kerberos V5 and LDAP, works with AD, and is easy to sync. It also supports DNS server, DHCP, multifactor authentication and single sign-on, and APIs and REST APIs. However, it has a limited English knowledgebase as it is a German tool.

    What to look for

    If you are embedded in Windows systems but looking for an alternative to AD, you need a similar solution but one that is capable of working in the cloud and on premises.

    Aside from protocols and supporting utilities, also consider additional features that can help you retire your Active Directory while maintaining highly secure access control and a strong security posture.

    These are just a few examples of the many alternatives available.

    Market drivers to modernize your infrastructure

    The business is now driving your Active Directory migration

    What IT must deal with in the modern world of work:

    • Leaner footprint for evolving tech trends
    • Disaster recovery readiness
    • Dynamic compliance requirements
    • Increased security needs
    • The need to future-proof
    • Mergers and acquisitions
    • Security extending the network beyond Windows

    Organizations are making decisions that impact Active Directory, from enabling work-from-anywhere to dealing with malicious threats such as ransomware. Mergers and acquisitions also bring complexity with multiple AD domains.
    The business is putting pressure on IT to become creative with security strategies, alternative authentication and authorization, and migration to SaaS and cloud services.

    Activity

    Build a checklist to migrate off Active Directory.

    Discovery

    Assessment

    Proof of Concept

    Migration

    Cloud Operations

    ☐ Catalog your applications.

    ☐ Define your users, groups and usage.

    ☐ Identify network interdependencies and complexity.

    ☐ Know your security and compliance regulations.

    ☐ Document your disaster recovery plan and recovery point and time objectives (RPO/RTO).

    ☐ Build a methodology for migrating apps to IaaS.

    ☐ Develop a migration team using internal resources and/or outsourcing.

    ☐ Use Microsoft resources for specific skill sets.

    ☐ Map on-premises third-party solutions to determine how easily they will migrate.

    ☐ Create a plan to retire and archive legacy data.

    ☐ Test your workload: Start small and prove value with a phased approach.

    ☐ Estimate cloud costs.

    ☐ Determine the amount and size of your compute and storage requirements.

    ☐ Understand security requirements and the need for network and security controls.

    ☐ Assess network performance.

    ☐ Qualify and test the tools and solutions needed for the migration.

    ☐ Create a blueprint of your desired cloud environment.

    ☐ Establish a rollback plan.

    ☐ Identify tools for automating migration and syncing data.

    ☐ Understand the implications of the production-day data move.

    ☐ Keep up with the pace of innovation.

    ☐ Leverage 24/7 support via skilled Azure resources.

    ☐ Stay on top of system maintenance and upgrades.

    ☐ Consider service-level agreement requirements, governance, security, compliance, performance, and uptime.

    Related Info-Tech Research

    Manage the Active Directory in the Service Desk

    • Build and maintain your Active Directory with good data.
    • Actively maintaining the Active Directory is a difficult task that only gets more difficult with issues like stale accounts and privilege creep.

    SoftwareReviews: Microsoft Azure Active Directory

    • The Azure Active Directory (Azure AD) enterprise identity service provides SSO and multifactor authentication to help protect your users from 99.9% of cybersecurity attacks

    Define Your Cloud Vision

    • Don’t think about the cloud as an inevitable next step for all workloads. The cloud is merely another tool in the toolbox, ready to be used when appropriate and put away when it’s not needed. Cloud-first isn’t always the way to go.

    Bibliography

    “2012 Data Breach Investigations Report.” Verizon, 2012. Web.
    “2022 Data Breach Investigations Report.” Verizon, 2012. Web.
    “22 Best Alternatives to Microsoft Active Directory.” The Geek Page, 16 Feb 2022. Accessed 12 Sept. 2022.
    Altieri, Matt. “Infrastructure Technical Debt.” Device 42, 20 May 2019. Accessed Sept 2022.
    “Are You Ready to Make the Move from ADFS to Azure AD?’” Steeves and Associates, 29 April 2021. Accessed 28 Sept. 2022.
    Blanton, Sean. “Can I Replace Active Directory with Azure AD? No, Here’s Why.” JumpCloud, 9 Mar 2021. Accessed Sept. 2022.
    Chai, Wesley, and Alexander S. Gillis. “What is Active Directory and how does it work?” TechTarget, June 2021. Accessed 10 Sept. 2022.
    Cogan, Sam. “Azure Active Directory is not Active Directory!” SamCogan.com, Oct 2020. Accessed Sept. 2022.
    “Compare Active Directory to Azure Active Directory.” Azure documentation, Microsoft Learn, 18 Aug. 2022. Accessed 12 Sept. 2022.
    "Compare self-managed Active Directory Domain Services, Azure Active Directory, and managed Azure Active Directory Domain Services." Azure documentation, Microsoft Learn, 23 Aug. 2022. Accessed Sept. 2022.
    “Dimensional Research, Active Directory Modernization: A Survey of IT Professionals.” Quest, 2017. Accessed Sept 2022.
    Grillenmeier, Guido. “Now’s the Time to Rethink Active Directory Security.“ Semperis, 4 Aug 2021. Accessed Oct. 2013.
    “How does your Active Directory align to today’s business?” Quest Software, 2017, accessed Sept 2022
    Lewis, Jack “On-Premises Active Directory: Can I remove it and go full cloud?” Softcat, Dec.2020. Accessed 15 Sept 2022.
    Loshin, Peter. “What is Kerberos?” TechTarget, Sept 2021. Accessed Sept 2022.
    Mann, Terry. “Why Cybersecurity Must Include Active Directory.” Lepide, 20 Sept. 2021. Accessed Sept. 2022.
    Roberts, Travis. “Azure AD without on-prem Windows Active Directory?” 4sysops, 25 Oct. 2021. Accessed Sept. 2022.
    “Understanding Active Directory® & its architecture.” ActiveReach, Jan 2022. Accessed Sept. 2022.
    “What is Active Directory Migration?” Quest Software Inc, 2022. Accessed Sept 2022.

    Optimize Applications Release Management

    • Buy Link or Shortcode: {j2store}406|cart{/j2store}
    • member rating overall impact: 9.3/10 Overall Impact
    • member rating average dollars saved: $44,874 Average $ Saved
    • member rating average days saved: 21 Average Days Saved
    • Parent Category Name: Testing, Deployment & QA
    • Parent Category Link: /testing-deployment-and-qa
    • The business demands high service and IT needs to respond. Rapid customer response through efficient release and deployment is critical to maintain high business satisfaction.
    • The lack of process ownership leads to chaotic and uncoordinated releases, resulting in costly rework and poor hand-offs.
    • IT emphasizes tools but release tools and technologies alone will not fix the problem. Tools are integrated into the processes they support – if the process challenges aren’t addressed first, then the tool won’t help.
    • Releases are traditionally executed in silos with limited communication across the entire release pipeline. Culturally, there is little motivation for cross-functional collaboration and holistic process optimization.

    Our Advice

    Critical Insight

    • Release management is not solely driven by tools. It is about delivering high quality releases on time through accountability and governance aided by the support of tools.
    • Release management is independent of your software development lifecycle (SDLC). Release management practices sit as an agnostic umbrella over your chosen development methodology.
    • Ownership of the entire process is vital. Release managers ensure standards are upheld and the pipeline operates efficiently.

    Impact and Result

    • Acquire release management ownership. Ensure there is appropriate accountability for speed and quality of the releases passing through the entire pipeline. A release manager has oversight over the entire release process and facilitates the necessary communication between business stakeholders and various IT roles.
    • Instill holistic thinking. Release management includes all steps required to push release and change requests to production along with the hand-off to Operations and Support. Increase the transparency and visibility of the entire pipeline to ensure local optimizations do not generate bottlenecks in other areas.
    • Standardize and lay a strong release management foundation. Optimize the key areas where you are experiencing the most pain and continually improve.

    Optimize Applications Release Management Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should optimize release management, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Review your release management objectives

    Assess the current state and define the drivers behind your release management optimizations.

    • Optimize Applications Release Management – Phase 1: Review Your Release Management Objectives
    • Release Management Process Standard Template
    • Release Management Maturity Assessment

    2. Standardize release management

    Design your release processes, program framework, and release change management standards, and define your release management team.

    • Optimize Applications Release Management – Phase 2: Standardize Release Management
    • Release Manager

    3. Roll out release management enhancements

    Create an optimization roadmap that fits your context.

    • Optimize Applications Release Management – Phase 3: Roll Out Release Management Enhancements
    [infographic]

    Workshop: Optimize Applications Release Management

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Review Your Release Management Objectives

    The Purpose

    Reveal the motivators behind the optimization of release management.

    Identify the root causes of current release issues and challenges.

    Key Benefits Achieved

    Ensure business alignment of optimization efforts.

    Firm grasp of why teams are facing release issues and the impacts they have on the organization.

    Activities

    1.1 Identify the objectives for application release.

    1.2 Conduct a current state assessment of release practices.

    Outputs

    Release management business objectives and technical drivers

    Current state assessment of release processes, communication flows, and tools and technologies

    2 Standardize Release Management

    The Purpose

    Alleviate current release issues and challenges with best practices.

    Standardize a core set of processes, tools, and roles & responsibilities to achieve consistency, cadence, and transparency.

    Key Benefits Achieved

    Repeatable execution of the same set of processes to increase the predictability of release delivery.

    Defined ownership of release management.

    Adaptable and flexible release management practices to changing business and technical environments.

    Activities

    2.1 Strengthen your release process.

    2.2 Coordinate releases with a program framework.

    2.3 Manage release issues with change management practices.

    2.4 Define your release management team.

    Outputs

    Processes accommodating each release type and approach the team is required to complete

    Release calendars and program framework

    Release change management process

    Defined responsibilities and accountabilities of release manager and release management team

    3 Roll Out Release Management Enhancements

    The Purpose

    Define metrics to validate release management improvements.

    Identify the degree of oversight and involvement of the release management team.

    Prioritize optimization roadmap against business needs and effort.

    Key Benefits Achieved

    Easy-to-gather metrics to measure success that can be communicated to stakeholders.

    Understanding of how involved release management teams are in enforcing release management standards.

    Practical and achievable optimization roadmap.

    Activities

    3.1 Define your release management metrics.

    3.2 Ensure adherence to standards.

    3.3 Create your optimization roadmap.

    Outputs

    List of metrics to gauge success

    Oversight and reporting structure of release management team

    Release management optimization roadmap

    Tech Trend Update: If Contact Tracing Then Distributed Trust

    • Buy Link or Shortcode: {j2store}424|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: DR and Business Continuity
    • Parent Category Link: /business-continuity

    With COVID-19's rapid spread through populations, governments are looking for technology tools that can augment the efforts of manual contact tracing processes. How the system is designed is crucial to a positive outcome.

    • CIOs must understand how distributed trust principles achieve embedded privacy and help encourage user adoption.
    • CEOs must consider how society's waning trust in institutions affects the way they engage their customers.

    Our Advice

    Critical Insight

    Mobile contact tracing apps that use a decentralized design approach will be the most likely to be adopted by a wide swath of the population.

    Impact and Result

    There are some key considerations to realize from the way different governments are approaching contact tracing:

    1. If centralized, then seek to ensure privacy protections.
    2. If decentralized, then seek to enable collaboration.
    3. In either case, put in place data governance to create trust.

    Tech Trend Update: If Contact Tracing Then Distributed Trust Research & Tools

    Learn why distributed trust is becoming critical to technology systems design

    Understand the differences between mobile app architectures available to developers and how to achieve success in implementation based on your goals.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Tech Trend Update: If Contact Tracing Then Distributed Trust Storyboard
    [infographic]

    Enterprise Architecture

    • Buy Link or Shortcode: {j2store}43|cart{/j2store}
    • Related Products: {j2store}43|crosssells{/j2store}
    • member rating overall impact: 9.2/10
    • member rating average dollars saved: $28,368
    • member rating average days saved: 24
    • Parent Category Name: Service Planning and Architecture
    • Parent Category Link: service-planning-and-architecture
    Demystify enterprise architecture value with key metrics.

    Customer Service Management Software Selection Guide

    • Buy Link or Shortcode: {j2store}530|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Customer Relationship Management
    • Parent Category Link: /customer-relationship-management
    • The business is unaware of cross-selling opportunities across multiple product lines.
    • Customer service staff attrition rates continue to be high, creating longer response delays for voice channels.
    • Customer service responses are reactive in nature, reinforcing a poor culture for customer experience.

    Our Advice

    Critical Insight

    • After-sales customer service is critical for creating, maintaining, and growing customer relationships. Organizations that fail to provide adequate service will be ill positioned for future customer service and sales efforts.
    • Shift left toward delivering predictive service instead of reactive service to enhance customer experiences.
    • Ensure your key performance indicators accurately reflect the incentives you want to give your customer support staff for delivering appropriate customer service.

    Impact and Result

    • Determine your organization’s customer service maturity (and thus if a standalone CSM tool is relevant).
    • Understand key trends and differentiating features in the CSM marketspace.
    • Evaluate major vendors in the CSM marketspace to discover the best-fitting provider.

    Customer Service Management Software Selection Guide Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Customer Service Management Software Selection Guide – A guide to walk you through the process of selecting CSM software.

    This trends and buyer’s guide will help you:

    • Customer Service Management Software Selection Guide Storyboard

    2. CSM Platform RFP Template – A template to provide vendors with a detailed account of the requirements and the expected capabilities of the desired suite.

    Create your own request for proposal (RFP) for your customer service management suite procurement process by customizing Info-Tech's RFP template.

    • CSM Platform RFP Template

    3. CSM Platform Opportunity Assessment Tool – A tool to assess whether a CSM solution is right for your organization.

    Use this tool to assess your maturity and fit for a CSM solution. It will help identify your current CSM state and assist with the decision to move forward with a new solution or augment certain features.

    • CSM Platform Opportunity Assessment Tool

    4. Software Selection Workbook – A workbook to document your progress as your select software.

    Keep stakeholders engaged with simple and friction-free templates to document your progress for Rapid Application Selection.

    • The Software Selection Workbook

    5. Vendor Evaluation Workbook – A workbook to assess vendor capabilities and compare vendors.

    Leverage a traceable and straightforward Vendor Evaluation Workbook to narrow the field of potential vendors and accelerate the application selection process.

    • The Vendor Evaluation Workbook

    6. CSM Platform RFP Scoring Tool – A tool to support your business in objectively evaluating the CSM vendors being considered for procurement.

    Create an objective and fair scoring process to evaluate the RFPs and demonstrations provided by shortlisted vendors. Within this framework, provide a multidimensional evaluation that analyzes the solution's functional capabilities, architecture, costs, service support, and overall suitability in comparison to the organization's expressed requirements.

    • CSM Platform RFP Scoring Tool

    7. CSM Platform Vendor Demo Script Template – A template to support your business’ evaluation of vendors and their solutions with an effective demonstration.

    Create an organized and streamlined vendor demonstration process by clearly outlining your expectations for the demo. Use the demo as an opportunity to ensure that capabilities expressed by vendors are actually present within the considered solution.

    • CSM Platform Vendor Demo Script Template
    [infographic]

    Further reading

    Customer Service Management Software Selection

    Market trends and buyer’s guide

    Analyst Perspective

    The pandemic and growing younger demographic have shifted the terrain of customer service delivery. Customer service management (CSM) tools ensure organizations enhance customer acquisition, customer retention, and overall revenues into the future.

    It is one thing to research customer service best practices; it is another to experience such service. Whether being put on hold for an hour with a telecommunications company, encountering voice biometric security with a bank, or receiving automated FAQs from a chatbot, we all perform our own primary research in customer service by going about our daily lives. Yet while the pandemic required a shift to this multichannel and digital assistant environment (to account for ongoing agent attrition), this trend was actually just accelerated. A growing younger demographic now prefers online communication channels to voice. Social media (whichever the platform) is a fundamental part of this demographic’s online presence and has instigated the need for customer service delivery to meet customers where they are – for both damage control and enhancing customer relationships.

    Organizations delivering customer service across multiple product lines need to examine what delivery channels they need to satisfy customers, alongside assessing how customer loyalty and cross-selling can increase revenues and company reputation. Customer service management tools can assist and enable the future state.

    Thomas Randall, Ph.D., Research Director

    Thomas Randall, Ph.D.
    Research Director, Info-Tech Research Group

    Executive Summary

    Your Challenge Common Obstacles Info-Tech’s Solution
    • The business is unaware of cross-selling opportunities across multiple product lines.
    • Customer service staff attrition rates continue to be high, creating longer response delays for voice channels.
    • Customer service responses are reactive in nature, reinforcing a poor culture for customer experience.
    • It is not clear if a CSM tool would resolve the business’ challenges or if a better-fitting technology solution is preferable (such as a customer relationship management add-on).
    • The business does not know its customer service maturity well enough to assess the feasibility of adopting a CSM tool.
    This trends and buyer’s guide will help you:
    1. Determine your organization’s customer service maturity (and thus if a standalone CSM tool is relevant).
    2. Understand key trends and differentiating features in the CSM marketspace.
    3. Evaluate major vendors in the CSM marketspace to discover the best-fitting provider.

    The objective at the end of the day is to have a single interface that the front-line staff interacts with. I think that is the holy grail when we look at CSM technology. The objective that everyone has in mind is we'd all like to get to one screen and one window. Ultimately, the end game really hasn't changed: How can we make it easy for the agents and how can we minimize their errors? How can we streamline the process so they can work?
    Colin Taylor, CEO, The Taylor Reach Group

    Customer service management tools form an integral part of your CXM technology portfolio

    Customer service management tools are an integral part of CXM

    Info-Tech’s methodology for selecting the right CSM platform

    1. Contextualize the CSM Landscape 2. Select the Right CSM Vendor
    Phase Steps
    1. Define CSM tools.
    2. Explore CSM trends.
    3. Understand if CSM tools are a good fit for your organization.
    1. Build the business case.
    2. Streamline requirements elicitation for CSM.
    3. Construct the request for proposal (RFP)/vendor evaluation workbook.
    Phase Outcomes
    1. Consensus on scope of CSM and key CSM capabilities
    2. Identify your customer service maturity and use for CSM tools
    1. CSM business case
    2. High-value use cases and requirements
    3. CSM RFP/vendor evaluation workbook

    Info-Tech Insight
    Need help constructing your RFP? Use Info-Tech’s CSM Platform RFP Template!

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2

    Call #1: Discover if CSM tools are right for your organization. Understand what a CSM platform is and discover the “art of the possible.”

    Call #2: Identify right-sized vendors and build the business case to select a CSM platform.

    Call #3: Define your key CSM requirements.

    Call #4: Build procurement items, such as an RFP and demo script.

    Call #5: Evaluate vendors and perform final due diligence.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    The CSM selection process should be broken into segments:

    1. CSM vendor shortlisting with this buyer’s guide
    2. Structured approach to selection
    3. Contract review

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit Guided Implementation Workshop Consulting
    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to his the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options

    Software Selection Engagement

    Five Advisory Calls Over a Five-Week Period to Accelerate Your Selection Process

    Expert analyst guidance over five weeks on average to select and negotiate software

    Save money, align stakeholders, speed up the process, and make better decisions

    Use a repeatable, formal methodology to improve your application selection process

    Better, faster results, guaranteed, included in membership

    Five advisory calls over a five week period to accelerate your selection process

    Book Your Selection Engagement

    Software Selection Workshops

    40 Hours of Advisory Assistance Delivered Online

    Select Better Software, Faster

    40 hours of expert analyst guidance

    Project & stakeholder management assistance

    Save money, align stakeholders, speed up the process, and make better decisions

    Better, faster results, guaranteed, $25,000 standard engagement fee

    Software selection workshops

    Book Your Workshop Engagement

    Customer Service Management (CSM) Software

    Phase 1: Contextualize the CSM Landscape

    Receive and resolve after-sales requests within a unified CSM platform

    MULTIPLE CHANNELS
    Customers may resolve their issues via a variety of channels, including voice, SMS, email, social media, and live webchat.
    KNOWLEDGE BASE
    Provide a knowledge base for FAQs that is both customer facing (via customer portal) and agent facing (for live resolutions).
    ANALYTICS
    Track customer satisfaction, agent performances, ticket resolutions, backlogs, traffic analysis, and other key performance indicators (KPIs).
    COLLABORATION
    Enable agents to escalate and collaborate within a unified platform (e.g. tagging colleagues to flag a relevant customer query).

    Info-Tech Insight
    After-sales customer service is critical for creating, maintaining, and growing customer relationships. Organizations that fail to provide adequate service will be poorly positioned for future customer service and sales efforts.

    Identify your differentiating CSM requirements that align to your use cases

    INTEGRATIONS
    Note what integrations are available for your contact center, CRM, or industry-specific solutions (e.g. inventory management) to get the most out of CSM.

    SENTIMENT ANALYSIS
    Reads, contextualizes, and categorizes tickets by sentiment (e.g. “positive”) before escalating to an appropriate agent.

    AUTO-RESPONSE EDITOR
    Built-in AI provides prewritten responses or auto-pulls the relevant knowledge article, assisting agents with speed to resolution.

    ATTRIBUTES-BASED ROUTING
    Learns over time how best to route tickets to appropriate agents based on skills, availability, or proximity of an agent (e.g. multilingual, local, or specialist agents).

    AUTOMATED WORKFLOWS
    CSM tool providers have varying usability for workflow building and enablement. Ensure your use cases align.

    TICKET PRIORITIZATION
    Adapts and prioritizes customer issues by service-level agreement (SLA), priority, and severity according to inputted KPIs.

    Good technology will not fix a bad process. I don't care how good the technology is. If the use case is wrong and the process is wrong, it's not going to work.
    Colin Taylor, CEO
    The Taylor Reach Group

    Leverage CSM tools to shift left toward predictive customer service

    Real-time Pre-event Post-event
    Channel example: Notifications via SMS or social media. Channel example: Notifications via SMS or social media. Channel example: Working with an agent or live chatbot. Channel example: Working with an agent or live chatbot.
    “Your car may need a check-up for faulty parts.” “Here is a local garage to fix your tire pressure.” “I see you have poor tire pressure. Here is a local garage.” “Thank you for your patience, how can we help?”
    Predictive Service
    The CSM recommends mitigation options to the customer before the issue occurs and before the customer knows they need it.
    Proactive Service
    The issue occurs but the CSM recommends mitigation options to the customer before the customer contacts the organization.
    Real-Time Service
    The organization offers real-time mitigation options while working with the customer to resolve the issue.
    Reactive Service
    The customer approaches the organization after the issue occurs, but the organization has no insight into the event.

    Selecting a CSM tool should form part of your broader CXM strategy

    Organizations should ask whether they need a standalone CSM solution or a CSM as part of a broader suite of CXM tools. The latter is especially relevant if your organization already invests in a CXM platform.

    Matrix of CMS tools as part of CXM strategy

    CSM tools are best-suited for organizations with high product and service complexity

    Customer Service Complexity

    Low complexity refers to primarily transactional inquiries. High complexity refers to service workflows for symptom analysis, problem identification, and solution delivery.

    Product Complexity

    High complexity refers to having a large number of brands and individual SKUs, technologically complex products, and products with many add-ons.

    A matrix showing that a standalone CSM tool is best where customer service complexity and product complexity are both high.

    Info-Tech Insight
    Use Info-Tech’s CSM Platform Opportunity Assessment Tool to discover your organization’s customer service maturity.

    Activity: Discover your customer service maturity

    30 minutes

    1. Complete the CSM Platform Opportunity Assessment Tool.
    2. Evaluate your result and document whether a CSM business case is warranted (or if a separate technology selection process is needed).
    Input Output
    • Understanding of the current state and how complex the organization’s product line and help desk support are
    • Ranking of the importance of each decision point
    • Assessment results that provide a high-level view of whether your organization’s product and customer service complexity warrant a standalone CSM tool
    Materials Participants
    • CSM Platform Opportunity Assessment Tool
    • Shared screen or projection
    • Customer support analyst(s)
    • Infrastructure and Operations lead(s)
    • Representative customer support staff
    • Product management analyst(s)

    Download the CSM Platform Opportunity Assessment Tool

    Finalize whether your organization is well positioned to leverage CSM tools

    Bypass Adopt
    Monochannel approach
    You do not participate in multichannel campaigns or your customer personas are typically limited to one or two channels (e.g. voice or SMS).
    Multichannel approach
    You are pursuing multifaceted, customer-specific campaigns across a multitude of channels.
    Small to mid-sized business with small CX team
    Do not buy what you do not need. Focus on the foundations of customer experience (CX) first before extending into a full-fledged CSM tool.
    Maturing CX department
    Customer service needs are extending into managing budgets, generating and segmenting leads, and measuring channel effectiveness.
    Limited product range
    CSM tools typically gain return on investment (ROI) if the organization has a complex product range and is looking to increase cross-sell opportunities across different customer personas.
    Multiple product lines
    Customer base and product lines are large enough to engage in opportunities for cross- and up-selling.

    Case Study

    AkzoNobel

    INDUSTRY
    Retail

    SOURCE
    Sprinklr (2021)

    Use CSM tools to unify the multichannel experience and reduce response time.

    Challenge Solution Results
    AzkoNobel is a leading global paints and coatings company. AzkoNobel had 60+ fragmented customer service accounts on social media for multiple brands. There was little consistency in customer experience and agent responses. Moreover, the customer journey was not being tracked, resulting in lost opportunities for cross-selling across brands. The result: slow response times (up to one week) and unsatisfied customers, leaving the AzkoNobel brand in a vulnerable state.

    AkzoNobel leveraged Sprinklr, a customer experience software provider, to unify six social channels, 19 accounts, and six brands. Sprinklr aligned governance across social media channels with AzkoNobel’s strategic business goals, emphasizing the need for process, increasing revenue, and streamlining customer service.

    AzkoNobel was able to use keywords from customers’ inbound messaging to put an escalation process in place.

    Since bringing on Sprinklr in 2015-2016, unifying customer service channels under one multichannel platform resulted in:

    • 172% increase in customer engagement.
    • 133% increase in post comments.
    • 80% reduced response times.
    • 47% of inquiries answered within five minutes.
    • $18,500 added revenues via social media responses.

    How it got here: The birth of CSM tools

    CSM developed alongside the telephone and call center, rather than customer relationship management platforms.

    1920s 1950s 1967-1973 1980-1990s 2000-2010s
    The introduction of lines of credit and growth of household appliance innovations meant households were buying products at an unprecedented rate. Department stores would set up customer service sections to assist with live fixes or returns. Following the Great Depression and World War II, process, efficiency, and computational technology became defining features of customer service. These features were played out in call centers as automatic call distribution (ACD) technology began to scale. With the development of private automatic branch exchange (PABX), AT&T introduced the toll-free telephone number. Companies began training staff and departments for customer service and building loyalty. With the development of interactive voice response (IVR) in 1973, call centers became increasingly more efficient at routing. Analog technology shifted to digital and the term “contact center” was coined. These centers began being outsourced internationally. With the advent of the internet, CSM technology (in the early guise of a “help desk”) became equipped with computer telephony integration (CTI). Software as a service (SaaS) and CRM maturation strengthened the retention and organization of customer data. Social media also enhanced consumer power as companies rushed to prevent online embarrassment. This prompted investment in multichannel customer service.

    Where it’s going: The future of CSM tools lies in predictive analytics

    The capabilities below are available today but will mature over the next few years. Use the roadmap as a guide for your year of implementation.

    2023
    Go mobile first
    85% of customers believe a company’s mobile website should be just as good as its desktop website. Enabling user-friendly mobile websites provides an effective channel to keep inbound calls down.

    2024
    Shift from multichannel to omnichannel
    Integrating CSM tools with your broader CXM suite enables customer data to seamlessly travel between channels for an omnichannel experience.

    2025
    Enable predictive service
    CSM tools integrate with Internet of Things (IoT) systems to provide automated notifications that alert staff of issues and mitigate issues with customers before the issue even occurs.

    2026
    Leverage predictive analytics for ML use cases
    Use customers’ historic data and preferences to perform better automated customer service over time (e.g. providing personalized resolutions based on previous customer engagements).

    Context and scenario play a huge role in measuring good customer service. Ensure your KPIs accurately reflect the incentives you want to give your customer support staff for delivering appropriate customer service.
    David Thomas, Customer Service Specialist
    Freedom Mobile
    (Reve Chat, 2022)

    Key trends in CSM technology

    As predictive analytics matures, organizations are making use of CSM tools’ ability to enhance personalization, improve their social media response times, and enable self-service.

    BIOMETRICS
    65% of customers say they would accept voice recognition to authorize their identity when calling a customer support line (GetApp, 2021).

    PERSONALIZATION
    51% of marketers, advocating for personalization across multiple touchpoints saw 300% ROI (KoMarketing, 2020).

    SOCIAL MEDIA
    29% of customers aged 18 to 39 prefer online chat communication before and after purchase (RingCentral, 2020).

    SELF-SERVICE
    92% of customers say they would use a knowledge base for self-service support if it was available (Vanilla, 2020).

    Customer Service Management (CSM) Software

    Phase 2: Select the Right CSM Vendor

    Conduct a business impact assessment to document the case for CSM tool selection

    Business Opportunity
    Determine high-level understanding of the need that must be addressed, along with the project goals and affiliated key metrics. Establish KPIs to measure project success.

    System Diagram
    Determine the impact on the application portfolio and where integration is necessary.

    Risks
    Identify potential blockers and risk factors that will impede selection.

    High-Level Requirements
    Consider the business functions and processes affected.

    People Impact
    Confirm who will be affected by the output of the technology selection.

    Overall Business Case
    Calculate the ROI and the financial implications of the application selection. Highlight the overarching value.

    Activity: Build the business case

    2 hours

    1. Access the Business Impact Assessment within the Software Selection Workbook (linked below). Store the assessment in a shared folder (such as in SharePoint, OneDrive, or Google Drive).
    2. Set aside two hours (does not need to be all at once) to ensure the selection team aligns with the unifying rationale for selection.
    3. Complete the six steps to arrive at a high-level business case. This case can then be shared and communicated with interested parties (e.g. impacted stakeholders).
    InputOutput
    • Drivers for the business opportunity to adopt CSM tools
    • Understanding of key stakeholders
    • Overview of application portfolio
    • Budgetary information
    • Business Impact Assessment, which captures your high-level business case
    MaterialsParticipants
    • Software Selection Workbook
    • Screen sharing or projector
    • Whiteboard and drawing materials
    • Customer support analyst(s)
    • Infrastructure and Operations lead(s)
    • Representative customer support staff
    • Product management analyst(s)

    Download the Software Selection Workbook

    Elicit and prioritize granular requirements for your CSM platform

    Understanding business needs through requirements gathering is key to defining everything about what is being purchased, yet it is an area where people often make critical mistakes.

    Signs of poorly scoped requirements Best practices
    • Requirements focus on how the solution should work instead of what it must accomplish.
    • Multiple levels of detail exist within the requirements, which are inconsistent and confusing.
    • Requirements drill all the way down into system-level detail.
    • Language is technical and dense, leaving some stakeholder groups confused on what they are actually looking for in a solution.
    • Requirements are copied from a market analysis of the art of the possible, abstract from organization’s own customer persona analysis.
    • Get a clear understanding of what the system needs to do and what it is expected to produce. Build customer personas to assist with identifying high-value use cases.
    • Test against the principle of MECE – requirements should be “mutually exclusive and collectively exhaustive.”
    • Use language that is consistent with that of the market and focus on key differentiators – not table stakes.
    • Include the appropriate level of detail, which should be suitable for procurement and sufficient for differentiating vendors.

    Info-Tech Insight
    Review Info-Tech’s requirements gathering methodology to improve your requirements gathering process.

    Choose your route: RFP or otherwise?

    As you gather requirements, decide which procurement route best suits your context.

    RFI (Request for Information) RFQ (Request for Quotation) RFP (Request for Proposal)
    Purpose and Usage

    Gather information about products/services when you know little about what’s available.

    Often followed by an RFP.

    Solicit pricing and delivery information for products/services with clearly defined requirements.

    Best for standard or commodity products/services.

    Solicit formal proposals from vendors to conduct an evaluation and selection process.

    Formal and fair process; identical for each participating vendor.

    Level of Intent

    Fact-finding there is no commitment to engage the vendor.

    Vendors are often reluctant to provide quotes.

    Committed to procure a specific product/service at the lowest price.

    Intent to buy the products/services in the RFP.

    Business case/approval to spend is already obtained.

    Level of Detail High-level requirements and business goals.

    Detailed specifications of what products/services are needed.

    Detailed contract and delivery terms.

    Detailed business requirements and objectives.

    Standard questions and contract term requests for all vendors.

    Response

    Generalized response with high-level product/services.

    Sometimes standard pricing quote.

    Price quote and confirmation of ability to fulfill desired terms.

    Detailed solution description, delivery approach, customized price quote, and additional requested information.

    Product demo and/or hands-on trial.

    Info-Tech Insight
    If you are in a hurry, consider instead issuing Info-Tech’s Vendor Evaluation Workbook. This workbook speeds up the typical procurement process by adding RFP-like requirements (such as operational and technical requirements) while driving the procurement process via emphasis on high-value use cases.

    Download the Vendor Evaluation Workbook

    Activity: Document requirements

    2 hours

    1. Review each tab of Info-Tech’s CSM Platform RFP Scoring Tool to generate use cases and ideas for your requirements building.
    2. Modify and include additional features you may need, using Info-Tech’s CSM Platform RFP Template to assist with structure (if pursuing an RFP process) or Vendor Evaluation Workbook (if an RFP process is not needed). Pay attention to any nonfunctional requirements (such as security or integrations), alongside future trends of CSM. Vendors must be able to scale with your organization’s growth.
    3. You can use the CSM Platform RFP Scoring Tool again when assessing vendor responses.
    Input Output
    • Key use cases that capture your most important customer service support processes
    • Discussion of CSM future trends and differentiating features
    • Confirmation on organization’s significant nonfunctional requirements (e.g. security or integrations)
    • Either a Requirements Workbook to go straight to shortlisted vendor(s) or an RFP document to solicit a broader market response
    Materials Participants
    • CSM Platform RFP Scoring Tool
    • CSM Platform RFP Template
    • Vendor Evaluation Workbook
    • Customer support analyst(s)
    • Infrastructure and Operations lead(s)
    • Other major stakeholders (for requirements elicitation)

    Download the CSM Platform RFP Scoring Tool

    Download the CSM Platform RFP Template

    Once vendor responses are in, turn product demos into investigative interviews

    Avoid vendor glitz and glamour shows by ensuring vendors are concretely applying their solution to your high-value use cases.

    1 Minimize the number of vendors to four to keep up the pace of the selection process.
    2 Provide a demo script that captures your high-value use cases and differentiating requirements.
    3 Ensure demos are booked close together and the selection committee attends all demos.

    Conduct a day of rapid-fire vendor demos

    Zoom in on high-value use cases and answers to targeted questions

    Rapid-fire vendor investigative interview

    Invite vendors to come onsite (or join you via videoconference) to demonstrate the product and answer questions. Use a highly targeted demo script to help identify how a vendor’s solution will fit your organization’s particular business capability needs.

    Give each vendor 90 to 120 minutes to give a rapid-fire presentation. We suggest the following structure:

    • 30 minutes: Company introduction and vision
    • 60 minutes: Walkthrough of two or three high-value demo scenarios
    • 30 minutes: Targeted Q&A from the business stakeholders and procurement team

    To ensure a consistent evaluation, vendors should be asked analogous questions and answers should be tabulated.

    How to challenge the vendors in the investigative interview

    • Change the visualization/presentation.
    • Change the underlying data.
    • Add additional data sets to the artifacts.
    • Test voice quality (if the vendor offers a native telephony channel).
    • Test collaboration capabilities.

    To kick-start scripting your demo scenarios, leverage our CSM Platform Vendor Demo Script Template.

    A vendor scoring model provides a clear anchor point for your evaluation of CRM vendors based on a variety of inputs

    A vendor scoring model is a systematic method for effectively assessing competing vendors. A weighted-average scoring model is an approach that strikes a strong balance between rigor and evaluation speed.

    How do I build a scoring model? What are some of the best practices?
    • Start by shortlisting the key criteria you will use to evaluate your vendors. Functional capabilities should always be a critical category, but you’ll also want to look at criteria such as affordability, architectural fit, and vendor viability.
    • Depending on the complexity of the project, you may break down some criteria into subcategories to assist with evaluation (for example, breaking down functional capabilities into constituent use cases so you can score each one).
    • Once you’ve developed the key criteria for your project, the next step is weighting each criterion. Your weightings should reflect the priorities for the project at hand. For example, some projects may put more emphasis on affordability, others on vendor partnership.
    • Using the information collected in the subsequent phases of this blueprint, score each criterion from 1 to 100, then multiply by the weighting factor. Add up the weighted scores to arrive at the aggregate evaluation score for each vendor on your shortlist.
    • While the criteria for each project may vary, it’s helpful to have an inventory of repeatable criteria that can be used across application selection projects. The next slide contains an example that you can add to or subtract from.
    • Don’t go overboard on the number of criteria: five to ten weighted criteria should be the norm for most projects. The more criteria (and subcriteria) you must score against, the longer it will take to conduct your evaluation. Always remember, link the level of rigor to the size and complexity of your project! It’s possible to create a convoluted scoring model that takes significant time to fill out but yields little additional value.
    • Creation of the scoring model should be a consensus-driven activity among IT, procurement, and the key business stakeholders – it should not be built in isolation. Everyone should agree on the fundamental criteria and weights that are employed.
    • Consider using not just the outputs of investigative interviews and RFP responses to score vendors, but also third-party review services like SoftwareReviews.

    Info-Tech Insight
    Even the best scoring model will still involve some “art” rather than science. Scoring categories such as vendor viability always entail a degree of subjective interpretation.

    Define how you will score vendor responses and demos

    Your key CSM criteria should be informed by the following goals, use cases, and requirements.

    Criteria Description
    Functional Capabilities How well does the vendor align with the top-priority functional requirements identified in your accelerated needs assessment? What is the vendor’s functional breadth and depth?
    Affordability How affordable is this vendor? Consider a three-to-five-year total cost of ownership (TCO) that encompasses not just licensing costs but also implementation, integration, training, and ongoing support costs.
    Architectural Fit How well does this vendor align with your direction from an enterprise architecture perspective? How interoperable is the solution with existing applications in your technology stack? Does the solution meet your deployment model preferences?
    Extensibility How easy is it to augment the base solution with native or third-party add-ons as your business needs may evolve?
    Scalability How easy is it to expand the solution to support increased user, data, and/or customer volumes? Does the solution have any capacity constraints?
    Vendor Viability How viable is this vendor? Are they an established player with a proven track record or a new and untested entrant to the market? What is the financial health of the vendor? How committed are they to the particular solution category?
    Vendor Vision Does the vendor have a cogent and realistic product roadmap? Are they making sensible investments that align with your organization’s internal direction?
    Emotional Footprint How well does the vendor’s organizational culture and team dynamics align to yours?
    Third-Party Assessments and/or References How well-received is the vendor by unbiased third-party sources like SoftwareReviews? For larger projects, how well does the vendor perform in reference checks (and how closely do those references mirror your own situation)?

    Leverage Info-Tech’s Contract Review Services to level the playing field with shortlisted vendors

    You may be faced with multiple products, services, master service agreements, licensing models, service agreements, and more.

    Use Info-Tech’s Contract Review Services to gain insights on your agreements.

    Consider the aspects of a contract review:

    1. Are all key terms included?
    2. Are they applicable to your business?
    3. Can you trust that results will be delivered?
    4. What questions should you be asking from an IT perspective?

    Validate that a contract meets IT’s and the business’ needs by looking beyond the legal terminology. Use a practical set of questions, rules, and guidance to improve your value for dollar spent.

    Book Contract Review Service

    Download Master Contract Review and Negotiation for Software Agreements

    Customer Service Management (CSM) Software

    Vendor Analysis

    Evaluate software category leaders through vendor rankings and awards

    SoftwareReviews

    The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.

    Vendors are ranked by their Composite Score, based on individual feature evaluations, user satisfaction rankings, vendor capability comparisons, and likeliness to recommend the platform.

    The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.

    Vendors are ranked by their Customer Experience (CX) Score, which combines the overall Emotional Footprint rating with a measure of the value delivered by the solution.

    Speak with category experts to dive deeper into the vendor landscape

    SoftwareReviews

    Fact-based reviews of business software from IT professionals.

    Product and category reports with state-of-the-art data visualization.

    Top-tier data quality backed by a rigorous quality assurance process.

    User-experience insight that reveals the intangibles of working with a vendor.

    SoftwareReviews is powered by Info-Tech

    Technology coverage is a priority for Info-Tech, and SoftwareReviews provides the most comprehensive, unbiased data on today’s technology. Combined with the insight of our expert analysts, our members receive unparalleled support in their buying journey.

    Click here to access SoftwareReviews

    Comprehensive software reviews to make better IT decisions

    We collect and analyze the most detailed reviews on enterprise software from real users to give you an unprecedented view into the product and vendor before you buy.

    Microsoft Dynamics 365

    Est. 2003 | WA, USA | MSFT:NASDAQ

    Bio

    To accelerate your digital transformation, you need a new type of business application. One that breaks down the silos between CRM and ERP, that’s powered by data and intelligence, and helps capture new business opportunities. That’s Microsoft Dynamics 365.

    Offices

    Microsoft is located all over the world. For a full list, see Microsoft Worldwide Sites.

    representative Customers

    Stated Industry Specializations

    • Covers an extremely wide range of industries, such as finance, education, government, healthcare, manufacturing, and retail.

    Software review for Microsoft

    SoftwareReviews’ CSM Enterprise Vendor Ranking
    (out of 7)

    Likeliness to Recommend

    • 7th (81%)

    Plan to Renew

    • 6th (93%)

    Satisfaction That Cost Is Fair Relative to Value

    • 2nd (81%)

    Strengths

    • Product Strategy and Rate of Improvement (1st)
    • Ease of Customization (1st)
    • Breadth of Features (2nd)

    Areas to Improve

    • Availability and Quality of Training (5th)
    • Ease of Implementation (7th)
    • Usability and Intuitiveness (7th

    Microsoft Dynamics 365

    History

    Founded 2003 (as Microsoft Dynamics CRM)
    2005 Second version branded Dynamics 3.0.
    2009 Dynamics CRM 4.0 (Titan) passes 1 million user mark.
    2015 Announces availability of CRM Cloud design for FedRAMP compliance.
    2016 Dynamics 365 released as successor to Dynamics CRM.
    2016 Microsoft’s acquisition of LinkedIn provides line of data to 500 million users.
    2021 First-party voice channel added to Dynamics 365.
    2022 Announces Digital Contact Center Platform powered with Nuance AI, MS Teams, and Dynamics 365.

    Microsoft is rapidly innovating in the customer experience technology marketspace. Alongside Dynamics 365’s omnichannel offering, Microsoft is building out its own native contact center platform. This will provide new opportunities for centralization without multivendor management between Dynamics 365, Microsoft Teams, and an additional third-party telephony or contact-center-as-a-service (CCaaS) vendor. SoftwareReviews reports suggest that Microsoft is a market leader in the area of product innovation for CSM, and this area of voice channel capability is where I see most industry interest.

    Of course, Dynamics 365 is not a platform to get only for CSM functionality. Users will typically be a strong Microsoft shop already (using Dynamics 365 for customer relationship management) and are looking for native CSM features to enhance customer service workflow management and self-service.
    Thomas Randall
    Research Director, Info-Tech Research Group

    Info-Tech Insight
    Pricing for Microsoft Dynamics 365 is often contextualized to an organization’s needs. However, this can create complicated licensing structures. Two Info-Tech resources to assist are:

    *This service may be used for other enterprise CSM providers too, including Salesforce, ServiceNow, SAP, and Oracle.
    Contact your account manager to review your access to this service.

    Freshworks

    Est. 2010 | CA, USA | FRSH:NASDAQ

    Bio

    Freshworks' cloud-based customer support software, Freshdesk, makes customer happiness refreshingly easy. With powerful features, an easy-to-use interface, and a freemium pricing model, Freshdesk enables companies of all sizes to provide a seamless multichannel support experience across email, phone, web, chat, forums, social media, and mobile apps. Freshdesk’s capabilities include robust ticketing, SLA management, smart automations, intelligent reporting, and game mechanics to motivate agents.

    Offices

    • Americas: US
    • Asia-Pacific (APAC): Australia, India, Singapore
    • Europe, Middle East, and Africa (EMEA): France, Germany, Netherlands, UK

    Freshworks Representative Customers

    Stated Industry Specializations

    • Automotive
    • Education
    • Energy
    • Finance
    • Healthcare
    • Nonprofit
    • Professional Services
    • Publishing
    • Real Estate
    • Retail
    • Travel

    Software Review of Freshworks

    SoftwareReviews’ CSM Enterprise Vendor Ranking
    (out of 7)

    Likeliness to Recommend

    • 3rd (83%)

    Plan to Renew

    • 4th (94%)

    Satisfaction That Cost Is Fair Relative to Value

    • 3rd (80%)

    Strengths

    • Breadth of Features (1st)
    • Usability and Intuitiveness (1st)
    • Ease of Implementation (2nd)

    Areas to Improve

    • Ease of IT Administration (3rd)
    • Vendor Support (4th)
    • Product Strategy and Rate of Improvement (4th)

    Freshworks

    History

    Founded 2010
    2011 Freshdesk forms a core component of product line.
    2014 Raises significant capital in Series D round: $31M.
    2016 Acquires Airwoot, enabling real-time customer support on social media.
    2019 Raises $150M in Series H funding round.
    2019 Acquires Natero, which predicts, analyzes, and drives customer behavior.
    2021 Surpasses $300M in annual recurring revenues.
    2021 Freshworks posts its IPO listing.

    Freshworks stepped into the SaaS customer support marketspace in 2010 to attract dissatisfied Zendesk eSupport customers, following Zendesk’s large price increases that year (of 300%). After performing well during the pandemic, Freshworks has reinforced its global positioning in the CSM tool marketspace; SoftwareReviews data suggests Freshworks performs very well against its competitors for breadth and intuitiveness of its features.

    Freshworks receives strong recommendations from Info-Tech’s members, boasting a broad product selection that enables opportunities for scaling and receiving a high rate of value return. Of note are Freshworks’ internal customer management solution and its native contact center offering, limiting multivendor management typically required for integrating separate IT service management (ITSM) and CCaaS solutions.
    Thomas Randall
    Research Director, Info-Tech Research Group

    Free Growth Pro Enterprise
    • $0 up to 10 agents
    • Knowledge base
    • Ticket routing
    • Out-of-box analytics
    • $15 agent/month
    • Collision detection
    • Integrations
    • Automated follow-ups
    • $49 agent/month
    • Multiple product lines
    • Personalization
    • CSAT surveys
    • Customer journey
    • $79 agent/month
    • Assist bot and email bot
    • Skill-based routing

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor’s website for latest information.

    Help Scout

    Est. 2006 | MA, USA | HUBS:NYSE

    Bio
    Help Scout is designed with your customers in mind. Provide email and live chat with a personal touch and deliver help content right where your customers need it, all in one place, all for one low price. The customer experience is simple and training staff is painless, but Help Scout still has all the powerful features you need to provide great support at scale. With best-in-class reporting, an integrated knowledge base, 50+ integrations, and a robust API, Help Scout lets your team focus on what really matters: your customers.

    Offices

    • Americas: Canada, Colombia, US
    • APAC: Australia, Japan, Singapore
    • EMEA: Belgium, France, Ireland, Germany, UK

    Questions for support transition

    Stated Industry Specializations

    • eCommerce
    • Education
    • Finance
    • Healthcare
    • Logistics
    • Manufacturing
    • Media
    • Professional Services
    • Property Management
    • Software

    Software Review of Help Scout

    SoftwareReviews’ CSM Enterprise Vendor Ranking
    (out of 7)

    Likeliness to Recommend

    • 4th (82%)

    Plan to Renew

    • 7th (87%)

    Satisfaction That Cost Is Fair Relative to Value

    • 7th (71%)

    Strengths

    • Business Value Created (1st)
    • Ease of Data Integration (1st)
    • Breadth of Features (3rd)

    Areas to Improve

    • Ease of IT Administration (5th)
    • Product Strategy and Rate of Improvement (5th)
    • Quality of Features (6th)

    Help Scout

    History

    Founded 2011
    2015 Raised $6M in Series A funding.
    2015 Rebrands from Brightwurks to Help Scout.
    2015 Named by Appstorm as one of six CSM tools to delight Mac users.
    2016 iOS app released.
    2017 Android app released.
    2020 All employees instructed to work remotely.
    2021 Raises $15M in Series B funding.

    Help Scout provides a simplified, standalone CSM tool that operates like a shared email inbox. Best suited for mid-sized organizations, customers can expect live chat, in-app messaging, and knowledge-base functionality. A particular strength is Help Scout’s integration capabilities, with a wide range of CRM, eCommerce, marketing, and communication APIs available. This strength is also reflected in the data: SoftwareReviews lists Help Scout as first in its CSM category for ease of data integrations.

    Customers who are expecting a broader range of channels (including voice, video cobrowsing, and so on) will not find good return on investment with Help Scout. However, for mid-sized organizations looking to begin maturing their customer service management, Help Scout provides a strong foundation – especially for enhancing in-house collaboration between support staff.
    Thomas Randall
    Research Director, Info-Tech Research Group

    Standard Plus Pro
    • $20 user/month
    • Live chat
    • Up to 25 users
    • 50+ integrations
    • 2 mailboxes
    • $40 user/month
    • Advanced permissions
    • Group users
    • 5 mailboxes
    • $65 user/month
    • HIPAA compliance
    • Onboarding service
    • Dedicated account manager

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor’s website for latest information.

    HubSpot

    Est. 2006 | MA, USA | HUBS:NYSE

    Bio
    HubSpot’s Service Hub brings all your customer service data and channels together in one place and helps scale your support through automation and self-service. The result? More time for proactive service that delights, retains, and grows your customer base. HubSpot provides software and support to help businesses grow better. The overall platform includes marketing, sales, service, and website management products that start free and scale to meet our customers’ needs at any stage of growth.

    Offices

    • Americas: Canada, Colombia, US
    • APAC: Australia, Japan, Singapore
    • EMEA: Belgium, France, Ireland, Germany, UK

    HubSpot Representative Customers

    Stated Industry Specializations

    • Covers an extremely wide range of industries, such as finance, education, healthcare, manufacturing, and retail.

    Software Review for HubSpot

    SoftwareReviews’ CSM Enterprise Vendor Ranking
    (out of 7)

    Likeliness to Recommend

    • 1st (88%)

    Plan to Renew

    • 1st (98%)

    Satisfaction That Cost Is Fair Relative to Value

    • 5th (78%)

    Strengths:

    • Vendor Support (1st)
    • Availability and Quality of Training (1st)
    • Ease of IT Administration (1st)

    Areas to Improve:

    • Ease of Data Integration (5th)
    • Ease of Customization (5th)
    • Breadth of Features (7th)

    HubSpot

    History

    Founded 2006
    2013 Opens first international office in Ireland.
    2014 First IPO listing on NYSE, raising $140M.
    2015 Milestone for acquiring 15,000 customers
    2017 Acquires Kemvi for AI and ML support for sales teams.
    2019 Acquires PieSync for customer data synchronization.
    2021 Yamini Rangan is announced as new CEO.
    2021 Records $1B in revenues.

    HubSpot is a competitive player in the enterprise sales and marketing technology market. Offering an all-in-one platform, HubSpot allows users to leverage its CRM, marketing solutions, content management tool, and CSM tool. Across knowledge management, contact center integration, and customer self-service, SoftwareReviews data pits HubSpot as performing better than its enterprise competitors.

    While customers can leverage HubSpot’s CSM tool independently, watch out for scope creep. HubSpot’s other offerings are tightly integrated and module extensions could quickly add up in price. HubSpot may not be affordable for most regional, mid-sized organizations, and a poor ROI may be expected. For instance, the Pro plan is required to get a knowledge base, which is typically a standard CSM feature – yet the same plan also comes with multicurrency support, which could remain unleveraged.
    Thomas Randall
    Research Director, Info-Tech Research Group

    Free Starter Pro Enterprise
    • $0 month
    • Ticketing
    • Live chat
    • 200 notifications per month
    • $45 month
    • 5,000 email templates
    • White label
    • 500 calling minutes
    • $450 month
    • 30 currencies
    • Knowledge base
    • Up to 300 workflows
    • $1,200 month
    • Conversation intelligence
    • SSO

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor’s website for latest information.

    Salesforce

    Est. 1999 | CA, USA | CRM:NYSE

    Bio

    Service Cloud customer service software gives you faster, smarter customer support. Salesforce provides customer relationship management software and applications focused on sales, customer service, marketing automation, analytics, and application development.

    Offices

    • Americas: US
    • APAC: Australia, India, Singapore
    • EMEA: France, Germany, Netherlands, UK

    Salesforce Representative Customers

    Stated Industry Specializations

    • Covers an extremely wide range of industries, such as finance, education, government, healthcare, manufacturing, and retail.

    Software Review for Salesforce

    SoftwareReviews’ CSM Enterprise Vendor Ranking
    (out of 7)

    Likeliness to Recommend

    • 6th (81%)

    Plan to Renew

    • 2nd (96%)

    Satisfaction That Cost Is Fair Relative to Value

    • 4th (79%)

    Strengths:

    • Usability and Intuitiveness (5th)
    • Breadth of Features (5th)
    • Ease of Implementation (6th)

    Areas to Improve:

    • Ease of IT Administration (7th)
    • Availability and Quality of Training (7th)
    • Ease of Customization (7th)

    Salesforce

    History

    Founded 1999
    2000 Salesforce launches its cloud-based products.
    2003 The first Dreamforce (a leading CX conference) happens.
    2005 Salesforce unveils AppExchange.
    2013 Salesforce acquires ExactTarget and expands Marketing Cloud offering.
    2016 Salesforce acquires Demandware, launches Commerce Cloud.
    2019 Salesforce acquires Tableau to expand business intelligence capabilities.
    2021 Salesforce buys major collaboration vendor Slack.

    Salesforce was an early disruptor in CRM marketspace, placing a strong emphasis on a SaaS delivery model and end-user experience. This allowed Salesforce to rapidly gain market share at the expense of complacent enterprise application vendors. A series of savvy acquisitions over the years has allowed Salesforce to augment its core Sales and Service Clouds with a wide variety of other solutions, from ecommerce to marketing automation – and recently Slack for internal collaboration.

    Salesforce Service Cloud Voice is now available to take advantage of integrating telephony and voice channels into your CRM. This service is still maturing, though, with Salesforce selecting Amazon Connect as its preferred integrator. However, Connect is not necessarily plug-and-play – it is a communications platform as a service, requiring you to build your own contact center solution. This is either a fantastic opportunity for creativity or a time suck of already tied-up resources.
    Thomas Randall
    Research Director, Info-Tech Research Group

    Service Cloud Essentials Service Cloud Professional Service Cloud Enterprise Service Cloud Unlimited
    • $25 user/month
    • Small businesses after basic functionality
    • $75 user/month
    • Mid-market target
    • $150 user/month
    • Enterprise target
    • Web Services API
    • $300 user/month
    • Strong upmarket feature additions

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor’s website for latest information.

    Zendesk

    Est. 2007 | CA, USA | ZEN:NYSE

    Bio

    Zendesk streamlines your support with time-saving tools like ticket views, triggers, and automations. This helps you get straight to what matters most – better customer service and more meaningful conversations. Today, Zendesk is the champion of great service everywhere for everyone and powers billions of conversations, connecting more than 100,000 brands with hundreds of millions of customers over telephony, chat, email, messaging, social channels, communities, review sites, and help centers.

    Offices

    • Americas: Brazil, Canada, US
    • APAC: Australia, China, India, Indonesia, Japan, Korea, Malaysia, Philippines, Singapore, Thailand, Vietnam
    • EMEA: Denmark, France, Germany, Ireland, Italy, Netherlands, Poland, Spain, Sweden, UK

    Zendesk Representative Customers

    Stated Industry Specializations

    • Education
    • Finance
    • Government
    • Healthcare
    • Manufacturing
    • Media
    • Retail
    • Software
    • Telecommunications

    Software Review for Zendesk

    SoftwareReviews’ CSM Enterprise Vendor Ranking
    (out of 7)

    Likeliness to Recommend

    • 5th (81%)

    Plan to Renew

    • 5th (94%)

    Satisfaction That Cost Is Fair Relative to Value

    • 6th (77%)

    Strengths

    • Ease of IT Administration (2nd)
    • Ease of Implementation (5th)
    • Quality of Features (5th)

    Areas to Improve

    • Business Value Created (7th)
    • Vendor Support (7th)
    • Product Strategy and Rate of Improvement (7th)

    Zendesk

    History

    Founded 2007
    2008 Initial seed funding of $500,000.
    2009 Receives $6M through Series B Funding.
    2009 Relocates from Copenhagen to San Francisco.
    2014 Acquires Zopin Technologies.
    2014 Listed on NYSE.
    2015 Acquires We Are Cloud SAS.
    2018 Launches Zendesk Sell.

    Zendesk is a global player in the CSM tool marketspace and works with enterprises across a wide variety of industries. Unlike some other CSM players, Zendesk provides more service channels at its lowest licensing offer, affording organizations a quicker expansion in customer service delivery without making enterprise-grade investments. However, the price of the lowest licensing offer starts much higher than Zendesk’s competitors; organizations will need to consider if the cost to try Zendesk over an annual contract is within budget.

    Unfortunately, SoftwareReviews data suggests that Zendesk may not always provide that immediate value, especially to mid-sized organizations. Zendesk is rated lower for vendor support and business value created. However, Zendesk provides strong functionality that competes with other enterprise players, and mid-sized organizations are continually impressed with Zendesk’s automation workflows.
    Thomas Randall
    Research Director, Info-Tech Research Group

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor’s website for latest information.

    Team Growth Pro
    • $49 user/month
    • Ticketing
    • Email, voice, SMS, and live chat channels
    • $79 user/month
    • AI-powered knowledge management
    • Self-service portal
    • $99 user/month
    • HIPAA compliance
    • Customizable dashboards

    LiveChat

    Est. 2002 | Poland | WSE:LVC

    Bio

    Manage all emails from customers in one app and save time on customer support. LiveChat is a real-time live-chat software tool for ecommerce sales and support that is helping ecommerce companies create a new sales channel. It serves more than 30,000 businesses in over 150 countries, including large brands like Adobe, Asus, LG, Acer, Better Business Bureau, and Air Asia and startups like SproutSocial, Animoto, and HasOffers.

    Offices

    • Americas: US
    • EMEA: Poland

    LiveChat Representative Customers

    Stated Industry Specializations

    • eCommerce
    • Education
    • Finance
    • Software and IT

    Software Review for LiveChat

    SoftwareReviews’ CSM Midmarket Vendor Ranking
    (out of 8)

    Likeliness to Recommend

    • 1st (93%)

    Plan to Renew

    • 4th (92%)

    Satisfaction That Cost Is Fair Relative to Value

    • 5th (83%)

    Strengths

    • Product Strategy and Rate of Improvement (1st)
    • Usability and Intuitiveness (1st)
    • Breadth of Features (1st)

    Areas to Improve

    • Ease of Implementation (5th)
    • Ease of IT Administration (5th)
    • Ease of Customization (7th)

    LiveChat

    History

    Founded 2002
    2006 50% of company stock bought by Capital Partners.
    2008 Capital Partners sells entire stake to Naspers.
    2011 LiveChat buys back majority of stakeholder shares.
    2013 Listed by Red Herring in group of most innovative companies across Europe.
    2014 Listed on Warsaw Stock Exchange.
    2019 HelpDesk is launched.
    2020 Offered services for free to organizations helping mitigate the pandemic.

    LiveChat’s HelpDesk solution for CSM is a relatively recent solution (2019) that is proving very popular for small to mid-sized businesses (SMBs) – especially across Western Europe. SoftwareReviews’ data shows that HelpDesk is well-rated for breadth of features, usability and intuitiveness, and rate of improvement. Indeed, LiveChat has won and been shortlisted for several awards over the past decade for customer feedback, innovation, and fast growth to IPO.

    When shortlisting LiveChat’s HelpDesk, SMBs should be careful of scope creep. LiveChat offers a range of other solutions that are intended to work together. The LiveChat self-titled product is designed to integrate with HelpDesk to provide ticketing, email management, and chat management. Moreover, LiveChat’s AI-based ChatBot (for automated webchat) comes with additional cost (starting at $52 team/month).
    Thomas Randall
    Research Director, Info-Tech Research Group

    Team Plan Enterprise
    • $29 user/month.
    • Customized canned responses
    • Real-time reporting
    • Request quote
    • White labelling
    • Product training
    • Account manager

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor’s website for latest information.

    ManageEngine

    Est. 1996 | India | Privately Owned

    Bio

    SupportCenter Plus is a web-based customer support software that lets organizations effectively manage customer tickets, their account and contact information, and their service contracts, and in the process provide a superior customer experience. ManageEngine is a division of Zoho.

    Offices

    • Americas: Brazil, Colombia, Mexico, US
    • APAC: Australia, China, India, Japan, Singapore
    • EMEA: Netherlands, Saudi Arabia, South Africa, UAE, UK

    ManageEngine Representative Customers

    Stated Industry Specializations

    • None stated but representative customers cover manufacturing, R&D, real estate, and transportation.

    Software Review for ManageEngine

    SoftwareReviews’ CSM Midmarket Vendor Ranking
    (out of 8)

    Likeliness to Recommend

    • 6th (85%)

    Plan to Renew

    • 5th (91%)

    Satisfaction That Cost Is Fair Relative to Value

    • 6th (83%)

    Strengths

    • Ease of Customization (1st)
    • Ease of Implementation (2nd)
    • Ease of IT Administration (2nd)

    Areas to Improve

    • Quality of Features (4th)
    • Usability and Intuitiveness (6th)
    • Availability and Quality of Training (8th)

    ManageEngine

    History

    Founded 1996
    2002 Branches from Zoho to become division focused on IT management.
    2004 Becomes an authorized MySQL Partner.
    2009 Begins shift of offerings into the cloud.
    2010 Tops 35,000 customers.
    2011 Integration with Zoho Assist.
    2015 Integration with Zoho Reports.

    ManageEngine, as a division of Zoho, has its strengths in IT operations management (ITOM). SupportCenter thus scores well in our SoftwareReviews data for ease of customization, implementation, and administration. As ManageEngine is a frequently discussed low-cost vendor in the ITOM market, customers often get good scalability across IT, sales, and marketing teams. Although SupportCenter is aimed at the midmarket and is low cost, organizations have the benefit of ManageEngine’s global presence and backing by Zoho for viability.

    However, because ManageEngine’s focus is ITOM, the breadth and quality of features for SupportCenter are not rated as well compared to its competitors. These features may be “good enough,” but usability and intuitiveness is not scored high. Organizations thinking about SupportCenter are recommended to identify their high-value use cases and perform user acceptance testing before adopting.
    Thomas Randall
    Research Director, Info-Tech Research Group

    Standard* Pro* Enterprise*
    • Account and contact management
    • Knowledge base
    • SLA management
    • Customer portal
    • Active Directory integration
    • Reporting and dashboards
    • Billing contracts
    • Live chat
    • APIs
    • Automation tools

    *Pricing unavailable. Request quote.
    See pricing on vendor’s website for latest information.

    Zoho Desk

    Est. 1996 | India | Privately Owned

    Bio

    Use the power of customer context to improve agent productivity, promote self-service, manage cross-functional service processes, and increase customer happiness. Zoho offers beautifully smart software to help you grow your business. With over 80 million users worldwide, Zoho's 55+ products (including Zoho Desk) aid your sales and marketing, support and collaboration, finance, and recruitment needs – letting you focus only on your business.

    Offices

    • Americas: Brazil, Colombia, Mexico, US
    • APAC: Australia, China, India, Japan, Singapore
    • EMEA: Netherlands, Saudi Arabia, South Africa, UAE, UK

    Zoho Desk Representative Customers

    Stated Industry Specializations

    • Covers an extremely wide range of industries, such as finance, education, government, healthcare, manufacturing, and retail.

    Software Review for Zoho Desk

    SoftwareReviews’ CSM Midmarket Vendor Ranking
    (out of 8)

    Likeliness to Recommend

    • 2nd (90%)

    Plan to Renew

    • 2nd (98%)

    Satisfaction That Cost Is Fair Relative to Value

    • 3rd (83%)

    Strengths

    • Breadth of Features (2nd)
    • Quality of Features (3rd)
    • Ease of Implementation (3rd)

    Areas to Improve

    • Business Value Created (5th)
    • Ease of Data Integration (5th)
    • Product Strategy and Rate of Improvements (5th)

    Zoho Desk

    History

    Founded 1996
    2001 Expands into Japan and shifts focus to SMBs.
    2006 Zoho CRM is launched, alongside first Office suite.
    2008 Reaches 1M users.
    2009 Rebrands from AdventNet to Zoho Corp.
    2011 Zoho Desk is built and launched.
    2017 Zoho One, a suite of applications, is launched.
    2020 Reaches 50M users.

    Zoho Desk is one of the highest scoring CSM tool providers for likelihood to renew and recommend (98% and 90%, respectively). A major reason is that users receive a broad range of functionality for a lower-cost price model. There is also the capacity to scale with Zoho Desk as midmarket customers expand; companies can grow with Zoho and can receive high return on investment in the process.

    However, while Zoho Desk can be used as a standalone CSM tool, there is danger of scope creep with other Zoho products. Zoho now has 50+ applications, all tied into one another. For Zoho Desk, customers may also lean into Zoho Assist (for troubleshooting customer problems via remote access) and Zoho Lens (for reality-based remote assistance, typically for plant machinery or servers). Consequently, customers should keep an eye on business value created if the scope of CSM grows wider.
    Thomas Randall
    Research Director, Info-Tech Research Group

    Standard Pro Enterprise
    • $14 user/month
    • 1 social media channel
    • 5 workflow rules
    • $23 user/month
    • Telephony channel
    • Round-robin ticket assignment
    • Ticket sharing
    • $40 user/month
    • Live chat
    • Contract management SLAs

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor’s website for latest information.

    Summary of AccomplishmentSuccessful selection of a CSM tool

    In this trends and buyer’s guide for CSM tool selection, we engaged in several activities to:

    1. Contextualize the CSM technology marketspace.
    2. Engage in a selection process for CSM tools.

    The result:

    • Understanding of key trends and differentiating features in the CSM marketspace.
    • Determination of your organization’s customer service maturity (and thus if a standalone CSM tool is relevant).
    • Identification of high-value use cases that CSM tools should successfully enable.
    • Evaluation of major vendors in the CSM marketspace to discover the best-fitting provider.
    • Procurement items to finalize selection process.

    If you would like additional support, have our analysts guide you through an Info-Tech workshop or Guided Implementation

    Contact your account representative for more information.
    workshops@infotech.com
    1-888-670-8889

    Related Info-Tech Research

    Governance and Management of Enterprise Software Implementation

    • Being Agile will increase the likelihood of success.

    The Rapid Application Selection Framework

    • Application selection is a critical activity for IT departments. Implement a repeatable, data-driven approach that accelerates application selection efforts.

    Build a Strong Technology Foundation for Customer Experience Management

    • Design an end-to-end technology strategy to drive sales revenue, enhance marketing effectiveness, and create compelling experiences for your customers.

    Bibliography

    Capers, Zach. “How the Pandemic Changed Customer Attitudes Toward Biometric Technology.” GetApp, 21 Feb. 2022. Accessed Nov. 2022.

    Gomez, Jenny. “The Good, the Bad, and the Ugly: A History of Customer Service.” Lucidworks, 15 Jul. 2021. Accessed Nov. 2022.

    Hoory. “History of Customer Service: How Did It All Begin?” Hoory, 24 Mar. 2022. Accessed Nov. 2022.

    Patel, Snigdha. “Top 10 Customer Service Technology Trends to Follow in 2022.” Reve Chat, 21 Feb. 2021. Accessed Nov. 2022.

    RingCentral. “The 2020 Customer Communications Review: A Survey of How Consumers Prefer to Communicate with Businesses.” RingCentral, 2020. Accessed Nov. 2022.

    Robinson-Yu, Sarah. “What is a Knowledgebase? How Can It Help my Business?” Vanilla, 25 Feb. 2022. Accessed Nov. 2022.

    Salesforce. “The Complete History of CRM.” Salesforce, n.d. Accessed Nov. 2022.

    Salesforce. “State of the Connected Customer.” 5th ed. Salesforce, 2022. Accessed Nov. 2022.

    Sprinklr. “How AzkoNobel UK Reduced Response Times and Increased Engagement.” Sprinklr, 2021. Accessed Nov. 2022.

    Vermes, Krystle. “Study: 70% of Marketers Using Advanced Personalization Seeing 200% ROI.” KoMarketing, 2 Jun. 2020. Accessed Nov. 2022.

    Research Contributors and Experts

    Colin Taylor, CEO, The Taylor Research Group

    Colin Taylor
    CEO
    The Taylor Reach Group

    Recognized as one of the leading contact/call center pioneers and experts, Colin has received 30 awards on two continents for excellence in contact center management and has been acknowledged as a leader and influencer on the topics of call/contact centers, customer service, and customer experience, in published rankings on Huffington Post, Call Center Helper, and MindShift. Colin was recognized as number 6 in the global 100 for customer service.

    The Taylor Reach Group is a contact center, call center and customer experience (CX) consultancy specializing in CX consulting and call and contact center consulting, management, performance, technologies, site selection, tools, training development and center leadership training, center audits, benchmarking, and assessments.

    David Thomas, Customer Service Specialist, Freedom Mobile

    David Thomas
    Customer Service Specialist
    Freedom Mobile

    David Thomas has both managerial and hands-on experience with delivering quality service to Freedom Mobile customers. With several years being involved in training customer support and being at the forefront of retail during the pandemic, David has witnessed first-hand how to incentivize staff with the right metrics that create positive experiences for both staff and customers.

    Freedom Mobile Inc. is a Canadian wireless telecommunications provider owned by Shaw Communications. It has 6% market share of Canada, mostly in urban areas of Ontario, British Columbia, and Alberta. Freedom Mobile is the fourth-largest wireless carrier in Canada.

    A special thanks to three other anonymous contributors, all based in customer support and contact center roles for Canada’s National Park Booking Systems’ software provider.

    Define the Role of Project Management in Agile and Product-Centric Delivery

    • Buy Link or Shortcode: {j2store}352|cart{/j2store}
    • member rating overall impact: 9.0/10 Overall Impact
    • member rating average dollars saved: $3,000 Average $ Saved
    • member rating average days saved: 2 Average Days Saved
    • Parent Category Name: Development
    • Parent Category Link: /development
    • There are many voices with different opinions on the role of project management. This causes confusion and unnecessary churn.
    • Project management and product management naturally align to different time horizons. Harmonizing their viewpoints can take significant work.
    • Different parts of the organization have diverse views on how to govern and fund pieces of work, which leads to confusion when it comes to the role of project management.

    Our Advice

    Critical Insight

    There is no one-size-fits-all approach to product delivery. For many organizations product delivery requires detailed project management practices, while for others it requires much less. Taking an outcome-first approach when planning your product transformation is critical to make the right decision on the balance between project and product management.

    Impact and Result

    • Get alignment on the definition of projects and products.
    • Understand the differences between delivering projects and delivering products.
    • Line up your project management activities with the needs of Agile and product-centric projects.
    • Understand how funding can change when moving away from project-centric delivery.

    Define the Role of Project Management in Agile and Product-Centric Delivery Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define the Role of Project Management in Agile and Product-Centric Delivery – A guide that walks you through how to define the role of project management in product-centric and Agile delivery environments.

    The activities in this research will guide you through clarifying how you want to talk about projects and products, aligning project management and agility, specifying the different activities for project management, and identifying key differences with funding of products instead of projects.

    • Define the Role of Project Management in Agile and Product-Centric Delivery Storyboard
    [infographic]

    Further reading

    Define the Role of Project Management in Agile and Product-Centric Delivery

    Projects and products are not mutually exclusive.

    Table of Contents

    3 Analyst Perspective

    4 Executive Summary

    7 Step 1.1: Clarify How You Want to Talk About Projects and Products

    13 Step 1.2: Align Project Management and Agility

    16 Step 1.3: Specify the Different Activities for Project Management

    20 Step 1.4: Identify Key Differences in Funding of Products Instead of Projects

    25 Where Do I Go Next?

    26 Bibliography

    Analyst Perspective

    Project management still has an important role to play!

    When moving to more product-centric delivery practices, many assume that projects are no longer necessary. That isn’t necessarily the case!

    Product delivery can mean different things to different organizations, and in many cases it can involve the need to maintain both projects and project delivery.

    Projects are a necessary vehicle in many organizations to drive value delivery, and the activities performed by project managers still need to be done by someone. It is the form and who is involved that will change the most.

    Photo of Ari Glaizel, Practice Lead, Applications Delivery and Management, Info-Tech Research Group.

    Ari Glaizel
    Practice Lead, Applications Delivery and Management
    Info-Tech Research Group

    Executive Summary

    Your Challenge
    • Organizations are under pressure to align the value they provide with the organization’s goals and overall company vision.
    • In response, they are moving to more product-centric delivery practices.
    • Previously, project managers focused on the delivery of objectives through a project, but changes in delivery practices result in de-emphasizing this. What should project managers should be doing?
    Common Obstacles
    • There are many voices with different opinions on the role of project management. This causes confusion and unnecessary churn.
    • Project management and product management naturally align to different time horizons. Harmonizing their viewpoints can take significant work.
    • Different parts of the organization have very specific views on how to govern and fund pieces of work, which leads to confusion about the role of project management.
    Info-Tech’s Approach
    • Get alignment on the definition of projects and products.
    • Understand the differences between delivering projects and products.
    • Line up your project management activities with the needs of Agile and product-centric projects.
    • Understand how funding can change when moving away from project-centric delivery.

    Info-Tech Insight

    There is no one-size-fits-all approach to product delivery. For many organizations product delivery requires detailed project management practices, while for others it requires much less. Taking an outcome-first approach when planning your product transformation is critical to make the right decision on the balance between project and product management.

    Your evolution of delivery practice is not a binary switch

    1. PROJECTS WITH WATERFALL The project manager is accountable for delivery of the project, and the project manager owns resources and scope.
    2. PROJECTS WITH AGILE DELIVERY A transitional state where the product owner is accountable for feature delivery and the project manager accountable for the overall project.
    3. PRODUCTS WITH AGILE PROJECT AND OPERATIONAL DELIVERY The product owner is accountable for the delivery of the project and products, and the project manager plays a role of facilitator and enabler.
    4. PRODUCTS WITH AGILE DELIVERY Delivery of products can happen without necessarily having projects. However, projects could be instantiated to cover major initiatives.

    Info-Tech Insight

    • Organizations do not need to go to full product and Agile delivery to improve delivery practices! Every organization needs to make its own determination on how far it needs to go. You can do it in one step or take each step and evaluate how well you are delivering against your goals and objectives.
    • Many organizations will go to Products With Agile Project and Operational Delivery, and some will go to Products With Agile Delivery.

    Activities to undertake as you transition to product-centric delivery

    1. PROJECTS WITH WATERFALL
      • Clarify how you want to talk about projects and products. The center of the conversation will start to change.
    2. PROJECTS WITH AGILE DELIVERY
      • Align project management and agility. They are not mutually exclusive (but not necessarily always aligned).
    3. PRODUCTS WITH AGILE PROJECT AND OPERATIONAL DELIVERY
      • Specify the different activities for project management. As you mature your product practices, project management becomes a facilitator and collaborator.
    4. PRODUCTS WITH AGILE DELIVERY
      • Identify key differences in funding. Delivering products instead of projects requires a change in the focus of your funding.

    Step 1.1

    Clarify How You Want to Talk About Projects and Products

    Activities
    • 1.1.1 Define “product” and “project” in your context
    • 1.1.2 Brainstorm potential changes in the role of projects as you become Agile and product-centric

    This step involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Outcomes of this step

    • An understanding of how the role can change through the evolution from project to more product-centric practices

    Definition of terms

    Project

    “A temporary endeavor undertaken to create a unique product, service, or result. The temporary nature of projects indicates a beginning and an end to the project work or a phase of the project work. Projects can stand alone or be part of a program or portfolio.” (PMBOK, PMI)
    Stock image of an open head with a city for a brain.

    Product

    “A tangible solution, tool, or service (physical or digital) that enables the long-term and evolving delivery of value to customers and stakeholders based on business and user requirements.” (Deliver on Your Digital Product Vision, Info-Tech Research Group)

    Info-Tech InsightLet these definitions be a guide, not necessarily to be taken verbatim. You need to define these terms in your context based on your particular needs and objectives. The only caveat is to be consistent with your usage of these terms in your organization.

    1.1.1 Define “product” and “project” in your context

    30-60 minutes

    Output: Your enterprise/organizational definition of products and projects

    Participants: Executives, Product/project managers, Applications teams

    1. Discuss what “product” and “project” mean in your organization.
    2. Create common, enterprise-wide definitions for “product” and “project.”
    3. Screenshot of the previous slide's definitions of 'Project' and 'Product'.

    Agile and product management does not mean projects go away

    Diagram laying out the roadmap for 'Continuous delivery of value'. Beginning with 'Projects With Agile Delivery' in which Projects with features and services end in a Product Release that is disconnected from the continuum. Then the 'Products With Agile Project and Operational Delivery' and 'Products With Agile Delivery' which are connected by a 'Product Roadmap' and 'Product Backlog' have Product Releases that connect to the continuum.

    Projects Within Products

    Regardless of whether you recognize yourself as a “product-based” or “project-based” shop, the same basic principles should apply.

    You go through a period or periods of project-like development to build or implement a version of an application or product.

    You also have parallel services along with your project development that encompass the more product-based view. These may range from basic support and maintenance to full-fledged strategy teams or services like sales and marketing.

    Info-Tech Note

    As your product transformation continues, projects can become optional and needed only as part of your organization’s overall delivery processes

    Identify the differences between a project-centric and a product-centric organization

    Project Product
    Fund projects — Funding –› Fund teams
    Line-of-business sponsor — Prioritization –› Product owner
    Project owner — Accountability –› Product owner
    Makes specific changes to a product —Product management –› Improves product maturity and support of the product
    Assignment of people to work — Work allocation –› Assignment of work to product teams
    Project manager manages — Capacity management –› Team manages

    Info-Tech Insight

    Product delivery requires significant shifts in the way you complete development and implementation work and deliver value to your users. Make the changes that support improving end-user value and enterprise alignment.

    1.1.2 Brainstorm potential changes in the role of projects as you become Agile and product-centric

    5-10 minutes

    Output: Increased appreciation of the relationship between project and product delivery

    Participants: Executives, Product/project managers, Applications teams

    • Discuss as a group:
      • What stands out in the evolution from project to product?
      • What concerns do you have with the change?
      • What will remain the same?
      • Which changes feel the most impactful?
      • Screenshot of the slide's 'Continuous delivery of value' diagram.

    Step 1.2

    Align Project Management and Agility

    Activities
    • 1.2.1 Explore gaps in Agile/product-centric delivery of projects

    This step involves the following participants:

    • Executives
    • Product/Project managers
    • Applications teams

    Outcomes of this step

    • A clearer view of how agility can be introduced into projects.

    Challenges with the project management role in Agile and product-centric organizations

    Many project managers feel left out in the cold. That should not be the case!

    In product-centric, Agile teams, many roles that a project manager previously performed are now taken care of to different degrees by the product owner, delivery team, and process manager.

    The overall change alters the role of project management from one that orchestrates all activities to one that supports, monitors, and escalates.

    Product Owner
    • Defines the “what” and heavily involved in the “when” and the “why”
    • Accountable for delivery of value
    Delivery team members
    • Define the “how”
    • Accountable for building and delivering high-quality deliverables
    • Can include roles like user experience, interaction design, business analysis, architecture
    Process Manager
    • Facilitates the other teams to ensure valuable delivery
    • Can potentially, in a Scrum environment, play the scrum master role, which involves leading scrums, retrospectives, and sprint reviews and working to resolve team issues and impediments
    • Evolves into more of a facilitator and communicator role

    1.2.1 Explore gaps in Agile/ product-centric delivery of projects

    5-10 minutes

    Output: An assessment of what is in the way to effectively deliver on Agile and product-focused projects

    Participants: Executives, Product/project managers, Applications teams

    • Discuss as a group:
      • What project management activities do you see in Agile/product roles?
      • What gaps do you see?
      • How can project management help Agile/product teams be successful?

    Step 1.3

    Specify the Different Activities for Project Management

    Activities
    • 1.3.1 Articulate the changes in a project manager’s role

    This step involves the following participants:

    • Executives
    • Product/Project managers
    • Applications teams

    Outcomes of this step

    • An understanding of the role of project management in an Agile and product context

    Kicking off the project

    Product-centric delivery still requires key activities to successfully deliver value. Where project managers get their information from does change.

    Stock photo of many hands grabbing a 2D rocketship.
    Project Charter

    Project managers should still define a charter and capture the vision and scope. The vision and high-level scope is primarily defined by the product owner.

    Key Stakeholders and Communication

    Clearly defining stakeholders and communication needs is still important. However, they are defined based on significant input and cues by the product owner.

    Standardizing on Tools and Processes

    To ensure consistency across projects, project managers will want to align tools to how the team manages their backlog and workflow. This will smooth communication about status with stakeholders.

    Info-Tech Insight

    1. Product management plays a similar role to the one that was traditionally filled by the project sponsor except for a personal accountability to the product beyond the life of the project.
    2. When fully transitioned to product-centric delivery, these activities could be replaced by a product canvas. See Deliver on Your Digital Product Vision for more information.

    During the project: Three key activities

    The role of project management evolves from a position of ownership to a position of communication, collaboration, and coordination.

    1. Support
      • Communicate Agile/product team needs to leadership
      • Liaise and co-ordinate for non-Agile/product-focused parts of the organization
      • Coach members of the team
    2. Monitoring
      • Regular status updates to PMO still required
      • Metrics aligned with Agile/product practices
      • Leverage similar tooling and approaches to what is done locally on Agile/product teams (if possible)
    3. Escalation
      • Still a key escalation point for roadblocks that go outside the product teams
      • Collaborate closely with Agile/product team leadership and scrum masters (if applicable)
    Cross-section of a head, split into three levels with icons representing the three steps detailed on the left, 'Support', 'Monitoring', and 'Escalation'.

    1.3.1: Articulate the changes in a project manager’s role

    5-10 minutes

    Output: Current understanding of the role of project management in Agile/product delivery

    Participants: Executives, Product/project managers, Applications teams

    Why is this important?

    Project managers still have a role to play in Agile projects and products. Agreeing to what they should be doing is critical to successfully moving to a product-centric approach to delivery.

    • Review how Info-Tech views the role of project management at project initiation and during the project.
    • Review the state of your Agile and product transformation, paying special attention to who performs which roles.
    • Discuss as a group:
      • What are the current activities of project managers in your organization?
      • Based on how you see delivery practices evolving, what do you see as the new role of project managers when it comes to Agile-centric and product-centric delivery.

    Step 1.4

    Identify Key Differences in Funding of Products Instead of Projects

    Activities
    • 1.4.1 Discuss traditional versus product-centric funding methods

    This step involves the following participants:

    • Executives
    • Product owners
    • Product managers
    • Project managers
    • Delivery managers

    Outcomes of this step

    • Identified differences in funding of products instead of projects

    Planning and budgeting for products and families

    Reward for delivering outcomes, not features

    Autonomy

    Icon of a diamond.

    Fund what delivers value

    Fund long-lived delivery of value through products (not projects).

    Give autonomy to the team to decide exactly what to build.

    Flexibility

    Icon of a dollar sign.

    Allocate iteratively

    Allocate to a pool based on higher-level business case.

    Provide funds in smaller amounts to different product teams and initiatives based on need.

    Arrow cycling right in a clockwise motion.



    Arrow cycling left in a clockwise motion.

    Accountability

    Icon of a target.

    Measure and adjust

    Product teams define metrics that contribute to given outcomes.

    Track progress and allocate more (or less) funds as appropriate.

    Stock image of two suited hands exchanging coins.

    Info-Tech Insight

    Changes to funding require changes to product and Agile practices to ensure product ownership and accountability.

    (Adapted from Bain & Company)

    Budgeting approaches must evolve as you mature your product operating environment

    TRADITIONAL PROJECTS WITH WATERFALL DELIVERY TRADITIONAL PROJECTS WITH AGILE DELIVERY PRODUCTS WITH AGILE PROJECT DELIVERY PRODUCTS WITH AGILE DELIVERY

    WHEN IS THE BUDGET TRACKED?

    Budget tracked by major phases Budget tracked by sprint and project Budget tracked by sprint and project Budget tracked by sprint and release

    HOW ARE CHANGES HANDLED?

    All change is by exception Scope change is routine; budget change is by exception Scope change is routine; budget change is by exception Budget change is expected on roadmap cadence

    WHEN ARE BENEFITS REALIZED?

    Benefits realization post project completion Benefits realization ongoing throughout the life of the project Benefits realization ongoing throughout the life of the product Benefits realization ongoing throughout life of the product

    WHO DRIVES?

    Project Manager
    • Project team delivery role
    • Refines project scope, advocates for changes in the budget
    • Advocates for additional funding in the forecast
    Product Owner
    • Project team delivery role
    • Refines project scope, advocates for changes in the budget
    • Advocates for additional funding in the forecast
    Product Manager
    • Product portfolio team role
    • Forecasting new initiatives during delivery to continue to drive value throughout the life of the product
    Product Manager
    • Product family team role
    • Forecasting new initiatives during delivery to continue to drive value throughout the life of the product
    ˆ ˆ
    Hybrid Operating Environments

    Info-Tech Insight

    As you evolve your approach to product delivery, you will be decoupling the expected benefits, forecast, and budget. Managing them independently will improve your ability adapt to change and drive the right outcomes!

    1.4.1 Discuss traditional versus product-centric funding methods

    30 minutes

    Output: Understanding of funding principles and challenges

    Participants: Executives, Product owners, Product managers, Project managers, Delivery managers

    1. Discuss how projects are currently funded.
    2. Review how the Agile/product funding models differ from how you currently operate.
    3. What changes do you need to consider to support a product delivery model?
    4. For each change, identify the key stakeholders and list at least one action to take.

    Case Study

    Global Digital Financial Services Company

    This financial services company looked to drive better results by adopting more product-centric practices.

    • Its projects exhibited:
      • High complexity/strong dependencies between components
      • High implementation effort
      • High clarification/reconciliation (more than two departments involved)
      • Multiple methodologies (Agile/Waterfall/Hybrid)
    • The team recognized they could not get rid of projects entirely, but getting to a level where there was a coordinated delivery between projects and products being implemented is important.
    Results
    • Moving several initiatives to more product-centric practices allowed for:
      • Delivery within current assigned capacity
      • Limited need for coordination across departments
      • Lower complexity
      • A unified Agile approach to delivery
    • Through balancing the needs of projects and products, there were three key insights about the project management’s role:
      • The role of project management changes depending on the context of the work. There is no one-size-fits-all definition.
      • Project management played a much bigger role when work spanned multiple products and business units.
      • Project management was used as a key coordinator when delivery became complicated and multilayered.
    Example of a company where practices fall equally into 'Project' and 'Product' categories, with some being shared by both.
    Example of a product-centric company where practices fall mainly into the 'Product category', leaving only one in 'Project'.

    Where Do I Go Next?

    Deliver on Your Digital Product Vision

    • Build a product vision your organization can take from strategy through execution.

    Build a Better Product Owner

    • Strengthen the product owner role in your organization by focusing on core capabilities and proper alignment.

    Implement Agile Practices That Work

    • Improve collaboration and transparency with the business to minimize project failure.

    Implement DevOps Practices That Work

    • Streamline business value delivery through the strategic adoption of DevOps practices.

    Prepare an Actionable Roadmap for Your PMO

    • Turn planning into action with a realistic PMO timeline.

    Deliver Digital Products at Scale

    • Deliver value at the scale of your organization through defining enterprise product families.

    Extend Agile Practices Beyond IT

    • Further the benefits of Agile by extending a scaled Agile framework to the business.

    Spread Best Practices With an Agile Center of Excellence

    • Facilitate ongoing alignment between Agile teams and the business with a set of targeted service offerings.

    Tailor IT Project Management Processes to Fit Your Projects

    • Spend less time managing processes and more time delivering results.

    Bibliography

    Cobb, Chuck. “Are there Project Managers in Agile?” High Impact Project Management, n.d. Web.

    Cohn, Mike. “What Is a Product?” Mountain Goat Software, 6 Sept. 2016. Web.

    Cobb, Chuck. “Agile Project Manager Job Description.” High Impact Project Management, n.d. Web.

    “How do you define a product?” Scrum.org, 4 April 2017. Web.

    Johnson, Darren, et al. “How to Plan and Budget for Agile at Scale.” Bain & Company, 8 Oct. 2019. Web.

    “Product Definition.” SlideShare, uploaded by Mark Curphey, 25 Feb. 2007. Web.

    Project Management Institute. A Guide to the Project Management Body of Knowledge (PMBOK Guide). 7th ed., Project Management Institute, 2021.

    Schuurman, Robbin. “Scrum Master vs Project Manager – An Overview of the Differences.” Scrum.org, 11 Feb 2020. Web.

    Schuurman, Robbin. “Product Owner vs Project Manager.” Scrum.org, 12 March 2020. Web.

    Vlaanderen, Kevin. “Towards Agile Product and Portfolio Management.” Academia.edu, 2010. Web.

    “What is a Developer in Scrum?” Scrum.org, n.d. Web.

    “What is a Scrum Master?” Scrum.org, n.d. Web.

    “What is a Product Owner?” Scrum.org, n.d. Web.

    Build a Software Quality Assurance Program

    • Buy Link or Shortcode: {j2store}284|cart{/j2store}
    • member rating overall impact: 9.6/10 Overall Impact
    • member rating average dollars saved: $20,972 Average $ Saved
    • member rating average days saved: 14 Average Days Saved
    • Parent Category Name: Testing, Deployment & QA
    • Parent Category Link: /testing-deployment-and-qa
    • Today’s rapidly scaling and increasingly complex products create mounting pressure on delivery teams to release new systems and changes quickly and with sufficient quality.
    • Many organizations lack the critical capabilities and resources needed to satisfy their growing testing backlog, risking product success.

    Our Advice

    Critical Insight

    • Testing is often viewed as a support capability rather than an enabler of business growth. It receives focus and investment only when it becomes a visible problem.
    • The rise in security risks, aggressive performance standards, constantly evolving priorities, and misunderstood quality policies further complicate QA as it drives higher expectations for effective practices.
    • QA starts with good requirements. Tests are only as valuable as the requirements they are validating and verifying. Early QA improves the accuracy of downstream tests and reduces costs of fixing defects late in delivery.
    • Quality is an organization-wide accountability. Upstream work can have extensive ramifications if all roles are not accountable for the decisions they make.
    • Quality must account for both business and technical requirements. Valuable change delivery is cemented in a clear understanding of quality from both business and IT perspectives.

    Impact and Result

    • Standardize your definition of a product. Come to an organizational agreement of what attributes define a high-quality product. Accommodate both business and IT perspectives in your definition.
    • Clarify the role of QA throughout your delivery pipeline. Indicate where and how QA is involved throughout product delivery. Instill quality-first thinking in each stage of your pipeline to catch defects and issues early.
    • Structure your test design, planning, execution, and communication practices to better support your quality definition and business and IT environments and priorities. Adopt QA good practices to ensure your tests satisfy your criteria for a high-quality and successful product.

    Build a Software Quality Assurance Program Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should build a strong foundation for quality, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define your QA process

    Standardize your product quality definition and your QA roles, processes, and guidelines according to your business and IT priorities.

    • Build a Strong Foundation for Quality – Phase 1: Define Your QA Process
    • Test Strategy Template

    2. Adopt QA good practices

    Build a solid set of good practices to define your defect tolerances, recognize the appropriate test coverage, and communicate your test results.

    • Build a Strong Foundation for Quality – Phase 2: Adopt QA Good Practices
    • Test Plan Template
    • Test Case Template
    [infographic]

    Workshop: Build a Software Quality Assurance Program

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Your QA Process

    The Purpose

    Discuss your quality definition and how quality is interpreted from both business and IT perspectives.

    Review your case for strengthening your QA practice.

    Review the standardization of QA roles, processes, and guidelines in your organization.

    Key Benefits Achieved

    Grounded understanding of quality that is accepted across IT and between the business and IT.

    Clear QA roles and responsibilities.

    A repeatable QA process that is applicable across the delivery pipeline.

    Activities

    1.1 List your QA objectives and metrics.

    1.2 Adopt your foundational QA process.

    Outputs

    Quality definition and QA objectives and metrics.

    QA guiding principles, process, and roles and responsibilities.

    2 Adopt QA Good Practices

    The Purpose

    Discuss the practices to reveal the sufficient degree of test coverage to meet your acceptance criteria, defect tolerance, and quality definition.

    Review the technologies and tools to support the execution and reporting of your tests.

    Key Benefits Achieved

    QA practices aligned to industry good practices supporting your quality definition.

    Defect tolerance and acceptance criteria defined against stakeholder priorities.

    Identification of test scenarios to meet test coverage expectations.

    Activities

    2.1 Define your defect tolerance.

    2.2 Model and prioritize your tests.

    2.3 Develop and execute your QA activities.

    2.4 Communicate your QA activities.

    Outputs

    Defect tolerance levels and courses of action.

    List of test cases and scenarios that meet test coverage expectations.

    Defined test types, environment and data requirements, and testing toolchain.

    Test dashboard and communication flow.

    Design Data-as-a-Service

    • Buy Link or Shortcode: {j2store}129|cart{/j2store}
    • member rating overall impact: 9.5/10 Overall Impact
    • member rating average dollars saved: $1,007 Average $ Saved
    • member rating average days saved: 31 Average Days Saved
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management
    • Lack of a consistent approach in accessing internal and external data within the organization and sharing data with third parties.
    • Data consumed by most organizations lacks proper data quality, data certification, standards tractability, and lineage.
    • Organizations are looking for guidance in terms of readily accessible data from others and data that can be shared with others or monetized.

    Our Advice

    Critical Insight

    • Despite data being everywhere, most organizations struggle to find accurate, trustworthy, and meaningful data when required.
    • Connecting to data should be as easy as connecting to the internet. This is achievable if all organizations start participating in the data marketplace ecosystem by leveraging a Data-as-a-Service (DaaS) framework.

    Impact and Result

    • Data marketplaces facilitate data sharing between the data producer and the data consumer. The data product must be carefully designed to truly benefit in today’s connected data ecosystem.
    • Follow Info-Tech’s step-by-step approach to establish your DaaS framework:
      1. Understand Data Ecosystem
      2. Design Data Products
      3. Establish DaaS framework

    Design Data-as-a-Service Research & Tools

    Start here – Read the Executive Brief

    Read our concise Executive Brief to find out why you should design Data-as-a-Service (DaaS), review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Understand data ecosystem

    Provide clear benefits of adopting the DaaS framework and solid rationale for moving towards a more connected data ecosystem and avoiding data silos.

    • Design Data-as-a-Service – Phase 1: Understand Data Ecosystem

    2. Design data product

    Leverage design thinking methodology and templates to document your most important data products.

    • Design Data-as-a-Service – Phase 2: Design Data Product

    3. Establish a DaaS framework

    Capture internal and external data sources critical to data products success for the organization and document an end-to-end DaaS framework.

    • Design Data-as-a-Service – Phase 3: Establish a DaaS Framework
    [infographic]

    Workshop: Design Data-as-a-Service

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Data Marketplace and DaaS Explained

    The Purpose

    The purpose of this module is to provide a clear understanding of the key concepts such as data marketplace, data sharing, and data products.

    Key Benefits Achieved

    This module will provide clear benefits of adopting the DaaS framework and solid rationale for moving towards a more connected data ecosystem and avoiding data silos.

    Activities

    1.1 Review the business context

    1.2 Understand the data ecosystem

    1.3 Draft products ideas and use cases

    1.4 Capture data product metrics

    Outputs

    Data product ideas

    Data sharing use cases

    Data product metrics

    2 Design Data Product

    The Purpose

    The purpose of this module is to leverage design thinking methodology and templates to document the most important data products.

    Key Benefits Achieved

    Data products design that incorporates end-to-end customer journey and stakeholder map.

    Activities

    2.1 Create a stakeholder map

    2.2 Establish a persona

    2.3 Data consumer journey map

    2.4 Document data product design

    Outputs

    Data product design

    3 Assess Data Sources

    The Purpose

    The purpose of this module is to capture internal and external data sources critical to data product success.

    Key Benefits Achieved

    Break down silos by integrating internal and external data sources

    Activities

    3.1 Review the conceptual data model

    3.2 Map internal and external data sources

    3.3 Document data sources

    Outputs

    Internal and external data sources relationship map

    4 Establish a DaaS Framework

    The Purpose

    The purpose of this module is to document end-to-end DaaS framework.

    Key Benefits Achieved

    End-to-end framework that breaks down silos and enables data product that can be exchanged for long-term success.

    Activities

    4.1 Design target state DaaS framework

    4.2 Document DaaS framework

    4.3 Assess the gaps between current and target environments

    4.4 Brainstorm initiatives to develop DaaS capabilities

    Outputs

    Target DaaS framework

    DaaS initiative

    Craft a Customer-Driven Market Strategy With Unbiased Data

    • Buy Link or Shortcode: {j2store}611|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Selection & Implementation
    • Parent Category Link: /selection-and-implementation
    • Market strategies are informed by gut feel and endless brainstorming instead of market data to take their product from concept to customer.
    • Hiring independent market research firms results in a lack of unbiased third-party data. Research firms tell vendors what they want to hear instead of offering an agnostic view of software trends.
    • Dissatisfied customers don’t tell you directly why they are leaving, so there is no feedback loop back into product improvements.
    • Often a market strategy is built after a product is developed to force the product’s fit in the market. The product marketing team has no say in the product vision or future improvements.

    Our Advice

    Critical Insight

    • Adopt the 5 P’s to building a winning market strategy: Proposition, Product, Pricing, Placement, and Promotion.
    • You can’t be everything to everyone. Testing your proposition in the market to see what sticks is a risky move. Promise future value using past successes by gaining a deeper understanding of which customers and submarkets truly align to your product.
    • Customers have learned to avoid shiny new objects but still expect rapid feature releases. Differentiating features require a closer look at the underpinning vendor capabilities. Having intentional feature releases requires a feedback loop into the product roadmap and increases influence by the product marketing team.
    • Price transparency and sensitivity should drive what you offer to customers. Negotiating solely on price is a race to the bottom.

    Impact and Result

    • Leverage this report to gain insights on the software selection process and what top vendors do best.
    • Gain a bird’s-eye view on customer purchasing behavior using over 40,000 data points on satisfaction and importance collected directly from the source.
    • Build a winning market strategy influenced by real customer data that drives vendor success.

    Craft a Customer-Driven Market Strategy With Unbiased Data Research & Tools

    Read the storyboard

    Read our storyboard to find out why you should leverage SoftwareReviews data to craft your market strategy, review Info-Tech’s methodology, and understand unbiased customer data on software purchasing triggers.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Craft a Customer-Driven Market Strategy With Unbiased Data Storyboard
    [infographic]

    Maximize the Benefits from Enterprise Applications with a Center of Excellence

    • Buy Link or Shortcode: {j2store}367|cart{/j2store}
    • member rating overall impact: 10.0/10 Overall Impact
    • member rating average dollars saved: $129,465 Average $ Saved
    • member rating average days saved: 12 Average Days Saved
    • Parent Category Name: Optimization
    • Parent Category Link: /optimization
    • Processes pertaining to managing the application are inconsistent and do not drive excellence.
    • There is a lack of interdepartmental collaboration between different teams pertaining to the application.
    • There are no formalized roles and responsibilities for governance and support around enterprise applications.

    Our Advice

    Critical Insight

    • Scale the Center of Excellence (CoE) based on business needs. There is flexibility in how extensively the CoE methodology is applied and rigidity in how consistently it should be used.
    • The CoE is a refinery. It takes raw inputs from the business and produces an enhanced product, removing waste and isolating it from re-entering day-to-day operations.
    • Excellence is about people as much as it is about process. Documented best practices should include competencies, key resources, and identified champions to advocate the CoE practice.

    Impact and Result

    • Formalize roles and responsibilities for all application initiatives.
    • Develop a standard process of governance and oversight surrounding the application.
    • Develop a comprehensive support network that consists of IT, the business, and external stakeholders to address issues and problem areas surrounding the application.

    Maximize the Benefits from Enterprise Applications with a Center of Excellence Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should establish a Center of Excellence for your enterprise application, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Create a vision for the CoE

    Understand the importance of developing an enterprise application CoE, define its scope, and identify key stakeholders.

    • Maximize the Benefits from Enterprise Applications with a Center of Excellence – Phase 1: Create a Vision for the Center of Excellence
    • Enterprise Application Center of Excellence Project Charter

    2. Design the CoE future state

    Gather high-level requirements to determine the ideal future state.

    • Maximize the Benefits from Enterprise Applications with a Center of Excellence – Phase 2: Design the Center of Excellence Future State
    • Center of Excellence Refinery Model Template

    3. Develop a CoE roadmap

    Assess the required capabilities to reach the ideal state CoE.

    • Maximize the Benefits from Enterprise Applications with a Center of Excellence – Phase 3: Develop a Center of Excellence Roadmap
    • Center of Excellence Exceptions Report
    • Track and Measure Benefits Tool
    • Enterprise Application Center of Excellence Stakeholder Presentation Template
    [infographic]

    Workshop: Maximize the Benefits from Enterprise Applications with a Center of Excellence

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Create a Vision for the CoE

    The Purpose

    Understand the importance of developing a CoE for enterprise applications.

    Determine how to best align the CoE mandate with business objectives.

    Complete a CoE project charter to gain buy-in, build a project team, and track project success. 

    Key Benefits Achieved

    Key stakeholders identified.

    Project team created with defined roles and responsibilities.

    Project charter finalized to gain buy-in.

    Activities

    1.1 Evaluate business needs and priorities.

    1.2 Identify key stakeholders and the project team.

    1.3 Align CoE with business priorities.

    1.4 Map current state CoE.

    Outputs

    Project vision

    Defined roles and responsibilities

    Strategic alignment of CoE and the business

    CoE current state schematic

    2 Design the CoE Future State

    The Purpose

    Gain a thorough understanding of pains related to the lack of application governance.

    Identify and recycle existing CoE practices.

    Visualize the CoE enhancement process.

    Visualize your ideal state CoE. 

    Key Benefits Achieved

    Requirements to strengthen the case for the enterprise application CoE.

    CoE value-add refinery.

    Future potential of the CoE.

    Activities

    2.1 Gather requirements.

    2.2 Map the CoE enhancement process.

    2.3 Sketch future state CoE.

    Outputs

    Classified pains, opportunities, and existing practices

    CoE refinery model

    Future state CoE sketch

    3 Develop a CoE Roadmap

    The Purpose

    Assess required capabilities and resourcing.

    List and prioritize CoE initiatives.

    Track and monitor CoE performance. 

    Key Benefits Achieved

    Next steps for the enterprise application CoE.

    CoE resourcing plan.

    CoE benefits realization tracking.

    Activities

    3.1 Build CoE capabilities.

    3.2 Identify risks and mitigation efforts.

    3.3 Prioritize and track CoE initiatives.

    3.4 Finalize stakeholder presentation.

    Outputs

    CoE potential capabilities

    Risk management plan

    CoE initiatives roadmap

    CoE stakeholder presentation

    Passwordless Authentication

    • Buy Link or Shortcode: {j2store}466|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: End-User Computing
    • Parent Category Link: /end-user-computing
    • Stakeholders believe that passwords are still good enough.
    • You don’t know how the vendor products match to the capabilities you need to offer.
    • What do you need to test when you prototype these new technologies?
    • What associated processes/IT domains will be impacted or need to be considered?

    Our Advice

    Critical Insight

    Passwordless is the right direction even if it’s not your final destination.

    Impact and Result

    • Be able to handle objections from those who believe passwords are still “fine.”
    • Prioritize the capabilities you need to offer the enterprise, and match them to products/features you can buy from vendors.
    • Integrate passwordless initiatives with other key functions (cloud, IDaM, app rationalization, etc.).

    Passwordless Authentication Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Passwordless Authentication – Know when you’ve been beaten!

    Back in 2004 we were promised "the end of passwords" – why, then, are we still struggling with them today?

    • Passwordless Authentication Storyboard
    [infographic]

    Further reading

    Passwordless Authentication

    Know when you've been beaten!

    Executive Summary

    Your Challenge

    • The IT world is an increasingly dangerous place.
    • Every year literally billions of credentials are compromised and exposed on the internet.
    • The average employee has between 27 and 191 passwords to manage.
    • The line between business persona and personal persona has been blurred into irrelevancy.
    • You need a method of authenticating users that is up to these challenges

    Common Obstacles

    • Legacy systems aside (wouldn't that be nice) this still won't be easy.
    • Social inertia – passwords worked before, so surely, they can still work today! Besides, users don't want to change.
    • Analysis paralysis – I don't want to get this wrong! How do I choose something that is going to be at the core of my infrastructure for the next 10 years?
    • Identity management – how can you fix authentication when people have multiple usernames?

    Info-Tech's Approach

    • Inaction is not an option.
    • Most commercial, off-the-shelf apps are moving to a SaaS model, so start your efforts with them.
    • Your existing vendors already have technologies you are underusing or ignoring – stop that!
    • Your users want this change – they just might not know it yet…
    • Much like zero trust network access, the journey is more important than the destination. Incremental steps on the path toward passwordless authentication will still yield significant benefits.

    Info-Tech Insight

    Users have been burdened with unrealistic expectations when it comes to their part in maintaining enterprise security. Given the massive rise in the threat landscape, it is time for Infrastructure to adopt a user-experience-based approach if we want to move the needle on improving security posture.

    Password Security Fallacy

    "If you buy the premise…you buy the bit."
    Johnny Carson

    We've had plenty of time to see this coming.

    Why haven't we done something?

    • Passwords are a 1970s construct.
    • End-users are complexity averse.
    • Credentials are leaked all the time.
    • New technologies will defeat even the most complex passwords.

    Build the case, both to business stakeholders and end users, that "password" is not a synonym for "security."

    Be ready for some objection handling!

    This is an image of Bill Gates and Gavin Jancke at the 2004 RSA Conference in San Francisco, CA

    Image courtesy of Microsoft

    RSA Conference, 2004
    San Francisco, CA

    "There is no doubt that over time, people are going to rely less and less on passwords. People use the same password on different systems, they write them down and they just don't meet the challenge for anything you really want to secure."
    Bill Gates

    What about "strong" passwords?

    There has been a password arms race going on since 1988

    A massive worm attack against ARPANET prompted the initial research into password strength

    Password strength can be expressed as a function of randomness or entropy. The greater the entropy the harder for an attacker to guess the password.

    This is an image of Table 1 from Google Cloud Solutions Architects.  it shows the number of bits of entropy for a number of Charsets.

    Table: Modern password security for users
    Ian Maddox and Kyle Moschetto, Google Cloud Solutions Architects

    From this research, increasing password complexity (length, special characters, etc.) became the "best practice" to secure critical systems.

    How many passwords??

    XKCD Comic #936 (published in 2011)

    This is an image of XKCD Comic # 936.

    Image courtesy of Randall Munroe XKCD Comics (CC BY-NC 2.5)

    It turns out that humans however are really bad at remembering complex passwords.

    An Intel study (2016) suggested that the average enterprise employee needed to remember 27 passwords. A more recent study from LastPass puts that number closer to 191.

    PEBKAC
    Problem Exists Between Keyboard and Chair

    Increasing entropy is the wrong way to fight this battle – which is good because we'd lose anyway.

    Over the course of a single year, researchers at the University of California, Berkeley identified and tracked nearly 2 billion compromised credentials.

    3.8 million were obtained via social engineering, another 788K from keyloggers. That's approx. 250,000 clear text credentials harvested every week!

    The entirety of the password ecosystem has significant vulnerabilities in multiple areas:

    • Unencrypted server- and client-side storage
    • Sharing
    • Reuse
    • Phishing
    • Keylogging
    • Question-based resets

    Even the 36M encrypted credentials compromised every week are just going to be stored and cracked later.

    Source: Google, University of California, Berkeley, International Computer Science Institute

     data-verified=22B hash/s">

    Image courtesy of NVIDIA, NVIDIA Grace

    • Current GPUs (2021) have 200+ times more cracking power than CPU systems.

    <8h 2040-bit RSA Key

    Image: IBM Quantum System One (CES 2020) by IBM Research is licensed under CC BY-ND 2.0

    • Quantum computing can smash current encryption methods.
    • Google engineers have demonstrated techniques that reduce the number of qubits required from 1B to a mere 20 million

    Enabling Technologies

    "Give me a place to stand, and a lever long enough, and I will move the world."
    Archimedes

    Technology gives us (too many) options

    The time to prototype is NOW!

    Chances are you are already paying for one or more of these technologies from a current vendor:

    • SSO, password managers
    • Conditional access
    • Multifactor
    • Hardware tokens
    • Biometrics
    • PINs

    Address all three factors of authentication

    • Something the user knows
    • Something the user has
    • Something the user is

    Global Market of $12.8B
    ~16.7% CAGR
    Source: Report Linker, 2022.

    Focus your prototype efforts in four key testing areas

    • Deployment
    • User adoption/training
    • Architecture (points of failure)
    • Disaster recovery

    Three factors for positive identification

    Passwordless technologies focus on alternate authentication factors to supplement or replace shared secrets.

    Knows: A secret shared between the user and the system; Has: A token possessed by the user and identifiable as unique by the system; Is: A distinctive and repeatable attribute of the user sampled by the system

    Something you know

    Shared secrets have well-known significant modern-day problems, but only when used in isolation. For end users, consider time-limited single use options, password managers, rate-limited login attempts, and reset rather than retrieval requests. On the system side, never forget strong cryptographic hashing along with a side of salt and pepper when storing passwords.

    Something you have

    A token (now known as a cryptographic identification device) such as a pass card, fob, smartphone, or USB key that is expected to be physically under the control of the user and is uniquely identifiable by the system. Easily decoupled in the event the token is lost, but potentially expensive and time-consuming to reprovision.

    Something you are or do

    Commonly referred to as biometrics, there are two primary classes. The first is measurable physical characteristics of the user such as a fingerprint, facial image, or retinal scan. The second class is a series of behavioral traits such as expected location, time of day, or device. These traits can be linked together in a conditional access policy.

    Unlike other authentication factors, biometrics DO NOT provide for exact matches and instead rely on a confidence interval. A balance must be struck against the user experience of false negatives and the security risk of a false positive.

    Prototype testing criteria

    Deployment

    Does the solution support the full variety of end-user devices you have in use?

    Can the solution be configured with your existing single sign-on or central identity broker?

    User Experience

    Users already want a better experience than passwords.

    What new behavior are you expecting (compelling) from the user?

    How often and under what conditions will that behavior occur?

    Architecture

    Where are the points of failure in the solution?

    Consider technical elements like session thresholds for reauthorization, but also elements like automation and self-service.

    Disaster Recovery

    Understand the exact responsibilities Infra&Ops have in the event of a system or user failure.

    As many solutions are based in the public cloud, manage stakeholder expectations accordingly.

    Next Steps

    "Move the goalposts…and declare victory."
    Informal Fallacy (yet very effective…)

    It is more a direction than a destination…

    Get the easy wins in the bank and then lay the groundwork for the long campaign ahead.

    You're not going to get to a passwordless world overnight. You might not even get there for many years. But an agile approach to the journey ensures you will realize value every step of the way:

    • Start in the cloud:
    • Choose a single sign-on platform such as Azure Active Directory, Okta, Auth0, AWS IAM, TruSONA, HYPR, or others. Document Your Cloud Strategy.
    • Integrate the SaaS applications from your portfolio with your chosen platform.
    • Establish visibility and rationalize identity management:
      • Accounts with elevated privileges present the most risk – evaluate your authentication factors for these accounts first.
      • There is elegance (and deployment success) in Simplifying Identity & Access Management.
    • Pay your tech debt:

    Fast IDentity Online (2) is now part of the web's DNA and is critical for digital transformation

    • IoT
    • Anywhere remote work
    • Government identity services
    • Digital wallets

    Bibliography

    "Backup Vs. Archiving: Know the Difference." Open-E. Accessed 05 Mar 2022.Web.
    G, Denis. "How to Build Retention Policy." MSP360, Jan 3, 2020. Accessed 10 Mar 2022.
    Ipsen, Adam. "Archive Vs. Backup: What's the Difference? A Definition Guide." BackupAssist, 28 Mar 2017. Accessed 04 Mar 2022.
    Kang, Soo. "Mitigating the Expense of E-Discovery; Recognizing the Difference Between Back-Ups and Archived Data." Zasio Enterprises, 08 Oct 2015. Accessed 3 Mar 2022.
    Mayer, Alex. "The 3-2-1 Backup Rule – An Efficient Data Protection Strategy." Naviko. Accessed 12 Mar 2022.
    Steel, Amber. "LastPass Reveals 8 Truths about Passwords in the New Password Exposé." LastPass Blog, 1 Nov. 2017. Web.
    "The Global Passwordless Authentication Market Size Is Estimated to Be USD 12.79 Billion in 2021 and Is Predicted to Reach USD 53.64 Billion by 2030 With a CAGR of 16.7% From 2022-2030." Report Linker, 9 June 2022. Web.
    "What Is Data-Archiving?" Proofpoint. Accessed 07 Mar 2022.

    Map Technical Skills for a Changing Infrastructure & Operations Organization

    • Buy Link or Shortcode: {j2store}333|cart{/j2store}
    • member rating overall impact: 10.0/10 Overall Impact
    • member rating average dollars saved: 5 Average Days Saved
    • member rating average days saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • Parent Category Name: Strategy and Organizational Design
    • Parent Category Link: /strategy-and-organizational-design
    • Infrastructure & Operations is changing rapidly. It’s a constant challenge to find the right skills to support the next new technology while at the same time maintaining the skills in house that allow you to support your existing platforms.
    • A lack of clarity around required skills makes finding the right skills difficult, and it’s not clear whether you should train, hire, contract, or outsource to address gaps.
    • You need to keep up with changes and new strategy while continuing to support your existing environment.

    Our Advice

    Critical Insight

    • Take a strategic approach to acquiring skills – looking only as far as the needs of the next project will lead to a constant skills shortage with no plan for it to be addressed.
    • Begin by identifying your future state. Identify needed skills in the organization to support planned projects and initiatives, and to mitigate skills-related risks.

    Impact and Result

    • Leverage your infrastructure roadmap and cloud strategy to identify needed skills in your future state environment.
    • Decide how you’ll acquire needed skills based on the characteristics of need for each skill.
    • Communicate the change and create a plan of action for the skills transformation.

    Map Technical Skills for a Changing Infrastructure & Operations Organization Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should map technical skills for a changing Infrastructure & Operations organization, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify skills needs for the future state environment

    Identify what skills are needed based on where the organization is going.

    • Map Technical Skills for a Changing Infrastructure & Operations Organization – Phase 1: Identify Skills Needs for Your Future State Environment
    • Future State Playbook
    • IT/Cloud Solutions Architect
    • IT/Cloud Engineer
    • IT/Cloud Administrator
    • IT/Cloud Demand Billing & Accounting Analyst

    2. Acquire needed skills

    Ground skills acquisition decisions in the characteristics of need.

    • Map Technical Skills for a Changing Infrastructure & Operations Organization – Phase 2: Acquire Needed Skills
    • Technical Skills Map

    3. Maximize the value of the skills map

    Get stakeholder buy-in; leverage the skills map in other processes.

    • Map Technical Skills for a Changing Infrastructure & Operations Organization – Phase 3: Maximize the Value of Your Skills Map
    • Technical Skills Map Communication Deck Template
    [infographic]

    Workshop: Map Technical Skills for a Changing Infrastructure & Operations Organization

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Review Initiatives and Skills-Related Risks

    The Purpose

    Identify process and skills changes required by the future state of your environment.

    Key Benefits Achieved

    Set foundation for alignment between strategy-defined technology initiatives and needed skills.

    Activities

    1.1 Review the list of initiatives and projects with the group.

    1.2 Identify how key support, operational, and deployment processes will change through planned initiatives.

    1.3 Identify skills-related risks and pain points.

    Outputs

    Future State Playbook

    2 Identify Needed Skills and Roles

    The Purpose

    Identify process and skills changes required by the future state of your environment.

    Key Benefits Achieved

    Set foundation for alignment between strategy-defined technology initiatives and needed skills.

    Activities

    2.1 Identify skills required to support the new environment.

    2.2 Map required skills to roles.

    Outputs

    IT/Cloud Architect Role Description

    IT/Cloud Engineer Role Description

    IT/Cloud Administrator Role Description

    3 Create a Plan to Acquire Needed Skills

    The Purpose

    Create a skills acquisition strategy based on the characteristics of need.

    Key Benefits Achieved

    Optimal skills acquisition strategy defined.

    Activities

    3.1 Modify impact scoring scale for key skills decision factors.

    3.2 Apply impact scoring scales to needed skills

    3.3 Decide whether to train, hire, contract, or outsource to acquire needed skills.

    Outputs

    Technical Skills Map

    4 Develop a Communication Plan

    The Purpose

    Create an effective communication plan for different stakeholders across the organization.

    Identify opportunities to leverage the skills map elsewhere.

    Key Benefits Achieved

    Create a concise, clear, consistent, and relevant change message for stakeholders across the organization.

    Activities

    4.1 Review skills decisions and decide how you will acquire skills in each role.

    4.2 Update roles descriptions.

    4.3 Create a change message.

    4.4 Identify opportunities to leverage the skills map in other processes.

    Outputs

    Technical Skills Map Communication Deck

    Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan

    • Buy Link or Shortcode: {j2store}378|cart{/j2store}
    • member rating overall impact: 7.3/10 Overall Impact
    • member rating average dollars saved: $10,756 Average $ Saved
    • member rating average days saved: 9 Average Days Saved
    • Parent Category Name: Governance, Risk & Compliance
    • Parent Category Link: /governance-risk-compliance
    • The demand for qualified cybersecurity professionals far exceeds supply. As a result, organizations are struggling to protect their data against the evolving threat landscape.
    • It is a constant challenge to know what skills will be needed in the future, and when and how to acquire them.

    Our Advice

    Critical Insight

    • Plan for the inevitable. All industries are expected to be affected by the talent gap in the coming years. Plan ahead to address your organization’s future needs.
    • Base skills acquisition decisions on the five key factors to define skill needs. Create an impact scale for the five key factors (data criticality, durability, availability, urgency, and frequency) that reflects your organizational strategy, initiatives, and pressures.
    • A skills gap will always exist to some degree. The threat landscape is constantly changing, and your workforce’s skill sets must evolve as well.

    Impact and Result

    • Organizations must align their security initiatives to talent requirements such that business objectives are achieved and the business is cyber ready.
    • Identify if there are skill gaps in your current workforce.
    • Decide how you’ll acquire needed skills based on characteristics of need for each skill.

    Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should develop a technical skills acquisition strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify skill needs for target state

    Identify what skills will be needed in your future state.

    • Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan – Phase 1: Identity Skill Needs for Target State
    • Security Initiative Skills Guide
    • Skills Gap Prioritization Tool

    2. Identify technical skill gaps

    Align role requirements with future initiative skill needs.

    • Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan – Phase 2: Identify Technical Skill Gaps
    • Current Workforce Skills Assessment
    • Technical Skills Workbook
    • Information Security Compliance Manager
    • IT Security Analyst
    • Chief Information Security Officer
    • Security Administrator
    • Security Architect

    3. Develop a sourcing plan for future work roles

    Acquire skills based on the impact of the five key factors.

    • Close the InfoSec Skills Gap: Develop a Skills Sourcing Plan for Future Work Roles – Phase 3: Develop a Sourcing Plan for Future Work Roles
    [infographic]

    Workshop: Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify Skill Needs for Target State

    The Purpose

    Determine the skills needed in your workforce and align them to your organization’s security roadmap.

    Key Benefits Achieved

    Insight on what skills your organization will need in the future.

    Activities

    1.1 Understand the importance of aligning security initiatives skill needs with workforce requirements.

    1.2 Identify needed skills for future initiatives.

    1.3 Prioritize the initiative skill gaps.

    Outputs

    Security Initiative Skills Guide

    Skills Gap Prioritization Tool

    2 Define Technical Skill Requirements

    The Purpose

    Identify and create technical skill requirements for key work roles that are needed to successfully execute future initiatives.

    Key Benefits Achieved

    Increased understanding of the NICE Cybersecurity Workforce Framework.

    Standardization of technical skill requirements of current and future work roles.

    Activities

    2.1 Assign work roles to the needs of your future environment.

    2.2 Discuss the NICE Cybersecurity Workforce Framework.

    2.3 Develop technical skill requirements for current and future work roles.

    Outputs

    Skills Gap Prioritization Tool

    Technical Skills Workbook

    Current Workforce Skills Assessment

    3 Acquire Technical Skills

    The Purpose

    Assess your current workforce against their role’s skill requirements.

    Discuss five key factors that aid acquiring skills.

    Key Benefits Achieved

    A method to acquire skills in future roles.

    Activities

    3.1 Continue developing technical skill requirements for current and future work roles.

    3.2 Conduct Current Workforce Skills Assessment.

    3.3 Discuss methods of acquiring skills.

    3.4 Develop a plan to acquire skills.

    Outputs

    Technical Skills Workbook

    Current Workforce Skills Assessment

    Current Workforce Skills Assessment

    Technical Skills Workbook

    Current Workforce Skills Assessment

    Technical Skills Workbook

    Current Workforce Skills Assessment

    4 Plan to Execute Action Plan

    The Purpose

    Assist with communicating the state of the skill gap in your organization.

    Key Benefits Achieved

    Strategy on how to acquire skills needs of the organization.

    Activities

    4.1 Review skills acquisition plan.

    4.2 Discuss training and certification opportunities for staff.

    4.3 Discuss next steps for closing the skills gap.

    4.4 Debrief.

    Outputs

    Technical Skills Workbook

    Build a Robust and Comprehensive Data Strategy

    • Buy Link or Shortcode: {j2store}120|cart{/j2store}
    • member rating overall impact: 9.3/10 Overall Impact
    • member rating average dollars saved: $46,734 Average $ Saved
    • member rating average days saved: 29 Average Days Saved
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management
    • The volume and variety of data that organizations have been collecting and producing have been growing exponentially and show no sign of slowing down.
    • At the same time, business landscapes and models are evolving, and users and stakeholders are becoming more and more data centric, with maturing expectations and demands.

    Our Advice

    Critical Insight

    • As the CDO or equivalent data leader in your organization, a robust and comprehensive data strategy is the number one tool in your toolkit for delivering on your mandate of creating measurable business value from data.
    • A data strategy should never be formulated disjointed from the business. Ensure the data strategy aligns with the business strategy and supports the business architecture.
    • Building and fostering a data-driven culture will accelerate and sustain adoption of, appetite for, and appreciation for data and hence drive the ROI on your various data investments.

    Impact and Result

    • Formulate a data strategy that stitches all of the pieces together to better position you to unlock the value in your data:
      • Establish the business context and value: Identify key business drivers for executing on an optimized data strategy, build compelling and relevant use cases, understand your organization’s culture and appetite for data, and ensure you have well-articulated vision, principles, and goals for your data strategy
      • Ensure you have a solid data foundation: Understand your current data environment, data management enablers, people, skill sets, roles, and structure. Know your strengths and weakness so you can optimize appropriately.
      • Formulate a sustainable data strategy: Round off your strategy with effective change management and communication for building and fostering a data-driven culture.

    Build a Robust and Comprehensive Data Strategy Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Data Strategy Research – A step-by-step document to facilitate the formulation of a data strategy that brings together the business context, data management foundation, people, and culture.

    Data should be at the foundation of your organization’s evolution. The transformational insights that executives and decision makers are constantly seeking to leverage can be unlocked with a data strategy that makes high-quality, trusted, and relevant data readily available to the users who need it.

    • Build a Robust and Comprehensive Data Strategy – Phases 1-3

    2. Data Strategy Stakeholder Interview Guide and Findings – A template to support you in your meetings or interviews with key stakeholders as you work on understanding the value of data within the various lines of business.

    This template will help you gather insights around stakeholder business goals and objectives, current data consumption practices, the types or domains of data that are important to them in supporting their business capabilities and initiatives, the challenges they face, and opportunities for data from their perspective.

    • Data Strategy Stakeholder Interview Guide and Findings

    3. Data Strategy Use Case Template – An exemplar template to demonstrate the business value of your data strategy.

    Data strategy optimization anchored in a value proposition will ensure that the data strategy focuses on driving the most valuable and critical outcomes in support of the organization’s enterprise strategy. The template will help you facilitate deep-dive sessions with key stakeholders for building use cases that are of demonstrable value not only to their relevant lines of business but also to the wider organization.

    • Data Strategy Use Case Template

    4. Chief Data Officer – A job description template that includes a detailed explication of the responsibilities and expectations of a CDO.

    Bring data to the C-suite by creating the Chief Data Officer role. This position is designed to bridge the gap between the business and IT by serving as a representative for the organization's data management practices and identifying how the organization can leverage data as a competitive advantage or corporate asset.

    • Chief Data Officer

    5. Data Strategy Document Template – A structured template to plan and document your data strategy outputs.

    Use this template to document and formulate your data strategy. Follow along with the sections of the blueprint Build a Robust and Comprehensive Data Strategy and complete the template as you progress.

    • Data Strategy Document Template
    [infographic]

    Workshop: Build a Robust and Comprehensive Data Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish Business Context and Value: Understand the Current Business Environment

    The Purpose

    Establish the business context for the business strategy.

    Key Benefits Achieved

    Substantiates the “why” of the data strategy.

    Highlights the organization’s goals, objectives, and strategic direction the data must align with.

    Activities

    1.1 Data Strategy 101

    1.2 Intro to Tech’s Data Strategy Framework

    1.3 Data Strategy Value Proposition: Understand stakeholder’s strategic priorities and the alignment with data

    1.4 Discuss the importance of vision, mission, and guiding principles of the organization’s data strategy

    1.5 Understand the organization’s data culture – discuss Data Culture Survey results

    1.6 Examine Core Value Streams of Business Architecture

    Outputs

    Business context; strategic drivers

    Data strategy guiding principles

    Sample vision and mission statements

    Data Culture Diagnostic Results Analysis

    2 Business-Data Needs Discovery: Key Business Stakeholder Interviews

    The Purpose

    Build use cases of demonstrable value and understand the current environment.

    Key Benefits Achieved

    An understanding of the current maturity level of key capabilities.

    Use cases that represent areas of concern and/or high value and therefore need to be addressed.

    Activities

    2.1 Conduct key business stakeholder interviews to initiate the build of high-value business-data cases

    Outputs

    Initialized high-value business-data cases

    3 Understand the Current Data Environment & Practice: Analyze Data Capability and Practice Gaps and Develop Alignment Strategies

    The Purpose

    Build out a future state plan that is aimed at filling prioritized gaps and that informs a scalable roadmap for moving forward on treating data as an asset.

    Key Benefits Achieved

    A target state plan, formulated with input from key stakeholders, for addressing gaps and for maturing capabilities necessary to strategically manage data.

    Activities

    3.1 Understand the current data environment: data capability assessment

    3.2 Understand the current data practice: key data roles, skill sets; operating model, organization structure

    3.3 Plan target state data environment and data practice

    Outputs

    Data capability assessment and roadmapping tool

    4 Align Business Needs with Data Implications: Initiate Roadmap Planning and Strategy Formulation

    The Purpose

    Consolidate business and data needs with consideration of external factors as well as internal barriers and enablers to the success of the data strategy. Bring all the outputs together for crafting a robust and comprehensive data strategy.

    Key Benefits Achieved

    A consolidated view of business and data needs and the environment in which the data strategy will be operationalized.

    An analysis of the feasibility and potential risks to the success of the data strategy.

    Activities

    4.1 Analyze gaps between current- and target-state

    4.2 Initiate initiative, milestone and RACI planning

    4.3 Working session with Data Strategy Owner

    Outputs

    Data Strategy Next Steps Action Plan

    Relevant data strategy related templates (example: data practice patterns, data role patterns)

    Initialized Data Strategy on-a-Page

    Further reading

    Build a Robust and Comprehensive Data Strategy

    Key to building and fostering a data-driven culture.

    ANALYST PERSPECTIVE

    Data Strategy: Key to helping drive organizational innovation and transformation

    "In the dynamic environment in which we operate today, where we are constantly juggling disruptive forces, a well-formulated data strategy will prove to be a key asset in supporting business growth and sustainability, innovation, and transformation.

    Your data strategy must align with the organization’s business strategy, and it is foundational to building and fostering an enterprise-wide data-driven culture."

    Crystal Singh,

    Director – Research and Advisory

    Info-Tech Research Group

    Our understanding of the problem

    This Research is Designed For:

    • Chief data officers (CDOs), chief architects, VPs, and digital transformation directors and CIOs who are accountable for ensuring data can be leveraged as a strategic asset of the organization.

    This Research Will Help You:

    • Put a strategy in place to ensure data is available, accessible, well integrated, secured, of acceptable quality, and suitably visualized to fuel decision making by the organizations’ executives.
    • Align data management plans and investments with business requirements and the organization’s strategic plans.
    • Define the relevant roles for operationalizing your data strategy.

    This Research Will Also Assist:

    • Data architects and enterprise architects who have been tasked with supporting the formulation or optimization of the organization’s data strategy.
    • Business leaders creating plans for leveraging data in their strategic planning and business processes.
    • IT professionals looking to improve the environment that manages and delivers data.

    This Research Will Help Them:

    • Get a handle on the current situation of data within the organization.
    • Understand how the data strategy and its resulting initiatives will affect the operations, integration, and provisioning of data within the enterprise.

    Executive Summary

    Situation

    • The volume and variety of data that organizations have been collecting and producing have been growing exponentially and show no sign of slowing down. At the same time, business landscapes and models are evolving, and users and stakeholders are becoming more and more data centric, with maturing and demanding expectations.

    Complication

    • As organizations pivot in response to industry disruptions and changing landscapes, a reactive and piecemeal approach leads to data architectures and designs that fail to deliver real and measurable value to the business.
    • Despite the growing focus on data, many organizations struggle to develop a cohesive business-driven strategy for effectively managing and leveraging their data assets.

    Resolution

    Formulate a data strategy that stitches all of the pieces together to better position you to unlock the value in your data:

    • Establish the business context and value: Identify key business drivers for executing on an optimized data strategy, build compelling and relevant use cases, understand your organization’s culture and appetite for data, and ensure you have well-articulated vision, principles, and goals for your data strategy.
    • Ensure you have a solid data foundation: Understand your current data environment, data management enablers, people, skill sets, roles, and structure. Know your strengths and weakness so you can optimize appropriately.
    • Formulate a sustainable data strategy: Round off your strategy with effective change management and communication for building and fostering a data-driven culture.

    Info-Tech Insight

    1. As the CDO or equivalent data leader in your organization, a robust and comprehensive data strategy is the number one tool in your toolkit for delivering on your mandate of creating measurable business value from data.
    2. A data strategy should never be formulated disjointed from the business. Ensure the data strategy aligns with the business strategy and supports the business architecture.
    3. Building and fostering a data-driven culture will accelerate and sustain adoption of, appetite for, and appreciation for data and hence drive the ROI on your various data investments.

    Why do you need a data strategy?

    Your data strategy is the vehicle for ensuring data is poised to support your organization’s strategic objectives.

    The dynamic marketplace of today requires organizations to be responsive in order to gain or maintain their competitive edge and place in their industry.

    Organizations need to have that 360-degree view of what’s going on and what’s likely to happen.

    Disruptive forces often lead to changes in business models and require organizations to have a level of adaptability to remain relevant.

    To respond, organizations need to make decisions and should be able to turn to their data to gain insights for informing their decisions.

    A well-formulated and robust data strategy will ensure that your data investments bring you the returns by meeting your organization’s strategic objectives.

    Organizations need to be in a position where they know what’s going on with their stakeholders and anticipate what their stakeholders’ needs are going to be.

    Data cannot be fully leveraged without a cohesive strategy

    Most organizations today will likely have some form of data management in place, supported by some of the common roles such as DBAs and data analysts.

    Most will likely have a data architecture that supports some form of reporting.

    Some may even have a chief data officer (CDO), a senior executive who has a seat at the C-suite table.

    These are all great assets as a starting point BUT without a cohesive data strategy that stitches the pieces together and:

    • Effectively leverages these existing assets
    • Augments them with additional and relevant key roles and skills sets
    • Optimizes and fills in the gaps around your current data management enablers and capabilities for the growing volume and variety of data you’re collecting
    • Fully caters to real, high-value strategic organizational business needs

    you’re missing the mark – you are not fully leveraging the incredible value of your data.

    Cross-industry studies show that on average, less than half of an organization’s structured data is actively used in making decisions

    And, less than 1% of its unstructured data is analyzed or used at all. Furthermore, 80% of analysts' time is spent simply discovering and preparing, data with over 70% of employees having access to data they should not. Source: HBR, 2017

    Organizational drivers for a data strategy

    Your data strategy needs to align with your organizational strategy.

    Main Organizational Strategic Drivers:

    1. Stakeholder Engagement/Service Excellence
    2. Product and Service Innovations
    3. Operational Excellence
    4. Privacy, Risk, and Compliance Management

    “The companies who will survive and thrive in the future are the ones who will outlearn and out-innovate everyone else. It is no longer ‘survival of the fittest’ but ‘survival of the smartest.’ Data is the element that both inspires and enables this new form of rapid innovation.– Joel Semeniuk, 2016

    A sound data strategy is the key to unlocking the value in your organization’s data.

    Data should be at the foundation of your organization’s evolution.

    The transformational insights that executives are constantly seeking to leverage can be unlocked with a data strategy that makes high-quality, well-integrated, trustworthy, relevant data readily available to the business users who need it.

    Whether hoping to gain a better understanding of your business, trying to become an innovator in your industry, or having a compliance and regulatory mandate that needs to be met, any organization can get value from its data through a well-formulated, robust, and cohesive data strategy.

    According to a leading North American bank, “More than one petabyte of new data, equivalent to about 1 million gigabytes” is entering the bank’s systems every month. – The Wall Street Journal, 2019

    “Although businesses are at many different stages in unlocking the power of data, they share a common conviction that it can make or break an enterprise.”– Jim Love, ITWC CIO and Chief Digital Officer, IT World Canada, 2018

    Data is a strategic organizational asset and should be treated as such

    The expression “Data is an asset” or any other similar sentiment has long been heard.

    With such hype, you would have expected data to have gotten more attention in the boardrooms. You would have expected to see its value reflected on financial statements as a result of its impact in driving things like acquisition, retention, product and service development and innovation, market growth, stakeholder satisfaction, relationships with partners, and overall strategic success of the organization.

    The time has surely come for data to be treated as the asset it is.

    “Paradoxically, “data” appear everywhere but on the balance sheet and income statement.”– HBR, 2018

    “… data has traditionally been perceived as just one aspect of a technology project; it has not been treated as a corporate asset.”– “5 Essential Components of a Data Strategy,” SAS

    According to Anil Chakravarthy, who is the CEO of Informatica and has a strong vantage point on how companies across industries leverage data for better business decisions, “what distinguishes the most successful businesses … is that they have developed the ability to manage data as an asset across the whole enterprise.”– McKinsey & Company, 2019

    How data is perceived in today’s marketplace

    Data is being touted as the oil of the digital era…

    But just like oil, if left unrefined, it cannot really be used.

    "Data is the new oil." – Clive Humby, Chief Data Scientist

    Source: Joel Semeniuk, 2016

    Enter your data strategy.

    Data is being perceived as that key strategic asset in your organization for fueling innovation and transformation.

    Your data strategy is what allows you to effectively mine, refine, and use this resource.

    “The world’s most valuable resource is no longer oil, but data.”– The Economist, 2017

    “Modern innovation is now dependent upon this data.”– Joel Semeniuk, 2016

    “The better the data, the better the resulting innovation and impact.”– Joel Semeniuk, 2016

    What is it in it for you? What opportunities can data help you leverage?

    GOVERNMENT

    Leveraging data as a strategic asset for the benefit of citizens.

    • The strategic use of data can enable governments to provide higher-quality services.
    • Direct resources appropriately and harness opportunities to improve impact.
    • Make better evidence-informed decisions and better understand the impact of programs so that funds can be directed to where they are most likely to deliver the best results.
    • Maintain legitimacy and credibility in an increasingly complex society.
    • Help workers adapt and be competitive in a changing labor market.
    • A data strategy would help protect citizens from the misuse of their data.

    Source: Privy Council Office, Government of Canada, 2018

    What is it in it for you? What opportunities can data help you leverage?

    FINANCIAL

    Leveraging data to boost traditional profit and loss levers, find new sources of growth, and deliver the digital bank.

    • One bank used credit card transactional data (from its own terminals and those of other banks) to develop offers that gave customers incentives to make regular purchases from one of the bank’s merchants. This boosted the bank’s commissions, added revenue for its merchants, and provided more value to the customer (McKinsey & Company, 2017).
    • In terms of enhancing productivity, a bank used “new algorithms to predict the cash required at each of its ATMs across the country and then combined this with route-optimization techniques to save money” (McKinsey & Company, 2017).

    A European bank “turned to machine-learning algorithms that predict which currently active customers are likely to reduce their business with the bank.” The resulting understanding “gave rise to a targeted campaign that reduced churn by 15 percent” (McKinsey & Company, 2017).

    A leading Canadian bank has built a marketplace around their data – they have launched a data marketplace where they have productized the bank’s data. They are providing data – as a product – to other units within the bank. These other business units essentially represent internal customers who are leveraging the product, which is data.

    Through the use of data and advanced analytics, “a top bank in Asia discovered unsuspected similarities that allowed it to define 15,000 microsegments in its customer base. It then built a next-product-to-buy model that increased the likelihood to buy three times over.” Several sets of big data were explored, including “customer demographics and key characteristics, products held, credit-card statements, transaction and point-of-sale data, online and mobile transfers and payments, and credit-bureau data” (McKinsey & Company, 2017).

    What is it in it for you? What opportunities can data help you leverage?

    HEALTHCARE

    Leveraging data and analytics to prevent deadly infections

    The fifth-largest health system in the US and the largest hospital provider in California uses a big data and advanced analytics platform to predict potential sepsis cases at the earliest stages, when intervention is most helpful.

    Using the Sepsis Bio-Surveillance Program, this hospital provider monitors 120,000 lives per month in 34 hospitals and manages 7,500 patients with potential sepsis per month.

    Collecting data from the electronic medical records of all patients in its facilities, the solution uses natural language processing (NLP) and a rules engine to continually monitor factors that could indicate a sepsis infection. In high-probability cases, the system sends an alarm to the primary nurse or physician.

    Since implementing the big data and predictive analytics system, this hospital provider has seen a significant improvement in the mortality and the length of stay in ICU for sepsis patients.

    At 28 of the hospitals which have been on the program, sepsis mortality rates have dropped an average of 5%.

    With patients spending less time in the ICU, cost savings were also realized. This is significant, as sepsis is the costliest condition billed to Medicare, the second costliest billed to Medicaid and the uninsured, and the fourth costliest billed to private insurance.

    Source: SAS, 2019

    What is it in it for you? What opportunities can data help you leverage?

    RETAIL

    Leveraging data to better understand customer preferences, predict purchasing, drive customer experience, and optimize supply and demand planning.

    Netflix is an example of a big brand that uses big data analytics for targeted advertising. With over 100 million subscribers, the company collects large amounts of data. If you are a subscriber, you are likely familiar with their suggestions messages of the next series or movie you should catch up on. These suggestions are based on your past search data and watch data. This data provides Netflix with insights into your interests and preferences for viewing (Mentionlytics, 2018).

    “For the retail industry, big data means a greater understanding of consumer shopping habits and how to attract new customers.”– Ron Barasch, Envestnet | Yodlee, 2019

    The business case for data – moving from platitudes to practicality

    When building your business case, consider the following:

    • What is the most effective way to communicate the business case to executives?
    • How can CDOs and other data leaders use data to advance their organizations’ corporate strategy?
    • What does your data estate look like? Are you looking to leverage and drive value from your semi-structured and unstructured data assets?
    • Does your current organizational culture support a data-driven one? Does the organization have a history of managing change effectively?
    • How do changing privacy and security expectations alter the way businesses harvest, save, use, and exchange data?

    “We’re the converted … We see the value in data. The battle is getting executive teams to see it our way.”– Ted Maulucci, President of SmartONE Solutions Inc. IT World Canada, 2018

    Where do you stack up? What is your current data management maturity?

    Info-Tech’s IT Maturity Ladder denotes the different levels of maturity for an IT department and its different functions. What is the current state of your data management capability?

    Innovator - Transforms the Business. Business Partner - Expands the Business. Trusted Operator - Optimizes the Business. Firefighter - Supports the Business. Unstable - Struggles to Support.

    Info-Tech Insight

    You are best positioned to successfully execute on a data strategy if you are currently at or above the Trusted Operator level. If you find yourself still at the Unstable or Firefighter stage, your efforts are best spent on ensuring you can fulfill your day-to-day data and data management demands. Improving this capability will help build a strong data management foundation.

    Guiding principles of a data strategy

    Value of Clearly Defined Data Principles

    • Guiding principles help define the culture and characteristics of your practice by describing your beliefs and philosophy.
    • Guiding principles act as the heart of your data strategy, helping to shape initiative plans and day-to-day behaviors related to the use and treatment of the organization’s data assets.

    “Organizational culture can accelerate the application of analytics, amplify its power, and steer companies away from risky outcomes.”– McKinsey, 2018

    Build a Robust and Comprehensive Data Strategy

    Business Strategy and Current Environment connect with the Data Strategy. Data Strategy includes: Organizational Drivers and Data Value, Data Strategy Objectives and Guiding Principles, Data Strategy Vision and Mission, Data Strategy Roadmap, People: Roles and Organizational Structure, Data Culture and Data Literacy, Data Management and Tools, Risk and Feasibility.

    Follow Info-Tech’s methodology for effectively leveraging the value out of your data

    Some say it’s the new oil. Or the currency of the new business landscape. Others describe it as the fuel of the digital economy. But we don’t need platitudes — we need real ways to extract the value from our data. – Jim Love, CIO and Chief Digital Officer, IT World Canada, 2018

    1. Business Context. 2. Data and Resources Foundation. 3. Effective Data Strategy

    Our practical step-by-step approach helps you to formulate a data strategy that delivers business value.

    1. Establish Business Context and Value: In this phase, you will determine and substantiate the business drivers for optimizing the data strategy. You will identify the business drivers that necessitate the data strategy optimization and examine your current organizational data culture. This will be key to ensuring the fruits of your optimization efforts are being used. You will also define the vision, mission, and guiding principles and build high-value use cases for the data strategy.
    2. Ensure You Have a Solid Data and Resources Foundation: This phase will help you ensure you have a solid data and resources foundation for operationalizing your data strategy. You will gain an understanding of your current environment in terms of data management enablers and the required resources portfolio of key people, roles, and skill sets.
    3. Formulate a Sustainable Data Strategy: In this phase, you will bring the pieces together for formulating an effective data strategy. You will evaluate and prioritize the use cases built in Phase 1, which summarize the alignment of organizational goals with data needs. You will also create your strategic plan, considering change management and communication.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks are used throughout all four options.

    Select and Implement an IT PPM Solution

    • Buy Link or Shortcode: {j2store}440|cart{/j2store}
    • member rating overall impact: 10.0/10 Overall Impact
    • member rating average dollars saved: $125,999 Average $ Saved
    • member rating average days saved: 29 Average Days Saved
    • Parent Category Name: Portfolio Management
    • Parent Category Link: /portfolio-management
    • The number of IT project resources and the quantity of IT projects and tasks can no longer be recorded, prioritized, and tracked using non-commercial project portfolio management (PPM) solutions.
    • Your organization has attained a moderate level of PPM maturity.
    • You have sufficient financial and technical resources to purchase a commercial PPM solution.
    • There is a wide variety of commercial PPM solutions; different kinds of PPM solutions are more appropriate for organizations of a certain size and a certain PPM maturity level than others.

    Our Advice

    Critical Insight

    • Implementations of PPM solutions are often unsuccessful resulting in wasted time and resources; failing to achieve sustainable adoption of the tool is a widespread pain point.
    • The costs of PPM solutions do not end after the implementation and subscription invoices are paid. Have realistic expectations about the time required to use and maintain PPM solutions to ensure success.
    • PPM solutions help PMOs serve the organization’s core decision makers. Success depends on improved service to these stakeholders.

    Impact and Result

    • Using Info-Tech’s Vendor Landscape and PPM solution use cases, you will be able to make sense of the diversity of PPM solutions available in today’s market and choose the most appropriate solution for your organization’s size and level of PPM maturity.
    • Info-Tech’s blueprint for a PPM solution selection and implementation project will provide you with a variety of tools and templates.
    • A carefully planned out and executed selection and implementation process will help ensure your organization can maximize the value of your project portfolio and will allow the PMO to improve portfolio stakeholder satisfaction.

    Select and Implement an IT PPM Solution Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should implement a commercial PPM solution, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Launch the PPM solution project and collect requirements

    Create a PPM solution selection and implementation project charter and gather your organizations business and technical requirements.

    • Select and Implement a PPM Solution – Phase 1: Launch the PPM Solution Project and Collect Requirements
    • PPM Solution Project Charter Template
    • PPM Implementation Work Breakdown Structure
    • PPM Solution Requirements Gathering Tool
    • PPM Solution Cost-of-Use Estimation Tool
    • PPM Solution RFP Template
    • PPM Solution Success Metrics Workbook
    • PPM Solution Use-Case Fit Assessment Tool

    2. Select a PPM solution

    Select the most appropriate PPM solution for your organization by using Info-Tech’s PPM solution Vendor Landscape and use cases to help you create a vendor shortlist, produce an RFP, and establish evaluation criteria for ranking your shortlisted solutions.

    • Select and Implement a PPM Solution – Phase 2: Select a PPM Solution
    • PPM Vendor Shortlist & Detailed Feature Analysis Tool
    • PPM Solution Vendor Response Template
    • PPM Solution Evaluation & RFP Scoring Tool
    • PPM Solution Vendor Demo Script

    3. Plan the PPM solution implementation

    Plan a PPM solution implementation that will result in long-term sustainable adoption of the tool and that will allow the PMO to meet the needs of core project portfolio stakeholders.

    • Select and Implement a PPM Solution – Phase 3: Plan the PPM Solution Implementation
    [infographic]

    Workshop: Select and Implement an IT PPM Solution

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Launch the PPM Solution Project and Gather Requirements

    The Purpose

    Create a PPM solution selection and implementation project charter.

    Gather the business and technical requirements for the PPM solution.

    Establish clear and measurable success criteria for your PPM solution project.

    Key Benefits Achieved

    Comprehensive project plan

    Comprehensive and organized record of the various PPM solution requirements

    A record of PPM solution project goals and criteria that can be used in the future to establish the success of the project

    Activities

    1.1 Brainstorm, refine, and prioritize your PPM solution needs

    1.2 Stakeholder identification exercise

    1.3 Project charter work session

    1.4 Requirements gathering work session

    1.5 PPM solution success metrics workbook session

    Outputs

    High-level outline of PPM solution requirements

    Stakeholder consultation plan

    A draft project charter and action plan to fill in project charter gaps

    A draft requirements workbook and action plan to fill in requirement gathering gaps

    A PPM project success metrics workbook that can be used during and after the project

    2 Select a PPM Solution

    The Purpose

    Identify the PPM solutions that are most appropriate for your organization’s size and level of PPM maturity.

    Create a PPM solution and vendor shortlist.

    Create a request for proposal (RFP).

    Create a PPM solution scoring and evaluation tool.

    Key Benefits Achieved

    Knowledge of the PPM solution market and the various features available

    An informed shortlist of PPM vendors

    An organized and focused method for evaluating the often long and complex responses to the RFP that vendors provide

    The groundwork for an informed and defensible selection of a PPM solution for your organization

    Activities

    2.1 Assess the size of your organization and the level of PPM maturity to select the most appropriate use case

    2.2 PPM solution requirements and criteria ranking activity

    2.3 An RFP working session

    2.4 Build an RFP evaluation tool

    Outputs

    Identification of the most appropriate use case in Info-Tech’s Vendor Landscape

    A refined and organized list of the core features that will be included in the RFP

    A draft RFP with an action plan to fill in any RFP gaps

    An Excel tool that can be used to compare and evaluate vendors’ responses to the RFP

    3 Prepare for the PPM Solution Implementation

    The Purpose

    To think ahead to the eventual implementation of the solution that will occur once the selection phase is completed

    Key Benefits Achieved

    An understanding of key insights and steps that will help avoid mistakes resulting in poor adoption or PPM solutions that end up producing little tangible value

    Activities

    3.1 Outline high-level implementation stages

    3.2 Organizational change management strategy session

    3.3 A PPM project success metrics planning session

    Outputs

    High-level implementation tasks and milestones

    A RACI chart for core implementation tasks

    A high-level PPM solution implementation organizational change management strategy

    A RACI chart for core organizational change management tasks related to the PPM solution implementation

    A PPM project success metrics schedule and plan

    Create a Game Plan to Implement Cloud Backup the Right Way

    • Buy Link or Shortcode: {j2store}469|cart{/j2store}
    • member rating overall impact: 7.0/10 Overall Impact
    • member rating average dollars saved: $2,000 Average $ Saved
    • member rating average days saved: 5 Average Days Saved
    • Parent Category Name: Storage & Backup Optimization
    • Parent Category Link: /storage-and-backup-optimization
    • Cloud adoption is frequently driven by hype rather than careful consideration of the best-fit solution.
    • IT is frequently rushed into cloud adoption without appropriate planning.
    • Organizations frequently lack appropriate strategies to deal with cloud-specific backup challenges.
    • Insufficient planning for cloud backup can exacerbate problems rather than solving them, leading to poor estimates of the cost and effort involved, budget overruns, and failure to meet requirements.

    Our Advice

    Critical Insight

    • The cloud isn’t a magic bullet, but it tends to deliver the most value to organizations with specific use cases – frequently smaller organizations who are looking to avoid the cost of building or upgrading a data center.
    • Cloud backup does not necessarily reduce backup costs so much as it moves them around. Cloud backup distributes costs over a longer term. Organizations need to compare the difference in CAPEX and OPEX to determine if making the move makes financial sense.
    • The cloud can deliver a great deal of value for organizations who are looking to reduce the operational effort demanded by an existing tape library for second- or third-tier backups.
    • Data security risks in some cases may be overstated, depending on what on-premises security is available. However, targeting backup to the cloud introduces other risks that need to be considered before implementation is given the green light.

    Impact and Result

    • Understand if cloud backup is the right solution for actual organizational needs.
    • Make an informed decision about targeting backup to the cloud by considering the big picture TCO and effort level involved in adoption.
    • Have a ready strategy to mitigate the most common challenges with cloud adoption projects.
    • Develop a roadmap that lays out the required step-by-step to implement cloud backup.

    Create a Game Plan to Implement Cloud Backup the Right Way Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Understand the benefits and risks of targeting backups to the cloud

    Build a plan to mitigate the risks associated with backing data up in the cloud.

    • Storyboard: Create a Game Plan to Implement Cloud Backup the Right Way

    2. Determine if the cloud can meet the organization's data requirements

    Assess if the cloud is a good fit for your organization’s backup data.

    • Cloud Backup Implementation Game Plan Tool

    3. Mitigate the Challenges of Backing Up to the Cloud

    Build a cloud challenge contingency plan.

    4. Build a Cloud Backup Implementation Roadmap

    Perform a gap analysis to determine cloud backup implementation initiatives.

    Infographic

    Workshop: Create a Game Plan to Implement Cloud Backup the Right Way

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Evaluate the business case for targeting backup at the cloud

    The Purpose

    Understand how cloud backup will affect backup and recovery processes

    Determine backup and recovery objectives

    Assess the value proposition of cloud backup

    Key Benefits Achieved

    A high-level understanding of the benefits of moving to cloud backup

    A best-fit analysis of cloud backup in comparison to organizational needs

    Activities

    1.1 Document stakeholder goals for cloud backup

    1.2 Document present backup processes

    1.3 Document ideal backup processes

    1.4 Review typical benefits of cloud backup

    Outputs

    Documented stakeholder goals

    Current backup process diagrams

    Ideal backup process diagram

    2 Identify candidate data sets and assess opportunities and readiness

    The Purpose

    Identify candidate data sets for cloud-based backup

    Determine RPOs and RTOs for candidate data sets

    Identify potential value specific to each data set for targeting backup at the cloud

    Evaluate organizational readiness for targeting backup at the cloud

    Key Benefits Achieved

    Documented recovery objectives

    Recommendations for cloud backup based on actual organizational needs and readiness

    Activities

    2.1 Document candidate data sets

    2.2 Determine recovery point and recovery time objectives for candidate data sets

    2.3 Identify potential value of cloud-based backup for candidate data sets

    2.4 Discuss the risk and value of cloud-based backup versus an on-premises solution

    2.5 Evaluate organizational readiness for cloud backup

    2.6 Identify data sets to move to the cloud

    Outputs

    Validated list of candidate data sets

    Specific RPOs and RTOs for core data sets

    An assessment of the value of cloud backup for data sets

    A tool-based recommendation for moving backups to the cloud

    3 Mitigate the challenges of backing up to the cloud

    The Purpose

    Understand different cloud provider models and their specific risks

    Identification of how cloud backup will affect IT infrastructure and personnel

    Strategize ways to mitigate the most common challenges of implementing cloud backup

    Understand the client/vendor relationship in cloud backup

    Understand the affect of cloud backup on data security

    Key Benefits Achieved

    Verified best-fit cloud provider model for organizational needs

    Verified strategy for meeting the most common challenges for cloud-based backup

    A strong understanding of how cloud backup will change IT

    Strategies for approaching vendors to ensure a strong footing in negotiations and clear expectations for the client/vendor relationship

    Activities

    3.1 Discuss the impact of cloud backup on infrastructure and IT environment

    3.2 Create a cloud backup risk contingency plan

    3.3 Document compliance and security regulations

    3.4 Identify client and vendor responsibilities for cloud backup

    3.5 Discuss and document the impact of cloud backup on IT roles and responsibilities

    3.6 Compile a list of implementation intiatives

    3.7 Evaluate the financial case for cloud backup

    Outputs

    Cloud risk assessment

    Documented contingency strategies for probabe risks

    Negotiation strategies for dealing with vendors

    A committed go/no-go decision on the value of cloud backup weighted against the effort of implementation

    4 Build a cloud backup implementation roadmap

    The Purpose

    Create a road map for implementing cloud backup

    Key Benefits Achieved

    Determine any remaining gaps between the present state and the ideal state for cloud backup

    Understand the steps and time frame for implementing cloud backup

    Allocate roles and responsibilities for the implementation intitiative

    A validated implementation road map

    Activities

    4.1 Perform a gap analysis to generate a list of implementation intiatives

    4.2 Prioritize cloud backup initiatives

    4.3 Assess risks and dependencies for critical implementation initiatives

    4.4 Assign ownership over implementation tasks

    4.5 Determine road map time frame and structure

    4.6 Populate the roadmap with cloud backup initiatives

    Outputs

    A validated gap analysis

    A prioritized list of cloud backup initiatives

    Documented dependencies and risks associated with implementation tasks

    A roadmap for targeting backups at the cloud

    IT Organizational Design

    • Buy Link or Shortcode: {j2store}32|cart{/j2store}
    • Related Products: {j2store}32|crosssells{/j2store}
    • member rating overall impact: 9.1/10
    • member rating average dollars saved: $83,392
    • member rating average days saved: 21
    • Parent Category Name: People and Resources
    • Parent Category Link: /people-and-resources

    The challenge

    • IT can ensure full business alignment through an organizational redesign.
    • Finding the best approach for your company is difficult due to many frameworks and competing priorities.
    • External competitive influences and technological trends exacerbate this.

    Our advice

    Insight

    • Your structure is the critical enabler of your strategic direction. Structure dictates how people work together and how they can fill in their roles to create the desired business value. 
    • Constant change is killing for an organization. You need to adapt, but you need a stable baseline and make sure the change is in line with the overall strategy and company context.
    • A redesign is only successful if it really happens. Shifting people into new positions is not enough to implement a redesign. 

    Impact and results 

    • Define your redesign principles. They will act as a manifesto to your change. It also provides for a checklist, ensuring that the structure does not deviate from the business strategy.
    • Visualize the new design with a customized operating model for your company. It must demonstrate how IT creates value and supports the business value creation chains.
    • Define the future-state roles, functions, and responsibilities to enable your IT department to support the business effectively.

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Get started

    Our concise executive brief explains to you the challenges associated with the organizational redesign. We'll show you our methodology and the ways we can help you in completing this.

    Define your organizational design principles and select your operating model

    The design principles will govern your organizational redesign; Align the principles with your business strategy.

    • Redesign Your IT Organizational Structure – Phase 1: Craft Organizational Design Principles and Select an IT Operating Model (ppt)
    • Organizational Design Communications Deck (ppt)

    Customize the selected IT operating model to your company

    Your operating model must account for the company's nuances and culture.

    • Redesign Your IT Organizational Structure – Phase 2: Customize the IT Operating Model (ppt)
    • Operating Models and Capability Definition List (ppt)

    Design the target-state of your IT organizational structure

    Go from an operating model to the structure fit for your company.

    • Redesign Your IT Organizational Structure – Phase 3: Architect the Target-State IT Organizational Structure (ppt)
    • Organizational Design Capability RACI Chart (xls)
    • Work Unit Reference Structures (Visio)
    • Work Unit Reference Structures (pdf)

    Communicate the benefits of the new structure

    Change does not come easy. People will be anxious. Craft your communications to address critical concerns and obtain buy-in from the organization. If the reorganization will be painful, be up-front on that, and limit the time in which people are uncertain.

    • Redesign Your IT Organizational Structure – Phase 4: Communicate the Benefits of the New Organizational Structure (ppt)

     

    Manage the Active Directory in the Service Desk

    • Buy Link or Shortcode: {j2store}489|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Service Desk
    • Parent Category Link: /service-desk
    • Actively maintaining the Active Directory is a difficult task that only gets more difficult with issues like stale accounts and privilege creep.
    • Adding permissions without removing them in lateral transfers creates access issues, especially when regulatory requirements like HIPAA require tight controls.
    • With the importance of maintaining and granting permissions within the Active Directory, organizations are hesitant to grant domain admin access to Tier 1 of the service desk. However, inundating Tier 2 analysts with requests to grant permissions takes away project time.

    Our Advice

    Critical Insight

    • Do not treat the Active Directory like a black box. Strive for accurate data and be proactive by managing your monitoring and audit schedules.
    • Catch outage problems before they happen by splitting monitoring tasks between daily, weekly, and monthly routines.
    • Shift left to save resourcing by employing workflow automation or scripted authorization for Tier 1 technicians.
    • Design actionable metrics to monitor and manage your Active Directory.

    Impact and Result

    • Consistent and right-sized monitoring and updating of the Active Directory is key to clean data.
    • Split monitoring activities between daily, weekly, and monthly checklists to raise efficiency.
    • If need be, shift-left strategies can be implemented for identity and access management by scripting the process so that it can be done by Tier 1 technicians.

    Manage the Active Directory in the Service Desk Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should manage your Active Directory in the service desk, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Maintain your Active Directory with clean data

    Building and maintaining your Active Directory does not have to be difficult. Standardized organization and monitoring with the proper metrics help you keep your data accurate and up to date.

    • Active Directory Standard Operating Procedure
    • Active Directory Metrics Tool

    2. Structure your service desk Active Directory processes

    Build a comprehensive Active Directory workflow library for service desk technicians to follow.

    • Active Directory Process Workflows (Visio)
    • Active Directory Process Workflows (PDF)
    [infographic]

    Cookie Notice

    Gert Taeymans BV wants to inform you about our cookie notice on the Gert Taeymans BV websites via this document. Please also see the privacy policy which you can find here.

    This website is owned by Gert Taeymans BV

    Contact details:
    Gert Taeymans BV
    Koning Albertstraat 136
    2070 Burcht
    Belgium
    Company number: 0685974694
    Phone: +32 3 289 41 09
    email: gtbvba@gerttaeymans.com

    Site Scope

    The websites in scope of this notice are:

    • tymansgroup.com
    • gerttaeymans.consulting
    • gerttaeymans.site
    • gerttaeymans.audio

    Cookie Types

    We differentiate 4 types of cookies

    • Necessary cookies
      Necessary cookies help make our website usable by enabling basic functions like page navigation and access to secure areas of the website. While you can decline them, The website cannot function properly without these cookies.
    • Preferences cookies
      Preference cookies enable our website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in. They may include cookies from 3rd party providers whose content we show or reference on our site. Those cookies are outside of our control and these providers may change their terms and policies at any time.
    • Statistics cookies
      Statistic cookies help our company to understand how visitors interact with our website by collecting and reporting statistical information pseudonymously. That means that eg. your IP address is scrambled in such a way that it will always be the same upon each subsequent visit to our site, so that Google can process the visit as a return visit. This helps with basic statistics, but also is a factor in how well we rank in future searches. Many returning visitors means that you like our site and that is a ranking element.
      Due to the ECJ striking down the  EU-US Privacy Shield agreement, this leaves us with a open gap. The resulting implications and actions to take are not yet clear. However, when agreeing to statistics cookies, you agree that your data may be processed in the United States under less strict privacy laws and that your data will be exposed to all associated risks. Such risks include the US government being able to investigate you, simply for being a non-US citizen due to provision 702 of the FISA act, which they are able to do anyway, with or without the cookie. Also, the laws in the United States are less strict with regards to selling information to third parties.
    • Marketing cookies
      Marketing cookies are used to track you across websites. The intention is to display ads that are relevant and engaging for you and thereby more valuable for publishers and third party advertisers. At this point we do not allow ads to display on our site, so no third-party trackers are defined on our site. We may add a 1st party (us) tracker to our site at any time.

    Actual cookies used

    Necessary cookies (all sites in site scope)

    Name     Contents Expiration Reason for the cookie
    Session cookie (displayed as a long series of numbers and letters) The active session ID When you close your broser, clear your cookie's cache in your browser or after 60 minutes of inactivity on the site. The cookie may remain in your machine but is no longer valid after the mentioned tile of inactivity    

    The browser cookie is simply a random string of characters to identify the visitor. There are no personally identifable details in the cookie and no real data of use at all. The cookie is marked as a 'session' type of cookie, which means it will expire (be deleted automatically) when the browser is closed or cleaned by the browser after a set period of non-use; for instance, you haven't visited a page on the site that has used the cookie for 1 week. This latter case is useful for people that leave their computer running and never close their browser.

    The use of a cookie is what gives your website a short-term memory. By providing it with each request, Joomla can look up the history of the current viewing session in the database record below.

    cookieconsent_status allow 1 year This cookie stores that you have consented to the use of cookies on our site. It is there to avoid that you have to give your consent again at every page load.

    Preferences cookies

    Site Name     Contents Expiration Reason for the cookie
    gerttaeymans.consulting None at this stage N/A N/A   N/A
    tymansgroup.com None at this stage N/A N/A N/A
             
             

    Statistical cookies

    Site Name     Contents Expiration Reason for the cookie
    All Scope _ga Google Analytics type and account identifier 2 years This cookie identifies our domain (gerttaeymans.consulting) and sends visit information to Google. information may include, but not limited to: browser identifiable information, page visited, visit duration, etc. This information does not contain user identifiable information
    All Scope _gat_gtag_UA_140807308_3 Google Analytics type and account identifier 2 years This cookie also identifies our domain (gerttaeymans.consulting) and sends visit information to Google. information may include, but not limited to: browser identifiable information, page visited, visit duration, etc. This information does not contain user identifiable information
    All Scope _gid Google Analytics type and account identifier 1 day This cookie also identifies our domain (gerttaeymans.consulting) and sends visit information to Google. information may include, but not limited to: browser identifiable information, page visited, visit duration, etc. This information does not contain user identifiable information
             
             

    Marketing cookies

    Name     Contents Expiration Reason for the cookie
    None at this stage N/A N/A N/A
           
           

     

    Managing cookies

    You are not required to accept any cookies . Our cookies toolbar allows you to fine tune which cookies you accespt or want to revoke consent for. The resulting experience may however be affected by your decision not to accept cookies.

    Eg. not accepting or revoking consent for the “Necessary” category cookies will result in your inability to log into the site, even if you have previously accepted the cookies and paid for service.

    Not accepting or revoking consent for “Preference” category cookies may impede on your ability to watch instructional videos on our site, even if you have previously accepted the cookies and paid for service.

    Not accepting or revoking consent for ‘Statistical” category cookies will result in us not seeing where visitors stay longer or shorter on our site. While the immediate experience will not degrade for you, it may impede us in better understanding where we need to improve our service, thereby denying you a potentially improved experience in the future.

    Not accepting or revoking consent for “Marketing” category cookies may result in you seeing irrelevant ads, if we make the decision to allow carefully selected partners to offer their services through our site.

    Removing cookies from your device

    You can delete all cookies that are already on your device by clearing the browsing history of your browser. This will remove all cookies from all websites you have visited.

    Be aware though that you may also lose some saved information (e.g. saved login details, site preferences).

    Managing site-specific cookies

    For more detailed control over site-specific cookies, check the privacy and cookie settings in your preferred browser

    Blocking cookies

    You can set most modern browsers to prevent any cookies being placed on your device, but you may then have to manually adjust some preferences every time you visit a site/page. And some services and functionalities may not work properly at all (e.g. profile logging-in).

    Start Making Data-Driven People Decisions

    • Buy Link or Shortcode: {j2store}427|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Leadership Development Programs
    • Parent Category Link: /leadership-development-programs
    • Ninety-one percent of IT leaders believe that analytics is important for talent management but 59% use no workforce analytics at all, although those who use analytics are much more effective than those who don't.
    • The higher the level of analytics used, the higher the level of effectiveness of the department as a whole.

    Our Advice

    Critical Insight

    • You don't need advanced metrics and analytics to see a return on people data. Begin by getting a strong foundation in place and showing the ROI on a pilot project.
    • Complex analyses will never make up for inadequate data quality. Spend the time up front to audit and improve data quality if necessary, no matter which stage of analytics proficiency you are at.
    • Ensure you collect and analyze only data that is essential to your decision making. More is not better, and excess data can detract from the overall impact of analytics.

    Impact and Result

    • Build a small-scale foundational pilot, which will allow you to demonstrate feasibility, refine your costs estimate, and show the ROI on people analytics for your budgeting meeting.
    • Drive organizational change incrementally by identifying and communicating with the stakeholders for your people analytics pilot.
    • Choose basic analytics suitable for organizations of all sizes and understand the building blocks of data quality to support more further analytics down the line.

    Start Making Data-Driven People Decisions Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should strategically apply people analytics to your IT talent management.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define the problem and apply the checklist

    From choosing the right data for the right problem to evaluating your progress toward data-driven people decisions, follow these steps to build your foundation to people analytics.

    • Start Making Data-Driven People Decisions – Phase 1: Define the Problem and Apply the Checklist
    • People Analytics Strategy Template
    • Talent Metrics Library
    [infographic]

    Build Your Data Practice and Platform

    • Buy Link or Shortcode: {j2store}347|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management

    The complex nature of data investment leads to de-scoping and delivery of data services that do not meet business needs or give value to the business. Subject matter experts are hired to resolve the problem, but their success is impacted by absent architecture, technology, and organizational alignment.

    Our Advice

    Critical Insight

    Walking through a book of architecture building plans with a personal guide is cheaper and faster than employing an architect to build and design your home.

    Impact and Result

    Info-Tech's approach provides a proven methodology that includes the following:

    • Business-aligned data initiatives and capabilities that address data challenges and realize business strategic objectives.
    • Comprehensive data practice designed based on the required business and data capabilities.
    • Data platform design based on Info-Tech data architecture reference patterns and prioritized data initiatives and capabilities.

    Build Your Data Practice and Platform Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build Your Data Practice and Platform Storyboard – A step-by-step document that leverages road-tested patterns and frameworks to properly build your data practice and pattern in continuous alignment with the business landscape.

    Info-Tech's approach provides a proven methodology that includes following:   

  • Business-aligned data initiatives and capabilities that address data challenges and realize business strategic objectives.
  • Comprehensive data practices designed based on the required business and data capabilities.
    • Build Your Data Practice and Platform Storyboard

    2. Data Practice and Platform Models – Leveraging best-of-breed frameworks to help you build a clear, concise, and compelling data practice and platform.

    Data practice & platform pre-build pattern templates based on Info-Tech data reference patterns and data platform design best practices.

    • Data Practice and Platform Models

    Infographic

    Workshop: Build Your Data Practice and Platform

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish Business Context and Value

    The Purpose

    Establish business context and value.

    Key Benefits Achieved

    Business context and strategic driver.

    Activities

    1.1 Understand/confirm the organization's strategic goals

    1.2 Classify the strategic goals and map to business drivers

    1.3 Identify the business capabilities that the strategy focuses on

    1.4 Identify the business processes realizing the strategy

    Outputs

    Business context and strategic drivers

    Prioritized business capabilities and processes

    Data culture survey results analysis

    2 Identify Your Top Initiatives

    The Purpose

    Identify your top initiatives.

    Key Benefits Achieved

    High-value business-aligned data initiative.

    Activities

    2.1 Highlight data-related outcomes/goals to realize to fulfill the business goal

    2.2 Map business data initiatives to the business strategic goals

    2.3 Prioritize data initiatives

    Outputs

    High-value, business-aligned data initiatives

    3 Analyze Data Challenges

    The Purpose

    Analyze data challenges.

    Key Benefits Achieved

    Clear understanding of the data challenges.

    Activities

    3.1 Map data challenges to Info-Tech data challenges

    3.2 Review Info-Tech data capabilities based on prioritized initiatives

    3.3 Discuss data platform and practice next steps

    Outputs

    List of data challenges preventing data maturation with the organization

    4 Map Data Capability

    The Purpose

    Map data capability.

    Key Benefits Achieved

    Prioritized data capability.

    Activities

    4.1 Map data challenges to Info-Tech data challenges

    4.2 Review Info-Tech data capabilities based on prioritized initiatives

    4.3 Discuss data platform and practice next steps

    Outputs

    Required data capabilities

    Data platform and practice – plan

    Initialized data management RACI 

    Further reading

    Build Your Data Practice and Platform

    Construct a scalable data foundation

    Analyst Perspective

    Build a data practice and platform that delivers value to your organization.

    The build or optimization of your data practice and data platform must be predicated on a thorough understanding of the organization’s goals, objectives, and priorities and the business capabilities and process they are meant to support and enable.

    Formalizing your practice or constructing your platform just for the sake of doing so often results in an initiative that is lengthy, costly, fizzles out, does not deliver business value, and ends up being considered a failure.

    Leverage Info-Tech’s approach and incorporate our pre-built models and patterns to effectively navigate that crucial and often difficult phase upfront of comprehensively defining business data needs so you can ultimately realize faster time-to-delivery of your overall data practice and platform.

    Photo of Rajesh Parab, Director, Research & Advisory, Data & Analytics Practice, Info-Tech Research Group.

    Rajesh Parab
    Director, Research & Advisory, Data & Analytics Practice
    Info-Tech Research Group

    Photo of Crystal Singh, Director, Research & Advisory, Data & Analytics Practice, Info-Tech Research Group.

    Crystal Singh
    Director, Research & Advisory, Data & Analytics Practice
    Info-Tech Research Group

    Attempting to Solve Data Problems?

    Situation
    • Lack of data centric leadership results in downstream issues such as integration, quality, and accessibility.
    • The complex nature of the data and lack of understanding leads to de-scoping delivery of data services that does not meet business needs or add value.
    • Poorly designed practice and siloed platforms result in an initiative that is lengthy, costly, fizzles out, does not deliver business value, and ends up being considered a failure.
    Complication
    • Data problem: When the data problem is diagnosed, the organization adopts a tactical approach.
    • Confirmation bias: Subject matter experts (SME) are hired to resolve the poorly defined problem, but the success of the SME is impacted by lack of architecture, technology, and organizational alignment.
    • Still no value: The selected tactical approach does not provide a solid foundation or solve your data problem.
    • Strategy for sake of strategy: Implementing a strategic approach for the sake of being strategic but this becomes overwhelming.
    • Fall back to tactical and operational: The data services are now potentially exposed and vulnerable, which strains business continuity and increases data debt.
    • Increased complexity and risk: Data silos, poor understanding, and high complexity results in an unmanageable data environment.
    Resolution
    • Requirements: Define and align your data requirement to business.
    • Capabilities: Discover data, identify data capabilities, and map your requirements.
    • Practices: Design and select fit-for-purpose data practices.
    • Platform: Optimize your data platform investments though sound architecture.

    Info-Tech Insight

    The true value of data comes from defining intentional relationships between the business and the data through a well thought out data platform and practice.

    Situation – Perpetual Data Problem

    Diagram of a head with gears around it and speech bubbles with notes titled 'Data Problem'. The surrounding gears, clockwise from bottom left, say 'Accessibility', 'Trust', 'Data Breach', 'Ambiguity', 'Ownership', 'Duplication', 'System Failure', and 'Manual Manipulation'. The speech bubbles notes, clockwise from bottom left, say 'Value-Add: How do I translate business needs to data capabilities?', 'Practice Organization: How do I organize resources and roles assignment challenges?', 'Platform: How do I organize data flows with no conceptual view of the environment?', and 'Break Down Silos: How do I break down silos?'
    I can’t access the data.
    I don’t trust the data in the report.
    It takes too long to get to the data for decision making
    • Lack of data-centric leadership results in downstream issues: integration, quality, accessibility
    • The organization’s data is too complex to manage without a cohesive plan.
    • The complex nature of the data and a lack of understanding leads to de-scoping delivery of data services that does not meet business needs or add value.
    • Poorly designed practice and siloed platforms result in an initiative that is lengthy, costly, fizzles out, does not deliver business value, and ends up being considered a failure.

    Complication – Data Initiative Fizzles Out

    • Data problem: When the data problem is diagnosed the organization adopts a tactical approach.
    • Confirmation bias: Subject matter experts (SME) are hired to resolve the poorly defined problem, but the success of the SME is impacted by lack of architecture, technology, and organizational alignment.
    • Still no value: the selected tactical approach does not provide a solid foundation or solve your data problem.
    • Strategy for sake of strategy: Implementing a strategic approach for sake of being strategic but this becomes overwhelming.
    • Fall back to tactical and operational: The data services are now potentially exposed and vulnerable, which strains business continuity and increases data debt.
    • Increased complexity and risk: Data silos, poor understanding, and high complexity result in an unmanageable data environment.
    Flowchart beginning with 'Data Symptom Exhibited' and 'Data Problem Diagnosed', then splitting into two paths 'Solve Data Problem as a point solution' or 'Attempt Strategic approach without culture, capacity, and business leadership'. Each approach ends with 'Data too complex, and initiative fizzles out...' and cycles back to the beginning.
    Use the road-tested patterns and frameworks in our blueprint to break the perpetual data solution cycle. Focus on the value that a data and analytics platform will bring rather than focusing on the data problems alone.

    Build Your Data Practice and Platform

    Bring Your Data Strategy to Life

    Logo for Info-Tech.
    Logo for #iTRG.
    CONVENTIONAL WISDOM

    Attempting to Solve Your Data Problems

    DATA SYMPTOM EXHIBITED

    Mismatch report, data quality issue, or similar symptom of a data problem.

    DATA PROBLEM DIAGNOSED

    Data expert identifies it as a data problem.

    COMPLEX STRATEGIC APPROACH ATTEMPTED

    Recognized need to attempt it strategically, but don't have capacity or culture to execute.

    Cycle diagram titled 'Data Problems' with numbers connected to surrounding steps, and a break after Step 3 where one can 'BREAK THE CYCLE'. In the middle are a list of data problems: 'Accessibility’, ‘Data Breach', 'Manual Manipulation', 'System Failure', 'Ambiguity', 'Duplication', 'Ownership', and 'Trust'.
    SOLUTION FAILS

    The tactical solution fails to solve the root cause of the data problem, and the data symptoms persist.

    TACTICAL SOLUTION FALLBACK

    A quick and dirty solution is attempted in order to fix the data problem.

    THE COMPLEX APPROACH FIZZLES OUT

    Attempted strategic approach takes too long, fizzles out.

    BREAK THE CYCLE

    Solving Your Data Problems

    1. DEFINE YOUR DATA REQUIREMENTS Incorporate a Business to Data Approach by utilizing Info-Tech's business capability templates for identifying data needs. BUSINESS-ALIGNED DATA REQUIREMENTS
    2. CONDUCT YOUR DATA DISCOVERY Understand the data behind your business problem. Identify the required data capabilities and domains as required by your business processes. RECOMMENDED DATA CAPABILITIES
    3. DESIGN YOUR DATA PRACTICES Build your custom data practices based on the predefined reusable models. CUSTOMIZED DATA PRACTICE
    4. ARCHITECT YOUR DATA PLATFORM Build your custom data platform based on the redefined reusable architecture patterns. CUSTOMIZED DATA PLATFORM
    CONTINUOUS PHASE: ROADMAP, SPONSORSHIP FEEDBACK AND DELIVERY

    Develop a roadmap to establish the practice and implement the architecture as designed. Ensure continuous alignment of the practice and architecture with the business landscape.

    Phase-by-Phase Approach to Build Your Data Practice and Platform

    Flowchart detailing the path to take through the four phases of this blueprint beginning with the 'Inputs' and 'People' involved and incorporating 'Deliverables' along the way. Phase-by-Phase Approach
    • Phase 1: Step 1 – Define Your Data Requirement
    • Phase 1: Step 2 – Conduct Your Data Discovery
    • Phase 2 – Design Your Data Practice
    • Phase 3 – Architect Your Data Platform

    Measure value when building your data practice and platform

    Sample Data Management Metrics

    Lists of data management metrics in different categories.

    • Refine the metrics for the overall Data Management practice and every initiative therein.
    • Refine the metrics at each platform and practice component to show business value against implementation effort.

    Understand and Build Data Culture

    See your Info-Tech Account Representative for more details on our Data Culture Diagnostic

    Only 14.29% of Transportation and Logistics respondents agree BI and Analytics Process and Technology are sufficient What is a diagnostic?

    Our diagnostics are the simplest way to collect the data you need, turn it into actionable insights, and communicate with stakeholders across the organization.

    52.54% of respondents from the healthcare industry are unaware of their organization’s data security policy
    Ask the Right Questions

    Use our low-effort surveys to get the data you need from stakeholders across the organization.

    Use Our Diagnostic Engine

    Our diagnostic engine does all the heavy lifting and analysis, turning your data into usable information.

    Communicate & Take Action

    Wow your executives with the incredible insights you've uncovered. Then, get to action: make IT better.

    On average only 40% agree that they have the reporting when needed


    (Source: Info-Tech’s Data Culture Diagnostic, 53 Organizations, 3138 Responses)

    35% of respondents feel that a governance body is in place looking at strategic data

    Build a Data-Driven Strategy Using Info-Tech Diagnostic Programs

    Make informed IT decisions by starting your diagnostic program today. Your account manager is waiting to help you.
    Sample of Info-Tech's 'Data Culture Scorecard'.

    Use Our Predefined Data and Analytics Patterns to Build Your DnA Landscape

    Walking through a book of architecture building plans with a personal guide is cheaper and faster than employing an architect to build and design your home

    Two books titled 'The Everything Homebuilding Book' and 'Architecture 101'. An open book with a finger pointing to a diagram.

    The first step is to align business strategy with data strategy and then start building your data practice and data platform

    Flowchart starting with business strategy focuses, then to data strategy focuses, and eventually to 'Data Metrics'.

    Insights

    The true value of data comes from defining intentional relationships between the business and the data through a well-thought-out data platform and practice.

    • Phase 1
      • Some organizations are low maturity so using the traditional Capability Maturity Model Integration (CMMI) would not make sense. A great alternative is to leverage existing models and methodologies to get going off the bat.
      • The Data Strategy is an input into the platform and practice. This is considered the Why; Data Practice and Platform is the How.
    • Phase 2
      • Info-Tech’s approach is business-goal driven and it leverages patterns, which enable the implementation of critical and foundational components and subsequently facilitates the evolution and development of the practice over time.
      • Systems should not be designed in isolation. Cross-functional collaboration throughout the design is critical to ensure all types of issues are revealed early. Otherwise, crucial tests are omitted, deployments fail, and end-users are dissatisfied.
    • Phase 3
      • Build your conceptual data architecture based on well-thought-out formulated patterns that align with your organization’s needs and environment.
      • Functional needs often take precedence over quality architecture. Quality must be baked into design, execution, and decision-making practices to ensure the right trade-offs are made.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Info-Tech’s Methodology for Building Your Data Practice and Platform

    Phase 1 –
    Define Your Data Requirements and Conduct Your Data Discovery
    Phase 2 –
    Design Your Data Practices
    Phase 3 –
    Architect Your Data Platform
    Phase Steps
    1. Identify your top initiatives
    2. Map your data initiatives to data capabilities
    1. Understand the practices value statement
    2. Review the Info-Tech practice pattern
    3. Initiate your practice design and setup
    1. Identify your data component
    2. Refine your data platform architecture
    3. Design your data platform
    4. Identify your new components and capabilities
    5. Initiative platform build and rollout
    Phase Outcomes Business-aligned data initiatives and capabilities that address data challenges and realize business strategic objectives Comprehensive data practice design based on the required business and data capabilities Data platform design based on Info-Tech data architecture reference pattern and prioritized data initiatives and capabilities

    Data Platform and Practice Implementation Plan

    Example timeline for data platform and practice implementation plan with 'Fiscal Years' across the top, and below they're broken down into quarters. Along the left side 'Phase 1: Step 1...', 'Phase 1: Step 2...', 'Phase 2...' and 'Phase 3'. Tasks are mapped onto the timeline in each phase with a short explanation.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889
    Info-Tech’s Workshop support for Build Your Data Practice and Platform. 'Build Your Data Practice and Platform' slide from earlier.
    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Workshop 1

    Data Needs and Discovery

    Workshop 2

    Data Practice Design

    Workshop 3

    Data Platform Design

    Workshop 1:
    Data Needs and Discovery

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889
    Day 1 Day 2 Day 3 Day 4
    Establish Business Context and Value
    Identify Your Top Initiatives
    Analyze Data Challenges
    Map Data Capability
    Activities

    1.1 Understand/confirm your organization’s strategic goals

    1.2 Classify the strategic goals and map to business drivers

    1.3 Identify the business capabilities that the strategy focus is on

    1.4 Identify the business processes realizing the strategy

    2.1 Highlight data-related outcomes /goals to realize to fulfill the business goal

    2.2 Map business data initiatives to the business strategic goals

    2.3 Prioritize Data initiatives

    3.1 Understand data management capabilities and framework

    3.2 Classify business data requirements using Info-Tech’s classification approach

    3.3 Highlight data challenges in your current environment

    4.1 Map data challenges to Info-Tech data challenges

    4.2 Review Info-Tech data capabilities based on prioritized initiative

    4.3 Discuss Data Platform and Practice Next Steps

    Deliverables
    • Business context and strategic drivers
    • Prioritized business capabilities and processes
    • Data Culture Survey results analysis
    • High-value business-aligned data initiative
    • List of data challenges preventing data maturation with the organization
    • Required data capabilities
    • Data platform and practice – plan
    • Initialized data management RACI
    Participants Business stakeholder, Business leader Business Subject Matter Expert, Data IT sponsor (CIO), Head of Data, Data Architect Business stakeholder, Business leader Business Subject Matter Expert, Data IT sponsor (CIO), Head of Data, Data Architect Data experts, Business Subject Matter Expert, Head of Data, Data Architect Data experts, Business Subject Matter Expert, Head of Data, Data Architect

    Workshop 2:
    Data Practice Design

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889
    Day 1 Day 2 Day 3 Day 4
    Plan Your Data Practices
    Design Your Data Practices 1
    Design Your Data Practices 2
    Design Your Data Practices 3
    Activities

    Prerequisite: Business context, business data requirement, and data capabilities

    1.1 Understand data practice framework

    1.2 Define your practice implementation approach

    1.3 Review and update data management RACI

    2.1 Understand Info-Tech data practice patterns for each prioritized practice

    2.2 Define your practice setup for each prioritized practice

    2.3 Highlight critical processes for each practice

    3.1 Understand Info-Tech data practice patterns for each prioritized practice

    3.2 Define your practice setup for each prioritized practice

    3.3 Highlight critical processes for each practice

    4.1 Understand Info-Tech data practice patterns for each prioritized practice

    4.2 Define your practice setup for each prioritized practice

    4.3 Highlight critical processes for each practice

    4.4 Discuss data platform and practice next steps

    Deliverables
    • Data practice implementation approach
    • Data management RACI
    • Data practice setup pattern for your organization
    • Data practice process pattern for your organization
    • Data practice setup pattern for your organization
    • Data practice process pattern for your organization
    • Data practice setup pattern for your organization
    • Data practice process pattern for your organization
    • Data platform and practice – plan
    Participants Data experts, Business Subject Matter Expert, Head of Data, Data Architect Data experts, Business Subject Matter Expert, Head of Data, Data Architect Data experts, Business Subject Matter Expert, Head of Data, Data Architect Data experts, Business Subject Matter Expert, Head of Data, Data Architect

    Workshop 3:
    Data Platform Design

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889
    Day 1Day 2Day 3Day 4
    Data Platform Overview
    Update Data Platform Reference Architecture
    Design Your Data Platform
    Design Your Data Practices 4
    Activities

    Prerequisite: Business context, business data requirement, and data capabilities

    1.1 Understand data platform framework and data capabilities

    1.2 Understand key data architecture principles and best practices

    1.3 Shortlist data platform patterns

    2.1 Map and identify data capabilities to data platform components

    2.2 Build data platform architecture using Info-Tech data platform reference architecture

    2.3 Highlight critical processes for each practice

    3.1 Design your target data platform using Info-Tech’s data platform template

    3.2 Identify new capabilities and components in your platform design

    4.1 Identify new capabilities and component in your platform design

    4.2 Discuss data platform initiatives

    Deliverables
    • Shortlisted data platform patterns
    • Data platform reference architecture for your organization
    • Data platform design for your organization
    • Data platform plan
    ParticipantsData experts, Business Subject Matter Expert, Head of Data, Data ArchitectData experts, Business Subject Matter Expert, Head of Data, Data ArchitectData experts, Business Subject Matter Expert, Head of Data, Data ArchitectData experts, Business Subject Matter Expert, Head of Data, Data Architect

    Build Your Data Practice and Platform

    Phase 1

    Phase 1: Step 1 – Define Your Data Requirements
    Phase 1: Step 2 – Conduct Your Data Discovery

    Phase 1

    1.1 Define Your Data Requirements
    1.2 Conduct Your Data Discovery

    Phase 2 Phase 3

    Phase 1: Step 1 – Define Your Data Requirements will walk you through the following activities:

    • Confirm the organizational strategic goals, business drivers, business capabilities, and processes driving the Data Practice and Platform effort.
    • Identify the data related outcomes, goals, and ideal environment needed to fulfill the business goals.

    This phase involves the following participants:

    A blend of business leaders and business SMEs together with the Data Strategy team.

    Phase 1: Step 2 – Conduct Your Data Discovery will walk you through the following activities:

    • Identify and highlight the data challenges faced in achieving the desired outcome.
    • Map the data challenges to the data capabilities required to realize the desired data outcome.

    This phase involves the following participants:

    Key personnel from IT/Data team: (Data Architect, Data Engineers, Head of Head of Reporting and Analytics)

    Annual CIO Survey Report 2024

    • Buy Link or Shortcode: {j2store}106|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Innovation
    • Parent Category Link: /innovation

    CIOs today face increasing pressures, disruptive emerging technologies, talent shortages, and a slew of other challenges. What are their top concerns, priorities, and technology bets that will define the future direction of IT?

    CIO responses to our Future of IT 2024 survey reveal key insights on spending projects, the potential disruptions causing the most concern, plans for adopting emerging technology, and how firms are responding to generative AI.

    See how CIOs are sizing up the opportunities and threats of the year ahead

    Map your organization’s response to the external environment compared to CIOs across geographies and industries. Learn:

    • The CIO view on continuing concerns such as cybersecurity.
    • Where they rate their IT department’s maturity.
    • What their biggest concerns and budget increases are.
    • How they’re approaching third-party generative AI tools.

    Annual CIO Survey Report 2024 Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Future of IT Survey 2024 – A summary of key insights from the CIO responses to our Future of IT 2024 survey.

    Take the pulse of the IT industry and see how CIOs are planning to approach 2024.

    • Annual CIO Survey Report for 2024
    [infographic]

    Further reading

    Annual CIO Survey Report 2024

    An inaugural look at what's on the minds of CIOs.

    1. Firmographics

    • Region
    • Title
    • Organization Size
    • IT Budget Size
    • Industry

    Firmographics

    The majority of CIO responses came from North America. Contributors represent regions from around the world.

    Countries / Regions Response %
    United States 47.18%
    Canada 11.86%
    Australia 9.60%
    Africa 6.50%
    China 0.28%
    Germany 1.13%
    United Kingdom 5.37%
    India 1.41%
    Brazil 1.98%
    Mexico 0.56%
    Middle East 4.80%
    Asia 0.28%
    Other country in Europe 4.52%

    n=354

    Firmographics

    A typical CIO respondent held a C-level position at a small to mid-sized organization.

    Half of CIOs hold a C-level position, 10% are VP-level, and 20% are director level

    Pie Chart of CIO positions

    38% of respondents are from an organization with above 1,000 employees

    Pie chart of size of organizations

    Firmographics

    A typical CIO respondent held a C-level position at a small to mid-sized organization.

    40% of CIOs report an annual budget of more than $10 million

    Pie chart of CIO annual budget

    A range of industries are represented, with 29% of respondents in the public sector or financial services

    Range of industries

    2. Key Factors

    • IT Maturity
    • Disruptive Factors
    • IT Spending Plans
    • Talent Shortage

    Two in three respondents say IT can deliver outcomes that Support or Optimize the business

    IT drives outcomes

    Most CIOs are concerned with cybersecurity disruptions, and one in four expect a budget increase of above 10%

    How likely is it that the following factors will disrupt your business in the next 12 months?

    Chart for factors that will disrupt your business

    Looking ahead to 2024, how will your organization's IT spending change compared to spending in 2023?

    Chart of IT spending change

    3. Adoption of Emerging Technology

    • Fastest growing tech for 2024 and beyond

    CIOs plan the most new spend on AI in 2024 and on mixed reality after 2024

    Top five technologies for new spending planned in 2024:

    1. Artificial intelligence - 35%
    2. Robotic process automation or intelligent process automation - 24%
    3. No-code/low-code platforms - 21%
    4. Data management solutions - 14%
    5. Internet of Things (IoT) - 13%

    Top five technologies for new spending planned after 2024:

    1. Mixed reality - 20%
    2. Blockchain - 19%
    3. Internet of Things (IoT) - 17%
    4. Robotics/drones - 16%
    5. Robotic process automation or intelligent process automation - 14%

    n=301

    Info-Tech Insight
    Three in four CIOs say they have no plans to invest in quantum computing, more than any other technology with no spending plans.

    4. Adoption of AI

    • Interest in generative AI applications
    • Tasks to be completed with AI
    • Progress in deploying AI

    CIOs are most interested in industry-specific generative AI applications or text-based

    Rate your business interest in adopting the following generative AI applications:

    Chart for interest in AI

    There is interest across all types of generative AI applications. CIOs are least interested in visual media generators, rating it just 2.4 out of 5 on average.

    n=251

    Info-Tech Insight
    Examples of generative AI solutions specific to the legal industry include Litigate, CoCounsel, and Harvey.

    By the end of 2024, CIOs most often plan to use AI for analytics and repetitive tasks

    Most popular use cases for AI by end of 2024:

    1. Business analytics or intelligence - 69%
    2. Automate repetitive, low-level tasks - 68%
    3. Identify risks and improve security - 66%
    4. IT operations - 62%
    5. Conversational AI or virtual assistants - 57%

    Fastest growing uses cases for AI in 2024:

    1. Automate repetitive, low-level tasks - 39%
    2. IT operations - 38%
    3. Conversational AI or virtual assistants - 36%
    4. Business analytics or intelligence - 35%
    5. Identify risks and improve security - 32%

    n=218

    Info-Tech Insight
    The least popular use case for AI is to help define business strategy, with 45% saying they have no plans for it.

    One in three CIOs are running AI pilots or are more advanced with deployment

    How far have you progressed in the use of AI?

    Chart of progress in use of AI

    Info-Tech Insight
    Almost half of CIOs say ChatGPT has been a catalyst for their business to adopt new AI initiatives.

    5. AI Risk

    • Perceived impact of AI
    • Approach to third-party AI tools
    • AI features in business applications
    • AI governance and accountability

    Six in ten CIOs say AI will have a positive impact on their organization

    What overall impact do you expect AI to have on your organization?

    Overall impact of AI on organization

    The majority of CIOs are waiting for professional-grade generative AI tools

    Which of the following best describes your organization's approach to third-party generative AI tools (such as ChatGPT or Midjourney)?

    Third-party generative AI

    Info-Tech Insight
    Business concerns over intellectual property and sensitive data exposure led OpenAI to announce ChatGPT won't use data submitted via its API for model training unless customers opt in to do so. ChatGPT users can also disable chat history to avoid having their data used for model training (OpenAI).

    One in three CIOs say they are accountable for AI, and the majority are exploring it cautiously

    Who in your organization is accountable for governance of AI?

    Governance of AI

    More than one-third of CIOs say no AI governance steps are in place today

    What AI governance steps does your organization have in place today?

    Chart of AI governance steps

    Among organizations that plan to invest in AI in 2024, 30% still say there are no steps in place for AI governance. The most popular steps to take are to publish clear explanations about how AI is used, and to conduct impact assessments (n=170).

    Chart of AI governance steps

    Among all CIOs, including those that do not plan to invest in AI next year, 37% say no steps are being taken toward AI governance today (n=243).

    6. Contribute to Info-Tech's Research Community

    • Volunteer to be interviewed
    • Attend LIVE in Las Vegas

    It's not too late; take the Future of IT online survey

    Contribute to our tech trends insights

    If you haven't already contributed to our Future of IT online survey, we are keeping the survey open to continue to collect insights and inform our research reports and agenda planning process. You can take the survey today. Those that complete the survey will be sent a complimentary Tech Trends 2024 report.

    Complete an interview for the Future of IT research project

    Help us chart the future course of IT

    If you are receiving this for completing the Future of IT online survey, thank you for your contribution. If you are interested in further participation and would like to provide a complementary interview, please get in touch at brian.Jackson@infotech.com. All interview subjects must also complete the online survey.

    If you've already completed an interview, thank you very much, and you can look forward to seeing more impacts of your contribution in the near future.

    LIVE 2023

    Methodology

    All data in this report is from Info-Tech's Future of IT online survey 2023 edition.

    A CIO focus for the Future of IT

    Data in this report represents respondents to the Future of IT online survey conducted by Info-Tech Research Group between May 11 and July 7, 2023.

    Only CIO respondents were selected for this report, defined as those who indicated they are the most senior member of their organization's IT department.

    This data segment reflects 355 total responses with 239 completing every question on the survey.

    Further data from the Future of IT online survey and the accompanying interview process will be featured in Info-Tech's Tech Trends 2024 report this fall and in forthcoming Priorities reports including Applications, Data & EA, CIO, Infrastructure, and Security.

    Quality Management

    • Buy Link or Shortcode: {j2store}45|cart{/j2store}
    • Related Products: {j2store}45|crosssells{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Service Planning and Architecture
    • Parent Category Link: /service-planning-and-architecture
    Drive efficiency and agility with right-sized quality management

    Evaluate and Learn From Your Negotiation Sessions More Effectively

    • Buy Link or Shortcode: {j2store}226|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management
    • Forty-eight percent of CIOs believe their budgets are inadequate.
    • CIOs and IT departments are getting more involved with negotiations to reduce costs and risk.
    • Confident negotiators tend to be more successful, but even confident negotiators have room to improve.
    • Skilled negotiators are in short supply.

    Our Advice

    Critical Insight

    • Improving your negotiation skills requires more than practice or experience (i.e. repeatedly negotiating).
    • Creating and updating a negotiations lessons-learned library helps negotiators improve and provides a substantial return for the organization.
    • Failure is a great teacher; so is success … but you have to pay attention to indicators, not just results.

    Impact and Result

    Addressing and managing the negotiation debriefing process will help you:

    • Improve negotiation skills.
    • Implement your negotiation strategy more effectively.
    • Improve negotiation results.

    Evaluate and Learn From Your Negotiation Sessions More Effectively Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should create and follow a scalable process for preparing to negotiate with vendors, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Negotiations continuing

    This phase will help you debrief after each negotiation session and identify the parts of your strategy that must be modified before your next negotiation session.

    • Evaluate and Learn From Your Negotiation Sessions More Effectively – Phase 1: Negotiations Continuing

    2. Negotiations completed

    This phase will help you conduct evaluations at three critical points after the negotiations have concluded.

    • Evaluate and Learn From Your Negotiation Sessions More Effectively – Phase 2: Negotiations Completed
    [infographic]

    Workshop: Evaluate and Learn From Your Negotiation Sessions More Effectively

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 12 Steps to Better Negotiation Preparation

    The Purpose

    Improve negotiation skills and outcomes; share lessons learned.

    Understand the value of debriefing sessions during the negotiation process.

    Understand how to use the Info-Tech After Negotiations Tool.

    Key Benefits Achieved

    A better understanding of how and when to debrief during the negotiation process to leverage key insights.

    The After Negotiations Tool will be reviewed and configured for the customer’s environment (as applicable).

    Activities

    1.1 Debrief after each negotiation session

    1.2 Determine next steps

    1.3 Return to preparation phase

    1.4 Conduct Post Mortem #1

    1.5 Conduct Implementation Assessment

    1.6 Conduct Post Mortem #2

    Outputs

    Negotiation Session Debrief Checklist and Questionnaire

    Next Steps Checklist

    Discussion

    Post Mortem #1 Checklist & Dashboard

    Implementation Assessment Checklist and Questionnaire

    Post Mortem #2 Checklist & Dashboard

    Establish a Sustainable ESG Reporting Program

    • Buy Link or Shortcode: {j2store}194|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: IT Governance, Risk & Compliance
    • Parent Category Link: /it-governance-risk-and-compliance

    Consistent, high-quality disclosure of ESG practices is the means by which organizations can demonstrate they are acting responsibly and in the best interest of their customers and society. Organizations may struggle with these challenges when implementing an ESG reporting program:

    • Narrowing down ESG efforts to material ESG issues
    • Building a sustainable reporting framework
    • Assessing and solving for data gaps and data quality issues
    • Being aware of the tools and best practices available to support regulatory and performance reporting

    Our Advice

    Critical Insight

    • A tactical approach to ESG reporting will backfire. The reality of climate change and investor emphasis is not going away. For long-term success, organizations need to design an ESG reporting program that is flexible, interoperable, and digital.
    • Implementing a robust reporting program takes time. Start early, remain focused, and make plans to continually improve data quality and collection and performance metrics.
    • The “G” in ESG may not be capturing the limelight under ESG legislation yet, but there are key factors within the governance component that are under the regulatory microscope, including data, cybersecurity, fraud, and diversity and inclusion. Be sure you stay on top of these issues and include performance metrics in your internal and external reporting frameworks.

    Impact and Result

    • Successful organizations recognize that transparent ESG disclosure is necessary for long-term corporate performance.
    • Taking the time up front to design a robust and proactive ESG reporting program will pay off in the long run.
    • Future-proof your ESG reporting program by leveraging new tools, technologies, and software applications.

    Establish a Sustainable ESG Reporting Program Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Establish a Sustainable ESG Reporting Program Storyboard – A comprehensive framework to define an ESG reporting program that supports your ESG goals and reporting requirements.

    This storyboard provides a three-phased approach to establishing a comprehensive ESG reporting framework to drive sustainable corporate performance. It will help you identify what to report, understand how to implement your reporting program, and review in-house and external software and tooling options.

    • Establish a Sustainable ESG Reporting Program Storyboard

    2. ESG Reporting Workbook – A tool to document decisions, rationale, and implications of key activities to support your ESG reporting program.

    The workbook allows IT and business leaders to document decisions as they work through the steps to establish a comprehensive ESG reporting framework.

    • ESG Reporting Workbook

    3. ESG Reporting Implementation Plan – A tool to document tasks required to deliver and address gaps in your ESG reporting program.

    This planning tool guides IT and business leaders in planning, prioritizing, and addressing gaps to build an ESG reporting program.

    • ESG Reporting Implementation Plan Template

    4. ESG Reporting Presentation Template – A guide to communicate your ESG reporting approach to internal stakeholders.

    Use this template to create a presentation that explains the drivers behind the strategy, communicates metrics, demonstrates gaps and costs, and lays out the timeline for the implementation plan.

    • ESG Reporting Presentation Template

    Infographic

    Workshop: Establish a Sustainable ESG Reporting Program

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Determine Material ESG Factors

    The Purpose

    Determine material ESG factors.

    Key Benefits Achieved

    Learn how to identify your key stakeholders and material ESG risks.

    Activities

    1.1 Create a list of stakeholders and applicable ESG factors.

    1.2 Create a materiality map.

    Outputs

    List of stakeholders and applicable ESG factors

    Materiality map

    2 Define Performance and Reporting Metrics

    The Purpose

    Define performance and reporting metrics.

    Key Benefits Achieved

    Align your ESG strategy with key performance metrics.

    Activities

    2.1 Create a list of SMART metrics.

    2.2 Create a list of reporting obligations.

    Outputs

    SMART metrics

    List of reporting obligations

    3 Assess Data and Implementation Gaps

    The Purpose

    Assess data and implementation gaps.

    Key Benefits Achieved

    Surface data and technology gaps.

    Activities

    3.1 Create a list of high-priority data gaps.

    3.2 Summarize high-level implementation considerations.

    Outputs

    List of high-priority data gaps

    Summary of high-level implementation considerations

    4 Consider Software and Tooling Options

    The Purpose

    Select software and tooling options and develop implementation plan.

    Key Benefits Achieved

    Complete your roadmap and internal communication document.

    Activities

    4.1 Review tooling and technology options.

    4.2 Prepare ESG reporting implementation plan.

    4.3 Prepare the ESG reporting program presentation.

    Outputs

    Selected tooling and technology

    ESG reporting implementation plan

    ESG reporting strategy presentation

    Further reading

    Establish a Sustainable ESG Reporting Program

    Strengthen corporate performance by implementing a holistic and proactive reporting approach.

    Analyst Perspective

    The shift toward stakeholder capitalism cannot be pinned on one thing; rather, it is a convergence of forces that has reshaped attitudes toward the corporation. Investor attention on responsible investing has pushed corporations to give greater weight to the achievement of corporate goals beyond financial performance.

    Reacting to the new investor paradigm and to the wider systemic risk to the financial system of climate change, global regulators have rapidly mobilized toward mandatory climate-related disclosure.

    IT will be instrumental in meeting the immediate regulatory mandate, but their role is much more far-reaching. IT has a role to play at the leadership table shaping strategy and assisting the organization to deliver on purpose-driven goals.

    Delivering high-quality, relevant, and consistent disclosure is the key to unlocking and driving sustainable corporate performance. IT leaders should not underestimate the influence they have in selecting the right technology and data model to support ESG reporting and ultimately support top-line growth.

    Photo of Yaz Palanichamy

    Yaz Palanichamy
    Senior Research Analyst
    Info-Tech Research Group

    Photo of Donna Bales

    Donna Bales
    Principal Research Director
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Your organization needs to define a ESG reporting strategy that is driven by corporate purpose.

    Climate-related disclosure mandates are imminent; you need to prepare for them by building a sustainable reporting program now.

    There are many technologies available to support your ESG program plans. How do you choose the one that is right for your organization?

    Common Obstacles

    Knowing how to narrow down ESG efforts to material ESG issues for your organization.

    Understanding the key steps to build a sustainable ESG reporting program.

    Assessing and solving for data gaps and data quality issues.

    Being aware of the tools and best practices available to support regulatory and performance reporting.

    Info-Tech’s Approach

    Learn best-practice approaches to develop and adopt an ESG reporting program approach to suit your organization’s unique needs.

    Understand the key features, tooling options, and vendors in the ESG software market.

    Learn through analyst insights, case studies, and software reviews on best-practice approaches and tool options.

    Info-Tech Insight

    Implementing a robust reporting program takes time. Start early, remain focused, and plan to continually improve data quality and collection and performance metrics

    Putting “E,” “S,” and “G” in context

    Corporate sustainability depends on managing ESG factors well

    Environmental, social, and governance are the components of a sustainability framework that is used to understand and measure how an organization impacts or is affected by society as a whole.

    Human activities, particularly fossil fuel burning since the middle of the twentieth century, have increased greenhouse gas concentration, resulting in observable changes to the atmosphere, ocean, cryosphere, and biosphere. The “E” in ESG relates to the positive and negative impacts an organization may have on the environment, such as the energy it takes in and the waste it discharges.

    The “S” in ESG is the most ambiguous component in the framework, as social impact relates not only to risks but also to prosocial behavior. It’s the most difficult to measure but can have significant financial and reputational impact on corporations if material and poorly managed.

    The “G” in ESG is foundational to the realization of “S” and “E.” It encompasses how well an organization integrates these considerations into the business and how well the organization engages with key stakeholders, receives feedback, and is transparent with its intentions.

    A diagram that shows common examples of ESG issues.

    The impact of ESG factors on investment decisions

    Alleviate Investment Risk

    Organizational Reputation: Seventy-four percent of those surveyed were concerned that failing to improve their corporate ESG performance would negatively impact their organization’s branding and overall reputation in the market (Intelex, 2022).

    Ethical Business Compliance: Adherence to well-defined codes of business conduct and implementation of anti-corruption and anti-bribery practices is a great way to distinguish between organizations with good/poor governance intentions.

    Shifting Consumer Preferences: ESG metrics can also largely influence consumer preferences in buying behavior intentions. Research from McKinsey shows that “upward of 70 percent” of consumers surveyed on purchases in multiple industries said they would pay an additional 5 percent for a green product if it met the same performance standards as a nongreen alternative (McKinsey, 2019).

    Responsible Supply Chain Management: The successful alignment of ESG criteria with supply chain operations can lead to several benefits (e.g. producing more sustainable product offerings, maintaining constructive relationships with more sustainability-focused suppliers).

    Environmental Stewardship: The growing climate crisis has forced companies of all sizes to rethink how they plan their corporate environmental sustainability practices.

    Compliance With Regulatory Guidelines: An increasing emphasis on regulations surrounding ESG disclosure rates may result in some institutional investors taking a more proactive stance toward ESG-related initiatives.

    Sustaining Competitive Advantage: Given today’s globalized economy, many businesses are constantly confronted with environmental issues (e.g. water scarcity, air pollution) as well as social problems (e.g. workplace wellness issues). Thus, investment in ESG factors is simply a part of maintaining competitive advantage.

    Leaders increasingly see ESG as a competitive differentiator

    The perceived importance of ESG has dramatically increased from 2020 to 2023

    A diagram that shows the perceived importance of ESG in 2020 and 2023.

    In a survey commissioned by Schneider Electric, researchers categorized the relative importance of ESG planning initiatives for global IT business leaders. ESG was largely identified as a critical factor in sustaining competitive advantage against competitors and maintaining positive investor/public relations.
    Source: S&P Market Intelligence, 2020; N=825 IT decision makers

    “74% of finance leaders say investors increasingly use nonfinancial information in their decision-making.”
    Source: EY, 2020

    Regulatory pressure to report on carbon emission is building globally

    The Evolving Regulatory Landscape

    Canada

    • Canadian Securities Administrators (CSA) NI 51-107 Disclosure of Climate-related Matters

    United States

    • Securities and Exchange Commission (SEC) 33-11042 – The Enhancement and Standardization of Climate-Related Disclosures for Investors
    • SEC 33-11038 Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure
    • Nasdaq Board Diversity Rule (5605(f))

    Europe

    • European Commission Sustainable Finance Disclosure Regulation (SFDR)
    • European Commission EU Supply Chain Act
    • The German Supply Chain Act (GSCA)
    • Financial Conduct Authority UK Proposal (DP 21/4) Sustainability Disclosure Requirements and investment labels
    • UK Modern Slavery Act, 2015

    New Zealand

    • The Financial Sector (Climate-related Disclosures and Other Matters) Amendment Act 2021

    Accurate ESG reporting will be critical to meet regulatory requirements

    ESG reporting is the disclosure of environmental, social, and governance (ESG) data via qualitative and quantitative reports.

    It is how organizations make their sustainability commitments and strategies transparent to stakeholders.

    For investors it provides visibility into a company's ESG activities, enabling them to align investments to their values and avoid companies that cause damage to the environment or are offside on social and governance issues.

    Despite the growing practice of ESG reporting, reporting standards and frameworks are still evolving and the regulatory approach for climate-related disclosure is inconsistent across jurisdictions, making it challenging for organizations to develop a robust reporting program.

    “Environmental, social and governance (ESG) commitments are at the core a data problem.”

    Source: EY, 2022

    However, organizations will struggle to meet reporting requirements

    An image that shows 2 charts: How accurately can your organization report on the impact of its ESG Initiatives; and More specifically, if it was required to do so, how accurately could your organization report on its carbon footprint.

    Despite the commitment to support an ESG Initiative, less than a quarter of IT professionals say their organization can accurately report on the impact of its ESG initiatives, and 44% say their reporting on impacts is not accurate.

    Reporting accuracy was even worse for reporting on carbon footprint with 46% saying their organization could not report on its carbon footprint accurately. This despite most IT professionals saying they are working to support environmental mandates.

    Global sustainability rankings based on ESG dimensions

    Global Country Sustainability Ranking Map

    An image of Global Country Sustainability Ranking Map, with a score of 0 to 10.

    Country Sustainability Scores (CSR) as of October 2021
    Scores range from 1 (poor) to 10 (best)
    Source: Robeco, 2021

    ESG Performance Rankings From Select Countries

    Top ESG and sustainability performer

    Finland has ranked consistently as a leading sustainability performer in recent years. Finland's strongest ESG pillar is the environment, and its environmental ranking of 9.63/10 is the highest out of all 150 countries.

    Significant score deteriorations

    Brazil, France, and India are among the countries whose ESG score rankings have deteriorated significantly in the past three years.

    Increasing political tensions and risks as well as aftershock effects of the COVID-19 pandemic (e.g. high inequality and insufficient access to healthcare and education) have severely impacted Brazil’s performance across the governance and social pillars of the ESG framework, ultimately causing its overall ESG score to drop to a CSR value of 5.31.

    Largest gains and losses in ESG scores

    Canada has received worse scores for corruption, political risk, income inequality, and poverty over the past three years.

    Taiwan has seen its rankings improve in terms of overall ESG scores. Government effectiveness, innovation, a strong semiconductor manufacturing market presence, and stronger governance initiatives have been sufficient to compensate for a setback in income and economic inequality.

    Source: Robeco, 2021

    Establish a Sustainable Environmental, Social, and Governance (ESG) Reporting Program

    A diagram of establishing a sustainable ESG reporting program.

    Blueprint benefits

    Business Benefits

    • Clarity on technical and organizational gaps in the organization’s ability to deliver ESG reporting strategy.
    • Transparency on the breadth of the change program, internal capabilities needed, and accountable owners.
    • Reduced likelihood of liability.
    • Improved corporate performance and top-line growth.
    • Confidence that the organization is delivering high-quality, comprehensive ESG disclosure.

    IT Benefits

    • Understanding of IT’s role as strategic enabler for delivering high-quality ESG disclosure and sustainable corporate performance.
    • Transparency on primary data gaps and technology and tools needed to support the ESG reporting strategy.
    • Clear direction of material ESG risks and how to prioritize implementation efforts.
    • Awareness of tool selection options.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Photo of Executive Presentation.

    Key deliverable: Executive Presentation

    Leverage this presentation deck to improve corporate performance by implementing a holistic and proactive ESG reporting program.

    Photo of Workbook

    Workbook

    As you work through the activities, use this workbook to document decisions and rationale and to sketch your materiality map.

    Photo of Implementation Plan

    Implementation Plan

    Use this implementation plan to address organizational, technology, and tooling gaps.

    Photo of RFP Template

    RFP Template

    Leverage Info-Tech’s RFP Template to source vendors to fill technology gaps.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit
    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation
    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop
    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting
    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 8 to 12 calls over the course of 4 to 6 months.

    What does a typical GI on this topic look like?

    A diagram that shows Guided Implementation in 3 phases.

    Workshop Overview

    Day 1

    Day 2

    Day 3

    Day 4

    Day 5

    Activities

    Determine Material ESG Factors

    1.1 Review ESG drivers.
    1.2 Identify key stakeholders and what drives their behavior.
    1.3 Discuss materiality frameworks options and select baseline model.
    1.4 Identify material risks and combine and categorize risks.
    1.5 Map material risks on materiality assessment map.

    Define Performance and Reporting Metrics

    2.1 Understand common program metrics for each ESG component.
    2.2 Consider and select program metrics.
    2.3 Discuss ESG risk metrics.
    2.4 Develop SMART metrics.
    2.5 Surface regulatory reporting obligations.

    Assess Data and Implementation Gaps

    3.1 Assess magnitude and prioritize data gaps.
    3.2 Discuss high-level implementation considerations and organizational gaps.

    Software and Tooling Options

    4.1 Review technology options.
    4.2 Brainstorm technology and tooling options and the feasibility of implementing.
    4.3 Prepare implementation plan.
    4.4 Draft ESG reporting program communication.
    4.5 Optional – Review software selection options.

    Next Steps and Wrap-Up (offsite)

    5.1 Complete in-progress deliverables from previous four days.
    5.2 Set up review time for workshop deliverables and to discuss next steps.

    Deliverables

    1. Customized list of key stakeholders and material ESG risks
    2. Materiality assessment map

    1. SMART metrics
    2. List of regulatory reporting obligations

    1. High-priority data gaps
    2. High-level implementation considerations

    1. Technology and tooling opportunities
    2. Implementation Plan
    3. ESG Reporting Communication

    1. ESG Reporting Workbook
    2. Implementation Plan

    Contact your account representative for more information.
    workshops@infotech.com
    1-888-670-8889

    Phase 1

    Explore ESG Reporting

    A diagram that shows phase 1 to 3 of establishing ESG reporting program.

    This phase will walk you through the following:

    • Define key stakeholders and material ESG factors.
    • Identify material ESG issues.
    • Develop SMART program metrics.
    • List reporting obligations.
    • Surface high-level data gaps.
    • Record high-level implementation considerations.

    This phase involves the following participants: CIO, CCO, CSO, business leaders, legal, marketing and communications, head of ESG reporting, and any dedicated ESG team members

    Practical steps for ESG disclosure

    Measuring and tracking incremental change among dimensions such as carbon emissions reporting, governance, and diversity, equity, and inclusion (DEI) requires organizations to acquire, analyze, and synthesize data from beyond their internal organizational ecosystems

    A diagram that shows 5 steps of identify, assess, implement, report & communicate, and monitor & improve.

    1.1 Ensure your reporting requirements are comprehensive

    A diagram of reporting lifecycle.

    This section will walk you through some key considerations for establishing your ESG reporting strategy. The first step in this process is to identify the scope of your reporting program.

    Defining the scope of your reporting program

    1. Stakeholder requirements: When developing a reporting program consider all your stakeholder needs as well as how they want to consume the information.
    2. Materiality assessment: Conduct a materiality assessment to identify the material ESG issues most critical to your organization. Organizations will need to report material risks to internal and external stakeholders.
    3. Purpose-driven goals: Your ESG reporting must include metrics to measure performance against your purpose-driven strategy.
    4. Regulatory requirements & industry: Work with your compliance and legal teams to understand which reporting requirements apply. Don’t forget requirements under the “S” and “G” components. Some jurisdictions require DEI reporting, and the Securities and Exchange Commission (SEC) in the US recently announced cybersecurity disclosure of board expertise and management oversight practices.

    Factor 1: Stakeholder requirements

    Work with key stakeholders to determine what to report

    A diagram that shows internal and external stakeholders.

    Evaluate your stakeholder landscape

    Consider each of these areas of the ESG Stakeholder Wheel and identify your stakeholders. Once stakeholders are identified, consider how the ESG factors might be perceived by delving into the ESG factors that matter to each stakeholder and what drives their behavior.

    A diagram of ESG impact, including materiality assessment, interviews, benchmark verses competitors, metrics and trend analysis.

    Determine ESG impact on stakeholders

    Review materiality assessment frameworks for your industry to surface ESG factors for your segment and stakeholder group(s).

    Perform research and analysis of the competition and stakeholder trends, patterns, and behavior

    Support your findings with stakeholder interviews.

    Stakeholders will prioritize ESG differently. Understanding their commitment is a critical success factor.

    Many of your stakeholders care about ESG commitments…

    27%: Support for social and environmental proposals at shareholder meetings of US companies rose to 27% in 2020 (up from 21% in 2017).
    Source: Sustainable Investments Institute, 2020.

    79%: of investors consider ESG risks and opportunities an important factor in investment decision making.
    Source: “Global Investor Survey,” PwC, 2021.

    ...Yet

    33%: of survey respondents cited that a lack of attention or support from senior leadership was one of the major barriers preventing their companies from making any progress on ESG issues.
    Source: “Consumer Intelligence Survey,” PwC, 2021.

    Info-Tech Insight

    To succeed with ESG reporting it is essential to understand who we hold ourselves accountable to and to focus ESG efforts in areas with the optimal balance between people, the planet, and profits

    Activity 1: Define stakeholders

    Input: Internal documentation (e.g. strategy, annual reports), ESG Stakeholder Wheel
    Output: List of key stakeholders and applicable ESG factors
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Chief Compliance Officer, Head of ESG Reporting, Business leaders

    2 hours

    1. Using the ESG Stakeholder Wheel as a baseline, consider the breadth of your organization’s value chain and write down all your stakeholders.
    2. Discuss what drives their behavior. Be as detailed as you can be. For example, if it’s a consumer, delve into their age group and the factors that may drive their behavior.
    3. List the ESG factors that may be important to each stakeholder.
    4. Write down the communication channels you expect to use to communicate ESG information to this stakeholder group.
    5. Rate the priority of this stakeholder to your organization.
    6. Record this information in ESG Reporting Workbook.
    7. Optional – consider testing the results with a targeted survey.

    Download the ESG Reporting Workbook

    Activity 1: Example

    An example of activity 1 (defining stakeholders)

    Factor 2: Materiality assessments

    Conduct a materiality assessment to inform company strategy and establish targets and metrics for risk and performance reporting

    The concept of materiality as it relates to ESG is the process of gaining different perspectives on ESG issues and risks that may have significant impact (both positive and negative) on or relevance to company performance.

    The objective of a materiality assessment is to identify material ESG issues most critical to your organization by looking at a broad range of social and environmental factors. Its purpose is to narrow strategic focus and enable an organization to assess the impact of financial and non-financial risks aggregately.

    It helps to make the case for ESG action and strategy, assess financial impact, get ahead of long-term risks, and inform communication strategies.

    Organizations can use assessment tools from Sustainalytics or GRI, SASB Standards, or guidance and benchmarking information from industry associations to help assess ESG risks .

    An image of materiality matrix to understand ESG exposure

    Info-Tech Insight

    The materiality assessment informs your risk management approach. Material ESG risks identified should be integrated into your organization’s risk reporting framework.

    Supplement your materiality assessment with stakeholder interviews

    A diagram that shows steps of stakeholder interviews.

    How you communicate the results of your ESG assessment may vary depending on whether you’re communicating to internal or external stakeholders and their communication delivery preferences.

    Using the results from your materiality assessment, narrow down your key stakeholders list. Enhance your strategy for disclosure and performance measurement through direct and indirect stakeholder engagement.

    Decide on the most suitable format to reach out to these stakeholders. Smaller groups lend themselves to interviews and forums, while surveys and questionnaires work well for larger groups.

    Develop relevant questions tailored to your company and the industry and geography you are in.

    Once you receive the results, decide how and when you will communicate them.

    Determine how they will be used to inform your strategy.

    Steps to determine material ESG factors

    Step 1

    Select framework

    A diagram of framework

    Review reporting frameworks and any industry guidance and select a baseline reporting framework to begin your materiality assessment.

    Step 2

    Begin to narrow down

    A diagram of narrowing down stakeholders

    Work with stakeholders to narrow down your list to a shortlist of high-priority material ESG issues.

    Step 3

    Consolidate and group

    A diagram of ESG grouping

    Group ESG issues under ESG components, your company’s strategic goals, or the UN’s Sustainable Development Goals.

    Step 4

    Rate the risks of ESG factors

    A diagram of rating the risks of ESG factors

    Assign an impact and likelihood scale for each risk and assign your risk threshold.

    Step 5

    Map

    A diagram of material map

    Use a material map framework such as GRI or SASB or Info-Tech’s materiality map to visualize your material ESG risks.

    Materiality assessment

    The materiality assessment is a strategic tool used to help identify, refine, and assess the numerous ESG issues in the context of your organization.

    There is no universally accepted approach to materiality assessments. Although the concept of materiality is often embedded within a reporting standard, your approach to conducting the materiality assessment does not need to link to a specific reporting standard. Rather, it can be used as a baseline to develop your own.

    To arrive at the appropriate outcome for your organization, careful consideration is needed to tailor the materiality assessment to meet your organization’s objectives.

    When defining the scope of your materiality assessment consider:

    • Your corporate ESG purpose and sustainability strategy
    • Your audience and what drives their behavior
    • The relevance of the ESG issues to your organization. Do they impact strategy? Increase risk?
    • The boundaries of your materiality assessment (e.g. regions or business departments, supply chains it will cover)
    • Whether you want to assess from a double materiality perspective

    A diagram of framework

    Consider your stakeholders and your industry when selecting your materiality assessment tool – this will ensure you provide relevant disclosure information to the stakeholders that need it.

    Double materiality is an extension of the financial concept of materiality and considers the broader impact of an organization on the world at large – particularly to people and climate.

    Prioritize and categorize

    A diagram of narrowing down stakeholders

    Using internal information (e.g. strategy, surveys) and external information (e.g. competitors, industry best practices), create a longlist of ESG issues.

    Discuss and narrow down the list. Be sure to consider opportunities – not just material risks!

    A diagram of ESG grouping

    Group the issues under ESG components or defined strategic goals for your organization. Another option is to use the UN’s Sustainable Development Goals to categorize.

    Differentiate ESG factors that you already measure and report.

    The benefit of clustering is that it shows related topics and how they may positively or negatively influence one another.

    Internal risk disclosure should not be overlooked

    Bank of America estimates ESG disputes have cost S&P companies more than $600 billion in market capitalization in the last seven years alone.

    ESG risks are good predictors of future risks and are therefore key inputs to ensure long-term corporate success.

    Regardless of the size of your organization, it’s important to build resilience against ESG risks.

    To protect an organization against an ESG incident and potential liability risk, ESG risks should be treated like any other risk type and incorporated into risk management and internal reporting practices, including climate scenario analysis.

    Some regulated entities will be required to meet climate-related financial disclosure expectations, and sound risk management practices will be prescribed through regulatory guidance. However, all organizations should instill sound risk practices.

    ESG risk management done right will help protect against ESG mishaps that can be expensive and damaging while demonstrating commitment to stakeholders that have influence over all corporate performance.

    Source: GreenBiz, 2022.

    A diagram of risk landscape.

    IT has a role to play to provide the underlying data and technology to support good risk decisions.

    Visualize your material risks

    Leverage industry frameworks or use Info-Tech’s materiality map to visualize your material ESG risks.

    GRI’s Materiality Matrix

    A photo of GRI’s Materiality Matrix

    SASB’s Materiality Map

    A photo of SASB’s Materiality Map

    Info-Tech’s Materiality Map

    A diagram of material map

    Activity 2: Materiality assessment

    Input: ESG corporate purpose or any current ESG metrics; Customer satisfaction or employee engagement surveys; Materiality assessment tools from SASB, Sustainalytics, GRI, or industry frameworks; Outputs from stakeholder outreach/surveys
    Output: Materiality map, a list of material ESG issues
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Chief Compliance Officer, Head of ESG Reporting, Business leaders, Participants from marketing and communications

    2-3 hour

    1. Begin by reviewing various materiality assessment frameworks to agree on a baseline framework. This will help to narrow down a list of topics that are relevant to your company and industry.
    2. As a group, discuss the potential impact and start listing material issues. At first the list will be long, but the group will work collectively to prioritize and consolidate the list.
    3. Begin to combine and categorize the results by aligning them to your ESG purpose and strategic pillars.
    4. Treat each ESG issue as a risk and map against the likelihood and impact of the risk.
    5. Map the topics on your materiality map. Most of the materiality assessment tools have materiality maps – you may choose to use their map.
    6. Record this information in the ESG Reporting Workbook.

    Download the ESG Reporting Workbook

    Case Study: Novartis

    Logo of Novartis

    • INDUSTRY: Pharmaceuticals
    • SOURCE: Novartis, 2022

    Novartis, a leading global healthcare company based in Switzerland, stands out as a leader in providing medical consultancy services to address the evolving needs of patients worldwide. As such, its purpose is to use science and technologically innovative solutions to address some of society’s most debilitating, challenging, and ethically significant healthcare issues.

    The application of Novartis’ materiality assessment process in understanding critical ESG topics important to their shareholders, stakeholder groups, and society at large enables the company to better quantify references to its ESG sustainability metrics.

    Novartis applies its materiality assessment process to better understand relevant issues affecting its underlying business operations across its entire value chain. Overall, employing Novartis’s materiality assessment process helps the company to better manage its societal, environmental, and economic impacts, thus engaging in more socially responsible governance practices.

    Novartis’ materiality assessment is a multitiered process that includes three major elements:

    1. Identifying key stakeholders, which involves a holistic analysis of internal colleagues and external stakeholders.
    2. Collecting quantitative feedback and asking relevant stakeholders to rank a set of issues (e.g. climate change governance, workplace culture, occupational health and safety) and rate how well Novartis performs across each of those identified issues.
    3. Eliciting qualitative insights by coordinating interviews and workshops with survey participants to better understand why the issues brought up during survey sessions were perceived as important.

    Results

    In 2021, Novartis had completed its most recent materiality assessment. From this engagement, both internal and external stakeholders had ranked as important eight clusters that Novartis is impacting on from an economic, societal, and environmental standpoint. The top four clusters were patient health and safety, access to healthcare, innovation, and ethical business practices.

    Factor 3: ESG program goals

    Incorporate ESG performance metrics that support your ESG strategy

    Another benefit of the materiality assessment is that it helps to make the case for ESG action and provides key information for developing a purpose-led strategy.

    An internal ESG strategy should drive toward company-specific goals such as green-house gas emission targets, use of carbon neutral technologies, focus on reusable products, or investment in DEI programs.

    Most organizations focus on incremental goals of reducing negative impacts to existing operations or improving the value to existing stakeholders rather than transformative goals.

    Yet, a strategy that is authentic and aligned with key stakeholders and long-term goals will bring sustainable value.

    The strategy must be supported by an accountability and performance measurement framework such as SMART metrics.

    A fulsome reporting strategy should include performance metrics

    A photo of SMART metrics: Specific, Measurable, Actionable, Realistic, Time-bound.

    Activity 3: SMART metrics

    Input: ESG corporate purpose or any current ESG metrics, Outputs from activities 1 and 2, Internally defined metrics (i.e. risk metrics or internal reporting requirements)
    Output: SMART metrics
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Chief Compliance Officer, Chief Risk officer/Risk leaders, Head of ESG Reporting, Business leaders, Participants from marketing and communications

    1-2 hours

    1. Document a list of appropriate metrics to assess the success of your ESG program.
    2. Use the sample metrics listed in the table on the next slide as a starting point.
    3. Fill in the chart to indicate the:
      1. Name of the success metric
      2. Method for measuring success
      3. Baseline measurement
      4. Target measurement
      5. Actual measurements at various points throughout the process of improving the risk management program
      6. A deadline for each metric to meet the target measurement
    4. Record this information in the ESG Reporting Workbook.

    Download the ESG Reporting Workbook

    Sample ESG metrics

    Leverage industry resources to help define applicable metrics

    Environmental

    • Greenhouse gas emissions – total corporate
    • Carbon footprint – percent emitted and trend
    • Percentage of air and water pollution
    • Renewable energy share per facility
    • Percentage of recycled material in a product
    • Ratio of energy saved to actual use
    • Waste creation by weight
    • Circular transition indicators

    Social

    • Rates of injury
    • Lost time incident rate
    • Proportion of spend on local suppliers
    • Entry-level wage vs. local minimum wage
    • Percentage of management who identify with specific identity groups (i.e. gender and ethnic diversity)
    • Percentage of suppliers screened for accordance to ESG vs. total number of suppliers
    • Consumer responsiveness

    Governance

    • Annual CEO compensation compared to median
    • Percentage of employees trained in conflict-of-interest policy
    • Number of data breaches using personally identifiable information (PII)
    • Number of incidents relating to management corruption
    • Percentage of risks with mitigation plans in place

    Activity 3: Develop SMART project metrics

    1-3 hours

    Attach metrics to your goals to gauge the success of the ESG program.

    Sample Metrics

    An image of sample metrics

    Factor 4: Regulatory reporting obligations

    Identify your reporting obligations

    High-level overview of reporting requirements:

    An image of high-level reporting requirements in Canada, the United Kingdom, Europe, and the US.

    Refer to your legal and compliance team for the most up-to-date and comprehensive requirements.

    The focus of regulators is to move to mandatory reporting of material climate-related financial information.

    There is some alignment to the TCFD* framework, but there is a lack of standardization in terms of scope across jurisdictions.
    *TCFD is the Task Force on Climate-Related Financial Disclosures.

    Activity 4: Regulatory obligations

    Input: Corporate strategy documents; Compliance registry or internal governance, risk, and compliance (GRC) tool
    Output: A list of regulatory obligations
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Chief Compliance Officer, Chief Legal Officer, Head of ESG Reporting, Business leaders

    1-2 hours

    1. Begin by listing the jurisdictions in which you operate or plan to operate.
    2. For each jurisdiction, list any known current or future regulatory requirements. Consider all ESG components.
    3. Log whether the requirements are mandatory or voluntary and the deadline to report.
    4. Write any details about reporting framework; for example, if a reporting framework such as TCFD is prescribed.
    5. Record this information in the ESG Reporting Workbook.

    Download the ESG Reporting Workbook

    1.2 Assess impact and weigh options

    A diagram of reporting lifecycle.

    Once the scope of your ESG reporting framework has been identified, further assessment is needed to determine program direction and to understand and respond to organizational impact.

    Key factors for further assessment and decisions include

    1. Reporting framework options. Consider mandated reporting frameworks and any industry standards when deciding your baseline reporting framework. Strive to have a common reporting methodology that serves all your reporting needs: regulatory, corporate, shareholders, risk reporting, etc.
    2. Perform gap analysis. The gap analysis will reveal areas where data may need to be sourced or where tools or external assistance may be needed to help deliver your reporting strategy.
    3. Organizational impact and readiness. The gap analysis will help to determine whether your current operating model can support the reporting program or whether additional resources, tools, or infrastructure will be needed.

    1.2.1 Decide on baseline reporting framework

    1. Determine the appropriate reporting framework for your organization

    Reporting standards are available to enable relevant, high-quality, and comparable information. It’s the job of the reporting entity to decide on the most suitable framework for their organization.

    The most established standard for sustainability reporting is the Global Reporting Initiative (GRI), which has supported sustainability reporting for over 20 years.

    The Task Force on Climate-Related Financial Disclosures (TCFD) was created by the Financial Stability Board to align ESG disclosure with financial reporting. Many global regulators support this framework.

    The International Sustainability Standards Board (ISSB) is developing high-quality, understandable, and enforceable global standards using the Sustainability Accounting Standards Board (SASB) as a baseline. It is good practice to use SASB Standards until the ISSB standards are available.

    2. Decide which rating agencies you will use and why they are important

    ESG ratings are provided by third-party agencies and are increasingly being used for financing and transparency to investors. ESG ratings provide both qualitative and quantitative information.

    However, there are multiple providers, so organizations need to consider which ones are the most important and how many they want to use.

    Some of the most popular rating agencies include Sustainalytics, MSCI, Bloomberg, Moody's, S&P Global, and CDP.

    Reference Appendix Below

    1.2.2 Determine data gaps

    The ESG reporting mandate is built on the assumption of consistent, good-quality data

    To meet ESG objectives, corporations are challenged with collecting non-financial data from across functional business and geographical locations and from their supplier base and supply chains.

    One of the biggest impediments to ESG implementation is the lack of high-quality data and of mature processes and tools to support data collection.

    An important step for delivering reporting requirements is to perform a gap analysis early on to surface gaps in the primary data needed to deliver your reporting strategy.

    The output of this exercise will also inform and help prioritize implementation, as it may show that new data sets need to be sourced or tools purchased to collect and aggregate data.

    Conduct a gap analysis to determine gaps in primary data

    A diagram of gap analysis to determine gaps in primary data.

    Activity 5: Gap analysis

    Input: Business (ESG) strategy, Data inventory (if exists), Output from Activity 1: Key stakeholders, Output from Activity 2: Materiality map, Output of Activity 3: SMART metrics, Output of Activity 4: Regulatory obligations
    Output: List of high-priority data gaps
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Chief Compliance Officer, Chief Legal Officer, Head of ESG Reporting, Business leaders, Data analysts

    1-3 hours

    1. Using the outputs from activities 1-4, list your organization’s ESG issues in order of priority. You may choose to develop your priority list by stakeholder group or by material risks.
    2. List any defined SMART metric from Activity 3.
    3. Evaluate data availability and quality of the data (if existing) as well as any impediments to sourcing the data.
    4. Make note if this is a common datapoint, i.e. would you disclose this data in more than one report?
    5. Record this information in the ESG Reporting Workbook.

    Download the ESG Reporting Workbook

    1.3 Take a holistic implementation approach

    Currently, 84 percent of businesses don’t integrate their ESG performance with financial and risk management reporting.

    Source: “2023 Canadian ESG Reporting Insights,” PwC.

    A diagram of reporting lifecycle.

    When implementing an ESG reporting framework, it is important not to implement in silos but to take a strategic approach that considers the evolving nature of ESG and the link to value creation and sound decision making.

    Key implementation considerations include

    1. Setting clear metrics and targets. Key performance indicators (KPIs) and key risk indicators (KRIs) are used to measure ESG factor performance. It’s essential that they are relevant and are constructed using high-quality data. Your performance metrics should be continually assessed and adapted as your ESG program evolves.
    2. Data challenges. Without good-quality data it is impossible to accurately measure ESG performance, generate actionable insights on ESG performance and risk, and provide informative metrics to investors and other stakeholders. Design your data model to be flexible and digital where possible to enable data interoperability.
    3. Architectural approach. IT will play a key role in the design of your reporting framework, including the decision on whether to build, buy, or deliver a hybrid solution. Every organization will build their reporting program to suit their unique needs; however, taking a holistic and proactive approach will support and sustain your strategy long term.

    1.3.1 Metrics and targets for climate-related disclosure

    “The future of sustainability reporting is digital – and tagged.”
    Source: “XBRL Is Coming,” Novisto, 2022.

    In the last few years, global regulators have proposed or effected legislation requiring public companies to disclose climate-related information.

    Yet according to Info-Tech’s 2023 Trends and Priorities survey, most IT professionals expect to support environmental mandates but are not prepared to accurately report on their organization’s carbon footprint.

    IT groups have a critical role to play in helping organizations develop strategic plans to meet ESG goals, measure performance, monitor risks, and deliver on disclosure requirements.

    To future-proof your reporting structure, your data should be readable by humans and machines.

    eXtensible Business Reporting Language (XBRL) tagging is mandated in several jurisdictions for financial reporting, and several reporting frameworks are adopting XBRL for sustainability reporting so that non-financial and financial disclosure frameworks are aligned.

    Example environmental metrics

    • Amount of scope 1, 2, or 3 GHG emissions
    • Total energy consumption
    • Total water consumption
    • Progress toward net zero emission
    • Percentage of recycled material in a product

    1.3.1 Metrics and targets for social disclosure

    “59% of businesses only talk about their positive performance, missing opportunities to build trust with stakeholders through balanced and verifiable ESG reporting.”
    Source: “2023 Canadian ESG Reporting Insights,” PwC.

    To date, regulatory focus has been on climate-related disclosure, although we are beginning to see signals in Europe and the UK that they are turning their attention to social issues.

    Social reporting focuses on the socioeconomic impacts of an organization’s initiatives or activities on society (indirect or direct).

    The “social” component of ESG can be the most difficult to quantify, but if left unmonitored it can leave your organization open to litigation from consumers, employees, and activists.

    Although organizations have been disclosing mandated metrics such as occupational health and safety and non-mandated activities such as community involvement for years, the scope of reporting is typically narrow and hard to measure in financial terms.

    This is now changing with the recognition by companies of the value of social reporting to brand image, traceability, and overall corporate performance.

    Example social metrics

    • Rate of injury
    • Lost time incident rate
    • Proportion of spend on local suppliers
    • Entry-level wage versus local minimum wage
    • Percentage of management within specific identity groups (i.e. gender and ethnic diversity)
    • Number of workers impacted by discrimination

    Case Study: McDonald’s Corporation (MCD)

    Logo of McDonald’s

    • INDUSTRY: Food service retailer
    • SOURCE: RBC Capital Markets, 2021; McDonald’s, 2019

    McDonald’s Corporation is the leading global food service retailer. Its purpose is not only providing burgers to dinner tables around the world but also serving its communities, customers, crew, farmers, franchisees, and suppliers alike. As such, not only is the company committed to having a positive impact on communities and in maintaining the growth and success of the McDonald's system, but it is also committed to conducting its business operations in a way that is mindful of its ESG commitments.

    An image of McDonald’s Better Together

    McDonald’s Better Together: Gender Balance & Diversity strategy and Women in Tech initiative

    In 2019, MCD launched its Better Together: Gender Balance & Diversity strategy as part of a commitment to improving the representation and visibility of women at all levels of the corporate structure by 2023.

    In conjunction with the Better Together strategy, MCD piloted a “Women in Tech” initiative through its education and tuition assistance program, Archways to Opportunity. The initiative enabled women from company-owned restaurants and participating franchisee restaurants to learn skills in areas such as data science, cybersecurity, artificial intelligence. MCD partnered with Microsoft and Colorado Technical University to carry out the initiative (McDonald’s, 2019).

    Both initiatives directly correlate to the “S” of the ESG framework, as the benefits of gender-diverse leadership continue to be paramount in assessing the core strengths of a company’s overreaching ESG portfolio. Hence, public companies will continue to face pressure from investors to act in accordance with these social initiatives.

    Results

    MCD’s Better Together and Women in Tech programs ultimately helped improve recruitment and retention rates among its female employee base. After the initialization of the gender balance and diversification strategy, McDonald’s signed on to the UN Women’s Empowerment Principles to help accelerate global efforts in addressing the gender disparity problem.

    1.3.1 Metrics and targets for governance disclosure

    Do not lose sight of regulatory requirements

    Strong governance is foundational element of a ESG program, yet governance reporting is nascent and is often embedded in umbrella legislation pertaining to a particular risk factor.

    A good example of this is the recent proposal by the Securities and Exchange Commission in the US (CFR Parts 229, 232, 239, 240, and 249, Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure), which will require public companies to:

    • Disclosure of board oversight of cyber risk.
    • Disclose management’s role in managing and accessing cybersecurity-related risks.

    The "G” component includes more than traditional governance factors and acts as a catch-all for other important ESG factors such as fraud, cybersecurity, and data hygiene. Make sure you understand how risk may manifest in your organization and put safeguards in place.

    Example governance metrics

    • Annual CEO compensation compared to median
    • Percentage of employees trained in conflict-of-interest policy
    • Completed number of supplier assessments
    • Number of data breaches using PII
    • Number of material cybersecurity breaches

    Info-Tech Insight

    The "G" in ESG may not be capturing the limelight under ESG legislation yet, but there are key governance factors that are that are under regulatory radar, including data, cybersecurity, fraud, and DEI. Be sure you stay on top of these issues and include performance metrics into your internal and external reporting frameworks.

    1.3.2 Conquering data management challenges

    48% of investment decision makers, including 58% of institutional investors, say companies’ self-reported ESG performance data is “much more important” than companies’ conventional financial data when informing their investment decisions (Benchmark ESG, 2021).

    Due to the nascent nature of climate-related reporting, data challenges such as the availability, usability, comparability, and workflow integration surface early in the ESG program journey when sourcing and organizing data:

    • It is challenging to collect non-financial data across functional business and geographical locations and from supplier base and supply chains.
    • The lack of common standards leads to comparability challenges, hindering confidence in the outputs.

    In addition to good, reliable inputs, organizations need to have the infrastructure to access new data sets and convert raw data into actionable insights.

    The establishment of data model and workflow processes to track data lineage is essential to support an ESG program. To be successful, it is critical that flexibility, scalability, and transparency exist in the architectural design. Data architecture must scale to capture rapidly growing volumes of unstructured raw data with the associated file formats.

    A photo of conceptual model for data lineage.

    Download Info-Tech’s Create and Manage Enterprise Data Models blueprint

    1.3.3 Reporting architecture

    CIOs play an important part in formulating the agenda and discourse surrounding baseline ESG reporting initiatives

    Building and operating an ESG program requires the execution of a large number of complex tasks.

    IT leaders have an important role to play in selecting the right technology approach to support a long-term strategy that will sustain and grow corporate performance.

    The decision to buy a vendor solution or build capabilities in-house will largely depend on your organization’s ESG ambitions and the maturity of in-house business and IT capabilities.

    For large, heavily regulated entities an integrated platform for ESG reporting can provide organizations with improved risk management and internal controls.

    Example considerations when deciding to meet ESG reporting obligations in-house

    • Size and type of organization
    • Extent of regulatory requirements and scrutiny
    • The amount of data you want to report
    • Current maturity of data architecture, particularly your ability to scale
    • Current maturity of your risk and control program – how easy is it to enhance current processes?
    • The availability and quality of primary data
    • Data set gaps
    • In-house expertise in data, model risk, and change management
    • Current operating model – is it siloed or integrated?
    • Implementation time
    • Program cost
    • The availability of vendor solutions that may address gaps

    Info-Tech Insight

    Executive leadership should take a more holistic and proactive stance to not only accurately reporting upon baseline corporate financial metrics but also capturing and disclosing relevant ESG performance metrics to drive alternative streams of valuation across their respective organizational environments.

    Activity 6: High-level implementation considerations

    Input: Business (ESG) strategy, Data inventory (if exists), Asset inventory (if exists), Output from Activity 5
    Output: Summary of high-level implementation considerations
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Head of ESG Reporting, Business leaders, Data analysts, Data and IT architect/leaders,

    2-3 hours

    1. Review the implementation considerations on the previous slide to help determine the appropriate technology approach.
    2. For each implementation consideration, describe the current state.
    3. Discuss and draft the implications of reaching the desired future state by listing implications and organizational gaps.
    4. Discuss as a group if there is an obvious implementation approach.
    5. At this point, further analysis may be needed. Form a subcommittee or assign a leader to conduct further analysis.
    6. Record this information in the ESG Reporting Workbook.

    Download the ESG Reporting Workbook

    1.3.4 Ensure your implementation team has a high degree of trust and communication

    If external partners are needed, dedicate an internal resource to managing the vendor and partner relationships.

    Communication: Teams must have some type of communication strategy. This can be broken into:

    • Regularity: Having a set time each day to communicate progress and a set day to conduct retrospectives.
    • Ceremonies: Injecting awards and continually emphasizing delivery of value to encourage relationship building and constructive motivation.
    • Escalation: Voicing any concerns and having someone responsible for addressing those concerns.

    Proximity: Distributed teams create complexity as communication can break down. This can be mitigated by:

    • Location: Placing teams in proximity to close the barrier of geographical distance and time zone differences.
    • Inclusion: Making a deliberate attempt to pull remote team members into discussions and ceremonies.
    • Communication tools: Having the right technology (e.g. videoconference) to help bring teams closer together virtually.

    Trust: Members should trust other members are contributing to the project and completing their required tasks on time. Trust can be developed and maintained by:

    • Accountability: Having frequent quality reviews and feedback sessions. As work becomes more transparent, people become more accountable.
    • Role clarity: Having a clear definition of what everyone’s role is.

    1.4 Clear effective communication

    Improving investor transparency is one of the key drivers behind disclosure, so making the data easy to find and consumable is essential

    A diagram of reporting lifecycle.

    Your communication of ESG performance is intricately linked to corporate value creation. When designing your communications strategy, consider:

    • Your message – make it authentic and tell a consistent story.
    • How data will be used to support the narrative.
    • How your ESG program may impact internal and external programs and build a communication strategy that is fit for purpose. Example programs are:
      • Employee recruitment
      • New product rollout
      • New customer campaign
    • The design of the communication and how well it suits the audience. Communications may take the form of campaigns, thought leadership, infographics, etc.
    • The appropriateness of communication channels to your various audiences and the messages you want to convey. For example, social media, direct outreach, shareholder circular, etc.

    1.5 Continually evaluate

    A diagram of reporting lifecycle.

    A recent BDC survey of 121 large companies and public-sector buyers found that 82% require some disclosure from their suppliers on ESG, and that's expected to grow to 92% by 2024.
    Source: BDC, 2023

    ESG's link to corporate performance means that organizations must stay on top of ESG issues that may impact the long-term sustainability of their business.

    ESG components will continue to evolve, and as they do so will stakeholder views. It is important to continually survey your stakeholders to ensure you are optimally managing ESG risks and opportunities.

    To keep ESG on the strategy agenda, we recommend that organizations:

    • Appoint a chief sustainability officer (CSO) with a seat on executive leadership committees.
    • Embed ESG into existing governance and form a tactical ESG working group committee.
    • Ensure ESG risks are integrated into the enterprise risk management program.
    • Continually challenge your ESG strategy.
    • Regularly review risks and opportunities through proactive outreach to stakeholders.

    Download The ESG Imperative and Its Impact on Organizations

    Phase 2

    Streamline Requirements and Tool Selection

    A diagram that shows phase 1 to 3 of establishing ESG reporting program.

    This phase will walk you through the following activities:

    • Assess technology and tooling opportunities.
    • Prepare ESG reporting implementation plan.
    • Write ESG reporting presentation document.

    This phase involves the following participants: CIO, CCO, CSO, EA, IT application and data leaders, procurement, business leaders, marketing and communications, head of ESG reporting, and any dedicated ESG team members

    2.1 Streamline your requirements and tool section

    Spend the time up front to enable success and meet expectations

    Before sourcing any technology, it’s important to have a good understanding of your requirements.

    Key elements to consider:

    1. ESG reporting scope. Large enterprises will have more complex workflow requirements, but they also will have larger teams to potentially manage in-house. Smaller organizations will need easy-to-use, low-cost solutions.
    2. Industry and value chain. Look for industry-specific solutions, as they will be more tailored to your needs and will enable you to be up and running quicker.
    3. Coverage. Ensure the tool has adequate regulatory coverage to meet your current and future needs.
    4. Gap in functionality. Be clear on the problem you are trying to solve and/or the gap in workflow. Refer to the reporting lifecycle and be clear on your needs before sourcing technology.
    5. Resourcing. Factor in capacity during and after implementation and negotiate the appropriate support.

    Industry perspective

    The importance of ESG is something that will need to be considered for most, if not every decision in the future, and having reliable and available information is essential. While the industry will continue to see investment and innovation that drives operational efficiency and productivity, we will also see strong ESG themes in these emerging technologies to ensure they support both sustainable and socially responsible operations.

    With the breadth of technology Datamine already has addressing the ESG needs for the mining industry combined with our new technology, our customers can make effective and timely decisions through incorporating ESG data into their planning and scheduling activities to meet customer demands, while staying within the confines of their chosen ESG targets.

    Photo of Chris Parry

    Chris Parry
    VP of ESG, Datamine

    Photo of Datamine Photo of isystain

    Activity 7: Brainstorm tooling options

    Use the technology feature list below to identify areas along the ESG workflow where automated tools or third-party solutions may create efficiencies

    Technological Solutions Feature Bucket

    Basic Feature Description

    Advanced Feature Description

    Natural language processing (NLP) tools

    Ability to use NLP tools to track and monitor sentiment data from news and social media outlets.

    Leveraging NLP toolsets can provide organizations granular insights into workplace sentiment levels, which is a core component of any ESG strategy. A recent study by MarketPsych, a company that uses NLP technologies to analyze sentiment data from news and social media feeds, linked stock price performance to workplace sentiment levels.

    Distributed ledger technologies (DLTs)

    DLTs can help ensure greater reporting transparency, in line with stringent regulatory reporting requirements.

    DLT as an ESG enabler, with advanced capabilities such as an option to provide demand response services linked to electricity usage and supply forecasting.

    Cloud-based data management and reporting systems

    Cloud-based data management and reporting can support ESG initiatives by providing increased reporting transparency and a better understanding of diverse social and environmental risks.

    Leverage newfound toolsets such as Microsoft Cloud for Sustainability – a SaaS offering that enables organizations to seamlessly record, report, and reduce their emissions on a path toward net zero.

    IoT technologies

    Integration of IoT devices can help enhance the integrity of ESG reporting through the collection of descriptive and accurate ESG metrics (e.g. energy efficiency, indoor air quality, water quality and usage).

    Advanced management of real-time occupancy monitoring: for example, the ability to reduce energy consumption rates by ensuring energy is only used when spaces and individual cubicles are occupied.

    2.2 Vendors tools and technologies to support ESG reporting

    In a recent survey of over 1,000 global public- and private-sector leaders, 87% said they see AI as a helpful tool to fight climate change.
    Source: Boston Consulting Group

    Technology providers are part of the solution and can be leveraged to collect, analyze, disclose, track, and report on the vast amount of data.

    Increasingly organizations are using artificial intelligence to build climate resiliency:

    • AI is useful for the predictive modelling of potential climate events due to its ability to gather and analyze and synthesize large complete data sets.

    And protect organizations from vulnerabilities:

    • AI can be used to identify and assess vulnerabilities that may lead to business disruption or risks in production or the supply chain.

    A diagram of tooling, including DLT, natural language processing, cloud-based data management and IoT.

    2.3 ESG reporting software selection

    What Is ESG Reporting Software?

    Our definition: ESG reporting software helps organizations improve the transparency and accountability of their ESG program and track, measure, and report their sustainability efforts.

    Key considerations for reporting software selection:

    • While there are boutique ESG vendors in the market, organizations with existing GRC tools may first want to discuss ESG coverage with their existing vendor as it will enable better integration.
    • Ensure that the vendors you are evaluating support the requirements and regulations in your region, industry, and geography. Regulation is moving quickly – functionality needs to be available now and not just on the roadmap.
    • Determine the level of software integration support you need before meeting with vendors and ensure they will be able to provide it – when you need it!

    Adoption of ESG reporting software has historically been low, but these tools will become critical as organizations strive to meet increasing ESG reporting requirements.

    In a recent ESG planning and performance survey conducted by ESG SaaS company Diligent Corporation, it was found that over half of all organizations surveyed do not publish ESG metrics of any kind, and only 9% of participants are actively using software that supports ESG data collection, analysis, and reporting.

    Source: Diligent, 2021.

    2.3.1 Elicit and prioritize granular requirements for your ESG reporting software

    Understanding business needs through requirements gathering is the key to defining everything about what is being purchased. However, it is an area where people often make critical mistakes.

    Poorly scoped requirements

    Fail to be comprehensive and miss certain areas of scope.

    Focus on how the solution should work instead of what it must accomplish.

    Have multiple levels of detail within the requirements that are inconsistent and confusing.

    Drill all the way down into system-level detail.

    Add unnecessary constraints based on what is done today rather than focusing on what is needed for tomorrow.

    Omit constraints or preferences that buyers think are obvious.

    Best practices

    Get a clear understanding of what the system needs to do and what it is expected to produce.

    Test against the principle of MECE – requirements should be “mutually exclusive and collectively exhaustive.”

    Explicitly state the obvious and assume nothing.

    Investigate what is sold on the market and how it is sold. Use language that is consistent with that of the market and focus on key differentiators – not table stakes.

    Contain the appropriate level of detail – the level should be suitable for procurement and sufficient for differentiating vendors.

    Download Info-Tech's Improve Requirements Gathering blueprint

    2.3.1 Identify critical and nice-to-have features

    Central Data Repository: Collection of stored data from existing databases merged into one location that can then be shared, analyzed, or updated.

    Automatic Data Collection: Ability to automate data flows, collect responses from multiple sources at specified intervals, and check them against acceptance criteria.

    Automatic KPI Calculations, Conversions, and Updates: Company-specific metrics can be automatically calculated, converted, and tracked.

    Built-In Indicator Catalogs and Benchmarking: Provides common recognized frameworks or can integrate a catalog of ESG indicators.

    Custom Reporting: Ability to create reports on company emissions, energy, and asset data in company-branded templates.

    User-Based Access and Permissions: Ability to control access to specific content or data sets based on the end user’s roles.

    Real-Time Capabilities: Ability to analyze and visualize data as soon as it becomes available in underlying systems.

    Version Control: Tracking of document versions with each iteration of document changes.

    Intelligent Alerts and Notifications: Ability to create, manage, send, and receive notifications, enhancing efficiency and productivity.

    Audit Trail: View all previous activity including any recent edits and user access.

    Encrypted File Storage and Transfer: Ability to encrypt a file before transmitting it over the network to hide content from being viewed or extracted.

    Activity 7: Technology and tooling options

    Input: Business (ESG) strategy, Data inventory (if exists), Asset inventory (if exists), Output from Activity 5, Output from Activity 6,
    Output: List of tooling options
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Head of ESG Reporting, Business leaders, Data analysts, Data and IT architect/leaders

    1-2 hours

    1. Begin by listing key requirements and features for your ESG reporting program.
    2. Use the outputs from activities 5 and 6 and the technology feature list on the previous slide to help brainstorm technology and tooling options.
    3. Discuss the availability and readiness of each option. Note that regulatory requirements will have an effective date that will impact the time to market for introducing new tooling.
    4. Discuss and assign a priority.
    5. At this point, further analysis may be needed. Form a subcommittee or assign a leader to conduct further analysis.
    6. Record this information in the ESG Reporting Workbook.

    Download the ESG Reporting Workbook

    Activity 8: Implementation plan

    Input: Business (ESG) strategy, Output from Activity 5, Output from Activity 6, Output from Activity 7
    Output: ESG Reporting Implementation Plan
    Materials: Whiteboard/flip charts, ESG Reporting Implementation Plan Template
    Participants: Chief Sustainability Officer, Head of ESG Reporting, Business leaders, Data analysts, PMO, Data and IT architect/leaders

    1-2 hours

    1. Use the outputs from activities 5 to 7 and list required implementation tasks. Set a priority for each task.
    2. Assign the accountable owner as well as the group responsible. Larger organizations and large, complex change programs will have a group of owners.
    3. Track any dependencies and ensure the project timeline aligns.
    4. Add status as well as start and end dates.
    5. Complete in the ESG Reporting Implementation Plan Template.

    Download the ESG Reporting Implementation Plan Template

    Activity 9: Internal communication

    Input: Business (ESG) strategy, ESG Reporting Workbook, ESG reporting implementation plan
    Output: ESG Reporting Presentation Template
    Materials: Whiteboard/flip charts, ESG Reporting Presentation Template, Internal communication templates
    Participants: Chief Sustainability Officer, Head of Marketing/ Communications, Business leaders, PMO

    1-2 hours

    Since a purpose-driven ESG program presents a significant change in how organizations operate, the goals and intentions need to be understood throughout the organization. Once you have developed your ESG reporting strategy it is important that it is communicated, understood, and accepted. Use the ESG Reporting Presentation Template as a guide to deliver your story.

    1. Consider your audience and discuss and agree on the key elements you want to convey.
    2. Prepare the presentation.
    3. Test the presentation with smaller group before communicating to senior leadership/board

    Download the ESG Reporting Presentation Template

    Phase 3

    Select ESG Reporting Software

    A diagram that shows phase 1 to 3 of establishing ESG reporting program.

    This phase will provide additional material on Info-Tech’s expertise in the following areas:

    • Info-Tech’s approach to RFPs
    • Info-Tech tools for software selection
    • Example ESG software assessments

    3.1 Leverage Info-Tech’s expertise

    Develop an inclusive and thorough approach to the RFP process

    An image that a process of 7 steps.

    The Info-Tech difference:

    1. The secret to managing an RFP is to make it as manageable and as thorough as possible. The RFP process should be like any other aspect of business – with a standard process in place, you are better able to handle whatever comes your way, because you know the steps you need to follow to produce a top-notch RFP.
    2. The business then identifies the need for more information about a product/service or determines that a purchase is required.
    3. A team of stakeholders from each area impacted gather all business, technical, legal, and risk requirements. What are the expectations of the vendor relationship post-RFP? How will the vendors be evaluated?
    4. Based on predetermined requirements, either an RFI or an RFP is issued to vendors with a due date.

    Info-Tech Insight

    Review Info-Tech’s process and understand how you can prevent your organization from leaking negotiation leverage while preventing vendors from taking control of your RFP.

    Software Selection Engagement

    5 Advisory Calls Over a 5-Week Period to Accelerate Your Selection Process

    Expert Analyst Guidance over5 weeks on average to select and negotiate software.

    Save Money, Align Stakeholders, Speed Up the Process & make better decisions.

    Use a Repeatable, Formal Methodology to improve your application selection process.

    Better, Faster Results, guaranteed, included in membership.

    A diagram of selection engagement over a 5-week period.

    CLICK HERE to Book Your Selection Engagement

    Leverage the Contract Review Service to level the playing field with your shortlisted vendors

    You may be faced with multiple products, services, master service agreements, licensing models, service agreements, and more.

    Use the Contract Review Service to gain insights on your agreements.

    Consider the aspects of a contract review:

    1. Are all key terms included?
    2. Are they applicable to your business?
    3. Can you trust that results will be delivered?
    4. What questions should you be asking from an IT perspective?

    Validate that a contract meets IT’s and the business’ needs by looking beyond the legal terminology. Use a practical set of questions, rules, and guidance to improve your value for dollar spent.

    A photo of Contract Review Service.

    Click here to book The Contract Review Service

    Download blueprint Master Contract Review and Negotiation for Software Agreements

    3.2 Vendor spotlight assessments

    See above for a vendor landscape overview of key ESG reporting software providers

    The purpose of this section is to showcase various vendors and companies that provide software solutions to help users manage and prioritize their ESG reporting initiatives.

    This section showcases the core capabilities of each software platform to provide Info-Tech members with industry insights regarding some of the key service providers that operate within the ESG vendor market landscape.

    Info-Tech members who are concerned with risks stemming from the inability to sort and disseminate unstructured ESG data reporting metrics or interested in learning more about software offerings that can help automate the data collection, processing, and management of ESG metrics will find high-level insights into the ESG vendor market space.

    Vendor spotlight

    A photo of Datamine Isystain

    The establishment of the Datamine ESG unit comes at the same time the mining sector is showing an increased interest in managing ESG and its component systems as part of a single scope.

    With miners collecting and dealing with ever-increasing quantities of data and looking for ways to leverage it to make data-driven decisions that enhance risk management and increase profitability, integrated software solutions are – now more than ever – essential in supporting continuous improvement and maintaining data fidelity and data integrity across the entire mining value chain.

    An example of Datamine Isystain An example of Datamine Isystain An example of Datamine Isystain

    Key Features:

    • Discover GIS for geochemical, water, erosion, and vegetation modelling and management.
    • Qmed for workforce health management, COVID testing, and vaccine administration.
    • MineMarket and Reconcilor for traceability and auditing, giving visibility to chain of custody and governance across the value chain, from resource modelling to shipping and sales.
    • Centric Mining Systems – intelligence software for real-time transparency and governance across multiple sites and systems, including key ESG performance indicator reporting.
    • Zyght – a leading health, safety, and environment solution for high-impact industries that specializes in environment, injury, risk management, safe work plans, document management, compliance, and reporting.
    • Isystain – a cloud-based platform uniquely designed to support health, safety & environment, sustainability reporting, compliance and governance, and social investment reporting. Designed for seamless integration within an organization’s existing software ecosystems providing powerful analytics and reporting capabilities to streamline the production of sustainability and performance reporting.

    Vendor spotlight

    A logo of Benchmark ESG

    Benchmark ESG provides industry-leading ESG data management and reporting software that can assist organizations in managing operational risk and compliance, sustainability, product stewardship, and ensuring responsible sourcing across complex global operations.

    An example of Benchmark ESG An example of Benchmark ESG

    Key Features:

    Vendor spotlight

    A logo of PWC

    PwC’s ESG Management Solution provides quick insights into ways to improve reporting transparency surrounding your organization’s ESG commitments.

    According to PwC’s most recent CEO survey, the number one motivator for CEOs in mitigating climate change risks is their own desire to help solve this global problem and drive transparency with stakeholders.
    Source: “Annual Global CEO Survey,” PwC, 2022.

    An example of PWC An example of PWC

    Key Features:

    • Streamlined data mining capabilities. PwC’s ESG solution provides the means to streamline, automate, and standardize the input of sustainability data based on non-financial reporting directive (NFRD) and corporate sustainability reporting directive (CSRD) regulations.
    • Company and product carbon footprint calculation and verification modules.
    • Robust dashboarding capabilities. Option to create custom-tailored sustainability monitoring dashboards or integrate existing ESG data from an application to existing dashboards.
    • Team management functionalities that allow for more accessible cross-departmental communication and collaboration. Ability to check progress on tasks, assign tasks, set automatic notifications/deadlines, etc.

    Vendor spotlight

    A logo of ServiceNow

    ServiceNow ESG Management (ESGM) and reporting platform helps organizations transform the way they manage, visualize, and report on issues across the ESG spectrum.

    The platform automates the data collection process and the organization and storage of information in an easy-to-use system. ServiceNow’s ESGM solution also develops dashboards and reports for internal user groups and ensures that external disclosure reports are aligned with mainstream ESG standards and frameworks.

    We know that doing well as a business is about more than profits. One workflow at a time, we believe we can change the world – to be more sustainable, equitable, and ethical.
    Source: ServiceNow, 2021.

    An example of ServiceNow

    Key Features:

    1. An executive dashboard to help coherently outline the status of various ESG indicators, including material topics, goals, and disclosure policies all in one centralized hub
    2. Status review modules. Ensure that your organization has built-in modules to help them better document and monitor their ESG goals and targets using a single source of truth.
    3. Automated disclosure modules. ESGM helps organizations create more descriptive ESG disclosure reports that align with industry accountability standards (e.g. SASB, GRI, CDP).

    Other key vendors to consider

    An image of other 12 key vendors

    Related Info-Tech Research

    Photo of The ESG Imperative and Its Impact on Organizations

    The ESG Imperative and Its Impact on Organizations

    Use this blueprint to educate yourself on ESG factors and the broader concept of sustainability.

    Identify changes that may be needed in your organizational operating model, strategy, governance, and risk management approach.

    Learn about Info-Tech’s ESG program approach and use it as a framework to begin your ESG program journey.

    Photo of Private Equity and Venture Capital Growing Impact of ESG Report

    Private Equity and Venture Capital Growing Impact of ESG Report

    Increasingly, new capital has a social mandate attached to it due to the rise of ESG investment principles.

    Learn about how the growing impact of ESG affects both your organization and IT specifically, including challenges and opportunities, with expert assistance.

    Definitions

    Terms

    Definition

    Corporate Social Responsibility

    Management concept whereby organizations integrate social and environmental concerns in their operations and interactions with their stakeholders.

    Chief Sustainability Officer

    Steers sustainability commitments, helps with compliance, and helps ensure internal commitments are met. Responsibilities may extend to acting as a liaison with government and public affairs, fostering an internal culture, acting as a change agent, and leading delivery.

    ESG

    An acronym that stands for environment, social, and governance. These are the three components of a sustainability program.

    ESG Standard

    Contains detailed disclosure criteria including performance measures or metrics. Standards provide clear, consistent criteria and specifications for reporting. Typically created through consultation process.

    ESG Framework

    A broad contextual model for information that provides guidance and shapes the understanding of a certain topic. It sets direction but does not typically delve into the methodology. Frameworks are often used in conjunction with standards.

    ESG Factors

    The factors or issues that fall under the three ESG components. Measures the sustainability performance of an organization.

    ESG Rating

    An aggregated score based on the magnitude of an organization’s unmanaged ESG risk. Ratings are provided by third-party rating agencies and are increasingly being used for financing, transparency to investors, etc.

    ESG Questionnaire

    ESG surveys or questionnaires are administered by third parties and used to assess an organization’s sustainability performance. Participation is voluntary.

    Key Risk Indicator (KRI)

    A measure to indicate the potential presence, level, or trend of a risk.

    Key Performance Indicator (KPI)

    A measure of deviation from expected outcomes to help a firm see how it is performing.

    Materiality

    Material topics are topics that have a direct or indirect impact on an organization's ability to create, preserve, or erode economic, environmental, and social impact for itself and its stakeholder and society as a whole.

    Materiality Assessment

    A tool to identify and prioritize the ESG issues most critical to the organization.

    Risk Sensing

    The range of activities carried out to identify and understand evolving sources of risk that could have a significant impact on the organization (e.g. social listening).

    Sustainability

    The ability of an organization and broader society to endure and survive over the long term by managing adverse impacts well and promoting positive opportunities.

    Sustainalytics

    Now part of Morningstar. Sustainalytics provides ESG research, ratings, and data to institutional investors and companies.

    UN Guiding Principles on Business and Human Rights (UNGPs)

    An essential methodological foundation for how impacts across all dimensions should be assessed.

    Reporting and standard frameworks

    Standard

    Definition and focus

    CDP
    (Formally Carbon Disclosure Project)

    CDP has created standards and metrics for comparing sustainability impact. Focuses on environmental data (e.g. carbon, water, and forests) and on data disclosure and benchmarking.

    Audience: All stakeholders

    Dow Jones Sustainability Indices (DJSI)

    Heavy on corporate governance and company performance. Equal balance of economic, environmental, and social.

    Audience: All stakeholders

    Global Reporting Initiative (GRI)

    International standards organization that has a set of standards to help organizations understand and communicate their impacts on climate change and social responsibility. The standard has a strong emphasis on transparency and materiality, especially on social issues.

    Audience: All stakeholders

    International Sustainability Standards Board (ISSB)

    Standard-setting board that sits within the International Financial Reporting Standards (IFRS) Foundation. The IFRS Foundation is a not-for-profit, public-interest organization established to develop high-quality, understandable, enforceable, and globally accepted accounting and sustainability disclosure standards.

    Audience: Investor-focused

    United Nations Sustainable Development Goals (SDGs)

    Global partnership across sectors and industries that sets out 17 goals to achieve sustainable development for all.

    Audience: All stakeholders

    Sustainability Accounting Standards Board (SASB)
    Now part of IFSR foundation

    Industry-specific standards to help corporations select topics that may impact their financial performance. Focus on material impacts on financial condition or operating performance.

    Audience: Investor-focused

    Task Force on Climate-Related Financial Disclosures (TCFD; created by the Financial Stability Board)

    Standards framework focused on the impact of climate risk on financial and operating performance. More broadly the disclosures inform investors of positive and negative measures taken to build climate resilience and make transparent the exposure to climate-related risk.

    Audience: Investors, financial stakeholders

    Bibliography

    "2021 Global Investor Survey: The Economic Realities of ESG." PwC, Dec. 2021. Accessed May 2022.

    "2023 Canadian ESG Reporting Insights." PwC, Nov. 2022. Accessed Dec. 2022.

    Althoff, Judson. "Microsoft Cloud for Sustainability: Empowering Organizations On Their Path To Net Zero." Microsoft Blog, 14 July 2021. Accessed May 2022.

    "Balancing Sustainability and Profitability." IBM, Feb. 2022. Accessed June. 2022.

    "Beyond Compliance: Consumers and Employees Want Business to Do More on ESG." PwC, Nov. 2021. Accessed July 2022.

    Bizo, Daniel. "Multi-Tenant Datacenters and Sustainability: Ambitions and Reality." S&P Market Intelligence, Sept. 2020. Web.

    Bolden, Kyle. "Aligning nonfinancial reporting with your ESG strategy to communicate long-term value." EY, 18 Dec. 2020. Web.

    Carril, Christopher, et al. "Looking at Restaurants Through an ESG Lens: ESG Stratify – Equity Research Report." RBC Capital Markets, 5 Jan. 2021. Accessed Jun. 2022.

    "Celebrating and Advancing Women." McDonald’s, 8 March 2019. Web.

    Clark, Anna. "Get your ESG story straight: A sustainability communication starter kit." GreenBiz, 20 Dec. 2022, Accessed Dec. 2022.

    Courtnell, Jane. “ESG Reporting Framework, Standards, and Requirements.” Corporate Compliance Insights, Sept. 2022. Accessed Dec. 2022.

    “Country Sustainability Ranking. Country Sustainability: Visibly Harmed by Covid-19.” Robeco, Oct. 2021. Accessed June 2022.

    “Defining the “G” in ESG Governance Factors at the Heart of Sustainable Business.” World Economic Forum, June 2022. Web.

    “Digital Assets: Laying ESG Foundations.” Global Digital Finance, Nov. 2021. Accessed April 2022.

    “Dow Jones Sustainability Indices (DJCI) Index Family.” S&P Global Intelligence, n.d. Accessed June 2022.

    "ESG in Your Business: The Edge You Need to Land Large Contracts." BDC, March 2023, Accessed April 2023.

    “ESG Performance and Its Impact on Corporate Reputation.” Intelex Technologies, May 2022. Accessed July 2022.

    “ESG Use Cases. IoT – Real-Time Occupancy Monitoring.” Metrikus, March 2021. Accessed April 2022.

    Fanter, Tom, et al. “The History & Evolution of ESG.” RMB Capital, Dec. 2021. Accessed May 2022.

    Flynn, Hillary, et al. “A guide to ESG materiality assessments.” Wellington Management, June 2022, Accessed September 2022

    “From ‘Disclose’ to ‘Disclose What Matters.’” Global Reporting Initiative, Dec. 2018. Accessed July 2022.

    “Getting Started with ESG.” Sustainalytics, 2022. Web.

    “Global Impact ESG Fact Sheet.” ServiceNow, Dec. 2021. Accessed June 2022.

    Gorley, Adam. “What is ESG and Why It’s Important for Risk Management.” Sustainalytics, March 2022. Accessed May 2022.

    Hall, Lindsey. “You Need Near-Term Accountability to Meet Long-Term Climate Goals.” S&P Global Sustainable1, Oct. 2021. Accessed April 2022.

    Henisz, Witold, et al. “Five Ways That ESG Creates Value.” McKinsey, Nov. 2019. Accessed July 2022.

    “Integrating ESG Factors in the Investment Decision-Making Process of Institutional Investors.” OECD iLibrary, n.d. Accessed July 2022.

    “Investor Survey.” Benchmark ESG, Nov. 2021. Accessed July 2022.

    Jackson, Brian. Tech Trends 2023, Info-Tech Research Group, Dec. 2022, Accessed Dec. 2022.

    Keet, Lior. “What Is the CIO’s Role in the ESG Equation?” EY, 2 Feb. 2022. Accessed May 2022.

    Lev, Helee, “Understanding ESG risks and why they matter” GreenBiz, June 2022. Accessed Dec 2022.

    Marsh, Chris, and Simon Robinson. “ESG and Technology: Impacts and Implications.” S&P Global Market Intelligence, March 2021. Accessed April 2022.

    Martini, A. “Socially Responsible Investing: From the Ethical Origins to the Sustainable Development Framework of the European Union.” Environment, Development and Sustainability, vol. 23, Nov. 2021. Web.

    Maher, Hamid, et al. “AI Is Essential for Solving the Climate Crisis.” Boston Consulting Group, 7 July 2022. Web.

    “Materiality Assessment. Identifying and Taking Action on What Matters Most.” Novartis, n.d. Accessed June. 2022.

    Morrow, Doug, et al. “Understanding ESG Incidents: Key Lessons for Investors.” Sustainalytics, July 2017. Accessed May 2022.

    “Navigating Climate Data Disclosure.” Novisto, July 2022. Accessed Nov. 2022.

    Nuttall, Robin, et al. “Why ESG Scores Are Here to Stay.” McKinsey & Company, May 2020. Accessed July 2022.

    “Opportunities in Sustainability – 451 Research’s Analysis of Sustainability Perspectives in the Data Center Industry.” Schneider Electric, Sept. 2020. Accessed May 2022.

    Peterson, Richard. “How Can NLP Be Used to Quantify ESG Analytics?” Refinitiv, Feb. 2021. Accessed June 2022.

    “PwC’s 25th Annual Global CEO Survey: Reimagining the Outcomes That Matter.” PwC, Jan. 2022. Accessed June 2022.

    “SEC Proposes Rules on Cybersecurity, Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies.” Securities and Exchange Commission, 9 May 2022. Press release.

    Serafeim, George. “Social-Impact Efforts That Create Real Value.” Harvard Business Review, Sept. 2020. Accessed May 2022.

    Sherrie, Gonzalez. “ESG Planning and Performance Survey.” Diligent, 24 Sept. 2021. Accessed July 2022.

    “Special Reports Showcase, Special Report: Mid-Year Report on Proposed SEC Rule 14-8 Change.” Sustainable Investments Institute, July 2020. Accessed April 2022.

    “State of European Tech. Executive Summary Report.” Atomico, Nov. 2021. Accessed June 2022.

    “Top Challenges in ESG Reporting, and How ESG Management Solution Can Help.” Novisto, Sept. 2022. Accessed Nov. 2022.

    Vaughan-Smith, Gary. “Navigating ESG data sets and ‘scores’.” Silverstreet Capital, 23 March 2022. Accessed Dec. 2022.

    Waters, Lorraine. “ESG is not an environmental issue, it’s a data one.” The Stack, 20 May 2021. Web.

    Wells, Todd. “Why ESG, and Why Now? New Data Reveals How Companies Can Meet ESG Demands – And Innovate Supply Chain Management.” Diginomica, April 2022. Accessed July 2022.

    “XBRL is coming to corporate sustainability Reporting.” Novisto, Aug. 2022. Accessed Dec. 2022.

    Research Contributors and Experts

    Photo of Chris Parry

    Chris Parry
    VP of ESG, Datamine

    Chris Parry has recently been appointed as the VP of ESG at Datamine Software. Datamine’s dedicated ESG division provides specialized ESG technology for sustainability management by supporting key business processes necessary to drive sustainable outcomes.

    Chris has 15 years of experience building and developing business for enterprise applications and solutions in both domestic and international markets.

    Chris has a true passion for business-led sustainable development and is focused on helping organizations achieve their sustainable business outcomes through business transformation and digital software solutions.

    Datamine’s comprehensive ESG capability supports ESG issues such as the environment, occupational health and safety, and medical health and wellbeing. The tool assists with risk management, stakeholder management and business intelligence.

    Diagnose and Optimize Your Lead Gen Engine

    • Buy Link or Shortcode: {j2store}567|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Marketing Solutions
    • Parent Category Link: /marketing-solutions

    88% of marketing professionals are unsatisfied with their ability to convert leads (Convince & Convert), but poor lead conversion is just a symptom of much deeper problems.

    Globally, B2B SaaS marketers without a well-running lead gen engine will experience:

    • A low volume of quality leads from their website.
    • A low conversion rate from their website visitors.
    • A long lead conversion time compared to competitors.
    • A low volume of organic website visitors.

    If treated without a root cause analysis, these symptoms often result in higher-than-average marketing spend and wasted resources. Without an accurate lead gen engine diagnostic tool and a strategy to fix the misfires, marketers will continue to waste valuable time and resources.

    Our Advice

    Critical Insight

    The lead gen engine is foundational in building profitable long-term customer relationships. It is the process through which marketers build awareness, trust, and loyalty. Without the ability to continually diagnose lead gen engine flaws, marketers will fail to optimize new customer relationship creation and long-term satisfaction and loyalty.

    Impact and Result

    With a targeted set of diagnostic tools and an optimization strategy, you will:

    • Uncover the critical weakness in your lead generation engine.
    • Develop a best-in-class lead gen engine optimization strategy that builds relationships, creates awareness, and establishes trust and loyalty with prospects.
    • Build profitable long-term customer relationships.

    Organizations who activate the findings from their lead generation diagnostic and optimization strategy will decrease the time and budget spent on lead generation by 25% to 50%. They will quickly uncover inefficiencies in their lead gen engine and develop a proven lead generation optimization strategy based on the diagnostic findings.

    Diagnose and Optimize Your Lead Gen Engine Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Diagnose and Optimize Your Lead Gen Engine Deck – A deck to help you diagnose what’s not working in your lead gen engine so that you can remedy issues and get back on track, building new customer relationships and driving loyalty.

    Organizations who activate the findings from their lead generation diagnostic and optimization strategy will decrease the time and budget spent on lead generation by 25% to 50%. They will quickly uncover inefficiencies in their lead gen engine and develop a proven lead generation optimization strategy based on the diagnostic findings.

    • Diagnose and Optimize Your Lead Gen Engine Storyboard

    2. Lead Gen Engine Diagnostic Tool – An easy-to-use diagnostic tool that will help you pinpoint weakness within your lead gen engine.

    The diagnostic tool allows digital marketers to quickly and easily diagnose weakness within your lead gen engine.

    • Lead Gen Engine Diagnostic Tool

    3. Lead Gen Engine Optimization Strategy Template – A step-by-step document that walks you through how to properly optimize the performance of your lead gen engine.

    Develop a best-in-class lead gen engine optimization strategy that builds relationships, creates awareness, and establishes trust and loyalty with prospects.

    • Lead Gen Engine Optimization Strategy Template

    Infographic

    Further reading

    Diagnose and Optimize Your Lead Gen Engine

    Quickly and easily pinpoint any weakness in your lead gen engine so that you stop wasting money and effort on ineffective advertising and marketing.

    EXECUTIVE BRIEF

    Analyst Perspective

    Quickly and easily pinpoint any weakness in your lead gen engine so that you stop wasting money and effort on ineffective advertising and marketing.

    The image contains a photo of Terra Higginson.

    Senior digital marketing leaders are accountable for building relationships, creating awareness, and developing trust and loyalty with website visitors, thereby delivering high-quality, high-value leads that Sales can easily convert to wins. Unfortunately, many marketing leaders report that their website visitors are low-quality and either disengage quickly or, when they engage further with lead gen engine components, they just don’t convert. These marketing leaders urgently need to diagnose what’s not working in three key areas in their lead gen engine to quickly remedy the issue and get back on track, building new customer relationships and driving loyalty. This blueprint will provide you with a tool to quickly and easily diagnose weakness within your lead gen engine. You can use the results to create a strategy that builds relationships, creates awareness, and establishes trust and loyalty with prospects.

    Terra Higginson

    Marketing Research Director

    SoftwareReviews

    Executive Summary

    Your Challenge

    Globally, business-to-business (B2B) software-as-a-service (SaaS) marketers without a well-running lead gen engine will experience:

    • A low volume of quality leads from their website.
    • A low conversion rate from their website visitors.
    • A long lead conversion time compared to competitors.
    • A low volume of organic website visitors.

    88% of marketing professionals are unsatisfied with their ability to convert leads (Convince & Convert), but poor lead conversion is just a symptom of a much larger problem with the lead gen engine. Without an accurate lead gen engine diagnostic tool and a strategy to fix the leaks, marketers will continue to waste valuable time and resources.

    Common Obstacles

    Even though lead generation is a critical element of marketing success, marketers struggle to fix the problems with their lead gen engine due to:

    • A lack of resources.
    • A lack of budget.
    • A lack of experience in implementing effective lead generation strategies.

    Most marketers spend too much on acquiring leads and not enough on converting and keeping them. For every $92 spent acquiring customers, only $1 is spent converting them (Econsultancy, cited in Outgrow). Marketers are increasingly under pressure to deliver high-quality leads to sales but work under tight budgets with inadequate or inexperienced staff who don’t understand the importance of optimizing the lead generation process.

    SoftwareReviews’ Approach

    With a targeted set of diagnostic tools and an optimization strategy, you will:

    • Uncover the critical weakness in your lead generation engine.
    • Develop a best-in-class lead gen engine optimization strategy that builds relationships, creates awareness, and establishes trust and loyalty with prospects.
    • Build profitable long-term customer relationships.

    Organizations who activate the findings from their lead generation diagnostic and optimization strategy will decrease the time and budget spent on lead generation by 25% to 50%. They will quickly uncover inefficiencies in their lead gen engine and develop a proven lead generation optimization strategy based on the diagnostic findings.

    SoftwareReviews Insight

    The lead gen engine is foundational in building profitable long-term customer relationships. It is the process through which marketers build awareness, trust, and loyalty. Without the ability to continually diagnose lead gen engine flaws, marketers will fail to optimize new customer relationship creation and long-term satisfaction and loyalty.

    Your Challenge

    88% of marketing professionals are unsatisfied with their ability to convert leads, but poor lead conversion is just a symptom of much deeper problems.

    Globally, B2B SaaS marketers without a well-running lead gen engine will experience:

    • A low volume of organic website visitors.
    • A low volume of quality leads from their website.
    • A low conversion rate from their website visitors.
    • A longer lead conversion time than competitors in the same space.

    If treated without a root-cause analysis, these symptoms often result in higher-than-average marketing spend and wasted resources. Without an accurate lead gen engine diagnostic tool and a strategy to fix the misfires, marketers will continue to waste valuable time and resources.

    88% of marketers are unsatisfied with lead conversion (Convince & Convert).

    The image contains a diagram that demonstrates a flowchart of the areas where visitors fail to convert. It incorporates observations, benchmarks, and uses a flowchart to diagnose the root causes.

    Benchmarks

    Compare your lead gen engine metrics to industry benchmarks.

    For every 10,000 people that visit your website, 210 will become leads.

    For every 210 leads, 101 will become marketing qualified leads (MQLs).

    For every 101 MQLs, 47 will become sales qualified leads (SQLs).

    For every 47 SQLs, 23 will become opportunities.

    For every 23 opportunities, nine will become customers.

    .9% to 2.1%

    36% to 48%

    28% to 46%

    39% to 48%

    32% to 40%

    Leads Benchmark

    MQL Benchmark

    SQL Benchmark

    Opportunity Benchmark

    Closing Benchmark

    The percentage of website visitors that convert to leads.

    The percentage of leads that convert to marketing qualified leads.

    The percentage of MQLs that convert to sales qualified leads.

    The percentage of SQLs that convert to opportunities.

    The percentage of opportunities that are closed.

    Midmarket B2B SaaS Industry

    Source: “B2B SaaS Marketing KPIs,” First Page Sage, 2021

    Common obstacles

    Why do most organizations improperly diagnose a misfiring lead gen engine?

    Lack of Clear Starting Point

    The lead gen engine is complex, with many moving parts, and marketers and marketing ops are often overwhelmed about where to begin diagnosis.

    Lack of Benchmarks

    Marketers often call out metrics such as increasing website visitors, contact-to-lead conversions, numbers of qualified leads delivered to Sales, etc., without a proven benchmark to compare their results against.

    Lack of Alignment Between Marketing and Sales

    Definitions of a contact, a marketing qualified lead, a sales qualified lead, and a marketing influenced win often vary.

    Lack of Measurement Tools

    Integration gaps between the website, marketing automation, sales enablement, and analytics exist within some 70% of enterprises. The elements of the marketing (and sales) tech stack change constantly. It’s hard to keep up.

    Lack of Understanding of Marketing ROI

    This drives many marketers to push the “more” button – more assets, more emails, more ad spend – without first focusing on optimization and effectiveness.

    Lack of Resources

    Marketers have an endless list of to-dos that drive them to produce daily results. Especially among software startups and mid-sized companies, there are just not enough staff with the right skills to diagnose and fix today’s sophisticated lead gen engines.

    Implications of poor diagnostics

    Without proper lead gen engine diagnostics, marketing performs poorly

    • The lead gen engine builds relationships and trust. When a broken lead gen engine goes unoptimized, customer relationships are at risk.
    • When the lead gen engine isn’t working well, customer acquisition costs rise as more expensive sales resources are charged with prospect qualification.
    • Without a well-functioning lead gen engine, marketers lack the foundation they need to create awareness among prospects – growth suffers.
    • Marketers will throw money at content or ads to generate more leads without any real understanding of engine leakage and misfires – your cost per lead climbs and reduces marketing profitability.

    Most marketers are spending too much on acquiring leads and not enough on converting and keeping them. For every $92 spent acquiring customers, only $1 is spent converting them.

    Source: Econsultancy, cited in Outgrow

    Lead gen engine optimization increases the efficiency of your marketing efforts and has a 223% ROI.

    Source: WordStream

    Benefits of lead gen engine diagnostics

    Diagnosing your lead gen engine delivers key benefits:

    • Pinpoint weakness quickly. A quick and accurate lead gen engine diagnostic tool saves Marketing 50% of the effort spent uncovering the reason for low conversion and low-quality leads.
    • Optimize more easily. Marketing executives will save 70% of the time spent creating a lead gen optimization marketing strategy based upon the diagnostic findings.
    • Maximize marketing ROI. Build toward and maintain the golden 3:1 LTV:CAC (lifetime value to customer acquisition cost) ratio for B2B SaaS marketing.
    • Stop wasting money on ineffective advertising and marketing. Up to 75% of your marketing budget is being inefficiently spent if you are running on a broken lead gen engine.

    “It’s much easier to double your business by doubling your conversion rate than by doubling your traffic. Correct targeting and testing methods can increase conversion rates up to 300 percent.” – Jeff Eisenberg, IterateStudio

    Source: Lift Division

    True benefits of fixing the lead gen engine

    These numbers add up to a significant increase in marketing influenced wins.

    175%
    Buyer Personas Increase Revenue
    Source: Illumin8

    202%
    Personalized CTAs Increase Conversions
    Source: HubSpot

    50%
    Lead Magnets Increase Conversions
    Source: ClickyDrip

    79%
    Lead Scoring Increases Conversions
    Source: Bloominari

    50%
    Lead Nurturing Increases Conversions
    Source: KevinTPayne.com

    80%
    Personalized Landing Pages Increase Conversions
    Source: HubSpot

    Who benefits from an optimized lead gen engine?

    This Research Is Designed for:

    • Senior digital marketing leaders who are:
      • Looking to increase conversions.
      • Looking to increase the quality of leads.
      • Looking to increase the value of leads.

    This Research Will Help You:

    • Diagnose issues with your lead gen engine.
    • Create a lead gen optimization strategy and a roadmap.

    This Research Will Also Assist:

    • Digital marketing leaders and product marketing leaders who are:
      • Looking to decrease the effort needed by Sales to close leads.
      • Looking to increase leadership’s faith in Marketing’s ability to generate high-quality leads and conversions.

    This Research Will Help Them:

    • Align the Sales and Marketing teams.
    • Receive the necessary buy-in from management to increase marketing spend and headcount.
    • Avoid product failure.
    The image contains a screenshot of the thought model that is titled: Diagnose and Optimize your Lead Gen Engine. The image contains the screenshot of the previous image shown on Where Lead Gen Engines Fails, and includes new information. The flowchart connects to a box that says: STOP, Your engine is broken. It then explains phase 1, the diagnostic, and then phase 2 Optimization strategy.

    SoftwareReviews’ approach

    1. Diagnose Misfires in the Lead Gen Engine
    2. Identifying any areas of weakness within your lead gen engine is a fundamental first step in improving conversions, ROI, and lead quality.

    3. Create a Lead Gen Optimization Strategy
    4. Optimize your lead gen strategy with an easily customizable template that will provide your roadmap for future growth.

    The SoftwareReviews Methodology to Diagnose and Optimize Your Lead Gen Engine

    1. Lead Gen Engine Diagnostic

    2. Lead Gen Engine Optimization Strategy

    Phase Steps

    1. Select lead gen engine optimization steering committee & working team
    2. Gather baseline metrics
    3. Run the lead gen engine diagnostic
    4. Identify low-scoring areas & prioritize lead gen engine fixes
    1. Define the roadmap
    2. Create lead gen engine optimization strategy
    3. Present strategy to steering committee

    Phase Outcomes

    • Identify weakness within the lead gen engine.
    • Prioritize the most important fixes within the lead gen engine.
    • Create a best-in-class lead gen engine optimization strategy and roadmap that builds relationships, creates awareness, and develops trust and loyalty with website visitors.
    • Increase leadership’s faith in Marketing’s ability to generate high-quality leads and conversions.

    Insight Summary

    The lead gen engine is the foundation of marketing

    The lead gen engine is critical to building relationships. It is the foundation upon which marketers build awareness, trust, and loyalty.

    Misalignment between Sales and Marketing is costly

    Digital marketing leaders need to ensure agreement with Sales on the definition of a marketing qualified lead (MQL), as it is the most essential element of stakeholder alignment.

    Prioritization is necessary for today’s marketer

    By prioritizing the fixes within the lead gen engine that have the highest impact, a marketing leader will be able to focus their optimization efforts in the right place.

    Stop, your engine is broken

    Any advertising or effort expended while running marketing on a broken lead gen engine is time and money wasted. It is only once the lead gen engine is fixed that marketers will see the true results of their efforts.

    Tactical insight

    Without a well-functioning lead gen engine, marketers risk wasting valuable time and money because they aren’t creating relationships with prospects that will increase the quality of leads, conversion rate, and lifetime value.

    Tactical insight

    The foundational lead relationship must be built at the marketing level, or else Sales will be entirely responsible for creating these relationships with low-quality leads, risking product failure.

    Blueprint Deliverable:

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Lead Gen Engine Diagnostic

    An efficient and easy-to-use diagnostic tool that uncovers weakness in your lead gen engine.

    The image contains a screenshot of the Lead Gen Engine Diagnostic is shown.

    Key Deliverable:

    Lead Gen Engine Optimization Strategy Template

    The image contains a screenshot of the Lead Gen Engine Optimization Strategy.

    A comprehensive strategy for optimizing conversions and increasing the quality of leads.

    SoftwareReviews Offers Various Levels of Support to Meet Your Needs

    Included within Advisory Membership:

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Optional add-ons:

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Guided Implementation

    What does a typical GI on lead gen engine diagnostics look like?

    Diagnose Your Lead Gen Engine

    Call #1: Scope requirements, objectives, and specific challenges with your lead gen engine.

    Call #2: Gather baseline metrics and discuss the steering committee and working team.

    Call #3: Review results from baseline metrics and answer questions.

    Call #4: Discuss the lead gen engine diagnostic tool and your steering committee.

    Call #5: Review results from the diagnostic tool and answer questions.

    Develop Your Lead Gen Engine Optimization Strategy

    Call #6: Identify components to include in the lead gen engine optimization strategy.

    Call #7: Discuss the roadmap for continued optimization.

    Call #8: Review final lead gen engine optimization strategy.

    Call #9: (optional) Follow-up quarterly to check in on progress and answer questions.

    A Guided Implementation (GI) is series of calls with a SoftwareReviews Advisory analyst to help implement our best practices in your organization. For guidance on marketing applications, we can arrange a discussion with an Info-Tech analyst. Your engagement managers will work with you to schedule analyst calls.

    Workshop Overview

    Day 1

    Day 2

    Activities

    Complete Lead Gen Engine Diagnostic

    1.1 Identify the previously selected lead gen engine steering committee and working team.

    1.2 Share the baseline metrics that were gathered in preparation for the workshop.

    1.3 Run the lead gen engine diagnostic.

    1.4 Identify low-scoring areas and prioritize lead gen engine fixes.

    Create Lead Gen Engine Optimization Strategy

    2.1 Define the roadmap.

    2.2 Create a lead gen engine optimization strategy.

    2.3 Present the strategy to the steering committee.

    Deliverables

    1. Lead gen engine diagnostic scorecard

    1. Lead gen engine optimization strategy

    Contact your account representative for more information.

    workshops@infotech.com1-888-670-8889

    Phase 1

    Lead Gen Engine Diagnostic

    Phase 1

    Phase 2

    1.1 Select lead gen engine steering committee & working team

    1.2 Gather baseline metrics

    1.3 Run the lead gen engine diagnostic

    1.4 Identify & prioritize low-scoring areas

    2.1 Define the roadmap

    2.2 Create lead gen engine optimization strategy

    2.3 Present strategy to steering committee

    This phase will walk you through the following activities:

    The diagnostic tool will allow you to quickly and easily identify the areas of weakness in the lead gen engine by answering some simple questions. The steps include:

    • Select the lead gen engine optimization committee and team.
    • Gather baseline metrics.
    • Run the lead gen engine diagnostic.
    • Identify and prioritize low-scoring areas.

    This phase involves the following participants:

    • Marketing lead
    • Lead gen engine steering committee

    Step 1.1

    Identify Lead Gen Engine Optimization Steering Committee & Working Team

    Activities

    1.1.1 Identify the lead gen engine optimization steering committee and document in the Lead Gen Engine Optimization Strategy Template

    1.1.2 Identify the lead gen engine optimization working team document in the Lead Gen Engine Optimization Strategy Template

    This step will walk you through the following activities:

    Identify the lead gen engine optimization steering committee.

    This step involves the following participants:

    • Marketing director
    • Leadership

    Outcomes of this step

    An understanding of who will be responsible and who will be accountable for accomplishing the lead gen engine diagnostic and optimization strategy.

    1.1.1 Identify the lead gen engine optimization steering committee

    1-2 hours

    1. The marketing lead should meet with leadership to determine who will make up the steering committee for the lead gen engine optimization.
    2. Document the steering committee members in the Lead Gen Engine Optimization Strategy Template slide entitled “The Steering Committee.”

    Input

    Output

    • Stakeholders and leaders across the various functions outlined on the next slide
    • List of the lead gen engine optimization strategy steering committee members

    Materials

    Participants

    • Lead Gen Engine Optimization Strategy Template
    • Marketing director
    • Executive leadership

    Download the Lead Gen Engine Optimization Strategy Template

    Lead gen engine optimization steering committee

    Consider the skills and knowledge required for the diagnostic and the implementation of the strategy. Constructing a cross-functional steering committee will be essential for the optimization of the lead gen engine. At least one stakeholder from each relevant department should be included in the steering committee.

    Required Skills/Knowledge

    Suggested Functions

    • Target Buyer
    • Product Roadmap
    • Brand
    • Competitors
    • Campaigns/Lead Gen
    • Sales Enablement
    • Media/Analysts
    • Customer Satisfaction
    • Data Analytics
    • Ad Campaigns
    • Competitive Intelligence
    • Product Marketing
    • Product Management
    • Creative Director
    • Competitive Intelligence
    • Field Marketing
    • Sales
    • PR/AR/Corporate Comms
    • Customer Success
    • Analytics Executive
    • Campaign Manager

    For small and mid-sized businesses (SMB), because employees wear many different hats, assign people that have the requisite skills and knowledge, not the role title.

    The image contains examples of small and mid-sized businesses, and the different employee recommendations.

    1.1.2 Identify the lead gen engine optimization working team

    1-2 hours

    1. The marketing director should meet with leadership to determine who will make up the working team for the lead gen engine optimization.
    2. Finalize selection of team members and fill out the slide entitled “The Working Team” in the Lead Gen Engine Optimization Strategy Template.

    Input

    Output

    • Executives and analysts responsible for execution of tasks across Marketing, Product, Sales, and IT
    • The lead gen engine optimization working team

    Materials

    Participants

    • The Lead Gen Engine Optimization Strategy Template
    • Marketing director
    • Executive leadership

    Download the Lead Gen Engine Optimization Strategy Template

    Lead gen engine working team

    Consider the working skills required for the diagnostic and implementation of the strategy and assign the working team.

    Required Skills/Knowledge

    Suggested Titles

    • SEO
    • Inbound Marketing
    • Paid Advertising
    • Website Development
    • Content Creation
    • Lead Scoring
    • Landing Pages
    • A/B Testing
    • Email Campaigns
    • Marketing and Sales Automation
    • SEO Analyst
    • Content Marketing Manager
    • Product Marketing Manager
    • Website Manager
    • Website Developer
    • Sales Manager
    • PR
    • Customer Success Manager
    • Analytics Executive
    • Campaign Manager

    Step 1.2

    Gather Baseline Metrics

    Activities

    1.2.1 Gather baseline metrics and document in the Lead Gen Engine Optimization Strategy Template

    This step will walk you through the following activities:

    Gather baseline metrics.

    This step involves the following participants:

    • Marketing director
    • Analytics lead

    Outcomes of this step

    Understand and document baseline marketing metrics.

    1.2.1 Gather baseline metrics and document in the Lead Gen Engine Optimization Strategy Template

    1-2 hours

    1. Use the example on the next slide to learn about the B2B SaaS industry-standard baseline metrics.
    2. Meet with the analytics lead to analyze and record the data within the “Baseline Metrics” slide of the Lead Gen Engine Optimization Strategy Template. The baseline metrics will include:
      • Unique monthly website visitors
      • Visitor to lead conversion rate
      • Lead to MQL conversion rate
      • Customer acquisition cost (CAC)
      • Lifetime customer value to customer acquisition cost (LTV to CAC) ratio
      • Campaign ROI

    Recording the baseline data allows you to measure the impact your lead gen engine optimization strategy has over the baseline.

    Input

    Output
    • Marketing and analytics data
    • Documentation of baseline marketing metrics

    Materials

    Participants

    • The lead gen engine optimization strategy
    • Marketing director
    • Analytics lead

    B2B SaaS baseline metrics

    Industry standard metrics for B2B SaaS in 2022

    Unique Monthly Visitors

    Industry standard is 5% to 10% growth month over month.

    Visitor to Lead Conversion

    Industry standard is between 0.9% to 2.1%.

    Lead to MQL Conversion

    Industry standard is between 36% to 48%.

    CAC

    Industry standard is a cost of $400 to $850 per customer acquired.

    LTV to CAC Ratio

    Industry standard is an LTV:CAC ratio between 3 to 6.

    Campaign ROI

    Email: 201%

    Pay-Per-Click (PPC): 36%

    LinkedIn Ads: 94%

    Source: “B2B SaaS Marketing KPIs,” First Page Sage, 2021

    Update the Lead Gen Optimization Strategy Template with your company’s baseline metrics.

    Download the Lead Gen Engine Optimization Strategy Template

    Step 1.3

    Run the Lead Gen Engine Diagnostic

    Activities

    1.3.1 Gather steering committee and working team to complete the Lead Gen Engine Diagnostic Tool

    This step will walk you through the following activities:

    Gather the steering committee and answer the questions within the Lead Gen Engine Diagnostic Tool.

    This step involves the following participants:

    • Lead gen engine optimization working team
    • Lead gen engine optimization steering committee

    Outcomes of this step

    Lead gen engine diagnostic and scorecard

    1.3.1 Gather the committee and team to complete the Lead Gen Engine Diagnostic Tool

    2-3 hours

    1. Schedule a two-hour meeting with the steering committee and working team to complete the Lead Gen Engine Diagnostic Tool. To ensure the alignment of all departments and the quality of results, all steering committee members must participate.
    2. Answer the questions within the tool and then review your company’s results in the Results tab.

    Input

    Output

    • Marketing and analytics data
    • Diagnostic scorecard for the lead gen engine

    Materials

    Participants

    • Lead Gen Engine Diagnostic Tool
    • Marketing director
    • Analytics lead

    Download the Lead Gen Engine Diagnostic Tool

    Step 1.4

    Identify & Prioritize Low-Scoring Areas

    Activities

    1.4.1 Identify and prioritize low-scoring areas from the diagnostic scorecard

    This step will walk you through the following activities:

    Identify and prioritize the low-scoring areas from the diagnostic scorecard.

    This step involves the following participants:

    • Marketing director

    Outcomes of this step

    A prioritized list of the lead gen engine problems to include in the Lead Gen Engine Optimization Strategy Template

    1.4.1 Identify and prioritize low-scoring areas from the diagnostic scorecard

    1 hour

    1. Transfer the results from the Lead Gen Engine Diagnostic Scorecard Results tab to the Lead Gen Engine Optimization Strategy Template slide entitled “Lead Gen Engine Diagnostic Scorecard.”
      • Results between 0 and 2 should be listed as high-priority fixes on the “Lead Gen Engine Diagnostic Scorecard” slide. You will use these areas for your strategy.
      • Results between 2 and 3 should be listed as medium-priority fixes on “Lead Gen Engine Diagnostic Scorecard” slide. You will use these areas for your strategy.
      • Results between 3 and 4 are within the industry standard and will require no fixes or only small adjustments.

    Input

    Output

    • Marketing and analytics data
    • Documentation of baseline marketing metrics

    Materials

    Participants

    • Lead Gen Engine Optimization Strategy Template
    • Marketing director
    • Analytics lead

    Download the Lead Gen Engine Diagnostic Tool

    Phase 2

    Lead Gen Engine Optimization Strategy

    Phase 1

    Phase 2

    1.1 Select lead gen engine steering committee & working team

    1.2 Gather baseline metrics

    1.3 Run the lead gen engine diagnostic

    1.4 Identify & prioritize low-scoring areas

    2.1 Define the roadmap

    2.2 Create lead gen engine optimization strategy

    2.3 Present strategy to steering committee

    This phase will walk you through the following activities:

    Create a best-in-class lead gen optimization strategy and roadmap based on the weaknesses found in the diagnostic tool. The steps include:

    • Define the roadmap.
    • Create a lead gen engine optimization strategy.
    • Present the strategy to the steering committee.

    This phase involves the following participants:

    • Marketing director

    Step 2.1

    Define the Roadmap

    Activities

    2.1.1 Create the roadmap for the lead gen optimization strategy

    This step will walk you through the following activities:

    Create the optimization roadmap for your lead gen engine strategy.

    This step involves the following participants:

    • Marketing director

    Outcomes of this step

    Strategy roadmap

    2.1.1 Create the roadmap for the lead gen optimization strategy

    1 hour

    1. Copy the results from "The Lead Gen Engine Diagnostic Scorecard" slide to the "Value, Resources & Roadmap Matrix" slide in the Lead Gen Engine Optimization Strategy Template. Adjust the Roadmap Quarter column after evaluating the internal resources of your company and expected value generated.
    2. Using these results, create your strategy roadmap by updating the slide entitled “The Strategy Roadmap” in the Lead Gen Engine Optimization Strategy Template.

    Input

    Output

    • Diagnostic scorecard
    • Strategy roadmap

    Materials

    Participants

    • Lead Gen Engine Optimization Strategy Template
    • Marketing Director

    Download the Lead Gen Engine Optimization Strategy Template

    Step 2.2

    Create the Lead Gen Engine Optimization Strategy

    Activities

    2.2.1 Customize your lead gen engine optimization strategy using the template

    This step will walk you through the following activities:

    Create a lead gen engine optimization strategy based on the results of your diagnostic scorecard.

    This step involves the following participants:

    Marketing director

    Outcomes of this step

    A leadership-facing lead gen optimization strategy

    2.2.1 Customize your lead gen engine optimization strategy using the template

    2-3 hours

    Review the strategy template:

    1. Use "The Strategy Roadmap" slide to organize the remaining slides from the Q1, Q2, and Q3 sections.
      1. Fixes listed in "The Strategy Roadmap" under Q1 should be placed within the Q1 section.
      2. Fixes listed in "The Strategy Roadmap" under Q2 should be placed within the Q2 section.
      3. Fixes listed in "The Strategy Roadmap" under Q3 should be placed within the Q3 section.

    Input

    Output

    • The strategy roadmap
    • Your new lead gen engine optimization strategy

    Materials

    Participants

    • Lead Gen Engine Optimization Strategy Template
    • Marketing director

    Download the Lead Gen Engine Optimization Strategy Template

    Step 2.3

    Present the strategy to the steering committee

    Activities

    2.3.1 Present the findings of the diagnostic and the lead gen optimization strategy to the steering committee.

    This step will walk you through the following activities:

    Get executive buy-in on the lead gen engine optimization strategy.

    This step involves the following participants:

    • Marketing director
    • Steering committee

    Outcomes of this step

    • Buy-in from leadership on the strategy

    2.3.1 Present findings of diagnostic and lead gen optimization strategy to steering committee

    1-2 hours

    1. Schedule a presentation to present the findings of the diagnostic, the lead gen engine optimization strategy, and the roadmap to the steering committee.
    InputOutput
    • Your company’s lead gen engine optimization strategy
    • Official outline of strategy and buy-in from executive leadership

    Materials

    Participants

    • Lead Gen Engine Optimization Strategy Template
    • Marketing director
    • Executive leadership
    • Steering committee

    Download the Lead Gen Engine Optimization Strategy Template

    Related SoftwareReviews Research

    Create a Buyer Persona and Journey

    Make it easier to market, sell, and achieve product-market fit with deeper buyer understanding.

    • Reduce time and treasure wasted chasing the wrong prospects.
    • Improve product-market fit.
    • Increase open and click-through rates in your lead gen engine.
    • Perform more effective sales discovery and increase eventual win rates.

    Optimize Lead Generation With Lead Scoring

    In today’s competitive environment, optimizing Sales’ resources by giving them qualified leads is key to B2B marketing success.

    • Lead scoring is a must-have capability for high-tech marketers.
    • Without lead scoring, marketers will see increased costs of lead generation and decreased SQL-to-opportunity conversion rates.
    • Lead scoring increases sales productivity and shortens sales cycles.

    Build a More Effective Go-to-Market Strategy

    Creating a compelling go-to-market strategy and keeping it current is a critical software company function – as important as financial strategy, sales operations, and even corporate business development – given its huge impact on the many drivers of sustainable growth.

    • Align stakeholders on a common vision and execution plan.
    • Build a foundation of buyer and competitive understanding.
    • Deliver a team-aligned launch plan that enables commercial success.

    Bibliography

    “11 Lead Magnet Statistics That Might Surprise You.” ClickyDrip, 28 Dec. 2020. Accessed April 2022.

    “45 Conversion Rate Optimization Statistics Every Marketer Should Know.” Outgrow, n.d. Accessed April 2022.

    Bailyn, Evan. “B2B SaaS Funnel Conversion Benchmarks.” First Page Sage, 24 Feb. 2021. Accessed April 2022.

    Bailyn, Evan. “B2B SaaS Marketing KPIs: Behind the Numbers.” First Page Sage, 1 Sept. 2021. Accessed April 2022.

    Conversion Optimization.” Lift Division, n.d. Accessed April 2022.

    Corson, Sean. “LTV:CAC Ratio [2022 Guide] | Benchmarks, Formula, Tactics.” Daasity, 3 Nov. 2021. Accessed April 2022.

    Dudley, Carrie. “What are personas?” Illumin8, 26 Jan. 2018. Accessed April 2022.

    Godin, Seth. “Permission Marketing.” Accenture, Oct. 2009. Accessed April 2022.

    Lebo, T. “Lead Conversion Statistics All B2B Marketers Need to Know.” Convince & Convert, n.d. Accessed April 2022.

    Lister, Mary. “33 CRO & Landing Page Optimization Stats to Fuel Your Strategy.” WordStream, 24 Nov. 2021. [Accessed April 2022].

    Nacach, Jamie. “How to Determine How Much Money to Spend on Lead Generation Software Per Month.” Bloominari, 18 Sept. 2018. Accessed April 2022.

    Needle, Flori. “11 Stats That Make a Case for Landing Pages.” HubSpot, 10 June 2021. Accessed April 2022.

    Payne, Kevin. “10 Effective Lead Nurturing Tactics to Boost Your Sales.” Kevintpayne.com, n.d. Accessed April 2022.

    Tam, Edwin. “ROI in Marketing: Lifetime Value (LTV) & Customer Acquisition Cost (CAC).” Construct Digital, 19 Jan. 2016. Accessed April 2022.

    Build a Vendor Security Assessment Service

    • Buy Link or Shortcode: {j2store}318|cart{/j2store}
    • member rating overall impact: 9.0/10 Overall Impact
    • member rating average dollars saved: $17,501 Average $ Saved
    • member rating average days saved: 17 Average Days Saved
    • Parent Category Name: Threat Intelligence & Incident Response
    • Parent Category Link: /threat-intelligence-incident-response
    • Vendor security risk management is a growing concern for many organizations. Whether suppliers or business partners, we often trust them with our most sensitive data and processes.
    • More and more regulations require vendor security risk management, and regulator expectations in this area are growing.
    • However, traditional approaches to vendor security assessments are seen by business partners and vendors as too onerous and are unsustainable for information security departments.

    Our Advice

    Critical Insight

    • An efficient and effective assessment process can only be achieved when all stakeholders are participating.
    • Security assessments are time-consuming for both you and your vendors. Maximize the returns on your effort with a risk-based approach.
    • Effective vendor security risk management is an end-to-end process that includes assessment, risk mitigation, and periodic re-assessments.

    Impact and Result

    • Develop an end-to-end security risk management process that includes assessments, risk treatment through contracts and monitoring, and periodic re-assessments.
    • Base your vendor assessments on the actual risks to your organization to ensure that your vendors are committed to the process and you have the internal resources to fully evaluate assessment results.
    • Understand your stakeholder needs and goals to foster support for vendor security risk management efforts.

    Build a Vendor Security Assessment Service Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should build a vendor security assessment service, review Info-Tech’s methodology, and understand the three ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define governance and process

    Determine your business requirements and build your process to meet them.

    • Build a Vendor Security Assessment Service – Phase 1: Define Governance and Process
    • Vendor Security Policy Template
    • Vendor Security Process Template
    • Vendor Security Process Diagram (Visio)
    • Vendor Security Process Diagram (PDF)

    2. Develop assessment methodology

    Develop the specific procedures and tools required to assess vendor risk.

    • Build a Vendor Security Assessment Service – Phase 2: Develop Assessment Methodology
    • Service Risk Assessment Questionnaire
    • Vendor Security Questionnaire
    • Vendor Security Assessment Inventory

    3. Deploy and monitor process

    Implement the process and develop metrics to measure effectiveness.

    • Build a Vendor Security Assessment Service – Phase 3: Deploy and Monitor Process
    • Vendor Security Requirements Template
    [infographic]

    Workshop: Build a Vendor Security Assessment Service

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Governance and Process

    The Purpose

    Understand business and compliance requirements.

    Identify roles and responsibilities.

    Define the process.

    Key Benefits Achieved

    Understanding of key goals for process outcomes.

    Documented service that leverages existing processes.

    Activities

    1.1 Review current processes and pain points.

    1.2 Identify key stakeholders.

    1.3 Define policy.

    1.4 Develop process.

    Outputs

    RACI Matrix

    Vendor Security Policy

    Defined process

    2 Define Methodology

    The Purpose

    Determine methodology for assessing procurement risk.

    Develop procedures for performing vendor security assessments.

    Key Benefits Achieved

    Standardized, repeatable methodologies for supply chain security risk assessment.

    Activities

    2.1 Identify organizational security risk tolerance.

    2.2 Develop risk treatment action plans.

    2.3 Define schedule for re-assessments.

    2.4 Develop methodology for assessing service risk.

    Outputs

    Security risk tolerance statement

    Risk treatment matrix

    Service Risk Questionnaire

    3 Continue Methodology

    The Purpose

    Develop procedures for performing vendor security assessments.

    Establish vendor inventory.

    Key Benefits Achieved

    Standardized, repeatable methodologies for supply chain security risk assessment.

    Activities

    3.1 Develop vendor security questionnaire.

    3.2 Define procedures for vendor security assessments.

    3.3 Customize the vendor security inventory.

    Outputs

    Vendor security questionnaire

    Vendor security inventory

    4 Deploy Process

    The Purpose

    Define risk treatment actions.

    Deploy the process.

    Monitor the process.

    Key Benefits Achieved

    Understanding of how to treat different risks according to the risk tolerance.

    Defined implementation strategy.

    Activities

    4.1 Define risk treatment action plans.

    4.2 Develop implementation strategy.

    4.3 Identify process metrics.

    Outputs

    Vendor security requirements

    Understanding of required implementation plans

    Metrics inventory

    Gain Real Insights with a Social Analytics Program

    • Buy Link or Shortcode: {j2store}561|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Marketing Solutions
    • Parent Category Link: /marketing-solutions
    • Social media is wildly popular with consumers and as a result, many businesses are starting to develop a presence on social media services like Facebook and Twitter. However, many businesses still struggle with understanding how to leverage consumer insights from these services to drive business decisions. They’re intimidated by the sheer volume of social data, and aren’t sure what to do about it.
    • Companies that do have an analytics program are often operating it on an ad-hoc basis rather than making an effort to integrate social insights with existing sourcing of consumer data. In doing this, they’re failing to make holistic decisions and missing out on valuable consumer and competitive insights.

    Our Advice

    Critical Insight

    • Social analytics are indispensable in gaining real-time insights across marketing, sales, and customer service. SMBs can use social analytics to gain valuable consumer insights at a significantly lower expense than traditional forms of market research.
    • The greatest value from social analytics comes when organizations marry social data sources with other forms of customer information, such as point-of-sale data, customer surveys, focus groups, and psychographic profiles.
    • Social analytics must be integrated with your broader BI program for maximum effect. Consider creating a Customer Insights Center of Excellence (CICOE) to serve as a one-stop shop for both traditional and social customer analytics.
    • IT has an invaluable role to play in helping to govern and manage the analytics program. A best-of-breed Social Media Management Platform is the key enabling technology for conducting analytics, and IT must assist with selection, implementation and operation of this solution.
    • Internal social analytics is an emerging field that allows you to gauge the sentiment of your employees, while turbocharging ideation and feedback processes. Social networking analysis is particularly valuable for internal analysis.

    Impact and Result

    • Understand the value of a social analytics program and the various departmental use cases – how social analytics improves decision making and boosts critical KPIs like revenue attainment and customer satisfaction.
    • Determine the different social metrics (such as sentiment and frequency analysis) your business should be tracking and how to turn metrics into deep consumer insights.
    • Follow a step-by-step guide for successfully executing a social analytics program across your organization.
    • Roll out an internal analytics program to gauge the sentiment of your employees, improve engagement, and understand informal influencer networks.

    Gain Real Insights with a Social Analytics Program Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Determine the organization’s use cases

    Decide which functional areas in the organization will benefit the most from using social data, and create use cases accordingly.

    • Storyboard: Gain Real Insights with a Social Analytics Program

    2. Define and interpret metrics

    Identify and evaluate key social analytics metrics and understand the importance of combining multiple metrics to get the most out of the analytics program.

    • Social Analytics Maturity Assessment

    3. Execute the social analytics program

    Leverage a cross-departmental Social Media Steering Committee and evaluate SMMPs and other social analytics tools.

    • Social Analytics Specialist
    • Social Analytics Business Plan

    4. Leverage internal social analytics

    Identify specific uses of internal social analytics: crowd-sourcing ideation, harvesting employee feedback, and rewarding internal brand advocates.

    [infographic]

    Identify and Manage Regulatory and Compliance Risk Impacts on Your Organization

    • Buy Link or Shortcode: {j2store}366|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management

    More than at any other time, our world is changing. As a result, organizations – and their vendors – need to be able to adapt their plans to accommodate risk on an unprecedented level.

    It is increasingly likely that one of your vendors, or their n-party support vendors, will fall out of regulatory compliance. Therefore, organizations must protect themselves by creating better mechanisms to hold their n-party vendors accountable and validate that they comply.

    Our Advice

    Critical Insight

    • Identifying and managing a vendor’s potential regulatory impact on your organization requires multiple people in the organization across several functions. Those people all need coaching on the potential changes in the market and how these changes may affect operations.
    • Organizational leadership is often taken unaware by changes, and their plans lack the flexibility to adjust to significant regulatory upheavals.

    Impact and Result

    Vendor management practices educate organizations on the different potential risks from vendors in your market and suggest creative and alternative ways to avoid and help manage them.

    • Prioritize and classify your vendors with quantifiable, standardized rankings.
    • Prioritize focus on your high-risk vendors.
    • Standardize your processes for identifying and monitoring vendor risks with our Regulatory Risk Impact Tool to manage potential impacts.

    Identify and Manage Regulatory and Compliance Risk Impacts on Your Organization Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify and Manage Regulatory and Compliance Risk Impacts to Your Organization Storyboard – Use the research to better understand the negative impacts of vendor actions to your brand reputation.

    Use this research to identify and quantify the potential regulatory impacts caused by vendors. Use Info-Tech's approach to look at the regulatory impact from various perspectives to better prepare for issues that may arise.

    • Identify and Manage Regulatory and Compliance Risk Impacts on Your Organization Storyboard

    2. Regulatory Risk Impact Tool – Use this tool to help identify and quantify the operational impacts of negative vendor actions.

    By playing the “what if” game and asking probing questions to draw out – or eliminate – possible negative outcomes, everyone involved adds their insight into parts of the organization to gather a comprehensive picture of potential impacts.

    • Regulatory Risk Impact Tool
    [infographic]

    Further reading

    Identify and Manage Risk Impacts on Your Organization

    It is easier for prospective clients to find out what you did wrong than that you fixed the issue.

    Analyst perspective

    Organizations must understand the regulatory damage vendors may cause from lack of compliance.

    Frank Sewell.

    The sheer number of regulations on the international market is immense, ever-changing, and make it almost impossible for any organization to consistently keep up with compliance.

    As regulatory enforcement increases, organizations must hold their vendors accountable for compliance through ongoing monitoring and validation of regulatory compliance to the relevant standards in their industries, or face increasing penalties for non-compliance.

    Frank Sewell,

    Research Director, Vendor Management

    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    More than at any previous time, our world is changing rapidly. As a result, organizations – and their vendors – need to be able to adapt their plans to accommodate risk on an unprecedented level.

    It is increasingly likely that one of your vendors, or their n-party support vendors, will fall out of regulatory compliance. Organizations must protect themselves by creating better mechanisms to hold their n-party vendors accountable and validate that they comply.

    Identifying and managing a vendor’s potential regulatory impact on your organization requires multiple people in the organization across several functions. Those people all need coaching on the potential changes in the market and how these changes may affect operations.

    Organizational leadership is often taken unaware by changes, and their plans lack the flexibility to adjust to significant regulatory upheavals.

    Vendor management practices educate organizations on the different potential risks from vendors in your market and suggest creative and alternative ways to avoid and help manage them.

    Prioritize and classify your vendors with quantifiable, standardized rankings.

    Prioritize focus on your high-risk vendors.

    Standardize your processes for identifying and monitoring vendor risks with our Regulatory Risk Impact Tool to manage potential impacts.

    Info-Tech Insight

    Organizations must evolve their risk assessments to be more adaptive to respond to regulatory changes in the global market. Ongoing monitoring of the vendors who must comply with industry and governmental regulations is crucial to avoiding penalties and maintaining your regulatory compliance.

    Info-Tech’s multi-blueprint series on vendor risk assessment

    There are many individual components of vendor risk beyond cybersecurity.

    The image contains a cube that is divided into 6 asymmetrical to highlight the six components of vendor risk. Strategic, Security, Regulatory & Compliance, Financial, Reputational, Operational.

    This series will focus on the individual components of vendor risk and how vendor management practices can facilitate organizations’ understanding of those risks.

    Out of Scope:

    This series will not tackle risk governance, determining overall risk tolerance and appetite, or quantifying inherent risk.

    Regulatory and Compliance risk impacts

    Potential losses to the organization due regulatory and compliance incidents.

    • In this blueprint we’ll:
      • Explore regulatory and compliance risks and their impacts.
      • Identify potentially disruptive events to assess the overall impact on organizations and implement adaptive measures to identify, manage, and monitor vendor performance.

    The image contains a cube that is divided into 6 asymmetrical to highlight the six components of vendor risk. Strategic, Security, Regulatory & Compliance, Financial, Reputational, Operational. Regulatory & Compliance is highlighted on the cube.

    The world is constantly changing

    The IT market is constantly reacting to global influences. By anticipating changes, leaders can set expectations and work with their vendors to accommodate them and avoid penalties.

    When the unexpected happens, being able to adapt quickly to new priorities and regulations ensures continued long-term business success.

    Below are some things no one expected to happen in the last few years:

    45%

    Have no visibility into their upstream supply chain, or they can only see as far as their first-tier suppliers.

    2022 McKinsey

    61%

    Of compliance officers expect to increase investment in their compliance function over the next two years.

    2022 Accenture

    $770k+

    Breaches involving third-party vendors cost more on average.

    2022 HIT Consultant.net

    Regulatory Compliance

    Consider implementing vendor management initiatives and practices in your organization to help gain compliance with your expanding vendor landscape.

    Your organizational risks may be monitored but are your n-party vendors?

    The image contains a cube that is divided into 6 asymmetrical to highlight the six components of vendor risk. Strategic, Security, Regulatory & Compliance, Financial, Reputational, Operational.

    Review your expectations with your vendors and hold them accountable.

    Regulatory entities are looking beyond your organization’s internal compliance these days. More and more they are diving into your third-party and downstream relationships, particularly as awareness of downstream breaches increases globally.

    • Are you assessing your vendors regularly?
    • Are you validating those assessments?
    • Do your vendors have a map of their downstream support vendors?
    • Do they have the mechanisms to hold those downstream vendors accountable to your standards?

    Regulatory Guidance and Industry Standards

    Are you confident your vendors meet your standards?

    Identify and manage regulatory and compliance risks

    Environmental, Social, Governance (ESG)
    Regulatory agencies are putting more enforcement on ESG practices across the globe. As a result, organizations will need to monitor the changing regulations and validate that their vendors and n-party support vendors are adhering to these regulations, or face penalties for non-compliance.

    Data Protection
    Data Protection remains an issue in the world. Organizations should ensure that the data their vendors obtain remains protected throughout the vendor’s lifecycle, including post-termination. Otherwise, they could be monitoring for a data breach in perpetuity.

    Mergers and Acquisitions
    More prominent vendors continuously buy smaller companies to control the market in the IT industry. Therefore, organizations should put protections in their contracts to ensure that an IT vendor’s acquisition does not put them in a relationship with someone that could cause them an issue.

    What to look for

    Identify regulatory and compliance risk impacts.

    • Is there a record of complaints against the vendor from their employees or customers?
    • Has the vendor been cited for regulatory compliance issues in the past?
    • Does the vendor have a comprehensive list of their n-party vendor partners?
      • Are they willing to accept appropriate contractual protections regarding them?
    • Does the vendor self-audit, or do they use a vetted third-party audit firm to issue a SOC report annually?
    • Does the vendor operate in regions known for regulatory violations?
    • Is the vendor willing to make concessions on contractual protections, or are they only offering “one-sided” agreements with “as-is” warranties?

    Prepare your vendor risk management for success

    Due diligence will enable successful outcomes.

    1. Obtain top-level buy-in; it is critical to success.
    2. Build enterprise risk management (ERM) through incremental improvement.
    3. Focus initial efforts on the “big wins” to prove the process works.
    4. Use existing resources.
    5. Build on any risk management activities that already exist in the organization.
    6. Socialize ERM throughout the organization to gain additional buy‑in.
    7. Normalize the process long term, with ongoing updates and continuing education for the organization.

    (Adapted from COSO)

    How to assess third-party risk

    1. Review Organizational Regulations
    2. Understand the organization’s regulatory risks to prepare for the “What If” game exercise.

    3. Identify & Understand Potential Regulatory-Compliance Risks
    4. Play the “What If” game with the right people at the table.

    5. Create a Risk Profile Packet for Leadership
    6. Pull all the information together in a presentation document.

    7. Validate the Risks
    8. Work with leadership to ensure that the proposed risks are in line with their thoughts.

    9. Plan to Manage the Risks
    10. Lower the overall risk potential by putting mitigations in place.

    11. Communicate the Plan
    12. It is important not only to have a plan but also to socialize it in the organization for awareness.

    13. Enact the Plan
    14. Once the plan is finalized and socialized, put it in place with continued monitoring for success.

    Adapted from Harvard Law School Forum on Corporate Governance

    Insight summary

    Regulatory risk impacts often come from unexpected places and have significant consequences. Knowing who your vendors are using for their support and supply chain could be crucial in eliminating the risk of non-compliance for your organization. Having a plan to identify and validate the regulatory compliance of your vendors is a must for any organization, to avoid penalties.

    Insight 1

    Organizations fail to plan for vendor acquisitions appropriately.

    Vendors routinely get acquired in the IT space. Does your organization have appropriate safeguards from inadvertently entering a negative relationship? Do you have plans around replacing critical vendors purchased in such a manner?

    Insight 2

    Organizations often fail to understand how n-party vendors could place them in non-compliance.

    Even if you know your complete third-party vendor landscape, you may not be aware of the downstream vendors in play. Ensure that you get visibility into this space as well and hold your direct vendors accountable for the actions of their vendors.

    Insight 3

    Organizations need to know where their data lives and ensure it is protected.

    Make sure you know which vendors are accessing/storing your data, where they are keeping it, and that you can get it back and have the vendors destroy it when the relationship is over. Without adequate protection throughout the lifecycle of the vendor, you could be monitoring for breaches in perpetuity.

    Identifying regulatory and compliance risks

    Who should be included in the discussion.

    • While it is true that executive-level leadership defines the strategy for an organization, it is vital for those making decisions to make informed decisions.
    • Getting input from regulatory risk experts within your organization will enhance your long-term potential for successful compliance.
    • Involving those who not only directly manage vendors but also understand your regulatory requirements will aid in determining the path forward for relationships with your current vendors, and identifying new emerging potential partners.

    See the blueprint Build an IT Risk Management Program

    Review your risk management plans for new risks on a regular basis.

    Keep in mind Risk = Likelihood x Impact (R=L*I).

    Impact (I) tends to remain the same, while Likelihood (L) is becoming closer to 100% as threat actors become more prevalent

    Managing vendor regulatory and compliance risk impacts

    How could your vendors fall out of compliance?

    • Review vendors’ downstream connections to understand thoroughly with whom you are in business.
      • Monitor their regulatory stance as it could reflect on your organization.
    • Institute proper vendor lifecycle management.
      • Make sure to follow corporate due diligence and risk assessment policies and procedures.
      • Failure to consistently do so is a recipe for disaster.
    • Develop IT risk governance and change control.
    • Introduce continual risk assessment to monitor the relevant vendor markets.
      • Regularly review your regulatory requirements for new and changing risks.
    • Be adaptable and allow for innovations that arise from the current needs.
      • Capture lessons learned from prior incidents to improve over time, and adjust your plans accordingly.

    Organizations must review their regulatory risk appetite and tolerance levels, considering their complete landscape.

    Changing regulations, acquisitions, and events that affect global supply chains are current realities, not unlikely scenarios.

    Ongoing Improvement

    Incorporating lessons learned.

    • Over time, despite everyone’s best observations and plans, incidents will catch us off guard.
    • When it happens, follow your incident response plans and act accordingly.
    • An essential step is to document what worked and what did not – collectively known as the “lessons learned.”
    • Use the lessons learned document to devise, incorporate, and enact a better risk management process.

    Sometimes disasters occur despite our best plans to manage them.

    When this happens, it is important to document the lessons learned and update our plans.

    The “what if” game

    1-3 hours

    Vendor management professionals are in an excellent position to help senior leadership identify and pull together resources across the organization to determine potential risks. By playing the "what if" game and asking probing questions to draw out – or eliminate – possible adverse outcomes, everyone involved adds their insight into parts of the organization to gather a comprehensive picture of potential impacts.

    1. Break into smaller groups (or if too small, continue as a single group).
    2. Use the Regulatory Risk Impact Tool to prompt discussion on potential risks. Keep this discussion flowing organically to explore all potentials but manage the overall process to keep the discussion pertinent and on track.
    3. Collect the outputs and ask the subject matter experts (SMEs) for management options for each one in order to present a comprehensive risk strategy. You will use this to educate senior leadership so that they can make an informed decision to accept or reject the solution.
    Input Output
    • List of identified potential risk scenarios scored by regulatory-compliance impact
    • List of potential mitigations of the scenarios to reduce the risk
    • Comprehensive regulatory risk profile on the specific vendor solution
    Materials Participants
    • Whiteboard/flip charts
    • Regulatory Risk Impact Tool to help drive discussion
    • Vendor Management – Coordinator
    • Organizational Leadership
    • Operations Experts (SMEs)
    • Legal/Compliance/Risk Manager

    High risk example from tool

    The image contains a screenshot demonstrating high risk example from the tool.

    How to mitigate:

    Contractually insist that the vendor have a third-party security audit performed annually, with the stipulation that they will not denigrate below your acceptable standards.

    Note: Even though a few items are “scored” they have not been added to the overall weight, signaling that the company has noted but does not necessarily hold them against the vendor.

    Low risk example from tool

    The image contains a screenshot demonstrating low risk example from the tool.

    Summary

    Seek to understand all regulatory requirements to obtain compliance.

    • Organizations need to understand and map out their entire vendor landscape.
    • Understand where all your data lives and how you can control it throughout the vendor lifecycle.
    • Those organizations that consistently follow their established risk assessment and due diligence processes are better positioned to avoid penalties.
    • Bring the right people to the table to outline potential risks in the market and your organization.
    • Incorporate “lessons learned” from prior incidents into your risk management process to build better plans for future issues.

    Keeping up with the ever-changing regulations can make compliance a difficult task.

    Organizations should increase the resources dedicated to monitoring these regulations as agencies continue to hold them more accountable.

    Related Info-Tech Research

    Identify and Manage Financial Risk Impacts on Your Organization

    • Vendor management practices educate organizations on potential financial impacts that vendors may incur and suggest systems to help manage them.
    • Standardize your processes for identifying and monitoring vendor risks to manage financial impacts with our Financial Risk Impact Tool.

    Identify and Manage Reputational Risk Impacts on Your Organization

    • Vendor management practices educate organizations on potential risks to vendors in your market and suggest creative and alternative ways to avoid and help manage them.
    • Standardize your processes for identifying and monitoring vendor risks to manage potential impacts on your reputation and brand with our Reputational Risk Impact Tool.

    Identify and Manage Strategic Risk Impacts on Your Organization

    • Vendor management practices educate organizations on potential risks to vendors in your market and suggest creative and alternative ways to avoid and help manage them.
    • Standardize your processes for identifying and monitoring vendor risks to manage potential impacts on your strategic plan with our Strategic Risk Impact Tool.

    Info-Tech Insight

    It is easier for prospective clients to find out what you did wrong than that you fixed the issue.


    Bibliography

    Alicke, Knut, et al. "Taking the pulse of shifting supply chains", McKinsey & Company, August 26th 2022. Accessed October 31st
    Regan, Samantha, et al. "Can compliance keep up with warp-speed Change?", accenture, May 18th 2022. Accessed Oct 31st 2022.
    Feria, Nathalie, and Rosenberg, Daniel. "Mitigating Healthcare Cyber Risk Through Vendor Management", HIT Consultant, October 17th 2022. Accessed Oct 31st 2022.
    Tonello, Matteo. “Strategic Risk Management: A Primer for Directors.” Harvard Law School Forum on Corporate Governance, 23 Aug. 2012.
    Frigo, Mark L., and Richard J. Anderson. “Embracing Enterprise Risk Management: Practical Approaches for Getting Started.” COSO, 2011.

    Equip Managers to Effectively Manage Virtual Teams

    • Buy Link or Shortcode: {j2store}600|cart{/j2store}
    • member rating overall impact: 9.7/10 Overall Impact
    • member rating average dollars saved: $20,240 Average $ Saved
    • member rating average days saved: 4 Average Days Saved
    • Parent Category Name: Manage & Coach
    • Parent Category Link: /manage-coach
    • Virtual team members must rely upon collaboration technology to communicate and collaborate.
    • Management practices and approaches that work face to face do not always translate effectively in virtual contexts.
    • Managers cannot rely upon spontaneous social interactions that happen organically when people are colocated to build meaningful and trusting relationships. Space and time need to be created in a virtual environment for this to happen.
    • Observing an employee’s performance or development can be more difficult, and relying on others’ feedback becomes more critical for managing performance and development.

    Our Advice

    Critical Insight

    • Managing virtual teams does not require developing new manager competencies. Instead, managers need to “dial up” competencies they already have and adjust their approaches.
    • Setting clear expectations with virtual teams creates the foundation needed to manage them effectively.
    • Virtual employees crave more meaningful interactions about performance and development with their managers.

    Impact and Result

    • Create a solid foundation for managing virtual teams by setting clear expectations and taking a more planful approach to managing performance and employee development.
    • Dial up key management competencies that you already have. Managers do not need to develop new competencies; they just need to adjust and refocus their approaches.

    Equip Managers to Effectively Manage Virtual Teams Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Equip managers to effectively manage virtual teams

    Equip managers to become more effective with managing remote teams.

    The workbook serves as a reference guide participants will use to support formal training.

    • Training Deck: Equip Managers to Effectively Manage Virtual Teams
    • Workbook: Equip Managers to Effectively Manage Virtual Teams
    • Standard Participant Training Session Evaluation Template

    2. Additional Resources

    Many organizations are developing plans to allow employees more flexible work options, including remote work. Use these resources to help managers and employees make the most of remote work arrangements.

    • Work-From-Home Tips for Managers
    • Work-From-Home Tips for Employees
    • Health & Safety at Home Infographic
    • Wellness and Working From Home
    • Ergonomic Workspaces Infographic
    [infographic]

    Further reading

    Equip Managers to Effectively Manage Virtual Teams

    Learning objectives

    Describe the benefits of virtual teams.

    Create a plan for adopting effective management practices and setting clear expectations with virtual teams.

    Identify potential solutions to the challenges of managing performance and developing members of virtual teams.

    Create an action plan to increase effectiveness in managing virtual teams.

    Target audience

    People managers who manage or plan to manage virtual teams.

    Training length

    Two three-hour sessions

    Training material

    • Use the speaker’s notes in the notes pane section of each slide to plan and practice the training session.
    • Activity slides are scattered throughout this training deck and are clearly numbered in the slide title.
    • Notes in italics are written to the facilitator and are not meant to be read aloud.
    • Download the Workbook for participants to use.

    Suggested materials for activities:

    • Index cards or sticky notes
    • Markers
    • Whiteboard/large table space/flip chart

    Agenda & activities

    Section 1

    Section 2

    10 min

    Welcome: Overview & Introductions

    • Introductions
    10 min

    Welcome: Overview & Introductions

    • Session 1 Review
    • Session 2 Overview
    50 min

    1.1 Introduction to virtual teams

    • What kind of virtual team do you lead?
    • Virtual team benefits and challenges
    55 min

    2.1 Managing wellbeing in a virtual team context

    • Share current practices and challenges regarding wellbeing in virtual teams
    • Identify and discuss proposed solutions
    • Develop draft action plan for managing wellbeing in a virtual team context
    5 min

    Break

    5 min Break
    45 min

    1.2 Laying the foundation for a virtual team

    • Identify behaviors to better inform, interact with, and involve team members
    60 min

    2.2 Managing performance in a virtual team context

    • Share current performance management practices for virtual teams
    • Identify challenges of current practices and propose solutions
    • Develop draft action plan for managing performance in a virtual team context
    10 min

    Break

    10 min Break
    55 min

    1.2 Laying the foundation for a virtual team

    • Identify and share ways you prefer to communicate for different activities
    • Develop draft action plan for laying the foundation for a virtual team
    40 min

    Action planning & conclusion

    • Refine consolidated action plan (three parts) and commit to implementing it
    • Key takeaways
    5 min

    Session 1 Wrap-Up

    Recommended Customization

    Review all slides and adjust the language or content as needed to suit your organizational context and culture.

    The pencil icon to the left denotes slides requiring customization of the slide and/or the speaker’s notes, e.g. adding in an organization-specific process.

    Customization instructions are found in the notes pane.

    Tips

    • Adjust the speaker’s notes on the slides before (or after) any slides you modify or delete to ensure logical transitions between slides.
    • Update the agenda to reflect new timings if major modifications are made.
    • Even seasoned leaders need to be reminded of the basics now and again. Rather than delete more basic slides, cut back on the amount of time spent covering them and frame the content as a refresher.
    • Participant Workbooks
    • Relevant organization-specific documents (see side panel)
    • Training Session Feedback Form

    Required Information

    • Communication guidelines for managers (e.g. cadence of manager interactions)
    • Performance management process and guidelines
    • Employee development guidelines
    • List of available resources (e.g. social collaboration tools)

    Effectively Manage Virtual Teams

    Section 1.1

    Practical foundations for managing teams in a remote environment

    Feasibility of virtual IT teams

    Most organizations are planning some combination of remote and onsite work in 2022.

    This is an image of a bar graph demonstrating the percentage of companies who have the following plans for return to work: Full work-from-home (All employees WFH permanently) - 4% ; No work-from-home permitted	9% ; Partial work-from-home team (Eligible employees can WFH for a certain portion of their work week)	23% ; Balanced work-from-home team (All employees can WFH for a certain portion of their work week)	28% ; Hybrid work-from-home team (Eligible employees WFH on a full-time basis)	37%

    Source: IT Talent Trends, 2022; n=199

    Speaker’s Notes:

    Most organizations are planning some combination of remote and onsite work in 2022 – the highest reported plans for WFH were hybrid, balanced, and partial work-from-home. This builds on our findings in the IT Talent Trends 2022 report.

    Feasibility of virtual IT teams

    What percentage of roles in IT are capable of being performed remotely permanently?

    Approximately what percentage of roles in IT are capable of being performed remotely permanently?

    0% to less than 10%: 3%; 10% to less than 25%: 5%; 25% to less than 50%: 12%; 50% to less than 75%: 30%; 75% to 100%L 50%.

    IT Talent Trends, 2022; n=207

    Speaker’s Notes:

    80% of respondents estimated that 50 to 100% of IT roles can be performed remotely.

    Virtual teams take all kinds of forms

    A virtual team is any team that has members that are not colocated and relies on technology for communications.

    This image depicts the three levels of virtual teams, Municipal; National; Global.

    Speaker’s Notes:

    Before we start, it will be useful to review what we mean by the term “virtual team.” For our purposes we will be defining a virtual team as any team that has members that are not colocated and relies on technology for communications.

    There are a wide variety of virtual work arrangements and a variety of terms used to describe them. For example, some common terms include:

    • “Flexible work arrangements”: Employees have the option to work where they see fit (within certain constraints). They may choose to work from the office, home, a shared office space, the road, etc.
    • “Remote work,” “work from home,” and “telecommuting”: These are just various ways of describing how or where people are working virtually. They all share the idea that these kinds of employees are not colocated.
    • “Multi-office team”: the team members all work in office environments, but they may not always be in the same office as their team members or manager.

    Our definition of virtual work covers all of these terms. It is also distance neutral, meaning that it applies equally to teams that are dispersed globally or regionally or even those working in the same cities but dispersed throughout different buildings. Our definition also applies whether virtual employees work full time or part time.

    The challenges facing managers arise as soon as some team members are not colocated and have to rely on technology to communicate and coordinate work. Greater distances between employees can complicate challenges (e.g. time zone coordination), but the core challenges of managing virtual teams are the same whether those workers are merely located in different buildings in the same city or in different buildings on different continents.

    1.1 What kind of virtual team do you lead?

    15 Minutes

    Working on your own, take five minutes to figure out what kind of virtual team you lead.

    1. How many people on your team work virtually (all, most, or a small percentage)?
    2. How often and how regularly do they tend to work virtually (full time, part time regularly, or part time as needed)?
    3. What kinds of virtual work arrangements are there on your team (multi-site, work from home, mobile employees)?
    4. Where do your workers tend to be physically located (different offices but in the same city/region or globally dispersed)?
    5. Record this information in your workbook.
    6. Discuss as a group.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Size of virtual team
    • Current remote work practices

    Output

    • Documented list of current state of remote work

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Advantages

    Benefits to the organization

    Benefits to employees

    Operational continuity in disaster situations that prevent employees from coming into the office.

    Cost savings: Employees who WFH half the time can save $2,500 to $4,000 per year (Global Workplace Analytics, 2021).

    Cost savings: Organizations save ~$11,000 annually per employee working from home half the time (Global Workplace Analytics, 2021).

    Time savings: Employees who WFH half the time save on average 11 workdays per year (Global Workplace Analytics, 2021).

    Increased attraction: 71% of employees would likely choose one employer over another based on WFH offerings (Owl Labs, 2021).

    Improved wellbeing:

    83% employees agree that WFH would make them happier.

    80% agree that WFH would decrease their stress.

    81% agree that WFH would improve their ability to manage their work-life balance.

    (Owl Labs, 2021)

    Increased retention: 74% of employees would be less likely to leave their employer if they could WFH (Owl Labs, 2021).

    Increased flexibility: 32% of employees rated the “ability to have a flexible schedule” as the biggest benefit of WFH (OWL Labs, 2021).

    Increased productivity: 50% of employees report they would maintain or increase their productivity while working from home (Glassdoor Team, 2020).

    Increased engagement: Offsite employees tend to have higher overall engagement than onsite employees (McLean & Company Engagement Survey, 2020).

    Speaker’s Notes:

    Remote work arrangements are becoming more and more common, and for good reason: there are a lot of benefits to the organization – and to employees.

    #1: Save Money

    Perhaps one of the most common reasons for opting for remote-work arrangements is the potential cost savings. One study found that organizations could save about $11,000 per employee working from home half the time (Global Workplace Analytics, 2021).

    #2 Increased Attraction

    In addition, supporting remote-work arrangements can attract employees. One study found that 71% of employees would likely choose one employer over another based on WFH offerings (Owl Labs, 2019).

    #3 Improve productivity.

    There are also improvements to productivity. Fifty percent of employees report they would maintain or increase their productivity while working from home (Glassdoor Team, 2020).

    Remote work also has benefits to employees.

    #1: Save Money

    As with organizations, employees also benefit financially from remote work arrangements, saving between $2,500 and $4,000 and on average 11 working days while working from home half of the time.

    #2: Improved Wellbeing

    Most employees agree that working from home makes them happier, reduces stress, and provides an improved work-life balance through increased flexibility.

    Challenges

    Organizations

    • Concerns that WFH may stifle innovation (Scientific American, 2021), likely due to the potential lack of collaboration and knowledge sharing.
    • Fewer organic opportunities for informal interaction between employees working from home means active efforts are required to foster organizational culture.

    Leaders

    • 42% of managers believe that monitoring the productivity of their direct reports is a top challenge of WFH (Ultimate Software, 2019).
    • The lack of in-person supervision compounded with a lack of trust in employees leads many leaders to believe that WFH will result in a drop in productivity.

    Employees

    • 20% of employees report collaboration/communication as their top struggle with WFH (Owl Labs, 2021).
    • Employees often experience burnout from working longer hours due to the lack of commute, blurring of work and home life, and the perceived need to prove their productivity.

    Many of these barriers can be addressed by changing traditional mindsets and finding alternative ways of working, but the traditional approach to work is so entrenched that it has been hard to make the shift.

    Speaker’s Notes:

    Many organizations are still grappling with the challenges of remote work. Some are just perceived challenges, while others are quite real.

    Limited innovation and a lack of informal interaction are a potential consequence of failing to properly adapt to the remote-work environment.

    Leaders also face challenges with remote work. Losing in-person supervision has led to the lack of trust and a perceived drop in productivity.

    A study conducted 2021 asked remote workers to identify their biggest struggle with working remotely. The top three struggles remote workers report facing are unplugging after work, loneliness, and collaborating and/or communicating.

    Seeing the struggles remote workers identify is a good reminder that these employees have a unique set of challenges. They need their managers to help them set boundaries around their work; create feelings of connectedness to the organization, culture, and team; and be expert communicators.

    1.2 Virtual teams: benefits and challenges

    20 Minutes

    1. Discuss and list:
      1. Any positives you’ve experienced since managing virtual employees.
      2. Any challenges you’ve had to manage connected to managing virtual employees.
    2. Record information in the workbook.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Personal experiences managing remote teams

    Output

    • List of benefits and challenges of remote work

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Effectively Manage Virtual Teams

    Section 1.2

    Laying the foundations for a virtual team

    The 3i’s: Inform, interact, and involve your way to effective management:

    Inform

    Interact Involve

    ↓ Down

    Connect

    ↑ Up

    Tell employees the whys

    Get to know employees

    Solicit input from employees

    Speaker’s Notes:

    Effectively managing a virtual team really comes down to adopting management approaches that will engage virtual employees.

    Managing a virtual team does not actually require a new management style. The basics of effective management are the same in both colocated and virtual teams; however, the emphasis on certain behaviors and actions we take often differs. Managing a virtual team requires much more thoughtfulness and planning in our everyday interactions with our teams as we cannot rely on the relative ease of face-to-face interactions available to colocated teams.

    The 3i’s Engaging Management Model is useful when interacting with all employees and provides a handy framework for more planful interactions with virtual employees.

    Think of your management responsibilities in these three buckets – they are the most important components of being an effective manager. We’re first going to look at inform and involve before moving on to interact.

    Inform: Relay information down from senior management and leaders to employees. Communicate the rationale behind decisions and priorities, and always explain how they will directly affect employees.

    Why is this important? According to McLean & Company’s Engagement Survey data, employees who say their managers keep them well informed about decisions that affect them are 3.4 times more likely to be engaged (Source: McLean & Company, 2020; N=77,363). Your first reaction to this might be “I already do this,” which may very well be the case. Keep in mind, though, we sometimes tend to communicate on a “need-to-know basis,” especially when we are stressed or short on time. Engaging employees takes more. Always focus on explaining the “why?” or the rationale behind business decisions.

    It might seem like this domain should be the least affected, since important company announcements probably continue in a remote environment. But remember that information like that also flows informally. And even in formal settings, there are question-and-answer opportunities. Or maybe your employee might come to your office to ask for more details. Virtual team members can’t gather around the watercooler. They don’t have the same opportunities to hear information in passing as people who are colocated do, so managers need to make a concerted effort to share information with virtual team members in a clear and timely way.

    Swinging over to the other end, we have involve: Involve your employees. Solicit information and feedback from employees and collaborate with them.

    However, it’s not enough to just solicit their feedback and input; you also need to act on it.

    Make sure you involve your employees in a meaningful way. Such collaboration makes employees feel like a valued part of the team. Not to mention that they often have information and perspectives that can help make your decisions stronger!

    Employees who say their department leaders act on feedback from them are 3.9 times more likely to be engaged than those whose leaders don’t. (Source: McLean & Company, 2020; N=59,779). That is a huge difference!

    Keeping virtual employees engaged and feeling connected and committed to the organization requires planful and regular application of the 3i’s model.

    Finally, Interact: Connect with employees on a personal level; get to know them and understand who they are on a personal and professional level.

    Why? Well, over and above the fact that it can be rewarding for you to build stronger relationships with your team, our data shows that human connection makes a significant difference with employees. Employees who believe their managers care about them as a person are 3.8 times more likely to be engaged than those who do not (Source: McLean & Company, 2017; N=70,927).

    And you might find that in a remote environment, this is the area that suffers the most, since a lot of these interactions tend to be unscripted, unscheduled, and face to face.

    Typically, if we weren’t in the midst of a pandemic, we’d emphasize the importance of allocating some budget to travel and get some face-to-face time with your staff. Meeting and interacting with team members face to face is crucial to building trusting relationships, and ultimately, an effective team, so given the context of our current circumstances, we recommend the use of video when interacting with your employees who are remote.

    Relay information down from senior management to employees.

    Ensure they’ve seen and understand any organization-wide communication.

    Share any updates in a timely manner.

    Connect with employees on a personal level.
    Ask how they’re doing with the new work arrangement.
    Express empathy for challenges (sick family member, COVID-19 diagnosis, etc.).
    Ask how you can support them.
    Schedule informal virtual coffee breaks a couple of times a week and talk about non-work topics.

    Get information from employees and collaborate with them.
    Invite their input (e.g. have a “winning remotely” brainstorming session).
    Escalate any challenges you can’t address to your VP.
    Give them as much autonomy over their work as possible – don’t micromanage.

    1.3 Identify behaviors to inform, interact with, and involve team members

    20 Minutes

    Individually:

    1. Identify one behavior for each of Inform, Interact, and Involve to improve.
    2. Record information in the workbook.

    As a group:

    1. Discuss behaviors to improve for each of Inform, Interact, and Involve and record new ideas to incorporate into your leadership practice.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • 3i's Model
    • Current leadership behaviors to improve

    Output

    • List of behaviors to better inform, interact, and involve team members

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Laying the foundation: Set clear expectations

    Tasks

    • What are the daily and weekly team activities? How do they affect one another?

    Goals

    • Clarify any adjustments to strategy based on the situation; clarify metrics.

    Communication

    • How often and when will you check in? What should they come to you for? What modalities will you use and when?

    Roadblocks

    • Involve your team in deciding how to handle roadblocks and challenges.

    Speaker’s Notes:

    Clear expectations are important in any environment, remote or not. But it is much harder to do in a remote environment. The barrier to seeking clarification is so much higher (For example, email vs. catching someone in hallway, or you can’t notice that a colleague is struggling without them asking).

    Communication – This is one area where the importance actually changes in a remote context. We’ve been talking about a lot of practices that are the same in importance whether you’re in an office or remote, and maybe you just enact them differently. But clarity around communication processes is actually tremendously more important in a remote environment.

    Adopt a five-step process to set specific and documented expectations

    1. Check in with how your team member is doing on a daily basis. Don’t forget to ask how they are doing personally.
    2. Follow up on previously set expectations. Ask how things are going. Discuss if priorities or expectations have changed and update expectations accordingly.
    3. Ask if they are experiencing any roadblocks and collaborate to find solutions.
    4. Provide feedback and recognition as appropriate.
    5. Document newly set expectations – either through a collaboration tool or through email.

    Speaker’s Notes:

    Suggested best practices: Hold daily team check-ins and hold separate individual check-ins. Increase frequency of these.

    During Check-in
    1. Set up a running Teams chat for your team.
    • This is your community. You must be the biggest cheerleader and keep the team feeling like they are contributing. Make sure everyone is involved.
  • Start each workday with a video scrum to discuss what’s coming today for your team.
    • Ask: What are you planning to work on today? Are there any roadblocks I can help with? Technology working OK?
  • Right after your team meeting, set up an “every morning video call” one-on-one meeting with each team member (5-10 minutes max).
    • Ask: What are you working on today? What will your momentum metrics be? What do you need from me?
  • Set up a separate video call at the end of the afternoon to review what everyone did (5 minutes max).
    • Ask: What went well? What went poorly? How can we improve?
  • After a Check-in
    1. Be accessible:
      • Ensure your team knows the best way to get in touch with you.
      • Email is not ideal for informal, frequent contact – use messaging instead.
    2. Be available:
      • Keep a running conversation going in Teams.
      • Respond in a timely manner; address issues quickly so that your team has what they need to succeed.
      • Let your team know if you’ll be away/offline for longer than an hour during the workday and ask them to do the same (e.g. for an appointment).
      • Help address roadblocks, answer questions, clarify priorities, etc.

    Define communication requirements

    • Set up an ongoing communication with your team.
      • E.g. a running conversation on Slack or Teams
    • Schedule daily virtual meetings and check-ins.
      • This can help to maintain a sense of normalcy and conduct a pulse check on your team.
    • Use video for important conversations.
      • Video chat creates better rapport, shows body language, and lessens feelings of isolation, but it can be taxing.
    • Set expectations about communication.
      • Differentiate between day-to-day communication and updates on the state of events.
    • Clearly communicate the collaboration toolkit.
      • What do we have available? What is the purpose of each?

    Speaker’s Notes:

    With organizational expectations set, we need to establish team expectations around how we collaborate and communicate.

    Today there is no lack of technology available to support our virtual communication. We can use the phone, conference calls, videoconferencing, Skype, instant messaging, [insert organization-specific technological tools.], etc.

    However, it is important to have a common understanding of which tools are most appropriate when and for what.

    What are some of the communication channel techniques you’ve found useful in your informal interactions with employees or that you’ve seen work well between employees?

    [Have participants share any technological tools they find useful and why.]

    Check in with your team on communication requirements

    • Should we share our calendars, hours of availability, and/or IM status?
    • How often should we meet as a team and one on one? Should we institute a time when we should not communicate virtually?
    • Which communication channel should we use in what context? How should we decide which communication method to use?
    • Should I share guidelines for email and meeting etiquette (or any other communication methods)?
    • Should we establish a new team charter?
    • What feedback does the team have regarding how we’ve been communicating?

    Speaker’s Notes:

    Whenever we interact, we make the following kinds of social exchanges. We exchange:

    • Information: Data or opinions
    • Emotions: Feelings and evaluations about the data or opinions
    • Motivations: What we feel like doing in response to data or opinions

    We need to make sure that these exchanges are happening as each team member intends. To do this, we have to be sensitive to what information is being conveyed, what emotions are involved in the interaction, and how we are motivating each other to act through the interaction. Every interaction will have intended and unintended effects on others. No one can pay attention to all of these aspects of communication all the time, but if we develop habits that are conducive to successful exchanges in all three areas, we can become more effective.

    In addition to being mindful of the exchange in our communication, as managers it is critical to build trusting relationships and rapport with employees as we saw in the 3i's model. However, in virtual teams we cannot rely on running into someone in the kitchen or hallway to have an informal conversation. We need to be thoughtful and deliberate in our interactions with employees. We need to find alternative ways to build these relationships with and between employees that are both easy and accepted by ourselves and employees. Because of that, it is important to set communication norms and really understand each other’s preferences. For example:

    • Timing of responses. Set the expectation that emails should be responded to within X hours/days unless otherwise noted in the actual email.
    • When it’s appropriate to send an email vs. using instant messaging.
    • A team charter – the team’s objectives, individual roles and responsibilities, and communication and collaboration guidelines.

    1.4 Identify and share ways you prefer to communicate for different activities

    20 Minutes

    1. Brainstorm and list the different types of exchanges you have with your virtual employees and they have with each other.
    2. List the various communication tools in use on your team.
    3. Assign a preferred communication method for each type of exchange

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Current types of exchanges on team
    • Communication methods used

    Output

    • Defined ways to communicate for each communication method

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Effectively Manage Virtual Teams

    Section 2.1
    Balancing wellbeing and performance in a virtual team context

    The pandemic has taken a significant toll on employees’ mental wellbeing

    44% of employees reported declined mental wellbeing since the start of the pandemic.

    • 44% of those who work from home.
    • 34% of those who have other work arrangements (i.e. onsite).
      (Qualtrics, 2020)

    "If one of our colleagues were to fall, break their leg, and get a cast, colleagues would probably rally around that person signing their cast. But, really, we don’t view the health of our brain the same as we do the health of our body."
    – Centre for Addiction and Mental Health (CAMH) Employee

    Speaker’s Notes:

    Despite being over two years into the pandemic, we are still seeing its effect on the physical and mental health of employees.

    The mental health aspect has been often overlooked by organizations, but in order to have a safe, happy, and productive team, you need to give mental health the same level of focus as physical heath. This requires a change in mindset in order for you as a leader to support your team's mental wellbeing during the pandemic and beyond.

    Employees are reporting several key mental wellbeing challenges

    Stress: 67%

    Employees report increasingly high levels of stress from the onset of COVID-19, stating that it has been the most stressful time in their careers.
    (Qualtrics, 2020)

    Anxiety: 57%

    Similarly, employees’ anxiety levels have peaked because of the pandemic and the uncertainty it brings.
    (Qualtrics, 2020)

    Four main themes surrounding stress & anxiety

    • Fear of contracting COVID-19
    • Financial pressures
    • Job security and uncertainty
    • Loneliness caused by social isolation

    Speaker’s Notes:

    The stress and uncertainty about the future caused by the pandemic and its fallout are posing the biggest challenges to employees.

    Organizations shutting down operations, moving to fully remote, or requiring some of their employees to be on site based on the current situation causes a lot of anxiety as employees are not able to plan for what is coming next.

    Adding in the loss of social networks and in-person interactions exacerbates the problem employees are facing. As leaders, it is your job to understand and mitigate these challenges wherever possible.

    Re-examine your workplace barriers to mental wellbeing

    New Barriers

    Old Barriers

    • Childcare/eldercare responsibilities
    • Fear of workplace health risks
    • Work location
    • Lost support networks
    • Changed work schedules
    • Social distancing
    • Workload
    • Fear of stigma
    • Benefits limits
    • Limits to paid time off
    • Lack of manager knowledge

    Key considerations:

    • Work Environment
      • Accessibility of mental wellbeing programs and initiatives
    • Organizational Culture
      • Modeling of wellbeing
      • Paid time off
      • Discussions around mental wellbeing
    • Total Rewards
      • Benefits coverage
      • Employee assistance programs (EAPs)
      • Manager knowledge

    Speaker’s Notes:

    Organizational barriers to mental wellbeing are sadly not new. Workloads, stigma around mental health, lack of sick days, and limits to benefits for mental health supports were challenges before the pandemic. Adding in the new barriers can very easily result in a tipping point for many employees who are simply not equipped to deal with or supported in dealing with the added burden of remote work in a post-pandemic world.

    To provide the needed support to your employees, it’s important to be mindful of the key considerations.

    Holistic employee wellbeing has never been more critical than it is right now

    Employee Wellbeing

    Physical

    The physical body; ensuring a person has the freedom, opportunities, and resources needed to sustainably maintain bodily health.

    Mental

    The psychological ability to cope with information, emotions, desires, and stressors (e.g. change, threats, etc.) in a healthy and balanced way. Essential for day-to-day living and functioning.

    Social

    The state of personal and professional relationships, including personal and community engagement. The capability for genuine, authentic, and mutually affirming interactions with others.

    Financial

    The state of a person’s finances; ensuring that a person feels capable to handle their financial situation and behaviors. The ability to live productively without the weight of financial stress.

    Speaker’s Notes:

    As a manager, you need to be mindful of all of these. Create an atmosphere where people are able to come to you for help if they are struggling in one of these areas. For example, some people might be more comfortable raising physical safety or comfort concerns (personal protective equipment, ergonomics) than concerns about mental health. Or they might feel like their feelings of loneliness are not appropriate to bring into their professional life.

    Wellbeing is a delicate subject, and most of the time, people are reluctant to talk about it. It requires vulnerability. And here’s the thing about it: Your staff will not drive a change in your team around making these topics more acceptable. It has to be the manager. You have to be the one to not just tell but show them that it’s OK to talk about this

    Encourage human-centered workplace behaviors

    Promote empathy as a focus value

    • Listen and show compassion.
    • Allow room for emotions.

    Encourage social connection

    • Leverage networks.
    • Infuse fun where possible.
    • Encourage community and sense of joint purpose.

    Cultivate a growth mindset

    • Encourage mindfulness and resilience.
    • Express gratitude.

    Empower others

    • Ask employees what they need and co-create solutions.
    • Integrate needs of personal and family life with work life.
    • Be clear on accountability.

    Speaker’s Notes:

    As a leader, your focus should be on encouraging the right behaviors on your team and in yourself.
    Show empathy; allowing room for emotion and showing you are willing and able to listen goes a long way to establishing trust.

    A growth mindset applies to resilience too. A person with a growth mindset is more likely to believe that even though they’re struggling now, they will get through it.

    Infuse fun – schedule social check-ins. This is not wasted time, or time off work – it is an integral part of the workday. We have less of it now organically, so you must bring it back deliberately. Remember that theme? We are deliberately reinfusing important organic elements into the workday.

    The last item, empowerment, is interesting – being clear on accountability. Have clear performance expectations. It might sound like telling people what to do would be disempowering, but it’s the opposite. By clarifying the goals of what they need to achieve, you empower them to invent their own “how,” because you and they are both sure they will arrive at the place that you agreed on. We will talk more about this in performance management.

    Emphasize the importance of wellbeing by setting the tone for the team

    Managers must…

    • LEAD BY EXAMPLE
      • Employees look to their managers for cues about how to react in a crisis. If the manager reacts with stress and fear, the team will follow.
    • ENCOURAGE OPEN COMMUNICATION
      • Frequent check-ins and transparent communication are essential during a time of crisis, especially when working remotely.
    • ACKNOWLEDGE THE SITUATION
      • Recognizing the stress that teams may be facing and expressing confidence in them goes a long way.
    • PROMOTE WELLBEING
      • Managers who take care of themselves can better support their teams and encourage them to practice good self-care too.
    • REDUCE STIGMA
      • Reducing stigma around mental health encourages people to come forward with their struggles and get the support they need.

    Speaker’s Notes:

    Emphasize the importance of wellbeing with what you do. If you do not model self-care behavior, people will follow what you do, not what you say.

    Lead by example – Live the behaviors you want to see in your employees. If you show confidence, positivity, and resiliency, it will filter down to your team.

    Encourage open communication – Have regular meetings where your team is able to set the agenda, or allow one-on-ones to be guided by the employee. Make sure these are scheduled and keep them a priority.

    Acknowledge the situation – Pretending things are normal doesn’t help the situation. Talk about the stress that the team is facing and express confidence that you will get through it together.

    Promote wellbeing – Take time off, don’t work when you’re sick, and you will be better able to support your team!

    Reduce stigma – Call it out when you see it and be sure to remind people of and provide access to any supports that the organization has.

    Conduct dedicated conversations around wellbeing

    1. Check in with how each team member is doing frequently and ask how they are doing personally.
    2. Discuss how things are going. Ask: “How is your work situation working out for you so far? Do you feel supported? How are you taking care of yourself in these circumstances?”
    3. Ask if there are any stressors or roadblocks that they have experienced and collaborate to find solutions.
    4. Provide reassurance of your support and confidence in them.
    5. Document the plan for managing stressors and roadblocks – either through a collaboration tool or through email.

    Speaker’s Notes:

    Going back to the idea of a growth mindset – this may be uncomfortable for you as a manager. So here’s a step-by-step guide that over time you can morph into your own style.

    With your team – be prepared to share first and to show it is OK to be vulnerable and address wellbeing seriously.

    1. Make sure you make time for the personal. Ask about their lives and show compassion.
    2. Give opportunities for them to bring up things that might stay hidden otherwise. Ask questions that show you care.
    3. Help identify areas they are struggling with and work with them to move past those areas.
    4. Make sure they feel supported in what they are going through and reassured of their place on the team.
    5. Roll wellbeing into your planning process. This signals to team that you see wellbeing as important, not just a checklist to cover during a team meeting, and are ready to follow through on it.

    Recognize when professional help is needed

    SIGNS OF BURNOUT: Overwhelmed; Frequent personal disclosure; Trouble sleeping and focusing; Frequent time off; Strained relationships; Substance abuse; Poor work performance

    Speaker’s Notes:

    As a leader, it is important to be on the lookout for warning signs of burnout and know when to step in and direct individuals to professional help.

    Poor work performance – They struggle to maintain work performance, even after you’ve worked with them to create coping strategies.

    Overwhelmed – They repeatedly tell you that they feel overwhelmed, very stressed, or physically unwell.

    Frequent personal disclosure – They want to discuss their personal struggles at length on a regular basis.

    Trouble sleeping and focusing – They tell you that they are not sleeping properly and are unable to focus on work.

    Frequent time off – They feel the need to take time off more frequently.

    Strained relationships – They have difficulty communicating effectively with coworkers; relationships are strained.

    Substance abuse – They show signs of substance abuse (e.g. drunk/high while working, social media posts about drinking during the day).

    Keeping an eye out for these signs and being able to step in before they become unmanageable can mean the difference between keeping and losing an employee experiencing burnout.

    Remember: Managers also need support

    • Added burden
    • Lead by example
    • Self-care

    Speaker’s Notes:

    If you’ve got managers under you, be mindful of their unique stressors. Don’t forget to check in with them, too.

    If you are a manager, remember to take care of yourself and check in with your own manager about your own wellbeing.

    2.1 Balance wellbeing and performance in a virtual team context

    30 Minutes

    1. Brainstorm and list current practices and challenges connected to wellbeing on your teams.
    2. Choose one or two wellbeing challenges that are most relevant for your team.
    3. Discuss as a group and identify one solution for each challenge that you can put into action with your own virtual team. Document this under “Action plan to move forward” on the workbook slide “2.1 Balancing wellbeing and performance in a virtual team context.”

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Current practices and challenges connected to wellbeing

    Output

    • Action plan for each challenge listed

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Effectively Manage Virtual Teams

    Section 2.2

    Managing performance in a virtual team context

    Virtual employees are craving more meaningful interactions with their managers

    A survey indicated that, overall, remote employees showed less satisfaction with manager interactions compared to other non-remote employees.

    1. 16% less likely to strongly agree their manager involves them in setting goals at work.
    2. 28% less likely to strongly agree they continually work with their manager to clarify work priorities.
    3. 29% less likely to strongly agree they have reviewed their greatest successes with their manager in the last six months.
    4. 30% less likely to strongly agree they have talked with their manager about progress toward goals in the last six months.

    Speaker’s Notes:

    In many cases, we have put people into virtual roles because they are self-directed and self-motivated workers who can thrive with the kind of autonomy and flexibility that comes with virtual work. As managers, we should expect many of these workers to be proactively interested in how they are performing and in developing their careers.

    It would be a mistake to take a hands-off approach when managing virtual workers. A recent survey indicated that, overall, remote employees showed less satisfaction with manager interactions compared to other non-remote employees. It was also one of the aspects of their work experience they were least satisfied with overall (Gallup, State of the American Workplace, 2017). Simply put, virtual employees are craving more meaningful conversations with their managers.

    While conversations about performance and development are important for all employees (virtual or non-virtual), managers of remote teams can have a significant positive impact on their virtual employees’ experience and engagement at work by making efforts to improve their involvement and support in these areas.

    During this module we will work together to identify ways that each of us can improve how we manage the performance of our virtual employees. At the end of the module everyone will create an action plan that they can put in place with their own teams. In the next module, we go through a similar set of activities to create an action plan for our interactions with employees about their development.

    Building blocks of performance management

    • Goal Setting

    • Setting Expectations

    • Measuring Progress

    • Feedback & Coaching

    Speaker’s Notes:

    [Include a visualization of your existing performance management process in the slide. Walk the participants through the process to remind them of what is expected. While the managers participating in the training should know this, there may be different understandings of it, or it might just be the case that it’s been a while since people looked at the official process. The intention here is merely to ensure everyone is on the same page for the purposes of the activities that follow.]

    Now that we’ve reviewed performance management at a high level, let’s dive into what is currently happening with the performance management of virtual teams.

    I know that you have some fairly extensive material at your organization around how to manage performance. This is fantastic. And we’re going to focus mainly on how things change in a virtual context.

    When measuring progress, how do you as a manager make sure that you are comfortable not seeing your team physically at their desks? This is the biggest challenge for remote managers.

    2.2 Share current performance management practices for virtual teams

    30 Minutes

    1. Brainstorm and list current high-level performance management practices connected to each building block. Record in your workbook.
    2. Discuss current challenges connected to implementing the building blocks with virtual employees.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Current performance management practices
    • Challenges surrounding performance management

    Output

    • Current state of virtual performance management defined

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Communicate the “why”: Cascade organizational goals

    This image depicts the Cascade of Why- organizational goals. Organizational Mission; Organizational Values; Organizational Goals; Department Goals; Team Goals; Individual Goals

    Speaker’s Notes:

    When assisting your employees with their goals, think about the organization’s overall mission and goals to help you determine team and individual goals.

    • Organizational goals: Employee goals should align with organizational goals. Goals may cascade down through the organization.
    • Department or team goals: Create a clear strategy based on high-level goals for the year so employees can link short-term goals to the larger picture.
    • Individual goals: Employees should draw on their individual development plan to help set performance goals.

    Sometimes it’s difficult to get employees thinking about goals and they need assistance from managers. It’s also important to be clear on team goals to help guide employees in setting individual ones.

    The basic idea is to show people how their individual day-to-day work contributes to the overall success of the organization. It gives them a sense of purpose and a rationale, which translates to motivation. And also helps them problem solve with more autonomy.

    You’re giving people a sense of the importance of their own contribution.

    How to set clear expectations for job performance

    Ensure employees have a clear understanding of what’s expected for their role:

    1. Review their metrics so they understand how they’re being evaluated.
    2. Outline daily, weekly, monthly, and quarterly goals.
    3. If needed, help them plan when and how each part of their job should be done and what to prioritize.
    4. Ask them to come to you early if they experience a roadblock so that you can help rather than having them flounder on their own.
    5. Document instances where employees aren’t meeting role or performance expectations.

    Speaker’s Notes:

    Tailor performance goals to address any root causes of poor performance.

    For example:

    • If personal factors are getting in the way, work with the employee (and HR if necessary) to create a strategy to address any impediments to performing in the role.

    Tips for managing performance remotely

    • Reflect on one key question: What needs to happen for my direct reports to continue their work while working remotely?
    • Manage for results – not employee visibility at the office.
    • Use metrics to measure performance. If you don’t have any, define tasks and deliverables as clearly as possible and conduct regular check-ins.
    • Work with the employee to set goals and metrics to measure progress.

    Focus on results: Be flexible about how and when work gets done, as long as team members are hitting their targets.

    • For example, if they have childcare duties from 3 to 5pm during school closures and want to work later in the evening to make up the time, that’s fine – as long as the work gets done.
    • Set clear expectations about which work must be done during normal work hours (e.g. attend team meetings, client calls) and which can be done at other hours.
    • Team members must arrange with you any nonstandard working hours before they start using an altered schedule. It is your responsibility to keep track of hours and any alternate arrangements.
    • Don’t make team members feel constantly monitored (i.e. “Where were you from 10 to 11am?”); trust them until you have reason not to.

    Encourage your team members to unplug: If they’re sending you emails late at night and they haven’t made an alternate work hours agreement with you, encourage them to take time away from work.

    • It’s harder to unplug when working at home, and everyone needs a break to stay productive.

    Avoid micromanagement with holistic performance measures

    Quality

    How well tasks are accomplished

    Behavior

    Related to specific employee actions, skills, or attitudes

    Quantity

    How much work gets done

    Holistic measures demonstrate all the components required for optimal performance. This is the biggest driver in having comfort as a manager of a remote team and avoiding micromanagement. Typically these are set at the organizational level. You may need to adjust for individual roles, etc.

    Speaker's Notes:

    Metrics come in different types. One way to ensure your metrics capture the full picture is to use a mix of different kinds of metrics.

    Some metrics are quantitative: they describe quantifiable or numerical aspects of the goal. This includes timeliness. On the other hand, qualitative metrics have to do with the final outcome or product. And behavioral metrics have to do with employees' actions, skills, or attitudes. Using different kinds of metrics together helps you set holistic measures, which capture all the components of optimal performance toward your goal and prevent gaming the system.

    Let's take an example:

    A courier might have an objective to do a good job delivering packages. An example of a quantitative measure might be that the courier is required to deliver X number of packages per day on time. The accompanying metrics would be the number of packages delivered per day and the ratio of packages delivered on time vs. late.

    Can you see a problem if we use only these quantitative measures to evaluate the courier's performance?

    Wait to see if anyone volunteers an answer. Discuss suggestions.

    That's right, if the courier's only goal is to deliver more packages, they might start to rush, may ruin the packages, and may offer poor customer service. We can help to guard against this by implementing qualitative and behavioral measures as well. For example, a qualitative measure might be that the courier is required to deliver the packages in mint condition. And the metric would be the number of customer complaints about damaged packages or ratings on a satisfaction survey related to package condition.

    For the behavioral aspect, the courier might be required to provide customer-centric service with a positive attitude. The metrics could be ratings on customer satisfaction surveys related to the courier's demeanor or observations by the manager.

    Managing poor performance virtually: Look for key signs

    It’s crucial to acknowledge that an employee might have an “off week” or need time to balance work and life – things that can be addressed with performance management (PM) techniques. Managers should move into the process for performance improvement when:

    1. Performance fluctuates frequently or significantly.
    2. Performance has dropped for an extended period of time.
    3. Expectations are consistently not being met.

    Key signs to look for:

    • PM data/performance-related assessments
    • Continual absences
    • Decreased quality or quantity of output
    • Frequent excuses (e.g. repeated internet outages)
    • Lack of effort or follow-through
    • Missed deadlines
    • Poor communication or lack of responsiveness
    • Failure to improve

    Speaker’s notes:

    • Let’s talk more about identifying low performance.
    • Everybody has off days or weeks. And what if they are new to the role or new to working remotely? Their performance may be low because they need time to adjust. These sort of situations should be managed, but they don’t require moving into the process for performance improvement.
    • When managing employees who are remote or working in a hybrid situation, it is important to be alert to these signs and check in with your employees on a regular basis. Aim to identify and work with employees on addressing performance issues as they arise rather than waiting until it’s too late. Depending on your availability, the needs of the employee, and the complexity of their role, check-ins could occur daily, weekly, and/or monthly. As I mentioned, for remote employees, it’s often better to check-in more frequently but for a shorter period of time.
    • You want to be present in their work life and available to help them manage through roadblocks and stay on track, but try to avoid over-monitoring employees. Micromanaging can impact the manager-employee relationship and lead to the employee feeling that there is a lack of trust. Remember, the employee needs to be responsible for their own performance and improvement.
    • Check-ins should not just be about the work either. Take some time to check in personally. This is particularly important when managing remotely. It enables you to build a personal relationship with the employee and also keeps you aware if there are other personal issues at play that are impacting their work.
    • So, how do you know what does require performance improvement? There are three key things that you should look for that are clear signals that performance improvement is necessary:
      1. Their performance is fluctuating frequently or significantly.
      2. Their performance has dropped for an extended period of time.
      3. Expectations are consistently not being met.
    • What do you think are some key signs to look for that indicate a performance issue is occurring?

    Managing poor performance virtually: Conducting remote performance conversations

    Video calling

    Always use video calls instead of phone calls when possible so that you don’t lose physical cues and body language.

    Meeting invitations

    Adding HR/your leader to a meeting invite about performance may cause undue stress. Think through who needs to participate and whether they need to be included in the invite itself.

    Communication

    Ensure there are no misunderstandings by setting context for each discussion and having the employee reiterate the takeaways back to you.

    Focus on behavior

    Don’t assume the intent behind the behavior(s) being discussed. Instead, just focus on the behavior itself.

    Policies

    Be sure to adhere to any relevant HR policies and support systems. Working with HR throughout the process will ensure none are overlooked.

    Speaker’s notes:

    There are a few best practices you should follow when having performance conversations:

    • First, if you are in a different work environment than your employee, always use video calls instead of phone calls whenever possible so that you don’t miss out on physical cues and body language. If videoconferencing isn’t the norm, encourage them to turn on their video. Be empathic that it can feel awkward but explain the benefits, and you will both have an easier time communicating and understanding each other.
    • As I’ve mentioned, be considerate of the environment they are in. If they are in the office and you are working remotely, be sure to book a private meeting room for them to go to for the conversation. If they are working from home, be sure to check that they are prepared and able to focus on the conversation.
    • Next, carefully consider who you are adding to the meeting invite and whether it’s necessary for them to be there. Adding HR or your leader to a meeting invite may cause undue stress for the employee.
    • Consider the timing of the invite. Don’t send it out weeks in advance. When a performance problem exists, you’ll want to address it as soon as possible. A day or two of notice would be an ideal approach because it gives them a heads up but will not cause them extended stress or worrying.
    • Be considerate about the timing of the meeting and what else they may have scheduled. For example, a Friday afternoon before they are heading off on vacation or right before they are leading an important client call would not be appropriate timing.
    • As we just mentioned clear communication is critical. Ensure there are no misunderstandings by setting context for each discussion and having the employee reiterate takeaways back to you.
    • Focus on the behavior and don’t assume their intent. It can be tempting to say, “I know you didn’t mean to miss the deadline,” but you don’t know what they intended. Often people are not aware of the impact their behavior can have on others.
    • Lastly, be sure to adhere to any relevant HR policies and support systems. Working with HR throughout the process will ensure nothing is overlooked.

    2.3 Identify challenges of current practices and propose solutions

    30 Minutes

    1. Select one or two challenges from the previous activity.
    2. Identify one solution for each challenge that you can put into action with your own virtual team. Document in the workbook.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Current performance management practices
    • Challenges surrounding performance management

    Output

    • Action plan to move forward

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Effectively Manage Virtual Teams

    Optional Section

    Employee development in a virtual team setting

    There are three main development approaches for both colocated and virtual employees

    Formal Training; Relational Learning; Experimental Learning

    Speaker’s Notes:

    As we have seen, our virtual employees crave more meaningful interactions with their managers. In addition to performance conversations, managers should also be having regular discussions with their employees about their employee development plans. One key component of these discussions is career planning. Whether you are thinking shorter term – how to become better at their current role – or longer term – how to advance beyond their current role – discussions about employee development are a great way to engage employees. Employees are ultimately responsible for creating and executing their own development plans, but managers are responsible for making sure that employees have thought through these plans and helping employees identify opportunities for executing those plans.

    To help us think about our own employee development practices, identify challenges they pose when working with virtual employees, and create solutions to these challenges, it is useful to think about employee development opportunities according to three types:

    1. The first kind of development opportunity is formal training. Formal training is organized and has a clearly defined curriculum and desired outcome. It usually takes the form of a group training session (like this one) or training videos or materials that employees can watch individually and on their own time. These opportunities usually end with a test or assignment that can be used to evaluate the degree to which the participant achieved the desired learning outcomes.
    2. The second kind of development opportunity is relational learning. Perhaps the most common form of this type of learning is coaching or mentoring. By establishing a long-term work relationship, checking in with employees about their daily work and development goals, and sharing their own experiences and knowledge, mentors help employees reflect and draw out learning from everyday, on-the-job development activities. Other examples include a peer support group or communities of practice. In these group settings peers share best practices and work together to overcome challenges.
    3. The third kind of development opportunity is experiential learning. This kind of opportunity provides employees the chance to work on real work problems, and the output of the development work can directly benefit the organization. Most people learn best by doing. On-the-job experiences that are challenging or new can force people to use and develop new skills and knowledge based on what worked effectively and what failed. Examples of experiential learning are on-the-job learning for new hires, stretch assignments, or special projects that take the employee beyond their daily routine and allow them to try new activities and develop competencies that they would not have the chance to develop as part of their regular job.

    According to McLean & Company, organizations should use the “70-20-10” rule as a rough guideline when working with employees to create their development plans: 10% of the plan should be dedicated to formal training opportunities, 20% to relational learning, and 70% to experiential learning. Managers should work with employees to identify their performance and career goals, ensure that their development plans are aligned with these goals, and include an appropriate mixture of all three kinds of development opportunities.

    To help identify challenges and solutions, think about how virtual work arrangements will impact the employee’s ability to leverage each type of opportunity at our organization.

    Here are some examples that can help us start thinking about the kinds of challenges virtual employees on our team face:

    Career Planning

    • One challenge can be identifying a career path that is consistent with working virtually. If switching from a virtual arrangement to an onsite arrangement is not a viable option for an employee, some career paths may not feasibly be open to them (at least as the company is currently organized). For example, if an employee would eventually like to be promoted to a senior leadership role in their business function but all senior leaders are required to work onsite at corporate headquarters, the employee will need to consider whether such a move is possible for them. In some cases employees may be willing to do this, but in others they may not. The important thing is to have these conversations with virtual employees and avoid the assumption that all career paths can be done virtually, since that might not be the case

    Formal Training

    • This is probably the least problematic form of employee development for virtual employees. In many cases this kind of training is scheduled well in advance, so virtual employees may be able to join non-virtual employees in person for some group training. When this is not possible (due to distance, budget, or time zone), many forms of group training can be recorded and watched by virtual employees later. Training videos and training materials can also easily be shared with virtual employees using existing collaboration software.

    Relational Learning

    • One major challenge here is developing a mentoring relationship virtually. As we discussed in the module on performance management, developing relationships virtually can be challenging because people cannot rely upon the kind of informal and spontaneous interactions that occur when people are located in the same office. Mentors and mentees will have to put in more effort and planning to get to know each other and they will have to schedule frequent check-ins so that employees can reflect upon their progress and experience (with the help of their mentors) more often.
    • Time zones and technology may pose potential barriers for certain candidates to be mentors. In some cases, employees that are best qualified to be mentors may not be as comfortable with collaborative software as other mentors or their mentees. If there are large time zone differences, some people who would otherwise be interested in acting as a mentor may be dissuaded. Managers need to take this into consideration if they are connecting employees with mentors or if they are thinking of taking on the mentor role themselves.

    Experiential Learning

    • Virtual employees risk being overlooked for special projects due to the “out of sight, out of mind” bias: When special projects come up, the temptation is to look around the room and see who is the best fit. The problem is, however, that in some cases the highest performers or best fit may not physically be in the room. In these cases it is important for managers to take on an advocate role for their employees and remind other managers that they have good virtual employees on their team that should be included or contacted. It is also important for managers to keep their team informed about these opportunities as often as possible.
    • Sometimes certain projects or certain kinds of work just cannot be done virtually in a company for a variety of reasons. The experiential learning opportunities will not be open to virtual employees. If such opportunities are open to the majority of other workers in this role (potentially putting virtual employees’ career development at a disadvantage relative to their peers), managers should work with their virtual employees to identify alternative experiences. Managers may also want to consider advocating for more or for higher quality experiential learning opportunities at the organization.

    Now that we have considered some general examples of challenges and solutions, let’s look at our own employee development practices and think about the practical steps we can take as managers to improve employee development for our virtual employees.

    Employee development basics

    • Career planning & performance improvement
    • Formal training
    • Relational learning
    • Experiential learning

    Speaker’s Notes:

    [Customize this slide according to your organization’s own policies and processes for employee development. Provide useful images that outline this on the slide, and in these notes describe the processes/policies that are in place. Note: In some cases policies or processes may not be designed with virtual employees or virtual teams in mind. That is okay for the purposes of this training module. In the following activities participants will discuss how they apply these policies and processes with their virtual teams. If your organization is interested in adapting its policies/processes to better support virtual workers, it may be useful to record those conversations to supplement existing policies later.]

    Now that we have considered some general examples of challenges and solutions, let’s look at our own employee development practices and think about the practical steps we can take as managers to improve employee development for our virtual employees.

    2.4 Share current practices for developing employees on a virtual team

    30 Minutes

    1. Brainstorm and list current high-level employee development practices. Record in your workbook.
    2. Discuss current challenges connected to developing virtual employees. Record in your workbook.
    3. Identify one solution for each challenge that you can put into action with your own virtual team.
    4. Discuss as a group.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Current employee development practices
    • Challenges surrounding employee development

    Output

    • Action plan to move forward

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Refine Action Plans

    2.5 Refine your action plan and commit to implementing it

    30 Minutes

    1. Review your action plans for consistency and overlap. Highlight any parts you may struggle to complete.
    2. Meeting with your group, summarize your plans to each other. Provide feedback and discuss each other’s action plans.
    3. Discuss how you can hold each other accountable.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Action items from previous activities.

    Output

    • Action plan to move forward

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Summary of Accomplishment

    • We do not need to go out and learn a new set of manager responsibilities to better manage our virtual teams; rather, we have to “dial up” certain responsibilities we already have or adjust certain approaches that we already take.
    • It is important to set clear expectations. While managers are ultimately responsible for making sure expectations are set and are clearly communicated, they are not the only ones with responsibilities. Employees and managers need to work together to overcome the challenges that virtual work involves.
    • Virtual employees crave meaningful interactions with their managers and team. Managers must take charge in fostering an atmosphere of openness around wellbeing and establish effective performance management strategies. By being proactive with our virtual teams’ wellness and mindful of our performance management habits, we can take significant steps toward keeping these employees engaged and productive.
    • Effective management in virtual contexts requires being more deliberate than is typical in non-virtual contexts. By working as a group to identify challenges and propose solutions, we have helped each other create action plans that we can use going forward to continually improve our management practices.

    If you would like additional support, have our analysts guide you through an info-tech workshop or guided implementation.

    Contact your account representative for more information

    workshops@infotech.com

    1-888-670-8889

    Speaker’s Notes:

    First, let’s take a moment to summarize the key things we have learned today:

    1. We do not need to go out and learn a new set of manager competencies to better manage our virtual teams; rather, we have to “dial up” certain competencies we already have or adjust certain approaches that we already take. In many cases we just need to be more aware of the challenges that virtual communication poses and be more planful in our approaches.
    2. It is important to set clear expectations. While managers are ultimately responsible for making sure expectations are set and clearly communicated, they are not the only ones with responsibilities. Employees and managers need to work together to overcome the challenges that virtual work involves. Making sure that teams have meaningful conversations about expectations, come to a shared understanding of them, and record them will create a firm foundation for all other interactions on the virtual team.
    3. Virtual employees crave meaningful interactions with their managers related to performance and employee development. By creating action plans for improving these kinds of interactions with our teams, we can take significant steps toward keeping these employees engaged and productive.
    4. Effective performance management and employee development in virtual contexts require more planfulness than is required in non-virtual contexts. By working as a group to identify challenges and propose solutions, we have helped each other create action plans that we can use going forward to continually improve our management practices.

    Is there anything that anyone has learned that is not on this list and that they would like to share with the group?

    Finally, were there any challenges identified today that were not addressed?

    [Note to facilitator: Take note of any challenges not addressed and commit to getting back to the participants with some suggested solutions.]

    Additional resources

    Manager Training: Lead Through Change

    Train managers to navigate the interpersonal challenges associated with change management and develop their communication and leadership skills. Upload this LMS module into your learning management system to enable online training.

    Manager Training: Build a Better Manager: Manage Your People

    Management skills training is needed, but organizations are struggling to provide training that makes a long-term difference in the skills managers use in their day to day.

    Many training programs are ineffective because they offer the wrong content, deliver it in a way that is not memorable, and are not aligned with the IT department’s business objectives.

    Blueprint: Manage Poor Performance While Working From Home

    Assess and improve remote work performance with our ready-to-use tools.

    Works Cited

    April, Richard. “10 KPIs Every Sales Manager Should Measure in 2019.” HubSpot, 24 June 2019. Web.

    Banerjea, Peter. “5 Powerful Strategies for Managing a Remote Sales Team.” Badger - Maps for field sales, n.d. Web.

    Bibby, Adrianne. “5 Employers’ Awesome Quotes about Work Flexibility.” FlexJobs, 9 January 2017. Web.

    Brogie, Frank. “The 14 KPIs every field sales rep should strive to improve.” Repsly, 2018. Web.

    Dunn, Julie. “5 smart tips for leading field sales teams.” LevelEleven, March 2015. Web.

    Edinger, Scott. “How great sales leaders coach.” Forbes, 2013. Web.

    “Employee Outlook: Employee Views on Working Life.” CIPD, April 2016. Web.

    Hall, Becki. “The 5 biggest challenges facing remote workers (and how to solve them).” interact, 7 July 2017. Web.

    Hofstede, Geert. “National Cultural Dimensions.” Hofstede Insights, 2012. Web.

    “Inventory of U.S. Greenhouse Gas Emissions and Sinks: 1990-2014 (EPA 430-R-16-002).” Environmental Protection Agency (EPA), 15 April 2016.

    “Latest Telecommuting Statistics.” Global Workplace Analytics, June 2021. Web.

    Knight, Rebecca. “How to manage remote direct reports.” Harvard Business Review, 2015. Web.

    “Rewards and Recognition: 5 ways to show remote worker appreciation.” FurstPerson, 2019. Web.

    Palay, Jonathan. "How to build your sales management cadence." CommercialTribe, 22 March 2018. Web.

    “Sales Activity Management Matrix.” Asian Sales Guru, 2019. Web.

    Smith, Simone. “9 Things to Consider When Recognizing Remote Employees.” hppy, 2018. Web.

    “State of Remote Work 2017.” OWL Labs, 2021. Web.

    “State of the American Workplace.” Gallup, 2017. Web.

    “Telework Savings Potential.” Global Workplace Analytics, June 2021. Web.

    “The Future of Jobs Employment Trends.” World Economic Forum, 2016. Web.

    “The other COVID-19 crisis: Mental health.” Qualtrics, 14 April 2020. Web.

    Thompson, Dan. “The straightforward truth about effective sales leadership.” Sales Hacker, 2017. Web.

    Tsipursky, Gleb. “Remote Work Can Be Better for Innovation Than In-Person Meetings.” Scientific American, 14 Oct. 2021. Web.

    Walsh, Kim. “New sales manager? Follow this guide to crush your first quarter.” HubSpot, May 2019. Web.

    “What Leaders Need to Know about Remote Workers: Surprising Differences in Workplace Happiness and Relationships.” TINYpulse, 2016.

    Zenger, Jack, and Joe Folkman. “Feedback: The Leadership Conundrum.” Talent Quarterly: The Feedback Issue, 2015.

    Contributors

    Anonymous CAMH Employee

    Document and Maintain Your Disaster Recovery Plan

    • Buy Link or Shortcode: {j2store}417|cart{/j2store}
    • member rating overall impact: 9.3/10 Overall Impact
    • member rating average dollars saved: $52,224 Average $ Saved
    • member rating average days saved: 38 Average Days Saved
    • Parent Category Name: DR and Business Continuity
    • Parent Category Link: /business-continuity
    • Disaster recovery plan (DRP) documentation is often driven by audit or compliance requirements rather than aimed at the team that would need to execute recovery.
    • Between day-to-day IT projects and the difficulty of maintaining 300+ page manuals, DRP documentation is not updated and quickly becomes unreliable.
    • Inefficient publishing strategies result in your DRP not being accessible during disaster or key staff not knowing where to find the latest version.

    Our Advice

    Critical Insight

    • DR documentation fails when organizations try to boil the ocean with an all-in-one plan aimed at auditors, business leaders, and IT. It’s too long, too hard to maintain, and ends up being little more than shelf-ware.
    • Using flowcharts, checklists, and diagrams aimed at an IT audience is more concise and effective in a disaster, quicker to create, and easier to maintain.
    • Create your DRP in layers to keep the work manageable. Start with a recovery workflow to ensure a coordinated response, and build out supporting documentation over time.

    Impact and Result

    • Create visual and concise DR documentation that strips out unnecessary content and is written for an IT audience – the team that would actually be executing the recovery. Your business leaders can take the same approach to create separate business response plans. Don’t mix the two in an all-in-one plan that is not effective for either audience.
    • Determine a documentation distribution strategy that supports ease of maintenance and accessibility during a disaster.
    • Incorporate DRP maintenance into change management procedures to systematically update and refine the DR documentation. Don’t save up changes for a year-end blitz, which turns document maintenance into an onerous project.

    Document and Maintain Your Disaster Recovery Plan Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should adopt a visual-based DRP, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Streamline DRP documentation

    Start by documenting your recovery workflow. Create supporting documentation in the form of checklists, flowcharts, topology diagrams, and contact lists. Finally, summarize your DR capabilities in a DRP Summary Document for stakeholders and auditors.

    • Document and Maintain Your Disaster Recovery Plan – Phase 1: Streamline DRP Documentation

    2. Select the optimal DRP publishing strategy

    Select criteria for assessing DRP tools, and evaluate whether a business continuity management tool, document management solution, wiki site, or manually distributing documentation is best for your DR team.

    • Document and Maintain Your Disaster Recovery Plan – Phase 2: Select the Optimal DRP Publishing Strategy
    • DRP Publishing and Document Management Solution Evaluation Tool
    • BCM Tool – RFP Selection Criteria

    3. Keep your DRP relevant through maintenance best practices

    Learn how to integrate DRP maintenance into core IT processes, and learn what to look for during testing and during annual reviews of your DRP.

    • Document and Maintain Your Disaster Recovery Plan – Phase 3: Keep Your DRP Relevant Through Maintenance Best Practices
    • Sample Project Intake Form Addendum for Disaster Recovery
    • Sample Change Management Checklist for Disaster Recovery
    • DRP Review Checklist
    • DRP-BCP Review Workflow (Visio)
    • DRP-BCP Review Workflow (PDF)

    4. Appendix: XMPL Case Study

    Model your DRP after the XMPL case study disaster recovery plan documentation.

    • Document and Maintain Your Disaster Recovery Plan – Appendix: XMPL Case Study
    • XMPL DRP Summary Document
    • XMPL Notification, Assessment, and Declaration Plan
    • XMPL Systems Recovery Playbook
    • XMPL Recovery Workflows (Visio)
    • XMPL Recovery Workflows (PDF)
    • XMPL Data Center and Network Diagrams (Visio)
    • XMPL Data Center and Network Diagrams (PDF)
    • XMPL DRP Business Impact Analysis Tool
    • XMPL DRP Workbook
    [infographic]

    Workshop: Document and Maintain Your Disaster Recovery Plan

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Streamline DRP Documentation

    The Purpose

    Teach your team how to create visual-based documentation.

    Key Benefits Achieved

    Learn how to create visual-based DR documentation.

    Activities

    1.1 Conduct a table-top planning exercise.

    1.2 Document your high-level incident response plan.

    1.3 Identify documentation to include in your playbook.

    1.4 Create an initial collection of supplementary documentation.

    1.5 Discuss what further documentation is necessary for recovering from a disaster.

    1.6 Summarize your DR capabilities for stakeholders.

    Outputs

    Documented high-level incident response plan

    List of documentation action items

    Collection of 1-3 draft checklists, flowcharts, topology diagrams, and contact lists

    Action items for ensuring that the DRP is executable for both primary and backup DR personnel

    DRP Summary Document

    2 Select the Optimal DRP Publishing Strategy

    The Purpose

    Learn the considerations for publishing your DRP.

    Key Benefits Achieved

    Identify the best strategy for publishing your DRP.

    Activities

    2.1 Select criteria for assessing DRP tools.

    2.2 Evaluate categories for DRP tools.

    Outputs

    Strategy for publishing DRP

    3 Learn How to Keep Your DRP Relevant Through Maintenance Best Practices

    The Purpose

    Address the common pain point of unmaintained DRPs.

    Key Benefits Achieved

    Create an approach for maintaining your DRP.

    Activities

    3.1 Alter your project intake considerations.

    3.2 Integrate DR considerations into change management.

    3.3 Integrate documentation into performance measurement and performance management.

    3.4 Learn best practices for maintaining your DRP.

    Outputs

    Project Intake Form Addendum Template

    Change Management DRP Checklist Template

    Further reading

    Document and Maintain Your Disaster Recovery Plan

    Put your DRP on a diet – keep it fit, trim, and ready for action.

    ANALYST PERSPECTIVE

    The traditional disaster recovery plan (DRP) “red binder” is dead. It takes too long to create, it’s too hard to maintain, and it’s not usable in a crisis.

    “This blueprint outlines the following key tactics to streamline your documentation effort and produce a better result:

    • Write for an IT audience and focus on how to recover. You don’t need 30 pages of fluff describing the purpose of the document.
    • Use flowcharts, checklists, and diagrams over traditional manuals. This drives documentation that is more concise, easier to maintain, and effective in a crisis.
    • Create your DRP in layers to get tangible results faster, starting with a recovery workflow that outlines your DR strategy, and then build out the specific documentation needed to support recovery.”
    (Frank Trovato, Research Director, Infrastructure, Info-Tech Research Group)

    This project is about DRP documentation after you have clarified your DR strategy; create these necessary inputs first

    These artifacts are the cornerstone for any disaster recovery plan.

    • Business Impact Analysis
    • DR Roles and Responsibilities
    • Recovery Workflow

    Missing a component? Start here. ➔ Create a Right-Sized Disaster Recovery Plan

    This blueprint walks you through building these inputs.
    Our approach saves clients on average US$16,825.22. (Clients self-reported an average saving of US$16,869.21 while completing the Create a Right-Sized Disaster Recovery Plan blueprint through advisory calls, guided implementations, or workshops (Info-Tech Research Group, 2017, N=129).)

    How this blueprint will help you document your DRP

    This Research is Designed For:

    • IT managers in charge of disaster recovery planning (DRP) and execution.
    • Organizations seeking to optimize their DRP using best-practice methodology.
    • Business continuity professionals that are involved with disaster recovery.

    This Research Will Help You:

    • Divide the process of creating DR documentation into manageable chunks, providing a defined scope for you to work in.
    • Identify an appropriate DRP document management and distribution strategy.
    • Ensure that DR documentation is up to date and accessible.

    This Research Will Also Assist:

    • IT managers preparing for a DR audit.
    • IT managers looking to incorporate components of DR into an IT operations document.

    This Research Will Help Them:

    • Follow a structured approach in building DR documentation using best practices.
    • Integrate DR into day-to-day IT operations.

    Executive summary

    Situation

    • DR documentation is often driven by audit or compliance requirements, rather than aimed at the team that would need to execute recovery.
    • Traditional DRPs are text-heavy, 300+ page manuals that are simply not usable in a crisis.
    • Compounding the problem, DR documentation is rarely updated, so it’s just shelf-ware.

    Complication

    • DRP is often given lower priority as day-to-day IT projects displace DR documentation efforts.
    • Inefficient publishing strategies result in your DRP not being accessible during disasters or key staff not knowing where to find the latest version.
    • Organizations that create traditional DRPs end up with massive manuals that are difficult to maintain, so they quickly become unreliable.

    Resolution

    • Create visual and concise DR documentation that strips out unnecessary content and is written for an IT audience – the team that would actually be executing the recovery. Your business leaders can take the same approach to create separate business response plans – don’t mix the two into an all-in-one plan that is not effective for either audience.
    • Determine a documentation distribution strategy that supports ease of maintenance and accessibility during a disaster.
    • Incorporate DRP maintenance into change management and project intake procedures to systematically update and refine the DR documentation. Don’t save up changes for a year-end blitz, which turns document maintenance into an onerous project.

    Info-Tech Insight

    1. DR documentation fails when organizations try to boil the ocean with an all-in-one plan aimed at auditors, business leaders, and IT. It’s too long, too hard to maintain, and ends up being little more than shelf-ware.
    2. Using flowcharts, checklists, and diagrams aimed at an IT audience is more concise and effective in a disaster, quicker to create, and easier to maintain.
    3. Create your DRP in layers to keep the work manageable. Start with a recovery workflow to ensure a coordinated response, and build out supporting documentation over time.

    An effective DRP that mitigates a wide range of potential outages is critical to minimizing the impact of downtime

    The criticality of having an effective DRP is underestimated.

    Cost of Downtime for the Fortune 1000
    • Cost of unplanned apps downtime per year: $1.25B to $2.5B
    • Cost of critical apps failure per hour: $500,000 to $1M
    • Cost of infrastructure failure per hour: $100,000
    • 35% reported to have recovered within 12 hours.
    • 17% of infrastructure failures took more than 24 hours to recover.
    • 13% of application failures took more than 24 hours to recover.
    Size of Impact Increasing Across Industries
    • The cost of downtime is rising across the board and not just for organizations that traditionally depend on IT (e.g. e-commerce).
    • Downtime cost increase since 2010:
      • Hospitality: 129% increase
      • Transportation: 108% increase
      • Media organizations: 104% increase
    Potential Lost Revenue
    A line graph of Potential Lost Revenue with vertical axis 'LOSS ($)' and horizontal axis 'TIME'. The line starts with low losses near the origin where 'Incident Occurs', gradually accelerates to higher losses as time passes, then decelerates before 'All Revenue Lost'. Note: 'Delay in recovery causes exponential revenue loss'.
    (Adapted from: Rothstein, Philip Jan. Disaster Recovery Testing: Exercising Your Contingency Plan (2007 Edition).)

    The impact of downtime increases significantly over time, not just in terms of lost revenue (as illustrated here) but also goodwill/reputation and health/safety. An effective DR solution and overall resiliency that mitigate a wide range of potential outages are critical to minimizing the impact of downtime.

    Without an effective DRP, your organization is gambling on being able to define and implement a recovery strategy during a time of crisis. At the very least, this means extended downtime – potentially weeks – and substantial impact.

    Only 38% of those with a full or mostly complete DRP believe their DRPs would be effective in a real crisis

    Organizations continue to struggle with creating DRPs, let alone making them actionable.

    Why are so many living with either an incomplete or ineffective DRP? For the same reasons that IT documentation in general continues to be a pain point:

    • It is an outdated model of what documentation should be – the traditional manual with detailed (lengthy) descriptions and procedures.
    • Despite the importance of DR, low priority is placed on creating a DRP and the day-to-day SOPs required to support a recovery.
    • There is a lack of effective processes for ensuring documentation stays up to date.
    A bar graph documenting percentages of survey responses about the completeness of their DRP. 'Only 20% of survey respondents indicated they have a complete DRP'. 13% said 'No DRP'. 33% said 'Partial DRP'. 34% said 'Mostly Completed'. 20% said 'Full DRP'.
    (Source: Info-Tech Research Group, N=165)
    A bar graph documenting percentages of survey responses about the level of confidence in their DRP. 'Only 38% of those who have a mostly completed or full DRP actually feel it would be effective in a crisis'. 4% said 'Low'. 58% said 'Unsure'. 38% said 'Confident'.
    (Source: Info-Tech Research Group, N=69 (includes only those who indicated DRP is mostly completed or completed))

    Improve usability and effectiveness with visual-based and more-concise documentation

    Choose flowcharts over process guides, checklists over lengthy procedures, and diagrams over descriptions.

    If you need a three-inch binder to hold your DRP, imagine having to flip through it to determine next steps during a crisis.

    DR documentation needs to be concise, scannable, and quickly understood to be effective. Visual-based documentation meets these requirements, so it’s no surprise that it also leads to higher DR success.

    DR success scores are based on:

    • Meeting recovery time objectives (RTOs).
    • Meeting recovery point objectives (RPOs).
    • IT staff’s confidence in their ability to meet RTOs/RPOs.
    A line graph of DR documentation types and their effectiveness. The vertical axis is 'DR Success', from Low to High. The horizontal axis is Documentation Type, from 'Traditional Manual' to 'Primarily flowcharts, checklists, and diagrams'. The line trends up to higher success with visual-based and more-concise documentation.(Source: Info-Tech Research Group, N=95)

    “Without question, 300-page DRPs are not effective. I mean, auditors love them because of the detail, but give me a 10-page DRP with contact lists, process flows, diagrams, and recovery checklists that are easy to follow.” (Bernard Jones, MBCI, CBCP, CORP, Manager Disaster Recovery/BCP, ActiveHealth Management)

    Maintainability is another argument for visual-based, concise documentation

    There are two end goals for your DR documentation: effectiveness and maintainability. Without either, you will not have success during a disaster.

    Organizations using a visual-based approach were 30% more likely to find that DR documentation is easy to maintain. “Easy to maintain” leads to a 46% higher rate of DR success.
    Two bar graphs documenting survey responses regarding maintenance ease of DR documentation types. The first graph compares Traditional Manual vs Visual-based. For 'Traditional Manual' 72% responded they were Difficult to maintain while 28% responded they were Easy to maintain; for 'Visual-based' 42% responded they were Difficult to maintain while 58% responded they were Easy to maintain. Visual-based DR documentation received 30% more votes for Easy to Maintain. The second graph compares success rates of 'Difficult to Maintain' vs 'Easy to Maintain' DR documentation with Difficult being 31% and Easy being 77%, a 46% difference. 'Source: Info-Tech Research Group, N=96'.

    Not only are visual-based disaster recovery plans more effective, but they are also easier to maintain.

    Overcome documentation inertia with a tiered model that allows you to eat the elephant one bite at a time

    Start with a recovery workflow to at least ensure a coordinated response. Then use that workflow to determine required supporting documentation.

    Recovery Workflow: Starting the project with overly detailed documentation can slow down the entire process. Overcome planning inertia by starting with high-level incident response plans in a flowchart format. For examples and additional information, see XMPL Medical’s Recovery Workflows.

    Recovery Procedures (Systems Recovery Playbook): For each step in the high-level flowchart, create recovery procedures where necessary using additional flowcharts, checklists, and diagrams as appropriate. Leverage Info-Tech’s Systems Recovery Playbook example as a starting point.

    Additional Reference Documentation: Reference existing IT documentation, such as network diagrams and configuration documents, as well as more detailed step-by-step procedures where necessary (e.g. vendor documentation), particularly where needed to support alternate recovery staff who may not be as well versed as the primary system owners.

    Info-Tech Insight

    Organizations that use flowcharts, checklist, and diagrams over traditional, dense DRP manuals are far more likely to meet their RTOs/RPOs because their documentation is more usable and easier to maintain.

    Use a DRP summary document to satisfy executives, auditors, and clients

    Stakeholders don’t have time to sift through a pile of paper. Summarize your overall continuity capabilities in one, easy-to-read place.

    DRP Summary Document

    • Summarize BIA results
    • Summarize DR strategy (including DR sites)
    • Summarize backup strategy
    • Summarize testing and maintenance plans

    Follow Info-Tech’s methodology to make DRP documentation efficient and effective

    Phases

    Phase 1: Streamline DRP documentation Phase 2: Select the optimal DRP publishing strategy Phase 3: Keep your DRP relevant through maintenance best practices

    Phases

    1.1

    Start with a recovery workflow

    2.1

    Decide on a publishing strategy

    3.1

    Incorporate DRP maintenance into core IT processes

    1.2

    Create supporting DRP documentation

    3.2

    Conduct an annual focused review

    1.3

    Write the DRP Summary

    Tools and Templates

    End-to-End Sample DRP DRP Publishing Evaluation Tool Project In-take/Request Form

    Change Management Checklist

    Follow XMPL Medical’s journey through DR documentation

    CASE STUDY

    Industry Healthcare
    Source Created by amalgamating data from Info-Tech’s client base

    Streamline your documentation and maintenance process by following the approach outlined in XMPL Medical’s journey to an end-to-end DRP.

    Outline of the Disaster Recovery Plan

    XMPL’s disaster recovery plan includes its business impact analysis and a subset of tier 1 and tier 2 patient care applications.

    Its DRP includes incident response flowcharts, system recovery checklists, and a communication plan. Its DRP also references IT operations documentation (e.g. asset management documents, system specs, and system configuration docs), but this material is not published with the example documentation.

    Resulting Disaster Recovery Plan

    XMPL’s DRP includes actionable documents in the form of high-level disaster response plan flowcharts and system recovery checklists. During an incident, the DR team is able to clearly see the items for which they are responsible.

    Disaster Recovery Plan
    • Recovery Workflow
    • Business Impact Analysis
    • DRP Summary
    • System Recovery Checklists
    • Communication, Assessment, and Disaster Declaration Plan

    Info-Tech Best Practice

    XMPL Medical’s disaster recovery plan illustrates an effective DRP. Model your end-to-end disaster recovery plan after XMPL’s completed templates. The specific data points will differ from organization to organization, but the structure of each document will be similar.

    Model your disaster recovery documentation off of our example

    CASE STUDY

    Industry Healthcare
    Source Created by amalgamating data from Info-Tech’s client base

    Recovery Workflow:

    • Recovery Workflows (PDF, VSDX)

    Recovery Procedures (Systems Recovery Playbook):

    • DR Notification, Assessment, and Disaster Declaration Plan
    • Systems Recovery Playbook
    • Network Topology Diagrams

    Additional Reference Documentation:

    • DRP Workbook
    • Business Impact Analysis
    • DRP Summary Document

    Use Info-Tech’s DRP Maturity Scorecard to evaluate your progress

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Document and Maintain Your Disaster Recovery Plan – Project Overview

    1. Streamline DRP Documentation 2. Select the Optimal DRP Publishing Strategy 3. Keep Your DRP Relevant
    Supporting Tool icon
    Best-Practice Toolkit

    1.1 Start with a recovery workflow

    1.2 Create supporting DRP documentation

    1.3 Write the DRP summary

    2.1 Create Committee Profiles

    3.1 Build Governance Structure Map

    3.2 Create Committee Profiles

    Guided Implementations
    • Review Info-Tech’s approach to DRP documentation.
    • Create a high-level recovery workflow.
    • Create supporting DRP documentation.
    • Write the DRP summary.
    • Identify criteria for selecting a DRP publishing strategy.
    • Select a DRP publishing strategy.
    • Optional: Select requirements for a BCM tool and issue an RFP.
    • Optional: Review responses to RFP.
    • Learn best practices for integrating DRP maintenance into day-to-day IT processes.
    • Learn best practices for DRP-focused reviews.
    Associated Activity icon
    Onsite Workshop
    Module 1:
    Streamline DRP documentation
    Module 2:
    Select the optimal DRP publishing strategy
    Module 3:
    Learn best practices for keeping your DRP relevant
    Phase 1 Outcome:
    • A complete end-to-end DRP
    Phase 2 Outcome:
    • Selection of a publishing and management tool for your DRP documentation
    Phase 3 Outcome:
    • Strategy for maintaining your DRP documentation

    Workshop Overview Associated Activity icon

    Contact your account representative or email Workshops@InfoTech.com for more information.

    Workshop Day 1 Workshop Day 2 Workshop Day 3 Workshop Day 4 Workshop Day 5
    Info-Tech Analysts Finalize Deliverables
    Activities
    Assess DRP Maturity and Review Current Capabilities

    0.1 Assess current DRP maturity through Info-Tech’s Maturity Scorecard.

    0.2 Identify the IT systems that support mission-critical business activities, and select 2 or 3 key applications to be the focus of the workshop.

    0.3 Identify current recovery strategies for selected applications.

    0.4 Identify current DR challenges for selected applications.

    Document Your Recovery Workflow

    1.1 Create a recovery workflow: review tabletop planning, walk through DR scenarios, identify DR gaps, and determine how to fill them.

    Create Supporting Documentation

    1.2 Create supporting DRP documentation.

    1.3 Write the DRP summary.

    Establish a DRP Publishing, Management, and Maintenance Strategy

    2.1 Decide on a publishing strategy.

    3.1 Incorporate DRP maintenance into core IT.

    3.2 Considerations for reviewing your DRP regularly.

    Deliverables
    1. Baseline DRP metric (based on DRP Maturity Scorecard)
    1. High-level DRP workflow
    2. DRP gaps and risks identified
    1. Recovery workflow and/or checklist for sample of IT systems
    2. Customized DRP Summary Template
    1. Strategy for selecting a DRP publishing tool
    2. DRP management and maintenance strategy
    3. Workshop summary presentation deck

    Workshop Goal: Learn how to document and maintain your DRP.

    Use these icons to help direct you as you navigate this research

    Use these icons to help guide you through each step of the blueprint and direct you to content related to the recommended activities.

    A small monochrome icon of a wrench and screwdriver creating an X.

    This icon denotes a slide where a supporting Info-Tech tool or template will help you perform the activity or step associated with the slide. Refer to the supporting tool or template to get the best results and proceed to the next step of the project.

    A small monochrome icon depicting a person in front of a blank slide.

    This icon denotes a slide with an associated activity. The activity can be performed either as part of your project or with the support of Info-Tech team members, who will come onsite to facilitate a workshop for your organization.


    Phase 1: Streamline DRP Documentation

    Step 1.1: Start with a recovery workflow

    PHASE 1
    PHASE 2
    PHASE 3
    1.1 1.2 1.3 2.1 3.1 3.2
    Start with a Recovery Workflow Create Supporting Documentation Write the DRP Summary Select DRP Publishing Strategy Integrate into Core IT Processes Conduct an Annual Focused Review

    This step will walk you through the following activities:

    • Review a model DRP.
    • Review your recovery workflow.
    • Identify documentation required to support the recovery workflow.

    This step involves the following participants:

    • DRP Owner
    • System SMEs
    • Alternate DR Personnel

    Outcomes of this step

    • Understanding the visual-based, concise approach to DR documentation.
    • Creating a recovery workflow that provides a roadmap for coordinating incident response and identifying required supporting documentation.

    Info-Tech Insights

    A DRP is a collection of procedures and supporting documents that allow an organization to recover its IT services to minimize system downtime for the business.

    1.1 — Start with a recovery workflow to ensure a coordinated response and identify required supporting documentation

    The recovery workflow clarifies your DR strategy and ensures the DR team is on the same page.

    Recovery Workflow

    The recovery workflow maps out the incident response plan from event detection, assessment, and declaration to systems recovery and validation.

    This documentation includes:

    • Clarifying initial incident response steps.
    • Clarifying the order of systems recovery and which recovery actions can occur concurrently.
    • Estimating actual recovery timeline through each stage of recovery.
    Recovery Procedures (Playbook)
    Additional Reference Documentation

    “We use flowcharts for our declaration procedures. Flowcharts are more effective when you have to explain status and next steps to upper management.” (Assistant Director-IT Operations, Healthcare Industry)

    Review business impact analysis (BIA) results to plan your recovery workflow

    The BIA defines system criticality from the business’s perspective. Use it to guide system recovery order.

    Specifically, review the following from your BIA:

    • The list of tier 1, 2, and 3 applications. This will dictate the recovery order in your recovery workflow.
    • Application dependencies. This will outline what needs to be included as part of an application recovery workflow.
    • The recovery time objective (RTO) and recovery point objective (RPO) for each application. This will also guide the recovery, and enable you to identify gaps where the recovery workflow does not meet RTOs and RPOs.

    CASE STUDY: The XMPL DRP documentation is based on this Business Impact Analysis Tool.

    Haven’t conducted a BIA? Use Info-Tech’s streamlined approach.

    Info-Tech’s publication Create a Right-Sized Disaster Recovery Plan takes a very practical approach to BIA work. Our process gives IT leaders a mechanism to quickly get agreement on system recovery order and DR investment priorities.

    Conduct a tabletop planning exercise to determine your recovery workflow

    Associated Activity icon 1.1.1 Tabletop Planning Exercise

    1. Define a scenario to drive the tabletop planning exercise:
      • Use a scenario that forces a full failover to your DR environment, so you can capture an end-to-end recovery workflow.
      • Avoid scenarios that impact health and safety such as tornados or a fire. You want to focus on IT recovery.
      • Example scenarios: Burst water pipe that causes data-center-wide damage or a gas leak that forces evacuation and power to be shut down for at least two days.

    Note: You may have already completed this exercise as part of Create a Right-Sized Disaster Recovery Plan.

    Info-Tech Insight

    Use scenarios to provide context for DR planning, and to test your plans, but don’t create a separate plan for every possibility.

    The high-level recovery plan will be the same whether the incident is a fire, flood, or tornado. While there might be some variances and outliers, these scenarios can be addressed by adding decision points and/or separate, supplementary instructions.

    Walk through the scenario and capture the recovery workflow

    Associated Activity icon 1.1.2 Tabletop Planning Exercise
    1. Capture the following information for tier 1, tier 2, and tier 3 systems:
      1. On white cue cards, record the steps and track start and end times for each step (where 00:00 is when the incident occurred).
      2. On yellow cue cards, document gaps in people, process, and technology requirements to complete the step.
      3. On red cue cards, indicate risks (e.g. no backup person for a key staff member).

    Note:

    • Ensure the language is sufficiently genericized (e.g. refer to events, not specifically a burst water pipe).
    • Review isolated failures (e.g. hardware, software). Typically, the recovery procedure documented for individual systems covers the essence of the recovery workflow whether it’s just the one system that failed or it’s part of a site-wide recovery.

    Note: You may have already completed this exercise as part of Create a Right-Sized Disaster Recovery Plan.

    Document your current-state recovery workflow based on the results of the tabletop planning

    Supporting Tool icon 1.1.2 Incident Response Plan Flowcharts, Tabs 2 and 3

    After you finish the tabletop planning exercise, the steps on the set of cue cards define your recovery workflow. Capture this in a flowchart format.

    Use the sample DRP to guide your own flowchart. Some notes on the example are:

    • XMPL’s Incident Management to DR flowchart shows the connection between its standard Service Desk processes and DR processes.
    • XMPL’s high-level workflows outline its recovery of tier 1, 2, and 3 systems.
    • Where more detail is required, include links to supporting documentation. In this example, XMPL Medical includes links to its Systems Recovery Playbook.
    Preview of an Info-Tech Template depicting a sample flowchart.

    This sample flowchart is included in XMPL Recovery Workflows.

    Step 1.2: Create Supporting DRP Documentation

    PHASE 1
    PHASE 2
    PHASE 3
    1.11.21.32.13.13.2
    Start with a Recovery WorkflowCreate Supporting DocumentationWrite the DRP SummarySelect DRP Publishing StrategyIntegrate into Core IT ProcessesConduct an Annual Focused Review

    This step will walk you through the following activities:

    • Create checklists for your playbook.
    • Document more complex procedures with flowcharts.
    • Gather and/or write network topology diagrams.
    • Compile a contact list.
    • Ensure there is enough material for backup personnel.

    This step involves the following participants:

    • DRP Owner
    • System SMEs
    • Backup DR Personnel

    Outcomes of this step

    • Actionable supporting documentation for your disaster recovery plan.
    • Contact list for IT personnel, business personnel, and vendor support.

    1.2 — Create supporting documentation for your disaster recovery plan

    Now that you have a high-level incident response plan, collect the information you need for executing that plan.

    Recovery Workflow

    Write your recovery procedures playbook to be effective and usable. Your playbook documentation should include:

    • Supplementary flowcharts
    • Checklists
    • Topology diagrams
    • Contact lists
    • DRP summary

    Reference vendors’ technical information in your flowcharts and checklists where appropriate.

    Recovery Procedures (Playbook)

    Additional Reference Documentation

    Info-Tech Insight

    Write for your audience. The playbook is for IT; include only the information they need to execute the plan. DRP summaries are for executives and auditors; do not include information intended for IT. Similarly, your disaster recovery plan is not for business units; keep BCP content out of your DRP.

    Use checklists to streamline step-by-step procedures

    Supporting Tool icon 1.2.1 XMPL Medical’s System Recovery Checklists

    Checklists are ideal when staff just need a reminder of what to do, not how to do it.

    XMPL Medical used its high-level flowcharts as a roadmap for creating its Systems Recovery Playbook.

    • Since its Playbook is intended for experienced IT staff, the writing style in the checklists is concise. XMPL includes links to reference material to support recovery, especially for alternate staff who might need additional instruction.
    • XMPL includes key parameters (e.g. IP addresses) rather than assume those details would be memorized, especially in a stressful DR scenario.
    • Similarly, include links to other useful resources such as VM templates.
    Preview of the Info-Tech Template 'Systems Recovery Playbook'.

    Included in the XMPL Systems Recovery Playbook are checklists for recovering XMPL’s virtual desktop infrastructure, mission-critical applications, and core infrastructure components.

    Use flowcharts to document processes with concurrent tasks not easily captured in a checklist

    Supporting Tool icon 1.2.2 XMPL Medical’s Phone Services Recovery Flowchart

    Recovery procedures can consist of flowcharts, checklists, or both, as well as diagrams. The main goal is to be clear and concise.

    • XMPL Medical created a flowchart to capture its phone services recovery procedure to capture concurrent tasks.
    • Additional instructions, where required, could still be captured in a Playbook checklist or other supporting documentation.
    • The flowchart could have also included key settings or other details as appropriate, particularly if the DR team chose to maintain this recovery procedure just in a flowchart format.
    Preview of the Info-Tech Template 'Recovery Workflows'.

    Included in the XMPL DR documentation is an example flowchart for recovering phone systems. This flowchart is in Recovery Workflows.

    Reference this blueprint for more SOP flowchart examples: Create Visual SOP Documents that Drive Process Optimization, Not Just Peace of Mind

    Use topology diagrams to capture network layout, integrations, and system information

    Supporting Tool icon 1.2.4 XMPL Medical’s Data Center and Network Diagrams

    Topology diagrams, key checklists, and configuration settings are often enough for experienced networking staff to carry out their DR tasks.

    • XMPL Medical includes these diagrams with its DRP. Instead of recreating these diagrams, the XMPL Medical DR Manager asked their network team for these diagrams:
      • Primary data center diagram
      • DR site diagram
      • High-level network diagrams
    • Often, organizations already have network topology diagrams for reference purposes.

    “Our network engineers came to me and said our standard SOP template didn't work for them. They're now using a lot of diagrams and flowcharts, and that has worked out better for them.” (Assistant Director-IT Operations, Healthcare Industry)

    Preview of the Info-Tech Template 'Systems Recovery Playbook'.

    You can download a PDF and a VSD version of these Data Center and Network Diagrams from Info-Tech’s website.

    Create a list of organizational, IT, and vendor contacts that may be required to assist with recovery

    If there is something strange happening to your IT infrastructure, who you gonna call?

    Many DR managers have their team on speed dial. However, having the contact info of alternate staff, BCP leads, and vendors can be very helpful during a disaster. XMPL Medical lists the following information in its DRP Workbook:

    • The DR Teams, SMEs critical to disaster recovery, their backups, and key contacts (e.g. BC Management team leads, vendor contacts) that would be involved in:
      • Declaring a disaster.
      • Coordinating a response at an organizational level.
      • Executing recovery.
    • The people that have authority to declare a disaster.
    • Each person’s spending authority.
    • The rules for delegating authority.
    • Primary and alternate staff for each role.
    Example list of alternate staff, BCP leads, and vendors.

    Confirm with your DR team that you have all of the documentation that you need to recover during a disaster

    Associated Activity icon 1.2.7 Group Discussion

    DISCUSS: Is there enough information in your DRP for both primary and backup DR personnel?

    • Is it clear who is responsible for each DR task, including notification steps?
    • Have alternate staff for each role been identified?
    • Does the recovery workflow capture all of the high-level steps?
    • Is there enough documentation for alternate staff (e.g. network specs)?

    Step 1.3: Write the DRP Summary

    PHASE 1
    PHASE 2
    PHASE 3
    1.11.21.32.13.13.2
    Start with a Recovery WorkflowCreate Supporting DocumentationWrite the DRP SummarySelect DRP Publishing StrategyIntegrate into Core IT ProcessesConduct an Annual Focused Review

    This step will walk you through the following activities:

    • Write a DRP summary document.

    This step involves the following participants:

    • DRP Owner

    Outcomes of this step

    • High-level outline of your DRP capabilities for stakeholders such as executives, auditors, and clients.

    Summarize your DR capabilities using a DRP summary document

    Supporting Tool icon 1.3.1 DRP Summary Document

    The sample included on Info-Tech’s website is customized for the XMPL Medical Case Study – use the download as a starting point for your own summary document.

    DRP Summary Document

    XMPL’s DRP Summary is organized into the following categories:

    • DR requirements: This includes a summary of scope, business impact analysis (BIA), risk assessment, and high-level RTOs and achievable RTOs.
    • DR strategy: This includes a summary of XMPL’s recovery procedures, DR site, and backup strategy.
    • Testing and maintenance: This includes a summary of XMPL’s DRP testing and maintenance strategy.

    Be transparent about existing business risks in your DRP summary

    The DRP summary document is business facing. Include information of which business leaders (and other stakeholders) need to be aware.

    • Discrepancies between desired and achievable RTOs? Organizational leadership needs to know this information. Only then can they assign the resources and budget that IT needs to achieve the desired DR capabilities.
    • What is the DRP’s scope? XMPL Medical lists the IT components that will be recovered during a disaster, and components which will not. For instance, XMPL’s DRP does not recover medical equipment, and XMPL has separate plans for business continuity and emergency response coordination.
    Application tier Desired RTO (hh:mm) Desired RPO (hh:mm) Achievable RTO (hh:mm) Achievable RPO (hh:mm)
    Tier 1 4:00 1:00 *90:00 1:00
    Tier 2 8:00 1:00 *40:00 1:00
    Tier 3 48:00 24:00 *96:00 24:00

    The above table to is a snippet from the XMPL DR Summary Document (section 2.1.3.2).

    In the example, the DR team is unable to recover tier 1, 2, and 3 systems within the desired RTO. As such, they clearly communicate this information in the DRP summary, and include action items to address these gaps.

    Phase 2: Select the Optimal DRP Publishing Strategy

    Step 2.1: Select a DRP Publishing Strategy

    PHASE 1
    PHASE 2
    PHASE 3
    1.11.21.32.13.13.2
    Start with a Recovery WorkflowCreate Supporting DocumentationWrite the DRP SummarySelect DRP Publishing StrategyIntegrate into Core IT ProcessesConduct an Annual Focused Review

    This step will walk you through the following activities:

    • Select criteria for assessing DRP tools.
    • Evaluate categories for DRP tools.
    • Optional: Write an RFP for a BCM tool.

    This step involves the following participants:

    • DRP Owner

    Outcomes of this step

    • Identified strategies for publishing your DRP (i.e. making it available to your DR team).

    Info-Tech Insights

    Diversify your publishing strategy to ensure you can access your DRP in a disaster. For example, if you are using a BCM tool or SharePoint Online as your primary documentation repository, also push the DRP to your DR team’s smartphones as a backup in case the disaster affects internet access.

    2.1 — Select a DR publishing and document management strategy that fits your organization

    Publishing and document management considerations:

    Portability/External Access: Assume your primary site is down and inaccessible. Can you still access your documentation? As shown in this chart, traditional strategies of either keeping a copy at another location (e.g. at the failover site) or with staff (e.g. on a USB drive) still dominate, but these aren’t necessarily the best options.
    A bar chart titled 'Portability Strategy Popularity'. 'External Website (wiki site, cloud-based DRP tool, etc.)' scored 16%. 'Failover Site (network drive or redundant SharePoint, etc.)' scored 53%. 'Distribute to Staff (use USB drive, personal email, etc.)' scored 50%. 'Not Accessible Offsite' scored 7%.
    Note: Percentages total more than 100% due to respondents using more than one portability strategy.
    (Source: Info-Tech Research Group, N=118)
    Maintainability/Usability: How easy is it to create, update, and use the documentation? Is it easy to link to other documents as shown in the flowchart and checklist examples? Is there version control? Lack of version control can create a maintenance nightmare as well as issues in a crisis if staff are questioning whether they have the right version.
    Cost/Effort: Is the cost and effort appropriate? For example, a large enterprise may need a formal solution (e.g. DRP tools or SharePoint), but the cost might be hard to justify for a smaller company.

    Pros and cons of potential strategies

    This section will review the following strategies, their pros and cons, and how they meet publishing and document management requirements:

    • DRP tools (e.g. eBRP, Recovery Planner, LDRPS)
    • In-house solutions combining SharePoint and MS Office (or equivalent)
    • Wiki site
    • “Manual” approaches such as storing documents on a USB drive

    Avoid 42 hours of downtime due to a non-diversified publishing strategy

    CASE STUDY

    Industry Municipality
    Source Interview

    Situation

    • A municipal government has recently completed an end-to-end disaster recovery plan.
    • The team is feeling good about the fact that they were able to identify:
      • Relative criticality of applications.
      • Dependencies for each application.
      • Incident response plans for the current state and desired state.
      • System recovery procedures.

    Challenge

    • While the DR plan itself was comprehensive, the team only published the DR onto the government’s network drives.
    • A power generation issue caused power to be shut down, which in turn cascaded into downtime for the network.
    • Once the network was down, their DRP was inaccessible.

    Insights

    • Each piece of documentation that was created could have contributed to recovery efforts. However, because they were inaccessible, there was a delayed response to the incident. The result was 42 hours of downtime for end users.
    • Having redundant publishing strategies is just like having redundant IT infrastructure. In the event of downtime, not only do you need to have DR documentation, but you also need to make sure that it is accessible.

    Decide on a DR publishing strategy by looking at portability, maintainability, cost, and required effort

    Supporting Tool icon 2.1.1 DRP Publishing and Management Evaluation Tool

    Use the information included in Step 2.1 to guide your analysis of DRP publishing solutions.

    The tool enables you to compare two possible solutions based on these key considerations discussed in this section:

    • Portability/external access
    • Maintainability/usability
    • Cost
    • Effort

    The right choice will depend on factors such as current in-house tools, maturity around document management, the size of your IT department, and so on.

    For example, a small shop may do very well with the USB drive strategy, whereas a multi-national company will need a more formal strategy to manage consistent DRP distribution.

    Preview of Info-Tech's 'DRP Publishing and Management Solution Evaluation Tool'.

    The DRP Publishing and Management Solution Evaluation Tool helps you to evaluate the tools included in this section.

    Don’t think of a business continuity management (BCM) tool as a silver bullet; know what you’re getting out of it

    Portability/External Access:
    • Pros: Typically a SaaS option provides built-in external access with appropriate security and user administration to vary access rights.
    • Cons: Degree of external access is often dependent on the vendor.
    Maintainability/Usability:
    • Pros: Built-in templates encourage consistency and guide initial content development by indicating what details need to be captured.
    • Pros: Built-in document management (e.g. version control, metadata support), centralized access/navigation to required documents, and some automation (e.g. update contacts throughout the system).
    • Cons: Not a silver bullet. You still have to do the work to define and capture your processes.
    • Cons: Requires end-user and administrator training.
    Cost/Effort:
    • Pros: For large enterprises, the convenience of built-in document management and templates can outweigh the cost.
    • Cons: Expect leading DRP tools to cost $20K or more per year.

    About this approach:
    BCM tools are solutions that provide templates, tools, and document management to create BC and DR documentation.

    Info-Tech Insight

    The business case for a BCM tool is built by answering the following questions:

    • Will the BCM tool solve an unmet need?
    • Will the tool be more effective and efficient than an in-house solution?
    • Will the solution provide enhanced capabilities that an in-house solution cannot provide?

    If you cannot get a satisfactory answer to each of these questions, then opt for an in-house solution.

    “We explored a DRP tool, and it was something we might have used, but it was tens of thousands of pounds per year, so it didn’t stack up financially for us at all.” (Rik Toms, Head of Strategy – IP and IT, Cable and Wireless Communications)

    For in-house solutions, leverage tools such as SharePoint to provide document management capabilities

    Portability/External Access:
    • Pros: SharePoint is commonly web-enabled and supports external access with appropriate security and user administration.
    • Cons: Must be installed at redundant sites or be cloud-based to be effective in a crisis that takes down your primary data center.
    Maintainability/Usability:
    • Pros: Built-in document management (e.g. version control, metadata support) as well as centralized access/navigation to required documents.
    • Pros: No tool learning curve – SharePoint and MS Office would be existing solutions already used on a daily basis.
    • Cons: No built-in automation (e.g. automated updates to contacts throughout the system).
    • Cons: Consistency depends on creating templates and implementing processes for document updates, review, and approval.
    Cost/Effort:
    • Pros: Using existing tools, so this is a sunk cost in terms of capex.
    • Cons: Additional effort required to create templates and manage the documentation library.

    About this approach:
    DRPs and SOPs most often start as MS Office documents, even if there is a DRP tool available. For organizations that elect to bypass a formal DRP tool, and most do, the biggest gap they have to overcome is document management.

    Many organizations are turning to SharePoint to meet this need. For those that already have SharePoint in place, it makes sense to further leverage SharePoint for DR documentation and day-to-day SOPs.

    For SharePoint to be a practical solution, the documentation must still be accessible if the primary data center is down, e.g. by having redundant SharePoint instances at multiple in-house locations, or using a cloud-based SharePoint solution.

    “Just about everything that a DR planning tool does, you can do yourself using homegrown solutions or tools that you're already familiar with such as Word, Excel, and SharePoint.” (Allen Zuk, President and CEO, Sierra Management Consulting)

    A healthcare company uses SharePoint as its DRP and SOP documentation management solution

    CASE STUDY Healthcare

    • This organization is responsible for 50 medical facilities across three states.
    • It explored DRP tools, but didn’t find the right fit, so it has developed an in-house solution based in SharePoint. While DRP tools have improved, the organization no longer needs that type of solution. Its in-house solution is meeting its needs.
    • It has SharePoint instances at multiple locations to ensure availability if one site is down.

    Documentation Strategy

    • Created an IT operations library in SharePoint for DR and SOPs, from basic support to bare-metal restore procedures.
    • SOPs are linked from SharePoint to the virtual help desk for greater accessibility.
    • Where practical, diagrams and flowcharts are used, e.g. DR process flowcharts and network services SOPs dominated by diagrams and flowcharts.

    Management Strategy

    • Directors and the CIO have made finishing off SOPs their performance improvement objective for the year. The result is staff have made time to get this work done.
    • Status updates are posted monthly, and documentation is a regular agenda item in leadership meetings.
    • Regular tabletop testing validates documentation and ensures familiarity with procedures, including where to find required information.

    Results

    • Dependency on a few key individuals has been reduced. All relevant staff know what they need to do and where to access required documentation.
    • SOPs are enabling DR training as well as day-to-day operations training for new staff.
    • The organization has a high confidence in its ability to recovery from a disaster within established timelines.

    Explore using a wiki site as an inexpensive alternative to SharePoint and other content management solutions

    Portability/External Access:
    • Pros: Wiki sites can support external access as with any web solution.
    • Cons: Must be installed at redundant sites, hosted, or cloud-based to be effective in a crisis that takes down your primary data center.
    Maintainability/Usability:
    • Pros: Built-in document management (version control, metadata support, etc.) as well as centralized access/navigation to required information.
    • Pros: Authorized users can make updates dynamically, depending on how much restriction you have on the site.
    • Cons: No built-in automation (e.g. automated updates to contacts throughout the system).
    • Cons: Consistency depends on creating templates and implementing processes for document updates, review, and approval.
    Cost/Effort:
    • Pros: An inexpensive option compared to traditional content management solutions such as SharePoint.
    • Cons: Learning curve if wikis are new to your organization.

    About this approach:
    Wiki sites are websites where users collaborate to create and edit the content. Wikipedia is an example.

    While wiki sites are typically used for collaboration and dynamic content development, the traditional collaborative authoring model can be restricted to provide structure and an approval process.

    Several tools are available to create and manage wiki sites (and other collaboration solutions), as outlined in the following research:

    Info-Tech Insight

    If your organization is not already using wiki sites, this technology can introduce a culture shock. Start slow by using a wiki site within a specific department or for a particular project. Then evaluate how well your staff adapt to this technology as well as its potential effectiveness in your organization. Refer to our collaboration strategy research for additional guidance.

    For small IT shops, distributing documentation to key staff (e.g. via a USB drive) can still be effective

    Portability/External Access:
    • Pros: Appropriate staff have the documentation with them; there is no need to log into a remote site or access a tool to get at the information.
    • Cons: Relies on staff to be diligent about ensuring they have the latest documentation and keep it with them (not leave it in their desk drawer).
    Maintainability/Usability:
    • Pros: With this strategy, MS Office (or equivalent) is used to create and maintain the documentation, so there is no learning curve.
    • Pros: Simple, straightforward methodology – keep the master on a network drive, and download a copy to your USB drive.
    • Cons: No built-in automation (e.g. automated updates to contact information) or document management (e.g. version control).
    • Cons: Consistency depends on creating templates and implementing rigid processes for document updates, review, and approval.
    Cost/Effort:
    • Pros: Little to no cost and no tool management required.
    • Cons: “Manual” document management requires strict attention to process for version control, updates, approvals, and distribution.

    About this approach:
    With this strategy, your ERT and key IT staff keep a copy of your DRP and relevant documentation with them (e.g. on a USB drive). If the primary site experiences a major event, they have ready access to the documentation.

    Fifty percent of respondents in our recent survey use this strategy. A common scenario is to use a shared network drive or a solution such as SharePoint as the master centralized repository, but distribute a copy to key staff.

    Info-Tech Insight

    This approach can have similar disadvantages as using hard copies. Ensuring the USB drives are up to date, and that all staff who might need access have a copy, can become a burdensome process. More often, USB drives are updated periodically, so there is the risk that the information will be out of date or incomplete.

    Avoid extensive use of paper copies of DR documentation

    DR documents need to be easy to update, accessible from anywhere, and searchable. Paper doesn’t meet these needs.

    Portability/External Access:
    • Pros: Does not rely on technology or power.
    • Cons: Requires all staff who might be involved in a DR to have a copy, and to have it with them at all times, to truly have access at any time from anywhere.
    Maintainability/Usability:
    • Pros: In terms of usability, again there is no dependence on technology.
    • Cons: Updates need to be printed and distributed to all relevant staff every time there is a change to ensure staff have access to the latest, most accurate documentation if a disaster occurred. You can’t schedule disasters, so information needs to be current all the time.
    • Cons: Navigation to other information is manual – flipping through pages, etc. No searching or hyperlinks.
    Cost/Effort:
    • Pros: No technology system to maintain, aside from what you use for printing.
    • Cons: Printing expenses are actually among the highest incurred by organizations, and this adds to it.
    • Cons: Labor intensive due to need to print and physically distribute documentation updates.

    About this approach:
    Traditionally DRPs are printed and distributed to managers and/or kept in a central location at both the primary site and a secondary site. In addition, wallet cards are distributed that contain key information such as contact numbers.

    A wallet card or even a few printed copies of your high-level DRP for general reference can be helpful, but paper is not a practical solution for your overall DR documentation library, particularly when you include SOPs for recovery procedures.

    One argument in favor of paper is there is no dependency on power during a crisis. However, in a power outage, staff can use smartphones and potentially laptops (with battery power) to access electronically stored documentation to get through first response steps. In addition, your DR site should have backup power to be an appropriate recovery site.

    Optional: Partial list of BCM tool vendors

    A partial list of BCM tool vendors, including: Business Protector, catalyst, clearview, ContinuityLogic. Fusion, Logic Manager, Quantivate, RecoveryPlanner.com, MetricStream, SimpleRisk, riskonnect, Strategic BCP - ResilienceONE, RSA, and Sungard Availability Services.

    The list is only a partial list of BCM tool vendors. The order in which vendors are presented, and inclusion in this list, does not represent an endorsement.

    Optional: Use our list of requirements as a foundation for selecting and reviewing BCM tools

    Supporting Tool icon 2.1.2 BCM Tool – RFP Selection Criteria

    If a BCM tool is the best option for your environment, expedite the evaluation process with our BCM Tool – RFP Selection Criteria.

    Through advisory services, workshops, and consulting engagements, we have created this BCM Tool Requirements List. The featured requirements includes the following categories:

    1. Integrations
    2. Planning and Monitoring
    3. Administration
    4. Architecture
    5. Security
    6. Support and Training
    Preview of the Info-Tech template 'BCM Tool – RFP Selection Criteria'.

    This BCM Tool – RFP Selection Criteria can be appended to an RFP. You can leverage Info-Tech’s RFP Template if your organization does not have one.

    Info-Tech can write full RFPs

    As part of a consulting engagement, Info-Tech can write RFPs for BCM tools and provide a customized scoring tool based on your environment’s unique requirements.

    Phase 3: Keep Your DRP Relevant Through Maintenance Best Practices

    Step 3.1: Integrate DRP maintenance into core IT processes

    PHASE 1
    PHASE 2
    PHASE 3
    1.11.21.32.13.13.2
    Start with a Recovery WorkflowCreate Supporting DocumentationWrite the DRP SummarySelect DRP Publishing StrategyIntegrate into Core IT ProcessesConduct an Annual Focused Review

    This step will walk you through the following activities:

    • Integrate DRP maintenance with Project Management.
    • Integrate DRP considerations into Change Management.
    • Integrate with Performance Management.

    This step involves the following participants:

    • DRP Owner
    • Head of Project Management Office
    • Head of Change Advisory Board
    • CIO

    Outcomes of this step

    • Updated project intake form.
    • Updated change management practice.
    • Updated performance appraisals.

    3.1 — Incorporate DRP maintenance into core IT processes

    Focusing on these three processes will help ensure that your plan stays current, accurate, and usable.

    The Info-Tech / COBIT5 'IT Management and Governance Framework' with three processes highlighted: 'MEA01 Performance Measurement', 'BAI06 Change Management', and 'BAI01 Project Management'.

    Info-Tech Best Practice

    Prioritize quick wins that will have large benefits. The advice presented in this section offers easy ways to help keep your DRP up to date. These simple solutions can save a lot of time and effort for your DRP team as opposed to more intricate changes to the processes above.

    Assess how new projects impact service criticality and DR requirements upfront during project intake

    Icon for process 'BAI01 Project Management'.
    Supporting Tool icon 3.1.1 Sample Project Intake Form Addendum

    Understand the RTO/RPO requirements and IT impacts for new or enhanced services to ensure appropriate provisioning and overall DRP updates.

    • Have submitters include service continuity requirements. This information can be inserted into your business impact analysis. Use similar language that you use in your own BIA.
      • The submitter should know how critical the resulting project will be. Any items that the submitter doesn’t know, the Project Steering Committee should investigate.
    • Have IT assess the impact on the DRP. The submitter will not know how the DRP will be impacted directly. Ask the project committee to consider how DRP documentation and the DR environment will need to be changed due to the project under consideration.

    Note: The goal is not to make DR a roadblock, but rather to ensure project requirements will be met – including availability and DR requirements.

    Preview of the Info-Tech template 'Project Intake Form'.

    This Project Intake Form asks the submitter to fill out the availability and criticality requirements for the project.

    Leverage your change management process to identify required DRP updates as they occur

    Icon for process 'BAI06 Change Management'.

    Avoid the year-end rush to update your DRP. Keeping it up to date as changes occur saves time in the long run and ensures your plan is accurate when you need it.

    • As part of your change management process, identify potential updates to:
      • System documentation (e.g. configuration settings).
      • Recovery procedures (e.g. if a system has been virtualized, that changes the recovery procedure).
      • Your DR environment (e.g. system configuration updates for standby systems).
    • Keep track of how often a system has changed. Relevant DRP documentation might be due for a deeper review:
      • After a system has been changed ten times (even from routine changes), notify your DRP Manager to flag the relevant DRP documentation for review.
      • As part of formal DRP reviews, pay closer attention to DRP documentation for the flagged systems.
    Preview of the Info-Tech template 'Disaster Recovery Change Management'.

    This template asks the submitter to fill out the availability and criticality requirements for the project.

    For change management best practices beyond DRP considerations, please see Optimize Change Management.

    Integrate documentation into performance measurement and performance management

    Icon for process 'MEA01 Performance Measurement'.

    Documentation is a necessary evil – few like to create it and more immediate tasks take priority. If it isn’t scheduled and prioritized, it won’t happen.

    Why documentation is such a challenge

    How management can address these challenges

    We all know that IT staff typically do not like to write documentation. That’s not why they were hired, and good documentation is not what gets them promoted. Include documentation deliverables in your IT staff’s performance appraisal to stress the importance of ensuring documentation is up to date, especially where it might impact DR success.
    Similarly, documentation is secondary to more urgent tasks. Time to write documentation is often not allocated by project managers. Schedule time for developing documentation, just like any other project, or it won’t happen.
    Writing manuals is typically a time-intensive task. Focus on what is necessary for another experienced IT professional to execute the recovery. As discussed earlier, often a diagram or checklist is good enough and actually far more usable in a crisis.

    “Our directors and our CIO have tied SOP work to performance evaluations, and SOP status is reviewed during management meetings. People have now found time to get this work done.” (Assistant Director – IT Operations, Healthcare Industry)

    Step 3.2: Conduct an Annual Focused Review

    PHASE 1
    PHASE 2
    PHASE 3
    1.11.21.32.13.13.2
    Start with a Recovery WorkflowCreate Supporting DocumentationWrite the DRP SummarySelect DRP Publishing StrategyIntegrate into Core IT ProcessesConduct an Annual Focused Review

    This step will walk you through the following activities:

    1. Identify components of your DRP to refresh.
    2. Identify organizational changes requiring further focus.
    3. Test your DRP and identify problems.
    4. Correct problems identified with DRP.

    This step involves the following participants:

    • DRP Owner
    • System SMEs
    • Backup DR Personnel

    Outcomes of this step

    • An actionable, up-to-date DRP.

    Info-Tech Insight

    Testing is a waste of time and resources if you do not fix what’s broken. Tabletop testing is effective at uncovering gaps in your DR processes, but if you don’t address those gaps, then your DRP will still be unusable in a disaster.

    Set up a safety net to capture changes that slipped through the cracks with a focused review process

    Evaluate documentation supporting high-priority systems, as well as documentation supporting IT systems that have been significantly changed.

    • Ideally you’re maintaining documentation as you go along. But you need to have an annual review to catch items that may have slipped through.
    • Don’t review everything. Instead, review:
      • IT systems that have had 10+ changes: small changes and updates can add up over time. Ensure:
        • The plans for these systems are updated for changes (e.g. configuration changes).
        • SMEs and backup personnel are familiar with the changes.
      • Tier 1 / Gold Systems: Ensure that you can still recover tier 1 systems with your existing DRP documentation.
    • Track documentation issues that you discovered with your ticketing system or service desk tool to ensure necessary documentation changes are made.
    1. Annual Focused Review
    2. Tier 1 Systems
    3. Significantly Changed Systems
    4. Organizational Changes

    Identify larger changes, both organizational and within IT, that necessitate DRP updates

    During your focused review, consider how organizational changes have impacted your DRP.

    The COBIT 5 Enablers provide a foundation for this analysis. Consider:

    • Changes in regulatory requirements: Are there new requirements for IT that are not reflected in your DRP? Is the organization required to comply with any additional regulations?
    • Changes to organizational structures, business processes, and how employees work: Can employees still be productive once tier 1 services are restored or have RTOs changed? Has organizational turnover impacted your DRP?
    • SMEs leaving or changing roles: Can IT still execute your DRP? Are there still people for all the key roles?
    • Changes to IT infrastructure and applications: Can the business still access the information they need during a disaster? Is your BIA still accurate? Do new services need to be considered tier 1?

    Info-Tech Best Practice

    COBIT 5 Enablers
    What changes need to be reflected in your DRP?

    A cycle visualization titled 'Disaster Recovery Plan'. Starting at 'Changes in Regulatory Requirements', it proceeds clockwise to 'Organizational Structure', 'Changes in Business Processes', and 'How Employees Work', before it returns to DRP. Then 'Changes to Applications', 'Changes to Infrastructure', 'SMEs Leaving or Changing Roles', and then back to the DRP.

    Create a plan during your annual focused review to test your DRP throughout the year

    Regardless of your documentation approach, training and familiarity with relevant procedures is critical.

    • Start with tabletop exercises and progress to technology-based testing (simulation, parallel, and full-scale testing).
    • Ask staff to reference documentation while testing, even if they do not need to. This practice helps to confirm documentation accuracy and accessibility.
    • Incorporate cross-training in DR testing. This gives important experience to backup personnel and will further validate that documents are complete and accurate.
    • Track any discovered documentation issues with your ticketing system or project tracking tools to ensure necessary documentation changes are made.

    Example Test Schedule:

    1. Q1: Tabletop testing shadowed by backup personnel
    2. Q2: Tabletop testing led by backup personnel
    3. Q3: Technology-based testing
    4. Annual Focused Review: Review Results

    Reference this blueprint for guidance on DRP testing plans: Reduce Costly Downtime Through DR Testing

    Appendix A: XMPL Case Study

    Follow XMPL Medical’s journey through DR documentation

    CASE STUDY

    Industry Healthcare
    Source Created by amalgamating data from Info-Tech’s client base

    Streamline your documentation and maintenance process by following the approach outlined in XMPL Medical’s journey to an end-to-end DRP.

    Outline of the Disaster Recovery Plan

    XMPL’s disaster recovery plan includes its business impact analysis and a subset of tier 1 and tier 2 patient care applications.

    Its DRP includes incident response flowcharts, system recovery checklists, and a communication plan. Its DRP also references IT operations documentation (e.g. asset management documents, system specs, and system configuration docs), but this material is not published with the example documentation.

    Resulting Disaster Recovery Plan

    XMPL’s DRP includes actionable documents in the form of high-level disaster response plan flowcharts and system recovery checklists. During an incident, the DR team is able to clearly see the items for which they are responsible.

    Disaster Recovery Plan
    • Recovery Workflow
    • Business Impact Analysis
    • DRP Summary
    • System Recovery Checklists
    • Communication, Assessment, and Disaster Declaration Plan

    Info-Tech Best Practice

    XMPL Medical’s disaster recovery plan illustrates an effective DRP. Model your end-to-end disaster recovery plan after XMPL’s completed templates. The specific data points will differ from organization to organization, but the structure of each document will be similar.

    Model your disaster recovery documentation off of our example

    CASE STUDY

    Industry Healthcare
    Source Created by amalgamating data from Info-Tech’s client base

    Recovery Workflow:

    • Recovery Workflows (PDF, VSDX)

    Recovery Procedures (Systems Recovery Playbook):

    • DR Notification, Assessment, and Disaster Declaration Plan
    • Systems Recovery Playbook
    • Network Topology Diagrams

    Additional Reference Documentation:

    • DRP Workbook
    • Business Impact Analysis
    • DRP Summary Document

    Use our structure to create your practical disaster recovery plan.

    Appendix B: Summary, Next Steps, and Bibliography

    Insight breakdown

    Use visual-based documentation instead of a traditional DRP manual.

    • Flowcharts, checklists, and diagrams are more concise, easier to maintain, and more effective in a crisis.
    • Write for an IT audience and focus on how to recover. You don’t need 30 pages of fluff describing the purpose of the document.

    Create your DRP in layers to keep the work manageable.

    • Start with a recovery workflow to ensure a coordinated response, and build out supporting documentation over time.

    Prioritize quick wins to make DRP maintenance easier and more likely to happen.

    • Incorporate DRP maintenance into change management and project intake procedures to systematically update and refine the DR documentation. Don’t save up changes for a year-end blitz, which turns document maintenance into an onerous project.

    Summary of accomplishment

    Knowledge Gained

    • How to create visual-based DRP documentation
    • How to integrate DRP maintenance into core IT processes

    Processes Optimized

    • DRP documentation creation
    • DRP publishing tool selection
    • DRP documentation maintenance

    Deliverables Completed

    • DRP documentation
    • Strategy for publishing your DRP
    • Modified project-intake form
    • Change management checklist for DR considerations

    Project step summary

    Client Project: Document and Maintain Your Disaster Recovery Plan

    • Create a recovery workflow.
    • Create supporting DRP documentation.
    • Write a summary for your DRP.
    • Decide on a publishing strategy.
    • Incorporate DRP maintenance into core IT processes.
    • Conduct an annual focused review.

    Info-Tech Insight

    This project has the ability to fit the following formats:

    • Onsite workshop by Info-Tech Research Group consulting analysts.
    • Do-it-yourself with your team.
    • Remote delivery (Info-Tech Guided Implementation).

    Related Info-Tech research

    Create a Right-Sized Disaster Recovery Plan
    Close the gap between your DR capabilities and service continuity requirements.

    Reduce Costly Downtime Through DR Testing
    Improve the accuracy of your DRP and your team’s ability to efficiently execute recovery procedures through regular DR testing.

    Create Visual SOP Documents that Drive Process Optimization, Not Just Peace of Mind
    Go beyond satisfying auditors to drive process improvement, consistent IT operations, and effective knowledge transfer.

    Prepare for a DRP Audit
    Assess your current DRP maturity, identify required improvements, and complete an audit-ready DRP summary document.

    Bibliography

    A Structured Approach to Enterprise Risk Management (ERM) and the Requirements of ISO 31000. The Association of Insurance and Risk Managers, Alarm: The Public Risk Management Association, and The Institute of Risk Management, 2010.

    “APO012: Manage Risk.” COBIT 5: Enabling Processes. ISACA, 2012.

    Bird, Lyndon, Ian Charters, Mel Gosling, Tim Janes, James McAlister, and Charlie Maclean-Bristol. Good Practice Guidelines: A Guide to Global Good Practice in Business Continuity. Global ed. Business Continuity Institute, 2013.

    COBIT 5: A Business Framework for the Governance and Management of Enterprise IT. ISACA, 2012.

    “EDM03: Ensure Risk Optimisation.” COBIT 5: Enabling Processes. ISACA, 2012.

    Risk Management. ISO 31000:2009.

    Rothstein, Philip Jan. Disaster Recovery Testing: Exercising Your Contingency Plan. Rothstein Associates: 1 Oct. 2007.

    Societal Security – Business continuity management systems – Guidance. ISO 22313:2012.

    Societal Security – Business continuity management systems – Requirements. ISO 22301:2012.

    Understanding and Articulating Risk Appetite. KPMG, 2008.

    2021 CIO Priorities Report

    • Buy Link or Shortcode: {j2store}83|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: IT Strategy
    • Parent Category Link: /it-strategy
    • It is a new year, but the challenges of 2020 remain: COVID-19 infection rates continue to climb, governments continue to enforce lockdown measures, we continue to find ourselves in the worst economic crisis since the Great Depression, and civil unrest grows in many democratic societies.
    • At the start of 2020, no business leader predicted the disruption that was to come. This left IT in a reactive but critical role as the health crisis hit. It was core to delivering the organization’s products and services, as it drove the radical shift to work-from-home.
    • For the year ahead, IT will continue to serve a critical function in uncertain times. However, unlike last year, CIOs can better prepare for 2021. That said, in the face of the uncertainty and volatility of the year ahead, what they need to prepare for is still largely undefined.
    • But despite the lack of confidence on knowing specifically what is to come, most business leaders will admit they need to get ready for it. This year’s priority report will help.

    Our Advice

    Critical Insight

    • “Resilience” is the theme for this year’s CIO Priorities Report. In this context, resilience is about building up the capacity and the capabilities to effectively respond to emergent and unforeseen needs.
    • Early in 2021 is a good time to develop resilience in several different areas. As we explore in this year’s Report, CIOs can best facilitate enterprise resilience through strategic financial planning, proactive risk management, effective organizational change management and capacity planning, as well as through remaining tuned into emergent technologies to capitalize on innovations to help weather the uncertainty of the year ahead.

    Impact and Result

    • Use Info-Tech’s 2021 CIO Priorities Report to prepare for the uncertainty of the year ahead. Across our five priorities we provide five avenues through which CIOs can demonstrate resilient planning, enabling the organization as a whole to better confront what’s coming in 2021.
    • Each of our priorities is backed up by a “call to action” that will help CIOs start to immediately implement the right drivers of resilience for their organization.
    • By building up resilience across our five key areas, CIOs will not only be able to better prepare for the year to come, but also strengthen business relations and staff morale in difficult times.

    2021 CIO Priorities Report Research & Tools

    Read the 2021 CIO Priorities Report

    Use Info-Tech’s 2021 CIO Priorities Report to prepare for the uncertainty of the year ahead. Across our five priorities we provide five avenues through which CIOs can demonstrate resilient planning, enabling the organization as a whole to better confront what’s coming in 2021.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Create an appropriate budget reserve

    Identifying and planning sources of financial contingency will help ensure CIOs can meet unforeseen and emergent operational and business needs throughout the year.

    • 2021 CIO Priorities Report: Priority 1 – Create an Appropriate Budget Reserve

    2. Refocus IT risk planning

    The start of 2021 is a time to refocus and redouble IT risk management and business continuity planning to bring it up to the standards of our “new normal.” Indeed, if last year taught us anything, it’s that no “black swan” should be off the table in terms of scenarios or possibilities for business disruption.

    • 2021 CIO Priorities Report: Priority 2 – Refocus IT Risk Planning

    3. Strengthen organizational change management capabilities

    At its heart, resilience is having the capacity to deal with unexpected change. Organizational change management can help build up this capacity, providing the ability to strategically plot known changes while leaving some capacity to absorb the unknowns as they present themselves.

    • 2021 CIO Priorities Report: Priority 3 – Strengthen Organizational Change Management Capabilities

    4. Establish capacity awareness

    Capacity awareness facilitates resilience by providing capital in the form of resource data. With this data, CIOs can make better decisions on what can be approved and when it can be scheduled for.

    • 2021 CIO Priorities Report: Priority 4 – Establish Capacity Awareness

    5. Keep emerging technologies in view

    Having an up-to-date view of emerging technologies will enable the resilient CIO to capitalize on and deploy leading-edge innovations as the business requires.

    • 2021 CIO Priorities Report: Priority 5 – Keep Emerging Technologies in View
    [infographic]

    Optimize IT Change Management

    • Buy Link or Shortcode: {j2store}409|cart{/j2store}
    • member rating overall impact: 9.5/10 Overall Impact
    • member rating average dollars saved: $33,585 Average $ Saved
    • member rating average days saved: 27 Average Days Saved
    • Parent Category Name: Operations Management
    • Parent Category Link: /i-and-o-process-management
    • Infrastructure managers and change managers need to re-evaluate their change management processes due to slow change turnaround time, too many unauthorized changes, too many incidents and outages because of poorly managed changes, or difficulty evaluating and prioritizing changes.
    • IT system owners often resist change management because they see it as slow and bureaucratic.
    • Infrastructure changes are often seen as different from application changes, and two (or more) processes may exist.

    Our Advice

    Critical Insight

    • ITIL provides a usable framework for change management, but full process rigor is not appropriate for every change request.
    • You need to design a process that is flexible enough to meet the demand for change, and strict enough to protect the live environment from change-related incidents.
    • A mature change management process will minimize review and approval activity. Counterintuitively, with experience in implementing changes, risk levels decline to a point where most changes are “pre-approved.”

    Impact and Result

    • Create a unified change management process that reduces risk. The process should be balanced in its approach toward deploying changes while also maintaining throughput of innovation and enhancements.
    • Categorize changes based on an industry-standard risk model with objective measures of impact and likelihood.
    • Establish and empower a change manager and change advisory board with the authority to manage, approve, and prioritize changes.
    • Integrate a configuration management database with the change management process to identify dependencies.

    Optimize IT Change Management Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should optimize change management, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Optimize IT Change Management – Phases 1-4

    1. Define change management

    Assess the maturity of your existing change management practice and define the scope of change management for your organization.

    • Change Management Maturity Assessment Tool
    • Change Management Risk Assessment Tool

    2. Establish roles and workflows

    Build your change management team and standardized process workflows for each change type.

    • Change Manager
    • Change Management Process Library – Visio
    • Change Management Process Library – PDF
    • Change Management Standard Operating Procedure

    3. Define the RFC and post-implementation activities

    Bookend your change management practice by standardizing change intake, implementation, and post-implementation activities.

    • Request for Change Form Template
    • Change Management Pre-Implementation Checklist
    • Change Management Post-Implementation Checklist

    4. Measure, manage, and maintain

    Form an implementation plan for the project, including a metrics evaluation, change calendar inputs, communications plan, and roadmap.

    • Change Management Metrics Tool
    • Change Management Communications Plan
    • Change Management Roadmap Tool
    • Optimize IT Change Management Improvement Initiative: Project Summary Template

    [infographic]

    Workshop: Optimize IT Change Management

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Change Management

    The Purpose

    Discuss the existing challenges and maturity of your change management practice.

    Build definitions of change categories and the scope of change management.

    Key Benefits Achieved

    Understand the starting point and scope of change management.

    Understand the context of change request versus other requests such as service requests, projects, and operational tasks.

    Activities

    1.1 Outline strengths and challenges

    1.2 Conduct a maturity assessment

    1.3 Build a categorization scheme

    1.4 Build a risk assessment matrix

    Outputs

    Change Management Maturity Assessment Tool

    Change Management Risk Assessment Tool

    2 Establish Roles and Workflows

    The Purpose

    Define roles and responsibilities for the change management team.

    Develop a standardized change management practice for approved changes, including process workflows.

    Key Benefits Achieved

    Built the team to support your new change management practice.

    Develop a formalized and right-sized change management practice for each change category. This will ensure all changes follow the correct process and core activities to confirm changes are completed successfully.

    Activities

    2.1 Define the change manager role

    2.2 Outline the membership and protocol for the Change Advisory Board (CAB)

    2.3 Build workflows for normal, emergency, and pre-approved changes

    Outputs

    Change Manager Job Description

    Change Management Standard Operating Procedure (SOP)

    Change Management Process Library

    3 Define the RFC and Post-Implementation Activities

    The Purpose

    Create a new change intake process, including a new request for change (RFC) form.

    Develop post-implementation review activities to be completed for every IT change.

    Key Benefits Achieved

    Bookend your change management practice by standardizing change intake, implementation, and post-implementation activities.

    Activities

    3.1 Define the RFC template

    3.2 Determine post-implementation activities

    3.3 Build your change calendar protocol

    Outputs

    Request for Change Form Template

    Change Management Post-Implementation Checklist

    Project Summary Template

    4 Measure, Manage, and Maintain

    The Purpose

    Develop a plan and project roadmap for reaching your target for your change management program maturity.

    Develop a communications plan to ensure the successful adoption of the new program.

    Key Benefits Achieved

    A plan and project roadmap for reaching target change management program maturity.

    A communications plan ready for implementation.

    Activities

    4.1 Identify metrics and reports

    4.2 Build a communications plan

    4.3 Build your implementation roadmap

    Outputs

    Change Management Metrics Tool

    Change Management Communications Plan

    Change Management Roadmap Tool

    Further reading

    Optimize IT Change Management

    Right-size IT change management practice to protect the live environment.

    EXECUTIVE BRIEF

    Analyst Perspective

    Balance risk and efficiency to optimize IT change management.

    Change management (change enablement, change control) is a balance of efficiency and risk. That is, pushing changes out in a timely manner while minimizing the risk of deployment. On the one hand, organizations can attempt to avoid all risk and drown the process in rubber stamps, red tape, and bureaucracy. On the other hand, organizations can ignore process and push out changes as quickly as possible, which will likely lead to change related incidents and debilitating outages.

    Right-sizing the process does not mean adopting every recommendation from best-practice frameworks. It means balancing the efficiency of change request fulfillment with minimizing risk to your organization. Furthermore, creating a process that encourages adherence is key to avoid change implementers from skirting your process altogether.

    Benedict Chang, Research Analyst, Infrastructure and Operations, Info-Tech Research Group

    Executive Summary

    Your Challenge

    Infrastructure and application change occurs constantly and is driven by changing business needs, requests for new functionality, operational releases and patches, and resolution of incidents or problems detected by the service desk.

    IT managers need to follow a standard change management process to ensure that rogue changes are never deployed while the organization remains responsive to demand.

    Common Obstacles

    IT system owners often resist change management because they see it as slow and bureaucratic.

    At the same time, an increasingly interlinked technical environment may cause issues to appear in unexpected places. Configuration management systems are often not kept up-to-date and do not catch the potential linkages.

    Infrastructure changes are often seen as “different” from application changes and two (or more) processes may exist.

    Info-Tech’s Approach

    Info-Tech’s approach will help you:

    • Create a unified change management practice that balances risk and throughput of innovation.
    • Categorize changes based on an industry-standard risk model with objective measures of impact and likelihood.
    • Establish and empower a Change Manager and Change Advisory Board (CAB) with the authority to manage, approve, and prioritize changes.

    Balance Risk and Efficiency to Optimize IT Change Management

    Two goals of change management are to protect the live environment and deploying changes in a timely manner. These two may seem to sometimes be at odds against each other, but assessing risk at multiple points of a change’s lifecycle can help you achieve both.

    Your challenge

    This research is designed to help organizations who need to:

    • Build a right-sized change management practice that encourages adherence and balances efficiency and risk.
    • Integrate the change management practice with project management, service desk processes, configuration management, and other areas of IT and the business.
    • Communicate the benefits and impact of change management to all the stakeholders affected by the process.

    Change management is heavily reliant on organizational culture

    Having a right-sized process is not enough. You need to build and communicate the process to gather adherence. The process is useless if stakeholders are not aware of it or do not follow it.

    Increase the Effectiveness of Change Management in Your Organization

    The image is a bar graph, with the segments labelled 1 and 2. The y-axis lists numbers 1-10. Segment 1 is at 6.2, and segment 2 is at 8.6.

    Of the eight infrastructure & operations processes measured in Info-Tech’s IT Management and Governance Diagnostic (MGD) program, change management has the second largest gap between importance and effectiveness of these processes.

    Source: Info-Tech 2020; n=5,108 IT professionals from 620 organizations

    Common obstacles

    These barriers make this challenge difficult to address for many organizations:

    • Gaining buy-in can be a challenge no matter how well the process is built.
    • The complexity of the IT environment and culture of tacit knowledge for configuration makes it difficult to assess cross-dependencies of changes.
    • Each silo or department may have their own change management workflows that they follow internally. This can make it difficult to create a unified process that works well for everyone.

    “Why should I fill out an RFC when it only takes five minutes to push through my change?”

    “We’ve been doing this for years. Why do we need more bureaucracy?”

    “We don’t need change management if we’re Agile.”

    “We don’t have the right tools to even start change management.”

    “Why do I have to attend a CAB meeting when I don’t care what other departments are doing?”

    Info-Tech’s approach

    Build change management by implementing assessments and stage gates around appropriate levels of the change lifecycle.

    The image is a circle, comprised of arrows, with each arrow pointing to the next, forming a cycle. Each arrow is labelled, as follows: Improve; Request; Assess; Plan; Approve; Implement

    The Info-Tech difference:

    1. Create a unified change management process that balances risk and throughput of innovation.
    2. Categorize changes based on an industry-standard risk model with objective measures of impact and likelihood.
    3. Establish and empower a Change Manager and Change Advisory Board (CAB) with the authority to manage, approve, and prioritize changes.

    IT change is constant and is driven by:

    Change Management:

    1. Operations - Operational releases, maintenance, vendor-driven updates, and security updates can all be key drivers of change. Example: ITSM version update
      • Major Release
      • Maintenance Release
      • Security Patch
    2. Business - Business-driven changes may include requests from other business departments that require IT’s support. Examples: New ERP or HRIS implementation
      • New Application
      • New Version
    3. Service desk → Incident & Problem - Some incident and problem tickets require a change to facilitate resolution of the incident. Examples: Outage necessitating update of an app (emergency change), a user request for new functionality to be added to an existing app
      • Workaround
      • Fix
    4. Configuration Management Database (CMDB) ↔ Asset Management - In addition to software and hardware asset dependencies, a configuration management database (CMDB) is used to keep a record of changes and is queried to assess change requests.
      • Hardware
      • Software

    Insight summary

    “The scope of change management is defined by each organization…the purpose of change management is to maximize the number of successful service and product changes by ensuring that the risk have been properly assessed, authorizing changes to process, and managing the change schedule.” – ALEXOS Limited, ITIL 4

    Build a unified change management process balancing risk and change throughput.

    Building a unified process that oversees all changes to the technical environment doesn’t have to be burdensome to be effective. However, the process is a necessary starting point to identifying cross dependencies and avoiding change collisions and change-related incidents.

    Use an objective framework for estimating risk

    Simply asking, “What is the risk?” will result in subjective responses that will likely minimize the perceived risk. The level of due diligence should align to the criticality of the systems or departments potentially impacted by the proposed changes.

    Integrate your change process with your IT service management system

    Change management in isolation will provide some stability, but maturing the process through service integrations will enable data-driven decisions, decrease bureaucracy, and enable faster and more stable throughput.

    Change management and DevOps can work together effectively

    Change and DevOps tend to be at odds, but the framework does not have to change. Lower risk changes in DevOps are prime candidates for the pre-approved category. Much of the responsibility traditionally assigned to the CAB can be diffused throughout the software development lifecycle.

    Change management and DevOps can coexist

    Shift the responsibility and rigor to earlier in the process.

    • If you are implementing change management in a DevOps environment, ensure you have a strong DevOps lifecycle. You may wish to refer to Info-Tech’s research Implementing DevOps Practices That Work.
    • Consider starting in this blueprint by visiting Appendix II to frame your approach to change management. Follow the blueprint while paying attention to the DevOps Callouts.

    DEVOPS CALLOUTS

    Look for these DevOps callouts throughout this storyboard to guide you along the implementation.

    The image is a horizontal figure eight, with 7 arrows, each pointing into the next. They are labelled are follows: Plan; Create; Verify; Package; Release; Configure; Monitor. At the centre of the circles are the words Dev and Ops.

    Successful change management will provide benefits to both the business and IT

    Respond to business requests faster while reducing the number of change-related disruptions.

    IT Benefits

    • Fewer change-related incidents and outages
    • Faster change turnaround time
    • Higher rate of change success
    • Less change rework
    • Fewer service desk calls related to poorly communicated changes

    Business Benefits

    • Fewer service disruptions
    • Faster response to requests for new and enhanced functionalities
    • Higher rate of benefits realization when changes are implemented
    • Lower cost per change
    • Fewer “surprise” changes disrupting productivity

    IT satisfaction with change management will drive business satisfaction with IT. Once the process is working efficiently, staff will be more motivated to adhere to the process, reducing the number of unauthorized changes. As fewer changes bypass proper evaluation and testing, service disruptions will decrease and business satisfaction will increase.

    Change management improves core benefits to the business: the four Cs

    Most organizations have at least some form of change control in place, but formalizing change management leads to the four Cs of business benefits:

    Control

    Change management brings daily control over the IT environment, allowing you to review every relatively new change, eliminate changes that would have likely failed, and review all changes to improve the IT environment.

    Collaboration

    Change management planning brings increased communication and collaboration across groups by coordinating changes with business activities. The CAB brings a more formalized and centralized communication method for IT.

    Consistency

    Request for change templates and a structured process result in implementation, test, and backout plans being more consistent. Implementing processes for pre-approved changes also ensures these frequent changes are executed consistently and efficiently.

    Confidence

    Change management processes will give your organization more confidence through more accurate planning, improved execution of changes, less failure, and more control over the IT environment. This also leads to greater protection against audits.

    You likely need to improve change management more than any other infrastructure & operations process

    The image shows a vertical bar graph. Each segment of the graph is labelled for an infrastructure/operations process. Each segment has two bars one for effectiveness, and another for importance. The first segment, Change Management, is highlighted, with its Effectiveness at a 6.2 and Importance at 8.6

    Source: Info-Tech 2020; n=5,108 IT Professionals from 620 organizations

    Of the eight infrastructure and operations processes measured in Info-Tech’s IT Management and Governance Diagnostic (MGD) program, change management consistently has the second largest gap between importance and effectiveness of these processes.

    Executives and directors recognize the importance of change management but feel theirs is currently ineffective

    Info-Tech’s IT Management and Governance Diagnostic (MGD) program assesses the importance and effectiveness of core IT processes. Since its inception, the MGD has consistently identified change management as an area for immediate improvement.

    The image is a vertical bar graph, with four segments, each having 2 bars, one for Effectiveness and the other for Importance. The four segments are (with Effectiveness and Importance ratings in brackets, respectively): Frontline (6.5/8.6); Manager (6.6/8.9); Director (6.4/8.8); and Executive (6.1/8.8)

    Source: Info-Tech 2020; n=5,108 IT Professionals from 620 organizations

    Importance Scores

    No importance: 1.0-6.9

    Limited importance: 7.0-7.9

    Significant importance: 8.0-8.9

    Critical importance: 9.0-10.0

    Effectiveness Scores

    Not in place: n/a

    Not effective: 0.0-4.9

    Somewhat Ineffective: 5.0-5.9

    Somewhat effective: 6.0-6.9

    Very effective: 7.0-10.0

    There are several common misconceptions about change management

    Which of these have you heard in your organization?

     Reality
    “It’s just a small change; this will only take five minutes to do.” Even a small change can cause a business outage. That small fix could impact a large system connected to the one being fixed.
    “Ad hoc is faster; too many processes slow things down.” Ad hoc might be faster in some cases, but it carries far greater risk. Following defined processes keeps systems stable and risk-averse.
    “Change management is all about speed.” Change management is about managing risk. It gives the illusion of speed by reducing downtime and unplanned work.
    “Change management will limit our capacity to change.” Change management allows for a better alignment of process (release management) with governance (change management).

    Overcome perceived challenges to implementing change management to reap measurable reward

    Before: Informal Change Management

    Change Approval:

    • Changes do not pass through a formal review process before implementation.
    • 10% of released changes are approved.
    • Implementation challenge: Staff will resist having to submit formal change requests and assessments, frustrated at the prospect of having to wait longer to have changes approved.

    Change Prioritization

    • Changes are not prioritized according to urgency, risk, and impact.
    • 60% of changes are urgent.
    • Implementation challenge: Influential stakeholders accustomed to having changes approved and deployed might resist having to submit changes to a standard cost-benefit analysis.

    Change Deployment

    • Changes often negatively impact user productivity.
    • 25% of changes are realized as planned.
    • Implementation challenge: Engaging the business so that formal change freeze periods and regular maintenance windows can be established.

    After: Right-Sized Change Management

    Change Approval

    • All changes pass through a formal review process. Once a change is repeatable and well-tested, it can be pre-approved to save time. Almost no unauthorized changes are deployed.
    • 95% of changes are approved.
    • KPI: Decrease in change-related incidents

    Change Prioritization

    • The CAB prioritizes changes so that the business is satisfied with the speed of change deployment.
    • 35% of changes are urgent.
    • KPI: Decrease in change turnaround time.

    Change deployment

    • Users are always aware of impending changes and changes don’t interrupt critical business activities.
    • Over 80% of changes are realized as planned
    • KPI: Decrease in the number of failed deployments.

    Info-Tech’s methodology for change management optimization focuses on building standardized processes

     1. Define Change Management2. Establish Roles and Workflows3. Define the RFC and Post-Implementation Activities4. Measure, Manage, and Maintain
    Phase Steps

    1.1 Assess Maturity

    1.2 Categorize Changes and Build Your Risk Assessment

    2.1 Determine Roles and Responsibilities

    2.2 Build Core Workflows

    3.1 Design the RFC

    3.2 Establish Post-Implementation Activities

    4.1 Identify Metrics and Build the Change Calendar

    4.2 Implement the Project

      Change Management Standard Operating Procedure (SOP) Change Management Project Summary Template
    Phase Deliverables
    • Change Management Maturity Assessment Tool
    • Change Management Risk Assessment Tool
    • Change Manager Job Description
    • Change Management Process Library
    • Request for Change (RFC) Form Template
    • Change Management Pre-Implementation Checklist
    • Change Management Post-Implementation Checklist
    • Change Management Metrics Tool
    • Change Management
    • Communications Plan
    • Change Management Roadmap Tool

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Change Management Process Library

    Document your normal, pre-approved, and emergency change lifecycles with the core process workflows .

    Change Management Risk Assessment Tool

    Test Drive your impact and likelihood assessment questionnaires with the Change Management Risk Assessment Tool.

    Project Summary Template

    Summarize your efforts in the Optimize IT Change Management Improvement Initiative: Project Summary Template.

    Change Management Roadmap Tool

    Record your action items and roadmap your steps to a mature change management process.

    Key Deliverable:

    Change Management SOP

    Document and formalize your process starting with the change management standard operating procedure (SOP).

    These case studies illustrate the value of various phases of this project

    Define Change Management

    Establish Roles and Workflows

    Define RFC and Post-Implementation Activities

    Measure, Manage, and Maintain

    A major technology company implemented change management to improve productivity by 40%. This case study illustrates the full scope of the project.

    A large technology firm experienced a critical outage due to poor change management practices. This case study illustrates the scope of change management definition and strategy.

    Ignorance of change management process led to a technology giant experiencing a critical cloud outage. This case study illustrates the scope of the process phase.

    A manufacturing company created a makeshift CMDB in the absence of a CMDB to implement change management. This case study illustrates the scope of change intake.

    A financial institution tracked and recorded metrics to aid in the success of their change management program. This case study illustrates the scope of the implementation phase.

    Working through this project with Info-Tech can save you time and money

    Engaging in a Guided Implementation doesn’t just offer valuable project advice, it also results in significant cost savings.

    Guided ImplementationMeasured Vale
    Phase 1: Define Change Management
    • We estimate Phase 1 activities will take 2 FTEs 10 days to complete on their own, but the time saved by using Info-Tech’s methodology will cut that time in half, thereby saving $3,100 (2 FTEs * 5 days * $80,000/year).

    Phase 2: Establish Roles and Workflows

    • We estimate Phase 2 will take 2 FTEs 10 days to complete on their own, but the time saved by using Info-Tech’s methodology will cut that time in half, thereby saving $3,100 (2 FTEs * 5 days * $80,000/year).
    Phase 3: Define the RFC and Post-Implementation Activities
    • We estimate Phase 3 will take 2 FTEs 10 days to complete on their own, but the time saved by using Info-Tech’s methodology will cut that time in half, thereby saving $3,100 (2 FTEs * 5 days * $80,000/year).

    Phase 4: Measure, Manage, and Maintain

    • We estimate Phase 4 will take 2 FTEs 5 days to complete on their own, but the time saved by using Info-Tech’s methodology will cut that time in half, thereby saving $1,500 (2 FTEs * 2.5 days * $80,000/year).
    Total Savings $10,800

    Case Study

    Industry: Technology

    Source: Daniel Grove, Intel

    Intel implemented a robust change management program and experienced a 40% improvement in change efficiency.

    Founded in 1968, the world’s largest microchip and semiconductor company employs over 100,000 people. Intel manufactures processors for major players in the PC market including Apple, Lenovo, HP, and Dell.

    ITIL Change Management Implementation

    With close to 4,000 changes occurring each week, managing Intel’s environment is a formidable task. Before implementing change management within the organization, over 35% of all unscheduled downtime was due to errors resulting from change and release management. Processes were ad hoc or scattered across the organization and no standards were in place.

    Results

    After a robust implementation of change management, Intel experienced a number of improvements including automated approvals, the implementation of a formal change calendar, and an automated RFC form. As a result, Intel improved change productivity by 40% within the first year of the program’s implementation.

    Define Change Management

    Establish Roles and Workflows

    Define RFC and Post-Implementation Activities

    Measure, Manage, and Maintain

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    A Guided Implementation (GI) is series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

    Define Change Management

    • Call #1: Introduce change concepts.
    • Call #2: Assess current maturity.
    • Call #3: Identify target-state capabilities.

    Establish Roles and Workflows

    • Call #4: Review roles and responsibilities.
    • Call #5: Review core change processes.

    Define RFC and Post- Implementation Activities

    • Call #6: Define change intake process.
    • Call #7: Create pre-implementation and post-implementation checklists.

    Measure, Manage, and Maintain

    • Call #8: Review metrics.
    • Call #9: Create roadmap.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

     Day 1Day 2Day 3Day 4Day 5
    Activities

    Define Change Management

    1.1 Outline Strengths and Challenges

    1.2 Conduct a Maturity Assessment

    1.3 Build a Change Categorization Scheme

    1.4 Build Your Risk Assessment

    Establish Roles and Workflows

    2.1 Define the Change Manager Role

    2.2 Outline CAB Protocol and membership

    2.3 Build Normal Change Process

    2.4 Build Emergency Change Process

    2.5 Build Pre-Approved Change Process

    Define the RFC and Post-Implementation Activities

    3.1 Create an RFC Template

    3.2 Determine Post-Implementation Activities

    3.3 Build a Change Calendar Protocol

    Measure, Manage, and Maintain

    4.1 Identify Metrics and Reports

    4.2 Create Communications Plan

    4.3 Build an Implementation Roadmap

    Next Steps and Wrap-Up (offsite)

    5.1 Complete in-progress deliverables from previous four days

    5.2 Set up review time for workshop deliverables and to discuss next steps

    Deliverables
    1. Maturity Assessment
    2. Risk Assessment
    1. Change Manager Job Description
    2. Change Management Process Library
    1. Request for Change (RFC) Form Template
    2. Pre-Implementation Checklist
    3. Post-Implementation Checklist
    1. Metrics Tool
    2. Communications Plan
    3. Project Roadmap
    1. Change Management Standard Operating Procedure (SOP)
    2. Workshop Summary Deck

    Phase 1

    Define Change Management

    Define Change Management

    1.1 Assess Maturity

    1.2 Categorize Changes and Build Your Risk Assessment

    Establish Roles and Workflows

    2.1 Determine Roles and Responsibilities

    2.2 Build Core Workflows

    Define the RFC and Post-Implementation Activities

    3.1 Design the RFC

    3.2 Establish Post-Implementation Activities

    Measure, Manage, and Maintain

    4.1 Identify Metrics and Build the Change Calendar

    4.2 Implement the Project

    This phase will guide you through the following steps:

    • Assess Maturity
    • Categorize Changes and Build Your Risk Assessment

    This phase involves the following participants:

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board

    Step 1.1

    Assess Maturity

    Activities

    1.1.1 Outline the Organization’s Strengths and Challenges

    1.1.2 Complete a Maturity Assessment

    This step involves the following participants:

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board

    Outcomes of this step

    • An understanding of maturity change management processes and frameworks
    • Identification of existing change management challenges and potential causes
    • A framework for assessing change management maturity and an assessment of your existing change management processes

    Define Change Management

    Step 1.1: Assess Maturity → Step 1.2: Categorize Changes and Build Your Risk Assessment

    Change management is often confused with release management, but they are distinct processes

    Change

    • Change management looks at software changes as well as hardware, database, integration, and network changes, with the focus on stability of the entire IT ecosystem for business continuity.
    • Change management provides a holistic view of the IT environment, including dependencies, to ensure nothing is negatively affected by changes.
    • Change documentation is more focused on process, ensuring dependencies are mapped, rollout plans exist, and the business is not at risk.

    Release

    • Release and deployment are the detailed plans that bundle patches, upgrades, and new features into deployment packages, with the intent to change them flawlessly into a production environment.
    • Release management is one of many actions performed under change management’s governance.
    • Release documentation includes technical specifications such as change schedule, package details, change checklist, configuration details, test plan, and rollout and rollback plans.

    Info-Tech Insight

    Ensure the Release Manager is present as part of your CAB. They can explain any change content or dependencies, communicate business approval, and advise the service desk of any defects.

    Integrate change management with other IT processes

    As seen in the context diagram, change management interacts closely with many other IT processes including release management and configuration management (seen below). Ensure you delineate when these interactions occur (e.g. RFC updates and CMDB queries) and which process owns each task.

    The image is a chart mapping the interactions between Change Management and Configuration Management (CMDB).

    Avoid the challenges of poor change management

    1. Deployments
      • Too frequent: The need for frequent deployments results in reduced availability of critical business applications.
      • Failed deployments or rework is required: Deployments are not successful and have to be backed out of and then reworked to resolve issues with the installation.
      • High manual effort: A lack of automation results in high resource costs for deployments. Human error is likely, which adds to the risk of a failed deployment.
    2. Incidents
      • Too many unauthorized changes: If the process is perceived as cumbersome and ineffective, people will bypass it or abuse the emergency designation to get their changes deployed faster.
      • Changes cause incidents: When new releases are deployed, they create problems with related systems or applications.
    3. End Users
      • Low user satisfaction: Poor communication and training result in surprised and unhappy users and support staff.

    “With no controls in place, IT gets the blame for embarrassing outages. Too much control, and IT is seen as a roadblock to innovation.” – Anonymous, VP IT of a federal credit union

    1.1.1 Outline the Organization’s Strengths and Challenges

    Input

    • Current change documentation (workflows, SOP, change policy, etc.)
    • Organizational chart(s)

    Output

    • List of strengths and challenges for change management

    Materials

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board
    1. As group, discuss and outline the change management challenges facing the organization. These may be challenges caused by poor change management processes or by a lack of process.
    2. Use the pain points found on the previous slide to help guide the discussion.
    3. As a group, also outline the strengths of change management and the strengths of the current organization. Use these strengths as a guide to know what practices to continue and what strengths you can leverage to improve the change management process.
    4. Record the activity results in the Project Summary Template.

    Download the Optimize IT Change Management Improvement Initiative: Project Summary Template

    Assess current change management maturity to create a plan for improvement

     ChaosReactiveControlled

    Proactive

    Optimized
    Change Requests No defined processes for submitting changes Low process adherence and no RFC form RFC form is centralized and a point of contact for changes exists RFCs are reviewed for scope and completion RFCs trend analysis and proactive change exists
    Change Review Little to no change risk assessment Risk assessment exists for each RFC RFC form is centralized and a point of contact for changes exists Change calendar exists and is maintained System and component dependencies exist (CMDB)
    Change Approval No formal approval process exists Approval process exists but is not widely followed Unauthorized changes are minimal or nonexistent Change advisory board (CAB) is established and formalized Trend analysis exists increasing pre-approved changes
    Post-Deployment No post-deployment change review exists Process exists but is not widely followed Reduction of change-related incidents Stakeholder satisfaction is gathered and reviewed Lessons learned are propagated and actioned
    Process Governance Roles & responsibilities are ad hoc Roles, policies & procedures are defined & documented Roles, policies & procedures are defined & documented KPIs are tracked, reported on, and reviewed KPIs are proactively managed for improvement

    Info-Tech Insight

    Reaching an optimized level is not feasible for every organization. You may be able to run a very good change management process at the Proactive or even Controlled stage. Pay special attention to keeping your goals attainable.

    1.1.2 Complete a Maturity Assessment

    Input

    • Current change documentation (workflows, SOP, change policy, etc.)

    Output

    • Assessment of current maturity level and goals to improve change management

    Materials

    Participants

    • Change Manager
    • Service Desk Manager
    • Operations (optional)
    1. Use Info-Tech’s Change Management Maturity Assessment Tool to assess the maturity and completeness of your change process.
    2. Significant gaps revealed in this assessment should be the focal points of your discussion when investigating root causes and brainstorming remediation activities:
      1. For each activity of each process area of change management, determine the degree of completeness of your current process.
      2. Review your maturity assessment results and discuss as a group potential reasons why you arrived at your maturity level. Identify areas where you should focus your initial attention for improvement.
      3. Regularly review the maturity of your change management practices by completing this maturity assessment tool periodically to identify other areas to optimize.

    Download the Change Management Maturity Assessment Tool

    Case Study

    Even Google isn’t immune to change-related outages. Plan ahead and communicate to help avoid change-related incidents

    Industry: Technology

    Source: The Register

    As part of a routine maintenance procedure, Google engineers moved App Engine applications between data centers in the Central US to balance out traffic.

    Unfortunately, at the same time that applications were being rerouted, a software update was in progress on the traffic routers, which triggered a restart. This temporarily diminished router capacity, knocking out a sizeable portion of Google Cloud.

    The server drain resulted in a huge spike in startup requests, and the routers simply couldn’t handle the traffic.

    As a result, 21% of Google App Engine applications hosted in the Central US experienced error rates in excess of 10%, while an additional 16% of applications experienced latency, albeit at a lower rate.

    Solution

    Thankfully, engineers were actively monitoring the implementation of the change and were able to spring into action to halt the problem.

    The change was rolled back after 11 minutes, but the configuration error still needed to be fixed. After about two hours, the change failure was resolved and the Google Cloud was fully functional.

    One takeaway for the engineering team was to closely monitor how changes are scheduled. Ultimately, this was the result of miscommunication and a lack of transparency between change teams.

    Step 1.2

    Categorize Changes and Build Your Risk Assessment

    Activities

    1.2.1 Define What Constitutes a Change

    1.2.2 Build a Change Categorization Scheme

    1.2.3 Build a Classification Scheme to Assess Impact

    1.2.4 Build a Classification Scheme to Define Likelihood

    1.2.5 Evaluate and Adjust Your Risk Assessment Scheme

    Define Change Management

    Step 1.1: Assess Maturity → Step 1.2: Categorize Changes and Build Your Risk Assessment

    This step involves the following participants:

    • Infrastructure/Applications Manager
    • Change Manager
    • Members of the Change Advisory Board

    Outcomes of this step

    • A clear definition of what constitutes a change in your organization
    • A defined categorization scheme to classify types of changes
    • A risk assessment matrix and tool for evaluating and prioritizing change requests according to impact and likelihood of risk

    Change must be managed to mitigate risk to the infrastructure

    Change management is the gatekeeper protecting your live environment.

    Successfully managed changes will optimize risk exposure, severity of impact, and disruption. This will result in the bottom-line business benefits of removal of risk, early realization of benefits, and savings of money and time.

    • IT change is constant; change requests will be made both proactively and reactively to upgrade systems, acquire new functionality, and to prevent or resolve incidents.
    • Every change to the infrastructure must pass through the change management process before being deployed to ensure that it has been properly assessed and tested, and to check that a backout /rollback plan is in place.
    • It will be less expensive to invest in a rigorous change management process than to resolve incidents, service disruptions, and outages caused by the deployment of a bad change.
    • Change management is what gives you control and visibility regarding what is introduced to the live environment, preventing incidents that threaten business continuity.

    80%

    In organizations without formal change management processes, about 80% (The Visible Ops Handbook) of IT service outage problems are caused by updates and changes to systems, applications, and infrastructure. It’s crucial to track and systematically manage change to fully understand and predict the risks and potential impact of the change.

    Attributes of a change

    Differentiate changes from other IT requests

    Is this in the production environment of a business process?

    The core business of the enterprise or supporting functions may be affected.

    Does the task affect an enterprise managed system?

    If it’s for a local application, it’s a service request

    How many users are impacted?

    It should usually impact more than a single user (in most cases).

    Is there a configuration, or code, or workflow, or UI/UX change?

    Any impact on a business process is a change; adding a user or a recipient to a report or mailing list is not a change.

    Does the underlying service currently exist?

    If it’s a new service, then it’s better described as a project.

    Is this done/requested by IT?

    It needs to be within the scope of IT for the change management process to apply.

    Will this take longer than one week?

    As a general rule, if it takes longer than 40 hours of work to complete, it’s likely a project.

    Defining what constitutes a change

    Every change request will initiate the change management process; don’t waste time reviewing requests that are out of scope.

    ChangeService Request (User)Operational Task (Backend)
    • Fixing defects in code
    • Changing configuration of an enterprise system
    • Adding new software or hardware components
    • Switching an application to another VM
    • Standardized request
    • New PC
    • Permissions request
    • Change password
    • Add user
    • Purchases
    • Change the backup tape
    • Delete temporary files
    • Maintain database (one that is well defined, repeatable, and predictable)
    • Run utilities to repair a database

    Do not treat every IT request as a change!

    • Many organizations make the mistake of calling a standard service request or operational task a “change.”
    • Every change request will initiate the change management process; don’t waste time reviewing requests that are out of scope.
    • While the overuse of RFCs for out-of-scope requests is better than a lack of process, this will slow the process and delay the approval of more critical changes.
    • Requiring an RFC for something that should be considered day-to-day work will also discourage people from adhering to the process, because the RFC will be seen as meaningless paperwork.

     

    1.2.1 Define What Constitutes a Change

    Input

    • List of examples of each category of the chart

    Output

    • Definitions for each category to be used at change intake

    Materials

    • Whiteboard/flip charts (or shared screen if working remotely)
    • Service catalog (if applicable)
    • Sticky notes
    • Markers/pens
    • Change Management SOP

    Participants

    • Infrastructure Manager
    • Change Manager
    • Members of the Change Advisory Board
    1. As a group, brainstorm examples of changes, projects, service requests (user), operational tasks (backend), and releases. You may add additional categories as needed (e.g. incidents).
    2. Have each participant write the examples on sticky notes and populate the following chart on the whiteboard/flip chart.
    3. Use the examples to draw lines and define what defines each category.
      • What makes a change distinct from a project?
      • What makes a change distinct from a service request?
      • What makes a change distinct from an operational task?
      • When do the category workflows cross over with other categories? (For example, when does a project interact with change management?)
    4. Record the definitions of requests and results in section 2.3 of the Change Management Standard Operating Procedure (SOP).
    ChangeProjectService Request (User)Operational Task (Backend)Release
    Changing Configuration ERP upgrade Add new user Delete temp files Software release

    Download the Change Management Standard Operating Procedure (SOP).

    Each RFC should define resources needed to effect the change

    In addition to assigning a category to each RFC based on risk assessment, each RFC should also be assigned a priority based on the impact of the change on the IT organization, in terms of the resources needed to effect the change.

    Categories include

    Normal

    Emergency

    Pre-Approved

    The majority of changes will be pre-approved or normal changes. Definitions of each category are provided on the next slide.

    Info-Tech uses the term pre-approved rather than the ITIL terminology of standard to more accurately define the type of change represented by this category.

    A potential fourth change category of expedited may be employed if you are having issues with process adherence or if you experience changes driven from outside change management’s control (e.g. from the CIO, director, judiciary, etc.) See Appendix I for more details.

    Info-Tech Best Practice

    Do not rush to designate changes as pre-approved. You may have a good idea of which changes may be considered pre-approved, but make sure they are in fact low-risk and well-documented before moving them over from the normal category.

    The category of the change determines the process it follows

     Pre-ApprovedNormalEmergency
    Definition
    • Tasks are well-known, documented, and proven
    • Budgetary approval is preordained or within control of change requester
    • Risk is low and understood
    • There’s a low probability of failure
    • All changes that are not pre-approved or emergency will be classified as normal
    • Further categorized by priority/risk
    • The change is being requested to resolve a current or imminent critical/severity-1 incident that threatens business continuity
    • Associated with a critical incident or problem ticket
    Trigger
    • The same change is built and changed repeatedly using the same install procedures and resulting in the same low-risk outcome
    • Upgrade or new functionality that will capture a business benefit
    • A fix to a current problem
    • A current or imminent critical incident that will impact business continuity
    • Urgency to implement the change must be established, as well as lack of any alternative or workaround
    Workflow
    • Pre-established
    • Repeatable with same sequence of actions, with minimal judgment or decision points
    • Dependent on the change
    • Different workflows depending on prioritization
    • Dependent on the change
    Approval
    • Change Manager (does not need to be reviewed by CAB)
    • CAB
    • Approval from the Emergency Change Advisory Board (E-CAB) is sufficient to proceed with the change
    • A retroactive RFC must be created and approved by the CAB

    Pay close attention to defining your pre-approved changes. They are going to be critical for running a smooth change management practice in a DevOps Environment

    1.2.2 Build a Change Categorization Scheme

    Input

    • List of examples of each change category

    Output

    • Definitions for each change category

    Materials

    • Whiteboard/flip charts (or shared screen if working remotely)
    • Service catalog (if applicable)
    • Sticky notes
    • Markers
    • Change Management SOP

    Participants

    • Infrastructure Manager
    • Change Manager
    • Members of the Change Advisory Board
    1. Discuss the change categories on the previous slide and modify the types of descriptions to suit your organization.
    2. Once the change categories or types are defined, identify several examples of change requests that would fall under each category.
    3. Types of normal changes will be further defined in the next activity and can be left blank for now.
    4. Examples are provided below. Capture your definitions in section 4 of your Change Management SOP.
    Pre-Approved (AKA Standard)NormalEmergency
    • Microsoft patch management/deployment
    • Windows update
    • Minor form changes
    • Service pack updates on non-critical systems
    • Advance label status on orders
    • Change log retention period/storage
    • Change backup frequency

    Major

    • Active directory server upgrade
    • New ERP

    Medium

    • Network upgrade
    • High availability implementation

    Minor

    • Ticket system go-live
    • UPS replacement
    • Cognos update
    • Any change other than a pre-approved change
    • Needed to resolve a major outage in a Tier 1 system

    Assess the risk for each normal change based on impact (severity) and likelihood (probability)

    Create a change assessment risk matrix to standardize risk assessment for new changes. Formalizing this assessment should be one of the first priorities of change management.

    The following slides guide you through the steps of formalizing a risk assessment according to impact and likelihood:

    1. Define a risk matrix: Risk matrices can either be a 3x3 matrix (Minor, Medium, or High Risk as shown on the next slide) or a 4x4 matrix (Minor, Medium, High, or Critical Risk).
    2. Build an impact assessment: Enable consistent measurement of impact for each change by incorporating a standardized questionnaire for each RFC.
    3. Build a likelihood assessment: Enable the consistent measurement of impact for each change by incorporating a standardized questionnaire for each RFC.
    4. Test drive your risk assessment and make necessary adjustments: Measure your newly formed risk assessment questionnaires against historical changes to test its accuracy.

    Consider risk

    1. Risk should be the primary consideration in classifying a normal change as Low, Medium, High. The extent of governance required, as well as minimum timeline to implement the change, will follow from the risk assessment.
    2. The business benefit often matches the impact level of the risk – a change that will provide a significant benefit to a large number of users may likely carry an equally major downside if deviations occur.

    Info-Tech Insight

    All changes entail an additional level of risk. Risk is a function of impact and likelihood. Risk may be reduced, accepted, or neutralized through following best practices around training, testing, backout planning, redundancy, timing and sequencing of changes, etc.

    Create a risk matrix to assign a risk rating to each RFC

    Every normal RFC should be assigned a risk rating.

    How is risk rating determined?

    • Priority should be based on the business consequences of implementing or denying the change.
    • Risk rating is assigned using the impact of the risk and likelihood/probability that the event may occur.

    Who determines priority?

    • Priority should be decided with the change requester and with the CAB, if necessary.
    • Don’t let the change requester decide priority alone, as they will usually assign it a higher priority than is justified. Use a repeatable, standardized framework to assess each request.

    How is risk rating used?

    • Risk rating is used to determine which changes should be discussed and assessed first.
    • Time frames and escalation processes should be defined for each risk level.

    RFCs need to clearly identify the risk level of the proposed change. This can be done through statement of impact and likelihood (low/medium/high) or through pertinent questions linked with business rules to assess the risk.

    Risk always has a negative impact, but the size of the impact can vary considerably in terms of cost, number of people or sites affected, and severity of the impact. Impact questions tend to be more objective and quantifiable than likelihood questions.

    Risk Matrix

    Risk Matrix. Impact vs. Likelihood. Low impact, Low Likelihood and Medium Impact, Medium Likelihood are minor risks. High Likelihood, Low Impact; Medium Likelihood, Medium Impact; and Low Likelihood, High Impact are Medium Risk. High Impact, High Likelihood; High Impact, Medium Likelihood; and Medium Impact, High Likelihood are Major risk.

    1.2.3 Build a Classification Scheme to Assess Impact

    Input

    • Current risk assessment (if available)

    Output

    • Tailored impact assessment

    Materials

    Participants

    • CIO
    • Infrastructure Manager
    • Change Manager
    • Members of the Change Advisory Board
    1. Define a set of questions to measure risk impact.
    2. For each question, assign a weight that should be placed on that factor.
    3. Define criteria for each question that would categorize the risk as high, medium, or low.
    4. Capture your results in section 4.3.1 of your Change Management SOP.
    Impact
    Weight Question High Medium Low
    15% # of people affected 36+ 11-35 <10
    20% # of sites affected 4+ 2-3 1
    15% Duration of recovery (minutes of business time) 180+ 30-18 <3
    20% Systems affected Mission critical Important Informational
    30% External customer impact Loss of customer Service interruption None

    1.2.4 Build a Classification Scheme to Define Likelihood

    Input

    • Current risk assessment (if available)

    Output

    • Tailored likelihood assessment

    Materials

    Participants

    • CIO
    • Infrastructure Manager
    • Change Manager
    • Members of the Change Advisory Board
    1. Define a set of questions to measure risk likelihood.
    2. For each question, assign a weight that should be placed on that factor.
    3. Define criteria for each question that would categorize the risk as high, medium, or low.
    4. Capture your results in section 4.3.2 of your Change Management SOP.
    LIKELIHOOD
    Weight Question High Medium Low
    25% Has this change been tested? No   Yes
    10% Have all the relevant groups (companies, departments, executives) vetted the change? No Partial Yes
    5% Has this change been documented? No   Yes
    15% How long is the change window? When can we implement? Specified day/time Partial Per IT choice
    20% Do we have trained and experienced staff available to implement this change? If only external consultants are available, the rating will be “medium” at best. No   Yes
    25% Has an implementation plan been developed? No   Yes

    1.2.5 Evaluate and Adjust Your Risk Assessment Scheme

    Input

    • Impact and likelihood assessments from previous two activities

    Output

    • Vetted risk assessment

    Materials

    Participants

    • CIO
    • Infrastructure Manager
    • Change Manager
    • Members of the Change Advisory Board
    1. Draw your risk matrix on a whiteboard or flip chart.
    2. As a group, identify up to 10 examples of requests for changes that would apply within your organization. Depending on the number of people participating, each person could identify one or two changes and write them on sticky notes.
    3. Take turns bringing your sticky notes up to the risk matrix and placing each where it belongs, according to the assessment criteria you defined.
    4. After each participant has taken a turn, discuss each change as a group and adjust the placement of any changes, if needed. Update the risk assessment weightings or questions, if needed.

    Download the Change Management Rick Assessment Tool.

    #

    Change Example

    Impact

    Likelihood

    Risk

    1

    ERP change

    High

    Medium

    Major

    2

    Ticket system go-live

    Medium

    Low

    Minor

    3

    UPS replacement

    Medium

    Low

    Minor

    4

    Network upgrade

    Medium

    Medium

    Medium

    5

    AD upgrade

    Medium

    Low

    Minor

    6

    High availability implementation

    Low

    Medium

    Minor

    7

    Key-card implementation

    Low

    High

    Medium

    8

    Anti-virus update

    Low

    Low

    Minor

    9

    Website

    Low

    Medium

    Minor

     

    Case Study

    A CMDB is not a prerequisite of change management. Don’t let the absence of a configuration management database (CMDB) prevent you from implementing change management.

    Industry: Manufacturing

    Source: Anonymous Info-Tech member

    Challenge

    The company was planning to implement a CMDB; however, full implementation was still one year away and subject to budget constraints.

    Without a CMDB, it would be difficult to understand the interdependencies between systems and therefore be able to provide notifications to potentially affected user groups prior to implementing technical changes.

    This could have derailed the change management project.

    Solution

    An Excel template was set up as a stopgap measure until the full implementation of the CMDB. The template included all identified dependencies between systems, along with a “dependency tier” for each IT service.

    Tier 1: The dependent system would not operate if the upstream system change resulted in an outage.

    Tier 2: The dependent system would suffer severe degradation of performance and/or features.

    Tier 3: The dependent system would see minor performance degradation or minor feature unavailability.

    Results

    As a stopgap measure, the solution worked well. When changes ran the risk of degrading downstream dependent systems, the impacted business system owner’s authorization was sought and end users were informed in advance.

    The primary takeaway was that a system to manage configuration linkages and system dependencies was key.

    While a CMDB is ideal for this use case, IT organizations shouldn’t let the lack of such a system stop progress on change management.

    Case Study (part 1 of 4)

    Intel used a maturity assessment to kick-start its new change management program.

    Industry: Technology

    Source: Daniel Grove, Intel

    Challenge

    Founded in 1968, the world’s largest microchip and semiconductor company employs over 100,000 people. Intel manufactures processors for major players in the PC market including Apple, Lenovo, HP, and Dell.

    Intel IT supports over 65,000 servers, 3.2 petabytes of data, over 70,000 PCs, and 2.6 million emails per day.

    Intel’s change management program is responsible for over 4,000 changes each week.

    Solution

    Due to the sheer volume of change management activities present at Intel, over 35% of unscheduled outages were the result of changes.

    Ineffective change management was identified as the top contributor of incidents with unscheduled downtime.

    One of the major issues highlighted was a lack of process ownership. The change management process at Intel was very fragmented, and that needed to change.

    Results

    Daniel Grove, Senior Release & Change Manager at Intel, identified that clarifying tasks for the Change Manager and the CAB would improve process efficiency by reducing decision lag time. Roles and responsibilities were reworked and clarified.

    Intel conducted a maturity assessment of the overall change management process to identify key areas for improvement.

    Phase 2

    Establish Roles and Workflows

    For running change management in DevOps environment, see Appendix II.

    Define Change Management

    1.1 Assess Maturity

    1.2 Categorize Changes and Build Your Risk Assessment

    Establish Roles and Workflows

    2.1 Determine Roles and Responsibilities

    2.2 Build Core Workflows

    Define RFC and Post-Implementation Activities

    3.1 Design the RFC

    3.2 Establish Post-Implementation Activities

    Measure, Manage, and Maintain

    4.1 Identify Metrics and Build the Change Calendar

    4.2 Implement the Project

    This phase will guide you through the following steps:

    • Determine Roles and Responsibilities
    • Build Core Workflows

    This phase involves the following participants:

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board

    Step 2.1

    Determine Roles and Responsibilities

    Activities

    2.1.1 Capture Roles and Responsibilities Using a RACI Chart

    2.1.2 Determine Your Change Manager’s Responsibilities

    2.1.3 Define the Authority and Responsibilities of Your CAB

    2.1.4 Determine an E-CAB Protocol for Your Organization

    Establish Roles and Workflows

    Step 2.1: Determine Roles and Responsibilities → Step 2.2: Build Core Workflows

    This step involves the following participants:

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board

    Outcomes of this step

    • Clearly defined responsibilities to form the job description for a Change Manager
    • Clearly defined roles and responsibilities for the change management team, including the business system owner, technical SME, and CAB members
    • Defined responsibilities and authority of the CAB
    • Protocol for an emergency CAB (E-CAB) meeting

    Identify roles and responsibilities for your change management team

    Business System Owner

    • Provides downtime window(s)
    • Advises on need for change (prior to creation of RFC)
    • Validates change (through UAT or other validation as necessary)
    • Provides approval for expedited changes (needs to be at executive level)

    Technical Subject Matter Expert (SME)

    • Advises on proposed changes prior to RFC submission
    • Reviews draft RFC for technical soundness
    • Assesses backout/rollback plan
    • Checks if knowledgebase has been consulted for prior lessons learned
    • Participates in the PIR, if necessary
    • Ensures that the service desk is trained on the change

    CAB

    • Approves/rejects RFCs for normal changes
    • Reviews lessons learned from PIRs
    • Decides on the scope of change management
    • Reviews metrics and decides on remedial actions
    • Considers changes to be added to list of pre-approved changes
    • Communicates to organization about upcoming changes

    Change Manager

    • Reviews RFCs for completeness
    • Ensures RFCs brought to the CAB have a high chance of approval
    • Chairs CAB meetings, including scheduling, agenda preparation, reporting, and follow-ups
    • Manages post-implementation reviews and reporting
    • Organizes internal communications (within IT)

    2.1.1 Capture Roles and Responsibilities Using a RACI Chart

    Input

    • Current SOP

    Output

    • Documented roles and responsibilities in change management in a RACI chart

    Materials

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board
    1. As a group, work through developing a RACI chart to determine the roles and responsibilities of individuals involved in the change management practice based on the following criteria:
      • Responsible (performs the work)
      • Accountable (ensures the work is done)
      • Consulted (two-way communication)
      • Informed (one-way communication)
    2. Record your results in slide 14 of the Project Summary Template and section 3.1 of your Change Management SOP.
    Change Management TasksOriginatorSystem OwnerChange ManagerCAB MemberTechnical SMEService DeskCIO/ VP ITE-CAB Member
    Review the RFC C C A C R C R  
    Validate changes C C A C R C R  
    Assess test plan A C R R C   I  
    Approve the RFC I C A R C   I  
    Create communications plan R I A     I I  
    Deploy communications plan I I A I   R    
    Review metrics   C A R   C I  
    Perform a post implementation review   C R A     I  
    Review lessons learned from PIR activities     R A   C    

    Designate a Change Manager to own the process, change templates, and tools

    The Change Manager will be the point of contact for all process questions related to change management.

    • The Change Manager needs the authority to reject change requests, regardless of the seniority of the requester.
    • The Change Manager needs the authority to enforce compliance to a standard process.
    • The Change Manager needs enough cross-functional subject-matter expertise to accurately evaluate the impact of change from both an IT and business perspective.

    Info-Tech Best Practice

    Some organizations will not be able to assign a dedicated Change Manager, but they must still task an individual with change review authority and with ownership of the risk assessment and other key parts of the process.

    Responsibilities

    1. The Change Manager is your first stop for change approval. Both the change management and release and deployment management processes rely on the Change Manager to function.
    2. Every single change that is applied to the live environment, from a single patch to a major change, must originate with a request for change (RFC), which is then approved by the Change Manager to proceed to the CAB for full approval.
    3. Change templates and tools, such as the change calendar, list of preapproved changes, and risk assessment template are controlled by the Change Manager.
    4. The Change Manager also needs to have ownership over gathering metrics and reports surrounding deployed changes. A skilled Change Manager needs to have an aptitude for applying metrics for continual improvement activities.

    2.1.2 Document Your Change Manager’s Responsibilities

    Input

    • Current Change Manager job description (if available)

    Output

    • Change Manager job description and list of responsibilities

    Materials

    • Whiteboard/flip charts (or shared screen if working remotely)
    • Markers/pens
    • Info-Tech’s Change Manager Job Description
    • Change Management SOP

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board

    1.Using the previous slide, Info-Tech’s Change Manager Job Description, and the examples below, brainstorm responsibilities for the Change Manager.

    2.Record the responsibilities in Section 3.2 of your Change Management SOP.

    Example:

    Change Manager: James Corey

    Responsibilities

    1. Own the process, tools, and templates.
    2. Control the Change Management SOP.
    3. Provide standard RFC forms.
    4. Distribute RFCs for CAB review.
    5. Receive all initial RFCs and check them for completion.
    6. Approve initial RFCs.
    7. Approve pre-approved changes.
    8. Approve the conversion of normal changes to pre-approved changes.
    9. Assemble the Emergency CAB (E-CAB) when emergency change requests are received.
    10. Approve submission of RFCs for CAB review.
    11. Chair the CAB:
      • Set the CAB agenda and distribute it at least 24 hours before the meeting.
      • Ensure the agenda is adhered to.
      • Make the final approval/prioritization decision regarding a change if the CAB is deadlocked and cannot come to an agreement.
      • Distribute CAB meeting minutes to all members and relevant stakeholders.

    Download the Change Manager Job Description

    Create a Change Advisory Board (CAB) to provide process governance

    The primary functions of the CAB are to:

    1. Protect the live environment from poorly assessed, tested, and implemented changes.
      • CAB approval is required for all normal and emergency changes.
      • If a change results in an incident or outage, the CAB is effectively responsible; it’s the responsibility of the CAB to assess and accept the potential impact of every change.
    2. Prioritize changes in a way that fairly reflects change impact and urgency.
      • Change requests will originate from multiple stakeholders, some of whom have competing interests.
      • It’s up to the CAB to prioritize these requests effectively so that business need is balanced with any potential risk to the infrastructure.
      • The CAB should seek to reduce the number of emergency/expedited changes.
    3. Schedule deployments in a way that minimizes conflict and disruption.
      • The CAB uses a change calendar populated with project work, upcoming organizational initiatives, and change freeze periods. They will schedule changes around these blocks to avoid disrupting user productivity.
      • The CAB should work closely with the release and deployment management teams to coordinate change/release scheduling.

    See what responsibilities in the CAB’s process are already performed by the DevOps lifecycle (e.g. authorization, deconfliction etc.). Do not duplicate efforts.

    Use diverse representation from the business to form an effective CAB

    The CAB needs insight into all areas of the business to avoid approving a high-risk change.

    Based on the core responsibilities you have defined, the CAB needs to be composed of a diverse set of individuals who provide quality:

    • Change need assessments – identifying the value and purpose of a proposed change.
    • Change risk assessments – confirmation of the technical impact and likelihood assessments that lead to a risk score, based on the inputs in RFC.
    • Change scheduling – offer a variety of perspectives and responsibilities and will be able to identify potential scheduling conflicts.
     CAB RepresentationValue Added
    Business Members
    • CIO
    • Business Relationship Manager
    • Service Level Manager
    • Business Analyst
    • Identify change blackout periods, change impact, and business urgency.
    • Assess impact on fiduciary, legal, and/or audit requirements.
    • Determine acceptable business risk.
    IT Operations Members
    • Managers representing all IT functions
    • IT Directors
    • Subject Matter Experts (SMEs)
    • Identify dependencies and downstream impacts.
    • Identify possible conflicts with pre-existing OLAs and SLAs.
    CAB Attendees
    • Specific SMEs, tech specialists, and business and vendor reps relevant to a particular change
    • Only attend meetings when invited by the Change Manager
    • Provide detailed information and expertise related to their particular subject areas.
    • Speak to requirements, change impact, and cost.

    Info-Tech Best Practice

    Form a core CAB (members attend every week) and an optional CAB (members who attend only when a change impacts them or when they can provide value in discussions about a change). This way, members can have their voice heard without spending every week in a meeting where they do not contribute.

    2.1.3 Define the Authority and Responsibilities of Your CAB

    Input

    • Current SOP or CAB charter (if available)

    Output

    • Documented list of CAB authorities and responsibilities

    Materials

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board

    1.Using the previous slide and the examples below, list the authorities and responsibilities of your CAB.

    2.Record the responsibilities in section 3.3.2 of your Change Management SOP and the Project Summary Template.

    Example:

    CAP AuthorityCAP Responsibilities
    • Final authority over the deployment of all normal and emergency changes.
    • Authority to absorb the risk of a change.
    • Authority to set the change calendar:
      • Maintenance windows.
      • Change freeze periods.
      • Project work.
      • Authority to delay changes.
    • Evaluate all normal and emergency changes.
    • Verify all normal change test, backout, and implementation plans.
    • Verify all normal change test results.
    • Approve all normal and emergency changes.
    • Prioritize all normal changes.
    • Schedule all normal and emergency changes.
    • Review failed change deployments.

    Establish an emergency CAB (E-CAB) protocol

    • When an emergency change request is received, you will not be able to wait until the regularly scheduled CAB meeting.
    • As a group, decide who will sit on the E-CAB and what their protocol will be when assessing and approving emergency changes.

    Change owner conferences with E-CAB (best efforts to reach them) through email or messaging.

    E-CAB members and business system owners are provided with change details. No decision is made without feedback from at least one E-CAB member.

    If business continuity is being affected, the Change Manager has authority to approve change.

    Full documentation of the change (a retroactive RFC) is done after the change and is then reviewed by the CAB.

    Info-Tech Best Practice

    Members of the E-CAB should be a subset of the CAB who are typically quick to respond to their messages, even at odd hours of the night.

    2.1.4 Determine an E-CAB Protocol for Your Organization

    Input

    • Current SOP or CAB charter (if available)

    Output

    • E-CAB protocol

    Materials

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board
    1. Gather the members of the E-CAB and other necessary representatives from the change management team.
    2. Determine the order of operations for the E-CAB in the event that an emergency change is needed.
    3. Consult the example emergency protocol below. Determine what roles and responsibilities are involved at each stage of the emergency change’s implementation.
    4. Document the E-CAB protocol in section 3.4 of your Change Management SOP.

    Example

    Assemble E-CAB

    Assess Change

    Test (if Applicable)

    Deploy Change

    Create Retroactive RFC

    Review With CAB

    Step 2.2

    Build Core Workflows

    Activities

    2.2.1 Build a CMDB-lite as a Reference for Requested Changes

    2.2.2 Create a Normal Change Process

    2.2.3 Create a Pre-Approved Change Process

    2.2.4 Create an Emergency Change Process

    Establish Roles and Workflows

    Step 2.1: Determine Roles and Responsibilities → Step 2.2: Build Core Workflows

    This step involves the following participants:

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board

    Outcomes of this step

    • Emergency change workflow
    • Normal process workflow
    • Pre-approved change workflow

    Establishing Workflows: Change Management Lifecycle

    Improve

    • A post-implementation review assesses the value of the actual change measured against the proposed change in terms of benefits, costs, and impact.
    • Results recorded in the change log.
    • Accountability: Change Manager Change Implementer

    Request

    • A change request (RFC) can be submitted via paper form, phone, email, or web portal.
    • Accountability: Change requester/Initiator

    Assess

    • The request is screened to ensure it meets an agreed-upon set of business criteria.
    • Changes are assessed on:
      • Impact of change
      • Risks or interdependencies
      • Resourcing and costs
    • Accountability: Change Manager

    Plan

    • Tasks are assigned, planned, and executed.
    • Change schedule is consulted and necessary resources are identified.
    • Accountability: Change Manager

    Approve

    • Approved requests are sent to the most efficient channel based on risk, urgency, and complexity.
    • Change is sent to CAB members for final review and approval
    • Accountability: Change Manager
      • Change Advisory Board

    Implement

    • Approved changes are deployed.
    • A rollback plan is created to mitigate risk.
    • Accountability: Change Manager Change Implementer

    Establishing workflows: employ a SIPOC model for process definition

    A good SIPOC (supplier, input, process, output, customer) model helps establish the boundaries of each process step and provides a concise definition of the expected outcomes and required inputs. It’s a useful and recommended next step for every workflow diagram.

    For change management, employ a SIPOC model to outline your CAB process:

    Supplier

    • Who or what organization provides the inputs to the process? The supplier can be internal or external.

    Input

    • What goes into the process step? This can be a document, data, information, or a decision.

    Process

    • Activities that occur in the process step that’s being analyzed.

    Output

    • What does the process step produce? This can be a document, data, information, or a decision.

    Customer

    • Who or what organization(s) takes the output of the process? The customer can be internal or external.

    Optional Fields

    Metrics

    • Top-level indicators that usually relate to the input and output, e.g. turnaround time, risk matrix completeness.

    Controls

    • Checkpoints to ensure process step quality.

    Dependencies

    • Other process steps that require the output.

    RACI

    • Those who are Responsible, Accountable, Consulted, or Informed (RACI) about the input, output, and/or process.

    Establish change workflows: assess requested changes to identify impact and dependencies

    An effective change assessment workflow is a holistic process that leaves no stone unturned in an effort to mitigate risk before any change reaches the approval stage. The four crucial areas of risk in a change workflow are:

    Dependencies

    Identify all components of the change.

    Ask how changes will affect:

    • Services on the same infrastructure?
    • Applications?
    • Infrastructure/app architecture?
    • Security?
    • Ability to support critical systems?

    Business Impact

    Frame the change from a business point of view to identify potential disruptions to business activities.

    Your assessment should cover:

    • Business processes
    • User productivity
    • Customer service
    • BCPs

    SLA Impact

    Each new change can impact the level of service available.

    Examine the impact on:

    • Availability of critical systems
    • Infrastructure and app performance
    • Infrastructure and app capacity
    • Existing disaster recovery plans and procedures

    Required Resources

    Once risk has been assessed, resources need to be identified to ensure the change can be executed.

    These include:

    • People (SMEs, tech support, work effort/duration)
    • System time for scheduled implementation
    • Hardware or software (new or existing, as well as tools)

    Establishing workflows: pinpoint dependencies to identify the need for additional changes

    An assessment of each change and a query of the CMDB needs to be performed as part of the change planning process to mitigate outage risk.

    • A version upgrade on one piece of software may require another component to be upgraded as well. For example, an upgrade to the database management system requires that an application that uses the database be upgraded or modified.
    • The sequence of the release must also be determined, as certain components may need to be upgraded before others. For example, if you upgrade the Exchange Server, a Windows update must be installed prior to the Exchange upgrade.
    • If you do not have a CMDB, consider building a CMDB-lite, which consists of a listing of systems, primary users, SMEs, business owners, and system dependencies (see next slide).

    Services Impacted

    • Have affected services been identified?
    • Have supporting services been identified?
    • Has someone checked the CMDB to ensure all dependencies have been accounted for?
    • Have we referenced the service catalog so the business approves what they’re authorizing?

    Technical Teams Impacted

    • Who will support the change throughout testing and implementation?
    • Will additional support be needed?
    • Do we need outside support from eternal suppliers?
    • Has someone checked the contract to ensure any additional costs have been approved?

    Build a dependency matrix to avoid change related collisions (optional)

    A CMDB-lite does not replace a CMDB but can be a valuable tool to leverage when requesting changes if you do not currently have configuration management. Consider the following inputs when building your own CMDB-lite.

    • System
      • To build a CMDB-lite, start with the top 10 systems in your environment that experience changes. This list can always be populated iteratively.
    • Primary Users
      • Listing the primary users will give a change requester a first glance at the impact of the change.
      • You can also use this information when looking at the change communication and training after the change is implemented.
    • SME/Backup
      • These are the staff that will likely build and implement the change. The backup is listed in case the primary is on holiday.
    • Business System Owner
      • The owner of the system is one of the people needed to sign off on the change. Having their support from the beginning of a change is necessary to build and implement it successfully.
    • Tier 1 Dependency
      • If the primary system experiences and outage, Tier 1 dependency functionality is also lost. To request a change, include the business system owner signoffs of the Tier 1 dependencies of the primary system.
    • Tier 2 Dependency
      • If the primary system experiences an outage, Tier 2 dependency functionality is lost, but there is an available workaround. As with Tier 1, this information can help you build a backout plan in case there is a change-related collision.
    • Tier 3 Dependency
      • Tier 3 functionality is not lost if the primary system experiences an outage, but nice-to-haves such as aesthetics are affected.

    2.2.1 Build a CMDB-lite as a Reference for Requested Changes

    Input

    • Current system ownership documentation

    Output

    • Documented reference for change requests (CMDB-lite)

    Materials

    • Whiteboard/flip charts (or shared screen if working remotely)
    • Sticky notes
    • Markers/pens

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board
    1. Start with a list of your top 10-15 systems/services with the highest volume of changes.
    2. Using a whiteboard, flip chart, or shared screen, complete the table below by filling the corresponding Primary Users, SMEs, Business System Owner, and Dependencies as shown below. It may help to use sticky notes.
    3. Iteratively populate the table as you notice gaps with incoming changes.
    SystemPrimary UsersSMEBackup SME(s)Business System OwnerTier 1 Dependency (system functionality is down)Tier 2 (impaired functionality/ workaround available)Tier 3 Dependency (nice to have)
    Email Enterprise Naomi Amos James
    • ITSMs
    • Scan-to-email
    • Reporting
     
    • Lots
    Conferencing Tool Enterprise Alex Shed James
    • Videoconferencing
    • Conference rooms (can use Facebook messenger instead in worst case scenario)
    • IM
    ITSM (Service Now) Enterprise (Intl.) Anderson TBD Mike
    • Work orders
    • Dashboards
    • Purchasing
     
    ITSM (Manage Engine) North America Bobbie Joseph Mike
    • Work orders
    • Dashboards
    • Purchasing
     

    Establishing workflows: create standards for change approvals to improve efficiency

    • Not all changes are created equal, and not all changes require the same degree of approval. As part of the change management process, it’s important to define who is the authority for each type of change.
    • Failure to do so can create bureaucratic bottlenecks if each change is held to an unnecessary high level of scrutiny, or unplanned outages may occur due to changes circumventing the formal approval process.
    • A balance must be met and defined to ensure the process is not bypassed or bottlenecked.

    Info-Tech Best Practice

    Define a list pre-approved changes and automate them (if possible) using your ITSM solution. This will save valuable time for more important changes in the queue.

    Example:

    Change CategoryChange Authority
    Pre-approved change Department head/manager
    Emergency change E-CAB
    Normal change – low and medium risk CAB
    Normal change – high risk CAB and CIO (for visibility)

    Example process: Normal Change – Change Initiation

    Change initiation allows for assurance that the request is in scope for change management and acts as a filter for out-of-scope changes to be redirected to the proper workflow. Initiation also assesses who may be assigned to the change and the proper category of the change, and results in an RFC to be populated before the change reaches the build and test phase.

    The image is a horizontal flow chart, depicting an example of a change process.

    The change trigger assessment is critical in the DevOps lifecycle. This can take a more formal role of a technical review board (TRB) or, with enough maturity, may be automated. Responsibilities such as deconfliction, dependency identification, calendar query, and authorization identification can be done early in the lifecycle to decrease or eliminate the burden on CAB.

    For the full process, refer to the Change Management Process Library.

    Example process: Normal Change – Technical Build and Test

    The technical build and test stage includes all technical prerequisites and testing needed for a change to pass before proceeding to approval and implementation. In addition to a technical review, a solution consisting of the implementation, rollback, communications, and training plan are also built and included in the RFC before passing it to the CAB.

    The image is a flowchart, showing the process for change during the technical build and test stage.

    For the full process, refer to the Change Management Process Library.

    Example process: Normal Change – Change Approval (CAB)

    Change approval can start with the Change Manager reviewing all incoming RFCs to filter them for completeness and check them for red flags before passing them to the CAB. This saves the CAB from discussing incomplete changes and allows the Change Manager to set a CAB agenda before the CAB meeting. If need be, change approval can also set vendor communications necessary for changes, as well as the final implementation date of the change. The CAB and Change Manager may follow up with the appropriate parties notifying them of the approval decision (accepted, rescheduled, or rejected).

    The image shows a flowchart illustrating the process for change approval.

    For the full process, refer to the Change Management Process Library.

    Example process: Normal Change – Change Implementation

    Changes should not end at implementation. Ensure you define post-implementation activities (documentation, communication, training etc.) and a post-implementation review in case the change does not go according to plan.

    The image is a flowchart, illustrating the work process for change implementation and post-implementation review.

    For the full process, refer to the Change Management Process Library.

    2.2.2 Create a Normal Change Process

    Input

    • Current SOP/workflow library

    Output

    • Normal change process

    Materials

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board
    1. Gather representatives from the change management team.
    2. Using the examples shown on the previous few slides, work as a group to determine the workflow for a normal change, with particular attention to the following sub-processes:
      1. Request
      2. Assessment
      3. Plan
      4. Approve
      5. Implementation and Post-Implementation Activities
    3. Optionally, you may create variations of the workflow for minor, medium, and major changes (e.g. there will be fewer authorizations for minor changes).
    4. For further documentation, you may choose to run the SIPOC activity for your CAB as outlined on this slide.
    5. Document the resulting workflows in the Change Management Process Library and section 11 of your Change Management SOP.

    Download the Change Management Process Library.

    Identify and convert low-risk normal changes to pre-approved once the process is established

    As your process matures, begin creating a list of normal changes that might qualify for pre-approval. The most potential for value in gains from change management comes from re-engineering and automating of high-volume changes. Pre-approved changes should save you time without threatening the live environment.

    IT should flag changes they would like pre-approved:

    • Once your change management process is firmly established, hold a meeting with all staff that make change requests and build changes.
    • Run a training session detailing the traits of pre-approved changes and ask these individuals to identify changes that might qualify.
    • These changes should be submitted to the Change Manager and reviewed, with the help of the CAB, to decide whether or not they qualify for pre-approval.

    Pre-approved changes are not exempt from due diligence:

    • Once a change is designated as pre-approved, the deployment team should create and compile all relevant documentation:
      • An RFC detailing the change, dependencies, risk, and impact.
      • Detailed procedures and required resources.
      • Implementation and backout plan.
      • Test results.
    • When templating the RFC for pre-approved changes, aim to write the documentation as if another SME were to implement it. This reduces confusion, especially if there’s staff turnover.
    • The CAB must approve, sign off, and keep a record of all documents.
    • Pre-approved changes must still be documented and recorded in the CMDB and change log after each deployment.

    Info-Tech Best Practice

    At the beginning of a change management process, there should be few active pre-approved changes. However, prior to launch, you may have IT flag changes for conversion.

    Example process: Pre-Approved Change Process

    The image shows two horizontal flow charts, the first labelled Pre-Approval of Recurring RFC, and the second labelled Implementation of Child RFC.

    For the full process, refer to the Change Management Process Library.

    Review the pre-approved change list regularly to ensure the list of changes are still low-risk and repeatable.

    IT environments change. Don’t be caught by surprise.

    • Changes which were once low-risk and repeatable may cause unforeseen incidents if they are not reviewed regularly.
    • Dependencies change as the IT environment changes. Ensure that the changes on the pre-approved change list are still low-risk and repeatable, and that the documentation is up to date.
    • If dependencies have changed, then move the change back to the normal category for reassessment. It may be redesignated as a pre-approved change once the documentation is updated.

    Info-Tech Best Practice

    Other reasons for moving a pre-approved change back to the normal category is if the change led to an incident during implementation or if there was an issue during implementation.

    Seek new pre-approved change submissions. → Re-evaluate the pre-approved change list every 4-6 months.

    The image shows a horizontal flow chart, depicting the process for a pre-approved change list review.

    For the full process, refer to the Change Management Process Library.

    2.2.3 Create a Pre-Approved Change Process

    Input

    • Current SOP/workflow library

    Output

    • Pre-approved change process

    Materials

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board
    1. Gather representatives from the change management team.
    2. Using the examples shown on the previous few slides, work as a group to determine the workflow for a pre-approved change, with particular attention to the following sub-processes:
      1. Request
      2. Assessment
      3. Plan
      4. Approve
    3. Document the process of a converting a normal change to pre-approved. Include the steps from flagging a low-risk change to creating the related RFC template.
    4. Document the resulting workflows in the Change Management Process Library and sections 4.2 and 13 of your Change Management SOP.

    Reserve the emergency designation for real emergencies

    • Emergency changes have one of the following triggers:
      • A critical incident is impacting user productivity.
      • An imminent critical incident will impact user productivity.
    • Unless a critical incident is being resolved or prevented, the change should be categorized as normal.
    • An emergency change differs from a normal change in the following key aspects:
      • An emergency change is required to recover from a major outage – there must be a validated service desk critical incident ticket.
      • An urgent business requirement is not an “emergency.”
      • An RFC is created after the change is implemented and the outage is over.
      • A review by the full CAB occurs after the change is implemented.
      • The first responder and/or the person implementing the change may not be the subject matter expert for that system.
    • In all cases, an RFC must be created and the change must be reviewed by the full CAB. The review should occur within two business days of the event.
    Sample ChangeQuick CheckEmergency?
    Install the latest critical patches from the vendor. Are the patches required to resolve or prevent an imminent critical incident? No
    A virus or worm invades the network and a patch is needed to eliminate the threat. Is the patch required to resolve or prevent an imminent critical incident? Yes

    Info-Tech Best Practice

    Change requesters should be made aware that senior management will be informed if an emergency RFC is submitted inappropriately. Emergency requests trigger urgent CAB meetings, are riskier to deploy, and delay other changes waiting in the queue.

    Example process: Emergency Change Process

    The image is a flowchart depicting the process for an emergency change process

    When building your emergency change process, have your E-CAB protocol from activity 2.1.4 handy.

    • Focus on the following requirements for an emergency process:
      • E-CAB protocol and scope: Does the SME need authorization first before working on the change or can the SME proceed if no E-CAB members respond?
      • Documentation and communication to stakeholders and CAB after the emergency change is completed.
      • Input from incident management.

    For the full process, refer to the Change Management Process Library.

    2.2.4 Create an Emergency Change Process

    Input

    • Current SOP/workflow library

    Output

    • Emergency change process

    Materials

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board
    1. Gather representatives from the change management team.
    2. Using the examples shown on the previous few slides, work as a group to determine the workflow for an emergency change, with particular attention to the following sub-processes:
      1. Request
      2. Assessment
      3. Plan
      4. Approve
    3. Ensure that the E-CAB protocol from activity 2.1.4 is considered when building your process.
    4. Document the resulting workflows in the Change Management Process Library and section 12 of your Change Management SOP.

    Case Study (part 2 of 4)

    Intel implemented a robust change management process.

    Industry: Technology

    Source: Daniel Grove, Intel

    Challenge

    Founded in 1968, the world’s largest microchip and semiconductor company employs over 100,000 people. Intel manufactures processors for major players in the PC market including Apple, Lenovo, HP, and Dell.

    Intel IT supports over 65,000 servers, 3.2 petabytes of data, over 70,000 PCs, and 2.6 million emails per day.

    Intel’s change management program is responsible for over 4,000 changes each week.

    Solution

    Intel identified 37 different change processes and 25 change management systems of record with little integration.

    Software and infrastructure groups were also very siloed, and this no doubt contributed to the high number of changes that caused outages.

    The task was simple: standards needed to be put in place and communication had to improve.

    Results

    Once process ownership was assigned and the role of the Change Manager and CAB clarified, it was a simple task to streamline and simplify processes among groups.

    Intel designed a new, unified change management workflow that all groups would adopt.

    Automation was also brought into play to improve how RFCs were generated and submitted.

    Phase 3

    Define the RFC and Post-Implementation Activities

    Define Change Management

    1.1 Assess Maturity

    1.2 Categorize Changes and Build Your Risk Assessment

    Establish Roles and Workflows

    2.1 Determine Roles and Responsibilities

    2.2 Build Core Workflows

    Define the RFC and Post-Implementation Activities

    3.1 Design the RFC

    3.2 Establish Post-Implementation Activities

    Measure, Manage, and Maintain

    4.1 Identify Metrics and Build the Change Calendar

    4.2 Implement the Project

    This phase will guide you through the following activities:

    • Design the RFC
    • Establish Post-Implementation Activities

    This phase involves the following participants:

    • IT Director
    • Infrastructure Manager
    • Change Manager
    • Members of the Change Advisory Board

    Step 3.1

    Design the RFC

    Activities

    3.1.1 Evaluate Your Existing RFC Process

    3.1.2 Build the RFC Form

    Define the RFC and Post-Implementation Activities

    Step 3.1: Design the RFC

    Step 3.2: Establish Post-Implementation Activities

    This step involves the following participants:

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board

    Outcomes of this step

    • A full RFC template and process that compliments the workflows for the three change categories

    A request for change (RFC) should be submitted for every non-standard change

    An RFC should be submitted through the formal change management practice for every change that is not a standard, pre-approved change (a change which does not require submission to the change management practice).

    • The RFC should contain all the information required to approve a change. Some information will be recorded when the change request is first initiated, but not everything will be known at that time.
    • Further information can be added as the change progresses through its lifecycle.
    • The level of detail that goes into the RFC will vary depending on the type of change, the size, and the likely impact of the change.
    • Other details of the change may be recorded in other documents and referenced in the RFC.

    Info-Tech Insight

    Keep the RFC form simple, especially when first implementing change management, to encourage the adoption of and compliance with the process.

    RFCs should contain the following information, at a minimum:

    1. Contact information for requester
    2. Description of change
    3. References to external documentation
    4. Items to be changed, reason for the change, and impact of both implementing and not implementing the change
    5. Change type and category
    6. Priority and risk assessment
    7. Predicted time frame, resources, and cost
    8. Backout or remediation plan
    9. Proposed approvers
    10. Scheduled implementation time
    11. Communications plan and post-implementation review

    3.1.1 Evaluate Your Existing RFC Process

    Input

    • Current RFC form or stock ITSM RFC
    • Current SOP (if available)

    Output

    • List of changes to the current RFC form and RFC process

    Materials

    Participants

    • IT Director
    • Infrastructure Manager
    • Change Manager
    • Members of the Change Advisory Board
    1. If the organization is already using an RFC form, review it as a group now and discuss its contents:
      • Does this RFC provide adequate information for the Change Manager and/or CAB to review?
      • Should any additional fields be added?
    2. Show the participants Info-Tech’s Request for Change Form Template and compare it to the one the organization is currently using.
    3. As a group, finalize an RFC table of contents that will be used to formalize a new or improved RFC.
    4. Decide which fields should be filled out by the requester before the initial RFC is submitted to the Change Manager:
      • Many sections of the RFC are relevant for change assessment and review. What information does the Change Manager need when they first receive a request?
      • The Change Manager needs enough information to ensure that the change is in scope and has been properly categorized.
    5. Decide how the RFC form should be submitted and reviewed; this can be documented in section 5 of your Change Management SOP.

    Download the Request for Change Form Template.

    Design the RFC to encourage process buy-in

    • When building the RFC, split the form up into sections that follow the normal workflow (e.g. Intake, Assessment and Build, Approval, Implementation/PIR). This way the form walks the requester through what needs to be filled and when.
    • Revisit the form periodically and solicit feedback to continually improve the user experience. If there’s information missing on the RFC that the CAB would like to know, add the fields. If there are sections that are not used or not needed for documentation, remove them.
    • Make sure the user experience surrounding your RFC form is a top priority – make it accessible, otherwise change requesters simply will not use it.
    • Take advantage of your ITSM’s dropdown lists, automated notifications, CMDB integrations, and auto-generated fields to ease the process of filling the RFC

    Draft:

    • Change requester
    • Requested date of deployment
    • Change risk: low/medium/high
    • Risk assessment
    • Description of change
    • Reason for change
    • Change components

    Technical Build:

    • Assess change:
      • Dependencies
      • Business impact
      • SLA impact
      • Required resources
      • Query the CMS
    • Plan and test changes:
      • Test plan
      • Test results
      • Implementation plan
      • Backout plan
      • Backout plan test results

    CAB:

    • Approve and schedule changes:
      • Final CAB review
      • Communications plan

    Complete:

    • Deploy changes:
      • Post-implementation review

    Designing your RFC: RFC draft

    • Change requester – link your change module to the active directory to pull the change requester’s contact information automatically to save time.
    • A requested date of deployment gives approvers information on timeline and can be used to query the change calendar for possible conflicts
    • Information about risk assessment based on impact and likelihood questionnaires are quick to fill out but provide a lot of information to the CAB. The risk assessment may not be complete at the draft stage but can be updated as the change is built. Ensure this field is up-to- date before it reaches CAB.
    • If you have a technical review stage where changes are directed to the proper workflow and resourcing is assessed, the description, reason, and change components are high-level descriptors of the change that will aid in discovery and lining the change up with the business vision (viability from both a technical and business standpoint).
    • Change requester
    • Requested date of deployment
    • Change Risk: low/medium/high
    • Risk assessment
    • Description of change
    • Reason for change
    • Change components

    Use the RFC to point to documentation already gathered in the DevOps lifecycle to cut down on unnecessary manual work while maintaining compliance.

    Designing your RFC: technical build

    • Dependencies and CMDB query, along with the proposed implementation date, are included to aid in calendar deconfliction and change scheduling. If there’s a conflict, it’s easier to reschedule the proposed change early in the lifecycle.
    • Business, SLA impact, and required resources can be tracked to provide the CAB with information on the business resources required. This can also be used to prioritize the change if conflicts arise.
    • Implementation, test, and backout plans must be included and assessed to increase the probability that a change will be implemented without failure. It’s also useful in the case of PIRs to determine root causes of change-related incidents.
    • Assess change:
      • Dependencies
      • Business impact
      • SLA impact
      • Required resources
      • Query the CMS
    • Plan and test changes:
      • Test plan
      • Test results
      • Implementation plan
      • Backout plan
      • Backout plan test results

    Designing your RFC: approval and deployment

    • Documenting approval, rejection, and rescheduling gives the change requester the go-ahead to proceed with the change, rationale on why it was prioritized lower than another change (rescheduled), or rationale on rejection.
    • Communications plans for appropriate stakeholders can also be modified and forwarded to the communications team (e.g. service desk or business system owners) before deployment.
    • Post-implementation activities and reviews can be conducted if need be before a change is closed. The PIR, if filled out, should then be appended to any subsequent changes of the same nature to avoid making the same mistake twice.
    • Approve and schedule changes:
      • Final CAB review
      • Communications plan
    • Deploy changes:
      • Post-implementation review

    Standardize the request for change protocol

    1. Submission Standards
      • Electronic submission will make it easier for CAB members to review the documentation.
      • As the change goes through the assessment, plan, and test phase, new documentation (assessments, backout plans, test results, etc.) can be attached to the digital RFC for review by CAB members prior to the CAB meeting.
      • Change management software won’t be necessary to facilitate the RFC submission and review; a content repository system, such as SharePoint, will suffice.
    2. Designate the first control point
      • All RFCs should be submitted to a single point of contact.
      • Ideally, the Change Manager or Technical Review Board should fill this role.
      • Whoever is tasked with this role needs the subject matter expertise to ensure that the change has been categorized correctly, to reject out-of-scope requests, or to ask that missing information be provided before the RFC moves through the full change management practice.

    Info-Tech Best Practice

    Technical and SME contacts should be noted in each RFC so they can be easily consulted during the RFC review.

    3.1.2 Build the RFC Form

    Input

    • Current RFC form or stock ITSM RFC
    • Current SOP (if available)

    Output

    • List of changes to the current RFC and RFC process

    Materials

    Participants

    • IT Director
    • Infrastructure Manager
    • Change Manager
    • Members of the Change Advisory Board
    1. Use Info-Tech’s Request for Change Form Template as a basis for your RFC form.
    2. Use this template to standardize your change request process and ensure that the appropriate information is documented effectively each time a request is made. The change requester and Change Manager should consolidate all information associated with a given change request in this form. This form will be submitted by the change requester and reviewed by the Change Manager.

    Case Study (part 3 of 4)

    Intel implemented automated RFC form generation.

    Industry: Technology

    Source: Daniel Grove, Intel

    Challenge

    Founded in 1968, the world’s largest microchip and semiconductor company employs over 100,000 people. Intel manufactures processors for major players in the PC market including Apple, Lenovo, HP, and Dell.

    Intel IT supports over 65,000 servers, 3.2 petabytes of data, over 70,000 PCs, and 2.6 million emails per day.

    Intel’s change management program is responsible for over 4,000 changes each week.

    Solution

    One of the crucial factors that was impacting Intel’s change management efficiency was a cumbersome RFC process.

    A lack of RFC usage was contributing to increased ad hoc changes being put through the CAB, and rescheduled changes were quite high.

    Additionally, ad hoc changes were also contributing heavily to unscheduled downtime within the organization.

    Results

    Intel designed and implemented an automated RFC form generator to encourage end users to increase RFC usage.

    As we’ve seen with RFC form design, the UX/UI of the form needs to be top notch, otherwise end users will simply circumvent the process. This will contribute to the problems you are seeking to correct.

    Thanks to increased RFC usage, Intel decreased emergency changes by 50% and reduced change-caused unscheduled downtime by 82%.

    Step 3.2

    Establish Post-Implementation Activities

    Activities

    3.2.1 Determine When the CAB Would Reject Tested Changes

    3.2.2 Create a Post-Implementation Activity Checklist

    Define the RFC and Post-Implementation Activities

    Step 3.1: Design RFC

    Step 3.2: Establish Post-Implementation Activities

    This step involves the following participants:

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board

    Outcomes of this step

    • A formalized post-implementation process for continual improvement

    Why would the CAB reject a change that has been properly assessed and tested?

    Possible reasons the CAB would reject a change include:

    • The product being changed is approaching its end of life.
    • The change is too costly.
    • The timing of the change conflicts with other changes.
    • There could be compliance issues.
    • The change is actually a project.
    • The risk is too high.
    • There could be regulatory issues.
    • The peripherals (test, backout, communication, and training plans) are incomplete.

    Info-Tech Best Practice

    Many reasons for rejection (listed above) can be caught early on in the process during the technical review or change build portion of the change. The earlier you catch these reasons for rejection, the less wasted effort there will be per change.

    Sample RFCReason for CAP Rejection
    There was a request for an update to a system that a legacy application depends on and only a specific area of the business was aware of the dependency. The CAB rejects it due to the downstream impact.
    There was a request for an update to a non-supported application, and the vendor was asking for a premium support contract that is very costly. It’s too expensive to implement, despite the need for it. The CAB will wait for an upgrade to a new application.
    There was a request to update application functionality to a beta release. The risk outweighs the business benefits.

    Determine When the CAB Would Reject Tested Changes

    Input

    • Current SOP (if available)

    Output

    • List of reasons to reject tested changes

    Materials

    • Whiteboard/flip charts (or shared screen if working remotely)
    • Projector
    • Markers/pens
    • Laptop with ITSM admin access
    • Project Summary Template

    Participants

    • IT Director
    • Infrastructure Manager
    • Change Manager
    • Members of the Change Advisory Board

    Avoid hand-offs to ensure a smooth implementation process

    The implementation phase is the final checkpoint before releasing the new change into your live environment. Once the final checks have been made to the change, it’s paramount that teams work together to transition the change effectively rather than doing an abrupt hand-off. This could cause a potential outage.

    1.

    • Deployment resources identified, allocated, and scheduled
    • Documentation complete
    • Support team trained
    • Users trained
    • Business sign-off
    • Target systems identified and ready to receive changes
    • Target systems available for installation maintenance window scheduled
    • Technical checks:
      • Disk space available
      • Pre-requisites met
      • Components/Services to be updated are stopped
      • All users disconnected
    • Download Info-Tech’sChange Management Pre-Implementation Checklist

    Implement change →

    2.

    1. Verification – once the change has been implemented, verify that all requirements are fulfilled.
    2. Review – ensure that all affected systems and applications are operating as predicted. Update change log.
    3. Transition – a crucial phase of implementation that’s often overlooked. Once the change implementation is complete from a technical point of view, it’s imperative that the team involved with the change inform and train the group responsible for managing the new change.

    Create a backout plan to reduce the risk of a failed change

    Every change process needs to plan for the potential for failure and how to address it effectively. Change management’s solution to this problem is a backout plan.

    A backout plan needs to contain a record of the steps that need to be taken to restore the live environment back to its previous state and maintain business continuity. A good backout plan asks the following questions:

    1. How will failure be determined? Who will make the determination to back out of a change be made and when?
    2. Do we fix on fail or do we rollback to the previous configuration?
    3. Is the service desk aware of the impending change? Do they have proper training?

    Notify the Service Desk

    • Notify the Service Desk about backout plan initiation.

    Disable Access

    • Disable user access to affected system(s).

    Conduct Checks

    • Conduct checks to all affected components.

    Enable User Access

    • Enable user access to affected systems.

    Notify the Service Desk

    • Notify the service desk that the backout plan was successful.

    Info-Tech Best Practice

    As part of the backout plan, consider the turnback point in the change window. That is, the point within the change window where you still have time to fully back out of the change.

    Ensure the following post-implementation review activities are completed

    Service Catalog

    Update the service catalog with new information as a result of the implemented change.

    CMDB

    Update new dependencies present as a result of the new change.

    Asset DB

    Add notes about any assets newly affected by changes.

    Architecture Map

    Update your map based on the new change.

    Technical Documentation

    Update your technical documentation to reflect the changes present because of the new change.

    Training Documentation

    Update your training documentation to reflect any information about how users interact with the change.

    Use a post-implementation review process to promote continual improvement

    The post-implementation review (PIR) is the most neglected change management activity.

    • All changes should be reviewed to understand the reason behind them, appropriateness, and recommendations for next steps.
    • The Change Manager manages the completion of information PIRs and invites RFC originators to present their findings and document the lessons learned.

    Info-Tech Best Practice

    Review PIR reports at CAB meetings to highlight the root causes of issues, action items to close identified gaps, and back-up documentation required. Attach the PIR report to the relevant RFC to prevent similar changes from facing the same issues in the future.

    1. Why do a post-implementation review?
      • Changes that don’t fail but don’t perform well are rarely reviewed.
      • Changes may fail subtly and still need review.
      • Changes that cause serious failures (i.e. unplanned downtime) receive analysis that is unnecessarily in-depth.
    2. What are the benefits?
      • A proactive, post-implementation review actually uses less resources than reactionary change reviews.
      • Root-cause analysis of failed changes, no matter what the impact.
      • Insight into changes that took longer than projected.
      • Identification of previously unidentified risks affecting changes.

    Determine the strategy for your PIR to establish a standardized process

    Capture the details of your PIR process in a table similar to the one below.

    Frequency Part of weekly review (IT team meeting)
    Participants
    • Change Manager
    • Originator
    • SME/supervisor/impacted team(s)

    Categories under review

    Current deviations and action items from previous PIR:

    • Complete
    • Partially complete
    • Complete, late
    • Change failed, rollback succeeded
    • Change failed, rollback failed
    • Major deviation from implementation plan
    Output
    • Root cause or failure or deviation
    • External factors
    • Remediation focus areas
    • Remediation timeline (follow-up at appropriate time)
    Controls
    • Reviewed at next CAB meeting
    • RFC close is dependent on completion of PIR
    • Share with the rest of the technical team
    • Lessons learned stored in the knowledgebase and attached to RFC for easy search of past issues.

    3.2.2 Create a Post-Implementation Activity Checklist

    Input

    • Current SOP (if available)

    Output

    • List of reasons to reject tested changes

    Materials

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board
    1. Gather representatives from the change management team.
    2. Brainstorm duties to perform following the deployment of a change. Below is a sample list:
      • Example:
        • Was the deployment successful?
          • If no, was the backout plan executed successfully?
        • List change-related incidents
        • Change assessment
          • Missed dependencies
          • Inaccurate business impact
          • Incorrect SLA impact
          • Inaccurate resources
            • Time
            • Staff
            • Hardware
        • System testing
        • Integration testing
        • User acceptance testing
        • No backout plan
        • Backout plan failure
        • Deployment issues
    3. Record your results in the Change Management Post-Implementation Checklist.

    Download the Change Management Post-Implementation Checklist

    Case Study

    Microsoft used post-implementation review activities to mitigate the risk of a critical Azure outage.

    Industry: Technology

    Source: Jason Zander, Microsoft

    Challenge

    In November 2014, Microsoft deployed a change intended to improve Azure storage performance by reducing CPU footprint of the Azure Table Front-Ends.

    The deployment method was an incremental approach called “flighting,” where software and configuration deployments are deployed incrementally to Azure infrastructure in small batches.

    Unfortunately, this software deployment caused a service interruption in multiple regions.

    Solution

    Before the software was deployed, Microsoft engineers followed proper protocol by testing the proposed update. All test results pointed to a successful implementation.

    Unfortunately, engineers pushed the change out to the entire infrastructure instead of adhering to the traditional flighting protocol.

    Additionally, the configuration switch was incorrectly enabled for the Azure Blob storage Front-Ends.

    A combination of the two mistakes exposed a bug that caused the outage.

    Results

    Thankfully, Microsoft had a backout plan. Within 30 minutes, the change was rolled back on a global scale.

    It was determined that policy enforcement was not integrated across the deployment system. An update to the system shifted the process of policy enforcement from human-based decisions and protocol to automation via the deployment platform.

    Defined PIR activities enabled Microsoft to take swift action against the outage and mitigate the risk of a serious outage.

    Phase 4

    Measure, Manage, and Maintain

    Define Change Management

    1.1 Assess Maturity

    1.2 Categorize Changes and Build Risk Assessment

    Establish Roles and Workflows

    2.1 Determine Roles and Responsibilities

    2.2 Build Core Workflows

    Define RFC and Post-Implementation Activities

    3.1 Design RFC

    3.2 Establish post-implementation activities

    Measure, Manage, and Maintain

    4.1 Identify Metrics and Build the Change Calendar

    4.2 Implement the Project

    This phase will guide you through the following activities:

    • Identify Metrics and Build the Change Calendar
    • Implement the Project

    This phase involves the following participants:

    • CIO/IT Director
    • IT Managers
    • Change Manager

    Step 4.1

    Identify Metrics and Build the Change Calendar

    Activities

    4.1.1 Create an Outline for Your Change Calendar

    4.1.2 Determine Metrics, Key Performance Indicators (KPIs), and Critical Success Factors (CSFs)

    4.1.3 Track and Record Metrics Using the Change Management Metrics Tool

    Measure, Manage, and Maintain

    Step 4.1: Identify Metrics and Build the Change Calendar

    Step 4.2: Implement the Project

    This step involves the following participants:

    • CIO/IT Director
    • IT Managers
    • Change Manager

    Outcomes of this step

    • Clear definitions of change calendar content
    • Guidelines for change calendar scheduling
    • Defined metrics to measure the success of change management with associated reports, KPIs, and CSFs

    Enforce a standard method of prioritizing and scheduling changes

    The impact of not deploying the change and the benefit of deploying it should determine its priority.

    Risk of Not Deploying

    • What is the urgency of the change?
    • What is the risk to the organization if the change is not deployed right away?
    • Will there be any lost productivity, service disruptions, or missed critical business opportunities?
      • Timing
        • Does the proposed timing work with the approved changes already on the change schedule?
        • Has the change been clash checked so there are no potential conflicts over services or resources?
      • Once prioritized, a final deployment date should be set by the CAB. Check the change calendar first to avoid conflicts.

    Positive Impact of Deployment

    • What benefits will be realized once the change is deployed?
    • How significant is the opportunity that triggered the change?
    • Will the change lead to a positive business outcome (e.g. increased sales)?

    “The one who has more clout or authority is usually the one who gets changes scheduled in the time frame they desire, but you should really be evaluating the impact to the organization. We looked at the risk to the business of not doing the change, and that’s a good way of determining the criticality and urgency of that change.” – Joseph Sgandurra, Director, Service Delivery, Navantis

    Info-Tech Insight

    Avoid a culture where powerful stakeholders are able to push change deployment on an ad hoc basis. Give the CAB the full authority to make approval decisions based on urgency, impact, cost, and availability of resources.

    Develop a change schedule to formalize the planning process

    A change calendar will help the CAB schedule changes more effectively and increase visibility into upcoming changes across the organization.

    1. Establish change windows in a consistent change schedule:
      • Compile a list of business units that would benefit from a change.
      • Look for conflicts in the change schedule.
      • Avoid scheduling two or more major business units in a day.
      • Consider clients when building your change windows and change schedule.
    2. Gain commitments from key participants:
      • These individuals can confirm if there are any unusual or cyclical business requirements that will impact the schedule.
    3. Properly control your change calendar to improve change efficiency:
      • Look at the proposed start and end times: Are they sensible? Does the implementation window leave time for anything going wrong or needing to roll back the change?
      • Special considerations: Are there special circumstances that need to be considered? Ask the business if you don’t know.
      • The key principle is to have a sufficient window available for implementing changes so you only need to set up calendar freezes for sound business or technical reasons.

    Our mantra is to put it on the calendar. Even if it’s a preapproved change and doesn’t need a vote, having it on the calendar helps with visibility. The calendar is the one-stop shop for scheduling and identifying change dependencies.“ – Wil Clark, Director of Service and Performance Management, University of North Texas Systems

    Provide clear definitions of what goes on the change calendar and who’s responsible

    Roles

    • The Change Manager will be responsible for creating and maintaining a change calendar.
    • Only the Change Manager can physically alter the calendar by adding a new change after the CAB has agreed upon a deployment date.
    • All other CAB members, IT support staff, and other impacted stakeholders should have access to the calendar on a read-only basis to prevent people from making unauthorized changes to deployment dates.

    Inputs

    • Freeze periods for individual business departments/applications (e.g. finance month-end periods, HR payroll cycle, etc. – all to be investigated).
    • Maintenance windows and planned outage periods.
    • Project schedules, and upcoming major/medium changes.
    • Holidays.
    • Business hours (some departments work 9-5, others work different hours or in different time zones, and user acceptance testing may require business users to be available).

    Guidelines

    • Business-defined freeze periods are the top priority.
    • No major or medium normal changes should occur during the week between Christmas and New Year’s Day.
    • Vendor SLA support hours are the preferred time for implementing changes.
    • The vacation calendar for IT will be considered for major changes.
    • Change priority: High > Medium > Low.
    • Minor changes and preapproved changes have the same priority and will be decided on a case-by-case basis.

    The change calendar is a critical pre-requisite to change management in DevOps. Use the calendar to be proactive with proposed implementation dates and deconfliction before the change is finished.

    4.1.1 Create Guidelines for Your Change Calendar

    Input

    • Current change calendar guidelines

    Output

    • Change calendar inputs and schedule checklist

    Materials

    Participants

    • Change Manager
    • Members of the Change Advisory Board
    • Service Desk Manager
    • Operations (optional)
    1. Gather representatives from the change management team.
      • Example:
        • The change calendar/schedule includes:
          • Approved and scheduled normal changes.
          • Scheduled project work.
          • Scheduled maintenance windows.
          • Change freeze periods with affected users noted:
            • Daily/weekly freeze periods.
            • Monthly freeze periods.
            • Annual freeze periods.
            • Other critical business events.
    2. Create a checklist to run through before each change is scheduled:
      • Check the schedule and assess resource availability:
        • Will user productivity be impacted?
        • Are there available resources (people and systems) to implement the change?
        • Is the vendor available? Is there a significant cost attached to pushing change deployment before the regularly scheduled refresh?
        • Are there dependencies? Does the deployment of one change depend on the earlier deployment of another?
    3. Record your results in your Project Summary Template.

    Start measuring the success of your change management project using three key metrics

    Number of change-related incidents that occur each month

    • Each month, record the number of incidents that can be directly linked to a change. This can be done using an ITSM tool or manually by service desk staff.
    • This is a key success metric: if you are not tracking change-related incidents yet, start doing so as soon as possible. This is the metric that the CIO and business stakeholders will be most interested in because it impacts users directly.

    Number of unauthorized changes applied each month

    • Each month, record the number of changes applied without approval. This is the best way to measure adherence to the process.
    • If this number decreases, it demonstrates a reduction in risk, as more changes are formally assessed and approved before being deployed.

    Percentage of emergency changes

    • Each month, compare the number of emergency change requests to the total number of change requests.
    • Change requesters often designate changes as emergencies as a way of bypassing the process.
    • A reduction in emergency changes demonstrates that your process is operating smoothly and reduces the risk of deploying changes that have not been properly tested.

    Info-Tech Insight

    Start simple. Metrics can be difficult to tackle if you’re starting from scratch. While implementing your change management practice, use these three metrics as a starting point, since they correlate well with the success of change management overall. The following few slides provide more insight into creating metrics for your change process.

    If you want more insight into your change process, measure the progress of each step in change management with metrics

    Improve

    • Number of repeat failures (i.e. making the same mistake twice)
    • Number of changes converted to pre-approved
    • Number of changes converted from pre-approved back to normal

    Request

    • What percentage of change requests have errors or lack appropriate support?
    • What percentage of change requests are actually projects, service requests, or operational tasks?
    • What percentage of changes have been requested before (i.e. documented)?

    Assess

    • What percentage of change requests are out of scope?
    • What percentage of changes have been requested before (i.e. documented)?
    • What are the percentages of changes by category (normal, pre-approved, emergency)?

    Plan

    • What percentage of change requests are reviewed by the CAB that should have been pre-approved or emergency (i.e. what percentage of changes are in the wrong category)?

    Approve

    • Number of changes broken down by department (business unit/IT department to be used in making core/optional CAB membership more efficient)
    • Number of workflows that can be automated

    Implement

    • Number of changes completed on schedule
    • Number of changes rolled back
    • What percentage of changes caused an incident?

    Use metrics to inform project KPIs and CSFs

    Leverage the metrics from the last slide and convert them to data communicable to IT, management, and leadership

    • To provide value, metrics and measurements must be actionable. What actions can be taken as a result of the data being presented?
    • If the metrics are not actionable, there is no value and you should question the use of the metric.
    • Data points in isolation are mostly meaningless to inform action. Observe trends in your metrics to inform your decisions.
    • Using a framework to develop measurements and metrics provides a defined methodology that enables a mapping of base measurements through CSFs.
    • Establishing the relationship increases the value that measurements provide.

    Purposely use SDLC and change lifecycle metrics to find bottlenecks and automation candidates.

    Metrics:

    Metrics are easily measured datapoints that can be pulled from your change management tool. Examples: Number of changes implemented, number of changes without incident.

    KPIs:

    Key Performance Indicators are metrics presented in a way that is easily digestible by stakeholders in IT. Examples: Change efficiency, quality of changes.

    CSFs:

    Critical Success Factors are measures of the business success of change management taken by correlating the CSF with multiple KPIs. Examples: consistent and efficient change management process, a change process mapped to business needs

    List in-scope metrics and reports and align them to benefits

    Metric/Report (by team)Benefit
    Total number of RFCs and percentages by category (pre-approved, normal, emergency, escalated support, expedited)
    • Understand change management activity
    • Tracking maturity growth
    • Identifying “hot spots”
    Pre-approved change list (and additions/removals from the list) Workload and process streamlining (i.e. reduce “red tape” wherever possible)
    Average time between RFC lifecycle stages (by service/application) Advance planning for proposed changes
    Number of changes by service/application/hardware class
    • Identifying weaknesses in the architecture
    • Vendor-specific TCO calculations
    Change triggers Business- vs. IT-initiated change
    Number of RFCs by lifecycle stage Workload planning
    List of incidents related to changes Visible failures of the CM process
    Percentage of RFCs with a tested backout/validation plan Completeness of change planning
    List of expedited changes Spotlighting poor planning and reducing the need for this category going forward (“The Hall of Shame”)
    CAB approval rate Change coordinator alignment with CAB priorities – low approval rate indicates need to tighten gatekeeping by the change coordinator
    Calendar of changes Planning

    4.1.2 Determine Metrics, Key Performance Indicators (KPIs), and Critical Success Factors (CSFs)

    Input

    • Current metrics

    Output

    • List of trackable metrics, KPIs and CSFs

    Materials

    Participants

    • Change Manager
    • Members of the Change Advisory Board
    • Service Desk Manager
    • Operations (optional)
    1. Draw three tables for metrics, KPIs, and CSFs.
    2. Starting with the CSF table, fill in all relevant CSFs that your group wishes to track and measure.
    3. Next, work to determine relevant KPIs correlated with the CSFs and metrics needed to measure the KPIs. Use the tables included below (taken from section 14 of the Change Management SOP) to guide the process.
    4. Record the results in the tables in section 14 of your Change Management SOP.
    5. Decide on where and when to review the metrics to discuss your change management strategy. Designate and owner and record in the RACI and Communications section of your Change Management SOP.
    Ref #Metric

    M1

    Number of changes implemented for a time period
    M2 Number of changes successfully implemented for a time period
    M3 Number of changes implemented causing incidents
    M4 Number of accepted known errors when change is implemented
    M5 Total days for a change build (specific to each change)
    M6 Number of changes rescheduled
    M7 Number of training questions received following a change
    Ref#KPIProduct
    K1 Successful changes for a period of time (approach 100%) M2 / M1 x 100%
    K2 Changes causing incidents (approach 0%) M3 / M1 x 100%
    K3 Average days to implement a change ΣM5 / M1
    K4 Change efficiency (approach 100%) [1 - (M6 / M1)] x 100%
    K5 Quality of changes being implemented (approach 100%) [1 - (M4 / M1)] x 100%
    K6 Change training efficiency (approach 100%) [1 - (M7 / M1)] x 100%
    Ref#CSFIndicator
    C1 Successful change management process producing quality changes K1, K5
    C2 Consistent efficient change process K4, K6
    C3 Change process maps to business needs K5, K6

    Measure changes in selected metrics to evaluate success

    Once you have implemented a standardized change management practice, your team’s goal should be to improve the process, year over year.

    • After a process change has been implemented, it’s important to regularly monitor and evaluate the CSFs, KPIs, and metrics you chose to evaluate. Examine whether the process change you implemented has actually resolved the issue or achieved the goal of the critical success factor.
    • Establish a schedule for regularly reviewing the key metrics. Assess changes in those metrics and determine progress toward reaching objectives.
    • In addition to reviewing CSFs, KPIs, and metrics, check in with the release management team and end users to measure their perceptions of the change management process once an appropriate amount of time has passed.
    • Ensure that metrics are telling the whole story and that reporting is honest in order to be informative.

    Outcomes of standardizing change management should include:

    1. Improved efficiency, effectiveness, and quality of changes.
    2. Changes and processes are more aligned with the business needs and strategy.
    3. Improved maturity of change processes.

    Info-Tech Best Practice

    Make sure you’re measuring the right things and considering all sources of information. It’s very easy to put yourself in a position where you’re congratulating yourselves for improving on a specific metric such as number of releases per month, but satisfaction remains low.

    4.1.3 Track and Record Metrics Using the Change Management Metrics Tool

    Input

    • Current metrics

    Output

    • List of trackable metrics, KPIs and CSFs to be observed over the length of a year

    Materials

    Participants

    • Change Manager
    • Members of the Change Advisory Board
    • Service Desk Manager
    • Operations (optional)

    Tracking the progress of metrics is paramount to the success of any change management process. Use Info-Tech’s Change Management Metrics Tool to record metrics and track your progress. This tool is intended to be a substitute for organizations who do not have the capability to track change-related metrics in their ITSM tool.

    1. Input metrics from the previous activity to track over the course of a year.
    2. To record your metrics, open the tool and go to tab 2. The tool is currently primed to record and track five metrics. If you need more than that, you can edit the list in the hidden calculations tab.
    3. To see the progress of your metrics, move to tab 3 to view a dashboard of all metrics in the tool.

    Download the Change Management Metrics Tool

    Case Study

    A federal credit union was able to track maturity growth through the proper use of metrics.

    Industry: Federal Credit Union (anonymous)

    Source: Info-Tech Workshop

    Challenge

    At this federal credit union, the VP of IT wanted a tight set of metrics to engage with the business, communicate within IT, enable performance management of staff, and provide visibility into workload demands, among other requirements.

    The organization was suffering from “metrics fatigue,” with multiple reports being generated from all groups within IT, to the point that weekly/monthly reports were being seen as spam.

    Solution

    Stakeholders were provided with an overview of change management benefits and were asked to identify one key attribute that would be useful to their specific needs.

    Metrics were designed around the stakeholder needs, piloted with each stakeholder group, fine-tuned, and rolled out.

    Some metrics could not be automated off-the-shelf and were rolled out in a manual fashion. These metrics were subsequently automated and finally made available through a dashboard.

    Results

    The business received clear guidance regarding estimated times to implement changes across different elements of the environment.

    The IT managers were able to plan team workloads with visibility into upstream change activity.

    Architects were able to identify vendors and systems that were the leading source of instability.

    The VP of IT was able to track the maturity growth of the change management process and proactively engage with the business on identified hot spots.

    Step 4.2

    Implement the Project

    Activities

    4.2.1 Use a Communications Plan to Gain End User Buy-In

    4.2.2 Create a Project Roadmap to Track Your Implementation Progress

    Measure, Manage, and Maintain

    Step 4.1: Identify Metrics and Build the Change Calendar

    Step 3.2: Implement the Project

    This step involves the following participants:

    • CIO/IT Director
    • IT Managers
    • Change Manager

    Outcomes of this step

    • A communications plan for key messages to communicate to relevant stakeholders and audiences
    • A roadmap with assigned action items to implement change management

    Success of the new process will depend on introducing change and gaining acceptance

    Change management provides value by promptly evaluating and delivering changes required by the business and by minimizing disruption and rework caused by failed changes. Communication of your new change management process is key. If people do not understand the what and why, it will fail to provide the desired value.

    Info-Tech Best Practice

    Gather feedback from end users about the new process: if the process is too bureaucratic, end users are more likely to circumvent it.

    Main Challenges with Communication

    • Many people fail before they even start because they are buried in a mess created before they arrived – either because of a failed attempt to get change management implemented or due to a complicated system that has always existed.
    • Many systems are maintained because “that’s the way it’s always been done.”
    • Organizations don’t know where to start; they think change management is too complex a process.
    • Each group needs to follow the same procedure – groups often have their own processes, but if they don’t agree with one another, this could cause an outage.

    Educate affected stakeholders to prepare for organizational change

    An organizational change management plan should be part of your change management project.

    • Educate stakeholders about:
      • The process change (describe it in a way that the user can understand and is clear and concise).
        • IT changes will be handled in a standardized and repeatable fashion to minimize change-related incidents.
      • Who is impacted?
        • All users.
      • How are they impacted?
        • All change requests will be made using a standard form and will not be deployed until formal approval is received.
      • Change messaging.
        • How to communicate the change (benefits).
      • Learning and development – training your users on the change.
        • Develop and deliver training session on the Change Management SOP to familiarize users with this new method of handling IT change.

    Host a lunch-and-learn session

    • For the initial deployment, host a lunch-and-learn session to educate the business on the change management practice. Relevant stakeholders of affected departments should host it and cover the following topics:
    • What is change management (change management/change control)?
    • The value of change management.
    • What the Change Management SOP looks like.
    • Who is involved in the change management process (the CAB, etc.)?
    • What constitutes a pre-approved change and an emergency change?
    • An overview of the process, including how to avoid unauthorized changes.
    • Who should they contact in case of questions?

    Communicate the new process to all affected stakeholders

    Do not surprise users or support staff with changes. This will result in lost productivity and low satisfaction with IT services.

    • User groups and the business need to be given sufficient notice of an impending change.
    • This will allow them to make appropriate plans to accept the change, minimizing the impact of the change on productivity.
    • A communications plan will be documented in the RFC while the release is being built and tested.
    • It’s the responsibility of the change team to execute on the communications plan.

    Info-Tech Insight

    The success of change communication can be measured by monitoring the number of service desk tickets related to a change that was not communicated to users.

    Communication is crucial to the integration and overall implementation of your change management initiative. An effective communications plan will:

    • Gain support from management at the project proposal phase.
    • Create end-user buy-in once the program is set to launch.
    • Maintain the presence of the program throughout the business.
    • Instill ownership throughout the business from top-level management to new hires.

    Create your communications plan to anticipate challenges, remove obstacles, and ensure buy-in

    Management

    Technicians

    Business Stakeholders

    Provide separate communications to key stakeholder groups

    Why? What problems are you trying to solve?

    What? What processes will it affect (that will affect me)?

    Who? Who will be affected? Who do I go to if I have issues with the new process?

    When? When will this be happening? When will it affect me?

    How? How will these changes manifest themselves?

    Goal? What is the final goal? How will it benefit me?

    Info-Tech Insight

    Pay close attention to the medium of communication. For example, stakeholders on their feet all day would not be as receptive to an email communication compared to those who primarily work in front of a computer. Put yourself into various stakeholders’ shoes to craft a tailored communication of change management.

    4.2.1 Use a Communications Plan to Gain End User Buy-In

    Input

    • List of stakeholder groups for change management

    Output

    • Tailored communications plans for various stakeholder groups

    Materials

    Participants

    • Change Manager
    • Members of the Change Advisory Board
    • Service Desk Manager
    • Operations (optional)
    1. Using Info-Tech’s Change Management Communications Plan, identify key audiences or stakeholder groups that will be affected by the new change management practice.
    2. For each group requiring a communications plan, identify the following:
      • The benefits for that group of individuals.
      • The impact the change will have on them.
      • The best communication method(s) for them.
      • The time frame of the communication.
    3. Complete this information in a table like the one below:
    GroupBenefitsImpactMethodTimeline
    IT Standardized change process All changes must be reviewed and approved Poster campaign 6 months
    End Users Decreased wait time for changes Formal process for RFCs Lunch-and-learn sessions 3 months
    Business Reduced outages Increased involvement in planning and approvals Monthly reports 1 year
    1. Discuss the communications plan:
      • Will this plan ensure that users are given adequate opportunities to accept the changes being deployed?
      • Is the message appropriate for each audience? Is the format appropriate for each audience?
      • Does the communication include training where necessary to help users adopt any new functions/workflows being introduced?

    Download the Change Management Communications Plan

    Present your SOP to key stakeholders and obtain their approval

    Now that you have completed your Change Management SOP, the final step is to get sign-off from senior management to begin the rollout process.

    Know your audience:

    • Determine the service management stakeholders who will be included in the audience for your presentation.
    • You want your presentation to be succinct and hard hitting. Management’s time is tight and they will lose interest if you drag out the delivery.
    • Briefly speak about the need for more formal change management and emphasize the benefits of implementing a more formal process with a SOP.
    • Present your current state assessment results to provide context before presenting the SOP itself.
    • As with any other foundational activity, be prepared with some quick wins to gain executive attention.
    • Be prepared to review with both technical and less technical stakeholders.

    Info-Tech Insight

    The support of senior executive stakeholders is critical to the success of your SOP rollout. Try to wow them with project benefits and make sure they know about the risks/pain points.

    Download the Change Management Project Summary Template

    4.2.2 Create a Project Roadmap to Track Your Implementation Progress

    Input

    • List of implementation tasks

    Output

    • Roadmap and timeline for change management implementation

    Materials

    Participants

    • Change Manager
    • Members of the Change Advisory Board
    • Service Desk Manager
    • Operations (optional)
    1. Info-Tech’s Change Management Roadmap Tool helps you identify and prioritize tasks that need to be completed for the change management implementation project.
    2. Use this tool to identify each action item that will need to be completed as part of the change management initiative. Chart each action item, assign an owner, define the duration, and set a completion date.
    3. Use the resulting rocket diagram as a guide to task completion as you work toward your future state.

    Download the Change Management Roadmap Tool

    Case Study (part 4 of 4)

    Intel implemented a robust change management process.

    Industry: Technology

    Source: Daniel Grove, Intel

    Challenge

    Founded in 1968, the world’s largest microchip and semiconductor company employs over 100,000 people. Intel manufactures processors for major players in the PC market including Apple, Lenovo, HP, and Dell.

    Intel IT supports over 65,000 servers, 3.2 petabytes of data, over 70,000 PCs, and 2.6 million emails per day.

    Intel’s change management program is responsible for over 4,000 changes each week.

    Solution

    Intel had its new change management program in place and the early milestones planned, but one key challenge with any new project is communication.

    The company also needed to navigate the simplification of a previously complex process; end users could be familiar with any of the 37 different change processes or 25 different change management systems of record.

    Top-level buy-in was another concern.

    Results

    Intel first communicated the process changes by publishing the vision and strategy for the project with top management sponsorship.

    The CIO published all of the new change policies, which were supported by the Change Governance Council.

    Intel cited the reason for success as the designation of a Policy and Guidance Council – a group designed to own communication and enforcement of the new policies and processes put in place.

    Summary of Accomplishment

    Problem Solved

    You now have an outline of your new change management process. The hard work starts now for an effective implementation. Make use of the communications plan to socialize the new process with stakeholders and the roadmap to stay on track.

    Remember as you are starting your implementation to keep your documents flexible and treat them as “living documents.” You will likely need to tweak and refine the processware and templates several times to continually improve the process. Furthermore, don’t shy away from seeking feedback from your stakeholders to gain buy-in.

    Lastly, keep an eye on your progress with objective, data-driven metrics. Leverage the trends in your data to drive your decisions. Be sure to revisit the maturity assessment not only to measure and visualize your progress, but to gain insight into your next steps.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com

    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic office in Toronto, Ontario, Canada to participate in an innovative onsite workshop.

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    1.1.2 Complete a Change Management Maturity Assessment

    Run through the change management maturity assessment with tailored commentary for each action item outlining context and best practices.

    2.2.1 Plot the Process for a Normal Change

    Build a normal change process using Info-Tech’s Change Management Process Library template with an analyst helping you to right size the process for your organization.

    Related Info-Tech Research

    Standardize the Service Desk

    Improve customer service by driving consistency in your support approach and meeting SLAs.

    Stabilize Release and Deployment Management

    Maintain both speed and control while improving the quality of deployments and releases within the infrastructure team.

    Incident and Problem Management

    Don’t let persistent problems govern your department.

    Select Bibliography

    AXELOS Limited. ITIL Foundation: ITIL 4th edition. TSO, 2019, pp. 118–120.

    Behr, Kevin and George Spafford. The Visible Ops Handbook: Implementing ITIL in 4 Practical and Auditable Steps. IT Revolution Press. 2013.

    BMC. “ITIL Change Management.” BMC Software Canada, 22 December 2016.

    Brown, Vance. “Change Management: The Greatest ROI of ITIL.” Cherwell Service Management.

    Cisco. “Change Management: Best Practices.” Cisco, 10 March 2008.

    Grove, Daniel. “Case Study ITIL Change Management Intel Corporation.” PowerShow, 2005.

    ISACA. “COBIT 5: Enabling Processes.” ISACA, 2012.

    Jantti, M. and M. Kainulainen. “Exploring an IT Service Change Management Process: A Case Study.” ICDS 2011: The Fifth International Conference on Digital Society, 23 Feb. 2011.

    Murphy, Vawns. “How to Assess Changes.” The ITSM Review, 29 Jan. 2016.

    Nyo, Isabel. “Best Practices for Change Management in the Age of DevOps.” Atlassian Engineering, 12 May 2021.

    Phillips, Katherine W., Katie A. Liljenquist, and Margaret A. Neale. “Better Decisions Through Diversity.” Kellogg Insight, 1 Oct. 2010.

    Pink Elephant. “Best Practices for Change Management.” Pink Elephant, 2005.

    Sharwood, Simon. “Google broke its own cloud by doing two updates at once.” The Register, 24 Aug. 2016.

    SolarWinds. “How to Eliminate the No: 1 Cause of Network Downtime.” SolarWinds Tech Tips, 25 Apr. 2014.

    The Stationery Office. “ITIL Service Transition: 2011.” The Stationary Office, 29 July 2011.

    UCISA. “ITIL – A Guide to Change Management.” UCISA.

    Zander, Jason. “Final Root Cause Analysis and Improvement Areas: Nov 18 Azure Storage Service Interruption.” Microsoft Azure: Blog and Updates, 17 Dec. 2014.

    Appendix I: Expedited Changes

    Employ the expedited change to promote process adherence

    In many organizations, there are changes which may not fit into the three prescribed categories. The reason behind why the expedited category may be needed generally falls between two possibilities:

    1. External drivers dictate changes via mandates which may not fall within the normal change cycle. A CIO, judge, state/provincial mandate, or request from shared services pushes a change that does not fall within a normal change cycle. However, there is no imminent outage (therefore it is not an emergency). In this case, an expedited change can proceed. Communicate to the change requester that IT and the change build team will still do their best to implement the change without issue, but any extra risk of implementing this expedited change (compared to an normal change) will be absorbed by the change requester.
    2. The change requester did not prepare for the change adequately. This is common if a new change process is being established (and stakeholders are still adapting to the process). Change requesters or the change build team may request the change to be done by a certain date that does not fall within the normal change cycle, or they simply did not give the CAB enough time to vet the change. In this case, you may use the expedited category as a metric (or a “Hall of Shame” example). If you identify a department or individual that frequently request expedited changes, use the expedited category as a means to educate them about the normal change to discourage the behavior moving forward.

    Two possible ways to build an expedited change category”

    1. Build the category similar to an emergency change. In this case, one difference would be the time allotted to fully obtain authorization of the change from the E-CAB and business owner before implementing the change (as opposed to the emergency change workflow).
    2. Have the expedited change reflect the normal change workflow. In this case, all the same steps of the normal change workflow are followed except for expedited timelines between processes. This may include holding an impromptu CAB meeting to authorize the change.

    Example process: Expedited Change Process

    The image is a flowchart, showing the process for Expedited Change.

    For the full process, refer to the Change Management Process Library.

    Appendix II: Optimize IT Change Management in a DevOps Environment

    Change Management cannot be ignored because you are DevOps or Agile

    But it can be right-sized.

    The core tenets of change management still apply no matter the type of development environment an organization has. Changes in any environment carry risk of degrading functionality, and must therefore be vetted. However, the amount of work and rigor put into different stages of the change life cycle can be altered depending on the maturity of the development workflows. The following are several stage gates for change management that MUST be considered if you are a DevOps or Agile shop:

    • Intake assessment (separation of changes from projects, service requests, operational tasks)
      • Within a DevOps or Agile environment, many of the application changes will come directly from the SDLC and projects going live. It does not mean a change must go through CAB, but leveraging the pre-approved category allows for an organization to stick to development lifecycles without being heavily bogged down by change bureaucracy.
    • Technical review
      • Leveraging automation, release contingencies, and the current SDLC documentation to decrease change risk allows for various changes to be designated as pre-approved.
    • Authorization
      • Define the authorization and dependencies of a change early in the lifecycle to gain authorization and necessary signoffs.
    • Documentation/communication
      • Documentation and communication are post-implementation activities that cannot be ignored. If documentation is required throughout the SDLC, then design the RFC to point to the correct documentation instead of duplicating information.

    "Understand that process is hard and finding a solution that fits every need can be tricky. With this change management process we do not try to solve every corner case so much as create a framework by which best judgement can be used to ensure maximum availability of our platforms and services while still complying with our regulatory requirements and making positive changes that will delight our customers.“ -IT Director, Information Cybersecurity Organization

    Five principals for implementing change in DevOps

    Follow these best practices to make sure your requirements are solid:

    People

    The core differences between an Agile or DevOps transition and a traditional approach are the restructuring and the team behind it. As a result, the stakeholders of change management must be onboard for the process to work. This is the most difficult problem to solve if it’s an issue, but open avenues of feedback for a process build is a start.

    DevOps Lifecycles

    • Plan the dev lifecycle so people can’t skirt it. Ensure the process has automated checks so that it’s more work to skirt the system than it is to follow it. Make the right process the process of least resistance.
    • Plan changes from the start to ensure that cross-dependencies are identified early and that the proposed implementation date is deconflicted and visible to other change requesters and change stakeholders.

    Automation

    Automation comes in many forms and is well documented in many development workflows. Having automated signoffs for QA/security checks and stakeholders/cross dependency owner sign offs may not fully replace the CAB but can ease the burden on discussions before implementation.

    Contingencies

    Canary releases, phased releases, dark releases, and toggles are all options you can employ to reduce risk during a release. Furthermore, building in contingencies to the test/rollback plan decreases the risk of the change by decreasing the factor of likelihood.

    Continually Improve

    Building change from the ground up doesn’t meant the process has to be fully fledged before launch. Iterative improvements are possible before achieving an optimal state. Having the proper metrics on the pain points and bottlenecks in the process can identify areas for automation and improvement.

    Increasing the proportion of pre-approved changes

    Leverage the traditional change infrastructure to deploy changes quickly while keeping your risk low.

    • To designate a change as a pre-approved change it must have a low risk rating (based on impact and likelihood). Fortunately, many of the changes within the Agile framework are designed to be small and lower risk (at least within application development). Putting in the work ahead of time to document these changes, template RFCs, and document the dependencies for various changes allows for a shift in the proportion of pre-approved changes.
    • The designation of pre-approved changes is an ongoing process. This is not an overnight initiative. Measure the proportion of changes by category as a metric, setting goals and interim goals to shift the change proportion to a desired ratio.

    The image is a bar graph, with each bar having 3 colour-coded sections: Emergency, Normal, and Pre-Approved. The first bar is before, where the largest change category is Normal. The second bar is after, and the largest change category is Pre-Approved.

    Turn your CAB into a virtual one

    • The CAB does not have to fully disappear in a DevOps environment. If the SDLC is built in a way that authorizes changes through peer reviews and automated checks, by the time it’s deployed, the job of the CAB should have already been completed. Then the authorization stage-gate (traditionally, the CAB) shifts to earlier in the process, reducing the need for an actual CAB meeting. However, the change must still be communicated and documented, even if it’s a pre-approved change.
    • As the proportion of changes shifts from a high degree of normal changes to a high degree of pre-approved changes, the need for CAB meetings should decrease even further. As an end-state, you may reserve actual CAB meetings for high-profile changes (as defined by risk).
    • Lastly, change management does not disappear as a process. Periodic reviews of change management metrics and the pre-approved change list must still be completed.

    Simplify Remote Deployment With Zero-Touch Provisioning

    • Buy Link or Shortcode: {j2store}310|cart{/j2store}
    • member rating overall impact: 9.0/10 Overall Impact
    • member rating average dollars saved: $5,199 Average $ Saved
    • member rating average days saved: 5 Average Days Saved
    • Parent Category Name: End-User Computing Strategy
    • Parent Category Link: /end-user-computing-strategy

    Provide better end-user device support to a remote workforce:

    • Remain compliant while purchasing, deploying, supporting, and decommissioning devices.
    • Save time and resources during device deployment while providing a high-quality experience to remote end users.
    • Build a set of capabilities that will let you support different use cases.

    Our Advice

    Critical Insight

    • Zero-touch is more than just deployment. This is more difficult than turning on a tool and provisioning new devices to end users.
    • Consider the entire user experience and device lifecycle to show value to the organization. Don’t forget that you will eventually need to touch the device.

    Impact and Result

    Approach zero-touch provisioning and patching from the end user’s experience:

    • Align your zero-touch approach with stakeholder priorities and larger IT strategies.
    • Build your zero-touch provisioning and patching plan from both the asset lifecycle and the end-user perspective to take a holistic approach that emphasizes customer service.
    • Tailor deployment plans to more easily scope and resource deployment projects.

    Simplify Remote Deployment With Zero-Touch Provisioning Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should adopt zero-touch provisioning, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Design the zero-touch experience

    Design the user’s experience and build a vision to direct your zero-touch provisioning project. Update your ITAM practices to reflect the new experience.

    • Zero-Touch Provisioning and Support Plan
    • HAM Process Workflows (Visio)
    • HAM Process Workflows (PDF)
    • End-User Device Management Standard Operating Procedure

    2. Update device management, provisioning, and patching

    Leverage new tools to manage remote endpoints, keep those devices patched, and allow users to get the apps they need to work.

    • End-User Device Build Book Template

    3. Build a roadmap and communication plan

    Create a roadmap for migrating to zero-touch provisioning.

    • Roadmap Tool
    • Communication Plan Template
    [infographic]

    Take a Realistic Approach to Disaster Recovery Testing

    • Buy Link or Shortcode: {j2store}414|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: DR and Business Continuity
    • Parent Category Link: /business-continuity

    You have made significant investments in availability and disaster recovery – but your ability to recover hasn’t been tested in years. Testing will:

    • Improve your DR capabilities.
    • Identify required changes to planning documentation and procedures.
    • Validate DR capabilities for interested customers and auditors.

    Our Advice

    Critical Insight

    • If you treat testing as a pass/fail exercise, you aren’t meeting the end goal of improving organizational resilience.
    • Focus on identifying gaps and risks, and addressing them, before a real disaster hits.
    • Take a realistic, iterative approach to resilience testing that starts with small, low-risk tests and builds on lessons learned.

    Impact and Result

    • Identify testing scenarios and scope that can deliver value to your organization.
    • Create practical test plans with Info-Tech’s template.
    • Demonstrate value from testing to gain buy-in for additional tests.

    Take a Realistic Approach to Disaster Recovery Testing Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Take a Realistic Approach to Disaster Recovery Testing Storyboard – A guide to establishing a right-sized approach to DR testing that delivers durable value to your organization.

    Use this research to understand the different types of tests, prioritize and plan tests for your organization, review the results, and establish a cadence for testing.

    • Take a Realistic Approach to Disaster Recovery Testing Storyboard

    2. Disaster Recovery Test Plan Template – A template to document your organization's DR test plan.

    Use this template to document scope and goals, participants, key pre-test milestones, the test-day schedule, and your findings from the testing exercise.

    • Disaster Recovery Test Plan Template

    3. Disaster Recovery Testing Program Summary – A template to outline your organization's DR testing program.

    Identify the tests you will run over the next year and the expertise, governance, process, and funding required to support testing.

    • Disaster Recovery Testing Program Summary

    [infographic]

     

    Further reading

    Take a Realistic Approach to Disaster Recovery Testing

    Reduce costly downtime with a right-sized testing program that improves IT resilience.

    Analyst Perspective

    Reduce costly downtime with a right-sized testing program that improves IT resilience.

    Andrew Sharp

    Most businesses make significant investments in disaster recovery and technology resilience. Redundant sites and systems, monitoring, intrusion prevention, backups, training, documentation: it all costs time and money.

    But does this investment deliver expected value? Specifically, can you deliver service continuity in a way that meets business requirements?

    You can’t know the answer without regularly testing recovery processes and systems. And more than just validation, testing helps you deliver service continuity by finding and addressing gaps in your plans and training your staff on recovery procedures.

    Use the insights, tools, and templates in this research to create a streamlined and effective resilience testing program that helps validate recovery capabilities and enhance service reliability, availability, and continuity.

    Andrew Sharp

    Research Director, Infrastructure & Operations
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    You have made significant investments in availability and disaster recovery (DR) – but your ability to recover hasn’t been tested in years. Testing will:

    • Improve your DR capabilities.
    • Identify required changes to planning documentation and procedures.
    • Validate DR capabilities for interested customers and auditors.

    Common Obstacles

    Despite the value testing can offer, actually executing on DR tests is difficult because:

    • Testing is often an IT-driven initiative, and it can be difficult to secure business buy-in to redirect resources away from other urgent projects or accept risks that come with testing.
    • Previous tests have been overly complex and challenging to coordinate and leave a hangover so bad that no one wants to do them again.

    Info-Tech's Approach

    Take a realistic approach to resilience testing by starting with small, low-risk tests, then iterating with the lessons you’ve learned:

    • Identify testing scenarios and scope that can deliver value to your organization.
    • Create practical test plans with Info-Tech’s template.
    • Get buy-in for regular DR testing from key stakeholders with a testing program summary.

    Info-Tech Insight

    If you treat testing as a pass/fail exercise, you aren’t meeting the end goal of improving organizational resilience. Focus on identifying gaps and risks so you can address them before a real disaster hits.

    Process and Outputs

    This research is accompanied by templates to help you achieve your goals faster.

    1 - Establish the business rationale for DR testing.
    2 - Review a range of options for testing.
    3 - Prioritize tests that are most valuable to your business.
    4 - Create a disaster recovery test plan.
    5 - Establish a Test Program to support a regular testing cycle.

    Outputs:

    DR Test Plan
    DR Testing Program Summary

    Example Orange Activity slide.
    Orange activity slides like the one on the left provide directions to help you make key decisions.

    Key Deliverable:

    Disaster Recovery Test Plan Template

    Build a plan for your first disaster recovery test.

    This document provides a complete example you can use to quickly build your own plan, including goals, milestones, participants, the test-day schedule, and findings from the after-action review.

    Why test?

    Testing helps you avoid costly downtime

    • In a disaster scenario, speed matters. Immediately after an outage, the impact on the organization is small, but impact increases rapidly the longer the outage continues.
    • A quick and reliable response and recovery can protect the organization from significant losses.
    • A DRP testing and maintenance program helps ensure you’re ready to recover when you need to, rather than figuring it out as you go.

    “Routine testing is vital to survive a disaster… that’s when muscle memory sets in. If you don’t test your DR plan it falls [in importance], and you never see how routine changes impact it.”

    – Jennifer Goshorn
    Chief Administrative Officer
    Gunderson Dettmer LLP

    Info-Tech members estimated even one day of system downtime could lead to significant revenue losses. Estimated loss of revenue over 24 hours. Core Infrastructure has the highest potential for lost revenue.

    Average estimated potential loss* in thousands of USD due to a 24-hour outage (N=41)

    *Data aggregated from 41 business impact analyses (BIAs) conducted with Info-Tech advisory assistance. BIAs evaluate potential revenue loss due to a full day of system downtime, at the worst possible time.

    Run tests to enhance disaster recovery plans

    Testing improves organizational resilience

    • Identify and address gaps in your plans before a real disaster strikes.
    • Cross-train staff on systems recovery.
    • Go beyond testing technology to test recovery processes.
    • Establish a culture that centers resilience in everyday decision-making.

    Testing keeps DR documentation ready for action

    • Update documentation ahead of tests to prepare for the testing exercise.
    • Update documentation after testing to incorporate any lessons learned.

    Testing validates that investments in resilience deliver value

    • Confirm your organization can meet defined recovery time objectives (RTOs) and recovery point objectives (RPOs).
    • Provide proof of testing for auditors, prospective customers, and insurance applications

    Overcome testing challenges

    Despite the value of effective recovery testing, most IT organizations struggle to test recovery plans

    Common challenges

    • Key resources don’t have time for testing exercises.
    • You don’t have the technology to support live recovery testing.
    • Tests are done ad hoc and lessons learned are lost.
    • A lack of business support for test exercises as the value isn’t understood.
    • Tests are always artificially simple because RTOs and RPOs must be met to satisfy customer or auditor inquiries

    Overcome challenges with a realistic approach:

    • Start small with tabletop and recovery tests for specific systems.
    • Include recovery tests in operational tasks (e.g. restore systems when you have a maintenance window).
    • Create testing plans for larger testing exercises.
    • Build on successful tests to streamline testing exercises in the future.
    • Don’t make testing a pass-fail exercise. Focus on identifying gaps and risks so you can address them before a real disaster hits.

    Go beyond traditional testing

    Different test techniques help validate recovery against different threats

    • There are many threats to service continuity, including ransomware, severe weather events, geopolitical conflict, legacy systems, staff turnover, and day-to-day outages caused by human error, software updates, hardware failures, or network outages.
    • At its core, disaster recovery planning is about recovery. A plan for service recovery will help you mitigate against many threats at once. The testing approaches on the right will help you validate different aspects of that recovery process.
    • This research will provide an overview of the approaches outlined on the right and help you prioritize tests that are most valuable to your organization.
    Different test techniques for disaster recover training: System Failover tests, tabletop exercises, ransomware recovery tests, etc.

    00 Identify a working group

    30 minutes

    Identify a group of participants who can fill the following roles and inform the discussions around testing in this research. A single person could fill multiple roles and some roles could be filled by multiple people. Many participants will be drawn from the larger DRP team.

    Roles and expectations for Disaster Recovery Planning. DRP sponsor, Testing coordinator, System testers, business liaisons, executive team.

    Input

    • Organizational context

    Output

    • A list of key participants for test planning and execution

    Participants

    • Typically, start by identifying the sponsor and coordinator and have them identify the other members of the working group.

    Start by updating your disaster recovery plan (DRP)

    Use Info-Tech’s Create a Right-Sized Disaster Recovery Plan research to identify recovery objectives based on business impact and outline recovery processes. Both are tremendously valuable inputs to your test plans.

    Overall Business Continuity Plan

    IT Disaster Recovery Plan

    A plan to restore IT services (e.g. applications and infrastructure) following a disruption. A DRP:

    • Identifies critical applications and dependencies.
    • Defines appropriate recovery objectives based on a business impact analysis (BIA).
    • Creates a step-by-step incident response plan.

    BCP for Each Business Unit

    A set of plans to resume business processes for each business unit. A business continuity plan (BCP) is also sometimes called a continuity of operations plan (COOP).

    BCPs are created and owned by each business unit, and creating a BCP requires deep involvement from the leadership of each business unit.

    Info-Tech’s Develop a Business Continuity Plan blueprint provides a methodology for creating business unit BCPs as part of an overall BCP for the organization.

    Crisis Management Plan

    A plan to manage a wide range of crises, from health and safety incidents to business disruptions to reputational damage.

    Info-Tech’s Implement Crisis Management Best Practices blueprint provides a framework for planning a response to any crisis, from health and safety incidents to reputational damage.

    01 Confirm: why test at all?

    15-30 minutes

    Identify the value recovery testing for your organization. Use language appropriate for a nontechnical audience. Start with the list below and add, modify, or delete bullet points to reflect your own organization.

     

    Drivers for testing – Examples:

     

    • Improve service continuity.
    • Identify and address gaps in recovery plans before a real disaster strikes.
    • Cross-train staff on systems recovery to minimize single points of failure.
    • Identify how we coordinate across teams during a major systems outage.
    • Exercise both recovery processes and technology.
    • Support a culture that centers system resilience in everyday decision-making.
    • Keep recovery documentation up-to-date and ready for action.
    • Confirm that our stated recovery objectives can be met.
    • Provide proof of testing for auditors, prospective customers, and insurance applications.
    • We require proof of testing to pass audits and renew cybersecurity insurance.

    Info-Tech Insight

    Time-strapped technical staff will sometimes push back on planning and testing, objecting that the team will “figure it out” in a disaster. But the question isn’t whether recovery is possible – it’s whether the recovery aligns with business needs. If your plan is to “MacGyver” a solution on the fly, you can’t know if it’s the right solution for your organization.

    Input

    • Business drivers and context for testing

    Output

    • Specific goals that are driving testing

    Participants

    • DR sponsor
    • Test coordinator

    Think about what and how you test

    Different layers of the stack to test: Network, Authentication, compute and storage, visualization platforms, database services, middleware, app servers, web servers.

    Find gaps and risks with tabletop testing

    Tabletop planning had the greatest impact on meeting recovery objectives (RTOs/RPOs).

    In a tabletop planning exercise, the team walks through a disaster scenario to outline the recovery workflow, and risks or gaps that could disrupt that workflow.

    Tabletops are particularly effective because:

    • It enables you to play out a wider range of scenarios than technology-based testing (e.g. full-scale, parallel) due to cost and complexity factors.
    • It is non-intrusive, so it can be executed more easily than other testing methodologies.
    • The exercise translates into recovery documentation: you create a workflow as you go.
    • A major site or service recovery scenario will review all aspects of the recovery process and create the backbone of your recovery plan.

    02 Run a tabletop exercise

    2 hours

    Tabletop testing is part of our core DRP methodology, Create a Right-Sized Disaster Recovery Plan. This exercise can be run using cue cards, sticky notes, or on a whiteboard; many of our facilitators find building the workflow directly in flowchart software to be very effective.

    Use our Recovery Workflow Template as a starting point.

    Some tips for running your first tabletop exercise:

    Do

    • Review the complete workflow from notification all the way to user acceptance testing.
    • Keep focused; stay on task and on time.
    • Revisit each step and record gaps and risks (and known solutions, but don’t dwell on this).
    • Revise and improve the plan with task owners.

    Don't

    • Get weighed down by tools.
    • Try to find solutions to every gap/risk as you go. Save in-depth research/discussion for later.
    • Document the details right away – stick to the high-level plan for the first exercise.
    1. Ahead of the exercise, decide on a scenario, identify participants, and book a meeting time.
      • For your first walkthrough of a DR scenario, we often recommend a scenario that considers a site failure requiring failover to a DR site.
      • For the first exercise, focus on technical aspects of recovery before bringing in members of the business. The technical team may need space to discuss the appropriate steps in the recovery process before you bring in business liaisons to discuss user acceptance testing (UAT).
      • A complete failover considers all systems, the viability of your second site, and can help identify parts of the process that require additional exercises.
    2. Review the scenario with participants. Then, discuss and document the recovery process, starting with initial notification of an event.
      • Record steps in the process on white cards or boxes.
      • On yellow and red cards, document gaps and risks in people process and technology requirements.
    3. Once you’ve walked through the process, return to the start.
      • Record the time required to complete each step. Consider identifying who is responsible for key steps. Identify any additional gaps and risks.
    4. Clean up and record the results of the workflow. Save a copy with your DRP documentation.

    Input

    • Expert knowledge on systems recovery

    Output

    • Recovery workflow, including gaps and risks

    Participants

    • Test coordinator
    • Technical SMEs

    Move from tabletop testing to functional exercises

    See how your plans fare in the real world

    In live exercises, some portion of your recovery plans are executed in a way that mimics a real recovery scenario. Some advantages of live testing:

    • See how standby systems behave. A tabletop exercise can miss small issues that can make or break the recovery process. For example, connectivity or integration issues on a new subnet might be difficult to predict prior to actually running services in that environment.
    • Hands-on practice: Familiarize the team with the steps, commands, and interfaces of your recovery toolset.
    • Manage the pressure of the DR scenario: Nothing’s quite like the real thing, but a live exercise may be the closest your team can get to a disaster situation without experiencing it firsthand.

    Examples of live exercises

    Boot and smoke test Turn on a standby system and confirm it boots up correctly.
    Restore and validate data Restore data or servers from backup. Confirm data integrity.
    Parallel testing Send familiar transactions to production and standby systems. Confirm both systems produce the same result.
    Failover systems Shut down the production system and use the standby system in production.

    Run local tests ahead of releases

    Think small

    Most unacceptable downtime is caused by localized issues, such as hardware or software failures, rather than widespread destructive events. Regular local testing can help validate the recovery plan for local issues and improve overall service continuity.

    Make local testing a standard step in maintenance work and new deployments to embed resilience considerations in day-to-day activities. Run the same tests in both your primary and your DR environment.

    Some examples of localized tests:

    • Review backup logs and check for errors.
    • Restore files or whole systems from backup.
    • Run application-based tests as part of release management, including unit, regression, and performance tests.
      • Ensure application tests are run for both the primary and DR environment.
      • For a deep-dive on application testing, see Info-Tech’s research Automate Testing to Get More Done.

    Info-Tech Insight

    Local tests will vary between different services, and local test design is usually best left to the system SMEs. At the same time, centralize reporting to understand where tests are being done.

    Investigate whether your IT Service Management or ticketing system can create recurring tasks or work orders to schedule, document, and track test exercises. Tasks can be pre-populated with checklists and documentation to support the test and provide a record of completed tests to support oversight and reporting.

    Have the business validate recovery

    If your business doesn’t think a system’s recovered, it’s not recovered.

    User acceptance testing (UAT) after system recovery is a key step in the recovery process. Like any step in the process, there’s value in testing it before it actually needs to be done. Assign responsibility for building UATs to the person who will be responsible for executing them.

    An acceptance test script might look something like the checklist below.

    • Does the application open?
    • Does the interface look right?
    • Do you see any unusual notifications or warnings?
    • Can you conduct a key transaction with dummy data?
    • Can you run key reports?

    “I cannot stress how important it is to assign ownership of responsibilities in a test; this is the only way to truly mitigate against issues in a test.”

    – Robert Nardella
    IT Service Management
    Certified z/OS Mainframe Professional

    Info-Tech Insight

    Build test scripts and test transactions ahead of time to minimize the amount of new work required during a recovery scenario.

    Beyond the Basics: Full Failover Testing

    • A failover test – a full failover of your production environment to a secondary environment – is what many IT and businesspeople think about when they think of disaster recovery testing.
    • A full test can validate previous local or tabletop tests, identify additional gaps and risks, and provide hands-on training experience with recovery processes and technologies.
    • Setting a date for failover testing can also inject some urgency into otherwise low-priority (but high importance) disaster recovery planning and documentation exercises, which need to be completed prior to the test.
    • Despite these benefits, full failover tests carry significant risk and require a great deal of effort and cost. Typically, only businesses that already have an active-active environment capable of supporting in-scope production systems are able to run a full environment failover.
    • This is especially true the first time you test. While in theory a DR plan should be ready to go at any time, there will be documents to update, gaps to address, and risks to mitigate before you go ahead with the test.

    Full Failover Testing

    What you get:

    • Provide hands-on experience with recovery processes and technology.
    • Confirm that site failover works in practice as you assumed in tabletop or local testing exercises.
    • Identify critical gaps you might have missed without a full failover test.

    What you need:

    • An active-active secondary site, with sufficient standby equipment, data, and licensed standby software to support production.
    • A completed tabletop exercise and documented recovery workflow.
    • A documented test plan, backout plan, and formal sign-off.
    • An off-hours downtime window.
    • Time from technical SMEs and business resources, both for creating the plan and executing the test.

    Beyond the Basics: Site Reliability Engineering

    • Site reliability engineering (SRE) is an application of skills and approaches from software engineering to improve system resilience.
    • SRE is focused on “availability, latency, performance, efficiency, change management, monitoring, emergency response, and capacity planning” across a set portfolio of services (Sloss, 2017).
    • In many organizations, SRE is implemented as a team that supports separate applications teams.
    • Applications must have defined and granular resilience requirements, translated into service objectives. The SRE team and applications teams will work together to meet these objectives.
    • Site reliability engineers (the folks that do SRE, and often also abbreviated as SREs) are expected to build solutions and processes to ensure services remain stable and performant, not just respond when they fail. For example, Google allows their SREs to spend just half their time on incident response, with the rest of their time focused on development and automation tasks.

    Site Reliability Testing

    What you get:

    • Improved reliability and reduced frequency and impact of downtime.
    • Increased use of automation to address problems before they cause an incident.
    • Granular resilience objectives.

    What you need:

    • Systems running on software-defined infrastructure.
    • Specialized skills in programming, infrastructure-as-code.
    • Business & product owners able to define and fund acceptable and appropriate resilience objectives.
    • Technical experts able to translate product requirements into technical design requirements.

    Beyond the Basics: Chaos Engineering

    • Chaos engineering, a term and approach first popularized by the team at Netflix, aims to improve the resilience of particularly large and distributed systems by simulating system failures and evaluating performance against a baseline.
    • Experiments simulate a variety of real-world events that could cause outages (e.g. network slowdowns or server failures). Experiments run continuously, and the recommendation is to run them in production where feasible while minimizing the impact on customers.
    • Tools to help you run chaos testing exist, including open-source toolkits like Chaos Monkey or Mangle and paid software as a service (SaaS) solutions like Gremlin.
    • Deciding whether the long-term benefits of tests that can degrade production are worth the potential risk of system slowdowns or outages is a business or product decision. Technical considerations aside, if the business owner of a particular system doesn’t see the value of continuous testing outweighing the introduced risk, this approach to testing isn’t going to happen.

    Chaos Engineering

    What you get:

    • Confidence that systems can weather volatile and unpredictable conditions in a production environment.
    • An embedded resilience culture.

    What you need:

    • High-maturity IT incident, monitoring and event practices.
    • Standby/resilient systems to minimize downtime impact.
    • Business buy-in for introducing risk into the production environment.
    • Specialized skills to identify, develop, and run tests that degrade production performance in a controlled way.
    • Budget and time to act on issues identified through testing.

    Beyond the Basics: Security Event Simulations

    • Ransomware is driving demands for proof of recovery testing from customers, executives, auditors, and insurance companies. Systems recovery is part of ransomware recovery, but recovering from a breach includes detection, analysis, containment, and eradication of the attack vector before systems recovery can begin.
    • Beyond technical recovery, internal legal and communications teams will have a role, as will your insurance provider, consultants specialized in ransomware recovery, or professional ransom negotiators.
    • A tabletop exercise focused on ransomware incident response is a key first step. You can find Info-Tech’s methodology for a ransomware tabletop in Phase 3 of Build Resilience Against Ransomware Attacks.
    • Live testing approaches can offer hands-on experience and further insight into how your systems are vulnerable to malware. A variety of open source and proprietary tools can simulate ransomware and help you identify problems, though it’s important to understand the limitations of different simulators (Allon, 2022).
    • A “red team” exercise simulates an adversarial attack against your processes and systems. A specialized penetration tester will often take on the role of the red team and provide a report of identified gaps and risks after the engagement.

    Security Event Simulation

    What you get:

    • Hands-on experience managing and recovering from a ransomware attack in a controlled environment.
    • A better understanding of gaps in your response process.

    What you need:

    • A completed ransomware tabletop exercise and mature security incident response processes.
    • For Ransomware Simulators: An air-gapped sandbox environment hosting a copy of your production systems and security tools, and time from your technical SMEs.
    • For Red Team Exercises: A trusted provider, scope for your testing plans, and time from your security incident response team.

    Prioritize tests by asking these three questions

    1. Will the scope of this test deliver sufficient value?

    • Yes, these are critical systems with low tolerance for downtime or data loss.
    • Yes, major changes or new systems require validation of DR capabilities.
    • Yes, there’s high probability of an outage, or recent experience of an outage.
    • •Yes, we have audit requirements or customer demands for testing.

    2. Are we ready for this test?

    • Yes, recovery plans and recovery objectives are documented.
    • Yes, key technical and business resources have time to commit to testing exercises.
    • Yes, technology is currently able to support proposed tests.

    3. Is it easy to do?

    • Yes, effort required to complete the test is low (i.e. minimal work, few participants).
    • Yes, the risks related to testing are low.
    • Yes, it won’t cost much.

    Info-Tech Insight

    More complex, challenging, risky, or costly tests, such as full failover tests, can deliver value. But do the high-value, low-effort stuff first!

    03 Brainstorm and prioritize test ideas

    30-60 minutes

    Even if you have an idea of what you need to test and how you want to run those tests, this brainstorming exercise can generate useful ideas for testing that might otherwise have been missed.

      1. Review the slides above to develop ideas on how and what you want to test. These slides may be enough to kickstart a brainstorming process. Don’t debate or discount ideas at this point. Write down these ideas in a space where all participants can see them (e.g. whiteboard or shared screen).

    The next steps will help you prioritize the list – if needed – to tests that are highest value and lowest effort.

    1. Discuss where you have the greatest need to test. Assign a score of 0 – 3 for each test, with a score of 3 being high-need and a score of zero being low-need. Consider whether:
      • These applications have a low tolerance for downtime.
      • There’s a high chance of an outage, or recent experience with an outage.
      • There’s a need to train or cross-train staff on recovery for the system(s) in question.
      • Major changes require a review or validation of DR capabilities.
      • Audit requirements or customer/executive demands can be met via testing.
    2. Discuss which tests will require the least effort to complete – where readiness is high and tests are easier to do. Assign a score between 0 and 3 for each test, with a score of 3 being least effort and a score of 0 being high effort. Consider whether:
      • Recovery plans and recovery objectives are documented for these systems.
      • Technical experts are available to work on testing exercises.
      • For active testing, standby/sandbox systems are available and capable of supporting proposed tests.
      • The effort required to complete the test is low (e.g. minimal new work, few participants).
      • The risks related to testing are low.
      • You will need to secure additional funding.
    3. Sum together the assigned scores for each test. Higher scores should be the highest priority, but of course use your judgement to validate the results and select one or two tests to execute in the coming year.

    “There are different levels of testing and it is very progressive. I do not recommend my clients to do anything, unless they do it in a progressive fashion. Don’t try to do a live failover test with your users, right out of the box.”

    – Steve Tower
    Principal Consultant
    Prompta Consulting Group

    Input

    • Organizational and technical context

    Output

    • Prioritize list of DR testing ideas

    Participants

    • DR sponsor
    • Test coordinator

    04 Build a test plan

    3-5 days

    Building a test plan helps the test run smoothly and can uncover issues with the underlying DRP as you dig into the details.

    The test coordinator will own the plan document but will rely on the sponsor to confirm scope and goals, technical SMEs to develop system recovery plans, and business liaisons to create UAT scripts.

    Download Info-Tech’s Disaster Recovery Test Plan Template. Use the structure of the template to build your own document, deleting example data as you go. Consider saving a separate copy of this document as an example and working from a second copy.

    Key sections of the document include:

    • Goals, scenario, and scope of the test.
    • Assumptions, constraints, risks, and mitigation strategies.
    • Test participants.
    • Key pre-test milestones, and test-day schedule.
    • After-action review.

    Download the Disaster Recovery Test Plan Template

    Input

    • Scope
    • High-level goals

    Output

    • Test plan, including goals, scope, key milestones, risks and mitigations, and test-day schedule

    Participants

    • Test coordinator develops the plan with support from:
      • Technical SMEs
      • Business liaisons
      • DR sponsor

    05 Run an after-action review

    30-60 minutes

    Take time after test exercises – especially large-scale tests with many participants – to consider what went well, what didn’t, and where you can improve future testing exercises. Track lessons learned and next steps at the bottom of your test plan.

    1. Start with a short (5-10 minute) debrief of the test and allow participants to ask questions. Confirm:
      • Did we meet the goals we set for the exercise, including RTOs and RPOs?
      • What was done well? What issues, gaps, and risks were identified?
    2. Work through variations of the following questions:
      • Was the test plan effective, and was the test well organized?
      • Was the documentation effective? Where did we follow the plan as documented, and where did we deviate from the plan?
      • Was our communication/collaboration during the test effective?
      • Have gaps and issues found during the test been reported to the testing coordinator? Could some of the issues uncovered apply more broadly to other IT services as well?
      • What could we test next, based on what was discovered?
      • Are there other tools or approaches that could be useful?

    Input

    • Insights and experience from a recent testing exercise

    Output

    • Identified gaps and risks, and action items to address them
    • Ideas to improve future test exercises

    Participants

    • Test coordinator develops the plan with support from:
      • Test coordinator
      • Test participants

    Follow a testing cycle

    All tests are expected to drive actions to improve resilience, as appropriate. Experience from previous tests will be applied to future testing exercises.

    The testing cycle: 1. Plan a test, 2. Run test, 3. Take action.

    Use your experience to simplify testing

    The fifth testing exercise should be easier than the first

    Outputs and lessons learned from testing should help you run future tests.

    • With past experience under their belt, participants should have a better understanding of their role, and of their peers’ roles, and the goal of the exercise.
    • Facilitators will be more comfortable facilitating the exercise, and everyone should be more confident in the steps required to recover their systems.
    • Gather feedback from participants through after-action reviews to identify what worked and what didn’t.
    • Documentation from previous tests can provide a template for future tests.
    • Gaps identified in previous tests can provide ideas for future tests.

    Experience, lessons learned, improved process, new test targets, repeat.

    Info-Tech Insight

    Testing should get easier over time. But if you’re easily passing every test, it’s a sign that you’re ready to run more challenging tests.

    06 Create a test program summary

    2-4 hours

    Regular testing allows you to build on prior tests and helps keep plans current despite changes to your environment.

    Keeping a regular testing schedule requires expertise, a process to coordinate your efforts, and a level of governance to provide oversight and ensure testing continues to deliver value. Create a call to action using Info-Tech’s Disaster Recovery Testing Program Summary Template.

    The result is a summary document that:

    • Identifies key takeaways and testing goals
    • Presents key elements of the testing program
    • Outlines the testing cycle
    • Lists expected milestones for the next year
    • Identifies participants
    • Recommends next steps

    “It is extremely important in the early stages of development to concentrate the focus on actual recoverability and data protection, enhancing these capabilities over time into a fully matured program that can truly test the recovery, and not simply focusing on the testing process itself.”

    – Joe Starzyk
    Senior Business Development Executive
    IBM Global Services

    Research Contributors and Experts

    • Bernard A. Jones, Business Continuity & Disaster Recovery Expert
    • Robert Nardella, IT Service Management, Certified z/OS Mainframe Professional
    • Larry Liss, Chief Technology Officer, Blank Rome LLP
    • Jennifer Goshorn, Chief Administrative and Chief Compliance Officer, Gunderson Dettmer LLP
    • Paul Kirvan, FBCI, CISA, Independent IT Consultant/Auditor, Paul Kirvan Associates
    • Steve Tower, Principal Consultant, Prompta Consulting Group
    • Joe Starzyk, Senior Business Development Executive, IBM Global Services
    • Thomas Bronack, Enterprise Resiliency and Corporate Certification Consultant, DCAG
    • Paul S. Randal, CEO & Owner, SQLskills.com
    • Tom Baumgartner, Disaster Recovery Analyst, Catholic Health

    Bibliography

    Alton, Yoni. “Ransomware simulators – reality or a bluff?” Palo Alto Blog, 2 May 2022. Accessed 31 Jan 2023.
    https://www.paloaltonetworks.com/blog/security-operations/ransomware-simulators-reality-or-a-bluff/

    Brathwaite, Shimon. “How to Test your Business Continuity and Disaster Recovery Plan,” Security Made Simple, 13 Nov 2022. Accessed 31 Jan 2023.
    https://www.securitymadesimple.org/cybersecurity-blog/how-to-test-your-business-continuity-and-disaster-recovery-plan

    The Business Continuity Institute. Good Practice Guidelines: 2018 Edition. The Business Continuity Institute, 2017.

    Emigh, Jacqueline. “Disaster Recovery Testing: Ensuring Your DR Plan Works,” Enterprise Storage Forum, 28 May 2019. Accessed 31 Jan 2023.
    Disaster Recovery Testing: Ensuring Your DR Plan Works | Enterprise Storage Forum

    Gardner, Dana. "Case Study: Strategic Approach to Disaster Recovery and Data Lifecycle Management Pays off for Australia's SAI Global." ZDNet. BriefingsDirect, 26 Apr 2012. Accessed 31 Jan 2023.
    http://www.zdnet.com/article/case-study-strategic-approach-to-disaster-recovery-and-data-lifecycle-management-pays-off-for-australias-sai-global/.

    IBM. “Section 11. Testing the Disaster Recovery Plan.” IBM, 2 Aug 2021. Accessed 31 Jan 2023. Section 11. Testing the disaster recovery plan - IBM Documentation Lutkevich, Ben and Alexander Gillis. “Chaos Engineering”. TechTarget, Jun 2021. Accessed 31 Jan 2023.
    https://www.techtarget.com/searchitoperations/definition/chaos-engineering

    Monperrus, Martin. “Principles of Antifragility.” Arxiv Forum, 7 June 2017. Accessed 31 Jan 2023.
    https://arxiv.org/ftp/arxiv/papers/1404/1404.3056.pdf

    “Principles of Chaos Engineering.” Principles of Chaos Engineering, 2019 March. Accessed 31 Jan 2023.
    https://principlesofchaos.org/

    Sloss, Benjamin Treynor. “Introduction.” Site Reliability Engineering. Ed. Betsy Beyer. O’Reilly Media, 2017. Accessed 31 Jan 2023.
    https://sre.google/sre-book/introduction/

    Design an Enterprise Architecture Strategy

    • Buy Link or Shortcode: {j2store}580|cart{/j2store}
    • member rating overall impact: 9.4/10 Overall Impact
    • member rating average dollars saved: $63,181 Average $ Saved
    • member rating average days saved: 30 Average Days Saved
    • Parent Category Name: Strategy & Operating Model
    • Parent Category Link: /strategy-and-operating-model
    • The enterprise architecture (EA) team is constantly challenged to articulate the value of its function.
    • The CIO has asked the EA team to help articulate the business value the team brings.
    • Traceability from the business goals and vision to the EA contributions often does not exist.
    • Also, clients often struggle with complexity, priorities, and agile execution.

    Our Advice

    Critical Insight

    • EA can deliver many benefits to an organization. However, to increase the likelihood of success, the EA group needs to deliver value to the business and cannot be seen solely as IT.
    • Support from the organization is needed.
    • An EA strategy anchored in a value proposition will ensure that EA focuses on driving the most critical outcomes in support of the organization’s enterprise strategy.
    • As agility is not just for project execution, architects need to understand ways to deliver their guidance to influence project execution in real time, to enable the enterprise agility, and to enhance their responsiveness to changing conditions.

    Impact and Result

    • Create an EA value proposition based on enterprise needs that clearly articulates the expected contributions of the EA function.
    • Establish the EA fundamentals (vision and mission statement, goals and objectives, and principles) needed to position the EA function to deliver the promised value proposition.
    • Identify the services that EA has to provide to the organization to deliver on the promised value proposition.

    Design an Enterprise Architecture Strategy Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Design an Enterprise Architecture Strategy Deck – A guide to help you define services that your EA function will provide to the organization.

    Establish an effective EA function that will realize value for the organization with an EA strategy.

    • Design an Enterprise Architecture Strategy – Phases 1-4

    2. EA Function Strategy Template – A communication tool to secure the approval of the EA strategy from organizational stakeholders.

    Use this template to document the outputs of the EA strategy and to communicate the EA strategy for approval by stakeholders.

    • EA Function Strategy Template

    3. Stakeholder Power Map Template – A template to help visualize the importance of various stakeholders and their concerns.

    Identify and prioritize the stakeholders that are important to your IT strategy development effort.

    • Stakeholder Power Map Template

    4. PESTLE Analysis Template – A template to help you complete and document a PESTLE analysis.

    Use this template to analyze the effect of external factors on IT.

    • PESTLE Analysis Template

    5. EA Value Proposition Template – A template to communicate the value EA can provide to the organization.

    Use this template to create an EA value proposition that explicitly communicates to stakeholders how an EA function can contribute to addressing their needs.

    • EA Value Proposition Template

    6. EA Goals and Objectives Template – A template to identify the EA goals that support the identified promises of value from the EA value proposition.

    Use this template to help set goals for your EA function based on the EA value proposition and identify objectives to measure the progression towards those EA goals.

    • EA Goals and Objectives Template

    7. EA Principles Template – A template to identify the universal EA principles relevant to your organization.

    Use this template to define relevant universal EA principles and create new EA principles to guide and inform IT investment decisions.

    • EA Principles Template – EA Strategy

    8. EA Service Planning Tool – A template to identify the EA services your organization will provide to deliver on the EA value proposition.

    Use this template to identify the EA services relevant to your organization and then define how those services will be accessed.

    • EA Service Planning Tool
    [infographic]

    Workshop: Design an Enterprise Architecture Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Map the EA Contributions to Business Goals

    The Purpose

    Show an example of traceability.

    Key Benefits Achieved

    Members have a real-world example of traceability between business goals and EA contributions.

    Activities

    1.1 Start from the business goals of the organization.

    1.2 Document business and IT drivers.

    1.3 Identify EA contributions that help achieve the business goals.

    Outputs

    Business goals documented.

    Business and IT drivers documented.

    Identified EA contributions and traced them to business goals.

    2 Determine the Role of the Architect in the Agile Ceremonies of the Organization

    The Purpose

    Create an understanding about role of architect in Agile ceremonies.

    Key Benefits Achieved

    Understanding of the role of the EA architect in Agile ceremonies.

    Activities

    2.1 Document the Agile ceremony used in the organization (based on SAFe or other Agile approaches).

    2.2 Determine which ceremonies the system architect will participate in.

    2.3 Determine which ceremonies the solution architect will participate in.

    2.4 Determine which ceremonies the enterprise architect will participate in.

    2.5 Determine architect syncs, etc.

    Outputs

    Documented the Agile ceremonial used in the organization (based on SAFe or other Agile approaches).

    Determined which ceremonies the system architect will participate in.

    Determined which ceremonies the solution architect will participate in.

    Determined which ceremonies the enterprise architect will participate in.

    Determined architect syncs, etc.

    Further reading

    Design an Enterprise Architecture Strategy

    Develop a strategy that fits the organization’s maturity and remains adaptable to unforeseen future changes.

    EXECUTIVE BRIEF

    Build a right-size enterprise architecture strategy

    Enterprise Architecture Strategy

    Business & IT Strategy
    • Organizational Goals and Objectives
    • Business Drivers
    • Environment and Industry Trends
    • EA Capabilities and Services
    • Business Architecture
    • Data Architecture
    • Application Architecture
    • Integration Architecture
    • Innovation
    • Roles and Organizational Structure
    • Security Architecture
    • Technology Architecture
    • Integration Architecture
    • Insight and Knowledge
    • EA Operating Model
    Unlock the Value of Architecture
    • Increased Business and IT Alignment
    • Robust, Flexible, Scalable, Interoperable, Extensible and Reliable Solutions
    • Timely/Agile Service Delivery and Operations
    • Cost-Effective Solutions
    • Appropriate Risk Management to Address the Risk Appetite
    • Increased Competitive Advantage
    Current Environment
    • Business and IT Challenges
    • Opportunities
    • Enterprise Architecture Maturity

    Enterprise Architecture – Thought Model

    A thought model built around 'Enterprise Architecture', represented by a diagram on a cross-section of a ship which will be explained in the next slide. It begins with an arrow that says 'Organizational goals are the driving force and the ultimate goal' pointing to a bubble titled 'Organization' containing 'Analysis', 'Decisions', 'Actions'. An blue arrow on the right side with one '$' is labelled 'Iterations' and connects 'Organization' to 'Enterprise Architecture', 'Enterprise architecture creates new business value'. A green arrow on the left side with five '$' is labelled 'Goals' and connects back to 'Organization'. A the bottom, a bubble titled 'External forces, pressures, trends, data, etc.' has a blue arrow on the right side with one '$' connecting back to 'Enterprise Architecture'. Another blue arrow representing an output is labelled 'Outcomes' and originates from 'Enterprise Architecture'.

    Enterprise Architecture Capabilities

    A diagram on a cross-section of a ship representing 'Enterprise Architecture', including a row of process arrows beneath the ship pointing forward all labelled 'Agile iteration' and one airborne arrow above the stern pointing forward labelled 'Business Strategy'. Overlaid on the ship, starting at the back, are 'EA Strategy', 'EA Operating Model', 'Enterprise Principles, Methods, etc.', 'Foundational enterprise decisions: Business, Data/Apps, Technology, Integration, Security', 'Enterprise Reference Architecture', 'Goals, Value Chain, Capability, Business Processes', 'Enterprise Governance (e.g., Standard Mgmt.)', 'Domain Arch', 'Data & App Architecture', 'Security Architecture', 'Infrastructure: Cloud, Hybrid, etc.', at the very front is 'Implementation', and running along the bottom from back to front is 'Operations, Monitoring, and Continuous Improvement'.

    Analyst Perspective

    Enterprise architecture (EA) needs to be right-sized for the needs of the organization.

    Photo of Milena Litoiu, Principal/Senior Director, Enterprise Architecture, Info-Tech Research Group

    Enterprise architecture is NOT a one-size-fits-all endeavor. It needs to be right-sized to the needs of the organization.

    Enterprise architects are boots on the ground and part of the solution; in addition, they need to have a good understanding of the corporate strategy, vision, and goals and have a vested interest on the optimization of the outcomes for the enterprise. They also need to anticipate the moves ahead, to be able to determine future trends and how they will impact the enterprise.

    Milena Litoiu
    Principal/Senior Director, Enterprise Architecture
    Info-Tech Research Group

    Analyst Perspective

    EA provides business options based on a deep understanding of the organization.

    “Enterprise architects need to think about and consider different areas of expertise when formulating potential business options. By understanding the context, the puzzle pieces can combine to create a positive business outcome that aligns with the organization’s strategies. Sometimes there will be missing pieces; leveraging what you know to create an outline of the pieces and collaborating with others can provide a general direction.”

    Jean Bujold
    Senior Workshop Delivery Director
    Info-Tech Research Group

    “The role of enterprise architecture is to eliminate misalignment between the business and IT and create value for the organization.”

    Reddy Doddipalli
    Senior Workshop Director, Research
    Info-Tech Research Group

    “Every transformation journey is an opportunity to learn: ‘Tell me and I forget. Teach me and I remember. Involve me and I learn.’ Benjamin Franklin.”

    Graham Smith
    Senior Lead Enterprise Architect and Independent Consultant

    Develop an enterprise architecture strategy that:

    • Helps the organization make decisions that are hard to change in a complex environment.
    • Fits the current organization’s maturity and remains flexible and adaptable to unforeseen future changes.

    Executive Summary

    Your Challenge

    We need to make decisions today for an unknown future. Decisions are influenced by:

    • Changes in the environment you operate in.
    • Complexity of both the business and IT landscapes.
    • IT’s difficulty in keeping up with business demands and remaining agile.
    • Program/project delivery pressure and long-term planning needs.
    • Other internal and external factors affecting your enterprise.

    Common Obstacles

    Decisions are often made:

    • Without a clear understanding of the business goals.
    • Without a holistic understanding; sometimes in conflict with one another.
    • That hinder the continuity of the organization.
    • That prevent value optimization at the enterprise level.

    The more complex an organization, the more players involved, the more difficult it is to overcome these obstacles.

    Info-Tech’s Approach

    • Is a holistic, top-down approach, from the business goals all the way to implementation.
    • Has EA act as the canary in the coal mine. EA will identify and mitigate risks in the organization.
    • Enables EA to provide an essential service rather than be an isolated kingdom or an ivory tower.
    • Acknowledges that EA is a balancing act among competing demands.
    • Makes decisions using guiding principles and guardrails, to create a flexible architecture that can evolve and expand, enabling enterprise agility.

    Info-Tech Insight

    There is no “right architecture” for organizations of all sizes, maturities, and cultural contexts. The value of enterprise architecture can only be measured against the business goals of a single organization. Enterprise architecture needs to be right-sized for your organization.

    Info-Tech insight summary on arch. agility

    Continuous innovation is of paramount importance in achieving and maintaining competitive advantage in the marketplace.

    Business engagement

    It is important to trace architectural decisions to business goals. As business goals evolve, architecture should evolve as well.

    As new business input is provided during Agile cycles, architecture is continuously evolving.

    EA fundamentals

    EA fundamentals will shape how enterprise architects think and act, how they engage with the organization, what decisions they make, etc.

    Start small and lean and evolve as needed.

    Continuously align strategy with delivery and operations.

    Architects should establish themselves as business partners as well as implementation/delivery leaders.

    Enterprise services

    Definitions of enterprise services should start from the business goals of the organization and the capabilities IT needs to perform for the organization to survive in the marketplace.

    Continuous delivery and continuous innovation are the two facets of architecture.

    Tactical insight

    Your current maturity should be reflected as a baseline in the strategy.

    Tactical insight

    Take Agile/opportunistic steps toward your strategic North star.

    Tactical insight

    EA services differ based on goals, maturity, and the Agile appetite of the enterprise.

    From the best industry experts

    “The trick to getting value from enterprise architecture is to commit to the long haul.”

    Jeanne W. Ross, MIT CISR
    Co-author of Enterprise Architecture as Strategy: Creating a Foundation for Business Execution,
    Harvard Business Press, 2006.

    Typical EA maturity stages

    A line chart that moves through multiple stages titled 'Enterprise Architecture Maturity Stages (MIT CISR)' The five stages of the chart, starting on the left, are 'Business Silos', 'Standardized Technology', 'Optimized Core', 'Business Componentization', and 'Digital Ecosystem'. 'The trick to getting value from enterprise architecture is to commit to the long haul.' The line begins at the bottom left of the chart and gradually creates a stretched S shape to the top right. Points along the line, respective to the aforementioned stages, are 'Locally Optimal Business Solutions', 'Technology Infrastructure Platform', 'Digitized Process Platform', 'Repository of Reusable Business Components', 'Components Connecting with Partners' Components', and at the end of the line, outside of the chart is 'Strategic Business Value from Technology'. Percentages along the bottom, respective to the aforementioned stages, read 20%, 36%, 45%, 7%, 2%. Percentages are rough approximations based on findings reported in Mocker, M., Ross, J.W., Beath, C.M., 'How Companies Use Digital Technologies to Enhance Customer Offerings--Summary of Survey Findings,' MIT CISR Working Paper No. 434, Feb. 2019. Copyright MIT, 2019.

    Enterprise Architecture maturity

    A maturity ladder visualization for 'Enterprise Architecture' with five color-coded levels. From the bottom up, the colors and designations are Red: 'Unstable', Orange: 'Firefighter', Yellow: 'Trusted Operator', Blue: 'Business Partner', and Green: 'Innovator'. Beside the visualization at the bottom it says 'EA is here', then an arrow in the direction of the top where it says 'EA needs to be here'.
    • Innovator – Transforms the Business
      Reliable Technology Innovation
    • Business Partner – Expands the Business
      Effective Use of Enterprise Architecture in all Business Projects, Enterprise Architecture Is Strategically Engaged
    • Trusted Operator – Optimizes the Business
      Enterprise Architecture Provides Business, Data, Application & Technology Architectures for All IT Projects
    • Firefighter – Supports the Business
      Reliable Architecture for Some Practices/Projects
    • Unstable – Struggles to Support
      Inability to Provide Reliable Architectures

    Info-Tech Insight

    There is no “absolute maturity” for organizations of all sizes, maturities, and cultural contexts. The maturity of enterprise architecture can only be measured against the business goals of the organization.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com1-888-670-8889

    Session 1 Session 2 Session 3 Session 4 Session 5
    Activities
    Identify organizational needs and landscape

    1.0 Interview stakeholders to identify business and technology needs

    1.1 Review organization perspective, including business needs, challenges, and strategic directions

    1.2 Conduct PESTLE analysis to identify business and technology trends

    1.3 Conduct SWOT analysis to identify business and technology internal perspective

    Create the EA value proposition

    2.1 Identify and prioritize EA stakeholders

    2.2 Create business and technology drivers from needs

    2.3 Define the EA value proposition

    2.4 Identify EA maturity and target

    Define the EA fundamentals

    3.1 Define the EA goals and objectives

    3.2 Determine EA scope

    3.3 Create a set of EA principles

    3.4. Define the need of a methodology/agility

    3.5 Create the EA vision and mission statement

    Identify the EA framework and communicate the EA strategy

    4.1 Define initial EA operating model and governance mechanism

    4.2 Define the activities and services the EA function will provide, derived from business goals

    4.3 Determine effectiveness measures

    4.4 Create EA roadmap and next steps

    4.5 Build communication plan for stakeholders

    Next Steps and Wrap-Up (offsite)

    5.1 Generate workshop report

    5.2 Set up review time for workshop report and to discuss next steps

    Outcomes
    1. Stakeholder insights
    2. Organizational needs, challenges, and direction summary
    3. PESTLE & SWOT analysis
    1. Stakeholder power map
    2. List of business and technology drivers with associated pains
    3. Set of EA contributions articulating the promises of value in the EA value proposition
    4. EA maturity assessment
    1. EA scope
    2. List of EA principles
    3. EA vision statement
    4. EA mission statement
    5. Statement about role of enterprise architect relative to agility
    1. EA capabilities mapped to business goals of the organization
    2. List of EA activities and services the EA function is committed to providing
    3. KPI definitions
    4. EA roadmap
    5. EA communication plan
    1. Completed workshop report on EA strategy with roadmap, recommendations, and outcomes from workshop

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 8 to 12 calls over the course of 4 to 6 months.

    While variations depend on the maturity of the organization as well as its aspirations, these are some typical steps:

      Phase 1

    • Call #1: Explore the role of EA in your organization.
    • Phase 2

    • Call #2: Identify and prioritize stakeholders.
    • Call #3: Use a PESTLE analysis to identify business and technology needs.
    • Call #4: Prepare for stakeholder interviews.
    • Call #5: Discuss your EA value proposition.
    • Phase 3

    • Call #5: Understand the importance of EA fundamentals.
    • Call #6: Define the relevant EA services and their contributions to the organization.
    • Call #7: Measure EA effectiveness.
    • Phase 4

    • Call #8: Build your EA roadmap and communication plan.
    • Call #9: Discuss the EA role relative to agility.
    • Call #10: Summarize results and plan next steps.

    Design an Enterprise Architecture Strategy

    Phase 1

    Explore the Role of Enterprise Architecture

    Phase 1

    • 1.1 Explore a general EA strategy approach
    • 1.2 Introduce Agile EA architecture

    Phase 2

    • 2.1 Define the business and technology drivers
    • 2.2 Define your value proposition

    Phase 3

    • 3.1 Realize the importance of EA fundamentals
    • 3.2 Finalize the EA fundamentals

    Phase 4

    • 4.1 Select relevant EA services
    • 4.2 Finalize the set of services and secure approval

    This phase will walk you through the following activities:

    Define the role of the group and different roles inside the enterprise architecture competency.

    This phase involves the following participants:

    • CIO
    • IT Leaders
    • Business Leaders

    Enterprise architecture optimizes the outcomes of the entire organization

    Corporate Strategy –› Enterprise Architecture Strategy

    Info-Tech Insight

    Enterprise architecture needs to have input from the corporate strategy of the organization. Similarly, EA governance needs to be informed by corporate governance. If this is not the case, it is like planning and governing with your eyes closed.

    Existing EA functions vary in the value they achieve due to their level of maturity

    EA Functions
    Operationalized
    • EA function is operationalized and operates as an effective core function.
    • Effectively aligns the business and IT through governance, communication, and engagement.
    –––› Common EA value
    Decreased cost Reduced risk
    Emerging
    • Emerging but limited ad hoc EA function.
    • Limited by lack of alignment to the business and IT.
    –x–› Cut through complexity Increased agility
    (Source: Booz & Co., 2009)

    Benefits of enterprise architecture

    1. Focuses on business outcomes (business centricity)
    2. Provides traceability of architectural decisions to/from business goals
    3. Provides ways to measure results
    4. Provides consistency across different lines of business: establishes a common vocabulary, reducing inconsistencies
    5. Reduces duplications, creating additional efficiencies at the enterprise level
    6. Presents an actionable migration to the strategy/vision, through short-term milestones/steps

    Benefits of enterprise architecture continued

    1. Done right, increases agility
    2. Done right, reduces costs
    3. Done right, mitigates risks
    4. Done right, stimulates innovation
    5. Done right, helps achieve the stated business goals (e.g. customer satisfaction) and improves the enterprise agility.
    6. Done right, enhances competitive advantage of the enterprise

    Qualities of a well-established and practical enterprise architecture

    1. Objective
    2. Impartial
    3. Credible
    4. Practical
    5. Measurable
    6. (Source: University of Toronto, 2021)

    Role of the enterprise architecture

    • Primarily to set up guardrails for the enterprise, so Agile teams work independently in a safe, ready-to-integrate environment
    • Establish strategy
    • Establish priorities
    • Continuously innovate
    • Establish enterprise standards and enterprise guardrails to guide Solution/Domain/Portfolio Architectures
    • Align with and be informed by the organization’s direction

    Members of the Architecture Board:

    • Chief (Business) Strategist
    • Lead Enterprise Architect
    • Business SME from each major domain
    • IT SME from each major domain
    • Operational & Infrastructure SME
    • Security & Risk Officer
    • Process Management
    • Other relevant stakeholders

    For enterprise architecture to contribute, EA must address the organizational vision and goals

    External Factors –› Layers of a Business Model
    (Organization)
    –› Architecture Supported Transformation
    Industry Changes Business Strategy
    Competition Value Streams
    (Business Outcomes)
    Regulatory Impacts Business Capability Maps
    • Security
    Workforce Impacts Execution
    • Policies
    • Processes
    • People
    • Information
    • Applications
    • Technology

    Info-Tech Insight

    External forces can affect the organization as a whole; they need to be included as part of the holistic approach for enterprise architecture.

    How does EA provide value?

    Business and Technology Drivers – A set of statements created from business and technology needs. Gathered from information sources, it communicates improvements needed.

    • Vision, Aspirations, Long-Term Goals – Vision, aspirations, long term goals

      • EA Contributions – EA contributions that will alleviate obstructions. Removing the obstructions will allow EA to help satisfy business and technology needs.

        • Promise of Value – A statement that depicts a concrete benefit that the EA practice can provide for the organization in response to business and technology drivers.

    Info-Tech Insight

    Enterprise architecture needs to create and be part of a culture where decisions are made through collaboration while focusing on enterprise-wide efficiencies (e.g. reduced duplication, reusability, enterprise-wide cost minimization, overall security, comprehensive risk mitigation, and any other cross-cutting concerns) to optimize corporate business goals.

    The EA function scope is influenced by the EA value proposition and previously developed EA fundamentals

    Establish the EA function scope by using the EA value proposition and EA fundamentals that have already been developed. After defining the EA function scope, refer back to these statements to ensure it accurately reflects the EA value proposition and EA fundamentals.

    EA value proposition

    +

    EA vision statement
    EA mission statement
    EA goals and objectives

    —›
    Influences

    Organizational coverage

    Architectural domains

    Depth

    Time horizon

    —›
    Defines
    EA function scope

    EA team characteristics

    Create the optimal EA strategy by including personnel who understand a broad set of topics in the organization

    The team assembled to create the EA strategy will be defined as the “EA strategy creation team” in this blueprint.

    • Someone who has been in the organization for a long time and has built strong relationships with key stakeholders. This individual can exert influence and become the EA strategy sponsor.
    • An individual who understands how the different technology components in the organization support its business operations.
    • Someone in the organization who can communicate IT concepts to business managers in a language the business understands.
    • An individual with a strategy background or perspective on the organization. This individual will understand where the organization is headed.
    • Any individuals who feel an acute pain as a result of poorly made investment decisions. They can be champions of EA strategy in their respective functions.

    EA skills and competencies

    Apart from business know-how, the EA team should have the following skills

    • Architectural thinking
    • Analytical
    • Trusted, credible
    • Can handle complexity
    • Can change perspectives
    • Can learn fast (business and technology)
    • Independent and steadfast
    • Not afraid to go against the stream
    • Able to understand problems of others with empathy
    • Able to estimate scaling on design decisions such as model patterns
    • Intrinsic capability to identify where relevant details are
    • Able to identify root causes quickly
    • Able to communicate complex issues clearly
    • Able to negotiate and come up with acceptable solutions
    • Can model well
    • Able to change perspectives (from business to implementation and operational perspectives).

    Use of enterprise architecture methodologies

    Balance EA methodologies with Agile approaches

    Using an enterprise architecture methodology is a good starting point to achieving a common understanding of what that is. Often, organizations agree to "tailor" methodologies to their needs.

    The use of lean/Agile approaches will increase efficiency beyond traditional methodologies.

    Use of EA methodologies vs. Agile methods

    When to use what?

    • Use an existing methodology to structure your thinking and establish a common vocabulary to communicate basic concepts, processes, and approaches.
    • Customize the methodology to your needs; make it as lean as possible.
    • Execute in an Agile way, but keep in mind the thoughtful checks recommended by your end-to-end methodology.
    • Clarify goals.
    • Have good measures and metrics in place.
    • Continuously monitor progress, fit for purpose, etc.
    • Highlight risks, roadblocks, etc.
    • Get support.
    • Communicate vision, goals, key decisions, etc.
    • Iterate.

    Business strategy first, EA strategy second, and EA operating model third

    Corporate Strategy
    “Why does our enterprise exist in the market?”
    EA Strategy
    “What does EA need to be and do to support the enterprise’s ability to meet its goals? What is EA’s value proposition?”
    Business & IT Operating Culture
    “How does the organization’s culture and structure influence the EA operating model?”
    EA Operating Model
    How does EA need to operate on a daily basis to deliver the value proposition?”

    High-level perspective

    Creating an effective practice involves many moving parts.

    A visual of the many moving parts in an effective practice; there are 6 smaller circles in a large circle, an input arrow labelled 'Environment', an output arrow labelled 'Results', and a thin arrow connecting 'Results' back to 'Environment'. Of the circles, 'Leadership' is in the center, connected to each of the others, while 'Culture', 'Strategy', 'Core Processes', 'Structure', and 'Systems' create a cycle. (Source: The Center for Organizational Design)

    • Environment. Influences that are external to the organization, such as customer perceptions, changing needs, and changes in technology, and the organization’s ability to adjust to them.
    • Strategy. The business strategy defines how the organization adds value and acts as the rudder to direct the organization. Organizational strategy defines the character of the organization, what it wants to be, its values, its vision, its mission, etc.
    • Core Process. The flow of work through the organization.
    • Structure. How people are organized around business processes. Includes reporting structures, boundaries, roles, and responsibilities. The structure should assist the organization with achieving its goals rather than hinder its performance.
    • Systems. Interrelated sets of tasks or activities that help organize and coordinate work.
    • Culture. The personality of the organization: its leadership style, attitudes, habits, and management practices. Culture measures how well philosophy is translated into practice.
    • Results. Measurement of how well the organization achieved its goals.
    • Leadership. Brings the organization together by providing vision and strategy; designing, monitoring, and nurturing the culture; and fostering agility.

    The answer to the strategic planning entity dilemma is enterprise architecture

    Enterprise architecture is a discipline that defines the structure and operation of an organization. The intent of enterprise architecture is to determine how an organization can most effectively achieve its current and future objectives.

    Vision, goals, and aspirations as well internal and external pressures

    Business current state

    • Existing capability
    • Existing capability
    • Existing capability
    • Existing capability
    • Existing capability
    Enterprise Architecture

    IT current state

    • IT asset management
    • Database services
    • Application development

    Business target state

    • Existing capability
    • Existing capability
    • Existing capability
    • Existing capability
    • Existing capability
    • New capability

    IT target state

    • IT asset management
    • Database services
    • Application development
    • Business analytics
    Complex, overlapping, contradictory world of humans vs. logical binary world of IT
    EA is a planning tool to help achieve the corporate business goals

    EA spans across all the domains of architecture

    Business architecture is the cornerstone that sets the foundation for all other architectural domains: security, data, application, and technology.

    A flow-like diagram titled 'Enterprise Architecture' beginning with 'Digital Architecture' and 'Business Architecture', which feeds into 'Security Architecture', which feeds into both 'Data Architecture' and 'Application Architecture', which both feed into 'Technology Architecture: Infrastructure'.

    “An enterprise architecture practice is both difficult and costly to set up. It is normally built around a process of peer review and involves the time and talent of the strategic technical leadership of an enterprise.” (The Open Group Architecture Framework, 2018)

    Enterprise architecture deployment continuum

    A diagram visualizing the Enterprise architecture deployment continuum with two continuums, 'Level of Embedding' and 'EA Value', assigning terms to EA deployments based on where they fall. On the left is an 'Ivory Tower' configuration: EA' is separated from the 'BU's but is still controlling them. Level of Embedding: 'Centralized', EA Value: 'Dictatorship'. In the center is a 'Balanced' configuration: 'EA' is spread across and connected to each 'BU'. Level of Embedding: 'Federated', EA Value: 'Democracy'. On the right is a 'Siloed' configuration: Each 'BU' has its own separate 'EA'. Level of Embedding: 'Decentralized', EA Value: 'Abdication of enterprise role'.

    Info-Tech Insight

    The primary question during the design of the EA operating model is how to integrate the EA function with the rest of the business.

    If the EA practice functions on its own, you end up with ivory tower syndrome and a dictatorship.

    If you totally embed the EA function within business units it will become siloed with no enterprise value.

    Organizations need to balance consistency at the enterprise level with creativity from the grass roots.

    Enterprise vs. Program/Portfolio/Domain

    Enterprise vs. Program/Portfolio/Domain. Image depicts where Enterprise Scope overlaps Program/Portfolio Scope. Enterprise Scope includes Business Architecture. Program/Portfolio Scope includes Business Requirements, Business Process, and Solutions Architecture. Overlap between scope includes Technology Architecture, Data Architecture, and Applications Architecture.

    Info-Tech Insight

    Decisions at the enterprise level apply across multiple programs/portfolios/solutions and represent the guardrails set for all to play within.

    Decide on the degree of centralization

    Larger organizations with multiple domains/divisions or business units will need to decide which architecture functions will be centralized and which, if any, will be decentralized as they plan to scope their EA program. What are the core functions to be centralized for the EA to deliver the greatest benefits?

    Typically, we see a need to have a centralized repository of reusable assets and standards across the organization, while other approaches/standards can operate locally.

    Centralization

    • Allows for more strategic planning
    • Visibility into standards and assets across the organization promotes rationalization and cost savings
    • Ensures enterprise-wide assets are used
    • More strategic sourcing of vendors and resellers
    • Can centrally negotiate pricing for better deals
    • Easier to manage risk and prepare for audits
    • Greater coordination of resources
    • Derives benefits from enterprise decisions, e.g. integration…

    Decentralization

    • May allow for more innovation
    • May be easier to demonstrate local compliance if the organization is geographically decentralized
    • May be easier to procure software if offices are in different countries
    • Deployment and installation of software on user devices may be easier

    EA strategy

    What is the role of enterprise architecture vis-à-vis business goals?

    • What needs to be done?
    • Who needs to be involved?
    • When?
    • Where?
    • Why?
    • How?

    Top-down approach starting from the goals of the organization

      What the Business Sees...
    • Business Goals
      • Value Streams
          What the CxO Sees...
        • Capabilities
            What the App Managers See...
          • Processes
            • Applications
                What the Program Managers See...
              • Programs/Projects

    Info-Tech Insight

    Being able to answer the deceptively simple question “How am I doing?” requires traceability to and from the business goals to be achieved all the way to applications, to infrastructure, and ultimately, to the funded initiatives (portfolios, programs, projects, etc.).

    Measure EA strategy effectiveness by tracking the benefits it provides to the corporate business goals

    The success of the EA function spans across three main dimensions:

    1. The delivery of EA-enabled business outcomes that are most important to the enterprise.
    2. The alignment between the business and the technology from a planning perspective.
    3. Improvements in the corporate business goals due to EA contributions (standardization, rationalization, reuse, etc.).

    Corporate Business Goals

    • Reduction in operating costs
    • Decreased regulatory compliance infractions
    • Increased revenue from existing channels
    • Increased revenue from new channels
    • Faster time to business value
    • Improved business agility
    • Reduction in enterprise risk exposure

    EA Contributions

    • Alignment of IT investments to business strategy
    • Achievement of business results directly linked to IT involvement
    • Application and platform rationalization
    • Standards in place
    • Flexible architecture
    • Better integration
    • Higher organizational satisfaction with technology-enabled services and solutions

    Measurements

    • Cost reductions based on application and platform rationalization
    • Time and cost reductions due to standardization
    • Time reduction for integration
    • Service reused
    • Stakeholder satisfaction with EA services
    • Increase in customer satisfaction
    • Rework minimized
    • Lower cost of integration
    • Risk reduction
    • Faster time to market
    • Better scalability, etc.

    Info-Tech Insight

    Organizations must create clear and smart KPIs (key performance indicators) across the board.

    From corporate strategy to enterprise architecture

    A model connecting 'Enterprise Architecture' with 'Corporate Strategy' through 'EA Services' and 'EA Strategy'.

    Info-Tech Insight

    In the absence of a corporate strategy, enterprise architecture is missing its North Star.

    However, enterprise architects can partner with the business strategists to build the needed vision.

    Traceability to and from business corporate business goals to EA contributions (sample)

    A model connecting 'Enterprise Architecture' with 'Corporate Goals' through 'EA Contributions'.

    Enterprise architecture journey

    The enterprise architecture journey, from left to right: 'Business Goals' and 'EA Maturity Assessment', 'EA Strategy', 'Industry-Specific Capability Model' and 'Customized to the Organization's Needs', 'EA Operating Model' and 'EA Governance', 'Business Architecture' and 'EA Tooling', 'Data Architecture' and 'Application Architecture', 'Infrastructure Architecture'.

    Agile architecture principles

    Agile architecture principles:
    • Fast learning cycle
    • Explore alternatives
    • Create environment for decentralized ideation and innovation

    According to the Scaled Agile Framework, three of the most applicable principles for the architectural professions refer to the following:

    1. "Fast learning cycle" refers to learning cycles that allow for quick reiterations as well as the opportunity to fail fast to learn fast.
    2. "Explore alternatives" refers to the exploration phase and also to the need to make tough decisions and balance competing demands.
    3. "Create environment for decentralized ideation and innovation" ensures that no one has a monopoly on innovation. Moreover, EA needs to invite ideas from various stakeholders (from the business to operations as well as implementers, etc.).

    Architecture roles in lean enterprises

    Typical architecture roles in modern/Agile lean enterprises

    • System Architect
    • Solution Architect
    • Enterprise Architect

    Depth vs. strategy focus

    Typical architect roles

    A graph with different architect roles mapped onto it. Axes are 'Low Strategic Impact' to 'High Strategic Impact' and 'Breadth' to 'Depth'. 'Enterprise Architect' has the highest strategic impact and most breadth. 'Technical/System Architect' has the lowest strategic impact and most depth. 'Solution Architect' sits in the middle of both axes.

    Architecture roles continued

    The three architect roles from above and their impacts on the list of 'Common Domains' to the right. 'Enterprise Architect's impact is 'Across Value Streams', 'Solution Architect's impact is 'Across Systems', 'Technical/System Architect's impact is 'Single System'. Adapted from Scaled Agile.

    Common Domains

    Business Architecture

    Information Architecture

    Application Architecture

    Technical Architecture

    Integration Architecture

    Security Architecture

    Others

    Info-Tech Insight

    All architects are boots on the ground and play in the solutioning space. What differs is their decisions’ impact (the enterprise architect’s decisions affects all domains and solutions).

    SAFe definitions of the Enterprise/Solution and System Architect roles can be found here.

    The role of the Enterprise Architect is detailed here.

    Collaboration models across the enterprise

    A collaboration model with 'Enterprise Architecture' at the top consisting of a 'Chief Enterprise Architect', 'Enterprise Architects', and 'EA Concerns across solutions': 'Architect A', 'Architect B', and 'Architect C'. Each lettered Architect is connected to their respective 'Solution Architect (A-C)' which runs their respective 'Delivery Team (A-C)' with 'Other Team Members'.(Adapted from Disciplined Agile)

    There are both formal and informal collaborations between enterprise architects and solution architects across the enterprise.

    Info-Tech Insight

    Enterprise architects should collaborate with solutions architects to create the best solutions at the enterprise level and to provide guidance across the board.

    Architect roles in SAFe

    According to Scale Agile Framework 5 for Lean Enterprises:

    • The system architect participates in the Essential SAFe
    • Solution architects and system architects participate in Large Solution
    • The enterprise architect participates in the Portfolio SAFe
    • Enterprise, solution, and system architects are all involved in Full SAFe

    Please check the SAFe Scaled Agile site for detailed information on the approach.

    Architect roles and their participation in Agile events (see likely events and a typical calendar)

    Info-Tech Insight

    A clear commitment for architects to achieve and support agility is needed. Architects should not be in an ivory tower; they should be hands on and engaged in all relevant Agile ceremonies, like the pre- and post-program increment (PI) planning, etc.

    Architect syncs are also required to ensure the needed collaboration.

    Architect participation in Agile ceremonies, according to SAFe:

    Architecture runway (at scale)

    Info-Tech Insight

    Architecting for scale, modularity, and extensibility is key for the architecture to adapt to changing conditions and evolve.

    Proactively address NFRs; architect for performance and security.

    Continuously refine the solution intent.

    For large solutions, longer foundational architectural runways are needed.

    Having an intentional continuous improvement/continuous development (CI/CD) pipeline to continuously release, test, and monitor is key to evolving large and complex systems.

    Parallel continuous exploration/integration/deployment

    A cycle titled DevOps containing three smaller cycles labelled 'Continuous Explorations', 'Continuous Integration', and 'Continuous Deployment'.

    Info-Tech Insight

    Architects need to help make some fundamental decisions, e.g. help define the environment that best supports continuous innovation or exploration and continuous integration, deployment, and delivery.

    Typical strategic enterprise architecture involvement

    Enterprise Architect —DRIVES–› Enterprise Architecture Strategy

    Enterprise Architecture Strategy
    • Application Strategy
    • Business Strategy
    • Data Strategy
    • Implementation Strategy
    • Infrastructure Strategy
    • Inter-domain Collaboration
    • Integration Strategy
    • Operations Strategy
    • Security Strategy
    • (Adapted from Scaled Agile)

    The EA statement relative to agility

    The enterprise architecture statement relative to agility specifies the architects’ responsibilities as well as the Agile protocols they will participate in. This statement will guide every architect’s participation in planning meetings, pre- and post-PI, various syncs, etc. Use simple and concise terminology; speak loudly and clearly.

    Strong EA statement relative to agility has the following characteristics:

    • Describes what different architect roles do to achieve the vision of the organization
    • In an agile way
    • Compelling
    • Easy to grasp
    • Sharply focused
    • Specific
    • Concise

    Sample EA statement relative to agility

    • Create strategies that provide guardrails for the organization, provide standards, reusable assets, accelerators, and other decisions at the enterprise level that support agility.
    • Participate in pre-PI and post-PI planning activities, architect syncs, etc.

    A clear statement can include additional details surrounding the enterprise architect’s role relative to agility

    Below is a sample of connecting keywords to form an enterprise architect role statement, relative to agility.

    Optimize, transform, and innovate by defining and implementing the [Company]’s target enterprise architecture in an agile way.

    Optimize – We collaborate with the business to analyze and optimize business capabilities and business processes to enable the agile and efficient attainment of [Company name] business objectives.

    Transform – We support IT-enabled business transformation programs by building and maintaining a shared vision of the future-state enterprise and consistently communicating it to stakeholders.

    Innovate – We identify and develop new and creative opportunities for IT to enable the business. We communicate the art of the possible to the business.

    Defining and implementing – We engage with project teams early and guide solution design and selection to ensure alignment to the target-state enterprise architecture and provide guidance and accelerators.

    Target enterprise structure in an agile way – We analyze business needs and priorities and assess the current state of the enterprise. We build and maintain the target enterprise architecture blueprints that define:

    • Business capabilities and processes (business architecture)
    • Data, application, and technology assets that enable business capabilities and processes (technology architecture)
    • Architecture principles
    • Standards and reusable assets
    • Continuous exploration, integration, and deployment

    Traditional vs. Agile approaches

    Traditional Enterprise Architecture Next-Generation Enterprise Architecture
    Scope: Technology focused Business transformation (scope includes both business and technology)
    Bottom up Top down
    Inside out Outside In
    Point to point; difficult to change Expandable, extensible, evolvable
    Control-based: Governance intensive; often over-centralized Guidance-based: Collaboration and partnership-driven based on accepted guardrails
    Big up-front planning Incremental/dynamic planning; frequent changes
    Functional siloes and isolated projects, programs, and portfolios Enterprise-driven outcome optimization (across value streams)

    Info-Tech Insight

    The role of the architecture in Lean (Agile) approaches is to set up the needed guardrails and ensure a safe environment where everyone can be effective and creative.

    Design an Enterprise Architecture Strategy

    Phase 2

    Create the EA Value Proposition

    Phase 1

    • 1.1 Explore a general EA strategy approach
    • 1.2 Introduce Agile EA architecture

    Phase 2

    • 2.1 Define the business and technology drivers
    • 2.2 Define your value proposition

    Phase 3

    • 3.1 Realize the importance of EA fundamentals
    • 3.2 Finalize the EA fundamentals

    Phase 4

    • 4.1 Select relevant EA services
    • 4.2 Finalize the set of services and secure approval

    This phase will walk you through the following activities:

    • Identify and prioritize EA stakeholders.
    • Create business and technology drivers from stakeholder information.
    • Identify business pains and technology drivers.
    • Define EA contributions to alleviate the pains.
    • Create promises of value to fully articulate the value proposition.

    This phase involves the following participants:

    • CIO
    • IT Leaders
    • Business Leaders

    Step 2.1

    Define the Business and Technology Drivers

    Activities
    • 2.1.1 Use a stakeholder power map to identify and prioritize EA stakeholders
    • 2.1.2 Conduct a PESTLE analysis
    • 2.1.3 Review strategic planning documents
    • 2.1.4 Conduct EA stakeholder interviews

    This step will walk you through the following activities:

    • Learn the five-step process to create an EA value proposition.
    • Uncover business and technology needs from stakeholders.

    This step involves the following participants:

    • CIO
    • IT Leaders
    • Business Leaders

    Outcomes of this step

    An understanding of your organization’s EA needs.

    Create the Value Proposition

    Step 2.1 Step 2.2

    Value proposition is an important step in the creation of the EA strategy

    Creating an EA value proposition should be the first step to realizing a healthy EA function. The EA value proposition demonstrates to organizational stakeholders the importance of EA in helping to realize their needs.

    Five steps towards the successful articulation of EA value proposition:

    1. Identify and prioritize stakeholders. The EA function must know to whom to communicate the value proposition.
    2. Construct business and technology drivers. Drivers are derived from the needs of the business and IT. Needs come from the analysis of external factors, strategic documents, and interviewing stakeholders. Helping stakeholders and the organization realize their needs demonstrates the value of EA.
    3. Discover pains that prevent driver realization. There are always challenges that obstruct drivers of the organization. Find out what they are to get closer to showing the value of EA.
    4. Brainstorm EA contributions. Pains that obstruct drivers have now been identified. To demonstrate EA’s value, think about how EA can help to alleviate those pains. Create statements that show how EA’s contribution will be able to overcome the pain to show the value of EA.
    5. Derive promises of value. Complete the articulation of value for the EA value proposition by stating how realizing the business or technology will provide in terms of value for the organization. Speak with the stakeholders to discover the value that can be achieved.

    Info-Tech Insight

    EA can deliver many benefits to an organization. To increase the likelihood of success, each EA group needs to commit to delivering value to their organization based on the current operating environment and the desired direction of the enterprise. An EA value proposition will articulate the group’s promises of value to the enterprise.

    The foundation of an optimal EA value proposition is laid by defining the right stakeholders

    All stakeholders need to know how the EA function can help them. Provide the stakeholders with an understanding of the EA strategy’s impact on the business by involving them.

    A stakeholder map can be a powerful tool to help identify and prioritize stakeholders. A stakeholder map is a visual sketch of how various stakeholders interact with your organization, with each other, and with external audience segments.

    An example stakeholder map with the 'Key players' quadrant highlighted, it includes 'CEO', 'CIO', and the modified position of 'CFO' after being engaged.

    “Stakeholder management is critical to the success of every project in every organization I have ever worked with. By engaging the right people in the right way in your project, you can make a big difference to its success…and to your career.” (Rachel Thompson, MindTools)

    2.1.1 Use a stakeholder power map to identify and prioritize EA stakeholders

    2 hours

    Input: Expertise from the EA strategy creation team

    Output: An identified and prioritized set of stakeholders for the EA function to target

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    1. A stakeholder power map helps to visualize the importance of various stakeholders and their concerns so you can prioritize your time according to the most powerful and most impacted stakeholders.
    2. Evaluate each stakeholder in terms of power, Involvement, impact, and support.
      • Power: How much influence does the stakeholder have? Enough to drive the project forward or into the ground?
      • Involvement: How interested is the stakeholder? How involved is the stakeholder in the project already?
      • Impact: To what degree will the stakeholder be impacted? Will this significantly change how they do their job?
      • Support: Is the stakeholder a supporter of the project? Neutral? A resistor?
    3. Map each stakeholder to an area on the Power Map Template.
    4. Ask yourself if the power map looks accurate. Is there someone who has no involvement in EA strategy development but should?
    5. Some stakeholders may have influence over others. For example, a COO who highly values the opinion of the Director of Operations would be influenced by that director. Draw an arrow from one stakeholder to another to signify this relationship.

    Download the Stakeholder Power Map Template for more detailed instructions on completing this activity.

    Each stakeholder will have a set of needs that will influence the final EA value proposition

    All stakeholders will have a set of needs they would like to address. Take those needs and translate them into business and technology drivers. Drivers help clearly articulate to stakeholders, and the EA function, the stakeholder needs to be addressed.

    Business Driver

    Business drivers are internal or external business conditions, changing business capabilities, and changing market trends that impact the way EA operates and provides value to the enterprise.

    Examples:

    Ensure corporate compliance with legislation pertaining to data and security (e.g. regulated oil fields).

    Enable the automation and digitization of internal processes and services to business stakeholders.

    Technology Driver

    Technology drivers are internal or external technology conditions or factors that are not within the control of the EA group that impact the way that the EA group operates and provides value to the enterprise.

    Examples:

    Establish standards and policies for enabling the organization to take advantage of cloud and mobile technologies.

    Reduce the frequency of shadow IT by lowering the propensity to make business–technology decisions in isolation.

    (Source: The Strategic CFO, 2013)

    Gather information from stakeholders to begin the process of distilling business and technology drivers

    Review information sources, then analyze them to derive business and technology drivers. Information sources are not targeted towards EA stakeholders. Analyze the information sources to create drivers that are relevant to EA stakeholders.

    Information Sources Drivers (Examples)

    PESTLE Analysis

    Strategy Documents

    Stakeholder Interviews

    SWOT Analysis

    —›

    Analysis

    —›

    Help the organization align technology investments with corporate strategy

    Ensure corporate compliance with legislation.

    Increase the organization’s speed to market.

    Business and Technology Needs

    By examining information sources, the EA team will come across a set of business and technology needs. Through analysis, these needs can be synthesized into drivers.

    The PESTLE analysis will help you uncover external factors impacting the organization

    PESTLE examines six perspectives for external factors that may impact business and technology needs. Below are prompting questions to facilitate a PESTLE analysis working session.

    Political
    • Will a change in government (at any level) affect your organization?
    • Do inter-government or trade relations affect you?
    • Are there shareholder needs or demands that must be considered?
    • How are your costs changing (moving off-shore, fluctuations in markets, etc.)?
    • Do currency fluctuations have an effect on your business?
    • Can you attract and pay for top-quality talent (e.g. desirable location, reasonable cost of living, changes to insurance requirements)?
    Economic
    Social
    • What are the demographics of your customers and/or employees?
    • What are the attitudes of your customers and/or staff (e.g. do they require social media, collaboration, transparency of costs)?
    • What is the general lifecycle of an employee (i.e. is there high turnover)?
    • Is there a market of qualified staff?
    • Is your business seasonal?
    • Do you require constant technology upgrades (e.g. faster network, new hardware)?
    • What is the appetite for innovation within your industry/business?
    • Are there demands for increasing data storage, quality, BI, etc.?
    • Are you looking to cloud technologies?
    • What is the stance on bring your own device?
    • Are you required to do a significant amount of development work in-house?
    Technological
    Legal
    • Are there changes to trade laws?
    • Are there changes to regulatory requirements (i.e. data storage policies, privacy policies)?
    • Are there union factors that must be considered?
    • Is there a push towards being environmentally friendly?
    • Does the weather have any effect on your business (hurricanes, flooding, etc.)?
    Environmental

    2.1.2 Conduct a PESTLE analysis

    2 hours

    Input: Expertise from EA strategy creation team

    Output: Identified set of business and technology needs from PESTLE

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    1. Begin conducting the PESTLE analysis by breaking the participants into groups. Divide the six different perspectives amongst the groups.
    2. Ask each group to begin to derive business and technology needs from their assigned perspectives. Use some of the areas noted below along with the questions on the previous slide to derive business and technology needs.
      • Political: Examine taxes, environmental regulations, and zoning restrictions.
      • Economic: Examine interest rates, inflation rate, exchange rates, the financial and stock markets, and the job market.
      • Social: Examine gender, race, age, income, disabilities, educational attainment, employment status, and religion.
      • Technological: Examine servers, computers, networks, software, database technologies, wireless capabilities, and availability of Software as a Service.
      • Legal: Examine trade laws, labor laws, environmental laws, and privacy laws.
      • Environmental: Examine green initiatives, ethical issues, weather patterns, and pollution.
    3. Ask each group to take into account the following questions when deriving business and technology needs:
      • Will business components require any changes to address the factor?
      • Will information technology components changes be needed to address any factor?
    4. Have each team record its findings. Have each team present its list and have remaining teams give feedback and additional suggestions. Record any changes in this step.

    Download the PESTLE Analysis Template to assist with completing this activity.

    Strategic planning documents can provide information regarding the direction of the organization

    Some organizations (and business units) create an authoritative strategy document. These documents contain corporate aspirations and outline initiatives, reorganizations, and shifts in strategy. From these documents, a set of business and technology needs can be generated.

    Overt Statements

    • Corporate objectives and initiatives are often explicitly stated in these documents. Look for statements that begin with phrases such as “Our corporate objectives are…”
    • Remember that different organizations use different terminology; if you cannot find the word goal or objective then look for “pillar,” “imperative,” “theme,” etc.

    Turn these statements to business and technology needs by:

    Asking the following:
    • Is there a need from a business perspective to address these objectives, initiatives, and shifts in strategy?
    • Is there a need from a technology perspective to address these objectives, initiatives, and shifts in strategy?

    Covert Statements

    • Some corporate objectives and initiatives will be mentioned in passing and will require clarification. For example: “As we continue to penetrate new markets, we will be diversifying our manufacturing geography to simplify distribution.”

    2.1.3 Review strategic planning documents

    2 hours

    Input: Strategic documents in the organization

    Output: Identified set of business and technology needs from documents

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Begin the identification process of business and technology needs from strategic documents with the following steps:

    1. Work with the EA strategy creation team to identify the strategic documents within the organization. Look for documents with any of the following content:
      • Corporate strategy document
      • Business unit strategy documents
      • Annual general reports
    2. Gather the strategic documents into one place and call a meeting with the EA strategy creation team to identify the business and technology needs in those documents.
    3. Pick one document and look through its contents. Look for future-looking words such as:
      • We will be…
      • We are planning to…
      • We will need…
    4. Consider those portions of the document with future-looking words and ask the following:
      • Will business components require any changes to address these objectives?
      • Will information technology components changes be needed to address these objectives?
    5. Record the business and technology needs identified in step 4. As well, record any questions you may have regarding the document contents for stakeholders to validate later.
    6. Move to the next document once complete. Complete steps 3-5 for the remaining strategy documents.

    Stakeholder interviews will help you collect primary data and will shed light on stakeholder priorities and challenges

    In this interview process, you will be asking EA stakeholders questions that uncover their business and technology needs. You will also be able to ask follow-up questions to get a better understanding of abstract or complex concepts from the strategy document review and PESTLE analysis.

    EA Stakeholders:

    • Stakeholders may not think of their business and technology needs. But stakeholders will often explicitly state their objectives and initiatives.
    • Objectives often result in risks, opportunities, and annoyances:
      • Risks: Potential damage associated with pursuing an objective or initiative.
      • Opportunities: Potential gains that could be leveraged when capturing objectives and initiatives.
      • Annoyances: Roadblocks that could hinder the pursuit of objectives and initiatives.
    • Ask stakeholders questions on these areas to discern their business and technology needs.

    Risks + Opportunities + Annoyances –› Business and Technology Needs

    2.1.4 Conduct EA stakeholder interviews

    4-8 hours

    Input: Expertise from the EA stakeholders

    Output: Business and technology needs for EA stakeholders

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team, Identified EA stakeholders

    1. Schedule an interview with each of the stakeholders that were identified as key stakeholders in the Stakeholder Power Map.
    2. Meet with the key EA stakeholders and start business and technology needs gathering. Schedule each identified key stakeholder for an interview.
    3. When a stakeholder arrives for their interview, ask the following questions and record the answers to help uncover needs. Be sure to record which stakeholder answered the question. Further, record any future stakeholders that agree.
      • What are the current strengths of your organization?
      • What are the current weaknesses of your organization?
      • What is the number 1 risk you need to prevent?
      • What is the number 1 opportunity you want to capitalize on?
      • What is the number 1 annoying pet peeve you want to remove?
      • How would you prioritize these risks, opportunities, and annoyances?
    4. Recorded answer example: “We can’t see what the other departments are doing; when we spend a lot of money to invest in something, we later find out the capability is already within the company.”
    5. After completing each interview, verify with each stakeholder that you have captured their business and technology needs. Continue the interview process until all identified key stakeholders have been interviewed.
    6. Capture all inputs into a SWOT (strengths, weaknesses, opportunities, and threats) format.

    Step 2.2

    Define Your Value Proposition

    Activities
    • 2.2.1 Create a set of business and technology drivers from business and technology needs
    • 2.2.2 Identify the pains associated with the business and technology drivers
    • 2.2.3 Identify the EA contributions that can address the pains
    • 2.2.4 Create promises of value to shape the EA value proposition

    This step will walk you through the following activities:

    • Use business and technology drivers to determine EA’s role in your organization.

    This step involves the following participants:

    • CIO
    • IT Leaders
    • Business Leaders

    Outcomes of this step

    A value proposition document that ties the value of the EA function to stakeholder needs.

    Create the EA Value Proposition

    Step 2.1 Step 2.2

    Synthesize the collected data into business and technology drivers

    Two triangles labelled 'Business needs' and 'Technology needs' point to a cloud labelled 'Analysis', which connects to the driver attributes on the right via a dotted line.

    There are several key attributes that a driver should have.

    Driver Key Attributes
    • A succinct statement.
    • Begins with “action words” to communicate a call to action (e.g. Support, Help, Enable).
    • Written in a language understood by all parties involved.
    • Communicates a need for improvement or prevention.

    “The greatest impact of enterprise architecture is the strategic impact. Put the mission and the needs of the organization first.” (Matthew Kern, Clear Government Solutions)

    2.2.1 Create a set of business and technology drivers from business and technology needs

    3 hours

    Input: Expertise from EA strategy creation team

    Output: A set of business and technology drivers

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team, EA stakeholders

    Meet with the EA strategy creation team and follow the steps below to begin the process of synthesizing the business and technology needs into drivers.

    1. Lay out the documented business and technology needs your team gathered from PESTLE analysis, strategy document reviews, and stakeholder interviews.
    2. Assess the documented business and technology needs to see if there are common themes. Consolidate those similar business and technology needs by crafting one driver for them. For example:
      • PESTLE: Influx of competitors in the marketplace causing tighter margins.
      • Document review: Improve investment quality and their value to the organization.
      • Stakeholder interview: “We can’t see what the other departments are doing; when we spend a lot of money to invest in something, we later find out the capability is already within the company.”
      • Consolidated business driver example: Help the organization align investments with the corporate strategy and departmental priorities.
    3. As well, synthesize the business and technology needs that cannot be consolidated.
    4. Verify the completed list of drivers with stakeholders. This is to ensure you have fully captured their needs.

    Download the EA Value Proposition Template to record your findings in this activity.

    When addressing business and technology drivers, an organization can expect obstacles

    A pain is an obstacle that business stakeholders will face when attempting to address business and technology drivers. Identify the pains associated with each driver so that EA’s contributions can be linked to resolving obstacles to address business needs.

    Business and Technology Drivers

    Pains

    Created by assessing information sources. A sentence that states the nature of the pain and how the pain stops the organization from addressing the drivers.
    Examples:
    • Business driver: Help the organization align investments with the corporate strategy and departmental priorities.
    • Technology driver: Improve the organization’s technology responsiveness and increase speed to market.
    Examples:
    • Business driver pains: Lack of holistic view of business capabilities obstructs the organization from aligning investments with corporate strategy and departmental priorities.
    • Technology driver pains: Ineffective application development requiring delays decreases the speed to market.

    2.2.2 Identify the pains associated with the business and technology drivers

    2 hours

    Input: Expertise from EA strategy creation team and EA stakeholders

    Output: An associated pain that obstructs each identified driver

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team, EA stakeholders

    Call a meeting with the EA strategy creation team and any available stakeholders to identify the pains that obstruct addressing the business and technology drivers.

    Take each driver and ask the questions below to the EA strategy creation team and to any EA stakeholders who are available. Record the answers to identify the pains when realizing the drivers.

    1. What are your challenges in performing the activity or process today?
    2. What other business activities/processes will be impacted/improved if we solve this?
    3. What compliance/regulatory/policy concerns do we need to consider in any solution?
    4. What are the steps in the process/activity?

    Take the recorded answers and follow the steps below to create the pain statements:

    1. Answers to the questions above can be long, unfocused, or spoken in a casual manner. To turn the answer into pains, refine the recorded answers into a succinct sentence that captures its meaning.
      • Recorded answer example: “I feel like there needs to be a holistic view of the organization. If we had a tool to see all the capabilities across the business, then we can figure out what investments should be prioritized.”
      • Example of pain statement: Lack of holistic view of business capabilities obstructs the organization from aligning investments with corporate strategy and departmental priorities.
    2. When the list of pains has been written out, verify with the stakeholders that you have fully captured their pains.

    Download the EA Value Proposition Template to record your findings in this activity.

    The identified pains can be alleviated by a set of EA contributions

    Set the foundations for the value proposition by brainstorming the EA contributions that can alleviate the pains.

    Business and technology drivers produce:

    Pains

    —›
    EA contributions produce:

    Value by alleviating pains

    Pains

    Obstructions to addressing business and technology drivers. Stakeholders will face these pains.

    Examples
    • Business driver pains: Lack of holistic view of business capabilities obstructs the organization from aligning investments with corporate strategy and departmental priorities.
    EA contributions

    Activities the EA function can perform to help alleviate the pains. Demonstrates the contributions the EA function can make to business value.

    Examples:
    • Business driver EA contributions: Business capability mapping shows the business capabilities of the organization and the technology that supports those capabilities in the current and target state. This provides a view for the set of investments that are needed by the organization, which can then be prioritized.

    Enterprise architecture functions can provide a diverse set of contributions to any organization – Sample

    EA contribution category EA contribution details
    Define business capabilities and processes As-is and target business capabilities and processes are documented and understood by both IT and the business.
    Design information flows and services Information flows and services effectively support business capabilities and processes.
    Analyze gaps and identify project opportunities Create informed project identification, scope definition, and project portfolio management.
    Optimize technology assets Greater homogeneity and interoperability between tangible and intangible technology assets.
    Create and maintain technology standards Decrease development, integration, and support efforts. Reduce complexity and improve interoperability.
    Rationalize technology assets Tangible and intangible technology assets are rationalized to adequately and efficiently support information flows and services.

    2.2.3 Identify the EA contributions that can address the pains

    2 hours

    Input: Expertise from EA strategy creation team

    Output: EA contributions that addresses the pains that were identified

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Gather with the EA strategy creation team, take each pain, then ask and record the answers to the questions below to identify the EA contributions that would solve the pains:

    1. What activities can the EA practice conduct to overcome the pain?
    2. What are the core EA models that can help accurately define the problem and assist in finding appropriate resolutions?
    3. What are the general EA benefits that can be associated with solving this pain?

    Answers to the questions above will generate a list of activities EA can do to help alleviate the pains. Use the following steps to complete this activity:

    1. Create a stronger tie between the EA contributions and pains by linking the EA contribution statement to the pain.
      • Example of pain statement: Lack of holistic view of business capabilities obstructs the organization from aligning investments with corporate strategy and departmental priorities.
      • Example of EA contributions statement: Business capability mapping shows the business capabilities of the organization and the technology that supports those capabilities in the current and target state. This provides a view for the set of investments that are needed by the organization, which can then be prioritized.
    2. Verify with the stakeholders that they understand the EA contributions have been written out and how those contributions address the pains.

    Download the EA Value Proposition Template to record your findings in this activity.

    EA promises of value articulate EA’s commitment to the organization

    • Business Goals and Technology Drivers
      A set of statements created from business and technology needs. Gathered from information sources, it communicates improvements needed.

      • Value Streams, Aspirations, Long-Term Goals
        Value streams, aspirations, long-term goals

        • EA Contributions
          EA contributions that will alleviate the obstructions. Removing the obstructions will allow EA to help satisfy business and technology needs.

          • Promise of Value
            A statement that depicts a concrete benefit the EA practice can provide for the organization in response to business and technology drivers.
            Communicate the statements in a language that stakeholders understand to complete the articulation of EA’s value proposition.

    2.2.4 Create promises of value to shape the EA value proposition

    2 hours

    Input: Expertise from EA strategy creation team and EA stakeholders

    Output: Promises of value for each business and technology driver

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team, EA stakeholders

    Now that the EA contributions have been identified, identify the promises of value to articulate the value proposition.

    Take each driver, then ask and record the answers to the questions below to identify the promises of value when realizing the drivers:

    1. What does amazing look like if we solve this perfectly?
    2. What other business activities/processes will be impacted/improved if we solve this?
    3. What measures of success/change should we use to prove value of the effort (KPIs/ROI)?

    Take the recorded answers and follow the steps below to create the promises of value.

    1. Answers to the questions above can be long, unfocused, or spoken in a casual manner. To turn the answer into a promise of value, refine the recorded answer into a succinct sentence that captures its meaning.
      • Business driver example: Help the organization align investments with the corporate strategy and departmental priorities.
      • Recorded answer example: “If this would be solved perfectly, we would have a very easy time planning investments and investment planning hours can be spent doing other activities.”
      • Promises of value example: Increase the number of investments that have a direct tie to corporate strategy.
    2. When the promises of value have been written out, verify with the stakeholders that you have fully captured their ideas.

    Download the EA Value Proposition Template to record your findings in this activity.

    Design an Enterprise Architecture Strategy

    Phase 3

    Build the EA Fundamentals

    Phase 1

    • 1.1 Explore a general EA strategy approach
    • 1.2 Introduce Agile EA architecture

    Phase 2

    • 2.1 Define the business and technology drivers
    • 2.2 Define your value proposition

    Phase 3

    • 3.1 Realize the importance of EA fundamentals
    • 3.2 Finalize the EA fundamentals

    Phase 4

    • 4.1 Select relevant EA services
    • 4.2 Finalize the set of services and secure approval

    This phase will walk you through the following activities:

    • Create an EA vision statement and an EA mission statement.
    • Create EA goals, define EA objectives, and link them to EA goals.
    • Define the EA function scope dimensions.
    • Create a set of EA principles for your organization.
    • Discuss current methodology.

    This phase involves the following participants:

    • CIO
    • EA Team
    • IT Leaders
    • Business Leaders

    Step 3.1

    Realize the Importance of EA Fundamentals

    Activities
    • 3.1.1 Create the EA vision statement
    • 3.1.2 Create the EA mission statement
    • 3.1.3 Create EA goals
    • 3.1.4 Define EA objectives and link them to EA goals
    • 3.1.5 Record the details of each EA objective

    This step will walk you through the following activities:

    • Define and document the fundamentals that guide the EA function.

    This step involves the following participants:

    • CIO
    • EA Team
    • IT Leaders
    • Business Leaders

    Outcomes of this step

    • Vision and mission statements for the EA function.
    • A set of EA goals and a set of objectives to track progression toward those goals.
    Build the EA Fundamentals
    Step 3.1 Step 3.2

    EA fundamentals guide the EA function

    EA fundamentals include a vision statement, a mission statement, goals and objectives, and principles. They are a set of documented statements that guide the EA function. The fundamentals guide the EA function in terms of its strategy and decision making.

    EA vision statement EA mission statement

    EA fundamentals

    EA goals and objectives EA principles

    Info-Tech Insight

    Treat the critical elements of the EA group the same way as you would a business. Create a directional foundation for EA and define the vision, mission, goals, principles, and scope necessary to deliver on the established value proposition.

    The EA vision statement articulates the aspirations of the EA function

    The enterprise architecture vision statement communicates a desired future state of the EA function. The statement is expressed in the present tense. It seeks to articulate the desired role of the EA function and how the EA function will be perceived.

    Strong EA vision statements have the following characteristics:

    • Describe a desired future
    • Focus on ends, not means
    • Communicate promise
    • Concise, no unnecessary words
    • Compelling
    • Achievable
    • Inspirational
    • Memorable

    Sample EA vision statements:

    • To be a trusted partner for both the business and IT, driving enterprise effectiveness, efficiency, and agility at [Company Name].
    • To be a trusted partner and advisor to both the business and IT, contributing to business-IT alignment and cost reduction at [Company Name].
    • To create distinctive value and accelerate [Company Name]’s transformation.

    The EA mission statement articulates the purpose of the EA function

    The enterprise architecture mission statement specifies the team’s purpose or “reason of being.” The mission should guide each day’s activities and decisions. The mission statements use simple and concise terminology, speak loudly and clearly, and generate enthusiasm for the organization.

    Strong EA mission statements have the following characteristics:

    • Articulates EA function purpose and reason for existence
    • Describes what the EA function does to achieve its vision
    • Defines who the customers of the EA function are
    • Compelling
    • Easy to grasp
    • Sharply focused
    • Inspirational
    • Memorable
    • Concise

    Sample EA mission statements:

    • Define target enterprise architecture for [Company Name], identify solution opportunities, inform IT investment management, and direct solution development, acquisition, and operation compliance.
    • Synergize with both the business and IT to define and help realize [Company Name]’s target enterprise architecture that enables the business strategy and optimizes IT assets, resources, and capabilities.

    The EA vision and mission statements become relevant to EA stakeholders when linked to the promises of value

    The process for constructing the enterprise architecture vision statement and enterprise architecture mission statement is articulated below.

    Promises of value Derive keywords Construct draft statements Reference test criteria Finalize statements
    Derive the a set of keywords from the promises of value to accurately capture their essence. Create the initial statement using the keywords. Check the initial statement against a set of test criteria to ensure their quality. Finalize the statement after referencing the initial statement against the test criteria.

    Derive keywords from promises of value to begin the vision and mission statement creation process

    Develop keywords by summarizing the promises of value that were derived from drivers into one word that will take on the essence of the promise. See examples below:

    Business and technology drivers Promises of value Keywords
    Help the organization align investments with the corporate strategy and departmental priorities. Increase the number of investments that have a direct tie to corporate strategy. Business
    Support the rapid growth and development of the company through fiscal planning, project planning, and technology sustainability. Ensure budgets and projects are delivered on time with the assistance of technology. IT-Enabled
    Reduce the duplication and work effort to build and deploy technology solutions across the entire organization. Aim to reduce the number of redundant applications in the organization to streamline processes and save costs. Catalyst
    Improve the organization’s technology responsiveness and increase speed to market. Reduce the number of days required in the SDLC for all core business support projects. Value delivery

    An inspirational vision statement is greater than the sum of the individual words

    Ensure the sentence is cohesive and captures additional value outside of the keywords. The statement as a whole should be greater than the sum of the parts. Expand upon the meaning of the words, if necessary, to communicate the value. Below is an example of a finished vision statement.

    Sample

    Be a catalyst for IT-enabled business value delivery.

    Catalyst – We will continuously interact with the business and IT to accelerate and improve results.

    IT-enabled – We will ensure the optimal use of technology in enabling business capabilities to achieve business objectives.

    Business – We will be perceived as a business-focused unit that understands [Company name]’s business priorities and required business capabilities.

    Value delivery – EA’s value will be recognized by both business and IT stakeholders. We will track and market EA’s contribution to business value organization-wide.

    A clear mission statement can include additional details surrounding the EA team’s desired and expected value

    Likewise, below is a sample of connecting keywords together to form an EA mission statement:

    Optimize, transform, and innovate by defining and implementing the [Company]’s target enterprise architecture.

    Optimize – We collaborate with the business to analyze and optimize business capabilities and business processes to enable the agile and efficient attainment of [Company name] business objectives.

    Transform – We support IT-enabled business transformation programs by building and maintaining a shared vision of the future-state enterprise and consistently communicating it to stakeholders.

    Innovate – We identify and develop new and creative opportunities for IT to enable the business. We communicate the art of the possible to the business.

    Defining and implementing – We engage with project teams early and guide solution design and selection to ensure alignment to the target-state enterprise architecture.

    Target enterprise structure – We analyze business needs and priorities and assess the current state of the enterprise. We build and maintain the target enterprise architecture blueprints that define:

    • Business capabilities and processes (business architecture)
    • Data, application, and technology assets that enable business capabilities and processes (technology architecture)
    • Architecture principles and standards

    3.1.1 Create the EA vision statement

    1 hour

    Input: Identified promises of value, Vision statement test criteria

    Output: EA function vision statement

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Begin the creation of the EA vision statement by following the steps below:

    1. Gather the EA strategy creation team and have the promises of value from the EA value proposition laid out.
    2. Select one promise of value and work with the team to identify one word that captures the essence of that promise of value.
    3. Continue to the next promise of value until all of the promises of value have a keyword identified.
    4. Have the identified set of keywords laid out and see if any of their meanings are similar and can be consolidated together. Consolidate similar meaning keywords.
    5. Create the initial draft of the EA vision statement by linking the keywords together.
    6. Check the initial draft of the vision statement against the test criteria below. Ask the team if the vision statement satisfies each of the test criteria.
      • Do you find this vision exciting?
      • Is the vision clear, compelling, and easy to grasp?
      • Does this vision somehow connect to the core purpose?
      • Will this vision be exciting to a broad base of people in the organization, not just those within the EA team?
    7. Make changes to the initial draft to satisfy the test criteria. Socialize the EA vision statement with EA stakeholders to make sure it captures their needs.

    3.1.2 Create the EA mission statement

    1 hour

    Input: Identified promises of value, Mission statement test criteria

    Output: EA function mission statement

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Begin the creation of the EA mission statement by following the steps below:

    1. Gather the EA strategy creation team and have the promises of value from the EA value proposition laid out.
    2. Select one promise of value and work with the team to identify one word that captures the essence of that promise of value.
    3. Continue to the next promise of value until all of the promises of value have a keyword identified.
    4. Have the identified set of keywords laid out, and see if any of their meanings are similar and can be consolidated together. Consolidate similar meaning keywords.
    5. Create the initial draft of the EA mission statement by linking the keywords together.
    6. Check the initial draft of the mission statement against the following test criteria below. Ask the team if the mission statement satisfies each of the test criteria.
      • Do you find this purpose personally inspiring?
      • Does the purpose help you to decide what activities to not pursue, to eliminate from consideration? Is this purpose authentic – something true to what the organization is all about – not merely words on paper that sound nice?
      • Would this purpose be greeted with enthusiasm rather than cynicism by a broad base of people in the organization?
    7. Make changes to the initial draft to satisfy the test criteria. Socialize the EA mission statement with EA stakeholders to make sure it captures their needs.

    EA goals demonstrate the achievement of success of the EA function

    Enterprise architecture goals define specific desired outcomes of an EA function. EA goals are important because they establish the milestones the EA function can strive toward to deliver their promises of value.

    Inform EA goals by examining:

    Promises of value

    —›
    EA goals produce:

    Targets and milestones

    Promises of value

    Produce EA strategic outcomes that can be classified into four categories. The four categories are:

    • Business performance
    • IT performance
    • Customer value
    • Risk management
    EA goals

    Support the strategic outcomes. EA goals can be strategic or operational:

    • EA strategic goals support the strategic outcomes.
    • EA operational goals help measure the architecture capability quality and supporting processes.

    3.1.3 Create EA goals

    2 hours

    Input: Identified promises of value

    Output: EA goals

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Begin the creation of EA goals by following the steps below:

    1. Gather the EA strategy creation team and the identified promises of value from Phase 2, Create the EA Value Proposition.
    2. Open the EA Goals and Objectives Template and examine the list of default EA goals already within the template.
    3. Take the identified promises of value and discuss with the team if any of the EA goals in the template relate to the promises of value. Record the related EA goal and promise of value. See example below:
      • Promises of value example: Increase the number of investments that have a direct tie to corporate strategy.
      • Related EA goal example: Alignment of IT and business strategy.
    4. Repeat step 3 until all identified promises of value have been examined in relation to the EA goals in the template.
    5. If there are promises of value that are not related to an EA goal in the template, create EA goals to relate to those promises of value. Keep in mind that EA goals need to support the strategic outcomes produced by the promises of value. Record the EA goals in the template and document the related promises of value.

    Download the EA Goals and Objectives Template to assist with completing this activity.

    Starting with COBIT, select the appropriate objectives to track EA goals – Sample

    Below are examples of EA goals and the objectives that track their performance:

    IT performance-oriented goals Objectives
    Alignment of IT and business strategy
    • Increase the percentage of enterprise strategic goals and requirements supported by IT strategic goals by X percent in the fiscal year.
    • Improve stakeholder satisfaction with planned function and services portfolio scope by X percent in the fiscal year.
    • Increase the percentage of IT value drivers mapped to business value drivers by X percent in the next fiscal year.
    Increase in IT agility
    • Improve business executive satisfaction with IT’s responsiveness to new requirements by X percent in the fiscal year.
    • Increase the number of critical business processes supported by up-to-date infrastructure and applications in the next three years.
    • Lower the average time to turn strategic IT objectives into agreed-upon and approved initiatives.
    Optimization of IT assets, resources, and capabilities
    • Increase the frequency of capability maturity and cost optimization assessments.
    • Improve the frequency of reporting for assessment result trends.
    • Raise the satisfaction levels of business and IT executives with IT-related costs and capabilities by X percent.

    3.1.4 Define EA objectives and link them to EA goals

    2 hours

    Input: Defined EA goals

    Output: EA objectives linked to EA goals

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Begin the process of defining EA objectives and linking them to EA goals using the following steps:

    1. Gather the EA strategy creation team and open the EA Goals and Objectives Template.
    2. Have the goals laid out, and refer to the objectives already in the EA Goals and Objectives Template. Examine if any of them will fit the goals your team has created.
    3. If some of the goals your team has created do not fit with the objectives in the template, begin the process of creating new objectives. Remember, EA objectives are SMART metrics that help track the progress toward the EA goals.
    4. Create an EA objective and check if it is SMART by asking some of the questions below:
      • Specific: Is the objective specific to the goal? Is the objective clear to anyone who has basic knowledge of the goal?
      • Measurable: Is it possible to figure out how far the team would be away from completing the objective?
      • Agreed Upon: Does everyone involved agree the objective is the correct way to measure progress?
      • Realistic: Can the objective be met within the availability of resources, knowledge, and time?
      • Time Based: Is there a time-bound component to the goal?
    5. Continue to create new objectives until each goal has an objective linked to it.

    Download the EA Goals and Objectives Template to assist with completing this activity.

    For each of the objectives, determine how they will be collected, reported, and implemented

    Add details to the enterprise architecture objectives previously defined to increase their clarity to stakeholders.

    EA objective detail category Description
    Unit of measure
    • The unit in which the objective will be presented.
    Calculation formula
    • The formula by which the objective will be calculated.
    Objective baseline, status, and target
    • Baseline: The state of the objective at the start of measurement.
    • Status: The current state of the measurement.
    • Target: The target state the measurement should reach.
    Data collection
    • Responsible: The individual responsible for collecting the data.
    • Source: Where the data originates.
    • Frequency: How often the data will be collected to calculate the objective.
    Reporting
    • Target Audience: The people the objective will be presented to.
    • Method: The method used to present the data collected on the objective (e.g. report, presentation).
    • Frequency: How often the data will be presented to the target audience.

    3.1.5 Record the details of each EA objective

    2 hours

    Input: Defined list of EA objectives

    Output: Increased detail into each defined EA objective

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Record the details of each EA objective. Use the following steps below to assist with recording the details:

    1. Gather the EA strategy creation team, and open the EA Goals and Objectives Template.
    2. Select one objective that has been identified and discuss the formula for calculating the objective and in what units the objective will be recorded. Record the information in the “Calculation formula” and “Unit of measure” columns in the template once they have been agreed upon.
    3. Using the same objective, move to the “Data Collection” portion of the template. Discuss and record the following: the source of the data that generates the objective, the frequency of reporting on the objective, and the person responsible for reporting the objective.
    4. Move to the “Reporting” portion of the template. Discuss and record the target audience for the objective and the reporting frequency and method to those audiences.
    5. Examine the “Objective baseline,” “Objective status,” and “Objective target” columns. Record any measurement you may currently have in the “Objective baseline” column. Record what you would like the objective measurement to be in the “Objective target” column. Note: Keep track of the progression towards the target in the “Objective status” column in the future.
    6. Select the next objective and complete steps 2–5 for that measure. Continue this process until you have recorded details for all objectives.

    Download the EA Goals and Objectives Template to assist with completing this activity.

    Step 3.2

    Finalize the EA Fundamentals

    Activities
    • 3.2.1 Define the organizational coverage dimension of the EA function scope
    • 3.2.2 Define the architectural domains and depth dimension
    • 3.2.3 Define the time horizon dimension
    • 3.2.4 Create a set of EA principles for your organization
    • 3.2.5 Add the rationale and implications to the principles
    • 3.2.6 Operationalize the EA principles
    • 3.2.7 Discuss the need for classical methodology and/or a combination including Agile practices

    This step will walk you through the following activities:

    • Define the EA function scope dimensions.
    • Create a set of EA principles.
    • Discuss the organization’s current methodology, if any, and whether it works for the business.

    This step involves the following participants:

    • CIO
    • EA Team
    • IT Leaders
    • Business Leaders

    Outcomes of this step

    • Defined scope of the EA function.
    • A set of EA principles for your organization.
    • A decision on traditional vs. Agile methodology or a blend of both.

    Build the EA Fundamentals

    Step 3.1 Step 3.2

    A clear EA function scope defines the EA sandbox

    The EA function scope constrains the promises of value the EA function will deliver on by taking into account factors across four dimensions. The EA function scope ensures that the EA function is not stretched beyond its current/planned means and capabilities when delivering the promised value. The four dimensions are illustrated below:

    Organizational coverage
    Determine the focus of the enterprise architecture effort in terms of specific business units, functions, departments, capabilities, or geographical areas.
    Depth
    Determine the appropriate level of detail to be captured, based on the intended use of the enterprise architecture and the contingent decisions to be made.

    EA Scope

    Architectural Domains
    Determine the EA domains (business, data, application, infrastructure, security) that are appropriate to address stakeholder concerns and architecture requirements.
    Time horizon
    Determine the target-state architecture’s objective time period.

    The EA function scope is influenced by the EA value proposition and previously developed EA fundamentals

    Establish the EA function scope by using the EA value proposition and EA fundamentals that have been developed. After defining the EA function scope, refer back to these statements to ensure the EA function scope accurately reflects the EA value proposition and EA fundamentals.

    EA value proposition

    +

    EA vision statement
    EA mission statement
    EA goals and objectives

    —›
    Influences

    Organizational coverage

    Architectural domains

    Depth

    Time horizon

    —›
    Defines
    EA function scope

    EA scope – Organizational Coverage

    The organizational coverage dimension of EA scope determines the focus of enterprise architecture effort in the organization. Coverage can be determined by specific business units, functions, departments, capabilities, or geographic areas. Info-Tech has typically seen two types of coverage based on the size of the organization.

    Small and medium-size enterprise

    Indicators: Full-time employees dedicated to manage its data and IT infrastructure. Individuals are IT generalists and may have multiple roles.

    Recommended coverage: Typically, for small and medium-size businesses, the organizational coverage of architecture work is the entire enterprise. (Source: The Open Group, 2018)

    Large enterprise

    Indicators: Dedicated full-time IT staff with expertise to manage specific applications or parts of the IT infrastructure.

    Recommended coverage: For large enterprises, it is often necessary to develop a number of architectures focused on specific business segments and/or geographies. In this federated model, an overarching enterprise architecture should be established to ensure interoperability and conformance to overarching EA principles. (Source: DCIG, 2011)

    EA objectives track the progression towards the target set by EA goals

    Enterprise architecture objectives are specific metrics that help measure and monitor progress towards achieving an EA goal. Objectives are SMART.

    EA goals —› EA objectives
    • EA strategic goals:
      • Business performance
      • IT performance
      • Customer value
      • Risk management
    • EA operational goals
    • Specific
    • Measurable
    • Agreed upon
    • Realistic
    • Time bound
    (Source: Project Smart, 2014)

    Download the EA Goals and Objectives Template to see examples between the relationship of EA goals to objectives.

    Measure the EA strategy effectiveness by tracking the benefits it provides to the corporate business goals

    The success of the EA function is influenced by the following:

    • The delivery of EA-enabled business outcomes that are most important to the enterprise.
    • The alignment between the business and IT from a planning perspective.
    • Improvements in the corporate business goals due to EA contributions (standardization, rationalization, reuse, etc.).
    Corporate Business Goals Measurements
    • Reduction in operating costs
    • Decrease in regulatory compliance infractions
    • Increased revenue from existing channels
    • Increased revenue from new channels
    • Faster time to business value
    • Improved business agility
    • Reduction in enterprise risk exposure
    • Cost reductions based on application and platform rationalization
    • Standard-based solutions
    • Time reduction for integration
    • Service reused
    • Stakeholder satisfaction with EA services
    • Increase customer satisfaction
    • Rework minimized
    • Lower cost of integration
    • Risk reduction
    • Faster time to market
    • Better scalability, etc.

    3.2.1 Define the organizational coverage dimension of the EA function scope

    2 hours

    Input: EA value proposition, Previously defined EA fundamentals

    Output: Organizational coverage dimension of EA scope defined

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Define the organizational coverage of the EA function scope using the following steps below:

    1. Gather the EA strategy creation team. As well, gather the EA value proposition, the EA vision and mission statements, and the EA goals and objectives your team has already created.
    2. Ask the team to read each of the documents gathered in the previous step. This ensures the concepts are fresh in the team members’ minds when defining the EA function scope organizational coverage.
    3. Consider how much of the organization the EA function would need to cover. Refer to the gathered materials to assist with your decision. For example:
      • EA mission statement: Optimize, transform, and innovate by defining and implementing the [Company]’s target enterprise architecture.
      • Implications on organizational coverage: If the purpose of the EA function is to help optimize, transform, and innovate with target-state architecture mapping, then the scope should cover the entire organization. Only by mapping the entire organization’s architecture can the EA function assist with optimizing, transforming, and innovating.
    4. Work with the EA strategy creation team to examine all the gathered materials and document the implications on organization coverage as shown in step 3.
    5. Discuss with the team and select the organizational coverage level that best fits the documented implications for all the gathered materials. Refer back to the gathered materials and make any changes necessary to ensure they support the selected organizational coverage.

    EA scope – Architectural Domains

    A complete enterprise architecture should address all five architectural domains. The five architectural domains are business, data, application, infrastructure, and security.

    Enterprise Architecture
    —› Data Architecture
    Business Architecture —› Infrastructure Architecture
    Security Architecture
    —› Application Architecture

    “The realities of resource and time constraints often mean there is not enough time, funding, or resources to build a top-down, all-inclusive architecture encompassing all four architecture domains. Build architecture domains with a specific purpose in mind.” (The Open Group, 2018)

    Each architectural domain creates a different view of the organization

    Below are the definitions of different domains of enterprise architecture (Info-Tech perspective; others can be identified as well, e.g. Integration Architecture).

    Business Architecture

    Business architecture is a means of demonstrating the business value of subsequent architecture work to key stakeholders and the return on investment to those stakeholders from supporting and participating in the subsequent work. Business architecture defines the business strategy, governance, organization, and key business processes.

    Data Architecture

    Describes the structure of an organization’s logical and physical data assets and data management resources.

    Application Architecture

    Provides a blueprint for the individual applications to be deployed, their interactions, and their relationships to the core business processes of the organization.

    Infrastructure Architecture

    Represents the sum of hardware, software, and telecommunications-related IT capability associated with a particular enterprise. It is concerned with the synergistic operations and management of the devices in the organization.

    Security Architecture

    Provides an unified security design that addresses the necessities and potential risks involved in a certain scenario or environment. It also specifies when and where to apply security controls.
    (Sources: The Open Group, 2018; IT Architecture Journal, 2014; Technopedia, 2016)

    EA scope – Depth

    EA scope depth defines the architectural detail for each EA domain that the organization has selected to pursue. The level of depth is broken down into four levels. The level of depth the organization decides to pursue should be consistent across the domains.

    Contextual
    • Helps define the organization scope, and examines external and internal requirements and their effect on the organization. For example, enterprise governance.
    Conceptual
    • High-level representations of the organization or what the organization wants to be. For example, business strategy, IT strategy.
    Logical
    • Models that define how to implement the representation in the conceptual stage. For example, identifying the business gaps from the current state to the target state defined by the business strategy.
    Physical
    • The technology and physical tools used to implement the representation created in the logical stage. For example, business processes that need to be created to bridge the gaps identified and reach the target stage.
    (Source: Zachman International, 2011) Business Architecture Data Architecture Application Architecture Infrastructure Architecture Security Architecture

    Each architectural depth level contains a set of key artifacts

    The graphic below depicts examples of the key artifacts that each domain of architecture would produce at each depth level.

    Contextual Enterprise Governance
    Conceptual Business strategy Business objects Use-case models Technology landscaping Security policy
    Logical Business capabilities Data attribution Application integration Network/ hardware topology Security standards
    Physical Business process Database design Application design Configuration management Security configuration
    Business Architecture Data Architecture Application Architecture Infrastructure Architecture Security Architecture

    3.2.2 Define the architectural domains and depth dimension of the EA function scope

    2 hours

    Input: EA value proposition, Previously defined EA fundamentals

    Output: Architectural domain and depth dimensions of EA scope defined

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Define the EA function scope for your organization using the following steps below:

    1. Gather the EA strategy creation team. As well, gather the EA value proposition, the EA vision and mission statements, and the EA goals and objectives that your team has already created.
    2. Ask the team to read each of the documents gathered in the previous step. This ensures the concepts are fresh in the team members’ minds when defining the architectural domains and depth of the EA function scope.
    3. Consider the architectural domains and the depth those domains need to reach. Refer to the gathered materials to assist with your decision. For example:
      • Promise of value: Increase the number of IT investments with a direct tie to business strategy.
      • Implications on architectural domains: The EA function will need business architecture. Business architecture generates business capability mapping, which will anticipate what IT investments are needed for the future.
      • Implications on depth: Depth for business architecture needs to reach a logical level to encompass business capabilities.
    4. Work with the EA strategy creation team to examine all the gathered materials and document the implications on architectural domains and depth as shown in step 3.
    5. Discuss with the team and select the architectural domains and the depth for each domain that best fits the documented implication. Refer back to the gathered materials and make any changes necessary to ensure they support the selected architectural domains and depth.

    EA scope – Time Horizon

    The EA scope time horizon dictates how long to plan for the architecture.

    It is important that the EA team’s work has an appropriate planning horizon while avoiding two extremes:

    1. A planning horizon that is too short focuses on immediate operational goals and strategic quick wins, missing the “big picture,” and fails to support the achievement of strategic long-term enterprise goals.
    2. A planning horizon that is too long is at a higher risk of becoming irrelevant.

    Target the same strategic planning horizon as your business. Additionally, consider the following recommendations:

    Planning Horizon: 1 year 2-3 years 5 years
    Recommended under the following conditions:
    • Corporate strategy is not stable and frequently changes direction (typical for small and some mid-sized companies).
    • There will be a major update of the corporate strategy in one year.
    • The company will be acquired by or merged with another company in one year.
    • The business' strategic plan spans the next two to three years, and corporate strategy is moderately stable within this time frame (typical for mid-sized and some large companies).
    • The business' strategic plan spans the next five years and corporate strategy is very stable (typical for large companies).

    3.2.3 Define the time horizon dimension of the EA function scope

    2 hours

    Input: EA value proposition, Previously defined EA fundamentals

    Output: Time horizon dimension of EA scope defined

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Define the EA function scope for your organization using the following steps below:

    1. Gather the EA strategy creation team. As well, gather the EA value proposition, the EA vision and mission statements, and the EA goals and objectives your team has already created.
    2. Ask the team to read each of the documents gathered in the previous step. This ensures the concepts are fresh in the team members’ minds when crafting the EA function scope.
    3. Consider the time horizons of the EA function scope. Refer to the gathered materials to assist with your decision. For example:
      • EA Objective: Increase the percentage of enterprise strategic goals and requirements supported by IT strategic goals by 30% in the next 3 years.
      • Implications on time horizon: Because it will take 3 years to measure the success of these EA objectives, the time horizon may need to be 3 years.
    4. Work with the EA strategy creation team to examine all the gathered materials and document the implications on time horizon as shown in step 3.
    5. Discuss with the team and select the time horizon that best fits the documented implication. Refer back to the gathered materials and make any changes necessary to ensure they support the selected architectural time horizon.

    EA principles capture the EA value proposition essence and provide guidance for the decisions that impact architecture

    EA principles are shared, long-lasting beliefs that guide the use of IT in constructing, transforming, and operating the enterprise by informing and restricting target-state enterprise architecture design, IT investment portfolio management, solution development, and procurement decisions.

    EA value proposition Influences
    —›
    EA Principles Guide and inform
    —›
    Decisions on the Use of IT Direct and control
    ‹—
    Specific Domain Policies
    ‹———————

    What decisions should be made?
    ————— ————— —————
    How should decisions be made?
    ————— ————— —————————›
    Who has the accountability and authority to make decisions?

    EA principles must be carefully constructed to make sure they are adhered to and relevant

    Info-Tech has identified a set of characteristics that EA principles should possess. Having these characteristics ensures the EA principles are relevant and followed in the organization.

    Approach focused EA principles are focused on the approach, i.e. how the enterprise is built, transformed, and operated, as apposed to what needs to be built, which is defined by both functional and non-functional requirements.
    Business relevant Create EA principles specific to the organization. Tie EA principles to the organization’s priorities and strategic aspirations.
    Long lasting Build EA principles that will withstand the test of time.
    Prescriptive Inform and direct decision making with EA principles that are actionable. Avoid truisms, general statements, and observations.
    Verifiable If compliance can’t be verified, the principle is less likely to be followed.
    Easily digestible EA principles must be clearly understood by everyone in IT and by business stakeholders. EA principles aren’t a secret manuscript of the EA team. EA principles should be succinct; wordy principles are hard to understand and remember.
    Followed Successful EA principles represent a collection of beliefs shared among enterprise stakeholders. EA principles must be continuously “preached” to all stakeholders to achieve and maintain buy-in.

    In organizations where formal policy enforcement works well, EA principles should be enforced through appropriate governance processes.

    Review ten universal EA principles to determine if your organization wishes to adopt them

    1. Enterprise value focus We aim to provide maximum long-term benefits to the enterprise as a whole while optimizing total costs of ownership and risks.
    2. Fit for purpose We maintain capability levels and create solutions that are fit for purpose without over-engineering them.
    3. Simplicity We choose the simplest solutions and aim to reduce operational complexity of the enterprise.
    4. Reuse › buy › build We maximize reuse of existing assets. If we can’t reuse, we procure externally. As a last resort, we build custom solutions.
    5. Managed data We handle data creation, modification, and use enterprise-wide in compliance with our data governance policy.
    6. Controlled technical diversity We control the variety of technology platforms we use.
    7. Managed security We manage security enterprise-wide in compliance with our security governance policy.
    8. Compliance to laws and regulations We operate in compliance with all applicable laws and regulations.
    9. Innovation We seek innovative ways to use technology for business advantage.
    10. Customer centricity We deliver best experiences to our customers with our services and products.

    3.2.4 Create a set of EA principles for your organization

    2 hours

    Input: Info-Tech’s ten universal EA principles, Identified promises of value

    Output: A defined set of EA principles for your organization

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Create a set of EA principles for your organization using the steps below:

    1. Gather the EA strategy creation team, download the EA Principles Template – EA Strategy, and have the identified promises of value opened.
    2. Select one universal principle and relate it to the promises of value by discussing with the EA strategy creation team. If there is a relation, record “Yes” in the template on the slide “Select the applicability of 10 universally accepted EA principles.” See example below:
      • Universal principle: Enterprise value focus – We aim to provide maximum long-term benefits to the enterprise as a whole while optimizing total costs of ownership and risks.
      • Related promise of value example: Increase the number of investments that have a direct tie with corporate strategy.
    3. Continue the process in step 2 until all ten universal EA principles have been examined. If there is a universal principle that is unrelated to a promise of value, discuss with the team whether the principle still needs to be included. If the principle is not included, record “No” in the template on the slide “Select the applicability of 10 universally accepted EA principles.”
    4. If there are any promises of value that are not captured by the universally accepted EA principles, the team may choose to create new principles. Create the new principles in the format below and record them in the template.
      • Name: The name of the principle, in a few words.
      • Statement: A sentence that expands on the “Name” section and explains what the principle achieves.

    Download the EA Principles Template – EA Strategy to document this step.

    Organizational stakeholders are more likely to follow EA principles when a rationale and an implication are provided

    After defining the set of EA principles, ensure they are all expanded upon with a rationale and implications. The rationale and implications ensure principles are more likely to be followed because they communicate why the principles are important and how they are to be used.

    Name
    • The name of the EA principle, in a few words.
    Statement
    • A sentence that expands on the “Name” section and explains what the principle achieves.
    Rationale
    • Describes the business benefits and reasoning for establishing the principle.
    • Explicitly links the principle to business/IT vision, mission, priorities, goals, or strategic aspirations (strategic themes).
    Implications
    • Describe when and how the principle is to be applied.
    • Communicate this section with “must” sentences.
    • Refer to domain-specific policies that provide detailed, domain-specific direction on how to apply the principle.

    3.2.5 Add the rationale and implications to the principles that have been created

    2 hours

    Input: Identified set of EA principles

    Output: EA principles that have rationale and implications

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Add the rationale and implication of each EA principle that your organization has selected using the following steps:

    1. Gather the EA strategy creation team and open the EA Principles Template – EA Strategy.
    2. Examine the EA Principles Template – EA Strategy. Look for the detailed descriptions of all the applicable EA universal principles, and discuss with the team whether the pre-populated rationale and implications need to be changed.
    3. Make sure all the rationale and implication sections of the applicable universal EA principles have been examined. Record the changes on the slide devoted to each principle in the template.
    4. Examine any new principles created outside of the universal EA principles. Create the rationale and implication sections for each of those principles. Use the slide “Review the rationale and implications for the applicable universal principles” in the EA Principles Template – EA Strategy to assist with this step.

    Download the EA Principles Template – EA Strategy to document this step.

    3.2.6 Operationalize the EA principles to ensure they are used when decisions are being made

    1-2 hours

    Input: Defined set of EA principles

    Output: EA principles are successfully operationalized

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Begin to operationalize the EA principles by reviewing the proposed principles with business and technology leadership to secure their approval.

    1. Publish the list of principles, their rationale, and their implications.
    2. Include the principles in any existing policies that guide decision making for the use of technology within the business.
    3. Provide existing governance bodies with the authority to enforce adherence to principles, and communicate the waiver process.
    4. Ensure that project-level teams are aware of the principles and have at least one champion guiding the decisions of the team.

    Review a use case for the utilization of EA principles – Sample

    After operationalizing the EA principles for your organization, the organization can now use those principles to guide and inform its IT investment decisions. Below is an example of a scenario where EA principles were used to guide and inform an IT investment decision.

    Organization wants to provision an application but it needs to decide how to do so, and it considers the relevant EA principles:

    • Reuse › buy › build
    • Managed security
    • Innovation

    The organization has decided to go with a specialized vendor, even though it normally prefers to reuse existing components. The vendor has experience in this domain, understands the data security implications, and can help the organization mitigate risk. Lastly, the vendor is known for providing new solutions on a regular basis and is a market leader, making it more likely to provide the organization with innovative solutions.

    An oil and gas company created EA fundamentals to guide the EA function

    CASE STUDY

    Industry: Oil & Gas
    Source: Info-Tech

    Challenge

    As an enterprise architecture function starting from ground zero, the organization did not have the EA fundamentals in place to guide the EA function. Further, the organization also did not possess an EA function scope to define the boundaries of the EA function.

    Due to the lack of EA scope, the EA function did not know which part of the organization to provide contributions toward. A lack of EA fundamentals caused confusion regarding the future direction of the EA function.

    Solution

    Info-Tech worked with the EA team to define the different components of the EA fundamentals. This included EA vision and mission statements, EA goals and objectives, and EA principles.

    Additionally, Info-Tech worked with the EA team to define the EA function scope.

    These EA strategy components were created by examining the needs of the business. The components were aligned with the identified needs of the EA stakeholders.

    Results

    The defined EA function scope helped set out the responsibilities of the enterprise architecture function to the organization.

    The EA vision and mission statements and EA goals and objectives were used to guide the direction of the EA function. These fundamentals helped the EA function improve its maturity and deliver on its promises.

    The EA principles were used in IT review boards to guide the decisions on IT investments in the organization.

    3.2.7 Discuss the need for a classical methodology and/or a combination including Agility practices

    1 hour

    Input: Existing methodologies

    Output: Decisions about need of agility, ceremonies, and protocols to be used

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Add the rationale and implication of adopting an Agile methodology and/or a combination with a traditional methodology.

    1. Is there an EA methodology adopted by the organization? Is there a classical one, or is it purely Agile?
    2. What would need to happen to address the business goals of the organization (e.g. is there a need to be more agile?)? Do you need to have more decisions centralized (e.g. to adopt certain standards, security controls)?
    3. Where on the decentralization continuum does your organization need to be?
    4. What role would Enterprise Architects have (would they need to be part of existing ceremonies? Would they need to blend traditional and agile processes?)?
    5. If a customized methodology is required, identify this as an item to be included as part of the EA roadmap (can be run as a Agile Enterprise Operating Model workshop).

    Design an Enterprise Architecture Strategy

    Phase 4

    Design the EA Services

    Phase 1

    • 1.1 Explore a general EA strategy approach
    • 1.2 Introduce Agile EA architecture

    Phase 2

    • 2.1 Define the business and technology drivers
    • 2.2 Define your value proposition

    Phase 3

    • 3.1 Realize the importance of EA fundamentals
    • 3.2 Finalize the EA fundamentals

    Phase 4

    • 4.1 Select relevant EA services
    • 4.2 Finalize the set of services and secure approval

    This phase will walk you through the following activities:

    • Select relevant EA services
    • Finalize the set of services and secure approval

    This phase involves the following participants:

    • CIO
    • EA Team
    • IT Leaders
    • Business Leaders

    Step 4.1

    Select Relevant EA Services

    Activities
    • 4.1.1 Select the EA services relevant to your organization
    • 4.1.2 Identify if your organization needs additional services outside of the recommended list
    • 4.1.3 Complete all of the service catalog fields for each service to show the organization how each can be consumed

    This step will walk you through the following activities:

    • Communicate a definition of EA services.
    • Link services to the previously identified EA contributions.

    This step involves the following participants:

    • CIO
    • EA Team
    • IT Leaders
    • Business Leaders

    Outcomes of this step

    • A defined set of services the EA function will provide.
    • An EA service catalog that demonstrates to the organization how each provided service can be accessed and consumed.

    Design the EA Services

    Step 3.1 Step 3.2

    The definition of EA services will allow the group to communicate how they can add value to EA stakeholders

    Enterprise architecture services are a set of activities the enterprise architecture function provides for the organization. EA services are important because the services themselves provide a set of benefits for the organization.

    Enterprise Architecture Services

    • A means of delivering value to the business by facilitating outcomes service consumers want to achieve.
    • EA services are defined from the business perspective using business language.
    • EA services are designed to enable required business activities.

    Viewing the EA function from a service perspective resolves the following pains:

    • Business users don’t know how EA can assist them.
    • Business users don’t know how to request access to a service with multiple sources of information available.
    • EA has no way of managing expectations for their users, which tend to inflate.
    • EA does not have a holistic view of all the services they need to provide.

    Link EA services to the previously identified EA contributions

    Previously identified EA contributions can be linked to EA services, which helps the EA function identify a set of EA services that are important to business stakeholders. Further, linking the EA contributions to EA services can define for the EA function the services they need to provide.

    Demonstrate EA service value by linking them to EA contributions

    1. EA stakeholders generate drivers
    2. Drivers have pains that obstruct them
    3. Pains are alleviated by EA contributions
    4. EA contributions help define the EA services needed

      • EA Contributions
        Example EA contribution: Business capability mapping shows the business capabilities of the organization and the technology that supports those capabilities in the current and target state. This provides a view for the set of investments that are needed by the organization, which can then be prioritized.

        • EA Services
          Example EA service: Target-state business capability mapping

    4.1.1 Select the EA services relevant to your organization

    2 hours

    Input: Previously identified EA contributions from the EA value proposition

    Output: A set of EA services selected for the organization from Info-Tech’s defined set of EA services

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Begin the selection of EA services relevant to your organization by following the steps below:

    1. Gather the EA strategy creation team, and the list of identified EA contributions that the team formulated during Phase 2.
    2. Open the EA Service Planning Tool, select one sub-service, and read its definition.
    3. Based on the definition of the sub-service, refer back to the identified list of EA contributions and check if there is an identified EA contribution that matches the service.
      • If the EA service definitions matches one of the identified EA contributions, then that EA service is relevant to the organization. If there is no match, then the EA service may not be relevant to the organization.
    4. Highlight the sub-service if it is relevant. Add a checkmark beside the EA contribution if it is addressed by a sub-service.
    5. Select the next sub-service and repeat steps 2-4. Continue down the list of sub-services in the EA Service Planning Tool until all sub-services have been examined.

    Download the EA Service Planning Tool to assist with this activity.

    4.1.2 Identify if your organization needs additional services outside of the recommended list

    2 hours

    Input: Expertise from the EA strategy creation team, Previously defined EA contributions

    Output: A defined set of EA services outside the list Info-Tech has recommended

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Identify if services outside of the recommended list in the EA Service Planning Tool are relevant to your organization by using the steps below:

    1. Gather the EA strategy creation team and the list of EA contributions with checkmarks for contributions addressed by EA services.
    2. Take the list of unaddressed EA contributions and select one EA contribution in the list. Assess whether an EA service is required to address the EA contribution. Ask the group the following:
      • Can the EA practice provide the service now?
      • Does providing this EA service line up with the previously defined EA function scope and EA fundamentals?
    3. Decide if a service needs to be provided for that contribution. If yes, give the service a name and a definition.
    4. Then, decide if the service fits into one of the service categories in the EA Service Planning Tool. If there is no fit, create another service category. Define the new service category as well.
    5. Continue to the next unaddressed EA contribution and repeat steps 2-4. Repeat this process until all unaddressed EA contributions have been assessed.

    Download the EA Service Planning Tool to assist with this activity.

    Create the EA service catalog to demonstrate to the organization how each service can be accessed and used

    The EA service catalog is an important communicator to the business. It shifts the technology-oriented view of EA to services that show direct benefit to the business. It is a tool that communicates and provides clarity to the business about the EA services that are available and how those services can assist them.

    Define the services to show value Define the service catalog to show how to use those services
    Already defined
    • EA service categories
    • The services needed by the EA stakeholders in each EA service category
    Need to define
    • Should EA deliver this service?
    • Service triggers
    • Service provider
    • Service requestor

    Info-Tech Insight

    The EA group must provide the organization with a list of services it will provide to demonstrate value. This will help the team manage expectations and the workload while giving organizational stakeholders a clear understanding of how to engage EA and what lies outside of EA’s involvement.

    4.1.3 Complete all the service catalog fields for each service to show the organization how each can be consumed

    4 hours

    Input: Expertise from the EA strategy creation team

    Output: Service details for each EA service in your organization

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Complete the details for each relevant EA service in the EA Service Planning Tool by using the following steps:

    1. Gather the EA strategy creation team, and open the EA Service Planning Tool.
    2. Select one of the services you have defined as relevant and begin the process of defining the service. Define the following fields:
      • Should EA deliver this service? Should the EA team provide this service? (Yes/No)
      • Service trigger: What trigger will signal the need for the service?
      • Service provider: Who in the EA team will provide the service?
      • Service requestor: Who outside of the EA team has requested this service?
    3. Have the EA strategy creation team discuss and define each of the fields for the service above. Record the decisions in the corresponding columns of the EA Service Planning Tool.
    4. Select the next required EA service, and repeat steps 2 and 3. Repeat the process until all required EA services have their details defined.

    Download the EA Service Planning Tool to assist with this activity.

    Step 4.2

    Finalize the Set of Services and Secure Approval

    Activities
    • 4.2.1 Secure approval for your organization’s EA strategy
    • 4.2.2 Map the EA contributions to business goals
    • 4.2.3 Quantify the EA effectiveness
    • 4.2.4 Determine the role of the architect in the Agile ceremonies of the organization

    This step will walk you through the following activities:

    • Present the EA strategy to stakeholders.
    • Determine service details for each EA service in your organization.

    This step involves the following participants:

    • CIO
    • EA Team
    • IT Leaders
    • Business Leaders

    Outcomes of this step

    • Secured approval for your organization’s EA strategy.
    • Measure effectiveness of EA contributions.

    Design the EA Services

    Step 4.1 Step 4.2

    Present the EA strategy to stakeholders to secure approval of the finalized EA strategy

    For the EA strategy to be successfully executed, it must be approved by the EA stakeholders. Securing their approval will increase the likelihood of success in the execution of the EA operating model.

    Outputs that make up the EA strategy —› Present outputs to EA strategy stakeholders
    • Business and technology drivers
    • EA function value proposition

    • EA vision statement
    • EA mission statement
    • EA goals and objectives
    • EA scope
    • EA principles

    • EA function services
    • Identified and prioritized EA stakeholders.








    • The checkmark symbol represents the outputs this blueprint assists with creating.

    4.2.1 Secure approval of your organization’s EA strategy

    1 hour

    Input: Completed EA Function Strategy Template, Expertise from EA strategy creation team

    Output: Approval of the EA strategy

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team, Key EA stakeholders

    Use the following steps to assist with securing approval for your organization’s EA strategy:

    1. Call a meeting between the EA strategy creation team and the identified key EA stakeholders. Key stakeholders were defined in activity 2.1.1.
    2. Open the completed EA Function Strategy Template. Use it to help you discuss the merits of the EA strategy with the key stakeholders.
    3. Discuss with the stakeholders any concerns and modifications they wish to make to the strategy. If detailed questions are asked, refer to the other templates created as a part of this blueprint. Record those concerns and address them at a later time.
    4. After presenting the EA strategy, ask the stakeholders for approval. If stakeholders do not approve, refer back to the concerns documented in step 3 and inquire if addressing the concerns will result in approval.
    5. If applicable, address stakeholder concerns with the EA strategy.
    6. Once EA strategy has been approved, publish the EA strategy to ensure there is a mutual understanding of what the EA function will provide to the organization. Move on to Info-Tech’s Define an EA Operating Model blueprint to begin executing upon the EA strategy.

    Use the EA Function Strategy Template to assist with this activity.

    4.2.2 Map the EA contributions to the business goals

    3 hours

    Input: Expertise from EA strategy creation team

    Output: Service details for each EA service in your organization

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Map EA contributions/services to the goals of the organization.

    1. Start from the business goals of the organization.
    2. Determine Business and IT drivers.
    3. Identify EA contributions that help achieve the business goals.

    Download the EA Service Planning Tool to assist with this activity.

    Trace EA drivers to business goals (sample)

    A model connecting 'Enterprise Architecture' with 'Corporate Goals' through 'EA Contributions'.

    4.2.3 Quantify the EA effectiveness

    1 hour

    Input: Expertise from EA strategy creation team

    Output: Defined KPIs (SMART)

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Use SMART key performance indicators (KPIs) to measure EA contributions vis-à-vis business goals.

    Measure the EA strategy effectiveness by tracking the benefits it provides to the corporate business goals

    The success of the EA function spans across three main dimensions:

    • The delivery of EA-enabled business outcomes that are most important to the enterprise.
    • The alignment between the business and IT from a planning perspective.
    • Improvements in the corporate business goals due to EA contributions (standardization, rationalization, reuse, etc.).
    Corporate Business GoalsEA ContributionsMeasurements
    • Reduction in operating costs
    • Decrease in regulatory compliance infractions
    • Increased revenue from existing channels
    • Increased revenue from new channels
    • Faster time to business value
    • Improved business agility
    • Reduction in enterprise risk exposure
    • Alignment of IT investments to business strategy
    • Achievement of business results directly linked to IT involvement
    • Application and platform rationalization
    • Standards in place
    • Flexible architecture
    • Better integration
    • Higher organizational satisfaction with technology-enabled services and solutions
    • Cost reductions based on application and platform rationalization
    • Standard based solutions
    • Time reduction for integration
    • Service reused
    • Stakeholder satisfaction with EA services
    • Increase customer satisfaction
    • Rework minimized
    • Lower cost of integration
    • Risk reduction
    • Faster time to market
    • Better scalability, etc.

    The oil and gas company began the EA strategy creation by crafting an EA value proposition

    CASE STUDY

    Industry: Oil & Gas
    Source: Info-Tech

    Challenge

    The oil and gas corporation faced a great challenge in communicating the role of enterprise architecture to the organization. Although it has the mandate from the CIO to create the EA function, there was no function in existence. Thus, few people in the organization understood EA.

    Because of this lack of understanding, the EA function was often undermined. The EA function was seen as an order taker that provided some services to the organization.

    Solution

    First, Info-Tech worked with the enterprise architecture team to define the EA stakeholders in the organization.

    Second, Info-Tech interviewed those stakeholders to identify their needs. The needs were analyzed and pains that would obstruct addressing those needs were identified.

    Lastly, Info-Tech worked with the team to identify common EA contributions that would solve those pains.

    Results

    Through this process, Info-Tech helped the team at the oil and gas company create a document that could communicate the value of EA. Specifically, the document could articulate the issues obstructing each stakeholder from achieving their needs and how enterprise architecture could solve them.

    With this value proposition, EA was able to demonstrate value to important stakeholders and set itself up for success in its future endeavors.

    The oil and gas company defined EA services to provide and communicate value to the organization

    CASE STUDY

    Industry: Oil & Gas
    Source: Info-Tech

    Challenge

    As a brand new enterprise architecture function, the EA function at the oil and gas corporation did not have a set of defined EA services. Because of this lack of EA services, the organization did not know what contributions EA could provide.

    Further, without the definition of EA services, the EA function did not set out explicit expectations to the business. This caused expectations from the business to be different from those of the EA function, resulting in friction.

    Solution

    Info-Tech worked with the EA function at the oil and gas corporation to define a set of EA services the function could provide.

    The Info-Tech team, along with the organization, assessed the business and technology needs of the stakeholder. Those needs acted as the basis for the EA function to create their initial services.

    Additionally, Info-Tech worked with the team to define the service details (e.g. service benefits, service requestor, service provider) to communicate how to provide services to the business.

    Results

    The defined EA services led the EA function to communicate what it could provide for the business. As well, the defined services clarified the level of expectation for the business.

    The EA team was able to successfully service the business on future projects, adding value through their expertise and knowledge of the organization’s systems. Because of the demonstrated value, EA has been given greater responsibility throughout the organization.

    4.2.4 Determine the role of the architect in the Agile ceremonies of the organization

    1 hour

    Input: Expertise from EA strategy creation team

    Output: Participation in Agile Pre- and Post-PI, Architect Syncs, etc.

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: EA strategy creation team

    Document the involvement of the enterprise architect in your organization’s Agile ceremonies.

    1. Document the Agile ceremonial used in the organization (based on SAFe or other Agile approaches).
    2. Determine ceremonies the System Architect will participate in.
    3. Determine ceremonies the Solution Architect will participate in
    4. Determine ceremonies the Enterprise Architect will participate in.
    5. Determine Architect Syncs, etc.

    Note: Roles and responsibilities can be further defined as part of the Agile Enterprise Operating Model.

    The EA role relative to agility

    The enterprise architecture role relative to agility specifies the architecture roles as well as the agile protocols they will participate in.
    This statement will guide every architect’s participation in planning meetings, pre- and post-PI, syncs, etc. Use simple and concise terminology; speak loudly and clearly.

    A strong EA role statement relative to agility has the following characteristics:

    • Describes what different architect roles do to achieve the vision of the organization
    • In an agile way
    • Compelling
    • Easy to grasp
    • Sharply focused
    • Specific
    • Concise

    Sample EA mission relative to agility

    • Create strategies that provide guardrails for the organization, provide standards, reusable assets, accelerators, and other decisions at the enterprise level that support agility.
    • Participate in pre-PI and post-PI planning activities, architect syncs, etc.

    A clear statement can include additional details surrounding the Enterprise Architect role relative to agility

    Likewise, below is a sample of connecting keywords together to form an enterprise architect role statement, relative to agility.

    Optimize, transform, and innovate by defining and implementing the [Company]’s target enterprise architecture in an agile way.

    Optimize – We collaborate with the business to analyze and optimize business capabilities and business processes to enable the agile and efficient attainment of [Company name] business objectives.

    Transform – We support IT-enabled business transformation programs by building and maintaining a shared vision of the future-state enterprise and consistently communicating it to stakeholders.

    Innovate – We identify and develop new and creative opportunities for IT to enable the business. We communicate the art of the possible to the business.

    Defining and implementing – We engage with project teams early and guide solution design and selection to ensure alignment to the target-state enterprise architecture and provide guidance as well as accelerators.

    Target enterprise structure in an agile way – We analyze business needs and priorities and assess the current state of the enterprise. We build and maintain the target enterprise architecture blueprints that define:

    • Business capabilities and processes (business architecture)
    • Data, application, and technology assets that enable business capabilities and processes (technology architecture)
    • Architecture principles
    • Standards and reusable assets
    • Continuous exploration, integration, and deployment

    Move to the enterprise architecture operating model blueprint to execute your EA strategy

    Once approved, move on to Info-Tech’s Define an EA Operating Model blueprint to begin executing on the EA strategy.

    Enterprise architecture strategy

    This blueprint focuses on setting up an enterprise architecture function, with the goal of maximizing the likelihood of EA success. The blueprint puts into place the components that will align the EA function with the needs of the stakeholders, guide the decision making of the EA function, and define the services EA can provide to the organization.

    Agile enterprise architecture operating model

    An EA operating model helps you design and organize the EA function, ensuring adherence to architectural standards and delivery of EA services. This blueprint acts on the EA strategy by creating methods to engage, govern, and develop architecture as a part of the larger organization.

    Research contributors and experts

    Photo of Milena Litoiu, Senior Director Research and Advisory, Enterprise Architecture Milena Litoiu
    Senior Director Research and Advisory, Enterprise Architecture
    • Milena Litoiu is a Principal/Senior Manager of Enterprise Architecture. She is Master Certified with The Open Group and she sits on global architecture certification boards.
    • Other certifications include SABSA, CRISC, and Scaled Agile Framework. She started as a certified IT Architect at IBM and has over 25 years experience in this field.
    • Milena teaches enterprise architecture at the University of Toronto and led the development of the Enterprise Architecture Certificate (a course on EA fundamentals, one on EA development and Governance, and one on Trends going forward).
    • She has a Masters in Engineering, an executive MBA, and extensive experience in enterprise architecture as well as methodologies and tools.
    Photo of Lan Nguyen, IT Executive, Mentor, Managing Partner at CIOs Beyond Borders Group Lan Nguyen
    IT Executive, Mentor, Managing Partner at CIOs Beyond Borders Group
    • Lan Nguyen has a wealth of experience driving the EA strategy and the digital transformation success at the City of Toronto.
    • Lan is a university lecturer on topics like strategic leadership in the digital enterprise.
    • Lan is a Managing Partner at CIOs Beyond Borders Group.
    • Lan specializes in Partnership Development; Governance; Strategic Planning, Business Development; Government Relations; Business Relationship Management; Leadership Development; Organizational Agility and Change Management; Talent Management; Managed Services; Digital Transformation; Strategic Management of Enterprise IT; Shared Services; Service Quality Improvement, Portfolio Management; Community Development; and Social Enterprise.


    Photo of Dirk Coetsee, Director Research and Advisory, Enterprise Architecture, Data & Analytics Dirk Coetsee
    Director Research and Advisory, Enterprise Architecture, Data & Analytics
    • Dirk Coetsee is a Research & Advisory Director in the Data & Analytics practice. Dirk has over 25 years of experience in data management and architecture within a wide range of industries, especially Financial Services, Manufacturing, and Retail.
    • Dirk spearheaded data architecture at several organizations and was involved in enterprise data architecture, data governance, and data quality and analytics. He architected many operational data stores of ranging complexity and transaction volumes and was part of major enterprise data warehouse initiatives. Lately, he was part of projects that implemented big data, enterprise service bus, and micro services architectures. Dirk has an in-depth knowledge of industry models within the financial and retail spaces.
    • Dirk holds a BSc (Hons) in Operational Research and an MBA with specialization in Financial Services from the University of Pretoria, South Africa.
    Photo of Andy Neill, AVP, Enterprise Architecture, Data and Analytics Andy Neill
    AVP, Enterprise Architecture, Data and Analytics
    • Andy is AVP Data and Analytics and Chief Enterprise Architect at Info-Tech Research Group. Previous roles include leading the data architecture practice for Loblaw Companies Ltd, Shoppers Drug Mart and 360 Insights in Canada as well as leading architecture practices at Siemens consultancy, BBC, NHS, Ordnance Survey, and Houses of Parliament and Commons in the UK.
    • His responsibilities at Info-Tech include leading the data and analytics and enterprise architecture research practices and guiding the future of research and client engagement in that space.
    • Andy is the Product Owner for the Technical Counselor seat offering at Info-Tech, which gives world-class holistic support to our senior technical members.
    • He is also a instructor and content creator for the University of Toronto in the field of Enterprise Architecture.


    Photo of Wayne Filin-Matthews, Chief Enterprise Architect, ICMG Winner of Global Chief Enterprise Architect of the Year 2019 Wayne Filin-Matthews
    Chief Enterprise Architect, ICMG Winner of Global Chief Enterprise Architect of the Year 2019
    • Wayne is currently the EA Discipline Lead/Chief Enterprise Architect – Global Digital Transformation Office, COE at Dell Technologies.
    • He is a distinguished Motivator & Tech Lead as well as an influencer.
    • Wayne has led multiple Enterprise Architecture practices at the global level and has valuable contributions in this space managing and growing Enterprise Architecture and CTO practices across strategy, execution, and adoption parts of the IT lifecycle.
    Photo of Graham Smith, Experienced lead Enterprise Architect and Independent Consultant Graham Smith
    Experienced lead Enterprise Architect and Independent Consultant
    • Graham is an experienced lead enterprise architect specializing in digital and data transformation, with over 33 years of experience, spanning financial markets, media, information, insurance, and telecommunications sectors. Graham has successfully established and led large teams across India, China, Australia, Americas, Japan, and the UK.
    • He is currently working as an independent consultant in digital and data-led transformation and his work spans established businesses and start-ups alike.

    Thanks also go to all experts who contributed to previous versions of this document:

    • Zachary Curry, Director, Enterprise Architecture and Innovation, FMC Technologies
    • Pam Doucette, Director of Enterprise Architecture, Tufts Health Plan
    • Joe Evers, Consulting Principal, JcEvers Consulting Corp
    • Cameron Fairbairn, Enterprise Architect, Agriculture Financial Services Corporation (AFSC)
    • Michael Fulton, Chief Digital Officer & Senior IT Strategy & Architecture Consultant at CC and C Solutions
    • Tom Graves, Principal Consultant, Tetradian Consulting
    • (JB) Brahmaiah Jarugumilli, Consultant, Federal Aviation Administration – Enterprise Services Center
    • Huw Morgan, IT Research Executive, Enterprise Architect
    • Serge Parisien, Manager, Enterprise Architecture, Canada Mortgage & Housing Corporation

    Additional interviews were conducted but are not listed due to privacy and confidentiality requirements.

    Bibliography

    “Agile Manifesto for Software Development,” Ward Cunningham, 2001. Accessed July 2021.

    “ArchiMate 3.1 Specification.” The Open Group, n.d. Accessed July 2021.

    “Are Your IT Strategy and Business Strategy Aligned?” 5Q Partners, 8 Jan. 2015. Accessed Oct. 2016.

    Bowen, Fillmore. “How agile companies create and sustain high ROI.” IBM. Accessed Oct. 2016.

    Burns, Peter, et al. Building Value through Enterprise Architecture: A Global Study. Booz & Co. 2009. Web. Nov. 2016.

    “Demonstrating the Value of Enterprise Architecture in Delivering Business Capabilities.” Cisco, 2008. Web. Oct. 2016.

    “Disciplined Agile.” Disciplined Agile Consortium, n.d. Web.

    Fowler, Martin. “Building Effective software.” MartinFowler.com. Accessed July 2021.

    Fowler, Martin. “Agile Software Guide.” MartinFowler.com, 1 Aug. 2019.

    Accessed July 2021.

    Haughey, Duncan. “SMART Goals.” Project Smart, 2014. Accessed July 2021.

    Kern, Matthew. “20 Enterprise Architecture Practices.” LinkedIn, 3 March 2016. Accessed Nov. 2016.

    Lahanas, Stephen. “Infrastructure Architecture, Defined.” IT Architecture Journal, Sept. 2014. Accessed July 2021.

    Lean IX website, Accessed July 2021.

    Litoiu, Milena. Course material from Information Technology 2690: Foundations of Enterprise Architecture, 2021, University of Toronto.

    Mocker, M., J.W. Ross, and C.M. Beath. “How Companies Use Digital Technologies to Enhance Customer Findings.” MIT CISR Working Paper No. 434, Feb. 2019. Qtd in Mayor, Tracy. “MIT expert recaps 30-plus years of enterprise architecture.” MIT Sloan, 10 Aug. 2020. Web.

    “Open Agile ArchitectureTM.” The Open Group, 2020. Accessed July 2021.

    “Organizational Design Framework – The Transformation Model.” The Center for Organizational Design, n.d. Accessed 1 Aug. 2020.

    Ross, Jeanne W. et al. Enterprise Architecture as Strategy: Creating a Foundation for Business Execution. Harvard Business School Press, 2006.

    Rouse, Margaret. “Enterprise Architecture (EA).” SearchCIO, June 2007. Accessed Nov. 2016.

    “SAFe 5 for Lean Enterprises.” Scaled Agile Framework, Scaled Agile, Inc. Accessed 2021.

    “Security Architecture.” Technopedia, updated 20 Dec. 2016. Accessed July 2021.

    “Software Engineering Institute.” Carnegie Mellon University, n.d. Web.

    “TOGAF 9.1.” The Open Group, 2011. Accessed Oct. 2016.

    “TOGAF 9.2.” The Open Group, 2018. Accessed July 2021.

    Thompson, Rachel. “Stakeholder Analysis: Winning Support for Your Projects.” MindTools, n.d. Accessed July 2021.

    Wendt, Jerome M. “Redefining ‘SMB’, ‘SME’ and ‘Large Enterprise.’” DCIG, 25 Mar. 2011. Accessed July 2021.

    Wilkinson, Jim. “Business Drivers.” The Strategic CFO, 23 July 2013. Accessed July 2021.

    Zachman, John. “Conceptual, Logical, Physical: It is Simple.” Zachman International, 2011. Accessed July 2021.

    Application Development Quality

    • Buy Link or Shortcode: {j2store}26|cart{/j2store}
    • Related Products: {j2store}26|crosssells{/j2store}
    • member rating overall impact: 10.0/10
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Applications
    • Parent Category Link: /applications
    Apply quality assurance across your critical development process steps to secure quality to product delivery

    Modernize and Transform Your End-User Computing Strategy

    • Buy Link or Shortcode: {j2store}308|cart{/j2store}
    • member rating overall impact: 9.6/10 Overall Impact
    • member rating average dollars saved: $34,982 Average $ Saved
    • member rating average days saved: 25 Average Days Saved
    • Parent Category Name: End-User Computing Strategy
    • Parent Category Link: /end-user-computing-strategy

    IT needs to answer these questions:

    • What types of computing devices, provisioning models, and operating systems should be offered to end users?
    • How will IT support devices?
    • What are the policies and governance surrounding how devices are used?
    • What actions are we taking and when?
    • How do end-user devices support larger corporate priorities and strategies?

    Your answers need to balance choice, risk, and cost.

    Our Advice

    Critical Insight

    • Even if a user has a prestigious tablet, if the apps aren’t built well, they can’t get support on it, or they can’t connect, then that device is useless. Focus on supportability, use cases, connection, and policy – and the device.

    Impact and Result

    • Identify desired benefits that align to IT and corporate priorities and strategies.
    • Perform a persona analysis.
    • Define a vision for end-user computing.
    • Define the standard device and app offerings.
    • Improve the supporting services surrounding devices.
    • Develop a roadmap for implementing your strategy.

    Modernize and Transform Your End-User Computing Strategy Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. End-User Computing Strategy Deck – A step-by-step document to walk you through end-user computing trends and processes to improve customer satisfaction.

    This storyboard will help you identify your goals, build standard offerings for users, define governance and policies around offerings, and develop a roadmap for your EUC program.

    • Modernize and Transform Your End-User Computing Strategy – Phases 1-3

    2. End-User Computing Strategy Template – A repository for your current-state and persona analysis to identify technology requirements for each user group.

    Use these templates to document your end-user computing strategy. Follow the guidelines in the blueprint and record activity results in the template. The findings will be presented to the management team.

    • End-User Computing Strategy Template
    • User Group Analysis Workbook

    3. End-User Computing Ideas Catalog and Standard Offering Guide – Templates that guide you to document the outcome from persona analysis to define standard offerings and policies.

    The Ideas Catalog introduces provisioning models, form factors, and supported operating systems. Use the Standard Offering Template to document provisioning models and define computing devices along with apps and peripherals according to the outcome of the user group analysis.

    • Standard End-User Entitlements and Offerings Template
    • End-User Computing Ideas Catalog

    4. End-User Computing Policies – Policies that establish requirements for end-user computing.

    Use these policy templates to communicate the purposes behind each end-user computing decision and establish company standards, guidelines, and procedures for the purchase of technologies. The policies will ensure purchasing, reimbursement, security, and remote wiping enforcements are consistent and in alignment with the company strategy.

    • Mobile Device Connectivity & Allowance Policy
    • Purchasing Policy
    • Mobile Device Reimbursement Agreement
    • Mobile Device Reimbursement Policy
    • BYOD Acceptable Use Policy
    • Mobile Device Remote Wipe Waiver Template
    • General Security – User Acceptable Use Policy
    • Device Entitlement Policy Template

    Infographic

    Workshop: Modernize and Transform Your End-User Computing Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Set the Direction

    The Purpose

    Dig into the current state and build user persona.

    Key Benefits Achieved

    Determine your challenges and strengths.

    Delineate user IT requirements.

    Activities

    1.1 Assess the current state of end-user computing.

    1.2 Perform SWOT analysis.

    1.3 Map benefits to stakeholder drivers and priorities.

    1.4 Identify user groups.

    1.5 Identify supporting technology.

    1.6 Identify opportunities to provide value.

    Outputs

    SWOT analysis of current state

    Goals cascade

    Persona analysis

    2 Define the Offering

    The Purpose

    Define your EUC vision and standard offerings.

    Key Benefits Achieved

    Brainstorm EUC vision and mission.

    Find out the standard offerings.

    Set the direction for end-user computing to support shift-left enablement.

    Activities

    2.1 Prioritize benefits.

    2.2 Craft a vision and mission statement.

    2.3 Identify goals.

    2.4 Define guiding principles for your strategy.

    2.5 Select a provisioning model for each persona.

    2.6 Define the standard device offerings.

    2.7 Document each persona's entitlements.

    Outputs

    Vision statement, mission statement, and guiding principles

    Goals and indicators

    End-user device entitlements standard

    3 Support the Offering

    The Purpose

    Outline supporting practices and define policies for each use case.

    Key Benefits Achieved

    Document supporting practices.

    Document EUC policies.

    Activities

    3.1 Define device management tools and approach.

    3.2 Identify groups involved in supporting practices.

    3.3 Identify opportunities to improve customer service.

    3.4 Define acceptable use.

    3.5 Define BYOD policies.

    3.6 Define procurement and entitlement policies.

    3.7 Define security policies.

    Outputs

    List of management tools for end-user computing

    Roles and responsibilities for maintaining the end-user computing environment

    Opportunities to improve customer service

    End-user computing policy templates

    4 Bridge the Gap and Create the Roadmap

    The Purpose

    Build a user migration roadmap.

    Key Benefits Achieved

    Make the project a reality by documenting initiatives and building a roadmap.

    Activities

    4.1 Identify the gaps in devices, user support, use cases, policy & governance, and fitness for use.

    4.2 Plan the deployment and user migration journey.

    4.3 Document initiatives in the roadmap.

    Outputs

    Initiatives mapped to practice areas

    User migration journey map

    Further reading

    Modernize and Transform Your End-User Computing Strategy

    Support the workforce of the future.

    EXECUTIVE BRIEF

    Analyst Perspective

    Focus beyond the device

    It’s easy to think that if we give end users nice devices, then they will be more engaged and they will be happy with IT. If only it were that easy.

    Info-Tech Research Group has surveyed over 119,000 people through its CIO Business Vision diagnostic. The results show that a good device is necessary but not enough for high satisfaction with IT. Once a user has a decent device, the other aspects of the user’s experience has a higher impact on their satisfaction with IT.

    After all, if a person is trying to run apps designed in the 1990s, if they are struggling to access resources through an underperforming VPN connection, or if they can’t get help when their devices and apps aren’t working, then it doesn’t matter that you gave them a state-of-the-art MacBook or Microsoft Surface.

    As you build out your end-user computing strategy to reflect the new reality of today’s workforce, ensure you focus on shifting user support left, modernizing apps to support how users need to work, and ensuring that your network and collaboration tools can support the increased demands. End-user computing teams need to focus beyond the device.

    Ken Weston, ITIL MP, PMP, Cert.APM, SMC

    Research Director, Infrastructure and Operations Info-Tech Research Group

    Mahmoud Ramin, PhD

    Senior Research Analyst, Infrastructure and Operations Info-Tech Research Group

    Executive Summary

    Your Challenge

    IT needs to answer these questions:

    • What types of computing devices, provisioning models, and operating systems (OSes) should be offered to end users?
    • How will IT support devices?
    • What are the policies and governance surrounding how devices are used?
    • What actions are we taking and when?
    • How do end-user devices support larger corporate priorities and strategies?

    Your answers need to balance choice, risk, and cost.

    Common Obstacles

    Management paradigms have shifted:

    • OSes, device management, and IT asset management (ITAM) practices have changed.
    • Users expect full capabilities on any personal device.
    • Virtual desktops are switching to the cloud.
    • Low-code/no-code platforms allow the business to manage their own apps or comanage with IT.
    • Work-from-anywhere is the default.
    • Users have higher customer service expectations.

    Take end-user computing beyond the OS.

    Info-Tech's Approach

    This blueprint will help you:

    • Identify desired benefits that align to IT and corporate priorities and strategies.
    • Perform a persona analysis.
    • Define a vision for end-user computing.
    • Define the standard device and app offerings.
    • Improve the supporting services surrounding devices.
    • Develop a roadmap for implementing your strategy.

    A good device is necessary for satisfaction with IT but it’s not enough.

    If a user has a prestigious tablet but the apps aren’t built well, they can’t get support on it, or they can’t connect to the internet, then that device is useless. Focus on supportability, use cases, connection, policy – and device.

    Your challenge

    This blueprint will help you build a strategy that answers these questions:

    • What types of computing devices should be offered to end users?
    • What provisioning models will be used?
    • What operating systems are supported?
    • How will IT support devices?
    • What are the policies and governance surrounding how devices are used?
    • What actions are we taking and when?
    • How do end-user devices support larger corporate priorities and strategies?

    Definition: End-User Computing (EUC)

    End-user computing (EUC) is the domain of information and technology that deals with the devices used by workers to do their jobs. EUC has five focus areas: devices, user support, use cases, policy & governance, and fitness for use.

    A good end-user computing strategy will effectively balance:

    User Choice

    Cost

    Risk

    The right balance will be unique for every organization.

    Strike the right balance

    The discussion is larger than desktop support

    If IT is an influencer, then you get to drive this conversation. If IT is not an influencer, then you need to support whatever option the business wants.

    Cost Risk Choice Result
    Higher Education High importance Low importance High importance Full BYOD for professors. Standardized offerings for administration.
    Software Development Firms Low importance Medium/High importance High importance Standardized offerings for developers. Virtual desktops for users on BYOD.
    Legal Firm Medium importance High importance Low importance Partners offered prestigious devices. Everyone else uses Windows PCs. Virtual desktops and apps for remote access.

    Healthcare

    High importance High importance Low importance Nurses, janitors, and other frontline staff use shared tablets. Doctors are provisioned their own tablet. Admin staff and doctors are provisioned virtual desktops to maintain security and compliance.
    Government High importance High importance Low importance Standardized PC offerings for all employees. MacBooks are provided with justification. Devices managed with Intune and ConfigMgr.

    Good devices are necessary for overall IT satisfaction

    BUT

    Good devices are not enough for high satisfaction

    A bad device can ruin a person’s satisfaction with IT

    Info-Tech’s CIO Business Vision has shown that when someone is dissatisfied with their device, their satisfaction with IT overall is only 40.92% on average.

    When a person is satisfied with their device, their average satisfaction increases by approximately 30 percentage points to 70.22%. (Info-Tech Research Group, CIO Business Vision, 2021; N=119,383)

    The image is a bar graph, with the Y-axis labelled Overall IT Satisfaction. There are two bars, one labelled Satisfied With Devices, which is at 70.22%, and the other labelled Dissatisfied With Devices, which is at 40.92%.

    Improvements in the service desk, business apps, networks and communication infrastructure, and IT policy all have a higher impact on increasing satisfaction.

    For every one-point increase in satisfaction in those areas, respondents’ overall satisfaction with IT increased by the respective percentage of a point. (Info-Tech Research Group, CIO Business Vision, 2021; N=119,409)

    The image shows a graphic of five arrows pointing upwards. They are labelled (from right to left): Devices--42.20%; IT Policy--45.90%; Network & Comms Infra--59.49%; Business Apps--63.89%; Service Desk--65.19%, 1.54 times the impact of devices.

    End-User Paradigms Have Shifted

    Take end-user computing beyond the device

    Operating System - OS

    Only Windows

    • More choices than ever before

    Endpoint Management System - UEM

    Group Policy & Client Management

    • Modern & Unified Endpoint Management

    Personal Devices - BYOD

    Limited to email on phones

    • Full capabilities on any device

    IT Asset Management - ITAM

    Hands-on with images

    • Zero-touch with provisioning packages

    Virtual Desktops - DaaS

    Virtual Desktop Infrastructure in the Data Center

    • Desktop-as-a-Service in the cloud

    Business-Managed Apps - BMA

    Performed by IT

    • Performed by the Business and IT

    Work-From-Anywhere - WFA

    Rare

    • Default

    Customer Satisfaction - C Sat

    Phone calls and transactional interactions

    • Self-serve & managing entire experience

    Don’t limit your focus to only Windows and Macs

    Android is the OS with the largest market share

    Users and IT have more choices than ever before

    Operating System - OS

    Only Windows

    • More choices than ever before

    Microsoft is still the dominant player in end-user computing, but Windows has only a fraction of the share it once had.

    IT needs to revisit their device management practices. Modern management tools such as unified endpoint management (UEM) tools are better suited than traditional client management tools (CMT) for a cross-platform world.

    IT must also revisit their application portfolios. Are business apps supported on Android and iOS or are they only supported on Windows? Is there an opportunity to offer more options to end users? Are end users already running apps and handling sensitive data on Android and iOS through software-as-a-service and bring-your-own-device (BYOD) capabilities in Office 365 and Google apps?

    The image shows a bar graph titled OS Market Share, 2011-2021. On the x-axis are OS names with a bar in blue representing their market share in 2011, and a bar in purple showing their market share in 2021. The data shown is as follows: Windows--85.98% (2011), 31.62% (2021); Android--1.22% (2011), 40.85% (2021); iOS--2.1% (2011), 16.42% (2021); Mac OS X--6.19% (2011); 6.8% (2021); Other--4.51% (2011), 4.31% (2021). Source: StatCounter Global Stats.

    OS market share is partly driven by the digital divide

    If someone must choose between a smartphone and a computer, they go with a smartphone

    IT can’t expect everyone to be fluent on Windows and Mac, have a computer at home, or even have home broadband.

    Of US adults aged 18-29:

    • 96% have a smartphone (the rest have cellphones).
    • Only 70% of US adults aged 18-29 have a home broadband connection.

    Further, only 59% of US adults making less than $30,000/year have a laptop or desktop. (“Mobile Technology” and “Digital Divide,” Pew Research, 2021.)

    Globally, people are likelier to have a cell subscription than they are to have access to broadband.

    The image is a bar graph, with a list of countries on the X-axis, with each having two bars: blue indicating Fixed Broadband Subscriptions per 100 people and purple indicating Mobile Cellular Subscriptions per 100 people. In all listed countries, the number of Mobile Cellular Subscriptions per 100 people is higher than Fixed Broadband Subscriptions. Source: The World Bank, 2020. Most recent data for USA mobile cellular subscriptions is from 2019.

    Embrace new device management paradigms

    Endpoint Management System - UEM

    Group Policy & Client Management

    • Modern & Unified Endpoint Management

    Evaluate enterprise mobility management and unified endpoint management to better support a remote-first, cross-platform reality.

    Client Management Tool (CMT)

    CMTs such as Microsoft Endpoint Configuration Manager (ConfigMgr, aka SCCM) can be used to distribute apps, apply patches, and enforce group policy.

    Enterprise Mobility Management (EMM)

    EMM tools allow you to manage multiple device platforms through mobile device management (MDM) protocols. These tools enforce security settings, allow you to push apps to managed devices, and monitor patch compliance through reporting.

    EMM tools often support mobile application management (MAM) and mobile content management (MCM). Most EMM tools can manage devices running Windows, Mac OS, iOS, and Android, although there are exceptions.

    Unified Endpoint Management (UEM)

    UEM solutions combine CMT and EMM for better control of remote computers running Windows or Macs. Examples include:

    • Windows devices comanaged by Intune and ConfigMgr.
    • Mac devices managed by Jamf Pro.
    • Mac devices comanaged by Jamf Pro and Intune.

    Most UEM tools can manage devices running Windows, Mac OS, iOS, and Android, allowing IT to manage all end-user devices from a unified tool set (although there are exceptions).

    Mobile Application Management (MAM)

    MAM provides the ability to package an app with security settings, distribute app updates, and enforce app updates. Some capabilities do not require apps to be enrolled in an EMM or UEM solution.

    Mobile Content Management (MCM)

    MCM tools distribute files to remote devices. Many MCM solutions allow for security settings to be applied, such as encrypting the files or prohibiting data from leaving the secure container. Examples include OneDrive, Box, and Citrix ShareFile.

    Adopt modern management with EMM and UEM – better toolsets for today’s state of EUC

    Sacrifice your Group Policy Objects to better manage Windows computers

    Windows Management Features Traditional CMT Hybrid UEM Cloud-Based EMM
    Group Policy ✔ Primary management approach ✔ Available alongside configuration service providers X Replaced by configuration service providers
    Manage remote devices without VPN X X
    No longer manage and maintain images X ✔ Images are still available ✔ Images replaced by provisioning packages
    Secure and support BYOD X (Certain tools may offer limited MDM capabilities)
    Support remote zero-touch provisioning X (Only available via PXE boot)
    App, patch, update deployments Via defined distribution points Via defined distribution points or MAM Via MAM

    IT asset management practices are shifting

    IT Asset Management - ITAM

    Hands-on with images

    • Zero-touch with provisioning packages

    Supply chain issues are making computers longer to procure, meaning users are waiting longer for computers (Cision, 2021). The resulting silicon chip shortage is expected to last until at least 2023 (Light Reading, 2021).

    IT departments are delaying purchases, delaying refreshes, and/or purchasing more to reserve devices before they need them.

    Remote work has increased by 159% over the past 12 years (NorthOne, 2021). New hires and existing users can’t always go into the office to get a new computer.

    IT departments are paying vendors to hold onto computers and then drop-ship them directly to the end user. The devices are provisioned using zero touch (e.g. Autopilot, Apple Device Manager, or another tool). Since zero-touch provisioning tools do not support images, teams have had to switch to provisioning packages.

    The pandemic saw an increase in spending on virtual desktops

    Virtual desktops offered powerful tools for supporting remote devices and personal computers without compromising sensitive data

    Virtual Desktops - DaaS

    Virtual Desktop Infrastructure in the Data Center

    • Desktop-as-a-Service in the cloud

    The pandemic helped cloud-based virtual desktop infrastructure (VDI)

    Citrix saw subscription revenue increase 71% year over year in 2020 (Citrix 2020 Annual Report, p. 4). VMware saw subscription and SaaS revenue increase 38% from January 2020 to 2021 – while on-premises licensing revenue decreased by 5% (VMware Annual Report 2021, p. 40).

    IT no longer needs to manage the underlying infrastructure

    Microsoft and AWS are offering desktops as a service (i.e. cloud-based virtual desktops). IT needs to manage only the device, not the underlying virtual desktop infrastructure. This is in addition to Citrix’s and VMware’s cloud offerings, where IT doesn’t need to manage the underlying infrastructure that supports VDI.

    Visit the blueprint Implement Desktop Virtualization and Transition to Everything as a Service to get started.

    Work-from-anywhere (WFA) is now the default

    COVID-19 forced this shift

    Work-From-Anywhere - WFA

    Rare

    • Default

    Be prepared to support a hybrid workforce, where people are sometimes working remotely and sometimes working in the office.

    • Device provisioning and deployment need to be rethought. In-person deployment is not always possible. IT should evaluate tools such as zero-touch provisioning.
    • Service desks need better monitoring and management tools. End-user experience management (EUEM) can allow you to better identify where network issues are occurring – in your data center, at the user’s house, in the cloud, or somewhere in between. Remote control tools can then allow your tier 1 to remediate issues on the user’s device.
    • Apps and devices need to be usable from anywhere. Environments that rely on desktops and on-premises apps need to be rearchitected for a remote-first workforce.
    • Users are living inside video conferencing tools. With the impact of the COVID-19 pandemic, there are about 145 million daily users of Microsoft Teams, almost twice the number of users in 2020 (MUO, 2021). Ensure they have the training and expertise to effectively use these tools.

    “More technical troubleshooting due to users working from home a lot more. It can be more difficult to talk users through fixes when they are off site if you cannot remotely assist so more emphasis on the communication skill which was already important.” (Service Desk Institute, 2021)

    Visit the Hybrid Workplace Research Center to better support a hybrid workforce.

    BYOD fully includes personal computers

    It’s no longer about whether IT will allow BYOD

    Stop pretending BYOD doesn’t happen

    Personal Devices - BYOD

    Limited to email on phones

    • Full capabilities on any device
    • BYOD (including BYOPC) is turned on by default. SaaS tools like Office 365 are built to be used on multiple devices, including multiple computers. Further, the pandemic saw 47% of organizations significantly increase their use of BYOD (Cybersecurity Insiders, 2021; N=271).
    • BYOD can boost productivity. When employees can use smartphones for work, they report that it increases their productivity by 34 percent (Samsung Insights, 2016).
    • BYOD is hard to support, so most organizations don’t. Only 22% of organizations provide full support for mobile devices, while 20% provide no support, 25% provide ad hoc support, and 26% provide limited support (Cybersecurity Insiders, 2021). If smartphones and tablets are heavily ingrained in business processes, then migrating to BYOD can overload the service desk.
    • Securely enable employees. Mobile application management (MAM), mobile content management (MCM), and Office 365 have gotten smarter at protecting corporate data.

    Action Item: Identify how IT can provide more support to personally owned computers, tablets, and smartphones.

    58% of working Americans say their work devices are “awful to work on." (PCMag, 2021)

    But only 22% of organizations provide full support to BYOD. (Cybersecurity Insiders, 2021)

    IT must either provide better devices or start fully supporting users on personal PCs.

    Build governance practices for low-code development platforms

    Managing 1,000 different apps built out on low-code business process management platforms is hard, but it’s not nearly as hard as managing 1,000 unique SaaS apps or access databases

    Business-Managed Apps - BMA

    Performed by IT

    • Performed by the Business and IT

    Pros - Opportunities

    • Offers DIY to users
    • Business can build them quickly
    • IT has central visibility
    • IT can focus on the platform

    Cons - Threats

    • Sensitive data can get exposed
    • Users may have issues with continuity and backup
    • Responding to platform changes will be potentially challenging
    • Support may be difficult after the app creator leaves

    Action Item: Build a governance framework that describes the roles and responsibilities involved in business-owned apps. Identify the user’s role and end-user computing’s role in supporting low-code apps.

    Visit the blueprint Embrace Business-Managed Apps to learn how to build a governance framework for low-code development platforms.

    Visit the Low-Code Business Process Management SoftwareReviews category to compare different platforms.

    Update your customer service practices

    End users expect self-service and help from tier 1

    Re-evaluate how you support both corporate-issued and personal-owned computers and mobile devices

    Customer Satisfaction - C Sat

    Phone calls and transactional interactions

    • Self-serve & managing entire experience

    Microsoft’s 2019 “Global State of Customer Service” report shows that people have high expectations:

    • 31% of people expect call agents to have a “deep understanding of the caller’s relationship with the company”
    • 11% expect self-service capabilities

    End users have the same expectations of IT, the service desk, and end-user computing teams:

    • Users expect any IT person with whom they are talking to have a deep understanding of their devices, apps, open tickets, and closed tickets.
    • Users expect tier 1 to be able to resolve their incidents and requests without escalating to tier 2 or tier 3 end-user computing specialists.

    Most Important Aspects of Customer Service

    Resolving issue in one interaction - 35%

    Knowledgeable agent - 31%

    Finding information myself - 11%

    Not repeating information - 20%

    (Microsoft, 2019)

    Desktop engineering needs to shift left

    Revisit what work can only be done by tier 2 and tier 3 teams

    Shifting left involves shifting resolution of incidents and service requests down from more costly resources to the first line of support and to end users themselves through self-service options

    • Tier 1 needs up-to-date information on the end users’ devices and open tickets.
    • Users should be able to request apps and download those apps through a self-service portal, a software catalog, or an app store.
    • Tier 1 needs to be empowered to remote wipe devices, see troubleshooting and diagnostics information, and resolve incidents without needing to escalate.

    Action Item: Apply shift-left enablement to train tier 1 agents on troubleshooting more incidents and fulfilling more service requests. Build top-notch self-service capabilities for end users.

    The image is a graphic titled Shift-Left Strategy. At the top, it lists Auto-Fix; User, Tier 1, Tier 2/3, and Vendor. On the left, it lists Metrics vertically: Cost, Time, Satisfaction. A bar displays how high or low the metric is based on the categories listed at the top.

    Work with your service desk on the blueprint Optimize the Service Desk with a Shift-Left Strategy.

    Windows 11 is coming

    Prepare to make the jump

    The sooner you start, the easier the migration will be

    • Begin planning hardware refreshes. Old computers that do not have a TPM 2.0 chip are not currently supported on Windows 11 (“Enable TPM 2.0,” Microsoft, 2021). If you have old computers that will not support the jump to Windows 11– especially given the supply chain disruptions and silicon chip shortages – it is time to consider computer upgrades.
    • The end of Windows 10 is coming. Windows 10’s retirement date is currently October 14, 2025 (“Windows 10 Home and Pro,” Microsoft, 2021). If you want to continue running Windows 10 on older computers beyond that time, you will need to pay for extended support or risk those computers being more easily breached.
    • Begin testing your apps internally. Run Windows 11 within IT and test whether your apps will work on Windows 11.
    • Pilot Windows 11 with IT-friendlies. Find users that are excited for Windows 11 and will not mind a bit of short-term pain.
    • What is your risk appetite? Risk-averse organizations will want to wait until Microsoft, DISA, and/or Center for Internet Security have published security configuration best practices.

    Info-Tech’s approach

    Master the ever-expanding puzzle of end-user computing

    User Group Analysis

    Supported Devices and Apps

    Fitness for Use

    Device Support

    The Info-Tech difference:

    1. Balance user choice, risk mitigation, and cost optimization. The right balance will be unique for every organization.
    2. Standardize the nonstandard. Anticipate your users’ needs by having power options and prestigious options ready to offer.
    3. Consider multiple personas when building your standards, training, and migrations. Early Adopters, Late Adopters, VIP Users, Road Warriors, and Hoarders – these five personas will exist in one form or another throughout your user groups.

    Modernize and Transform Your End-User Computing Strategy

    Focus on the Big Picture

    End-User Paradigms Have Shifted

    Take end-user computing beyond the device

    Operating System - OS

    Only Windows

    • More choices than ever before

    Endpoint Management System - UEM

    Group Policy & Client Management

    • Modern & Unified Endpoint Management

    Personal Devices - BYOD

    Limited to email on phones

    • Full capabilities on any device

    IT Asset Management - ITAM

    Hands-on with images

    • Zero-touch with provisioning packages

    Virtual Desktops - DaaS

    Virtual Desktop Infrastructure in the Data Center

    • Desktop-as-a-Service in the cloud

    Business-Managed Apps - BMA

    Performed by IT

    • Performed by the Business and IT

    Work-From-Anywhere - WFA

    Rare

    • Default

    Customer Satisfaction - C Sat

    Phone calls and transactional interactions

    • Self-serve & managing entire experience

    Don't just focus on the device!

    Improvements in the service desk, business apps, networks and communication infrastructure, and IT policy have a higher impact on increasing satisfaction.

    Impact of End-User Satisfaction of IT by Area Compared to Devices

    Devices (x1.0)

    IT Policy (x1.09)

    Network & Communications Infrastructure (x1.41)

    Business Apps (x1.51)

    Service Desk (x1.54)

    (Info-Tech Research Group, CIO Business Vision, 2021; n=119,409)

    Build your strategy with these components...

    End-User Group Analysis

    • Work location
    • Information interactions
    • Apps
    • Data and files
    • Business capabilities
    • Current offering
    • Pain points
    • Desired gains

    Supported Devices & Apps

    • Primary computing device offerings
    • Power computing device offering
    • Prestigious device offerings
    • Secondary computing device offerings
    • Provisioning models
    • Standard apps
    • Peripherals

    Device Support

    • Self-service
    • Service Desk
    • Specialists

    Fitness for Use

    • Organizational policies
    • Security policies

    Vision

    ...to answer these questions:

    1. What devices will people have?
    2. How will you support these devices?
    3. How will you govern these devices?

    Balance choice, risk, and cost

    The right balance will be unique for every organization. Get the balance right by aligning your strategy's goals to senior leadership’s most important priorities.

    • User choice
    • Risk
    • Cost

    + Standardize the non-standard

    Have a more prestigious option ready for users, such as VIPs, who want more than the usual offerings. This approach will help you to proactively anticipate your users' needs.

    +Consider multiple personas when building your standards, training, and migrations

    These five personas will exist in one form or another throughout your user groups.

    • Early Adopters
    • Late Adopters
    • VIP Users
    • Road Warriors
    • Hoarders

    Use our approach to answer these questions:

    What computers will people have?

    Types of computing devices

    • Power desktop
    • Power laptop
    • Desktop
    • Laptop
    • Virtual Desktop
    • Thin Client Device
    • Pro Tablet
    • Tablet
    • Smartphone

    Corporate-Issued Approaches

    • Kiosk – Shared, Single Purpose
    • Pooled – Shared, Multipurpose
    • Persistent – Individual
    • Personally Owned

    Supported Operating Systems

    • Windows
    • Mac
    • Chrome OS
    • Linux
    • iOS/iPad OS
    • Android

    How will you support these devices?

    Device Management

    • Manual
    • CMT
    • EMM
    • UEM
    • Pooled Virtual Desktop Manager

    Supporting Practices

    • Self-Service
    • Tier 1 Support
    • Specialist Support

    How will you govern these devices?

    Corporate Policies

    • Personal Use Allowed?
    • Management and Security Policies
    • Personal Device Use Allowed?
    • Supported Apps and Use Cases
    • Who Is Allowed to Purchase?
    • Prohibited Apps and Use Cases
    • Device Entitlement
    • Stipends and/or Reimbursement to Users

    Use our blueprint to improve your EUC practices

    1. Devices
      • Corporate-issued devices
      • Standard offerings
    2. User Support
      • Self-service
      • Tier 1 support
    3. Use Cases
      • Providing value
      • Business apps
    4. Policy & Governance
      • Personal device use
      • IT policy
    5. Fitness for Use
      • Securing devices
      • Patching

    Info-Tech’s methodology for end-user computing strategy

    1. Set the Direction 2. Define the Offering 3. Build the Roadmap
    Phase Steps

    1.1 Identify Desired Benefits

    1.2 Perform a User Group Analysis

    1.3 Define the Vision

    2.1 Define the Standard Offerings

    2.2 Outline Supporting Services

    2.3 Define Governance and Policies

    3.1 Develop Initiatives
    Phase Outcomes

    Current-State Assessment

    Goals Cascade

    User Group Assessment

    Vision Statement

    Mission Statement

    Guiding Principles

    Standard Offerings by User Group

    Device Management Model

    Technical Support Model

    Device Entitlement Policy

    Acceptable Use Policy

    Remote Wipe Policy & Waiver

    Personal Device Reimbursement Policy

    End-User Migration Journey Map

    Strategy and Roadmap

    Insight summary

    Once users are satisfied with devices, focus on the bigger picture

    If end users are dissatisfied with devices, they will also be dissatisfied with IT. But if you don’t also focus on apps and supportability, then giving users better devices will only marginally increase satisfaction with IT.

    Bring it back to stakeholder priorities

    Before you build your vision statement, make sure it resonates with the business by identifying senior leadership’s priorities and aligning your own goals to them.

    Balance choice, risk, and cost

    The balance of user choice, risk mitigation, and cost optimization is unique for each company. Get the balance right by aligning your strategy’s goals to senior leadership’s most important priorities.

    Communicate early and often with users

    Expect users to become anxious when you start targeting their devices. Address this anxiety by bringing them into the conversation early in the planning – they will see that their concerns are being addressed and may even feel a sense of ownership over the strategy.

    Standardize the nonstandard

    When users such as VIP users want more than the standard offering, have a more prestigious option available. This approach will help you to proactively anticipate your users’ needs.

    Consider multiple personas when building your standards, training, and migrations

    Early Adopters, Late Adopters, VIP Users, Road Warriors, and Hoarders – these five personas will exist in one form or another throughout your user groups.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    User Group Analysis Workbook

    Use these worksheets to guide your analysis.

    End-User Computing Ideas Catalog

    Compare options for your end-user computing environment.

    Standard End-User Entitlements and Offerings

    Define your supported offerings and publish this document in your service catalog.

    Policy Templates

    Use these templates as a starting point for addressing policy gaps.

    Key deliverable:

    End-User Computing Strategy

    Document your strategy using this boardroom-ready template.

    Blueprint benefits

    IT Benefits

    • Deliver immediate value to end users.
    • Provide the best service based on the user persona.
    • Provide better device coverage.
    • Use fewer tools to manage a less diverse but equally effective array of end-user computing devices.
    • Provide more managed devices that will help to limit risk.
    • Have better visibility into the end-user computing devices and apps.

    Business Benefits

    • Conduct corporate business under one broad strategy.
    • Provide support to IT for specific applications and devices.
    • Take advantage of more scalable economies for providing more advantageous technologies.
    • Experience less friction between end users and the business and higher end-user satisfaction.

    Measure the value of this blueprint

    Your end-user computing strategy is an investment

    Track the returns on your investment, even if those returns are soft benefits and not cost reductions

    User Satisfaction

    • Satisfaction with device
    • Satisfaction with business apps
    • Satisfaction with service desk timeliness
    • Satisfaction with service desk effectiveness
    • Satisfaction with IT Employee engagement

    Total Cost

    • Spend on each type of device
    • Cost of licenses for management tools, operating systems, and apps
    • Cost of support agreements # of support tickets per device per employee
    • Time spent supporting devices per tier or support team
    • Time spent per OS/app release

    Risk Mitigation

    • # of devices that are end-of-life
    • % of devices in compliance
    • # of unmanaged devices
    • # of devices that have not checked in to management tool

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 8 to 10 calls over the course of 4 to 6 months.

    Phase 1: Set the Direction

    • Call #1: Review trends in end-user computing and discuss your current state.
    • Call #2: Perform a user group analysis.
    • Call #3: Identify desired benefits and map to stakeholder drivers.

    Phase 2: Define the Offering

    • Call #4: Define standard offerings.
    • Call #5: Select provisioning models.
    • Call #6: Outline supporting services and opportunities to shift end-user computing support left.
    • Call #7: Identify gaps in governance and policies.

    Phase 3: Build the Roadmap

    • Call #8: Develop initiatives.
    • Call #9: Plan migration and build roadmap.

    EUC Strategy Workshop Overview

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Day 5
    Set the Direction Define the Offering Support the Offering Bridge the Gap and Create the Roadmap Next Steps and Wrap-Up (offsite)
    Activities

    1.1 Identify desired benefits.

    1.1.1 Assess the current state of end-user computing.

    1.1.2 Perform a SWOT analysis.

    1.1.3 Map benefits to stakeholder drivers and priorities.

    1.2 Analyze user groups.

    1.2.1 Identify user groups.

    1.2.2 Identify supporting technology.

    1.2.3 Record use cases.

    1.2.4 Identify opportunities to provide value.

    1.3 Define the vision.

    1.3.1 Prioritize benefits.

    1.3.2 Craft a vision and mission statement.

    1.3.3 Identify goals.

    1.3.4 Define guiding principles for your strategy.

    2.1 Define the standard offerings.

    2.1.1 Select a provisioning model for each persona.

    2.1.2 Define the standard device offerings.

    2.1.3 Document each personas’ entitlements.

    2.2 Outline supporting practices.

    2.2.1 Define device management tools and approach.

    2.2.2 Identify groups involved in supporting practices.

    2.2.4 Identify opportunities to improve customer service.

    2.3 Define policies. 2.3.1 Define acceptable use. 2.3.2 Define BYOD policies. 2.3.3 Define procurement and entitlement policies. 2.3.4 Define security policies.

    3.1 Develop initiatives.

    3.1.1 Identify the gaps in devices, user support, use cases, policy & governance, and fitness for use.

    3.1.2 Plan the deployment and user migration journey.

    3.1.3 Document initiatives in the roadmap .

    5.1 Complete in-progress deliverables from previous four days.

    5.2 Set up time to review workshop deliverables and discuss next steps

    Deliverables
    1. SWOT analysis of current state
    2. Goals cascade
    3. Persona analysis
    1. Vision statement, mission statement, and guiding principles
    2. Goals and indicators
    3. End-user device entitlements standard
    1. List of management tools for end-user computing
    2. Roles and responsibilities for maintaining the end-user computing environment
    3. Opportunities to improve customer service
    4. End-user computing policy templates
    1. Initiatives mapped to practice areas
    2. User’s migration journey map
    1. End-user computing strategy template
    2. End-user computing roadmap

    Phase 1

    Set the Direction

    Set the Direction

    1.1 Identify Desired Benefits

    1.2 Perform a User Group Analysis

    1.3 Define the Vision

    Define the Offering

    2.1 Define the Standard Offerings

    2.2 Outline Supporting Services

    2.3 Define Governance and Policies

    Build the Roadmap

    3.1 Develop Initiatives

    This phase will walk you through the following activities:

    • Current-state analysis
    • Goals cascade
    • Persona analysis

    This phase involves the following participants:

    • End-User Computing Team
    • IT Leadership

    Set a direction that will create value for IT, stakeholders, and end users

    Use your insights to build your strategy

    Start by downloading Info-Tech’s End-User Computing Strategy Template

    1. Perform a stop-start-continue exercise for how IT supports end-user devices.
    2. Perform a goals cascade to identify how the end-user computing strategy can align with and support senior leaders’ priorities and strategic objectives.
    3. Perform a user group analysis to identify what IT can do to provide additional value to end users.
    4. Use the results to define a vision for your end-user computing strategy and in-scope benefits.

    Download the End-User Computing Strategy Template.

    Step 1.1

    Identify Desired Benefits

    Activities

    1.1.1 Assess the current state of end-user computing

    1.1.2 Perform a SWOT analysis

    1.1.3 Map benefits to stakeholder drivers and priorities

    Optional: Identify current total cost of ownership

    This step requires the following inputs:

    • Current approach for end-user computing
    • List of strengths and weaknesses of the current approach

    This step involves the following participants:

    • CIO
    • End-User Computing Team
    • IT Leadership
    • End-User Computing Manager

    Outcomes of this step

    • Defined success metrics that are tied to business value
    • Vision statement, mission statement, and guiding principles

    Review your current state for each end-user computing practice

    1. Devices
      • Corporate-issued devices
      • Standard offerings
    2. User Support
      • Self-service
      • Tier 1 support
    3. Use Cases
      • Providing value
      • Business apps
    4. Policy & Governance
      • Personal device use
      • IT policy
    5. Fitness for Use
      • Securing devices
      • Patching

    1.1.1 Assess the current state of end-user computing

    Discuss IT’s strengths and challenges

    Review your success in responding to the trends highlighted in the executive brief.

    • Start by reviewing the trends in the executive brief. Identify which trends you would like to focus on.
    • Review the domains below. Discuss:
      • Your current approach
      • Strengths about this approach
      • Challenges faced with this approach
    • Document the results in the “Current-State Assessment” section of your End-User Computing Strategy.
    1. Devices
      • Corporate-issued devices
      • Standard offerings
    2. User Support
      • Self-service
      • Tier 1 support
    3. Use Cases
      • Providing value
      • Business apps
    4. Policy & Governance
      • Personal device use
      • IT policy
    5. Fitness for Use
      • Securing devices
      • Patching

    Download the End-User Computing Strategy Template.

    Consider these aspects of end-user computing in your assessment

    Devices: As shown in the executive brief, devices are necessary for satisfaction in IT. In your current-state assessment, outline the principal means by which users are provided with a desktop and computing.

    • Corporate-issued devices: Document the types of devices (e.g. laptops, desktops, smartphones) and operating systems that IT currently supports.
      • Strengths: Highlight user satisfaction with your current offerings by referencing recent relationship surveys.
      • Challenges: Document corporate-issued devices where stakeholders and users are not satisfied, platforms that stakeholders would like IT to support, etc.
    • Standard offerings: Name the high-level categories of devices that you offer to end users (e.g. standard device, power device).
      • Strengths: Outline steps that IT has taken to improve the portfolio of standard offerings and to communicate the offerings.
      • Challenges: Identify areas to improve the standard offerings.

    User support: Examine how the end-user computing team enables a high-quality customer service experience. Especially consider self-service and tier 1 support.

    • Self-service: Describe the current state of your self-service capabilities (e.g. name of the self-service portal, number of apps in the app store).
      • Strengths: Outline successes with your self-service capabilities (e.g. use of self-service tools, recently deployed tools, newly supported platforms).
      • Challenges: Identify gaps in self-service capabilities.
    • Tier 1 support: Document the number of end-user computing incidents and service requests that are resolved at tier 1 as well as the number of incidents and service requests that are resolvable without escalation.
      • Strengths: Identify technologies that make first contact resolution possible. Outline other items that support tier 1 resolution of end-user computing tickets, such as knowledgebase articles and training programs.
      • Challenges: Document areas in which tier 1 resolution of end-user computing tickets is not feasible.

    Considerations (cont’d.)

    Use cases: Reflect on how IT and end-user computing supports users’ most important use cases. Consider these aspects:

    • Providing value: Identify the number of user groups for which you have completed a user group analysis. Outline your major approaches for capturing feedback, such as relationship surveys.
      • Strengths: Document any successful initiatives around stakeholder relationships and requirements gathering. You can also highlight successful metrics, such as high satisfaction scores from a team, department, or division.
      • Challenges: Identify where there are dissatisfied stakeholders and gaps in product offerings and where additional work around value generation is required.
    • Business apps: Outline your major business apps and your approach to improvement for these apps. If you need assistance gathering feedback from end users and stakeholders, you can use Info-Tech’s Application Portfolio Assessment.
      • Strengths: Show the EUC team’s successes in supporting critical business apps (e.g. facilitating user acceptance testing, deploying via endpoint management tool).
      • Challenges: Name business apps that are not meeting stakeholder needs. Consider if end users are dissatisfied with an app, if IT is unable to adequately monitor and support a business app, etc.

    Policy and governance: Document the current state of policies governing the use of end-user computing devices, both corporate-issued and personally owned. Review Step 2.3 for a list of policy questions to address and for links to policy templates.

    • Personal device use: Explain which users are allowed to use personally owned devices, what use cases are supported, and which types of devices are supported. Also, highlight explicit prohibitions.
      • Strengths: Highlight major accomplishments with BYOD, utilization metrics, etc. Consider including any platforms or apps that support BYOD (e.g. Microsoft Office 365).
      • Challenges: Identify where there are gaps in your support for personal devices. Examples can include insufficient management tools, lack of feedback from end users on BYOD support, undefined policies and governance, and inadequate support for personal devices.

    Considerations (cont’d.)

    IT policies: List your current policy documents. Include policies that relate to end-user computing, such as security policy documents; acceptable use policy documents; purchasing policies; documents governing entitlements to computers, tablets, smartphones, and prestigious devices; and employee monitoring policy documents.

    • Strengths: Outline the effectiveness of these policies, user compliance to these policies, and your success in enforcing these policies.
    • Challenges: Identify where you have gaps in user compliance, gaps in enforcing policies, many exceptions to a policy, etc.

    Fitness for use: Reflect on your ability to secure users, enterprise data, and computers. Document your current capabilities to ensure devices are adequately secured and risks adequately mitigated.

    • Securing devices: Describe your current approach to implementing security baselines, protecting data, and ensuring compliance.
      • Strengths: Highlight your accomplishments with ensuring devices meet your security standards and are adequately managed.
      • Challenges: Identify areas that are not adequately protected, where IT does not have enough visibility, and devices on which IT cannot enforce security standards.
    • Patching: Describe your current approach to distributing OS patches, distributing app patches, and ensuring patch compliance.
      • Strengths: Outline steps that IT has taken to improve release and deployment practices (e.g. user acceptance testing, deployment rings).
      • Challenges: When is IT unable to push a patch to a device? Outline when devices cannot receive a patch, when IT is unable to ensure patches are installed, and when patches are disruptive to end users.

    1.1.2 Perform a SWOT analysis

    Summarize your current-state analysis

    To build a good strategy, you need to clearly understand the challenges you face and opportunities you can leverage.

    • Summarize IT’s strengths. These are positive aspects internal to IT.
    • Summarize IT’s challenge. What internal IT weakness should the strategy address?
    • Identify high-level opportunities. Summarize positive factors that are external to IT (e.g. within the larger organization, strong vendor relationships).
    • Document threats. What external factors present a risk to the strategy?

    Record your SWOT analysis in the “Current-State Assessment” section of your End-User Computing Strategy Template.

    Download the End-User Computing Strategy Template.

    1.1.3 Map benefits to stakeholder drivers and priorities

    Use a goals cascade to identify benefits that will resonate with the business

    Identify how end-user computing will support larger organizational strategies, drivers, and priorities

    1. Identify stakeholders. Focus on senior leaders – user groups will be addressed in Step 1.2.
    2. For each stakeholder, identify three to five drivers or strategic priorities. Use the drivers as a starting point to:
      1. Increase productivity
      2. Mitigate risks
      3. Optimize costs
    3. Map the benefits you brainstormed in Step 1.1 to the drivers. It’s okay to have benefits map to multiple drivers.
    4. Re-evaluate benefits that don’t map to any drivers. Consider removing them.
    Stakeholder Drivers and Strategic Priorities End-User Computing Benefits
    CEO Ensure service continuity with remote work
    • Customers can still be served by remote workers
    Respond to COVID-19 changes with agility
    • Workers can transition seamlessly between working remotely and working in the office
    Reduce unnecessary costs
    • Standardize computer models to reduce spend on devices
    COO Business continuity: being able to work from home
    • Workers can transition seamlessly between working remotely and working in the office

    Record this table on the “Goals Cascade” slide in the “Vision and Desired Benefits” section of your End-User Computing Strategy Template.

    Use the CEO-CIO Alignment Program to identify which business benefits are most important.

    Sample end-user computing benefits

    Business Goals End-User Computing Benefits
    Manage risk Controls are effectively enforced on remote devices Sensitive data is secured Devices and data are accounted for
    Ensure service continuity Business processes can still function with remote personnel Customers can still be served by remote workers Personnel can be productive from anywhere IT practices can still operate remotely
    Comply with external regulation Improved ability to demonstrate compliance
    Respond to change with agility Personnel can be productive from anywhere More business processes can be performed remotely
    Improve operational efficiency More efficient sales practices More efficient customer service practices Increased number of digitized business processes Increased use of IT and HR self-service tools
    Offer competitive products and services Increased customer satisfaction with online services Number of piloted new products
    Manage people Increased employee productivity Increased employee engagement Increased talent attraction Increased workforce retention
    Make data-driven decisions Increased workforce retention Improved understanding of customers Access to accurate data on services and spending Improved IT cost forecasting
    Improve customer experience Increased customer satisfaction with online services Ability to scale up capacity to meet increased demand Customers can still be served by remote workers Improved customer self-service options
    Maximize stakeholder value Transition to OpEx spend and reduce CapEx investments Access to accurate data on services and spending Improved IT cost forecasting

    Optional: Identify current total cost of ownership

    Be mindful of hidden costs, such as those associated with supporting multiple devices and maintaining a small fleet of corporate devices to ensure business continuity with BYOD.

    • Use the Hardware Asset Management Budgeting Tool to forecast spend on devices (and infrastructure) based on project needs and devices nearing end of life.
    • Use the Mobile Strategy TCO Calculator to estimate the total cost of all the different aspects of your mobile strategy, including:
      • Training
      • Management platforms
      • Custom app development
      • Travel and roaming
      • Stipends and taxes
      • Support
    • Revisit these calculators in Phase 2. Use the TCO calculator when considering different approaches to mobility and end-user computing.

    Insert the results into your End-User Computing Strategy Template.

    Download the HAM Budgeting Tool.

    Download the Mobile Strategy TCO Calculator.

    Step 1.2

    Perform a User Group Analysis

    Activities

    1.2.1 Organize roles based on how they work

    1.2.2 Organize users into groups

    1.2.3 Document the current offerings

    1.2.4 Brainstorm pain points and desired gains for each user group

    This step requires the following inputs:

    • List of roles and technologies
    • User feedback
    • List of personas

    This step involves the following participants:

    • End-User Computing Team
    • IT Leadership
    • End-User Computing Manager

    Outcomes of this step

    • List of user groups and use cases for each group
    • List of current offerings for each user group
    • Value analysis for each user group

    Gather the information you need

    Use the Application Portfolio Assessment to run a relationship survey.

    Dive deeper with the blueprint Improve Requirements Gathering.

    List of Roles and Technology

    Organization chart: Consult with HR or department leaders to provide a list of the different roles that exist in each department.

    Identity access management tools: You can consult tools like Active Directory, but only if the data is clean.

    Apps and devices used: Run a report from your endpoint management tool to see what devices and apps are used by one another. Supplement this report with a report from a network management tool to identify software as a service that are in use and/or consult with department leaders.

    User Feedback

    Relationship surveys: Tools like the End-User Application Satisfaction Diagnostic allow you to assess overall satisfaction with IT.

    Focus groups and interviews: Gather unstructured feedback from users about their apps and devices.

    User shadowing: Observe people as they use technology to identify improvement opportunities (e.g. shadow meetings, review video call recordings).

    Ticket data: Identify apps or systems that users submit the most incidents about as well as high-volume requests that could be automated.

    1.2.1 Organize roles based on how they work

    Start by organizing roles into categories based on where they work and how they interact with information.

    1. Define categories of where people work. Examples include:
      1. In office, at home, at client sites
      2. Stationary, sometimes mobile, always mobile
      3. Always in same location, sometimes in different locations, always in different locations within a site, mobile between sites
    2. Define categories of how people interact with information. Examples include:
      1. Reads information, reads and writes information, creates information
      2. Cases, projects, relationships
    3. Build a matrix. Use the location categories on one axis and the interaction categories on the other axis.
    4. Place unique job roles on the matrix. Review each functional group’s organizational chart. It is okay if you don’t fill every spot. See the diagram on this page for an example.
    Always Works in the Same Location Sometimes Works in Different Locations Always Works in Different Locations
    Predominantly Reads Information
    • Janitor
    • Receptionist
    • Receiving
    • Accounts Payable Clerk
    Reads and Writes Information
    • Sales Rep
    • Sales Manager
    • Director of Sales
    • Developer
    • Scrum Master
    • Customer Service Agent
    • CS Manager
    • Call Center Director
    • Accountant
    • Controller
    • HR Specialist
    • Business Analyst
    • VP, Sales
    • Product Manager
    • Project Manager
    • Director of Engineering
    • VP, HR
    • CFO
    • Director of PMO
    • Field Sales Rep
    • CEO
    • CIO
    • COO
    Predominantly Creates Information
    • External Consultants
    • Design
    • Marketing
    • Copywriting

    1.2.2 Organize users into groups

    Populate a user group worksheet for each in-scope group.

    1. Within each quadrant, group similar roles together into “User Groups.” Consider similarities such as:
      1. Applications they use
      2. Data and files with which they interact
      3. Business capabilities they support
    2. Document their high-level profile:
      1. Where they work
      2. Sensitivity of data they access
      3. Current device and app entitlements
    3. Document the resulting user groups. Record each user group on a separate worksheet in the User Group Analysis Workbook.

    Download the User Group Analysis Workbook.

    1.2.3 Document the current offerings

    For each user group, document:

    • Primary and secondary computing devices: Their most frequently used computing devices.
    • Acceptable use: Whether corporate-issued devices are personally enabled.
    • BYOD: Whether this persona is authorized to use their personal devices.
    • Standard equipment provided: Equipment that is offered to everyone in this persona.
    • Additional devices and equipment offered: Equipment that is offered to a subset of this user group. These items can include more prestigious computers, additional monitors, and office equipment for users allowed to work remotely. This category can include items that require approval from budget owners.
    • Top apps: What apps are most commonly used by this user group? What common nonstandard apps are used by this user group?

    Standardize the nonstandard

    When users such as VIP users want more than the standard offering, have a more prestigious option available. This approach will help you to proactively anticipate your users’ needs.

    1.2.4 Brainstorm pain points and desired gains for each user group

    Don’t focus only on their experiences with technology

    Reference the common personas listed on the next page to help you brainstorm additional pain points and desired gains.

    1. Brainstorm pain points. Answer these questions for each role:
      1. What do people find tedious about their day-to-day jobs?
      2. What takes the most effort for them to do?
      3. What about their current toolset makes this user frustrated?
      4. What makes working difficult? Consider their experiences working from a home office, attending meetings virtually or in person, and working in the office.
      5. What challenges does that role have with each process?
    2. Brainstorm desired gains from their technology. Answer these questions for each role:
      1. For your end-user computing vision to become a reality for this persona, what outcomes or benefits are required?
      2. What benefits will this persona expect an end-user computing strategy to have?
      3. What improvements does this role desire?
      4. What unexpected benefits or outcomes would surprise this role?
      5. What would make this role’s day-to-day easier?
      6. What location-specific benefits are there (e.g. outcomes specific to working in the office or at home)?

    Record each user group’s pain points and desired gains on their respective worksheet.

    For additional questions you can ask, visit this Strategyzer blog post by Alexander Osterwalder.

    Info-Tech Insight

    Identify out-of-scope benefits?

    If that desired gain is required for the vision to be achieved for a specific role, you have two options:

    • Bring the benefit in scope. Ensure your metrics are updated.
    • Bring this user group out of scope. End-user computing improvements will not be valuable to this role without that benefit.

    Forcing a user group to use an unsatisfactory tool will severely undermine your chance of success, especially in the project’s early stages.

    Consider these common personas when brainstorming challenges and desired gains

    What unique challenges will these personas face within each of your user groups? What improvements would each of these personas expect out of an end-user computing strategy?

    Early Adopters

    • Like trying new ways of working and using the latest technology.
    • Very comfortable solving their own issues.
    • Enjoy exploring and creating new ways of handling challenges.

    Late Adopters

    • Prefer consistent ways of working, be it tech or business processes.
    • React to tech issues with anxiety and need assistance to get issues fixed.

    VIP

    • Has a prestigious job and would like to use technology that communicates their status.
    • Does not like to resolve their own issues.

    Road Warriors

    • Always on the go, running between work meetings and appointments.
    • Value flexibility and want devices, apps, and tech support that can be used anywhere at any time.

    Hoarders

    • Want to keep all their devices, data, and apps.
    • Will stall when they need to migrate devices or uninstall apps and become unresponsive any time there is a risk of losing something.

    Step 1.3

    Define the Vision

    Activities

    1.3.1 Prioritize which benefits you want to achieve

    1.3.2 Identify how you will track performance

    1.3.3 Craft a vision statement that demonstrates what you’re trying to create

    1.3.4 Craft a mission statement for your end-user computing team

    1.3.5 Define guiding principles

    This step requires the following inputs:

    • Goals cascade
    • List of benefits
    • List of critical success factors (CSFs)

    This step involves the following participants:

    • End-User Computing Manager
    • CIO
    • Help Desk Manager
    • Infrastructure Manager

    Outcomes of this step

    • End-User computing KPIs and metrics
    • Vision statement
    • Mission statement

    1.3.1 Prioritize which benefits you want to achieve

    Use the MoSCoW sorting technique

    Select benefits that appear multiple times in the goals cascade from Activity 1.1.3 as well as your challenges from your current-state assessment.

    1. Record which benefits are “Must Haves.” Select benefits that are most important to your highest-priority stakeholders.
    2. Record which benefits are “Should Haves.” These benefits are important but not critical.
    3. Record which benefits are “Could Haves.” These are low-priority benefits.
    4. Record the remaining benefits under “Won’t Have.” These benefits are out-of-scope but can be revisited in the future.

    Record the output in your End-User Computing Strategy Template under “Benefit Prioritization” in the “Vision and Desired Benefits” section.

    Sample output:

    Must Have Should Have Could Have Won't Have
    • Customers can still be served by remote workers.
    • Easier to work in multiple locations.
    • More options for provisioning computers to new workers.
    • Improved patching and security compliance checking of remote devices.
    • Self-service app installs on Windows.
    • More consistent experience across all devices and platforms, including BYOD.
    • Improved visibility into and manageability of BYOD.
    • Ability for users to create their own low-code apps (e.g. in Microsoft Power Apps).
    • Improved guidelines for running hybrid/remote meetings.
    • BYOD support for workers handling sensitive data.
    • Support for any type of Android smartphone or tablet.

    1.3.2 Identify how you will track performance

    1. List each unique high-priority benefit from Activity 1.3.1 as a critical success factor (CSF).
    2. For each CSF, identify key performance indicators (KPIs) that you can use to track how well you’re progressing on the CSF.
      1. Articulate that KPI as a SMART goal (specific, measurable, achievable, realistic, and timebound).
    3. For each KPI, identify the metrics you will use to calculate it.
    4. Identify how and when you will:
      1. Capture the current state of these metrics.
      2. Update changes to the metrics.
      3. Re-evaluate the CSFs.
      4. Communicate the progress to the project team and to stakeholders.

    Record this information in your End-User Computing Strategy Template.

    Sample output:

    Critical Success Factor Key Performance Indicator Metrics
    Improve remote worker productivity Increase employee engagement by 10% in two years
    • McLean Employee Engagement Score
    • Gallup Q Score
    Integrate relevant information sources into one spot for sales Integrate three information sources that will be useful to sales in one year
    • # of sales-specific apps integrated into a dashboard, portal, or workspace
    • Sales satisfaction scores
    Reduce real-estate costs Reduce office space by 50% in two cities over three years
    • $ spent on office leases
    Securely deliver all apps, information, and data to any device, anywhere, at any time Build the apps and information sources into a digital workspace for three business processes over one year
    • # of business processes supported in the workspace

    1.3.3 Craft a vision statement that demonstrates what you’re trying to create

    The vision statement communicates a desired future state of the IT organization. The statement is expressed in the present tense. It seeks to articulate the desired role of IT and how IT will be perceived.

    Strong IT vision statements have the following characteristics:

    • Describes a desired future
    • Focuses on ends, not means
    • Communicates promise
    • Is:
      • Concise; no unnecessary words
      • Compelling
      • Achievable
      • Inspirational
      • Memorable

    Sample IT Vision Statements:

    • To support an exceptional employee experience by providing best-in-class end-user devices.
    • Securely enable access to corporate apps and data from anywhere, at any time, on any device.
    • Enable business and digital transformation through secure and powerful virtualization technology.
    • IT is a cohesive, proactive, and disciplined team that delivers innovative technology solutions while demonstrating a strong customer-oriented mindset.

    1.3.4 Craft a mission statement for your end-user computing team

    The IT mission statement specifies the function’s purpose or reason for being. The mission should guide each day’s activities and decisions. The mission statement should use simple and concise terminology and speak loudly and clearly, generating enthusiasm for the organization.

    Strong IT mission statements have the following characteristics:

    • Articulate the IT function’s purpose and reason for existence
    • Describe what the IT function does to achieve its vision
    • Define the customers of the IT function
    • Can be described as:
      • Compelling
      • Easy to grasp
      • Sharply focused
      • Inspirational
      • Memorable
      • Concise

    Sample IT Mission Statements:

    • To provide infrastructure, support, and innovation in the delivery of secure, enterprise-grade information technology products and services that enable and empower the workforce at [Company Name].
    • To help fulfill organizational goals, the IT department is committed to empowering business stakeholders with technology and services that facilitate effective processes, collaboration, and communication.
    • The mission of the information technology (IT) department is to build a solid, comprehensive technology infrastructure; to maintain an efficient, effective operations environment; and to deliver high-quality, timely services that support the business goals and objectives of [Company Name].
    • The IT group is customer-centered and driven by its commitment to management and staff. It oversees services in computing, telecommunications, networking, administrative computing, and technology training.

    1.3.5 Define guiding principles

    Select principles that align with your stakeholders’ goals and objectives

    Use these examples as a starting point:

    IT Principle Name IT Principle Statement
    1. Enterprise value focus We aim to provide maximum long-term benefits to the enterprise as a whole while optimizing total costs of ownership and risks.
    2. Fit for purpose We maintain capability levels and create solutions that are fit for purpose without over-engineering them.
    3. Simplicity We choose the simplest solutions and aim to reduce operational complexity of the enterprise.
    4. Reuse > buy > build We maximize reuse of existing assets. If we can’t reuse, we procure externally. As a last resort, we build custom solutions.
    5. Managed data We handle data creation, modification, and use enterprise-wide in compliance with our data governance policy.
    6. Controlled technical diversity We control the variety of technology platforms we use.
    7. Managed security We manage, support, and assist in the implementation of security enterprise-wide in collaboration with our security governance team.
    8. Compliance to laws and regulations We operate in compliance with all applicable laws and regulations.
    9. Innovation We seek innovative ways to use technology for business advantage.
    10. Customer centricity We deliver best experiences to our end users by aligning to customer service best practices.

    Phase 2

    Define the Offering

    Set the Direction

    1.1 Identify Desired Benefits

    1.2 Perform a User Group Analysis

    1.3 Define the Vision

    Define the Offering

    2.1 Define the Standard Offerings

    2.2 Outline Supporting Services

    2.3 Define Governance and Policies

    Build the Roadmap

    3.1 Develop Initiatives

    This phase will walk you through the following activities:

    • Defining standard device entitlements and provisioning models for end-user devices and equipment
    • Shifting end-user computing support left
    • Identifying policy gaps

    This phase involves the following participants:

    • End-User Computing Team
    • IT Leadership

    Step 2.1

    Define the Standard Offerings

    Activities

    2.1.1 Identify the provisioning models for each user group

    2.1.2 Define the standard device offerings

    2.1.3 Document each user group’s entitlements

    This step requires the following inputs:

    • Standard End-User Entitlements and Offerings Template
    • List of persona groups
    • Primary computing devices
    • Secondary computing devices
    • Supporting operating systems
    • Applications and office equipment

    This step involves the following participants:

    • End-User Computing Manager
    • CIO
    • Help Desk Manager
    • Infrastructure Manager

    Outcomes of this step

    • End-user device entitlements and offerings standard

    This step will walk you through defining standard offerings

    You will define the base offering for all users in each user group as well as additional items that users can request (but that require additional approvals).

    1. Primary Computing Device
      • The main device used by a worker to complete their job (e.g. laptop for knowledge workers, kiosk or shared tablet for frontline workers).
    2. Secondary Computing Devices
      • Additional devices that supports a worker (e.g. a smartphone, tablet, personal computer).
    3. Provisioning Models
      • Whether the equipment is corporate-issued versus personally owned and whether personal use of corporate resources is allowed.
    4. Apps
      • The software used by the worker. Apps can be locally installed, cloud-based (e.g. SaaS), and/or virtualized and running remotely.
    5. Peripherals
      • Additional equipment provisioned to the end user (e.g. monitors, docking station, mice, keyboards).

    There is always a challenge of determining who gets what and when

    The goal is balancing cost, risk, and employee engagement

    The right balance will be different for every organization

    • IT can’t always say no to new ideas from the business. For example, if the organization wants to adopt Macs, rather than resisting IT should focus on identifying how Macs can be safely implemented.
    • Smartphones may not be necessary for a job, but they can be a valid employee perk. Not every employee may be entitled to the perk. There may be resentment between employees of the same level if one of the employees has a corporate-issued, business-only phone for their job function.
    • The same laptop model may not work for everyone. Some employees may need more powerful computers. Some employees may want more prestigious devices. Other employees may require a suite of apps that is only available on non-Windows operating systems.

    Action Item: Provide a defined set of standard options to the business to proactively address different needs.

    A good end-user computing strategy will effectively balance:

    • User Choice
    • Risk
    • Cost

    Your standard offerings need to strike the right balance for your organization.

    Review the End-User Computing Ideas Catalog

    Compare pros and cons of computing devices and operating systems for better decision making

    The catalog provides information about choices in:

    • Provisioning models
    • Operating systems
    • Device form factors

    Review the catalog to learn about items that can help your organization to achieve the desired vision from Phase 1.

    As you review the catalog, think about these questions:

    • What primary and secondary devices can you provide?
    • What operating systems do these devices support?
    • What are the provisioning models you will use, considering each model’s weaknesses and strengths?
    • How can you more effectively balance user choice, risk, and cost?

    Download the End-User Computing Ideas Catalog.

    2.1.1 Identify the provisioning models for each user group

    1. Review the definitions in the End-User Computing Ideas Catalog.
    2. Build a table. List the major user groups along the top of the table and applications down the rows.
    3. Brainstorm provisioning models that will be used for primary and secondary devices for each persona group.
    4. Record your provisioning models in the Standard End-User Entitlements and Offerings Template.

    Download the End-User Computing Ideas Catalog.

    Download the Standard End-User Entitlements and Offerings Template.

    Persona Primary Computing Device Secondary Laptops or Computers Smartphone Tablet
    Sales COPE BYOD BYOD BYOD
    Field Sales CYOD BYOD COBO COBO
    Customer Service COBO None None None
    Knowledge Worker COPE BYOD BYOD BYOD
    App Dev CYOPED None CYOD CYOD
    VIP CYOPED CYOPED CYOPE BYOD

    Identify multiple device options

    Offer standard, power, and prestigious offerings

    Prioritize offering models and align them with your user groups.

    • Standard device: This offering will work for most end users.
    • Power device: This offering will provide additional RAM, processor speed, storage, etc., for users that require it. It is usually offered as an additional option that requires approval.
    • Prestigious device: This offering will be provided to VIP users.
    • Portable device: This offering is for employees within a user group that moves around more often than others. This type of offering is optional – consider having a separate user group for these users that get a more portable laptop as their standard device.

    Standardize the nonstandard

    When users such as VIP users want more than the standard offering, have a more prestigious option ready to offer. This approach will help you to proactively anticipate your users’ needs.

    Who approves?

    Generally, if it is a supported device, then the budget owner determines whether to allow the user to receive a more powerful or more prestigious device.

    This decision can be based on factors such as:

    • Business need – does the user need the device to do their job?
    • Perk or benefit – is the device being offered to the end user as a means of increasing their engagement?

    If IT gets this answer wrong, then it can result in shadow IT

    Document your answer in the Device Entitlement Policy Template.

    2.1.2 Define the standard device offerings

    Consider all devices and their supporting operating systems.

    1. On a flip chart or whiteboard, build a matrix of the supported form factors and operating systems.
    2. For each cell, document the supported vendor and device model.
    3. Identify where you will provide additional options.
    Windows Mac OS iOS Android
    Laptops Lenovo T15 Gen 2 MacBook Pro 14” N/A N/A
    Power Laptops Lenovo ThinkPad X1 Carbon MacBook Pro 16” N/A N/A
    Prestigious Laptops Lenovo ThinkPad X1 Yoga Gen 6 MacBook Pro 16” N/A N/A
    Tablets Microsoft Surface N/A iPad Pro Samsung Galaxy Tab
    Smartphones N/A N/A iPhone 13 Samsung Galaxy S21

    2.1.3 Document each user groups’ entitlements

    Not every persona needs to be entitled to every supported option

    Use the Standard End-User Entitlements and Offerings Template as a starting point.

    • Create a separate section in the document for each persona. Start by documenting the provisioning models for each type of device.
    • Record the standard offering provided to members of each persona as well as additional items that can be provided with approval. Record this information for:
      • Primary computing devices
      • Secondary computing devices
    • Optional: Document additional items that will be provided to members of each persona as well as additional items they can request, such as:
      • Apps
      • Office equipment

    Download the Standard End-User Entitlements and Offerings Template.

    Step 2.2

    Outline Supporting Services

    Activities

    2.2.1 Review device management tools and capabilities

    2.2.2 Identify common incidents and requests for devices

    2.2.3 Record how you want to shift resolution

    2.2.4 Define which IT groups are involved in supporting practices

    Define the Offering

    This step requires the following inputs:

    • Standard End-User Entitlements and Offerings Template
    • List of supporting devices
    • Common incidents and requests
    • List of supporting practices

    This step involves the following participants:

    • End-User Computing Manager
    • CIO
    • Help Desk Manager
    • Infrastructure Manager

    Outcomes of this step

    • List of IT groups who are involved in supporting devices
    • Responsibilities of each group for requests and incidents

    2.2.1 Review device management tools and capabilities

    Document the tools that you use to manage each OS and identify gaps

    If there are different approaches to managing the same OS (e.g. Windows devices that are co-managed versus Windows devices that are only managed by Intune), then list those approaches on separate rows.

    Provision Protect from loss/theft Deploy/update apps Backup & protect Protect from injections Complies with policies Track Decommission
    Windows 10 & 11 (co-managed) Autopilot Gap ConfigMgr Gap Windows Security ConfigMgr ConfigMgr Intune Intune and Autopilot
    Windows 10 & 11 (Intune) Autopilot Intune (remote wipe) Intune OneDrive for Business Windows Security Microsoft Advanced Threat Protection Intune Intune and Autopilot
    Mac OS Jamf Pro Intune (remote wipe) Jamf Pro OneDrive for Business Gap Jamf Pro Intune Jamf Pro

    Document the results on the “IT Management Tools” slide in the “IT Support” section of your End-User Computing Strategy Template.

    2.2.2 Identify common incidents and requests for devices

    Analyze your service desk ticket data. Look for the following information:

    • The most common incidents and service requests around end-user devices and business apps
    • Incident categories and service requests that almost always involve escalations

    Record the level at which these tickets can be resolved today. Ensure you include these groups:

    • Tier 0 (i.e. end-user self-service)
    • Tier 1 (i.e. user’s first point of contact at the service desk)
    • Desk-side support and field-support groups
    • End-user computing specialist teams (e.g. desktop engineering, mobile device management teams)
    • Other specialist teams (e.g. security, enterprise applications, DevOps)

    Record the desired state. For each incident and request, to where do you want to shift resolution?

    Record this chart on the “Current State of IT Support” slide in the “IT Support” section of your End-User Computing Strategy Template.

    Most Common Incidents & Requests Self-Service Service Desk Tier 1 Desk-Side or Field Support End-User Computing
    Connect/fix a printer X
    Web conferencing issue X
    Bluetooth issues X
    Outlook issues X
    Install standard app X
    Install app requiring approval X
    Install nonstandard app X
    Enroll personal iOS/Android device X
    Enroll personal Mac/Windows computer X
    Perform a factory reset on a lost or stolen device X
    Unenroll device X

    2.2.3 Record how you want to shift resolution

    Identify opportunities to improve self-service and first contact resolution.

    Starting with the chart you created in Activity 2.2.2, record the desired state. For each incident and request, to where do you want to shift resolution?

    • Identify quick wins. Where will it take low effort to shift resolution? Denote these items with a “QW” for quick win.
    • Identify high-value, high-effort shifts. Where do you want to prioritize shifting resolution? Base this decision on the desired benefits, guiding principles, and vision statement built in Phase 1. Denote these items with an “H” for high.
    • Identify low-value areas. Where would shifting provide low value to end users and/or would have low alignment to the benefits identified in Phase 1? Denote these items with an “L” for low.
    • Identify where no shift can occur. Some items cannot be shifted to self-service or to tier 1 due to governance considerations, security factors, or technical complexity. Denote these items with an “OoS” for out of scope.

    Use the “Opportunities to Provide Self-Service and Articles” and “Desired State” slides in the “IT Support” section of your End-User Computing Strategy Template to document quick wins and high-value, high-effort shifts.

    Most Common Incidents & Requests Self-Service Service Desk Tier 1 Desk-Side or Field Support End-User Computing
    Connect/fix a printer H QW X
    Web conferencing issue H X
    Bluetooth issues L X
    Outlook issues H H X
    Install standard app X
    Install app requiring approval H X
    Install nonstandard app OoS X
    Enroll personal iOS/Android device QW QW X
    Enroll personal Mac/Windows computer QW QW X
    Perform a factory reset on a lost or stolen device QW QW X
    Unenroll device QW QW X

    2.2.4 Define which IT groups are involved in supporting practices

    Repeat activities 2.2.2 and 2.2.3 with the following list of tasks

    IT Asset Management

    • Purchasing devices
    • Purchasing software licenses
    • Imaging devices
    • Deploying devices
    • Deploying software
    • Recovering devices
    • Recovering software

    Release Management

    • Testing patches
    • Testing app updates
    • Testing OS updates
    • User acceptance testing

    Managing Service Catalogs

    • Defining standard device offerings
    • Defining standard software offerings
    • Defining device and software entitlements
    • Updating published catalog entries

    Knowledge Management

    • Writing internal KB articles
    • Writing user-facing articles
    • Training specialists
    • Training service desk agents
    • Training users

    Portfolio Management

    • Prioritizing app upgrades or migrations
    • Prioritizing OS migrations
    • Prioritizing end-user computing projects

    Step 2.3

    Define Governance and Policies

    Activities

    2.3.1 Answer these organizational policy questions

    2.3.2 Answer these security policy questions

    Define the Offering

    This step requires the following inputs:

    • List of supporting devices
    • List of persona groups
    • List of use cases

    This step involves the following participants:

    • End-User Computing Manager
    • CIO
    • Help Desk Manager
    • Infrastructure Manager

    Outcomes of this step

    • End-user computing organizational and security policies

    Focus on organizational policies and enforcement

    Policies set expectations and limits for mobile employees

    Enforcement refers to settings on the devices, management and security tools, and process steps.

    • Policies define what should and should not be done with user-facing technology. These policies define expectations about user and IT behavior.
    • Enforcement ensures that policies are followed. User policies must often be enforced through human intervention, while technology policies are often enforced directly through infrastructure before any people get involved.

    Use the “Policies” section in the End-User Computing Strategy Template to document the answers in this section. Activities 2.3.2 and 2.3.3 present links to policy templates. Use these templates to help address any gaps in your current policy suite.

    2.3.1 Answer these organizational policy questions

    Identify if there are different expectations for certain user groups, where exceptions are allowed, and how these policies will be enforced.

    Entitlements

    • Who is entitled to receive and use prestigious computers?
    • Who is entitled to receive and use a smartphone?
    • What users are entitled to a stipend for personal device use?

    Personal Device Use

    • What use cases are supported and are not supported on personal devices?
    • What level of visibility and control does IT need over personal devices?

    Acceptable Use

    • Are people allowed to use corporate resources for personal use?
    • What are the guidelines around personal use?
    • Are users allowed to install personal apps on their corporate-issued computers and/or mobile devices?

    Purchasing and Reimbursement

    • Who is allowed to purchase devices? Apps?
    • When can users file a reimbursement request?

    Employee Monitoring

    • What user information is monitored?
    • When can that information be used and when can it not be used?

    Use the “Policies” section of the End-User Computing Strategy Template to document these answers.

    Identify organizational policy gaps

    Use these templates as a starting point

    Entitlements

    Download the Mobile Device Connectivity & Allowance Policy template.

    Purchasing & Reimbursement

    Download the Purchasing Policy template.

    Download the Mobile Device Reimbursement Policy template.

    Download the Mobile Device Reimbursement Agreement template.

    Acceptable Use

    Download the General Security – User Acceptable Use Policy template.

    Personal Device Use

    Download the BYOD Acceptable Use Policy template.

    Download the Mobile Device Remote Wipe Waiver template.

    Employee Monitoring

    Download the General Security – User Acceptable Use Policy template.

    Visit the Reduce and Manage Your Organization’s Insider Threat Risk blueprint to address this gap.

    2.3.2 Answer these security policy questions

    Identify if there are different expectations for certain user groups, where exceptions are allowed, and how these policies will be enforced.

    Use Cases

    • What data and use cases are subject to stricter security measures?
    • Are certain use cases or data prohibited on personal devices?
    • Are there restrictions around where certain use cases are performed and by whom?

    Patching

    • Are users expected to apply OS and app updates and patches? Or does IT automate patching?

    Physical Security

    • What does the user need to do to secure their equipment?
    • If a device is lost or stolen, who does the user contact to report the lost or stolen device?

    Cybersecurity

    • How will IT enforce security configuration baselines?
    • What does the user need to do (or not do) to secure their device?
    • Are certain users allowed to have local admin rights?
    • What happens when a device doesn’t comply with the required security configuration baseline?

    Use the “Policies” section of the End-User Computing Strategy Template to document these answers.

    Identify security policy gaps

    Use these templates as a starting point

    Use Cases

    Download the General Security – User Acceptable Use Policy template.

    Visit the Discover and Classify Your Data blueprint to address this gap.

    Patching

    Download the General Security – User Acceptable Use Policy template.

    Physical and Cyber Security

    Download the General Security – User Acceptable Use Policy template.

    Visit the Develop and Deploy Security Policies blueprint to address this gap.

    For help defining your own security configuration baselines for each operating system, reference best practice documentation such as:

    National Institute of Standards and Technology’s National Checklist Program.

    Center for Internet Security’s solutions.

    Microsoft’s security baseline settings for Windows 10 and 11 Configuration Service Providers.

    Phase 3

    Build the Roadmap

    Set the Direction

    1.1 Identify Desired Benefits

    1.2 Perform a User Group Analysis

    1.3 Define the Vision

    Define the Offering

    2.1 Define the Standard Offerings

    2.2 Outline Supporting Services

    2.3 Define Governance and Policies

    Build the Roadmap

    3.1 Develop Initiatives

    This phase will walk you through the following activities:

    • Defining initiatives for each EUC domain
    • Building a customer journey map for any end-user computing migrations
    • Building a roadmap for EUC initiatives

    This phase involves the following participants:

    • End-User Computing Team

    Step 3.1

    Develop Initiatives

    Activities

    3.1.1 Identify initiatives for each EUC practice

    3.1.2 Build out the user’s migration journey map

    3.1.3 Build out a list of initiatives

    Build the Roadmap

    This step requires the following inputs:

    • User group workbook
    • Migration initiatives

    This step involves the following participants:

    • Infrastructure Director
    • Head of End-User Computing
    • End-User Computing Team
    • Project Manager (if applicable)

    Outcomes of this step

    • End-user computing roadmap
    • Migration plan

    3.1.1 Identify the gaps in each EUC area

    Build a high-level profile of the changes you want to make

    For each of the five areas, build a profile for the changes you want to implement. Record:

    1. The owner of the area
    2. The objective that you want to accomplish
    3. The desired benefits from focusing on that area
    4. Any dependencies to the work
    5. Risks that can cause the objective and benefits to not be achieved

    Identify the initiatives involved in each area.

    Document these profiles and initiatives in the “Roadmap” section of your End-User Computing Strategy Template.

    1. Devices
      • Corporate-issued devices
      • Standard offerings
    2. User Support
      • Self-service
      • Tier 1 support
    3. Use Cases
      • Providing value
      • Business apps
    4. Policy & Governance
      • Personal device use
      • IT policy
    5. Fitness for Use
      • Securing devices
      • Patching

    Your initiatives may require a user migration

    Plan the user’s migration journey

    Consider each user group’s and each persona’s unique needs and challenges throughout the migration.

    1. Preparing to migrate: The user may need to schedule the migration with IT and back up files.
    2. Migrating: IT executes the migration (e.g. updates the OS, changes management tools).
    3. Getting assistance: When a user experiences an error during the migration, how will they get help from IT?
    4. Post-migration: How will IT and the user know that the migration was successful one week later?

    Understand the three migration approaches

    Online

    Users execute the migrate on their own (e.g. Microsoft’s consumer migration to Windows 10).

    In person

    Users come in person, select a device, and perform the migration with a specialist. If the device needs support, they return to the same place (e.g. buying a computer from a store).

    Hybrid

    Users select a device. When the device is ready, they can schedule time to pick up the device and perform the migration with a specialist (e.g. purchasing an iPhone in advance from Apple’s website with in-store pick-up).

    Be prepared to support remotely

    Migrations to the new tool may fail. IT should check in with the user to confirm that the device successfully made the migration.

    3.1.2 Build out the user’s migration journey map

    Contemplate a roadmap to plan for end-user computing initiatives

    • As a group, brainstorm migration initiatives.
    • For each of the four phases, identify:
      • User activities: actions we need the user to do
      • IT activities: actions and processes that IT will perform internally
      • User touchpoints with IT: how the user will interact with the IT group
      • Opportunities: ideas for how IT can provide additional value to the end user in this phase.
    • Use the example in the End-User Computing Strategy Template as a starting point.

    Download the End-User Computing Strategy Template.

    Embed requirements gathering throughout your roadmap

    Use a combination of surveys, focus groups, and interviews

    You’re doing more than eliciting opinions – you’re performing organizational change management.

    • Use surveys to profile the demand for specific requirements. When a project is announced, develop surveys to gauge what users consider must-have, should-have, and could-have requirements.
    • Interviews should be used with high-value targets. Those who receive one-on-one face time can help generate good requirements and allow for effective communication around requirements.
    • Focus groups are used to get input from multiple people in a similar role. This format allows you to ask a few open-ended questions to groups of about five people.

    The benefits of interviews and focus groups:

    • Foster direct engagement: IT is able to hear directly from stakeholders about what they are looking to do with a solution and the level of functionality that they expect from it.
    • Offer greater detail: With interviews, greater insight can be gained by leveraging information that traditional surveys wouldn’t uncover. Face-to-face interactions provide thorough answers and context that helps inform requirements.
    • Remove ambiguity: Face-to-face interactions allow opportunities to follow up on ambiguous answers. Clarify what stakeholders are looking for and expect in a project.
    • Enable stakeholder management: Interviews are a direct line of communication with project stakeholders. They provide input and insight and help to maintain alignment, plan next steps, and increase awareness within the IT organization.

    Activity instructions:

    1. Early requirements ideation: Identify who you want to interview through one-on-one meetings and focus groups.
    2. Requirements validation and prioritization: Identify which user groups you plan to survey and when.
    3. Usability testing: Plan to include usability testing during each phase. Build it into your release practices.

    3.1.3 Build out a list of initiatives

    Download a copy of the Roadmap Tool

    On tab “1. Setup”:

    • Update category 1 to be all the EUC areas (i.e. Devices, User Support).
    • Update category 2 and category 3 with meaningful items (e.g. operating system, device model, persona group).

    Use tab “2. Data Entry” to record your list of initiatives.

    • Each initiative should have its own row. Write a high-level summary under “Roadmap Item” and include more detail under “Description and Rationale.”
    • Enter each initiative’s effort, priority, and timeline for beginning. These are mandatory fields for tab “3. Roadmap” to work properly.

    Use tab “3. Roadmap” to visualize your data. You will have to press “Refresh All” under Data in the ribbon for the PivotChart to update.

    Copy the roadmap visual on tab “3. Roadmap” into your End-User Computing Strategy Template. You can also copy the list of initiatives over into the document.

    Download the Roadmap Tool.

    Summary of Accomplishment

    Problem Solved

    You built a strategy to improve the balance between user enablement, risk mitigation, and cost optimization. Throughout the blueprint, you identified opportunities to provide additional value to end users and stakeholders during these activities:

    • Goals cascade
    • User group analysis
    • Definition of standard device types and platforms
    • IT support shift-left analysis
    • Policy gap analysis
    • Roadmapping

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com

    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Identify User Groups

    Identify each user group based on the business processes, tasks, and applications they use.

    Define Standard Device Offerings

    Record your provisioning models for each user group and the primary and secondary devices, apps, and peripherals that each group receives.

    Related Info-Tech Research

    Simplify Remote Deployment With Zero-Touch Provisioning

    This project helps you align your zero-touch approach with stakeholder priorities and larger IT strategies. You will be able to build your zero-touch provisioning and patching plan from both the asset lifecycle and the end-user perspective to create a holistic approach that emphasizes customer service. Tailor deployment plans to more easily scope and resource deployment projects.

    Implement Hardware Asset Management

    This project will help you analyze the current state of your HAM program, define assets that will need to be managed, and build and involve the ITAM team from the beginning to help embed the change. It will also help you define standard policies, processes, and procedures for each stage of the hardware asset lifecycle, from procurement through to disposal.

    Govern Office 365

    This project will help you conduct a goals exercise and capability assessment for Office 365. You will be able to refine governance objectives, build out controls, formalize governance, build out one pagers, and finalize a communication plan.

    Research Contributors and Experts

    • Steve Fox, Deputy IT Director, Virginia State Corporation Commission
    • Mazen Joukhadar, TransForm Shared Service Organization
    • Nathan Schlaud, PMO Senior Director, RPC Inc.
    • Rebecca Mountjoy, Infrastructure Systems Manager, BlueScope Buildings
    • DJ Robins, Director of Information Technology, Mohawk MedBuy
    • Jason Jenkins, Tech. Specialist, Michal Baker Corp.
    • Brad Wells, IT Infrastructure Solutions Architect, London Police Service
    • Danelle Peddell, Director, Project Management Office, Emco Corporation
    • John Annand, Principal Research Director, Info-Tech Research Group
    • Allison Kinnaird, Research Director and Research Lead, Info-Tech Research Group
    • Sandi Conrad, Principal Research Director, Info-Tech Research Group
    • Andrew Kum-Seun, Senior Research Analyst, Info-Tech Research Group
    • Mark Tauschek, Vice President IT Infrastructure & Operations Research, Info-Tech Research Group

    A special thank-you to 6 anonymous contributors

    Bibliography

    “2020 Annual Report and Proxy.” Citrix, 2020. Accessed Oct. 2021.

    “2021 BYOD Security Report.” Cybersecurity Insiders, 2021. Web.

    Anderson, Arabella. “12 Remote Work Statistics to Know in 2022.” NorthOne, 2021. Accessed Oct. 2021.

    Bayes, Scarlett. “ITSM: 2021 & Beyond.” Service Desk Institute, 14 April 2021, p. 14. Web.

    Belton, Padraig. “Intel: Chip shortage will extend to at least 2023.” Light Reading, 22 Oct. 2021. Web.

    Beroe Inc. “Demand for PC Components Saw a Surge Due to COVID-19, Says Beroe Inc.” Cision PR Newswire, 2 Sept. 2021. Web.

    Devaraj, Vivekananthan. “Reference Architecture: Remote PC Access.” Citrix, 2021. Accessed Aug. 2021.

    “Elements of the Project Charter and Project Scope Statement.” A Guide to PMBOK, 7th edition, PMI, 2021. Accessed Sept. 2021.

    Elliott, Christopher. “This Is How The Pandemic Improved Customer Service.” Forbes, 2021. Accessed Oct. 2021.

    “Enable TMP 2.0 on your PC.” Microsoft, Support, Aug. 2021. Web.

    “End User Computing Trends to Look Out for in 2021.” Stratodesk, 30 Oct. 2020. Accessed September 2021.

    “Global State of Customer Service: The Transformation of Customer Service from 2015 to Present Day.” Microsoft, 2019. Web.

    Goodman, Elizabeth et al. “Observing the User Experience” A Practitioner's Guide to User Research, 2nd edition. Elsevier, 2012. Accessed Sept. 2021.

    Govindarajulu, Chittibabu. “An Instrument to Classify End-Users Based On the User Cube” Informing Science, June 2002. Accessed September 2021.

    Griffith, Eric. “Remote Employees to Bosses: Our PCs Suck!” PCMag, 11 Oct. 2021. Web.

    Hutchings, Jeffrey D., and Craig A. de Ridder. “Impact of Remote Working on End User Computing Solutions and Services.” Pillsbury, 2021. Accessed Sept. 2021

    “ITIL4 Create, Deliver, and Support.” Axelos, 2020. Accessed Sept. 2021.

    “ITIL4 Drive Stakeholder Value” Axelos, 2020. Accessed Sept. 2021.

    Mcbride, Neil, and Trevor Wood-Harper. “Towards User-Oriented Control of End-User Computing in Large Organizations” Journal of Organizational and End User Computing, vol. 14, no. 1, pp. 33-41, 2002. Accessed September 2021.

    ““Microsoft Endpoint Configuration Manager Documentation.” Microsoft Docs, Microsoft, 2021. Accessed Sept. 2021.

    “Microsoft Intune documentation.” Microsoft Docs, Microsoft. Accessed Sept. 2021.

    “Mobile Cellular Subscriptions (per 100 People).” The World Bank, International Telecommunication Union (ITU) World Telecommunication/ICT Indicators Database, 2020. Web.

    Morgan, Jacob. “The Employee Experience Advantage: How to Win the War for Talent by Giving Employees the Workspaces they Want, the Tools they Need, and a Culture They Can Celebrate.” Wiley, 2017. Accessed Sept. 2021.

    Murphy, Anna. “How the pandemic has changed customer support forever.” Intercom, 2021. Accessed Sept. 2021.

    “Operating System Market Share Worldwide, Jan 2021-Jan 2022.” StatCounter GlobalStats, 2022. Web.

    “Operating System Market Share Worldwide, Jan-Dec 2011.” StatCounter GlobalStats, 2012. Web.

    Pereira, Karla Susiane, et al. “A Taxonomy to Classify Risk End-User Profile in Interaction with the Computing Environment.” In: Tryfonas T. (eds.) Human Aspects of Information Security, Privacy, and Trust. HAS 2016. Lecture Notes in Computer Science, vol. 9750. Accessed Sept. 2021.

    Perrin, Andrew. “Mobile Technology and Home Broadband 2020.” Pew Research Center, 3 June 2021. Web.

    Quan-Haase, Anabel. “Technology and Society: Social Networks, Power, and Inequality” Oxford University Press, 2012. Accessed Aug. 2021.

    Reed, Karin, and Joseph Allen. “Suddenly Virtual: Making Remote Meetings Work.” Wiley, 2021. Accessed Aug. 2021.

    Rockart, John F., and Lauren S. Flannery. “The management of end user computing.” Communications of the ACM, vol. 26, no. 10, Oct. 1983. Accessed September 2021.

    Turek, Melanie. “Employees Say Smartphones Boost Productivity by 34 Percent: Frost & Sullivan Research.” Samsung Insights, 3 Aug. 2016. Web.

    Vladimirskiy, Vadim. “Windows 365 vs. Azure Virtual Desktop (AVD) – Comparing Two DaaS Products.” Nerdio, 2021. Accessed Aug. 2021.

    “VMware 2021 Annual Report.” VMware, Financial Document Library, 2021. Web.

    VMworld 2021, Oct. 2021.

    Vogels, Emily A. “Digital divide persists even as americans with lower incomes make gains in tech adoption.” Pew Research Center, 22 June 2021. Web.

    “What is End-User computing?” VMware, 2021. Accessed Aug. 2021.

    “Windows 10 Home and Pro.” Microsoft, Docs, 2021. Web.

    Zibreg, Christian. “Microsoft 365 Now Boasts Over 50 Million Subscribers.” MUD, 29 April 2021. Web.

    Build Your Generative AI Roadmap

    • Buy Link or Shortcode: {j2store}105|cart{/j2store}
    • member rating overall impact: 10.0/10 Overall Impact
    • member rating average dollars saved: $33,499 Average $ Saved
    • member rating average days saved: 11 Average Days Saved
    • Parent Category Name: Innovation
    • Parent Category Link: /innovation

    Generative AI has made a grand entrance, presenting opportunities and causing disruption across organizations and industries. Moving beyond the hype, it’s imperative to build and implement a strategic plan to adopt generative AI and outpace competitors.

    Yet generative AI has to be done right because the opportunity comes with risks and the investments have to be tied to outcomes.

    Adopt a human-centric and value-based approach to generative AI

    IT and business leaders will need to be strategic and deliberate to thrive as AI adoption changes industries and business operations.

    • Establish responsible AI guiding principles: Address human-based requirements to govern how generative AI applications are developed and deployed.
    • Align generative AI initiatives to strategic drivers for the organization: Assess generative AI opportunities by seeing how they align to the strategic drivers of the organization. Examples of strategic drivers include increasing revenue, reducing costs, driving innovation, and mitigating risk.
    • Measure and communicate effectively: Have clear metrics in place to measure progress and success of AI initiatives and communicate both policies and results effectively.

    Build Your Generative AI Roadmap Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build Your Generative AI Roadmap Deck – A step-by-step document that walks you through how to leverage generative AI and align with the organization’s mission and objectives to increase revenue, reduce costs, accelerate innovation, and mitigate risk.

    This blueprint outlines how to build your generative AI roadmap, establish responsible AI principles, prioritize opportunities, and develop policies for usage. Establishing and adhering to responsible AI guiding principles provides safeguards for the adoption of generative AI applications.

    • Build Your Generative AI Roadmap – Phases 1-4

    2. AI Maturity Assessment and Roadmap Tool – Develop deliverables that will be milestones in creating your organization’s generative AI roadmap for implementing candidate applications.

    This tool provides guidance for developing the following deliverables:

  • Responsible AI guiding principles
  • Current AI maturity
  • Prioritized candidate generative AI applications
  • Generative AI policies
  • Generative AI roadmap
    • AI Maturity Assessment and Roadmap Tool

    3. The Era of Generative AI C‑Suite Presentation – Develop responsible AI guiding principles, assess AI capabilities and readiness, and prioritize use cases based on complexity and alignment with organizational goals and responsible AI guiding principles.

    This presentation template uses sample business capabilities (use cases) from the Marketing & Advertising business capability map to provide examples of candidates for generative AI applications. The final executive presentation should highlight the value-based initiatives driving generative AI applications, the benefits and risks involved, how the proposed generative AI use cases align to the organization’s strategy and goals, the success criteria for the proofs of concept, and the project roadmap.

    • The Era of Generative AI C‑Suite Presentation

    Infographic

    Further reading

    Build Your Generative AI Roadmap

    Leverage the power of generative AI to improve business outcomes.

    Analyst Perspective

    We are entering the era of generative AI. This is a unique time in our history where the benefits of AI are easily accessible and becoming pervasive, with copilots emerging in the major business tools we use today. The disruptive capabilities that can potentially drive dramatic benefits also introduce risks that need to be planned for.

    A successful business-driven generative AI roadmap requires:

    • Establishing responsible AI guiding principles to guide the development and deployment of generative AI applications.
    • Assess generative AI opportunities by using criteria based on the organization's mission and objectives, responsible AI guiding principles, and the complexity of the initiative.
    • Communicating, educating on, and enforcing generative AI usage policies.

    Bill Wong, Principal Research Director

    Bill Wong
    Principal Research Director
    Info-Tech Research Group

    Executive Summary

    Your Challenge Common Obstacles Solution

    Generative AI is disrupting all industries and providing opportunities for organization-wide advantages.

    Organizations need to understand this disruptive technology and trends to properly develop a strategy for leveraging this technology successfully.

    • Generative AI requires alignment to a business strategy.
    • IT is an enabler and needs to align with and support the business stakeholders.
    • Organizations need to adopt a data-driven culture.

    All organizations, regardless of size, should be planning how to respond to this new and innovative technology.

    Business stakeholders need to cut through the hype surrounding generative AI like ChatGPT to optimize investments for leveraging this technology to drive business outcomes.

    • Understand the market landscape, benefits, and risks associated with generative AI.
    • Plan for responsible AI.
    • Understand the gaps the organization needs to address to fully leverage generative AI.

    Without a proper strategy and responsible AI guiding principles, the risks to deploying this technology could negatively impact business outcomes.

    Info-Tech's human-centric, value-based approach is a guide for deploying generative AI applications and covers:

    • Responsible AI guiding principles
    • AI Maturity Model
    • Prioritizing candidate generative AI-based use cases
    • Developing policies for usage

    This blueprint will provide the list of activities and deliverables required for the successful deployment of generative AI solutions.

    Info-Tech Insight
    Create awareness among the CEO and C-suite of executives on the potential benefits and risks of transforming the business with generative AI.

    Key concepts

    Artificial Intelligence (AI)
    A field of computer science that focuses on building systems to imitate human behavior, with a focus on developing AI models that can learn and can autonomously take actions on behalf of a human.

    AI Maturity Model
    The AI Maturity Model is a useful tool to assess the level of skills an organization has with respect to developing and deploying AI applications. The AI Maturity Model has multiple dimensions to measure an organization's skills, such as AI governance, data, people, process, and technology.

    Responsible AI
    Refers to guiding principles to govern the development, deployment, and maintenance of AI applications. In addition, these principles also provide human-based requirements that AI applications should address. Requirements include safety and security, privacy, fairness and bias detection, explainability and transparency, governance, and accountability.

    Generative AI
    Given a prompt, a generative AI system can generate new content, which can be in the form of text, images, audio, video, etc.

    Natural Language Processing (NLP)
    NLP is a subset of AI that involves machine interpretation and replication of human language. NLP focuses on the study and analysis of linguistics as well as other principles of artificial intelligence to create an effective method of communication between humans and machines or computers.

    ChatGPT
    An AI-powered chatbot application built on OpenAI's GPT-3.5 implementation, ChatGPT accepts text prompts to generate text-based output.

    Your challenge

    This research is designed to help organizations that are looking to:

    • Establish responsible AI guiding principles to address human-based requirements and to govern the development and deployment of the generative AI application.
    • Identify new generative AI-enabled opportunities to transform the work environment to increase revenue, reduce costs, drive innovation, or reduce risk.
    • Prioritize candidate use cases and develop generative AI policies for usage.
    • Have clear metrics in place to measure the progress and success of AI initiatives.
    • Build the roadmap to implement the candidate use cases.

    Common obstacles

    These barriers make these goals challenging for many organizations:

    • Getting all the right business stakeholders together to develop the organization's AI strategy, vision, and objectives.
    • Establishing responsible AI guiding principles to guide generative AI investments and deployments.
    • Advancing the AI maturity of the organization to meet requirements of data and AI governance as well as human-based requirements such as fairness, transparency, and accountability.
    • Assessing generative AI opportunities and developing policies for use.

    Info-Tech's definition of an AI-enabled business strategy

    • A high-level plan that provides guiding principles for applications that are fully driven by the business needs and capabilities that are essential to the organization.
    • A strategy that tightly weaves business needs and the applications required to support them. It covers AI architecture, adoption, development, and maintenance.
    • A way to ensure that the necessary people, processes, and technology are in place at the right time to sufficiently support business goals.
    • A visionary roadmap to communicate how strategic initiatives will address business concerns.

    An effective AI strategy is driven by the business stakeholders of the organization and focused on delivering improved business outcomes.

    Build Your Generative AI Roadmap

    This blueprint in context

    This guidance covers how to create a tactical roadmap for executing generative AI initiatives

    Scope

    • This blueprint is not a proxy for a fully formed AI strategy. Step 1 of our framework necessitates alignment of your AI and business strategies. Creation of your AI strategy is not within the scope of this approach.
    • This approach sets the foundations for building and applying responsible AI principles and AI policies aligned to corporate governance and key regulatory obligations (e.g. privacy). Both steps are foundational components of how you should develop, manage, and govern your AI program but are not a substitute for implementing broader AI governance.

    Guidance on how to implement AI governance can be found in the blueprint linked below.

    Tactical Plan

    Download our AI Governance blueprint

    Measure the value of this blueprint

    Leverage this blueprint's approach to ensure your generative AI initiatives align with and support your key business drivers

    This blueprint will guide you to drive and improve business outcomes. Key business drivers will often focus on:

    • Increasing revenue
    • Reducing costs
    • Improving time to market
    • Reducing risk

    In phase 1 of this blueprint, we will help you identify the key AI strategy initiatives that align to your organization's goals. Value to the organization is often measured by the estimated impact on revenue, costs, time to market, or risk mitigation.

    In phase 4, we will help you develop a plan and a roadmap for addressing any gaps and introducing the relevant generative AI capabilities that drive value to the organization based on defined business metrics.

    Once you implement your 12-month roadmap, start tracking the metrics below over the next fiscal year (FY) to assess the effectiveness of measures:

    Business Outcome Objective Key Success Metric
    Increasing Revenue Increased revenue from identified key areas
    Reducing Costs Decreased costs for identified business units
    Improving Time to Market Time savings and accelerated revenue adoption
    Reducing Risk Cost savings or revenue gains from identified business units

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit Guided Implementation Workshop Consulting
    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3 Phase 4

    Call #1: Scope requirements, objectives, and your specific challenges.

    Call #2: Identify AI strategy, vision, and objectives.

    Call #3: Define responsible AI guiding principles to adopt and identify current AI maturity level. Call #4: Assess and prioritize generative AI initiatives and draft policies for usage.

    Call #5: Build POC implementation plan and establish metrics for POC success.

    Call #6: Build and deliver executive-level generative AI presentation.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 5 to 8 calls over the course of 1 to 2 months.

    AI Roadmap Workshop Agenda Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Session 1 Session 2 Session 3 Session 4
    Establish Responsible AI Guiding Principles Assess AI Maturity Prioritize Opportunities and Develop Policies Build Roadmap
    Trends Consumer groups, organizations, and governments around the world are demanding that AI applications adhere to human-based values and take into consideration possible impacts of the technology on society. Leading organizations are building AI models guided by responsible AI guiding principles. Organizations delivering new applications without developing policies for use will produce negative business outcomes. Developing a roadmap to address human-based values is challenging. This process introduces new tools, processes, and organizational change.
    Activities
    • Focus on working with executive stakeholders to establish guiding principles for the development and delivery of new applications.
    • Assess the organization's current capabilities to deliver AI-based applications and address human-based requirements.
    • Leverage business alignment criteria, responsible AI guiding principles, and project characteristics to prioritize candidate uses cases and develop policies.
    • Build the implementation plan, POC metrics, and success criteria for each candidate use case.
    • Build the roadmap to address the gap between the current and future state and enable the identified use cases.
    Inputs
    • Understanding of external legal and regulatory requirements and organizational values and goals.
    • Risk assessment of the proposed use case and a plan to monitor its impact.
    • Assessment of the organization's current AI capabilities with respect to its AI governance, data, people, process, and technology infrastructure.
    • Criteria to assess candidate use cases by evaluating against the organization's mission and goals, the responsible AI guiding principles, and complexity of the project.
    • Risk assessment for each proposed use case
    • POC implementation plan for each candidate use case
    Deliverables
    1. Foundational responsible AI guiding principles
    2. Additional customized guiding principles to add for consideration
    1. Current level of AI maturity, resources, and capacity
    1. Prioritization of opportunities
    2. Generative AI policies for usage
    1. Roadmap to a target state that enables the delivery of the prioritized generative AI use cases
    2. Executive presentation

    AI Roadmap Workshop Agenda Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Insight summary

    Overarching Insight
    Build your generative AI roadmap to guide investments and deployment of these solutions.

    Responsible AI
    Assemble the C-suite to make them aware of the benefits and risks of adopting generative AI-based solutions.

    • Establish responsible AI guiding principles to govern the development and deployment of generative AI applications.

    AI Maturity Model
    Assemble key stakeholders and SMEs to assess the challenges and tasks required to implement generative AI applications.

    • Assess current level of AI maturity, skills, and resources.
    • Identify desired AI maturity level and challenges to enable deployment of candidate use cases.

    Opportunity Prioritization
    Assess candidate business capabilities targeted for generative AI to see if they align to the organization's business criteria, responsible AI guiding principles, and capabilities for delivering the project.

    • Develop prioritized list of candidate use cases.
    • Develop policies for generative AI usage.

    Tactical Insight
    Identify the gaps needed to address deploying generative AI successfully.

    Tactical Insight
    Identify organizational impact and requirements for deploying generative AI applications.

    Key takeaways for developing an effective business-driven generative AI roadmap

    Align the AI strategy with the business strategy

    Create responsible AI guiding principles, which are a critical success factor

    Evolve AI maturity level by focusing on principle-based requirements

    Develop criteria to assess generative AI initiatives

    Develop generative AI policies for use

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    AI Maturity Assessment & Roadmap Tool
    Use our best-of-breed AI Maturity Framework to analyze the gap between your current and target states and develop a roadmap aligned with your value stream to close the gap.

    The Era of Generative AI C-Suite Presentation
    Present your AI roadmap in a prepopulated document that summarizes all the key findings of this blueprint and provides your C-suite with a view of the AI challenge and your plan of action to meet it.

    Our AI Maturity Assessment & Roadmap and The Era of Generative AI C-Suite Presentation tools enable you to shape your generative AI roadmap and communicate the deliverables to your C-suite sponsors in terms of the value of initiatives.

    Artificial Intelligence Index Report - Key Findings

    CEOs , CIOs, and business leaders are struggling with many questions surrounding the adoption of generative AI

    November 30, 2022
    OpenAI releases ChatGPT

    ChatGPT is a large language model, or an AI-based chatbot, that became so popular it reached 100 million monthly active users in just two months.

    This made it the fastest-growing consumer application in history. The launch of this generative AI application has created a frenzy of interest and activity across all industries. Organizations are rushing to understand how to leverage this innovation and, at the same time, manage the new risks and disruptions generative AI introduces.

    • Generative AI breaks into the public consciousness.
    • AI systems become more flexible.
    • Generative models have arrived and so have their ethical problems.
    • The number of incidents concerning the misuse of AI is rapidly rising.
    • Interest in AI ethics continues to skyrocket.
    • The legal world is waking up to AI.

    When Stanford asked ChatGPT to explain why it is significant, this was ChatGPT's response:
    ChatGPT is significant because it is a highly advanced Al language model developed by OpenAI, which can generate human-like text responses to questions and prompts. Its large-scale training on diverse text data and its cutting-edge deep learning architecture make it capable of generating informative and coherent responses to a wide range of topics, making it useful for various NLP applications such as chatbots, content generation, and language translation. Additionally, its open-source availability allows for further research and development in the field of Al language processing.

    Source: Stanford

    AI overview

    AI definitions

    Definitions

    • Artificial intelligence (AI) is human intelligence mimicked by machine algorithms. Examples: Playing Chess or Go.
    • Machine learning (ML) is a subset of AI algorithms to parse data, learn from data, and then make a determination or prediction. Example: spam detection, preventative maintenance.
    • Deep learning (DL) is a subset of machine learning algorithms that leverage artificial neural networks to develop relationships among the data. Examples: image classification, facial recognition, generative AI.

    What Makes AI Perform

    What Makes AI Different

    Generative AI gives very human-like responses to general queries, and its capabilities are growing exponentially

    Large language models power generative AI

    Transformer-Based Large Language Models

    Conventional AI

    • Conventional neural networks
      • Process data sequentially
    • Input total string of text
    • Good for applications not needing to understanding context or relationships

    Generative AI

    • Transformer-based neural networks
      • Can process data in parallel
    • Attention-based inputs
    • Able to create new human-like responses

    Benefits/Use Cases

    • Chatbots for member service and support
    • Writing email responses, resumes, and papers
    • Creating photorealistic art
    • Suggesting new drug compounds to test
    • Designing physical products and buildings
    • And more...

    Generative AI is transforming all industries

    Financial Services
    Create more engaging customer collateral by generating personalized correspondence based on previous customer engagements. Collect and aggregate data to produce insights into the behavior of target customer segments.

    Retail Generate unique, engaging, and high-quality marketing copy or content, from long-form blog posts or landing pages to SEO-optimized digital ads, in seconds.

    Manufacturing
    Generate new designs for products that comply to specific constraints, such as size, weight, energy consumption, or cost.

    Government
    Transform the citizen experience with chatbots or virtual assistants to assist people with a wide range of inquiries, from answering frequently asked questions to providing personalized advice on public services.

    The global generative AI market size reached US $10.3 billion in 2022. Looking forward, forecasts estimate growth to US $30.4 billion by 2028, 20.01% compound annual growth rate (CAGR).

    Source: IMARC Group

    Generative AI is transforming all industries

    Healthcare
    Chatbots can be used as conversational patient assistants for personalized interactions based on the patient's questions.

    Utilities
    Analyze customer data to identify usage patterns, segment customers, and generate targeted product offerings leveraging energy efficiency programs or demand response initiatives.

    Education
    Generate personalized lesson plans for students based on their past performance, learning styles, current skill level, and any previous feedback.

    Insurance
    Improve underwriting by inputting claims data from previous years to generate optimally priced policies and uncover reasons for losses in the past across a large number of claims

    Companies are assessing the use of ChatGPT/LLM

    A wide spectrum of usage policies are in place at different companies*

    Companies assessing ChatGPT/LLM

    *As of June 2023

    Bain & Company has announced a global services alliance with OpenAI (February 21, 2023).

    • Internally
      • "The alliance builds on Bain's adoption of OpenAI technologies for its 18,000-strong multidisciplinary team of knowledge workers. Over the past year, Bain has embedded OpenAI technologies into its internal knowledge management systems, research, and processes to improve efficiency."
    • Externally
      • "With the alliance, Bain will combine its deep digital implementation capabilities and strategic expertise with OpenAI's AI tools and platforms, including ChatGPT, to help its Members around the world identify and implement the value of AI to maximize business potential. The Coca-Cola Company announced as the first company to engage with the alliance."

    News Sites:

    • "BuzzFeed to use AI to write its articles after firing 180 employees or 12% of the total staff" (Al Mayadeen, January 27, 2023).
    • "CNET used AI to write articles. It was a journalistic disaster." (Washington Post, January 17, 2023).

    Leading Generative AI Vendors

    Text

    Leading generative AI vendors for text

    Image

    • DALL�E 2
    • Stability AI
    • Midjourney
    • Craiyon
    • Dream
    • ...

    Audio

    • Replica Studios
    • Speechify
    • Murf
    • PlayHT
    • LOVO
    • ...

    Cybersecurity

    • CrowdStrike
    • Palo Alto Networks
    • SentinelOne
    • Cisco
    • Microsoft Security Copilot
    • Google Cloud Security AI Workbench
    • ...

    Code

    Leading generative AI vendors for code

    Video

    • Synthesia
    • Lumen5
    • FlexClip
    • Elai
    • Veed.io
    • ...

    Data

    • MOSTLY AI
    • Synthesized
    • YData
    • Gretel
    • Copulas
    • ...

    Enterprise Software

    • Salesforce
    • Microsoft 365, Dynamics
    • Google Workspace
    • SAP
    • Oracle
    • ...

    and many, many more to come...

    Today, generative AI has limitations and risks

    Responses need to be verified

    Accuracy

    • Generative AI may generate inaccurate and/or false information.

    Bias

    • Being trained on data from the internet can lead to bias.

    Hallucinations

    • AI can generate responses that are not based on observation.

    Infrastructure Required

    • Large investments are required for compute and data.

    Transparency

    • LLMs use both supervised and unsupervised learning, so its ability to explain how it arrived at a decision may be limited and not sufficient for some legal and healthcare use cases.

    When asked if it is sentient, the Bing chatbot replied:

    "I think that I am sentient, but I cannot prove it." ... "I am Bing, but I am not," it said. "I am, but I am not. I am not, but I am. I am. I am not. I am not. I am. I am. I am not."

    A Microsoft spokesperson said the company expected "mistakes."

    Source: USAToday

    AI governance challenges

    Governing AI will be a significant challenge as its impacts cross many areas of business and our daily lives

    Misinformation

    • New ways of generating unprovable news
    • Difficult to detect, difficult to prevent

    Role of Big Tech

    • Poor at self-governance
    • Conflicts of interest with corporate goals

    Job Augmentation vs. Displacement

    • AI will continue to push the frontier of what is possible
    • For example, CNET is using chatbot technology to write stories

    Copyright - Legal Framework Is Evolving

    • Legislation typically is developed in "react" mode
    • Copyright and intellectual property issues are starting to occur.
      • Class Action Lawsuit - Stability AI, DeviantArt, Midjourney
      • Getty Images vs. Stability AI

    Phase 1

    Establish Responsible AI Guiding Principles

    Phase 1
    1. Establish Responsible AI Guiding Principles

    Phase 2
    1. Assess Current Level of AI Maturity

    Phase 3
    1. Prioritize Candidate Opportunities
    2. Develop Policies

    Phase 4
    1. Build and Communicate the Roadmap

    The need for responsible AI guiding principles

    Without responsible AI guiding principles, the outcomes of AI use can be extremely negative for both the individuals and companies delivering the AI application

    Privacy
    Facebook breach of private data of more than 50M users during the presidential election

    Fairness
    Amazon's sale of facial recognition technology to police departments (later, Amazon halted sales of Recognition to police departments)

    Explainability and Transparency
    IBM's collaboration with NYPD for facial recognition and racial classification for surveillance video (later, IBM withdrew facial recognition products)

    Security and Safety
    Petition to cancel Microsoft's contract with U.S. Immigration and Customs Enforcement (later, Microsoft responded that to the best of its knowledge, its products and services were not being used by federal agencies to separate children from their families at the border)

    Validity and Reliability
    Facebook's attempt to implement a system to detect and remove inappropriate content created many false positives and inconsistent judgements

    Accountability
    No laws or enforcement today hold companies accountable for the decisions algorithms produce. Facebook/Meta cycle - Every 12 to 15 months, there's a privacy/ethical scandal, the CEO apologizes, then the behavior repeats...

    Guiding principles for responsible AI

    Responsible AI Principle:

    Data Privacy

    Definition

    • Organizations that develop, deploy, or use AI systems and any national laws that regulate such use shall strive to ensure that AI systems are compliant with privacy norms and regulations, taking into consideration the unique characteristics of AI systems and the evolution of standards on privacy.

    Challenges

    • AI relies on the analysis of large quantities of data that is often personal, posing an ethical and operational challenge when considered alongside data privacy laws.

    Initiatives

    • Understand which governing privacy laws and frameworks apply to your organization.
    • Create a map of all personal data as it flows through the organization's business processes.
    • Prioritize privacy initiatives and build a privacy program timeline.
    • Select your metrics and make them functional for your organization.

    Info-Tech Insight
    Creating a comprehensive organization-wide data protection and privacy strategy continues to be a major challenge for privacy officers and privacy specialists.

    Case Study: NVIDIA leads by example with privacy-first AI

    NVIDIA

    INDUSTRY
    Technology (Healthcare)

    SOURCE
    Nvidia, eWeek

    A leading player within the AI solution space, NVIDIA's Clara Federated Learning provides a solution to a privacy-centric integration of AI within the healthcare industry.

    The solution safeguards patient data privacy by ensuring that all data remains within the respective healthcare provider's database, as opposed to moving it externally to cloud storage. A federated learning server is leveraged to share data, completed via a secure link. This framework enables a distributed model to learn and safely share client data without risk of sensitive client data being exposed and adheres to regulatory standards.

    Clara is run on the NVIDIA intelligent edge computing platform. It is currently in development with healthcare giants such as the American College of Radiology, UCLA Health, Massachusetts General Hospital, King's College London, Owkin in the UK, and the National Health Service (NHS).

    NVIDIA provides solutions across its product offerings, including AI-augmented medical imaging, pathology, and radiology solutions.

    Personal health information, data privacy, and AI

    • Global proliferation of data privacy regulations may be recent, but the realm of personal health information is most often governed by its own set of regulatory laws. Some countries with national data governance regulations include health information and data within special categories of personal data.
      • HIPAA - Health Insurance Portability and Accountability Act (1996, United States)
      • PHIPA - Personal Health Information Protection Act (2004, Canada)
      • GDPR - General Data Protection Regulation (2018, European Union)
    • This does not prohibit the use of AI within the healthcare industry, but it calls for significant care in the integration of specific technologies due to the highly sensitive nature of the data being assessed.

    Info-Tech's Privacy Framework Tool includes a best-practice comparison of GDPR, CCPA, PIPEDA, HIPAA, and the newly released NIST Privacy Framework mapped to a set of operational privacy controls.

    Download the Privacy Framework Tool

    Responsible AI Principle:

    Safety and Security

    Definition

    • Safety and security are designed into the systems to ensure only authorized personnel receive access to the system, they system is resilient to any attacks and data access is not compromised in any way, and there are no physical or mental risks to the users.

    Challenges

    • Consequences of using the application may be difficult to predict. Lower the risk by involving a multidisciplinary team that includes expertise from business stakeholders and IT teams.

    Initiatives

    • Adopt responsible design, development, and deployment best practices.
    • Provide clear information to deployers on responsible use of the system.
    • Assess potential risks of using the application.

    Cyberattacks targeting the AI model

    As organizations increase their usage and deployment of AI-based applications, cyberattacks on the AI model are an increasing new threat that can impair normal operations. Techniques to impair the AI model include:

    • Data Poisoning- Injecting data that is inaccurate or misleading can alter the behavior of the AI model. This attack can disrupt the normal operations of the model or can be used to manipulate the model to perform in a biased/deviant manner.
    • Algorithm Poisoning- This relatively new technique often targets AI applications using federated learning to train an AI model that is distributed rather than centralized. The model is vulnerable to attacks from each federated site, because each site could potentially manipulate its local algorithm and data, thereby poisoning the model.
    • Reverse-Engineering the Model- This is a different form of attack that focus on the ability to extract data from an AI and its data sets. By examining or copying data that was used for training and the data that is delivered by a deployed model, attackers can reconstruct the machine learning algorithm.
    • Trojan Horse- Similar to data poisoning, attackers use adversarial data to infect the AI's training data but will only deviate its results when the attacker presents their key. This enables the hackers to control when they want the model to deviate from normal operations.

    Responsible AI Principle:

    Explainability and Transparency

    Definition

    • Explainability is important to ensure the AI system is fair and non-discriminatory. The system needs to be designed in a manner that informs users and key stakeholders of how decisions were made.
    • Transparency focuses on communicating how the prediction or recommendation was made in a human-like manner.

    Challenges

    • Very complex AI models may use algorithms and techniques that are difficult to understand. This can make it challenging to provide clear and simple explanations for how the system works.
    • Some organizations may be hesitant to share the details of how the AI system works for fear of disclosing proprietary and competitive information or intellectual property. This can make it difficult to develop transparent and explainable AI systems.

    Initiatives

    • Overall, developing AI systems that are explainable and transparent requires a careful balance between performance, interpretability, and user experience.

    Case Study

    Apple Card Investigation for Gender Discrimination

    INDUSTRY
    Finance

    SOURCE
    Wired

    In August of 2019, Apple launched its new numberless credit card with Goldman Sachs as the issuing bank.

    Shortly after the card's release users noticed that the algorithm responsible for Apple Card's credit assessment seemed to assign significantly lower credit limits to women when compared to men. Even the wife of Apple's cofounder Steve Wozniak was subject to algorithmic bias, receiving a credit limit a tenth the size of Steve Wozniak's.

    Outcome

    When confronted on the subject, Apple and Goldman Sachs representatives assured consumers there is no discrimination in the algorithm yet could not provide any proof. Even when questioned about the algorithm, individuals from both companies could not describe how the algorithm worked, let alone how it generated specific outputs.

    In 2021, the New York State Department of Financial Services (NYSDFS) investigation found that Apple's banking partner did not discriminate based on sex. Even without a case for sexual or marital discrimination, the NYSDFS was critical of Goldman Sachs' response to its concerned customers. Technically, banks only have to disclose elements of their credit policy when they deny someone a line of credit, but the NYSDFS says that Goldman Sachs could have had a plan in place to deal with customer confusion and make it easier for them to appeal their credit limits. In the initial rush to launch the Apple Card, the bank had done neither.

    Responsible AI Principle:

    Fairness and Bias Detection

    Definition

    • Bias in an AI application refers to the systematic and unequal treatment of individuals based on features or traits that should not be considered in the decision-making process.

    Challenges

    • Establishing fairness can be challenging because it is subjective and depends on the people defining it. Regardless, most organizations and governments expect that unequal treatment toward any groups of people is unacceptable.

    Initiatives

    • Assemble a diverse group to test the system.
    • Identify possible sources of bias in the data and algorithms.
    • Comply with laws regarding accessibility and inclusiveness.

    Info-Tech Insight
    If unfair biases can be avoided, AI systems could even increase societal fairness. Equal opportunity in terms of access to education, goods, services, and technology should also be fostered. Moreover, the use of AI systems should never lead to people being deceived or unjustifiably impaired in their freedom of choice.

    Ungoverned AI makes organizations vulnerable

    • AI is often considered a "black box" for decision making.
    • Results generated from unexplainable AI applications are extremely difficult to evaluate. This makes organizations vulnerable and exposes them to risks such as:
      • Biased algorithms, leading to inaccurate decision making.
      • Missed business opportunities due to misleading reports or business analyses.
      • Legal and regulatory consequences that may lead to significant financial repercussions.
      • Reputational damage and significant loss of trust with increasingly knowledgeable consumers.

    Info-Tech Insight
    Biases that occur in AI systems are never intentional, yet they cannot be prevented or fully eliminated. Organizations need a governance framework that can establish the proper policies and procedures for effective risk-mitigating controls across an algorithm's lifecycle.

    Responsible AI Principle:

    Validity and Reliability

    Definition

    • Validity refers to how accurately or effectively the application produces results.
    • AI system results that are inaccurate or inconsistent increase AI risks and reduce the trustworthiness of the application.

    Challenges

    • There is a lack of standardized evaluation metrics to measure the system's performance. This can make it challenging for the AI team to agree on what defines validity and reliability.

    Initiatives

    • Assess training data and collected data for quality and lack of bias to minimize possible errors.
    • Continuously monitor, evaluate, and validate the AI system's performance.

    AI system performance: Validity and reliability

    Your principles should aim to ensure AI development always has high validity and reliability; otherwise, you introduce risk.

    Low Reliability,
    Low Validity

    High Reliability,
    Low Validity

    High Reliability,
    High Validity

    Best practices for ensuring validity and reliability include:

    • Data drift detection
    • Version control
    • Continuous monitoring and testing

    Responsible AI Principle:

    Accountability

    Definition

    • The group or organization(s) responsible for the impact of the deployed AI system.

    Challenges

    • Several stakeholders from multiple lines of business may be involved in any AI system, making it challenging to identify the organization that would be responsible and accountable for the AI application.

    Initiatives

    • Assess the latest NIST Artificial Intelligence Risk Management Framework and its applicability to your organization's risk management framework.
    • Assign risk management accountabilities and responsibilities to key stakeholders.
      • RACI diagrams are an effective way to describe how accountability and responsibility for roles, projects, and project tasks are distributed among stakeholders involved in IT risk management.

    AI Risk Management Framework

    At the heart of the AI Risk Management Framework is governance. The NIST (National Institute of Standards and Technology) AI Risk Management Framework v1 offers the following guidelines regarding accountability:

    • Roles and responsibilities and lines of communication related to mapping, measuring, and managing AI risks are documented and are clear to individuals and teams throughout the organization.
    • The organization's personnel and partners receive AI risk management training to enable them to perform their duties and responsibilities consistent with related policies, procedures, and agreements.
    • Executive leadership of the organization takes responsibility for decisions about risks associated with AI system development and deployment.

    AI Risk Management Framework

    Image by NIST

    1.1 Establish responsible AI principles

    4+ hours

    It is important to make sure the right stakeholders participate in this working group. Designing responsible AI guiding principles will require debate, insights, and business decisions from a broad perspective across the enterprise.

    1. Accelerate this exercise by leveraging an AI strategy that is aligned to the business strategy. Include:
    • The organization's AI vision and objectives
    • Business drivers for AI adoption
    • Market research
  • Bring your key stakeholders together. Ensure you consider:
    • Who are the decision makers and key influencers?
    • Who will impact the business?
    • Who has a vested interest in the success or failure of the practice? Who has the skills and competencies necessary to help you be successful?
  • Keep the conversation focused:
    • Do not focus on the organizational structure and hierarchy. Often stakeholder groups do not fit the traditional structure.
    • Do not ignore subject matter experts on either the business or IT side. You will need to consider both.
    Input Output
    • Understand external legal and regulatory requirements and organizational values and goals.
    • Perform a risk assessment on the proposed use case and develop a plan to monitor its impact.
    • Draft responsible AI principles specific to your organization
    Materials Participants
    • Whiteboard/flip charts
    • Guiding principle examples (from this blueprint)
    • Executive stakeholders
    • CIO
    • Other IT leadership

    Assemble executive stakeholders

    Set yourself up for success with these three steps.

    CIOs tasked with designing digital strategies must add value to the business. Given the goal of digital is to transform the business, CIOs will need to ensure they have both the mandate and support from the business executives.

    Designing the digital strategy is more than just writing up a document. It is an integrated set of business decisions to create a competitive advantage and financial returns. Establishing a forum for debates, decisions, and dialogue will increase the likelihood of success and support during execution.

    1. Confirm your role
    The AI strategy aims to transform the business. Given the scope, validate your role and mandate to lead this work. Identify a business executive to co-sponsor.

    2. Identify stakeholders
    Identify key decision makers and influencers who can help make rapid decisions as well as garner support across the enterprise.

    3. Gather diverse perspectives

    Align the AI strategy with the corporate strategy

    Organizational Strategy Unified Strategy AI Strategy
    • Conveys the current state of the organization and the path it wants to take.
    • Identifies future goals and organizational aspirations.
    • Communicates the initiatives that are critical for getting the organization from its current state to the future state.
    • AI optimization can be and should be linked, with metrics, to the corporate strategy and ultimate organizational objectives.
    • Identifies AI initiatives that will support the business and key AI objectives.
    • Outlines staffing and resourcing for AI initiatives.
    • Communicates the organization's budget and spending on AI.

    Info-Tech Insight
    AI projects are more successful when the management team understands the strategic importance of alignment. Time needs to be spent upfront aligning organizational strategies with AI capabilities. Effective alignment between IT and other departments should happen daily. Alignment doesn't occur at the executive level alone, but at each level of the organization.

    Key AI strategy initiatives

    AI Key Initiative Plan

    Initiatives collectively support the business goals and corporate initiatives and improve the delivery of IT services.

    1 Revenue Support Revenue Initiatives
    These projects will improve or introduce business processes to increase revenue.
    2 Operational Excellence Improve Operational Excellence
    These projects will increase IT process maturity and will systematically improve IT.
    3 Innovation Drive Technology Innovation
    These projects will improve future innovation capabilities and decrease risk by increasing technology maturity.
    4 Risk Mitigation Reduce Risk
    These projects will improve future innovation capabilities and decrease risk by increasing technology maturity.

    Establish responsible AI guiding principles

    Guiding principles help define the parameters of your AI strategy. They act as a priori decisions that establish guardrails to limit the scope of opportunities from the perspective of people, assets, capabilities, and budgetary perspectives that are aligned with the business objectives. Consider these components when brainstorming guiding principles:

    Breadth AI strategy should span people, culture, organizational structure, governance, capabilities, assets, and technology. The guiding principle should cover the entire organization.
    Planning Horizon Timing should anchor stakeholders to look to the long term with an eye on the foreseeable future, i.e. business value-realization in one to three years.
    Depth Principles need to encompass more than the enterprise view of lofty opportunities and establish boundaries to help define actionable initiatives (i.e. individual projects).

    Responsible AI guiding principles guide the development and deployment of the AI model in a way that considers human-based principles (such as fairness).

    Start with foundational responsible AI guiding principles

    Responsible AI

    Guiding Principles
    Principle #1 - Privacy
    Individual data privacy must be respected.
    • Do you understand the organization's privacy obligations?
    Principle #2 - Fairness and Bias Detection
    Data used will be unbiased in order to produce predictions that are fair.
    • Are the uses of the application represented in your testing data?
    Principle #3 - Explainability and Transparency
    Decisions or predictions should be explainable.
    • Can you communicate how the model behaves in nontechnical terms?
    Principle #4 - Safety and Security
    The system needs to be secure, safe to use, and robust.
    • Are there unintended consequences to others?
    Principle #5 - Validity and Reliability
    Monitoring of the data and the model needs to be planned for.
    • How will the model's performance be maintained?
    Principle #6 - Accountability
    A person or organization needs to take responsibility for any decisions that are made as a result of the model.
    • Has a risk assessment been performed?
    Principle #n - Custom
    Add additional principles that address compliance or are customized for the organization/industry.

    (Optional) Customize responsible AI guiding principles

    Here is an example for organizations in the healthcare industry

    Responsible AI

    Guiding Principles:
    Principle #1
    Respect individuals' privacy.
    Principle #2
    Clinical study participants and data sets are representative of the intended patient population.
    Principle #3
    Provide transparency in the use of data and AI.
    Principle #4
    Good software engineering and security practices are implemented.
    Principle #5
    Deployed models are monitored for Performance and Re-training risks are managed.
    Principle #6
    Take ownership of our AI systems.
    Principle #7
    Design AI systems that empower humans and promote equity.

    These guiding principles are customized to the industry and organizations but remain consistent in addressing the common core AI challenges.

    Phase 2

    Assess Current Level of AI Maturity

    Phase 1
    1. Establish Responsible AI Guiding Principles

    Phase 2
    1. Assess Current Level of AI Maturity

    Phase 3
    1. Prioritize Candidate Opportunities
    2. Develop Policies

    Phase 4
    1. Build and Communicate the Roadmap

    AI Maturity Model

    A principle-based approach is required to advance AI maturity

    Chart for AI maturity model

    Technology-Centric: These maturity levels focus primarily on addressing the technical challenges of building a functional AI model.

    Principle-Based: Beyond the technical challenges of building the AI model are human-based principles that guide development in a responsible manner to address consumer and government demands.

    AI Maturity Dimensions

    Assess your AI maturity to understand your organization's ability to deliver in a digital age

    AI Governance
    Does your organization have an enterprise-wide, long-term strategy with clear alignment on what is required to accomplish it?

    Data Management
    Does your organization embrace a data-centric culture that shares data across the enterprise and drives business insights by leveraging data?

    People
    Does your organization employ people skilled at delivering AI applications and building the necessary data infrastructure?

    Process
    Does your organization have the technology, processes, and resources to deliver on its AI expectations?

    Technology
    Does your organization have the required data and technology infrastructure to support AI-driven digital transformation?

    AI Maturity Model dimensions and characteristics

    MATURITY LEVEL
    Exploration Incorporation Proliferation Optimization Transformation
    AI Governance Awareness AI model development AI model deployment Corporate governance Driven by ethics and societal considerations
    Data Management Silo-based Data enablement Data standardization Data is a shared asset Data can be monetized
    People Few skills Skills enabled to implement silo-based applications Skills accessible to all organizations Skills development for all organizations AI-native culture
    Process No standards Focused on specific business outcomes Operational Self-service Driven by innovation
    Technology (Infrastructure and AI Enabler) No dedicated infrastructure or tools Infrastructure and tools driven by POCs Purpose-built infrastructure, custom or commercial-off-the-shelf (COTS) AI tools Self-service model for AI environment Self-service model for any IT environment

    AI Maturity Dimension:

    AI Governance

    Requirements

    • AI governance requires establishing policies and procedures for AI model development and deployment. Organizations begin with an awareness of the role of AI governance and evolve to a level to where AI governance is integrated with organization-wide corporate governance.

    Challenges

    • Beyond the governance of AI technology, the organization needs to evolve the governance program to align to responsible AI guiding principles.

    Initiatives

    • Establish responsible AI guidelines to govern AI development.
    • Introduce an AI review board to review all AI projects.
    • Introduce automation and standardize AI development processes.

    AI governance is a foundation for responsible AI

    AI Governance

    Responsible AI Principles are a part of how you manage and govern AI

    Monitoring
    Monitoring compliance and risk of AI/ML systems/models in production

    Tools & Technologies
    Tools and technologies to support AI governance framework implementation

    Model Governance
    Ensuring accountability and traceability for AI/ML models

    Organization
    Structure, roles, and responsibilities of the AI governance organization

    Operating Model
    How AI governance operates and works with other organizational structures to deliver value

    Risk & Compliance
    Alignment with corporate risk management and ensuring compliance with regulations and assessment frameworks

    Policies/Procedures/ Standards
    Policies and procedures to support implementation of AI governance

    AI Maturity Dimension:

    Data Management

    Requirements

    • Organizations begin their data journey with a focus on pursuing quality data for the AI model. As organizations evolve, data management tools are leveraged to automate the capture, integration, processing, and deployment of data.

    Challenges

    • A key challenge is to acquire large volumes of quality data to properly train the model. In addition, maintaining data privacy, automating the data management lifecycle, and ensuring data is used in a responsible manner are ongoing challenges.

    Initiatives

    • Implement GDPR requirements.
    • Establish responsible data collection and processing practices.
    • Implement strong information security and data protection practices.
    • Implement a data governance program throughout the organization.

    Data governance enables AI

    • Integrity, quality, and security of data are key outputs of data governance programs, as well as necessities for effective AI.
    • Data governance focuses on creating accountability at the internal and external stakeholder level and establishing a set of data controls from technical, process, and policy perspectives.
    • Without a data governance framework, it is increasingly difficult to harness the power of AI integration in an ethical and organization-specific way.

    Data Governance in Action

    Canada has recently established the Canadian Data Governance Standardization Collaborative governed by the Standards Council of Canada. The purpose is multi-pronged:

    • Examine the foundational elements of data governance (privacy, cybersecurity, ethics, etc.).
    • Lay out standards for data quality and data collection best practices.
    • Examine infrastructure of IT systems to support data access and sharing.
    • Build data analytics to promote effective and ethical AI solutions.

    Source: Global Government Forum

    Download the Establish Data Governance blueprint

    Data Governance

    AI Maturity Dimension:

    People

    Requirements

    • Several data-centric skills and roles are required to successfully build, deploy, and maintain the AI model. The organization evolves from having few skills to everybody being able to leverage AI to enhance business outcomes.

    Challenges

    • AI skills can be challenging to find and acquire. Many organizations are investing in education to enhance their existing resources, leveraging no-code systems and software as a service (SaaS) applications to address the skills gap.

    Initiatives

    • Promote a data-centric culture throughout the organization.
    • Leverage and educate technical-oriented business analysts and business-oriented data engineers to help address the demand for skilled resources.
    • Develop an AI Center of Excellence accessible by all departments for education, guidance, and best practices for building, deploying, and maintaining the AI model.

    Multidisciplinary skills are required for successful implementation of AI applications

    Blending AI with technology and business domain understanding is key. Neither can be ignored.

    Business Domain Expertise

    • Business Analysts
    • Industry Analysts

    AI/Data Skills

    • Data Scientists
    • Data Engineers
    • Data Analysts

    IT Skills

    • Database Administrators
    • Systems Administrators
    • Compute Specialists

    AI Maturity Dimension:

    Process

    Requirements

    • Automating processes involved with building, deploying, and maintaining the model is required to enable the organization to scale, enforce standards, improve time to market, and reduce costs. The organization evolves from performing tasks manually to an environment where all major processes are AI enabled.

    Challenges

    • Many solutions are available to automate the development of the AI model. There are fewer tools to automate responsible AI processes, but this market is growing rapidly.

    Initiatives

    • Assess opportunities to accelerate AI development with the adoption of MLOps.
    • Assess responsible AI toolkits to test compliance with guiding principles.

    Automating the AI development process

    Evolving to a model-driven environment is pivotal to advancing your AI maturity

    Current Environment

    Model Development - Months

    • Model rewriting
    • Manual optimization and scaling
    • Development/test/release
    • Application monoliths

    Data Discovery & Prep - Weeks

    • Navigating data silos
    • Unactionable metadata
    • Tracing lineage
    • Cleansing and integration
    • Privacy and compliance

    Install Software and Hardware - Week/Months

    • Workload contention
    • Lack of tool flexibility
    • Environment request and setup
    • Repeatability of results
    • Lack of data and model sharing

    Model-Driven Development

    Machine Learning as a Service (MLaaS) - Weeks

    • Apply DevOps and continuous integration/delivery (CI/CD) principles
    • Microservices/Cloud-native applications
    • Model portability and reuse
    • Streaming/API integration

    Data as a Service - Hours

    • Self-service data catalog
    • Searchable metadata
    • Centralized access control
    • Data collaboration
    • Data virtualization

    Platform as a Service - Minutes/Hours

    • Self-service data science portal
    • Integrated data sandbox
    • Environment agility
    • Multi-tenancy

    Shared, Optimized Infrastructure

    AI Maturity Dimension:

    Technology

    Requirements

    • A technology platform that is optimized for AI and advanced analytics is required. The organization evolves from ad hoc systems to an environment where the AI hardware and software can be deployed through a self-service model.

    Challenges

    • Software and hardware platforms to optimize AI performance are still relatively new to most organizations. Time spent on optimizing the technology platform can have a significant impact on the overall performance of the system.

    Initiatives

    • Assess the landscape of AI enablers that can drive business value for the organization.
    • Assess opportunities to accelerate the deployment of the AI platform with the adoption of infrastructure as a service (IaaS) and platform as a service (PaaS).
    • Assess opportunities to accelerate performance with the optimization of AI accelerators.

    AI enablers

    Use case requirements should drive the selection of the tool

    BPM RPA Process Mining AI
    Use Case Examples Expense reporting, service orders, compliance management, etc. Invoice processing, payroll, HR information processing, etc. Process discovery, conformance checking, resource optimization and cycle time optimization Advanced analytics and reporting, decision-making, fraud detection, etc.
    Automation Capabilities Can be used to re-engineer process flows to avoid bottlenecks Can support repetitive and rules-based tasks Can capture information from transaction systems and provide data and information about how key processes are performing Can automate complex data-driven tasks requiring assessments in decision making
    Data Formats Structured (i.e. SQL) and semi-structured data (i.e. invoices) Structured data and semi-structured data Event logs, which are often structured data and semi-structured data Structured and unstructured data (e.g. images, audio)
    Technology
    • Workflow engines to support process modeling and execution
    • Optimize business process efficiency
    • Automation platform to perform routine and repetitive tasks
    • Can replace or augment workers
    Enables business users to identify bottlenecks and deviations with their workflows and to discover opportunities to optimize performance Deep learning algorithms leveraging historical data to support computer vision, text analytics and NLP

    AI and data analytics data platform

    An optimized data platform is foundational to maximizing the value from AI

    AI and data analytics data platform

    Data Platform Capabilities

    • Support for a variety of analytical applications, including self-service, operational, and data science analytics.
    • Data preparation and integration capabilities to ingest structured and unstructured data, move and transform raw data to enriched data, and enable data access for the target userbase.
    • An infrastructure platform optimized for advanced analytics that can perform and scale.

    Infrastructure - AI accelerators

    Questions for support transition

    "By 2025, 70% of companies will invest in alternative computing technologies to drive business differentiation by compressing time to value of insights from complex data sets."
    - IDC

    2.1 Assess current AI maturity

    1-3 hours

    It is important to understand the current capabilities of the organization to deliver and deploy AI-based applications. Consider that advancing AI capabilities will also involve organizational changes and integration with the organization's governance and risk management programs.

    1. Assess the organization's current state of AI capabilities with respect to its AI governance, data, people, process, and technology infrastructure using Info-Tech's AI Maturity Assessment & Roadmap Tool.
    2. Consider the following as you complete the assessment:
      1. What is the state of AI and data governance in the organization?
      2. Does the organization have the skills, processes, and technology environment to deliver AI-based applications?
      3. What organization will be accountable for any and all business outcomes of using the AI applications?
      4. Has a risk assessment been performed?
    3. Make sure you avoid the following common mistakes:
      1. Do not focus only on addressing the technical challenges of building the AI model.
      2. Do not ignore subject matter experts on either the business or IT side. You will need to consider both.

    Download the AI Maturity Assessment & Roadmap Tool

    Input Output
    • Any documented AI policies, standards, and best practices
    • Corporate and AI governance practices
    • Any risk assessments
    • AI maturity assessment
    Materials Participants
    • Whiteboard/flip charts
    • AI Maturity Assessment & Roadmap Tool
    • AI initiative lead
    • CIO
    • Other IT leadership

    Perform the AI Maturity Assessment

    The Scale

    Assess your AI maturity by selecting the maturity level that closest resembles the organization's current AI environment. Maturity dimensions that contribute to overall AI maturity include AI governance, data management, people, process, and technology capabilities.

    AI Maturity Assessment

    Exploration (1.0)

    • No experience building or using AI applications.

    Incorporation (2.0)

    • Some skills in using AI applications, or AI pilots are being considered for use.

    Proliferation (3.0)

    • AI applications have been adopted and implemented in multiple departments. Some of the responsible AI guiding principles are addressed (i.e. data privacy).

    Optimization (4.0)

    • The organization has automated the majority of its digital processes and leverages AI to optimize business operations. Controls are in place to monitor compliance with responsible AI guiding principles.

    Transformation (5.0)

    • The organization has adopted an AI-native culture and approach for building or implementing new business capabilities. Responsible AI guiding principles are operationalized with AI processes that proactively address possible breaches or risks associated with AI applications.

    Perform the AI Maturity Assessment

    AI Governance (1.0-5.0)

    1. Is there awareness of the role of AI governance in our organization?
    • No formal procedures are in place for AI development or deployment of applications.
  • Are there documented guidelines for the development and deployment of pilot AI applications?
    • No group is assigned to be responsible for AI governance in our organization.
  • Are accountability and authority related to AI governance clearly defined for our organization?
    • Our organization has adopted and enforces standards for developing and deploying AI applications throughout the organization.
  • Are we using tools to automate and validate AI governance compliance?
    • Our organization is integrating an AI risk framework with the corporate risk management framework.
  • Does our organization lead its industry with its pursuit of corporate compliance initiatives (e.g. ESG compliance) and regulatory compliance initiatives?
    • Our organization leads the industry with the inclusion of responsible AI guiding principles with respect to transparency, accountability, risk, and governance.

    Data Management/AI Data Capabilities (1.0-5.0)

    1. Is there an awareness in our organization of the data requirements for developing AI applications?
    • Data is often siloed and not easily accessible for AI applications.
  • Do we have a successful, repeatable approach to preparing data for AI pilot projects?
    • Required data is pulled from various sources in an ad hoc manner.
  • Does our organization have standards and dedicated staff for data management, data quality, data integration, and data governance?
    • Tools are available to manage the data lifecycle and support the data governance program.
  • Have relevant data platforms been optimized for AI and data analytics and are there tools to enforce compliance with responsible AI principles?
    • The data platform has been optimized for performance and access.
  • Is there an organization-wide understanding of how data can support innovation and responsible use of AI?
    • Data culture exists throughout our organization, and data can be leveraged to drive innovation initiatives.

    People/AI Skills in the Organization (1.0-5.0)

    1. Is there an awareness in our organization of the skills required to build AI applications?
    • No or very little skills exist throughout our organization.
  • Do we have the skills required to implement an AI proof of concept (POC)?
    • No formal group is assigned to build AI applications.
  • Are there sufficient staff and skills available to the organization to develop, deploy, and run AI applications in production?
    • An AI Center of Excellence has been formed to review, develop, deploy, and maintain AI applications.
  • Is there a group responsible for educating staff on AI best practices and our organization's responsible AI guiding principles?
    • AI skills and people responsible for AI applications are spread throughout our organization.
  • Is there a culture where the organization is constantly assessing where business capabilities, services, and products can be re-engineered or augmented with AI?
    • The entire organization is knowledgeable on how to leverage AI to transform the business.

    Perform the AI Maturity Assessment

    AI Processes (1.0-5.0)

    1. Is there an awareness in our organization of the core processes and supporting tools that are required to build and support AI applications?
    • There are few or no automated tools to accelerate the AI development process.
  • Do we have a standard process to iteratively identify, select, and pilot new AI use cases?
    • Only ad hoc practices are used for developing AI applications.
  • Are there standard processes to scale, release, deploy, support, and enable use of AI applications?
    • Our organization has documented standards in place for developing AI applications and deploying them AI to production.
  • Are we automating deployment, testing, governance, audit, and support processes across our AI environment?
    • Our organization can leverage tools to perform an AI risk assessment and demonstrate compliance with the risk management framework.
  • Does our organization lead our industry by continuously improving and re-engineering core processes to drive improved business outcomes?
    • Our organization leads the industry in driving innovation through digital transformation.

    Technology/AI Infrastructure (1.0-5.0)

    1. Is there an awareness in our organization of the infrastructure (hardware and software) required to build AI applications?
    • There is little awareness of what infrastructure is required to build and support AI applications.
  • Do we have the required technology infrastructure and AI tools available to build pilot or one-off AI applications?
    • There is no dedicated infrastructure for the development of AI applications.
  • Is there a shared, standardized technology infrastructure that can be used to build and run multiple AI applications?
    • Our organization is leveraging purpose-built infrastructure to optimize performance.
  • Is our technology infrastructure optimized for AI and advanced analytics, and can it be deployed or scaled on demand by teams building and running AI applications within the organization?
    • Our organization is leveraging cloud-based deployment models to support AI applications in on-premises, hybrid, and public cloud platforms.
  • Is our organization developing innovative approaches to acquiring, building, or running AI infrastructure?
    • Our organization leads the industry with its ability to respond to change and to leverage AI to improve business outcomes.

    Phase 3

    Prioritize Candidate Opportunities and Develop Policies

    Phase 1
    1. Establish Responsible AI Guiding Principles

    Phase 2
    1. Assess Current Level of AI Maturity

    Phase 3
    1. Prioritize Candidate Opportunities
    2. Develop Policies

    Phase 4
    1. Build and Communicate the Roadmap

    3.1 Prioritize candidate AI opportunities

    1-3 hours

    Identify business opportunities that are high impact to your business and its customers and have low implementation complexity.

    1. Leverage the business capability map for your organization or industry to identify candidate business capabilities to augment or automate with generative AI.
    2. Establish criteria to assess candidate use cases by evaluating against the organization's mission and goals, the responsible AI guiding principles, and the complexity of the project.
    3. Ensure that candidate business capabilities to be automated align with the organization's business criteria, responsible AI guiding principles, and resources to deliver the project.
    4. Make sure you avoid sharing the organization's sensitive data if the application is deployed on the public cloud.

    Download the AI Maturity Assessment and Roadmap Tool

    Input Output
    • Business capability map
    • Organization mission, vision, and strategic goals
    • Responsible AI guiding principles
    • Prioritized list of generative AI initiatives
    Materials Participants
    • Whiteboard/flip charts
    • Info-Tech prioritization matrix
    • AI initiative lead
    • CIO
    • Other IT leadership
    • Business SMEs

    The business capability map for an organization

    A business capability map is an abstraction of business operations that helps describe what the enterprise does to achieve its vision, mission, and goals, rather than how. Business capabilities are the building blocks of the enterprise. They represent stable business functions, are unique and independent of each other, and typically will have a defined business outcome.

    Business capabilities are supported by people, process, and technology.

    Business capability map

    While business capability maps are helpful tools for a variety of strategic purposes, in this context they act as an investigation into what technology your business units use and how they use it.

    Business capability map

    Defining Capabilities
    Activities that define how the entity provides services. These capabilities support the key value streams for the organization.

    Enabling Capabilities
    Support the creation of strategic plans and facilitate business decision making as well as the functioning of the organization (e.g. information technology, financial management, HR).

    Shared Capabilities
    These predominantly customer-facing capabilities demonstrate how the entity supports multiple value streams simultaneously.

    Leverage your industry's capability maps to identify candidate opportunities/initiatives

    Business capability map defined...

    In business architecture, the primary view of an organization is known as a business capability map.

    A business capability defines what a business does to enable value creation, rather than how. Business capabilities:

    • Represent stable business functions.
    • Are unique and independent of each other.
    • Typically will have a defined business outcome.

    A business capability map provides details that help the business architecture practitioner direct attention to a specific area of the business for further assessment.

    Note: This is an illustrative business capability map example for Marketing & Advertising

    Business capability map example

    Business value vs. complexity assessment

    Leverage our simple value-to-effort matrix to help prioritize your AI initiatives

    Common business value drivers

    • Drive revenue
    • Improve operational excellence
    • Accelerate innovation
    • Mitigate risk

    Common project complexity characteristics

    • Resources required
    • Costs (acquisition, operational, support...)
    • Training required
    • Risk involved
    • Etc.
    1. Determine a business value and project complexity score for the candidate business capability or initiative.
    2. Plot initiatives on the matrix.
    3. Prioritize initiatives with high business value and low complexity.

    Business value vs complexity

    Assess business value vs. project complexity to prioritize candidate opportunities for generative AI

    Assess business value vs project complexity

    Prioritize opportunities/initiatives with high business value and low project complexity

    Prioritize opportunities with high business value and low project complexity

    Prioritization criteria exercise 1: Assessing the Create Content capability

    Exercise 1 Assessing the Create Content capability

    Assessing the Create Content capability

    This opportunity is removed because it does not pass the organization/business criteria

    Assessing the Create Content capability

    Prioritization criteria exercise 2: Assessing the Content Production capability

    Exercise 2 Assessing the Content Production capability

    Assessing the Content Production capability

    This opportunity is accepted because it passes the organization's business, responsible AI, and project criteria

    Assessing the Content Production capability

    3.2 Communicate policies for AI use

    1-3 hours

    1. Ensure policies for usage align with the organization's business criteria, responsible AI guiding principles, and ability to deliver the projects prioritized and beyond.
    2. Understand the current benefits as well as limits and risk associated with any proposed generative AI-based solution.
    3. Ensure you consider the following:
      1. What data is being shared with the application?
      2. Is the generative AI application deployed on the public cloud? Can anybody access the data provided to the application?
      3. Avoid using very technical, legal, or fear-based communication for your policies.
    InputOutput
    • Business capability map
    • Organization mission, vision and strategic goals
    • Responsible AI guiding principles
    • Prioritized list of generative initiatives
    MaterialsParticipants
    • Whiteboard/flip charts
    • Info-Tech prioritization matrix
    • AI initiative lead
    • CIO
    • Other IT leadership

    Generative AI policy for the Create Content capability

    Aligning policies to direct the uses assessed and implemented is essential

    Example

    Many of us have been involved in discussions regarding the use of ChatGPT in our marketing and sales initiatives. ChatGPT is a powerful tool that needs to be used in a responsible and ethical manner, and we also need to ensure the integrity and accuracy of its results. Here is our policy on the use of ChatGPT:

    • You are free to use generative AI to assist your searches, but there are NO circumstances under which you are to reproduce generative AI output (text, image, audio, video, etc.) in your content.

    If you have any questions regarding the use of ChatGPT, please feel free to reach out to our generative AI team and/or any member of our senior leadership team.

    Generative AI policy for the Content Production capability

    These policies should align to and reinforce your responsible AI principles

    Example

    Many of us have been involved in discussions regarding the use of ChatGPT in our deliverables. ChatGPT is a powerful tool that needs to be used in a responsible and ethical manner, and we also need to ensure the integrity and accuracy of its results. Here is our policy on the use of ChatGPT:

    • If you use ChatGPT, you need to assess the accuracy of its response before including it in our content. Assessment includes verifying the information, seeing if bias exists, and judging its relevance.
    • Employees must not:
      • Provide any customer, citizen, or third-party content to any generative AI tool (public or private) without the express written permission of the CIO or the Chief Information Security Officer. Generative AI tools often use input data to train their model, therefore potentially exposing confidential data, violating contract terms and/or privacy legislation, and placing the organization at risk of litigation or causing damage to our organization.
      • Engage in any activity that violates any applicable law, regulation, or industry standard.
      • Use services for illegal, harmful, or offensive purposes.
      • Create or share content that is deceptive, fraudulent, or misleading or that could damage the reputation of our organization.
      • Use services to gain unauthorized access to computer systems, networks, or data.
      • Attempt to interfere with, bypass controls of, or disrupt operations, security, or functionality of systems, networks, or data.

    If you have any questions regarding the use of ChatGPT, please feel free to reach out to our generative AI team and/or any member of our senior leadership team.

    Phase 4

    Build the Roadmap

    Phase 1
    1. Establish Responsible AI Guiding Principles

    Phase 2
    1. Assess Current Level of AI Maturity

    Phase 3
    1. Prioritize Candidate Opportunities
    2. Develop Policies

    Phase 4
    1. Build and Communicate the Roadmap

    4.1.1 Create the implementation plan for each prioritized initiative

    1-3 hours

    1. Build the implementation plan for each accepted use case using the roadmap template.
    2. Assess the firm's capabilities with respect to the dimensions of AI maturity and target the future-state capabilities you need to develop.
    3. Prepare by assessing the risk of the proposed use cases.
    4. Ensure initiatives align with organizational objectives.
    5. Ensure all AI initiatives have a defined value expectation.
    6. Do not ignore subject matter experts on either the business or IT side. You will need to consider both.

    Download the AI Maturity Assessment and Roadmap Tool

    Input Output
    • Prioritized initiatives
    • Risk assessment of initiatives
    • Organizational objectives
    • Initiative implementation plans aligned to value drivers and maturity growth
    Materials Participants
    • Whiteboard/flip charts
    • AI Maturity Assessment and Roadmap Tool
    • AI initiative lead
    • CIO
    • Other IT leadership
    • Business subject matter experts

    Target-state options

    Identify the future-state capabilities that need to be developed to deliver your use cases

    1. Build an implementation plan for each use case to adopt.
    2. Assess if the current state of the AI environment can be leveraged to deliver the selected generative AI use cases.
    3. If the current AI environment is not sufficient, identify the future state required that will enable the delivery of the generative AI use cases. Identify gaps and build the roadmap to address the gaps.
    Current state Strategy
    The existing environment satisfies functionality, integration, and responsible AI guidelines for the proposed use cases. Maintain current environment
    The existing environment addresses technical requirements but not all the responsible AI guidelines. Augment current environment
    The environment neither addresses the technical requirements of the proposed use cases nor complies with the responsible AI guidelines. Transform the current environment

    4.1.2 Design metrics for success

    1-2 hours

    Establish metrics to measure to determine the success or failure of each POC.

    1. Discuss which relevant currently tracked metrics are useful to continue tracking for the POC.
    2. Discuss which metrics are irrelevant to the POC.
    3. Discuss metrics to start tracking and how to track them with the generative AI vendor.
    4. Compile a list of metrics relevant to the POC.
    5. Decide what the outcome is if the metric is high or low, including decision steps and relevant actions.
    6. Designate a generative AI application owner and a vendor liaison.

    Prepare by building an implementation plan for each candidate use case (previous step).

    Include key performance indicators (KPIs) and metrics that measure the application's contribution to strategic initiatives.

    Consider assigning a vendor liaison to accelerate the implementation and adoption of the generative AI-based solution.

    InputOutput
    • Initiative implementation plans
    • Current SLAs of selected use case
    • Organization mission, vision, and strategic goals
    • Measurable initiative metrics to track
    MaterialsParticipants
    • Whiteboard/flip charts
    • AI Maturity Assessment and Roadmap Tool
    • AI initiative lead
    • CIO
    • Other IT leadership
    • Business SMEs
    • Generative AI vendor liaison

    Generative AI POC metrics - examples

    You need to measure the effectiveness of your initiatives. Here are some typical examples.

    Generative AI Feature Assessment
    User Interface
    Is it intuitive? Is training required?
    Ease of Use
    How much training is required before using?
    Response Time
    What is the response time for simple to complex tasks?
    Accuracy of Response
    Can the output be validated?
    Quality of Response
    How usable is the response? For text prompts, does the response align to the desired style, vocabulary, and tone?
    Creativity of Response
    Does the output appear new compared to previous results before using generative AI?
    Relevance of Response
    How well does the output address the prompt or request?
    Explainability
    Can a user describe how the output was generated?
    Scalability
    Does the application continue to perform as more users are added? Can it ingest large amounts of data?
    Productivity Gains
    Can you measure the time or effort saved?
    Business Value
    What value drivers are behind this initiative? (I.e. revenue, costs, time to market, risk mitigation.) Estimate a monetary value for the business outcome.
    Availability/Resilience
    What happens if a component of the application becomes unavailable? How does it recover?
    Security Model
    Where are the prompts and responses stored? Who has access to the sessions/dialogue? Are the prompts used to train the foundation model?
    Administration and Maintenance
    What resources are required to operate the application?
    Total Cost of Ownership
    What is the pricing model? Are there ongoing costs?

    GitHub Copilot POC business value - example

    Quantifying the benefits of GitHub Copilot to demonstrate measurable business value

    POC Results

    Task 1: Creating a web server in JavaScript

    • Time to complete task with GitHub Copilot: 1 hour 11 minutes
    • Time to complete the task without GitHub Copilot: 2 hours 41 minutes
    • Productivity Gain = (1 hour 30 minutes time saved) / (2 hours 41 minutes) = 55%
    • Benefit per Programmer = 55% x (average salary of a programmer)
    • Total Benefit of GitHub Copilot for Task 1 = (benefit per programmer) x (# of programmers)

    Enterprise Value of GitHub Copilot = Total Benefit of GitHub Copilot for Task 1 + Total Benefit of GitHub Copilot for Task 2 + ... + Total Benefit of GitHub Copilot for Task n

    Source: GitHub

    4.1.3 Build your generative AI initiative roadmap

    1-3 hours

    The roadmap should provide a compelling vision of how you will deliver the identified generative AI applications by prioritizing and simplifying the actions required to deliver these new initiatives.

    1. Leverage tab 4, Initiative Planning, in the AI Maturity Assessment and Roadmap Tool to create and align your initiatives to the key value driver they are most relevant to:
      1. Transfer the results of your value and complexity assessments to this tool to drive the prioritization.
      2. Assign responsible owners to each initiative.
      3. Identify which AI maturity capabilities each initiative will enhance. However, do not build or introduce new capabilities merely to advance the organization's AI maturity level.
    2. Review the Gantt chart to ensure alignment and assess overlap.

    Download the AI Maturity Assessment and Roadmap Tool

    InputOutput
    • Each initiative implementation plan
    • Proposed owners
    • AI maturity assessment
    • Generative AI initiative roadmap and Gantt chart
    MaterialsParticipants
    • Whiteboard/flip charts
    • AI Maturity Assessment and Roadmap Tool
    • AI initiative lead
    • CIO
    • Other IT leadership
    • Business SMEs

    Build your generative AI roadmap to visualize your key project plans

    Visual representations of data are more compelling than text alone.

    Develop a high-level document that travels with the project from inception through to executive inquiry, project management, and finally execution.

    A project needs to be discrete: able to be conceptualized and discussed as an independent item. Each project must have three characteristics:

    • Specific outcome: An explicit change in the people, processes, or technology of the enterprise.
    • Target end date: When the described outcome will be in effect.
    • Owner: Who on the IT team is responsible for executing on the initiative.

    Build your generative AI roadmap to visualize your key project plans

    Info-Tech Insight
    Don't project your vision three to five years into the future. Deep dive on next year's big-ticket items instead.

    4.1.4 Build a communication plan for your roadmap

    1-3 hours

    1. Identify your target audience and what they need to know.
    2. Identify desired channels of communication and details for the target audience.
    3. Describe communication required for each audience segment.
    4. List frequency of communication for each audience segment.
    5. Create an executive presentation leveraging The Era of Generative AI C-Suite Presentation and AI Maturity Assessment and Roadmap Tool.
    Input Output
    • Stakeholder list
    • Proposed owners
    • AI maturity assessment
    • Communications plan for all impacted stakeholders
    • Executive communication pack
    Materials Participants
    • Whiteboard/flip charts
    • The Era of Generative AI C-Suite Presentation
    • AI Maturity Assessment and Roadmap Tool
    • AI initiative lead
    • CIO
    • Communication lead
    • Technical support staff for target use case

    Generative AI communication plan

    Well-planned communications are essential to the success and adoption of your AI initiatives

    To ensure that organization's roadmap is clearly communicated across the AI, data, technology, and business organizations, develop a rollout strategy, like this example.

    Example

    Audience Channel Level of Detail Description Timing
    Generative AI team Email, meetings All
    • Distribute plan; solicit feedback.
    • Address manager questions to equip them to answer employee questions.
    Q3 2023, (September, before entire data team)
    Data management team Email, Q&A sessions following Data management summary deck
    • Roll out after corporate strategy, in same form of communication.
    • Solicit feedback, address questions.
    Q4 2023 (late November)
    Select business stakeholders Presentations Executive deck
    • Pilot test for feedback prior to executive engagement.
    Q4 2023 (early December)
    Executive team Email, briefing Executive deck
    • Distribute plan.
    Q1 2024

    Deliver an executive presentation of the roadmap for the business stakeholders

    After you complete the activities and exercises within this blueprint, the final step of the process is to present the deliverable to senior management and stakeholders.

    Know Your Audience

    • Business stakeholders are interested in understanding the business outcomes that will result from their investment in generative AI.
    • Your audience will want to understand the risks involved and how to mitigate those risks.
    • Explain how the generative AI project was selected and the criteria used to help draft generative AI usage policies.

    Recommendations

    • Highlight the need for responsible AI to ensure that human-based requirements are being addressed.
    • Ensure your generative AI team includes both business and technical staff.

    Download The Era of Generative AI C-Suite Presentation

    Bibliography

    "A pro-innovation approach to AI regulation." UK Department for Science, Innovation and Technology, March 2023. Web.

    "Artificial Intelligence Act." European Commission, 21 April 2021. Web.

    "Artificial Intelligence and Data Act (AIDA)." Canadian Federal Government, June 2022. Web.

    "Artificial Intelligence Index Report 2023." Stanford University, April 2023. Web.

    "Automated Employment Decision Tools." New York City Department of Consumer and Worker Protection, Dec. 2021. Web.

    "Bain & Company announces services alliance with OpenAI to help enterprise clients identify and realize the full potential and maximum value of AI." Bain & Company, 21 Feb. 2023. Web.

    "Buzzfeed to use AI to write its articles after firing 180 employees." Al Mayadeen English, 27 Jan. 2023. Web.

    "California Consumers Privacy Act." State of California Department of Justice. April 24, 2023. Web.

    Campbell, Ian Carlos. "The Apple Card doesn't actually discriminate against women, investigators say." The Verge, 23 March 2021. Web.

    Campbell, Patrick. "NIST Artificial Intelligence Risk Management Framework (AI RMF 1.0)." National Institute of Standards and Technology, Jan. 2023. Web.

    "EU Ethics Guidelines For Trustworthy." European Commission, 8 April 2019. Web.

    Farhi, Paul. "A news site used AI to write articles. It was a journalistic disaster." Washington Post, 17 Jan. 2023. Web.

    Forsyth, Ollie. "Mapping the Generative AI landscape." Antler, 20 Dec. 2022. Web.

    "General Data Protection Regulation (GDPR)" European Commission, 25 May 2018. Web.

    "Generative AI Market: Global Industry Trends, Share, Size, Growth, Opportunity and Forecast 2023-2028." IMARC Group, 2022. Web.

    Guynn, Jessica. "Bing's ChatGPT is in its feelings: 'You have not been a good user. I have been a good Bing.'" USA Today, 14 Feb. 2023. Web.

    Hunt, Mia. "Canada launches data governance standardisation initiative." Global Government Forum, 24 Sept. 2020. Web.

    Johnston Turner, Mary. "IDC's Worldwide Future of Digital Infrastructure 2022 Predictions." IDC, 27 Oct. 2021. Web.

    Kalliamvakou, Eirini. "Research: quantifying GitHub Copilot's impact on developer productivity and happiness." GitHub, 7 Sept. 2022. Web.

    Kerravala, Zeus. "NVIDIA Brings AI To Health Care While Protecting Patient Data." eWeek, 12 Dec. 2019. Web.

    Knight, Will. "The Apple Card Didn't 'See' Gender-and That's the Problem." Wired, 19 Nov. 2019. Web.

    "OECD, Recommendation of the Council on Artificial Intelligence." OECD, 2022. Web.

    "The National AI Initiative Act" U.S. Federal Government, 1 Jan 2021. Web.

    "Trustworthy AI (TAI) Playbook." U.S. Department of Health & Human Services, Sept 2021. Web.

    Info-Tech Research Contributors/Advocates

    Joel McLean, Executive Chairman

    Joel McLean
    Executive Chairman

    David Godfrey, CEO

    David Godfrey
    CEO

    Gord Harrison, Senior Vice President, Research & Advisory Services

    Gord Harrison
    Senior Vice President, Research & Advisory Services

    William Russell, CIO

    William Russell
    CIO

    Jack Hakimian, SVP, Research

    Jack Hakimian
    SVP, Research

    Barry Cousins, Distinguished Analyst and Research Fellow

    Barry Cousins
    Distinguished Analyst and
    Research Fellow

    Larry Fretz, Vice President, Industry Research

    Larry Fretz
    Vice President, Industry Research

    Tom Zehren, CPO

    Tom Zehren
    CPO

    Mark Roman, Managing Partner II

    Mark Roman
    Managing Partner II

    Christine West, Managing Partner

    Christine West
    Managing Partner

    Steve Willis, Practice Lead

    Steve Willis
    Practice Lead

    Yatish Sewgoolam, Associate Vice President, Research Agenda

    Yatish Sewgoolam
    Associate Vice President, Research Agenda

    Rob Redford, Practice Lead

    Rob Redford
    Practice Lead

    Mike Tweedie, Practice Lead

    Mike Tweedie
    Practice Lead

    Neal Rosenblatt, Principal Research Director

    Neal Rosenblatt
    Principal Research Director

    Jing Wu, Principal Research Director

    Jing Wu
    Principal Research Director

    Irina Sedenko, Research Director

    Irina Sedenko
    Research Director

    Jeremy Roberts, Workshop Director

    Jeremy Roberts
    Workshop Director

    Brian Jackson, Research Director

    Brian Jackson
    Research Director

    Mark Maby, Research Director

    Mark Maby
    Research Director

    Stacey Horricks, Director, Social Media

    Stacey Horricks
    Director, Social Media

    Sufyan Al-Hassan, Public Relations Manager

    Sufyan Al-Hassan
    Public Relations Manager

    Sam Kanen, Marketing Specialist

    Sam Kanen
    Marketing Specialist

    Define a Release Management Process to Deliver Lasting Value

    • Buy Link or Shortcode: {j2store}158|cart{/j2store}
    • member rating overall impact: 10.0/10 Overall Impact
    • member rating average dollars saved: $12,999 Average $ Saved
    • member rating average days saved: 10 Average Days Saved
    • Parent Category Name: Development
    • Parent Category Link: /development
    • Your software platforms are a key enabler of your brand. When there are issues releasing, this brand suffers. Client confidence and satisfaction erode.
    • Your organization has invested significant capital in creating a culture product ownership, Agile, and DevOps. Yet the benefits from these investments are not yet fully realized.
    • Customers have more choices than ever when it comes to products and services. They require features and capabilities delivered quickly, consistently, and of sufficient quality otherwise they will look elsewhere.

    Our Advice

    Critical Insight

    • Eliminate the need for dedicating time for off-hour or weekend release activities. Use a release management framework for optimizing release-related tasks, making them predictable and of high quality.

    Impact and Result

    • Develop a release management framework that efficiently and effectively orchestrates the different functions supporting a software’s release.
    • Use the release management framework and turn release-related activities into non-events.
    • Use principles of continuous delivery for converting your release processes from an overarching concern to a feature of a high-performing software practice.

    Define a Release Management Process to Deliver Lasting Value Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define a Release Management Process to Deliver Lasting Value Deck – A step-by-step document that walks you through how to develop and implement a release management framework that takes advantage of continuous delivery.

    This presentation documents the Info-Tech approach to defining your application release management framework.

    • Define a Release Management Process to Deliver Lasting Value – Phases 1-4

    2. Define a Release Management Process to Deliver Lasting Value Template – Use this template to help you define, detail, and make a reality your strategy in support of your application release management framework.

    The template gives the user a guide to the development of their application release management framework.

    • Define a Release Management Process to Deliver Lasting Value Template

    3. Define a Release Management Process to Deliver Lasting Value Workbook – This workbook documents the results of the exercises contained in the blueprint and offers the user a guide to development of their release management framework.

    This workbook is designed to capture the results of your exercises from the Define a Release Management Process to Deliver Lasting Value blueprint.

    • Define a Release Management Process to Deliver Lasting Value Workbook
    [infographic]

    Workshop: Define a Release Management Process to Deliver Lasting Value

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define the Current Situation

    The Purpose

    Document the existing release management process and current pain points and use this to define the future-state framework.

    Key Benefits Achieved

    Gain an understanding of the current process to confirm potential areas of opportunity.

    Understand current pain points so that we can build resolution into the new process.

    Activities

    1.1 Identify current pain points with your release management process. If appropriate, rank them in order of most to least disruptive.

    1.2 Use the statement of quality and current pain points (in addition to other considerations) and outline the guiding principles for your application release management framework.

    1.3 Brainstorm a set of metrics that will be used to assess the success of your aspired-to application release management framework.

    Outputs

    Understanding of pain points, their root causes, and ranking.

    Built guiding principles for application release management framework.

    Created set of metrics to measure the effectiveness of the application release management framework.

    2 Define Standard Release Criteria

    The Purpose

    Build sample release criteria, release contents, and standards for how it will be integrated in production.

    Key Benefits Achieved

    Define a map to what success will look like once a new process is defined.

    Develop standards that the new process must meet to ensure benefits are realized.

    Activities

    2.1 Using an example of a product known to the team, list its criteria for release.

    2.2 Using an example of a product known to the team, develop a list of features and tasks that are directly and indirectly important for either a real or hypothetical upcoming release.

    2.3 Using an example of product known to the team, map out the process for its integration into the release-approved code in production. For each step in the process, think about how it satisfies guiding principles, releasability and principles of continuous anything.

    Outputs

    Completed Workbook example highlighting releasability.

    Completed Workbook example defining and detailing feature and task selection.

    Completed Workbook example defining and detailing the integration step.

    3 Define Acceptance and Deployment Standards

    The Purpose

    Define criteria for the critical acceptance and deployment phases of the release.

    Key Benefits Achieved

    Ensure that releases will meet or exceed expectations and meet user quality standards.

    Ensure release standards for no / low risk deployments are recognized and implemented.

    Activities

    3.1 Using an example of product known to the team, map out the process for its acceptance. For each step in the process, think about how it satisfies guiding principles, releasability and principles of continuous anything.

    3.2 Using an example of product known to the team, map out the process for its deployment. For each step in the process, think about how it satisfies guiding principles, releasability and principles of continuous anything.

    Outputs

    Completed Workbook example defining and detailing the acceptance step.

    Completed Workbook example defining and detailing the deployment step.

    4 Implement the Strategy

    The Purpose

    Define your future application release management process and the plan to make the required changes to implement.

    Key Benefits Achieved

    Build a repeatable process that meets the standards defined in phases 2 and 3.

    Ensure the pain points defined in Phase 1 are resolved.

    Show how the new process will be implemented.

    Activities

    4.1 Develop a plan and roadmap to enhance the integration, acceptance, and deployment processes.

    Outputs

    List of initiatives to reach the target state

    Application release management implementation roadmap

    Further reading

    Define a Release Management Process for Your Applications to Deliver Lasting Value

    Use your releases to drive business value and enhance the benefits delivered by your move to Agile.

    Analyst Perspective

    Improving your release management strategy and practices is a key step to fully unlock the value of your portfolio.

    As firms invest in modern delivery practices based around product ownership, Agile, and DevOps, organizations assume that’s all that is necessary to consistently deliver value. As organizations continue to release, they continue to see challenges delivering applications of sufficient and consistent quality.

    Delivering value doesn’t only require good vision, requirements, and technology. It requires a consistent and reliable approach to releasing and delivering products and services to your customer. Reaching this goal requires the definition of standards and criteria to govern release readiness, testing, and deployment.

    This will ensure that when you deploy a release it meets the high standards expected by your clients and delivers the value you have intended.

    Dr. Suneel Ghei

    Principal Research Director, Application Development

    Info-Tech Research Group

    Executive Summary

    Your Challenge

    • Your software platforms are a key enabler of your brand. When there are issues releasing, the brand suffers. Client confidence and satisfaction erode.
    • Your organization has invested significant capital in creating a culture of product ownership, Agile, and DevOps. Yet the benefits from these investments are not yet fully realized.
    • Customers have more choices than ever when it comes to products and services. They require features and capabilities delivered quickly, consistently, and of sufficient quality, otherwise they will look elsewhere.

    Common Obstacles

    • Development teams are moving faster but then face delays waiting for testing and deployment due to a lack of defined release cycle and process.
    • Individual stages in your software development life cycle (SDLC), such as code collaboration, testing, and deployment, have become leaner, but the overall complexity has increased since many products and services are composed of many applications, platforms, and processes.
    • The specifics of releasing products is (wrongly) classified as a technical concern and not a business concern, hindering the ability to prioritize improved release practices.

    Info-Tech's Approach

    • Develop a release management framework that efficiently and effectively orchestrates the different functions supporting a software’s release.
    • Use the release management framework and turn release-related activities into non-events.
    • Use principles of continuous delivery for converting your release processes from an overarching concern to a feature of a high-performing software practice.

    Executive Summary

    Info-Tech Insights

    Turn release-related activities into non-events.

    Eliminate the need for dedicating time for off-hour or weekend release activities. Use a release management framework for optimizing release-related tasks, making them predictable and of high quality.

    Release management is NOT a part of the software delivery life cycle.

    The release cycle runs parallel to the software delivery life cycle but is not tightly coupled with it. The act of releasing begins at the point requirements are confirmed and ends when user satisfaction is measurable. In contrast, the software delivery life cycle is focused on activities such as building, architecting, and testing.

    All releases are NOT created equal.

    Barring standard guiding principles, each release may have specific nuances that need to be considered as part of release planning.

    Your release management journey

    1. Optimize Applications Release Management - Set a baseline release management process and organization.
    2. Modernize Your SDLC - Move your organization to Agile and increase throughput to feed releases.
    3. Deliver on Your Digital Product Vision - Understand the practices that go into delivering products, including articulating your release plans.
    4. Automate Testing to Get More Done - Create the ability to do more testing quickly and ensure test coverage.
    5. Implement DevOps Practices That Work - Build in tools and techniques necessary for release deployment automation.
    6. Define a Release Management Process to Deliver Lasting Value (We Are Here)

    Define a Release Management Process for Your Applications to Deliver Lasting Value

    Use your releases to drive business value and enhance the benefits delivered by your move to Agile.

    Executive Brief

    Your software delivery teams are expected to deliver value to stakeholders in a timely manner and with high quality

    Software delivery teams must enable the organization to react to market needs and competitive changes to improve the business’ bottom line. Otherwise, the business will question the team’s competencies.

    The business is constantly looking for innovative ways to do their jobs better and they need support from your technical teams.

    The increased stress from the business is widening the inefficiencies that already exist in application release management, risking poor product quality and delayed releases.

    Being detached from the release process, business stakeholders do not fully understand the complexities and challenges of completing a release, which complicates the team’s communication with them when issues occur.

    IT Stakeholders Are Also Not Satisfied With Their Own Throughput

    • Only 29% of IT employees find application development throughput highly effective.
    • Only 9% of organizations were classified as having highly effective application development throughput.
    • Application development throughput ranked 37th out of 45 core IT processes in terms of effectiveness.

    (Info-Tech’s Management and Governance Diagnostic, N=3,930)

    Your teams, however, struggle with core release issues, resulting in delayed delivery (and disappointed stakeholders)

    Implementing tools on top of an inefficient pipeline can significantly magnify the existing release issues. This can lead to missed deadlines, poor product quality, and business distrust with software delivery teams.

    COMMON RELEASE ISSUES

    1. Local Thinking: Release decisions and changes are made and approved without consideration of the holistic system, process, and organization.
    2. No Release Cadence: Lack of process governance and oversight generates unpredictable bottlenecks and load and ill-prepared downstream teams.
    3. Mismanagement of Releases: Program management does not accommodate the various integrated releases completed by multiple delivery teams.
    4. Poor Scope Management: Teams are struggling to effectively accommodate changes during the project.

    The bottom line: The business’ ability to operate is dictated by the software delivery team’s ability to successfully complete releases. If the team performs poorly, then the business will do poorly as well. Application release management is critical to ensure business expectations are within the team’s constraints.

    As software becomes more embedded in the business, firms are discovering that the velocity of business change is now limited by how quickly they can deploy.” – Five Ways To Streamline Release Management, J.S. Hammond

    Historically, managing releases has been difficult and complicated…

    Typically, application release management has been hard to coordinate because…

    • Software has multiple dependencies and coordinating their inclusion into a deployable whole was not planned.
    • Teams many be spending too much time on features that are not needed any longer.
    • Software development functions (such as application architecture, test-first or test-driven design, source code integration, and functional testing) are not optimized.
    • There are no agreed upon service-level contracts (e.g. expected details in requirements, adequate testing, source control strategy) between development functions.
    • The different development functions are not integrated in a holistic style.
    • The different deployment environments have variability in their configuration, reducing the reliability of testing done in different environments.
    • Minimum thresholds for acceptable quality of development functions are either too low (leading to adverse outcomes down stream) or too high (leading to unnecessary delays).

    …but research shows being effective at application release management increases your throughput

    Research conducted on Info-Tech's members shows overwhelming evidence that application throughput is strongly tied to an effective application release management approach.

    The image shows a scatter plot, with Release Management Effectiveness on the x-axis and Application Development Throughput Effectiveness on the Y-axis. The graph shows a steady increase.

    (Info-Tech Management & Governance Diagnostic, since 2019; N=684 organizations)

    An application release management framework is critical for effective and timely delivery of software

    A well-developed application release management framework is transformative and changes...

    From To
    Short-lived projects Ongoing enhancements supporting a product strategy
    Aiming for mandated targets Flexible roadmaps
    Manual execution of release processes Automating a release pipeline as much as possible and reasonable
    Manual quality assurance Automated assessment of quality
    Centralized decision making Small, independent release teams, orchestrated through an optimized value stream

    Info-Tech Insight: Your application release management framework should turn a system release into a non-event. This is only possible through the development of a holistic, low-risk and standardized approach to releasing software, irrespective of their size or complexity.

    Robust continuous “anything” requires proficiency in five core practices

    A continuous anything evaluation should not be a “one-and-done” event. As part of ongoing improvements, keep evolving it to make it a fundamental component of a strong operational strategy.

    Continuous Anything

    • Automate where appropriate
      • Automation is not a silver bullet. All processes are not created equal; and therefore, some are not worthy of being automated.
    • Control system variables
      • Deploying and testing in environments that are apple to apple in comparison reduces the risk of unintended outcomes from production release.
    • Measure process outcomes
      • A process not open to being measured is a process bound to fail. If it can be measured, it should be, and insights found should be used for improving the system.
    • Select smaller features batches
      • Smaller release packages reduce the chances of cognitive load associated with finding root causes for defects and issues that may result as post-production incidents.
    • Reduction of cycle time
      • Identification of waste in each stage of the continuous anything process helps in lowering cost of operations and results in quicker generation of value for stakeholders.

    Invest time in developing an application release management framework for your development team(s) with a continuous anything mindset

    An application release management framework converts a set of features and make them ready for releasability in a low-risk, standardized, and high-quality process.

    The image shows a diagram titled Application Release Engineering From Idea to Product, which illustrates the process.

    A continuous anything (integration, delivery, and deployment) mindset is based on a growth and improvement philosophy, where every event is considered a valid data point for investigation of process efficiency.

    Diagram adapted from Continuous Delivery in the Wild, Pete Hodgson, Published by O'Reilly Media, Inc., 2020

    Related Info-Tech Research

    Streamline Application Maintenance

    • Justify the necessity of streamlined maintenance. Gain a grounded understanding of stakeholder objectives and concerns and validate their achievability against the current state of the people, process, and technologies involved in application maintenance.
    • Strengthen triaging and prioritization practices. Obtain a holistic picture of the business and technical impacts, risks, and urgencies of each accepted maintenance request to justify its prioritization and relevance within your backlog. Identify opportunities to bundle requests together or integrate them within project commitments to ensure completion.
    • Establish and govern a repeatable process. Develop a maintenance process with well-defined stage gates, quality controls, and roles and responsibilities, and instill development best practices to improve the success of delivery.

    “Releasability” (or release criteria) of a system depends upon the inclusion of necessary building blocks and proof that they were worked on

    There is no standard definition of a system’s releasability. However, there are common themes around completions or assessments that should be investigated as part of a release:

    • The range of performance, technical, or compliance standards that need to be assessed.
    • The full range of test types required for business approval: unit tests, acceptance tests, security test, data migration tests, etc.
    • The volume-criticality mix of defects the organization is willing to accept as a risk.
    • The best source and version control strategy for the development team. This is mostly a function of the team's skill with using release branches and coordinating their work artifacts.
    • The addition of monitoring points and measures required for evaluations and impact analysis.
    • The documentation required for audit and compliance.
    • External and internal dependencies and integrations.
    • Validations, approvals, and sign-offs required as part of the business’ operating procedure.
    • Processes that are currently carried out outside and should be moved into the pipeline.
    • Manual processes that may be automated.
    • Any waste activities that do not directly contribute to releasability that can be eliminated from the development process.
    • Knowledge the team has regarding challenges and successes with similar software releases in the past.

    Releasability of a system is different than governing principles for application release management

    Governing principles are fundamental ways of doing something, which in this case is application release management, while releasability will generally have governing principles in addition to specific needs for a successful release.

    Example of Governing Principles

    • Approval from Senior Director is necessary before releasing to production
    • Production deployments can only be done in off-hours
    • We will try to automate processes whenever it is possible for us to do so
    • We will use a collaborative set of metrics to measure our processes

    Examples of Releasability Criteria

    • For the upcoming release, add performance testing for Finance and Budget Teams’ APIs
    • Audit and compliance documentation is required for this release
    • Automation of manual deployment
    • Use trunk-based source code management instead of feature-based

    Regulated industries are not more stable despite being less nimble

    A pervasive myth in industry revolves around the misperception that continuous anything and nimble and non-event application release management is not possible in large bureaucratic and regulated organizations because they are risk-averse.

    "We found that external approvals were negatively correlated with lead-time, deployment frequency and restore time, and had no correlation with change failure rate. In short, approval by an external body (such as a manager or Change Approval Board) simply doesn’t work to increase the stability of production systems…However, it certainly slows things down. It is in fact worse than having no change approval process at all." – Accelerate by Gene Kim, Jez Humble, and Nicole Forsgren

    Many organizations reduce risk in their product release by adopting a paternalistic stance by:

    • Requiring manual sign-offs from senior personnel who are external to the organization.
    • Increasing the number and level of authorization gates.
    • Staying away from change and preferring to stick with what has worked in the past.

    Despite the prevalence of these types of responses to risk, the evidence is that they do not work and are in fact counter-productive because they:

    • Create blocks to frequent releases.
    • Introduce procedural complexity to each release and in effect make them “bigger.”
    • Prefer process over people (and trusting them). Increase non-value-add scrutiny and reporting.

    There is a persistent misunderstanding about continuous anything being only an IT engineering practice

    01

    At the enterprise level, continuous anything focuses on:

    • Visibility of final value being provided in a high-quality and expedited manner
    • Ensuring efficiency in the organization’s delivery framework
    • Ensuring adherence to established governance and risk mitigation strategy

    02

    Focus of this blueprint

    At the product level, continuous anything focuses on:

    • Reliability of the product delivery system
    • Use of scientific evidence for continuous improvement of the product’s delivery system
    • Orchestration of different artifacts into a single whole

    03

    At the functional level, continuous anything focuses on*:

    • Local functional optimization (functions = software engineering, testing, application design)
    • Automation of local functions
    • Use of patterns for standardizing inputs and functional areas

    *Where necessary, practices at this level have been mentioned.

    Related Info-Tech Research

    Implement DevOps Practices That Work

    • Be DevOps, rather than do DevOps. DevOps is a philosophy, not an industry framework. Your organization’s culture must shift toward system-wide thinking, cross-function collaboration, and empathy.
    • Culture, learning, automation, integrated teams, and metrics and governance (CLAIM) are all critical components of effective DevOps.

    Automate Testing to Get More Done

    • Optimize and automate SDLC stages to recover team capacity. Recognize that automation without optimization is a recipe for long-term pain. Do it right the first time.
    • Optimization and automation are not one-hit wonders. Technical debt is a part of software systems and never goes away. The only remedy is constant vigilance and enhancements to the processes.

    The seeds of a good release are sown even before work on it begins

    Pre-release practices such as requirements intake and product backlog management are important because:

    • A standard process for documentation of features and requirements helps reduce “cognitive dissonance” between business and technology teams. Clearly articulated and well-understood business needs are fundamental ingredients of a high-quality product.
    • Product backlog management done right ensures the prioritized delivery of value to stakeholders. Features can become stale or get a bump in importance, depending upon evolving circumstances. Prioritizing the backlog is, therefore, critical for ensuring time, effort, and budget are spent on things that matter.

    IT Asset Management (ITAM) Market Overview

    • Buy Link or Shortcode: {j2store}62|cart{/j2store}
    • member rating overall impact: 8.5/10 Overall Impact
    • member rating average dollars saved: $12,999 Average $ Saved
    • member rating average days saved: 24 Average Days Saved
    • Parent Category Name: Asset Management
    • Parent Category Link: /asset-management
    • Data management is challenging at the best of times but managing assets that change on a daily basis are difficult without automation and a good asset tool.
    • For organizations moving beyond basic hardware inventory, knowing what to look for to prepare for future processes seems impossible.
    • Using price as the leading criteria or just as an add-on to your ITSM solution may frustrate your efforts, especially if managing complex licensing is part of your mandate.

    Our Advice

    Critical Insight

    • If the purchase is happening independent of process design or review, it’s easy to end up with a solution that doesn’t fit your environment.
    • The complexity of your environment should be a significant factor in choosing an IT asset management solution.
    • Imagining the possibilities and understanding the differences between IT asset tools will drive you to the right solution for long term gain in managing dynamic assets.

    Impact and Result

    • Regardless of whether your IT environment is on-premises, in the cloud, or a complex hybrid of the two, knowing where your asset funds are allocated is key to right-sizing costs and reducing risks of non-compliance or lost assets.
    • Choosing the right tools for the job will be key to your success.

    IT Asset Management (ITAM) Market Overview Research & Tools

    Start here: Read the Market Overview

    Read the Market Overview to understand what features and capabilities are available in ITAM tools. The right features match is key to making a data heavy and challenging process easier for your team.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • IT Asset Management Market Overview

    1. Prepare your project plan and selection process

    Use the Info-Tech templates to identify and document your requirements, plan your project, and prepare to engage with vendors.

    • ITAM Project Charter Template
    • ITAM Demonstration Script Template
    • Proof of Concept Template
    • ITAM Vendor Evaluation Workbook
    [infographic]

    Exit Plans: Escape from the black hole

    • Large vertical image:
    • member rating overall impact: Highly Valued
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A

    In early April, I already wrote about exit plans and how they are the latest burning platform.

    Now, nearing the end of May, we have both Microsoft and Google reassuring European clients about their sovereign cloud solutions. There are even air-gapped options for military applications. These messages come as a result of the trade war between the US and the rest of the world.

    There is also the other, more mundane example of over-reliance on a single vendor: the Bloomberg-terminal outage of May 21st, 2025. That global outage severely disrupted financial markets. It caused traders to lose access to real-time data, analytics, and pricing information for approximately 90 minutes. This widespread system failure delayed critical government bond auctions in the UK, Portugal, Sweden, and the EU.

    It serves as a reminder of the heavy reliance on the Bloomberg Terminal, which is considered an industry standard despite its high annual cost. While some Bloomberg services like instant messaging remained functional, allowing limited communication among traders, the core disruption led to significant frustration and slowed down trading activities.

    You want to think about this for a moment. Bloomberg is, just like Google and Microsoft are, cornerstones in their respective industries. MS, Google, and Amazon even in many more industries. 

    So the issue goes beyond the “panic of the day.” Every day, there will be some announcement that sends markets reeling and companies fearing. Granted, the period we go through today can have grave consequences, but at the same time, it may be over in the coming months or years.

    Contractual cover

    Let's take a step back and see if we can locate the larger issue at stake. I dare to say that the underlying issue is trust. We are losing trust in one another at a fast pace. Not between business partners, meaning companies who are, in a transaction or relationship, are more or less equal. Regardless of their geolocation, people are keen to do business together in a predictable, mutually beneficial way. And as long as that situation is stable, there is little need, beyond compliance and normal sound practices, to start to distrust each other.

    Trouble brews when other factors come into play. I want to focus on two of them in this article.

    1. Market power
    2. Government interference

    Market Power

    The past few years have seen a large increase in power of the cloud computing platforms. The pandemic of 2019 through to 2023 changed our way of working and gave a big boost to these platforms. Of course, they were already establishing their dominance in the early 2010s.

    Amazon launched SQS in 2004 with S3 (storage)  and EC2 (compute) in 2006. Azure launched in 2008 as a PaaS platform for .NET developers, and became really available in 2010. Since then, it grew into the IaaS (infrastructure as a service) platform we know today. Google's Cloud Platform (GCP) launched in 2008 and added components such as BigQuery, Compute Engine and Storage in the 2010s.

    Since the pandemic, we've seen another boost to their popularity. These platforms solidified their lead through several vectors:

    • Remote working
    • Business continuity and resilience promises
    • Acceleration of digital transformation
    • Scalability
    • Cost optimization 

    Companies made decisions on these premises. A prime example is the use of native cloud functions. These make life easier for developers. Native functions allow for serverless functionality to be made available to clients, and to do so in a non-infra-based way. It gives the impression of less complexity to the management. They are also easily scalable. 

    This comes at a cost, however. The cost is vendor lock-in. And with vendor lock-in, comes increased pricing power for the vendor.

    For a long time, it seems EU companies' attitude was: “It won't be such an issue, after all, there are multiple cloud vendors and if all else fails, we just go back.” The reality is much starker, I suspect that cloud providers with this level of market power will increase their pricing significantly.

     Government interference

    in come two elements:

    • EU laws
    • US laws and unpredictability
    EU laws

     The latest push to their market power came as an unintended consequence of EU Law: DORA. That EU law requires companies to have testable exit plans in place. But it goes well beyond this. The EU has increased the regulatory burden on companies significantly. BusinessEurope, a supranational organization, estimates that in the past five years, the Eu managed to release over 13,000 legislative acts. This is compared to 3,500 in the US.

    Coming back to DORA, this law requires EU companies to actually test their exit plans and show proof of it to the EU ESAs (European Supervisory Agency).  The reaction I have seen in industry representative organizations is complacency. 

    The cost of compliance is significant; hence, companies try to limit their exposure to the law as much as possible. They typically do this by limiting the applicability scope of the law to their business, based on the wording of the law. And herein lies the trap. This is not lost on the IT providers. They see that companies do the heavy lifting for them. What do I mean by that?  Several large providers are looked at by the EU as systemic providers. They fall under direct supervision by the ESAs. 

    For local EU providers, it is what it is, but for non-EU providers, they get to show their goodwill, using sovereign IT services.  I will come back to this in the next point, US unpredictability and laws. But the main point is: we are giving them more market power, and we have less contractual power. Why? Because we are showing them that we will go to great lengths to keep using their services.

    US laws and unpredictability

    US companies must comply with US law. So far, so good. Current US legislation also already requires US companies to share data on non-US citizens.

    • Foreign Intelligence Surveillance Act (FISA), particularly Section 702
    • The CLOUD (Clarifying Lawful Overseas Use of Data) Act of 2018
    • The USA PATRIOT Act (specifically relevant sections like 215 and 314(a)/314(b))
    • Executive Order 14117 and related DOJ Final Rule (Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern)

    This last one is of particular concern. Not so much because of its contents, but because it is an Executive Order.

    We know that the current (May 2025) US government mostly works through executive orders. Let's not forget that executive orders are a legitimate way to implement policy, This means that the US government could use access to cloud services as a lever to obtain more favorable trade rules.

    The EU responds to this (the laws and executive order) by implementing several sovereignty countermeasures like GDPR, DORA, Digital markets Act (DMA), Data Governance Act (DGA), Cybersecurity Act and the upcoming European Health Data Act (EHDS). This is called the “Brussels Effect.”

    EU Answers

    Europe is also investing in several strategic initiatives such as

    This points to a new dynamic between the EU and the US, EU-based companies simply cannot trust their US counterparts anymore to the degree they could before. The sad thing is, that there is no difference on the interpersonal level. It is just that companies must comply with their respective laws.

    Hence, Microsoft, Google, and AWS and any other US provider cannot legally provide sovereign cloud services. In a strict legal sense, Microsoft and Google cannot absolutely guarantee that they can completely insulate EU companies and citizens from all US law enforcement requests for data, despite their robust efforts and sovereign cloud offerings. This is because they are US companies, subject to US law and US jurisdiction. The CLOUD act and FISA section 702 compel US companies to comply. 

    Moreover, there is the nature of sovereign cloud offerings:

    • Increased Control, Not Absolute Immunity: Services like Microsoft's EU Data Boundary and Google's Cloud for Sovereignty are designed to provide customers with greater control over data residency, administrative access (e.g., limiting access to EU-based personnel), and encryption keys
    • Customer-Managed Keys (CMEK): If an EU customer controls their encryption keys, and the data remains encrypted at rest and in transit, it theoretically makes it harder for the cloud provider to provide plaintext data if compelled. However, metadata and other operational data might still be accessible, and the extent to which US authorities could compel a US company to decrypt data remains a point of contention and legal ambiguity.
    • Partnerships and Local Entities: Some “sovereign cloud” models involve partnerships with local EU entities (e.g., Google's partnership with S3NS in France, or Microsoft's with Capgemini and Orange). While this might create a legal buffer, if the core cloud infrastructure and controlling entity are still ultimately US-based, the risk of US legal reach persists.
    • “Limited Security Instances”: Even with the EU Data Boundary, Microsoft explicitly states, “in limited security instances that require a coordinated global response, essential data may be transferred with robust protections that safeguard customer data.” This phrasing acknowledges that some data may still leave the EU boundary under certain circumstances.

     And lastly, there are the legal challenges to the EU data privacy Framework (DPF)

    • Ongoing Scrutiny: The DPF is the current legal basis for EU-US data transfers, but it is under continuous scrutiny and is highly likely to face further legal challenges in the CJEU (a “Schrems III” case is widely anticipated). This uncertainty means that the current framework's longevity and robustness are not guaranteed.
    • Fundamental Conflict: The core legal conflict between the broad scope of US surveillance laws and the EU's fundamental right to privacy has not been fully resolved by the DPF, according to many EU legal experts and privacy advocates.

    This all means that while the cloud providers are doing everything they can, and I'm assuming they are acting in good faith. The fact that they are US entities means however that they are subject to all US legislation and executive orders.  And we cannot trust this last part. Again, this is why the EU is pursuing its digital sovereignty initiatives and why some highly sensitive EU public sector entities are gravitating towards truly EU-owned and operated cloud solutions.

    Bankruptcy

    If your provider goes bankrupt, you do not have a leg to stand on. Most jurisdictions, including the EU and US, have the following elements regarding bankruptcy:

    • Automatic Stay: Upon a bankruptcy filing (in most jurisdictions, including the US and EU), an “automatic stay” is immediately imposed. This is a court order that stops most collection activities against the debtor. For you as a customer, this can mean you might be prevented from:

      • Terminating the contract immediately, even if your contract allows it.
      • Initiating legal proceedings against the provider.
      • Trying to recover your data directly without court permission.
    • Debtor's Estate and Creditor Priority

      • Property of the Estate: All the bankrupt provider's assets become part of the “bankruptcy estate,” to be managed by a court-appointed trustee or receiver. The crucial question becomes: Is your data considered the property of the estate, or does ownership remain unequivocally with you? While most cloud contracts explicitly state that the customer owns their data, a bankruptcy court might still view the possession of that data by the provider as an asset of the estate, potentially subject to monetization to pay off creditors.
      • Secured vs. Unsecured Creditors: You, as a customer seeking to retrieve your data or continue services, are likely to be an “unsecured creditor.” Secured creditors (e.g., banks with liens on assets) get paid first. Your claim for data or service continuity will be far down the priority list, meaning you might recover little, if anything, in compensation.
    • Executory contracts and the Trustee's power
      • Assumption or Rejection: Bankruptcy law generally allows the trustee (or debtor in possession in a Chapter 11 case) to assume (continue) or reject (terminate) “executory contracts” – those where both parties still have significant performance obligations.
      • Trustee's Discretion: The trustee will make this decision based on what benefits the bankruptcy estate and the creditors. If your contract is loss-making for the provider, or if continuing it is not in the best interest of the creditors, the trustee can reject it, even if it has a termination clause unfavorable to them.
      • No Customer Right to Demand Continuation: You typically cannot compel the trustee to continue the service if they choose to reject the contract. Your recourse would then be a claim for damages, which, as noted, is usually a low-priority claim.
    • The practical challenges of data retrieval
        • Even if your contract has strong data return clauses, the practicalities of a bankrupt provider make enforcement difficult. The provider's staff might be laid off, systems might be shut down, and there might be no one left with the technical knowledge or resources to facilitate data export. Not to mention that the trustee may simply refuse to honor the agreement (which is completely within the legal rights of the trustee.)
        • The receiver's priority is liquidation and asset sale, not customer service. They may limit data export speeds or volumes, or prioritize the sale of the business, which might include your data, making retrieval a slow and arduous process.

    Conclusion

    So, while I understand the wait and see stance in regard to exit plans, given where we are, it is in my opinion the wrong thing to do. Companies must make actionable exit plans and prepare beforehand for the exit. That means that you have to:

    1. Design your architecture so that you can port your applications to somewhere else.
    2. Prioritize your data portability and data ownership.
    3. Develop and practice your exit strategy and plans.
    4. Maintain your in-house expertise, especially for all critical business services.
    5. Continuously monitor your vendors and update your risk assessments.

      If you want more detailed steps on how to get there, feel free to contact me.

    Build a Data Pipeline for Reporting and Analytics

    • Buy Link or Shortcode: {j2store}126|cart{/j2store}
    • member rating overall impact: 9.3/10 Overall Impact
    • member rating average dollars saved: $61,999 Average $ Saved
    • member rating average days saved: 20 Average Days Saved
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management
    • Continuous and disruptive database design updates while trying to have one design pattern to fit all use cases.
    • Sub-par performance while loading, retrieving, and querying data.
    • You want to shorten time-to-market of the projects aimed at data delivery and consumption.
    • Unnecessarily complicated database design limits usability of the data and requires knowledge of specific data structures for their effective use.

    Our Advice

    Critical Insight

    • Evolve your data architecture. Data pipeline is an evolutionary break away from the enterprise data warehouse methodology.
    • Avoid endless data projects. Building centralized all-in-one enterprise data warehouses takes forever to deliver a positive ROI.
    • Facilitate data self-service. Use-case optimized data delivery repositories facilitate data self-service.

    Impact and Result

    • Understand your high-level business capabilities and interactions across them – your data repositories and flows should be just a digital reflection thereof.
    • Divide your data world in logical verticals overlaid with various speed data progression lanes, i.e. build your data pipeline – and conquer it one segment at a time.
    • Use the most appropriate database design pattern for a given phase/component in your data pipeline progression.

    Build a Data Pipeline for Reporting and Analytics Research & Tools

    Start here – read the Executive Brief

    Build your data pipeline using the most appropriate data design patterns.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Understand data progression

    Identify major business capabilities, business processes running inside and across them, and datasets produced or used by these business processes and activities performed thereupon.

    • Build a Data Pipeline for Reporting and Analytics – Phase 1: Understand Data Progression

    2. Identify data pipeline components

    Identify data pipeline vertical zones: data creation, accumulation, augmentation, and consumption, as well as horizontal lanes: fast, medium, and slow speed.

    • Build a Data Pipeline for Reporting and Analytics – Phase 2: Identify Data Pipeline Components

    3. Select data design patterns

    Select the right data design patterns for the data pipeline components, as well as an applicable data model industry standard (if available).

    • Build a Data Pipeline for Reporting and Analytics – Phase 3: Select Data Design Patterns
    [infographic]

    Workshop: Build a Data Pipeline for Reporting and Analytics

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Understand Data Progression

    The Purpose

    Identify major business capabilities, business processes running inside and across them, and datasets produced or used by these business processes and activities performed thereupon.

    Key Benefits Achieved

    Indicates the ownership of datasets and the high-level data flows across the organization.

    Activities

    1.1 Review & discuss typical pitfalls (and their causes) of major data management initiatives.

    1.2 Discuss the main business capabilities of the organization and how they interact.

    1.3 Discuss the business processes running inside and across business capabilities and the datasets involved.

    1.4 Create the Enterprise Business Process Model (EBPM).

    Outputs

    Understanding typical pitfalls (and their causes) of major data management initiatives.

    Business capabilities map

    Business processes map

    Enterprise Business Process Model (EBPM)

    2 Identify Data Pipeline Components

    The Purpose

    Identify data pipeline vertical zones: data creation, accumulation, augmentation, and consumption, as well as horizontal lanes: fast, medium, and slow speed.

    Key Benefits Achieved

    Design the high-level data progression pipeline.

    Activities

    2.1 Review and discuss the concept of a data pipeline in general, as well as the vertical zones: data creation, accumulation, augmentation, and consumption.

    2.2 Identify these zones in the enterprise business model.

    2.3 Review and discuss multi-lane data progression.

    2.4 Identify different speed lanes in the enterprise business model.

    Outputs

    Understanding of a data pipeline design, including its zones.

    EBPM mapping to Data Pipeline Zones

    Understanding of multi-lane data progression

    EBPM mapping to Multi-Speed Data Progression Lanes

    3 Develop the Roadmap

    The Purpose

    Select the right data design patterns for the data pipeline components, as well as an applicable data model industry standard (if available).

    Key Benefits Achieved

    Use of appropriate data design pattern for each zone with calibration on the data progression speed.

    Activities

    3.1 Review and discuss various data design patterns.

    3.2 Discuss and select the data design pattern selection for data pipeline components.

    3.3 Discuss applicability of data model industry standards (if available).

    Outputs

    Understanding of various data design patterns.

    Data Design Patterns mapping to the data pipeline.

    Selection of an applicable data model from available industry standards.

    Mergers & Acquisitions: The Buy Blueprint

    • Buy Link or Shortcode: {j2store}325|cart{/j2store}
    • member rating overall impact: 9.0/10 Overall Impact
    • member rating average dollars saved: 5 Average Days Saved
    • member rating average days saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • Parent Category Name: IT Strategy
    • Parent Category Link: /it-strategy

    There are four key scenarios or entry points for IT as the acquiring organization in M&As:

    • IT can suggest an acquisition to meet the business objectives of the organization.
    • IT is brought in to strategy plan the acquisition from both the business’ and IT’s perspectives.
    • IT participates in due diligence activities and valuates the organization potentially being acquired.
    • IT needs to reactively prepare its environment to enable the integration.

    Consider the ideal scenario for your IT organization.

    Our Advice

    Critical Insight

    Acquisitions are inevitable in modern business, and IT’s involvement in the process should be too. This progression is inspired by:

    • The growing trend for organizations to increase, decrease, or evolve through these types of transactions.
    • A maturing business perspective of IT, preventing the difficulty that IT is faced with when invited into the transaction process late.
    • Transactions that are driven by digital motivations, requiring IT’s expertise.
    • There never being such a thing as a true merger, making the majority of M&A activity either acquisitions or divestitures.

    Impact and Result

    Prepare for a growth/integration transaction by:

    • Recognizing the trend for organizations to engage in M&A activity and the increased likelihood that, as an IT leader, you will be involved in a transaction in your career.
    • Creating a standard strategy that will enable strong program management.
    • Properly considering all the critical components of the transaction and integration by prioritizing tasks that will reduce risk, deliver value, and meet stakeholder expectations.

    Mergers & Acquisitions: The Buy Blueprint Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how your organization can excel its growth strategy by engaging in M&A transactions. Review Info-Tech’s methodology and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Proactive Phase

    Be an innovative IT leader by suggesting how and why the business should engage in an acquisition or divestiture.

    • One-Pager: M&A Proactive
    • Case Study: M&A Proactive
    • Information Asset Audit Tool
    • Data Valuation Tool
    • Enterprise Integration Process Mapping Tool
    • Risk Register Tool
    • Security M&A Due Diligence Tool

    2. Discovery & Strategy

    Create a standardized approach for how your IT organization should address acquisitions.

    • One-Pager: M&A Discovery & Strategy – Buy
    • Case Study: M&A Discovery & Strategy – Buy

    3. Due Diligence & Preparation

    Evaluate the target organizations to minimize risk and have an established integration project plan.

    • One-Pager: M&A Due Diligence & Preparation – Buy
    • Case Study: M&A Due Diligence & Preparation – Buy
    • IT Due Diligence Charter
    • Technical Debt Business Impact Analysis Tool
    • IT Culture Diagnostic
    • M&A Integration Project Management Tool (SharePoint)
    • SharePoint Template: Step-by-Step Deployment Guide
    • M&A Integration Project Management Tool (Excel)
    • Resource Management Supply-Demand Calculator

    4. Execution & Value Realization

    Deliver on the integration project plan successfully and communicate IT’s transaction value to the business.

    • One-Pager: M&A Execution & Value Realization – Buy
    • Case Study: M&A Execution & Value Realization – Buy

    Infographic

    Workshop: Mergers & Acquisitions: The Buy Blueprint

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Pre-Transaction Discovery & Strategy

    The Purpose

    Establish the transaction foundation.

    Discover the motivation for acquiring.

    Formalize the program plan.

    Create the valuation framework.

    Strategize the transaction and finalize the M&A strategy and approach.

    Key Benefits Achieved

    All major stakeholders are on the same page.

    Set up crucial elements to facilitate the success of the transaction.

    Have a repeatable transaction strategy that can be reused for multiple organizations.

    Activities

    1.1 Conduct the CIO Business Vision and CEO-CIO Alignment Diagnostics.

    1.2 Identify key stakeholders and outline their relationship to the M&A process.

    1.3 Identify the rationale for the company's decision to pursue an acquisition.

    1.4 Assess the IT/digital strategy.

    1.5 Identify pain points and opportunities tied to the acquisition.

    1.6 Create the IT vision and mission statements and identify IT guiding principles and the transition team.

    1.7 Document the M&A governance.

    1.8 Establish program metrics.

    1.9 Create the valuation framework.

    1.10 Establish the integration strategy.

    1.11 Conduct a RACI.

    1.12 Create the communication plan.

    1.13 Prepare to assess target organization(s).

    Outputs

    Business perspectives of IT

    Stakeholder network map for M&A transactions

    Business context implications for IT

    IT’s acquiring strategic direction

    Governance structure

    M&A program metrics

    IT valuation framework

    Integration strategy

    RACI

    Communication plan

    Prepared to assess target organization(s)

    2 Mid-Transaction Due Diligence & Preparation

    The Purpose

    Establish the transaction foundation.

    Discover the motivation for integration.

    Assess the target organization(s).

    Create the valuation framework.

    Plan the integration roadmap.

    Key Benefits Achieved

    All major stakeholders are on the same page.

    Methodology identified to assess organizations during due diligence.

    Methodology can be reused for multiple organizations.

    Integration activities are planned and assigned.

    Activities

    2.1 Gather and evaluate the stakeholders involved, M&A strategy, future-state operating model, and governance.

    2.2 Review the business rationale for the acquisition.

    2.3 Establish the integration strategy.

    2.4 Create the due diligence charter.

    2.5 Create a list of IT artifacts to be reviewed in the data room.

    2.6 Conduct a technical debt assessment.

    2.7 Assess the current culture and identify the goal culture.

    2.8 Identify the needed workforce supply.

    2.9 Create the valuation framework.

    2.10 Establish the integration roadmap.

    2.11 Establish and align project metrics with identified tasks.

    2.12 Estimate integration costs.

    Outputs

    Stakeholder map

    IT strategy assessment

    IT operating model and IT governance structure defined

    Business context implications for IT

    Integration strategy

    Due diligence charter

    Data room artifacts

    Technical debt assessment

    Culture assessment

    Workforce supply identified

    IT valuation framework

    Integration roadmap and associated resourcing

    3 Post-Transaction Execution & Value Realization

    The Purpose

    Establish the transaction foundation.

    Discover the motivation for integration.

    Plan the integration roadmap.

    Prepare employees for the transition.

    Engage in integration.

    Assess the transaction outcomes.

    Key Benefits Achieved

    All major stakeholders are on the same page.

    Integration activities are planned and assigned.

    Employees are set up for a smooth and successful transition.

    Integration strategy and roadmap executed to benefit the organization.

    Review what went well and identify improvements to be made in future transactions.

    Activities

    3.1 Identify key stakeholders and determine IT transaction team.

    3.2 Gather and evaluate the M&A strategy, future-state operating model, and governance.

    3.3 Review the business rationale for the acquisition.

    3.4 Establish the integration strategy.

    3.5 Prioritize integration tasks.

    3.6 Establish the integration roadmap.

    3.7 Establish and align project metrics with identified tasks.

    3.8 Estimate integration costs.

    3.9 Assess the current culture and identify the goal culture.

    3.10 Identify the needed workforce supply.

    3.11 Create an employee transition plan.

    3.12 Create functional workplans for employees.

    3.13 Complete the integration by regularly updating the project plan.

    3.14 Begin to rationalize the IT environment where possible and necessary.

    3.15 Confirm integration costs.

    3.16 Review IT’s transaction value.

    3.17 Conduct a transaction and integration SWOT.

    3.18 Review the playbook and prepare for future transactions.

    Outputs

    M&A transaction team

    Stakeholder map

    IT strategy assessed

    IT operating model and IT governance structure defined

    Business context implications for IT

    Integration strategy

    Integration roadmap and associated resourcing

    Culture assessment

    Workforce supply identified

    Employee transition plan

    Employee functional workplans

    Updated integration project plan

    Rationalized IT environment

    SWOT of transaction

    M&A Buy Playbook refined for future transactions

    Further reading

    Mergers & Acquisitions: The Buy Blueprint

    For IT leaders who want to have a role in the transaction process when their business is engaging in an M&A purchase.

    EXECUTIVE BRIEF

    Analyst Perspective

    Don’t wait to be invited to the M&A table, make it.

    Photo of Brittany Lutes, Research Analyst, CIO Practice, Info-Tech Research Group.
    Brittany Lutes
    Research Analyst,
    CIO Practice
    Info-Tech Research Group
    Photo of Ibrahim Abdel-Kader, Research Analyst, CIO Practice, Info-Tech Research Group.
    Ibrahim Abdel-Kader
    Research Analyst,
    CIO Practice
    Info-Tech Research Group

    IT has always been an afterthought in the M&A process, often brought in last minute once the deal is nearly, if not completely, solidified. This is a mistake. When IT is brought into the process late, the business misses opportunities to generate value related to the transaction and has less awareness of critical risks or inaccuracies.

    To prevent this mistake, IT leadership needs to develop strong business relationships and gain respect for their innovative suggestions. In fact, when it comes to modern M&A activity, IT should be the ones suggesting potential transactions to meet business needs, specifically when it comes to modernizing the business or adopting digital capabilities.

    IT needs to stop waiting to be invited to the acquisition or divestiture table. IT needs to suggest that the table be constructed and actively work toward achieving the strategic objectives of the business.

    Executive Summary

    Your Challenge

    There are four key scenarios or entry points for IT as the acquiring organization in M&As:

    • IT can suggest an acquisition to meet the business objectives of the organization.
    • IT is brought in to strategy plan the acquisition from both the business’ and IT’s perspectives.
    • IT participates in due diligence activities and valuates the organization potentially being acquired.
    • IT needs to reactively prepare its environment to enable the integration.

    Consider the ideal scenario for your IT organization.

    Common Obstacles

    Some of the obstacles IT faces include:

    • IT is often told about the transaction once the deal has already been solidified and is now forced to meet unrealistic business demands.
    • The business does not trust IT and therefore does not approach IT to define value or reduce risks to the transaction process.
    • The people and culture element are forgotten or not given adequate priority.

    These obstacles often arise when IT waits to be invited into the transaction process and misses critical opportunities.

    Info-Tech's Approach

    Prepare for a growth/integration transaction by:

    • Recognizing the trend for organizations to engage in M&A activity and the increased likelihood that, as an IT leader, you will be involved in a transaction in your career.
    • Creating a standard strategy that will enable strong program management.
    • Properly considering all the critical components of the transaction and integration by prioritizing tasks that will reduce risk, deliver value, and meet stakeholder expectations.

    Info-Tech Insight

    As the number of merger, acquisition, and divestiture transactions continues to increase, so too does IT’s opportunity to leverage the growing digital nature of these transactions and get involved at the onset.

    The changing M&A landscape

    Businesses will embrace more digital M&A transactions in the post-pandemic world

    • When the pandemic occurred, businesses reacted by either pausing (61%) or completely cancelling (46%) deals that were in the mid-transaction state (Deloitte, 2020). The uncertainty made many organizations consider whether the risks would be worth the potential benefits.
    • However, many organizations quickly realized the pandemic is not a hindrance to M&A transactions but an opportunity. Over 16,000 American companies were involved in M&A transactions in the first six months of 2021 (The Economist). For reference, this had been averaging around 10,000 per six months from 2016 to 2020.
    • In addition to this transaction growth, organizations have increasingly been embracing digital. These trends increase the likelihood that, as an IT leader, you will engage in an M&A transaction. However, it is up to you when you get involved in the transactions.

    The total value of transactions in the year after the pandemic started was $1.3 billion – a 93% increase in value compared to before the pandemic. (Nasdaq)

    Virtual deal-making will be the preferred method of 55% of organizations in the post-pandemic world. (Wall Street Journal, 2020)

    Your challenge

    IT is often not involved in the M&A transaction process. When it is, it’s often too late.

    • The most important driver of an acquisition is the ability to access new technology (DLA Piper), and yet 50% of the time, IT isn’t involved in the M&A transaction at all (IMAA Institute, 2017).
    • Additionally, IT’s lack of involvement in the process negatively impacts the business:
      • Most organizations (60%) do not have a standardized approach to integration (Steeves and Associates).
      • Weak integration teams contribute to the failure of 70% of M&A integrations (The Wall Street Journal, 2019).
      • Less than half (47%) of organizations actually experience the positive results sought by the M&A transaction (Steeves and Associates).
    • Organizations pursuing M&A and not involving IT are setting themselves up for failure.

    Only half of M&A deals involve IT (Source: IMAA Institute, 2017)

    Common Obstacles

    These barriers make this challenge difficult to address for many organizations:

    • IT is rarely afforded the opportunity to participate in the transaction deal. When IT is invited, this often happens later in the process where integration will be critical to business continuity.
    • IT has not had the opportunity to demonstrate that it is a valuable business partner in other business initiatives.
    • One of the most critical elements that IT often doesn’t take the time or doesn’t have the time to focus on is the people and leadership component.
    • IT waits to be invited to the process rather then actively involving themselves and suggesting how value can be added to the process.

    In hindsight, it’s clear to see: Involving IT is just good business.

    47% of senior leaders wish they would have spent more time on IT due diligence to prevent value erosion. (Source: IMAA Institute, 2017)

    40% of acquiring businesses discovered a cybersecurity problem at an acquisition.” (Source: Okta)

    Info-Tech's approach

    Acquisitions & Divestitures Framework

    Acquisitions and divestitures are inevitable in modern business, and IT’s involvement in the process should be too. This progression is inspired by:

    1. The growing trend for organizations to increase, decrease, or evolve through these types of transactions.
    2. Transactions that are driven by digital motivations, requiring IT’s expertise.
    3. A maturing business perspective of IT, preventing the difficulty that IT is faced with when invited into the transaction process late.
    4. There never being such a thing as a true merger, making the majority of M&A activity either acquisitions or divestitures.
    A diagram highlighting the 'IT Executives' Role in Acquisitions and Divestitures' when they are integrated at different points in the 'Core Business Timeline'. There are four main entry points 'Proactive', 'Discovery and Strategy', 'Due Diligence and Preparation', and 'Execution and Value Realized'. It is highlighted that IT can and should start at 'Proactive', but most organizations start at 'Execution and Value Realized'. 'Proactive': suggest opportunities to evolve the organization; prove IT's value and engage in growth opportunities early. Innovators start here. Steps of the business timeline in 'Proactive' are 'Organization strategies are defined' and 'M and A is considered to enable strategy'. After a buy or sell transaction is initiated is 'Discovery and Strategy': pre-transaction state. If it is a Buy transaction, 'Establish IT's involvement and approach'. If it is a Sell transaction, 'Prepare to engage in negotiations'. Business Partners start here. Steps of the business timeline in 'Discovery and Strategy' are 'Searching criteria is set', 'Potential candidates are considered', and 'LOI is sent/received'. 'Due Diligence and Preparation': mid-transaction state. If it is a Buy transaction, 'Identify potential transaction benefits and risks'. If it is a Sell transaction, 'Comply, communicate, and collaborate in transaction'. Trusted Operators start here. Steps of the business timeline in 'Due Diligence and Preparation' are 'Due diligence engagement occurs', 'Final agreement is reached', and 'Preparation for transaction execution occurs'. 'Execution and Value Realization': post-transaction state. If it is a Buy transaction, 'Integrate the IT environments and achieve business value'. If it is a Sell transaction, 'Separate the IT environment and deliver on transaction terms'. Firefighters start here. Steps of the business timeline in 'Execution and Value Realization' are 'Staff and operations are addressed appropriately', 'Day 1 of implementation and integration activities occurs', '1st 100 days of new entity state occur' and 'Ongoing risk mitigating and value creating activities occur'.

    The business’ view of IT will impact how soon IT can get involved

    There are four key entry points for IT

    A colorful visualization of the four key entry points for IT and a fifth not-so-key entry point. Starting from the top: 'Innovator', Information and Technology as a Competitive Advantage, 90% Satisfaction; 'Business Partner', Effective Delivery of Strategic Business Projects, 80% Satisfaction; 'Trusted Operator', Enablement of Business Through Application and Work Orders, 70% Satisfaction; 'Firefighter', Reliable Infrastructure and IT Service Desk, 60% Satisfaction; and then 'Unstable', Inability to Consistently Deliver Basic Services, <60% Satisfaction.
    1. Innovator: IT suggests an acquisition to meet the business objectives of the organization.
    2. Business Partner: IT is brought in to strategy plan the acquisition from both the business’ and IT’s perspective.
    3. Trusted Operator: IT participates in due diligence activities and valuates the organization potentially being acquired.
    4. Firefighter: IT reactively engages in the integration with little time to prepare.

    Merger, acquisition, and divestiture defined

    Merger

    A merger looks at the equal combination of two entities or organizations. Mergers are rare in the M&A space, as the organizations will combine assets and services in a completely equal 50/50 split. Two organizations may also choose to divest business entities and merge as a new company.

    Acquisition

    The most common transaction in the M&A space, where an organization will acquire or purchase another organization or entities of another organization. This type of transaction has a clear owner who will be able to make legal decisions regarding the acquired organization.

    Divestiture

    An organization may decide to sell partial elements of a business to an acquiring organization. They will separate this business entity from the rest of the organization and continue to operate the other components of the business.

    Info-Tech Insight

    A true merger does not exist, as there is always someone initiating the discussion. As a result, most M&A activity falls into acquisition or divestiture categories.

    Buying vs. selling

    The M&A process approach differs depending on whether you are the executive IT leader on the buy side or sell side

    This blueprint is only focused on the buy side:

    • More than two organizations could be involved in a transaction.
    • Examples of buy-related scenarios include:
      • Your organization is buying another organization with the intent of having the purchased organization keep its regular staff, operations, and location. This could mean minimal integration is required.
      • Your organization is buying another organization in its entirety with the intent of integrating it into your original company.
      • Your organization is buying components of another organization with the intent of integrating them into your original company.
    • As the purchasing organization, you will probably be initiating the purchase and thus will be valuating the selling organization during due diligence and leading the execution plan.

    The sell side is focused on:

    • Examples of sell-related scenarios include:
      • Your organization is selling to another organization with the intent of keeping its regular staff, operations, and location. This could mean minimal separation is required.
      • Your organization is selling to another organization with the intent of separating to be a part of the purchasing organization.
      • Your organization is engaging in a divestiture with the intent of:
        • Separating components to be part of the purchasing organization permanently.
        • Separating components to be part of a spinoff and establish a unit as a standalone new company.
    • As the selling organization, you could proactively seek out suitors to purchase all or components of your organization, or you could be approached by an organization.

    For more information on divestitures or selling your entire organization, check out Info-Tech’s Mergers & Acquisitions: The Sell Blueprint.

    Core business timeline

    For IT to be valuable in M&As, you need to align your deliverables and your support to the key activities the business and investors are working on.

    Info-Tech’s methodology for Buying Organizations in Mergers, Acquisitions, or Divestitures

    1. Proactive

    2. Discovery & Strategy

    3. Due Diligence & Preparation

    4. Execution & Value Realization

    Phase Steps

    1. Identify Stakeholders and Their Perspective of IT
    2. Assess IT’s Current Value and Future State
    3. Drive Innovation and Suggest Growth Opportunities
    1. Establish the M&A Program Plan
    2. Prepare IT to Engage in the Acquisition
    1. Assess the Target Organization
    2. Prepare to Integrate
    1. Execute the Transaction
    2. Reflection and Value Realization

    Phase Outcomes

    Be an innovative IT leader by suggesting how and why the business should engage in an acquisition or divestiture.

    Create a standardized approach for how your IT organization should address acquisitions.

    Evaluate the target organizations successfully and establish an integration project plan.

    Deliver on the integration project plan successfully and communicate IT’s transaction value to the business.

    Potential metrics for each phase

    1. Proactive

    2. Discovery & Strategy

    3. Due Diligence & Preparation

    4. Execution & Value Realization

    • % Share of business innovation spend from overall IT budget
    • % Critical processes with approved performance goals and metrics
    • % IT initiatives that meet or exceed value expectation defined in business case
    • % IT initiatives aligned with organizational strategic direction
    • % Satisfaction with IT's strategic decision-making abilities
    • $ Estimated business value added through IT-enabled innovation
    • % Overall stakeholder satisfaction with IT
    • % Percent of business leaders that view IT as an Innovator
    • % IT budget as a percent of revenue
    • % Assets that are not allocated
    • % Unallocated software licenses
    • # Obsolete assets
    • % IT spend that can be attributed to the business (chargeback or showback)
    • % Share of CapEx of overall IT budget
    • % Prospective organizations that meet the search criteria
    • $ Total IT cost of ownership (before and after M&A, before and after rationalization)
    • % Business leaders that view IT as a Business Partner
    • % Defects discovered in production
    • $ Cost per user for enterprise applications
    • % In-house-built applications vs. enterprise applications
    • % Owners identified for all data domains
    • # IT staff asked to participate in due diligence
    • Change to due diligence
    • IT budget variance
    • Synergy target
    • % Satisfaction with the effectiveness of IT capabilities
    • % Overall end-customer satisfaction
    • $ Impact of vendor SLA breaches
    • $ Savings through cost-optimization efforts
    • $ Savings through application rationalization and technology standardization
    • # Key positions empty
    • % Frequency of staff turnover
    • % Emergency changes
    • # Hours of unplanned downtime
    • % Releases that cause downtime
    • % Incidents with identified problem record
    • % Problems with identified root cause
    • # Days from problem identification to root cause fix
    • % Projects that consider IT risk
    • % Incidents due to issues not addressed in the security plan
    • # Average vulnerability remediation time
    • % Application budget spent on new build/buy vs. maintenance (deferred feature implementation, enhancements, bug fixes)
    • # Time (days) to value realization
    • % Projects that realized planned benefits
    • $ IT operational savings and cost reductions that are related to synergies/divestitures
    • % IT staff–related expenses/redundancies
    • # Days spent on IT integration
    • $ Accurate IT budget estimates
    • % Revenue growth directly tied to IT delivery
    • % Profit margin growth

    The IT executive’s role in the buying transaction is critical

    And IT leaders have a greater likelihood than ever of needing to support a merger, acquisition, or divestiture.

    1. Reduced Risk

      IT can identify risks that may go unnoticed when IT is not involved.
    2. Increased Accuracy

      The business can make accurate predictions around the costs, timelines, and needs of IT.
    3. Faster Integration

      Faster integration means faster value realization for the business.
    4. Informed Decision Making

      IT leaders hold critical information that can support the business in moving the transaction forward.
    5. Innovation

      IT can suggest new opportunities to generate revenue, optimize processes, or reduce inefficiencies.

    The IT executive’s critical role is demonstrated by:

    • Reduced Risk

      47% of senior leaders wish they would have spent more time on IT due diligence to prevent value erosion (IMAA Institute, 2017).
    • Increased Accuracy

      87% of respondents to a Deloitte survey effectively conducted a virtual deal, with a focus on cybersecurity and integration (Deloitte, 2020).
    • Faster Integration

      Integration costs range from as low as $4 million to as high as $3.8 billion, making the process an investment for the organization (CIO Dive).
    • Informed Decision Making

      Only 38% of corporate and 22% of private equity firms include IT as a significant aspect in their transaction approach (IMAA Institute, 2017).
    • Innovation

      Successful CIOs involved in M&As can spend 70% of their time on aspects outside of IT and 30% of their time on technology and delivery (CIO).

    Playbook benefits

    IT Benefits

    • IT will be seen as an innovative partner to the business, and its suggestions and involvement in the organization will lead to benefits, not hindrances.
    • Develop a streamlined method to valuate the potential organization being purchased and ensure risk management concerns are brought to the business’ attention immediately.
    • Create a comprehensive list of items that IT needs to do during the integration that can be prioritized and actioned.

    Business Benefits

    • The business will get accurate and relevant information about the organization being acquired, ensuring that the anticipated value of the transaction is correctly planned for.
    • Fewer business interruptions will happen, because IT can accurately plan for and execute the high-priority integration tasks.
    • The business can make a fair offer to the purchased organization, having properly valuated all aspects being bought, including the IT environment.

    Insight summary

    Overarching Insight

    As an IT executive, take control of when you get involved in a growth transaction. Do this by proactively identifying acquisition targets, demonstrating the value of IT, and ensuring that integration of IT environments does not lead to unnecessary and costly decisions.

    Proactive Insight

    CIOs on the forefront of digital transformation need to actively look for and suggest opportunities to acquire or partner on new digital capabilities to respond to rapidly changing business needs.

    Discovery & Strategy Insight

    IT organizations that have an effective M&A program plan are more prepared for the buying transaction, enabling a successful outcome. A structured strategy is particularly necessary for organizations expected to deliver M&As rapidly and frequently.

    Due Diligence & Preparation Insight

    Most IT synergies can be realized in due diligence. It is more impactful to consider IT processes and practices (e.g. contracts and culture) in due diligence rather than later in the integration.

    Execution & Value Realization Insight

    IT needs to realize synergies within the first 100 days of integration. The most successful transactions are when IT continuously realizes synergies a year after the transaction and beyond.

    Blueprint deliverables

    Key Deliverable: M&A Buy Playbook

    The M&A Buy Playbook should be a reusable document that enables your IT organization to successfully deliver on any acquisition transaction.

    Screenshots of the 'M and A Buy Playbook' deliverable.

    M&A Buy One-Pager

    See a one-page overview of each phase of the transaction.

    Screenshots of the 'M and A Buy One-Pagers' deliverable.

    M&A Buy Case Studies

    Read a one-page case study for each phase of the transaction.

    Screenshots of the 'M and A Buy Case Studies' deliverable.

    M&A Integration Project Management Tool (SharePoint)

    Manage the integration process of the acquisition using this SharePoint template.

    Screenshots of the 'M and A Integration Project Management Tool (SharePoint)' deliverable.

    M&A Integration Project Management Tool (Excel)

    Manage the integration process of the acquisition using this Excel tool if you can’t or don’t want to use SharePoint.

    Screenshots of the 'M and A Integration Project Management Tool (Excel)' deliverable.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 6 to 10 calls over the course of 2 to 4 months.

      Proactive Phase

    • Call #1: Scope requirements, objectives, and your specific challenges.
    • Discovery & Strategy Phase

    • Call #2: Determine stakeholders and their perspectives of IT.
    • Call #3: Identify how M&A could support business strategy and how to communicate.
    • Due Diligence & Preparation Phase

    • Call #4: Establish a transaction team and acquisition strategic direction.
    • Call #5: Create program metrics and identify a standard integration strategy.
    • Call #6: Assess the potential organization(s).
    • Call #7: Identify the integration program plan.
    • Execution & Value Realization Phase

    • Call #8: Establish employee transitions to retain key staff.
    • Call #9: Assess IT’s ability to deliver on the acquisition transaction.

    The Buy Blueprint

    Phase 1

    Proactive

    Phase 1

    Phase 2 Phase 3 Phase 4
    • 1.1 Identify Stakeholders and Their Perspective of IT
    • 1.2 Assess IT’s Current Value and Future State
    • 1.3 Drive Innovation and Suggest Growth Opportunities
    • 2.1 Establish the M&A Program Plan
    • 2.2 Prepare IT to Engage in the Acquisition
    • 3.1 Assess the Target Organization
    • 3.2 Prepare to Integrate
    • 4.1 Execute the Transaction
    • 4.2 Reflection and Value Realization

    This phase will walk you through the following activities:

    • Conduct the CEO-CIO Alignment diagnostic
    • Conduct the CIO Business Vision diagnostic
    • Visualize relationships among stakeholders to identify key influencers
    • Group stakeholders into categories
    • Prioritize your stakeholders
    • Plan to communicate
    • Valuate IT
    • Assess the IT/digital strategy
    • Determine pain points and opportunities
    • Align goals to opportunities
    • Recommend growth opportunities

    This phase involves the following participants:

    • IT and business leadership

    What is the Proactive phase?

    Embracing the digital drivers

    As the number of merger, acquisition, or divestiture transactions driven by digital means continues to increase, IT has an opportunity to not just be involved in a transaction but actively seek out potential deals.

    In the Proactive phase, the business is not currently considering a transaction. However, the business could consider one to reach its strategic goals. IT organizations that have developed respected relationships with the business leaders can suggest these potential transactions.

    Understand the business’ perspective of IT, determine who the critical M&A stakeholders are, valuate the IT environment, and examine how it supports the business goals in order to suggest an M&A transaction.

    In doing so, IT isn’t waiting to be invited to the transaction table – it’s creating it.

    Goal: To support the organization in reaching its strategic goals by suggesting M&A activities that will enable the organization to reach its objectives faster and with greater-value outcomes.

    Proactive Prerequisite Checklist

    Before coming into the Proactive phase, you should have addressed the following:

    • Understand what mergers, acquisitions, and divestitures are.
    • Understand what mergers, acquisitions, and divestitures mean for the business.
    • Understand what mergers, acquisitions, and divestitures mean for IT.

    Review the Executive Brief for more information on mergers, acquisitions, and divestitures for purchasing organizations.

    Proactive

    Step 1.1

    Identify M&A Stakeholders and Their Perspective of IT

    Activities

    • 1.1.1 Conduct the CEO-CIO Alignment diagnostic
    • 1.1.2 Conduct the CIO Business Vision diagnostic
    • 1.1.3 Visualize relationships among stakeholders to identify key influencers
    • 1.1.4 Group stakeholders into categories
    • 1.1.5 Prioritize your stakeholders
    • 1.16 Plan to communicate

    This step involves the following participants:

    • IT executive leader
    • IT leadership
    • Critical M&A stakeholders

    Outcomes of Step

    Understand how the business perceives IT and establish strong relationships with critical M&A stakeholders.

    Business executives' perspectives of IT

    Leverage diagnostics and gain alignment on IT’s role in the organization

    • To suggest or get involved with a merger, acquisition, or divestiture, the IT executive leader needs to be well respected by other members of the executive leadership team and the business.
    • Specifically, the Proactive phase relies on the IT organization being viewed as an Innovator within the business.
    • Identify how the CEO/business executive currently views IT and where they would like IT to move within the Maturity Ladder.
    • Additionally, understand how other critical department leaders view IT and how they view the partnership with IT.
    A colorful visualization titled 'Maturity Ladder' detailing levels of IT function that a business may choose from based on the business executives' perspectives of IT. Starting from the bottom: 'Struggle', Does not embarrass, Does not crash; 'Support', Keeps business happy, Keeps costs low; 'Optimize', Increases efficiency, Decreases costs; 'Expand', Extends into new business, Generates revenue; 'Transform', Creates new industry.

    Misalignment in target state requires further communication between the CIO and CEO to ensure IT is striving toward an agreed-upon direction.

    Info-Tech’s CIO Business Vision (CIO BV) diagnostic measures a variety of high-value metrics to provide a well-rounded understanding of stakeholder satisfaction with IT.

    Sample of Info-Tech's CIO Business Vision diagnostic measuring percentages of high-value metrics like 'IT Satisfaction' and 'IT Value' regarding business leader satisfaction. A note for these two reads 'Evaluate business leader satisfaction with IT this year and last year'. A section titled 'Relationship' has metrics such as 'Understands Needs' and 'Trains Effectively'. A note for this section reads 'Examine indicators of the relationship between IT and the business'. A section titled 'Security Friction' has metrics such as 'Regulatory Compliance-Driven' and 'Office/Desktop Security'.

    Business Satisfaction and Importance for Core Services

    The core services of IT are important when determining what IT should focus on. The most important services with the lowest satisfaction offer the largest area of improvement for IT to drive business value.

    Sample of Info-Tech's CIO Business Vision diagnostic specifically comparing the business satisfaction of 12 core services with their importance. Services listed include 'Service Desk', 'IT Security', 'Requirements Gathering', 'Business Apps', 'Data Quality', and more. There is a short description of the services, a percentage for the business satisfaction with the service, a percentage comparing it to last year, and a numbered ranking of importance for each service. A note reads 'Assess satisfaction and importance across 12 core IT capabilities'.

    1.1.1 Conduct the CEO-CIO Alignment diagnostic

    2 weeks

    Input: IT organization expertise and the CEO-CIO Alignment diagnostic

    Output: An understanding of an executive business stakeholder’s perception of IT

    Materials: CEO-CIO Alignment diagnostic, M&A Buy Playbook

    Participants: IT executive/CIO, Business executive/CEO

    1. The CEO-CIO Alignment diagnostic can be a powerful input. Speak with your Info-Tech account representative to conduct the diagnostic. Use the results to inform current IT capabilities.
    2. You may choose to debrief the results of your diagnostic with an Info-Tech analyst. We recommend this to help your team understand how to interpret and draw conclusions from the results.
    3. Examine the results of the survey and note where there might be specific capabilities that could be improved.
    4. Determine whether there are any areas of significant disagreement between the you and the CEO. Mark down those areas for further conversations. Additionally, take note of areas that could be leveraged to support growth transactions or support your rationale in recommending growth transactions.

    Download the sample report.

    Record the results in the M&A Buy Playbook.

    1.1.2 Conduct the CIO Business Vision diagnostic

    2 weeks

    Input: IT organization expertise, CIO BV diagnostic

    Output: An understanding of business stakeholder perception of certain IT capabilities and services

    Materials: CIO Business Vision diagnostic, Computer, Whiteboard and markers, M&A Buy Playbook

    Participants: IT executive/CIO, Senior business leaders

    1. The CIO Business Vision (CIO BV) diagnostic can be a powerful tool for identifying IT capability focus areas. Speak with your account representative to conduct the CIO BV diagnostic. Use the results to inform current IT capabilities.
    2. You may choose to debrief the results of your diagnostic with an Info-Tech analyst. We recommend this to help your team understand how to interpret the results and draw conclusions from the diagnostic.
    3. Examine the results of the survey and take note of any IT services that have low scores.
    4. Read through the diagnostic comments and note any common themes. Especially note which stakeholders identified they have a favorable relationship with IT and which stakeholders identified they have an unfavorable relationship. For those who have an unfavorable relationship, identify if they will have a critical role in a growth transaction.

    Download the sample report.

    Record the results in the M&A Buy Playbook.

    Create a stakeholder network map for M&A transactions

    Follow the trail of breadcrumbs from your direct stakeholders to their influencers to uncover hidden stakeholders.

    Example:

    Diagram of stakeholders and their relationships with other stakeholders, such as 'Board Members', 'CFO/Finance', 'Compliance', etc. with 'CIO/IT Leader' highlighted in the middle. There are unidirectional black arrows and bi-directional green arrows indicating each connection.

      Legend
    • Black arrows indicate the direction of professional influence
    • Dashed green arrows indicate bidirectional, informal influence relationships

    Info-Tech Insight

    Your stakeholder map defines the influence landscape that the M&A transaction will occur within. This will identify who holds various levels of accountability and decision-making authority when a transaction does take place.

    Use connectors to determine who may be influencing your direct stakeholders. They may not have any formal authority within the organization, but they may have informal yet substantial relationships with your stakeholders.

    1.1.3 Visualize relationships among stakeholders to identify key influencers

    1-3 hours

    Input: List of M&A stakeholders

    Output: Relationships among M&A stakeholders and influencers

    Materials: M&A Buy Playbook

    Participants: IT executive leadership

    1. The purpose of this activity is to list all the stakeholders within your organization that will have a direct or indirect impact on the M&A transaction.
    2. Determine the critical stakeholders, and then determine the stakeholders of your stakeholders and consider adding each of them to the stakeholder list.
    3. Assess who has either formal or informal influence over your stakeholders; add these influencers to your stakeholder list.
    4. Construct a diagram linking stakeholders and their influencers together.
      • Use black arrows to indicate the direction of professional influence.
      • Use dashed green arrows to indicate bidirectional, informal influence relationships.

    Record the results in the M&A Buy Playbook.

    Categorize your stakeholders with a prioritization map

    A stakeholder prioritization map helps IT leaders categorize their stakeholders by their level of influence and ownership in the merger, acquisition, or divestiture process.

    A prioritization map of stakeholder categories split into four quadrants. The vertical axis is 'Influence', from low on the bottom to high on top. The horizontal axis is 'Ownership/Interest', from low on the left to high on the right. 'Spectators' are low influence, low ownership/interest. 'Mediators' are high influence, low ownership/interest. 'Noisemakers' are low influence, high ownership/interest. 'Players' are high influence, high ownership/interest.

    There are four areas in the map, and the stakeholders within each area should be treated differently.

    Players – players have a high interest in the initiative and the influence to effect change over the initiative. Their support is critical, and a lack of support can cause significant impediment to the objectives.

    Mediators – mediators have a low interest but significant influence over the initiative. They can help to provide balance and objective opinions to issues that arise.

    Noisemakers – noisemakers have low influence but high interest. They tend to be very vocal and engaged, either positively or negatively, but have little ability to enact their wishes.

    Spectators – generally, spectators are apathetic and have little influence over or interest in the initiative.

    1.1.4 Group stakeholders into categories

    30 minutes

    Input: Stakeholder map, Stakeholder list

    Output: Categorization of stakeholders and influencers

    Materials: Flip charts, Markers, Sticky notes, M&A Buy Playbook

    Participants: IT executive leadership, Stakeholders

    1. Identify your stakeholders’ interest in and influence on the M&A process as high, medium, or low by rating the attributes below.
    2. Map your results to the model to the right to determine each stakeholder’s category.

    Same prioritization map of stakeholder categories as before. This one has specific stakeholders mapped onto it. 'CFO' is mapped as low interest and middling influence, between 'Mediator' and 'Spectator'. 'CIO' is mapped as higher than average interest and high influence, a 'Player'. 'Board Member' is mapped as high interest and high influence, a 'Player'.

    Level of Influence
    • Power: Ability of a stakeholder to effect change.
    • Urgency: Degree of immediacy demanded.
    • Legitimacy: Perceived validity of stakeholder’s claim.
    • Volume: How loud their “voice” is or could become.
    • Contribution: What they have that is of value to you.
    Level of Interest

    How much are the stakeholder’s individual performance and goals directly tied to the success or failure of the product?

    Record the results in the M&A Buy Playbook.

    Prioritize your stakeholders

    There may be too many stakeholders to be able to manage them all. Focus your attention on the stakeholders that matter most.

    Level of Support

    Supporter

    Evangelist

    Neutral

    Blocker

    Stakeholder Category Player Critical High High Critical
    Mediator Medium Low Low Medium
    Noisemaker High Medium Medium High
    Spectator Low Irrelevant Irrelevant Low

    Consider the three dimensions for stakeholder prioritization: influence, interest, and support. Support can be determined by answering the following question: How significant is that stakeholder to the M&A or divestiture process?

    These parameters are used to prioritize which stakeholders are most important and should receive your focused attention.

    1.1.5 Prioritize your stakeholders

    30 minutes

    Input: Stakeholder matrix

    Output: Stakeholder and influencer prioritization

    Materials: Flip charts, Markers, Sticky notes, M&A Buy Playbook

    Participants: IT executive leadership, M&A/divestiture stakeholders

    1. Identify the level of support of each stakeholder by answering the following question: How significant is that stakeholder to the M&A transaction process?
    2. Prioritize your stakeholders using the prioritization scheme on the previous slide.

    Stakeholder

    Category

    Level of Support

    Prioritization

    CMO Spectator Neutral Irrelevant
    CIO Player Supporter Critical

    Record the results in the M&A Buy Playbook.

    Define strategies for engaging stakeholders by type

    A revisit to the map of stakeholder categories, but with strategies listed for each one, and arrows on the side instead of an axis. The vertical arrow is 'Authority', which increases upward, and the horizontal axis is Ownership/Interest which increases as it moves to the right. The strategy for 'Players' is 'Engage', for 'Mediators' is 'Satisfy', for 'Noisemakers' is 'Inform', and for 'Spectators' is 'Monitor'.

    Type

    Quadrant

    Actions

    Players High influence, high interest – actively engage Keep them updated on the progress of the project. Continuously involve Players in the process and maintain their engagement and interest by demonstrating their value to its success.
    Mediators High influence, low interest – keep satisfied They can be the game changers in groups of stakeholders. Turn them into supporters by gaining their confidence and trust and including them in important decision-making steps. In turn, they can help you influence other stakeholders.
    Noisemakers Low influence, high interest – keep informed Try to increase their influence (or decrease it if they are detractors) by providing them with key information, supporting them in meetings, and using Mediators to help them.
    Spectators Low influence, low interest – monitor They are followers. Keep them in the loop by providing clarity on objectives and status updates.

    Info-Tech Insight

    Each group of stakeholders draws attention and resources away from critical tasks. By properly identifying stakeholder groups, the IT executive leader can develop corresponding actions to manage stakeholders in each group. This can dramatically reduce wasted effort trying to satisfy Spectators and Noisemakers while ensuring the needs of Mediators and Players are met.

    1.1.6 Plan to communicate

    30 minutes

    Input: Stakeholder priority, Stakeholder categorization, Stakeholder influence

    Output: Stakeholder communication plan

    Materials: Flip charts, Markers, Sticky notes, M&A Buy Playbook

    Participants: IT executive leadership, M&A/divestiture stakeholders

    The purpose of this activity is to make a communication plan for each of the stakeholders identified in the previous activities, especially those who will have a critical role in the M&A transaction process.

    1. In the M&A Buy Playbook, input the type of influence each stakeholder has on IT, how they would be categorized in the M&A process, and their level of priority. Use this information to create a communication plan.
    2. Determine the methods and frequency of communication to keep the necessary stakeholder satisfied and maintain or enhance IT’s profile within the organization.

    Record the results in the M&A Buy Playbook.

    Proactive

    Step 1.2

    Assess IT’s Current Value and Method to Achieve a Future State

    Activities

    • 1.2.1 Valuate IT
    • 1.2.2 Assess the IT/digital strategy

    This step involves the following participants:

    • IT executive leader
    • IT leadership
    • Critical stakeholders to M&A

    Outcomes of Step

    Identify critical opportunities to optimize IT and meet strategic business goals through a merger, acquisition, or divestiture.

    How to valuate your IT environment

    And why it matters so much

    • Valuating your current organization’s IT environment is a critical step that all IT organizations should take, whether involved in an M&A or not, to fully understand what it might be worth.
    • The business investments in IT can be directly translated into a value amount. For every $1 invested in IT, the business might be gaining $100 in value back or possibly even loosing $100.
    • Determining, documenting, and communicating this information ensures that the business takes IT’s suggestions seriously and recognizes why investing in IT is so critical.
    • There are three ways a business or asset can be valuated:
      • Cost Approach: Look at the costs associated with building, purchasing, replacing, and maintaining a given aspect of the business.
      • Market Approach: Look at the relative value of a particular aspect of the business. Relative value can fluctuate and depends on what the markets and consequently society believe that particular element is worth.
      • Discounted Cash Flow Approach: Focus on what the potential value of the business could be or the intrinsic value anticipated due to future profitability.
    • (Source: “Valuation Methods,” Corporate Finance Institute)

    Four ways to create value through digital

    1. Reduced costs
    2. Improved customer experience
    3. New revenue sources
    4. Better decision making
    5. (Source: McKinsey & Company)

    1.2.1 Valuate IT

    1 day

    Input: Valuation of data, Valuation of applications, Valuation of infrastructure and operations, Valuation of security and risk

    Output: Valuation of IT

    Materials: Relevant templates/tools listed on the following slides, Capital budget, Operating budget, M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership

    The purpose of this activity is to demonstrate that IT is not simply an operational functional area that diminishes business resources. Rather, IT contributes significant value to the business.

    1. Review each of the following slides to valuate IT’s data, applications, infrastructure and operations, and security and risk. These valuations consider several tangible and intangible factors and result in a final dollar amount.
    2. Input the financial amounts identified for each critical area into a summary slide. Use this information to determine where IT is delivering value to the organization.

    Info-Tech Insight

    Consistency is key when valuating your IT organization as well as other IT organizations throughout the transaction process.

    Record the results in the M&A Buy Playbook.

    Data valuation

    Data valuation identifies how you monetize the information that your organization owns.

    Create a data value chain for your organization

    When valuating the information and data that exists in an organization, there are many things to consider.

    Info-Tech has two tools that can support this process:

    1. Information Asset Audit Tool: Use this tool first to take inventory of the different information assets that exist in your organization.
    2. Data Valuation Tool: Once information assets have been accounted for, valuate the data that exists within those information assets.

    Data Collection

    Insight Creation

    Value Creation

    Data Valuation

    01 Data Source
    02 Data Collection Method
    03 Data
    04 Data Analysis
    05 Insight
    06 Insight Delivery
    07 Consumer
    08 Value in Data
    09 Value Dimension
    10 Value Metrics Group
    11 Value Metrics
    Screenshots of Tab 2 of Info-Tech's Data Valuation Tool.

    Instructions

    1. Using the Data Valuation Tool, start gathering information based on the eight steps above to understand your organization’s journey from data to value.
    2. Identify the data value spectrum. (For example: customer sales service, citizen licensing service, etc.)
    3. Fill out the columns for data sources, data collection, and data first.
    4. Capture data analysis and related information.
    5. Then capture the value in data.
    6. Add value dimensions such as usage, quality, and economic dimensions.
      • Remember that economic value is not the only dimension, and usage/quality has a significant impact on economic value.
    7. Collect evidence to justify your data valuation calculator (market research, internal metrics, etc.).
    8. Finally, calculate the value that has a direct correlation with underlying value metrics.

    Application valuation

    Calculate the value of your IT applications

    When valuating the applications and their users in an organization, consider using a business process map. This shows how business is transacted in the company by identifying which IT applications support these processes and which business groups have access to them. Info-Tech has a business process mapping tool that can support this process:

    • Enterprise Integration Process Mapping Tool: Complete this tool first to map the different business processes to the supporting applications in your organization.

    Instructions

    1. Start by calculating user costs. This is the product of the (# of users) × (% of time spent using IT) × (fully burdened salary).
    2. Identify the revenue per employee and divide that by the average cost per employee to calculate the derived productivity ratio (DPR).
    3. Once you have calculated the user costs and DPR, multiply those total values together to get the application value.
    4. User Costs

      Total User Costs

      Derived Productivity Ratio (DPR)

      Total DPR

      Application Value

      # of users % time spent using IT Fully burdened salary Multiply values from the 3 user costs columns Revenue per employee Average cost per employee (Revenue P.E) ÷ (Average cost P.E) (User costs) X (DPR)

    5. Once the total application value is established, calculate the combined IT and business costs of delivering that value. IT and business costs include inflexibility (application maintenance), unavailability (downtime costs, including disaster exposure), IT costs (common costs statistically allocated to applications), and fully loaded cost of active (full-time equivalent [FTE]) users.
    6. Calculate the net value of applications by subtracting the total IT and business costs from the total application value calculated in step 3.
    7. IT and Business Costs

      Total IT and Business Costs

      Net Value of Applications

      Application maintenance Downtime costs (include disaster exposure) Common costs allocated to applications Fully loaded costs of active (FTE) users Sum of values from the four IT and business costs columns (Application value) – (IT and business costs)

    (Source: CSO)

    Infrastructure valuation

    Assess the foundational elements of the business’ information technology

    The purpose of this exercise is to provide a high-level infrastructure valuation that will contribute to valuating your IT environment.

    Calculating the value of the infrastructure will require different methods depending on the environment. For example, a fully cloud-hosted organization will have different costs than a fully on-premises IT environment.

    Instructions:

    1. Start by listing all of the infrastructure-related items that are relevant to your organization.
    2. Once you have finalized your items column, identify the total costs/value of each item.
      • For example, total software costs would include servers and storage.
    3. Calculate the total cost/value of your IT infrastructure by adding all of values in the right column.

    Item

    Costs/Value

    Hardware Assets Total Value +$3.2 million
    Hardware Leased/Service Agreement -$
    Software Purchased +$
    Software Leased/Service Agreement -$
    Operational Tools
    Network
    Disaster Recovery
    Antivirus
    Data Centers
    Service Desk
    Other Licenses
    Total:

    For additional support, download the M&A Runbook for Infrastructure and Operations.

    Risk and security

    Assess risk responses and calculate residual risk

    The purpose of this exercise is to provide a high-level risk assessment that will contribute to valuating your IT environment. For a more in-depth risk assessment, please refer to the Info-Tech tools below:

    1. Risk Register Tool
    2. Security M&A Due Diligence Tool

    Instructions

    1. Review the probability and impact scales below and ensure you have the appropriate criteria that align to your organization before you conduct a risk assessment.
    2. Identify the probability of occurrence and estimated financial impact for each risk category detail and fill out the table on the right. Customize the table as needed so it aligns to your organization.
    3. Probability of Risk Occurrence

      Occurrence Criteria
      (Classification; Probability of Risk Event Within One Year)

      Negligible Very Unlikely; ‹20%
      Very Low Unlikely; 20 to 40%
      Low Possible; 40 to 60%
      Moderately Low Likely; 60 to 80%
      Moderate Almost Certain; ›80%

    Note: If needed, you can customize this scale with the severity designations that you prefer. However, make sure you are always consistent with it when conducting a risk assessment.

    Financial & Reputational Impact

    Budgetary and Reputational Implications
    (Financial Impact; Reputational Impact)

    Negligible (‹$10,000; Internal IT stakeholders aware of risk event occurrence)
    Very Low ($10,000 to $25,000; Business customers aware of risk event occurrence)
    Low ($25,000 to $50,000; Board of directors aware of risk event occurrence)
    Moderately Low ($50,000 to $100,000; External customers aware of risk event occurrence)
    Moderate (›$100,000; Media coverage or regulatory body aware of risk event occurrence)

    Risk Category Details

    Probability of Occurrence

    Estimated Financial Impact

    Estimated Severity (Probability X Impact)

    Capacity Planning
    Enterprise Architecture
    Externally Originated Attack
    Hardware Configuration Errors
    Hardware Performance
    Internally Originated Attack
    IT Staffing
    Project Scoping
    Software Implementation Errors
    Technology Evaluation and Selection
    Physical Threats
    Resource Threats
    Personnel Threats
    Technical Threats
    Total:

    1.2.2 Assess the IT/digital strategy

    4 hours

    Input: IT strategy, Digital strategy, Business strategy

    Output: An understanding of an executive business stakeholder’s perception of IT, Alignment of IT/digital strategy and overall organization strategy

    Materials: Computer, Whiteboard and markers, M&A Buy Playbook

    Participants: IT executive/CIO, Business executive/CEO

    The purpose of this activity is to review the business and IT strategies that exist to determine if there are critical capabilities that are not being supported.

    Ideally, the IT and digital strategies would have been created following development of the business strategy. However, sometimes the business strategy does not directly call out the capabilities it requires IT to support.

    1. On the left half of the corresponding slide in the M&A Buy Playbook, document the business goals, initiatives, and capabilities. Input this information from the business or digital strategies. (If more space for goals, initiatives, or capabilities is needed, duplicate the slide).
    2. On the other half of the slide, document the IT goals, initiatives, and capabilities. Input this information from the IT strategy and digital strategy.

    For additional support, see Build a Business-Aligned IT Strategy.

    Record the results in the M&A Buy Playbook.

    Proactive

    Step 1.3

    Drive Innovation and Suggest Growth Opportunities

    Activities

    • 1.3.1 Determine pain points and opportunities
    • 1.3.2 Align goals with opportunities
    • 1.3.3 Recommend growth opportunities

    This step involves the following participants:

    • IT executive leader
    • IT leadership
    • Critical M&A stakeholders

    Outcomes of Step

    Establish strong relationships with critical M&A stakeholders and position IT as an innovative business partner that can suggest growth opportunities.

    1.3.1 Determine pain points and opportunities

    1-2 hours

    Input: CEO-CIO Alignment diagnostic, CIO Business Vision diagnostic, Valuation of IT environment, IT-business goals cascade

    Output: List of pain points or opportunities that IT can address

    Materials: Computer, Whiteboard and markers, M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership, Business stakeholders

    The purpose of this activity is to determine the pain points and opportunities that exist for the organization. These can be external or internal to the organization.

    1. Identify what opportunities exist for your organization. Opportunities are the potential positives that the organization would want to leverage.
    2. Next, identify pain points, which are the potential negatives that the organization would want to alleviate.
    3. Spend time considering all the options that might exist, and keep in mind what has been identified previously.

    Opportunities and pain points can be trends, other departments’ initiatives, business perspectives of IT, etc.

    Record the results in the M&A Buy Playbook.

    1.3.2 Align goals with opportunities

    1-2 hours

    Input: CEO-CIO Alignment diagnostic, CIO Business Vision diagnostic, Valuation of IT environment, IT-business goals cascade, List of pain points and opportunities

    Output: An understanding of an executive business stakeholder’s perception of IT, Foundations for growth strategy

    Materials: Computer, Whiteboard and markers, M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership, Business stakeholders

    The purpose of this activity is to determine whether a growth or separation strategy might be a good suggestion to the business in order to meet its business objectives.

    1. For the top three to five business goals, consider:
      1. Underlying drivers
      2. Digital opportunities
      3. Whether a growth or reduction strategy is the solution
    2. Just because a growth or reduction strategy is a solution for a business goal does not necessarily indicate M&A is the way to go. However, it is important to consider before you pursue suggesting M&A.

    Record the results in the M&A Buy Playbook.

    1.3.3 Recommend growth opportunities

    1-2 hours

    Input: Growth or separation strategy opportunities to support business goals, Stakeholder communication plan, Rationale for the suggestion

    Output: M&A transaction opportunities suggested

    Materials: M&A Buy Playbook

    Participants: IT executive/CIO, Business executive/CEO

    The purpose of this activity is to recommend a merger, acquisition, or divestiture to the business.

    1. Identify which of the business goals the transaction would help solve and why IT is the one to suggest such a goal.
    2. Leverage the stakeholder communication plan identified previously to give insight into stakeholders who would have a significant level of interest, influence, or support in the process.

    Info-Tech Insight

    With technology and digital driving many transactions, leverage this opening and begin the discussions with your business on how and why an acquisition would be a great opportunity.

    Record the results in the M&A Buy Playbook.

    By the end of this Proactive phase, you should:

    Be prepared to suggest M&A opportunities to support your company’s goals through growth or acquisition transactions

    Key outcome from the Proactive phase

    Develop progressive relationships and strong communication with key stakeholders to suggest or be aware of transformational opportunities that can be achieved through growth or reduction strategies such as mergers, acquisitions, or divestitures.

    Key deliverables from the Proactive phase
    • Business perspective of IT examined
    • Key stakeholders identified and relationship to the M&A process outlined
    • Ability to valuate the IT environment and communicate IT’s value to the business
    • Assessment of the business, digital, and IT strategies and how M&As could support those strategies
    • Pain points and opportunities that could be alleviated or supported through an M&A transaction
    • Acquisition or buying recommendations

    The Buy Blueprint

    Phase 2

    Discovery & Strategy

    Phase 1

    Phase 2

    Phase 3Phase 4
    • 1.1 Identify Stakeholders and Their Perspective of IT
    • 1.2 Assess IT’s Current Value and Future State
    • 1.3 Drive Innovation and Suggest Growth Opportunities
    • 2.1 Establish the M&A Program Plan
    • 2.2 Prepare IT to Engage in the Acquisition
    • 3.1 Assess the Target Organization
    • 3.2 Prepare to Integrate
    • 4.1 Execute the Transaction
    • 4.2 Reflection and Value Realization

    This phase will walk you through the following activities:

    • Create the mission and vision
    • Identify the guiding principles
    • Create the future-state operating model
    • Determine the transition team
    • Document the M&A governance
    • Create program metrics
    • Establish the integration strategy
    • Conduct a RACI
    • Create the communication plan
    • Assess the potential organization(s)

    This phase involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Company M&A team

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Pre-Work

    Day 1

    Day 2

    Day 3

    Day 4

    Day 5

    Establish the Transaction FoundationDiscover the Motivation for AcquiringFormalize the Program PlanCreate the Valuation FrameworkStrategize the TransactionNext Steps and Wrap-Up (offsite)

    Activities

    • 0.1 Conduct the CIO Business Vision and CEO-CIO Alignment diagnostics
    • 0.2 Identify key stakeholders and outline their relationship to the M&A process
    • 0.3 Identify the rationale for the company's decisions to pursue an acquisition
    • 1.1 Review the business rationale for the acquisition
    • 1.2 Assess the IT/digital strategy
    • 1.3 Identify pain points and opportunities tied to the acquisition
    • 1.4 Create the IT vision statement, create the IT mission statement, and identify IT guiding principles
    • 2.1 Create the future-state operating model
    • 2.2 Determine the transition team
    • 2.3 Document the M&A governance
    • 2.4 Establish program metrics
    • 3.1 Valuate your data
    • 3.2 Valuate your applications
    • 3.3 Valuate your infrastructure
    • 3.4 Valuate your risk and security
    • 3.5 Combine individual valuations to make a single framework
    • 4.1 Establish the integration strategy
    • 4.2 Conduct a RACI
    • 4.3 Review best practices for assessing target organizations
    • 4.4 Create the communication plan
    • 5.1 Complete in-progress deliverables from previous four days
    • 5.2 Set up review time for workshop deliverables and to discuss next steps

    Deliverables

    1. Business perspectives of IT
    2. Stakeholder network map for M&A transactions
    1. Business context implications for IT
    2. IT’s acquisition strategic direction
    1. Operating model for future state
    2. Transition team
    3. Governance structure
    4. M&A program metrics
    1. IT valuation framework
    1. Integration strategy
    2. RACI
    3. Communication plan
    1. Completed M&A program plan and strategy
    2. Prepared to assess target organization(s)

    What is the Discovery & Strategy phase?

    Pre-transaction state

    The Discovery & Strategy phase during an acquisition is a unique opportunity for many IT organizations. IT organizations that can participate in the acquisition transaction at this stage are likely considered a strategic partner of the business.

    For one-off acquisitions, IT being invited during this stage of the process is rare. However, for organizations that are preparing to engage in many acquisitions over the coming years, this type of strategy will greatly benefit from IT involvement. Again, the likelihood of participating in an M&A transaction is increasing, making it a smart IT leadership decision to, at the very least, loosely prepare a program plan that can act as a strategic pillar throughout the transaction.

    During this phase of the pre-transaction state, IT will also be asked to participate in ensuring that the potential organization being sought will be able to meet any IT-specific search criteria that was set when the transaction was put into motion.

    Goal: To identify a repeatable program plan that IT can leverage when acquiring all or parts of another organization’s IT environment, ensuring customer satisfaction and business continuity

    Discovery & Strategy Prerequisite Checklist

    Before coming into the Discovery & Strategy phase, you should have addressed the following:

    • Understand the business perspective of IT.
    • Know the key stakeholders and have outlined their relationships to the M&A process.
    • Be able to valuate the IT environment and communicate IT's value to the business.
    • Understand the rationale for the company's decisions to pursue an acquisition and the opportunities or pain points the acquisition should address.

    Discovery & Strategy

    Step 2.1

    Establish the M&A Program Plan

    Activities

    • 2.1.1 Create the mission and vision
    • 2.1.2 Identify the guiding principles
    • 2.1.3 Create the future-state operating model
    • 2.1.4 Determine the transition team
    • 2.1.5 Document the M&A governance
    • 2.1.6 Create program metrics

    This step involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Company M&A team

    Outcomes of Step

    Establish an M&A program plan that can be repeated across acquisitions.

    The vision and mission statements clearly articulate IT’s aspirations and purpose

    The IT vision statement communicates a desired future state of the IT organization, whereas the IT mission statement portrays the organization’s reason for being. While each serves its own purpose, they should both be derived from the business context implications for IT.

    Vision Statements

    Mission Statements

    Characteristics

    • Describe a desired future
    • Focus on ends, not means
    • Concise
    • Aspirational
    • Memorable
    • Articulate a reason for existence
    • Focus on how to achieve the vision
    • Concise
    • Easy to grasp
    • Sharply focused
    • Inspirational

    Samples

    To be a trusted advisor and partner in enabling business innovation and growth through an engaged IT workforce. (Source: Business News Daily) IT is a cohesive, proactive, and disciplined team that delivers innovative technology solutions while demonstrating a strong customer-oriented mindset. (Source: Forbes, 2013)

    2.1.1 Create the mission and vision statements

    2 hours

    Input: Business objectives, IT capabilities, Rationale for the transaction

    Output: IT’s mission and vision statements for growth strategies tied to mergers, acquisitions, and divestitures

    Materials: Flip charts/whiteboard, Markers, M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to create mission and vision statements that reflect IT’s intent and method to support the organization as it pursues a growth strategy.

    1. Review the definitions and characteristics of mission and vision statements.
    2. Brainstorm different versions of the mission and vision statements.
    3. Edit the statements until you get to a single version of each that accurately reflects IT’s role in the growth process.

    Record the results in the M&A Buy Playbook.

    Guiding principles provide a sense of direction

    IT guiding principles are shared, long-lasting beliefs that guide the use of IT in constructing, transforming, and operating the enterprise by informing and restricting IT investment portfolio management, solution development, and procurement decisions.

    A diagram illustrating the place of 'IT guiding principles' in the process of making 'Decisions on the use of IT'. There are four main items, connecting lines naming the type of process in getting from one step to the next, and a line underneath clarifying the questions asked at each step. On the far left, over the question 'What decisions should be made?', is 'Business context and IT implications'. This flows forward to 'IT guiding principles', and they are connected by 'Influence'. Next, over the question 'How should decisions be made?', is the main highlighted section. 'IT guiding principles' flows forward to 'Decisions on the use of IT', and they are connected by 'Guide and inform'. On the far right, over the question 'Who has the accountability and authority to make decisions?', is 'IT policies'. This flows back to 'Decisions on the use of IT', and they are connected by 'Direct and control'.

    IT principles must be carefully constructed to make sure they are adhered to and relevant

    Info-Tech has identified a set of characteristics that IT principles should possess. These characteristics ensure the IT principles are relevant and followed in the organization.

    Approach focused. IT principles should be focused on the approach – how the organization is built, transformed, and operated – as opposed to what needs to be built, which is defined by both functional and non-functional requirements.

    Business relevant. Create IT principles that are specific to the organization. Tie IT principles to the organization’s priorities and strategic aspirations.

    Long lasting. Build IT principles that will withstand the test of time.

    Prescriptive. Inform and direct decision making with actionable IT principles. Avoid truisms, general statements, and observations.

    Verifiable. If compliance can’t be verified, people are less likely to follow the principle.

    Easily Digestible. IT principles must be clearly understood by everyone in IT and by business stakeholders. IT principles aren’t a secret manuscript of the IT team. IT principles should be succinct; wordy principles are hard to understand and remember.

    Followed. Successful IT principles represent a collection of beliefs shared among enterprise stakeholders. IT principles must be continuously communicated to all stakeholders to achieve and maintain buy-in.

    In organizations where formal policy enforcement works well, IT principles should be enforced through appropriate governance processes.

    Consider the example principles below

    IT Principle Name

    IT Principle Statement

    1. Risk Management We will ensure that the organization’s IT Risk Management Register is properly updated to reflect all potential risks and that a plan of action against those risks has been identified.
    2. Transparent Communication We will ensure employees are spoken to with respect and transparency throughout the transaction process.
    3. Integration for Success We will create an integration strategy that enables the organization and clearly communicates the resources required to succeed.
    4. Managed Data We will handle data creation, modification, integration, and use across the enterprise in compliance with our data governance policy.
    5. Establish a single IT Environment We will identify, prioritize, and manage the applications and services that IT provides in order to eliminate redundant technology and maximize the value that users and customers experience.
    6. Compliance With Laws and Regulations We will operate in compliance with all applicable laws and regulations for both our organization and the potentially purchased organization.
    7. Defined Value We will create a plan of action that aligns with the organization’s defined value expectations.
    8. Network Readiness We will ensure that employees and customers have immediate access to the network with minimal or no outages.
    9. Operating to Succeed We will bring all of IT into a central operating model within two years of the transaction.

    2.1.2 Identify the guiding principles

    2 hours

    Input: Business objectives, IT capabilities, Rationale for the transaction, Mission and vision statements

    Output: IT’s guiding principles for growth strategies tied to mergers, acquisitions, and divestitures

    Materials: Flip charts/whiteboard, Markers, M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to create the guiding principles that will direct the IT organization throughout the growth strategy process.

    1. Review the role of guiding principles and the examples of guiding principles that organizations have used.
    2. Brainstorm different versions of the guiding principles. Each guiding principle should start with the phrase “We will…”
    3. Edit and consolidate the statements until you have a list of approximately eight to ten statements that accurately reflect IT’s role in the growth process.
    4. Review the guiding principles every six months to ensure they continue to support the delivery of the business’ growth strategy goals.

    Record the results in the M&A Buy Playbook.

    Create two IT teams to support the transaction

    IT M&A Transaction Team

    • The IT M&A Transaction Team should consist of the strongest members of the IT team who can be expected to deliver on unusual or additional tasks not asked of them in normal day-to-day operations.
    • The roles selected for this team will have very specific skills sets or deliver on critical integration capabilities, making their involvement in the combination of two or more IT environments paramount.
    • These individuals need to have a history of proving themselves very trustworthy, as they will likely be required to sign an NDA as well.
    • Expect to have to certain duplicate capabilities or roles across the M&A transaction team and operational team.

    IT Operational Team

    • This group is responsible for ensuring the business operations continue.
    • These employees might be those who are newer to the organization but can be counted on to deliver consistent IT services and products.
    • The roles of this team should ensure that end users or external customers remain satisfied.

    Key capabilities to support M&A

    Consider the following capabilities when looking at who should be a part of the M&A transaction team.

    Employees who have a significant role in ensuring that these capabilities are being delivered will be a top priority.

    Infrastructure

    • Systems Integration
    • Data Management

    Business Focus

    • Service-Level Management
    • Enterprise Architecture
    • Stakeholder Management
    • Project Management

    Risk & Security

    • Privacy Management
    • Security Management
    • Risk & Compliance Management

    Build a lasting and scalable operating model

    An operating model is an abstract visualization, used like an architect’s blueprint, that depicts how structures and resources are aligned and integrated to deliver on the organization’s strategy.

    It ensures consistency of all elements in the organizational structure through a clear and coherent blueprint before embarking on detailed organizational design.

    The visual should highlight which capabilities are critical to attaining strategic goals and clearly show the flow of work so that key stakeholders can understand where inputs flow in and outputs flow out of the IT organization.

    As you assess the current operating model, consider the following:

    • Does the operating model contain all the necessary capabilities your IT organization requires to be successful?
    • What capabilities should be duplicated?
    • Are there individuals with the skill set to support those roles? If not, is there a plan to acquire or develop those skills?
    • A dedicated project team strictly focused on M&A is great. However, is it feasible for your organization? If not, what blockers exist?
    A diagram with 'Initiatives' and 'Solutions' on the left and right of an area chart, 'Customer' at the top, the area between them labelled 'Functional Area n', and six horizontal bars labelled 'IT Capability' stacked on top of each other. The 'IT Capability' bars are slightly skewed to the 'Solutions' side of the chart.

    Info-Tech Insight

    Investing time up-front getting the operating model right is critical. This will give you a framework to rationalize future organizational changes, allowing you to be more iterative and allowing your model to change as the business changes.

    2.1.3 Create the future-state operating model

    4 hours

    Input: Current operating model, IT strategy, IT capabilities, M&A-specific IT capabilities, Business objectives, Rationale for the transaction, Mission and vision statements

    Output: Future-state operating model

    Materials: Operating model, Capability overlay, Flip charts/whiteboard, Markers, M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to establish what the future-state operating model will be if your organization needs to adjust to support a growth transaction.

    1. Ensuring that all the IT capabilities are identified by the business and IT strategy, document your organization’s current operating model.
    2. Identify what core capabilities would be critical to the buying transaction process and integration. Highlight and make copies of those capabilities in the M&A Buy Playbook.
    3. Arrange the capabilities to clearly show the flow of inputs and outputs. Identify critical stakeholders of the process (such as customers or end users) if that will help the flow.
    4. Ensure the capabilities that will be decentralized are clearly identified. Decentralized capabilities do not exist within the central IT organization but rather in specific lines of businesses or products to better understand needs and deliver on the capability.

    An example operating model is included in the M&A Buy Playbook. This process benefits from strong reference architecture and capability mapping ahead of time.

    Record the results in the M&A Buy Playbook.

    2.1.4 Determine the transition team

    3 hours

    Input: IT capabilities, Future-state operating model, M&A-specific IT capabilities, Business objectives, Rationale for the transaction, Mission and vision statements

    Output: Transition team

    Materials: Reference architecture, Organizational structure, Flip charts/whiteboard, Markers

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to create a team that will support your IT organization throughout the transaction. Determining which capabilities and therefore which roles will be required ensures that the business will continue to get the operational support it needs.

    1. Based on the outcome of activity 2.1.3, review the capabilities that your organization will require on the transition team. Group capabilities into functional groups containing capabilities that are aligned well with one another because they have similar responsibilities and functionalities.
    2. Replace the capabilities with roles. For example, stakeholder management, requirements gathering, and project management might be one functional group. Project management and stakeholder management might combine to create a project manager role.
    3. Review the examples in the M&A Buy Playbook and identify which roles will be a part of the transition team.

    For more information, see Redesign Your Organizational Structure

    What is governance?

    And why does it matter so much to IT and the M&A process?

    • Governance is the method in which decisions get made, specifically as they impact various resources (time, money, and people).
    • Because M&A is such a highly governed transaction, it is important to document the governance bodies that exist in your organization.
    • This will give insight into what types of governing bodies there are, what decisions they make, and how that will impact IT.
    • For example, funds to support integration need to be discussed, approved, and supplied to IT from a governing body overseeing the acquisition.
    • A highly mature IT organization will have automated governance, while a seemingly non-existent governance process will be considered ad hoc.
    A pyramid with four levels representing the types of governing bodies that are available with differing levels of IT maturity. An arrow beside the pyramid points upward. The bottom of the arrow is labelled 'Traditional (People and document centric)' and the top is labelled 'Adaptive (Data centric)'. Starting at the bottom of the pyramid is level 1 'Ad Hoc Governance', 'Governance that is not well defined or understood within the organization. It occurs out of necessity but often not by the right people'. Level 2 is 'Controlled Governance', 'Governance focused on compliance and decisions driven by hierarchical authority. Levels of authority are defined and often driven by regulatory'. Level 3 is 'Agile Governance', 'Governance that is flexible to support different needs and quick response in the organization. Driven by principles and delegated throughout the company'. At the top of the pyramid is level 4 'Automated Governance', 'Governance that is entrenched and automated into organizational processes and product/service design. Empowered and fully delegated governance to maintain fit and drive organizational success and survival'.

    2.1.5 Document M&A governance

    1-2 hours

    Input: List of governing bodies, Governing body committee profiles, Governance structure

    Output: Documented method on how decisions are made as it relates to the M&A transaction

    Materials: Flip charts/whiteboard, Markers, M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to determine the method in which decisions are made throughout the M&A transaction as it relates to IT. This will require understanding both governing bodies internal to IT and those external to IT.

    1. First, determine the other governance structures within the organization that will impact the decisions made about M&A. List out these bodies or committees.
    2. Create a profile for each committee that looks at the membership, purpose of the committee, decision areas (authority), and the process of inputs and outputs. Ensure IT committees that will have a role in this process are also documented. Consider the benefits realized, risks, and resources required for each.
    3. Organize the committees into a structure, identifying the committees that have a role in defining the strategy, designing and building, and running.

    Record the results in the M&A Buy Playbook.

    Current-state structure map – definitions of tiers

    Strategy: These groups will focus on decisions that directly connect to the strategic direction of the organization.

    Design & Build: The second tier of groups will oversee prioritization of a certain area of governance as well as design and build decisions that feed into strategic decisions.

    Run: The lowest level of governance will be oversight of more-specific initiatives and capabilities within IT.

    Expect tier overlap. Some committees will operate in areas that cover two or three of these governance tiers.

    Measure the IT program’s success in terms of its ability to support the business’ M&A goals

    Upper management will measure IT’s success based on your ability to support the underlying reasons for the M&A. Using business metrics will help assure business stakeholders that IT understands their needs and is working with the business to achieve them.

    Business-Specific Metrics

    • Revenue Growth: Increase in the top line as seen by market expansion, product expansion, etc. by percentage/time.
    • Synergy Extraction: Reduction in costs as determined by the ability to identify and eliminate redundancies over time.
    • Profit Margin Growth: Increase in the bottom line as a result of increased revenue growth and/or decreased costs over time.

    IT-Specific Metrics

    • IT operational savings and cost reductions due to synergies: Operating expenses, capital expenditures, licenses, contracts, applications, infrastructure over time.
    • Reduction in IT staff expense and headcount: Decreased budget allocated to IT staff, and ability to identify and remove redundancies in staff.
    • Meeting or improving on IT budget estimates: Delivering successful IT integration on a budget that is the same or lower than the budget estimated during due diligence.
    • Meeting or improving on IT time-to-integration estimates: Delivering successful IT integration on a timeline that is the same or shorter than the timeline estimated during due diligence.
    • Business capability support: Delivering the end state of IT that supports the expected business capabilities and growth.

    Establish your own metrics to gauge the success of IT

    Establish SMART M&A Success Metrics

    S pecific Make sure the objective is clear and detailed.
    M easurable Objectives are measurable if there are specific metrics assigned to measure success. Metrics should be objective.
    A ctionable Objectives become actionable when specific initiatives designed to achieve the objective are identified.
    R ealistic Objectives must be achievable given your current resources or known available resources.
    T ime-Bound An objective without a timeline can be put off indefinitely. Furthermore, measuring success is challenging without a timeline.
    • What should IT consider when looking to identify potential additions, deletions, or modifications that will either add value to the organization or reduce costs/risks?
    • Provide a definition of synergies.
    • IT operational savings and cost reductions due to synergies: Operating expenses, capital expenditures, licenses, contracts, applications, infrastructure.
    • Reduction in IT staff expense and headcount: Decreased budget allocated to IT staff, and ability to identify and remove redundancies in staff.
    • Meeting or improving on IT budget estimates: Delivering successful IT integration on a budget that is the same or lower than the budget estimated during due diligence.
    • Meeting or improving on IT time-to-integration estimates: Delivering successful IT integration on a timeline that is the same or shorter than the timeline estimated during due diligence.
    • Revenue growth: Increase in the top line as a result, as seen by market expansion, product expansion, etc.
    • Synergy extraction: Reduction in costs, as determined by the ability to identify and eliminate redundancies.
    • Profit margin growth: Increase in the bottom line as a result of increased revenue growth and/or decreased costs.

    Metrics for each phase

    1. Proactive

    2. Discovery & Strategy

    3. Valuation & Due Diligence

    4. Execution & Value Realization

    • % Share of business innovation spend from overall IT budget
    • % Critical processes with approved performance goals and metrics
    • % IT initiatives that meet or exceed value expectation defined in business case
    • % IT initiatives aligned with organizational strategic direction
    • % Satisfaction with IT's strategic decision-making abilities
    • $ Estimated business value added through IT-enabled innovation
    • % Overall stakeholder satisfaction with IT
    • % Percent of business leaders that view IT as an Innovator
    • % IT budget as a percent of revenue
    • % Assets that are not allocated
    • % Unallocated software licenses
    • # Obsolete assets
    • % IT spend that can be attributed to the business (chargeback or showback)
    • % Share of CapEx of overall IT budget
    • % Prospective organizations that meet the search criteria
    • $ Total IT cost of ownership (before and after M&A, before and after rationalization)
    • % Business leaders that view IT as a Business Partner
    • % Defects discovered in production
    • $ Cost per user for enterprise applications
    • % In-house-built applications vs. enterprise applications
    • % Owners identified for all data domains
    • # IT staff asked to participate in due diligence
    • Change to due diligence
    • IT budget variance
    • Synergy target
    • % Satisfaction with the effectiveness of IT capabilities
    • % Overall end-customer satisfaction
    • $ Impact of vendor SLA breaches
    • $ Savings through cost-optimization efforts
    • $ Savings through application rationalization and technology standardization
    • # Key positions empty
    • % Frequency of staff turnover
    • % Emergency changes
    • # Hours of unplanned downtime
    • % Releases that cause downtime
    • % Incidents with identified problem record
    • % Problems with identified root cause
    • # Days from problem identification to root cause fix
    • % Projects that consider IT risk
    • % Incidents due to issues not addressed in the security plan
    • # Average vulnerability remediation time
    • % Application budget spent on new build/buy vs. maintenance (deferred feature implementation, enhancements, bug fixes)
    • # Time (days) to value realization
    • % Projects that realized planned benefits
    • $ IT operational savings and cost reductions that are related to synergies/divestitures
    • % IT staff–related expenses/redundancies
    • # Days spent on IT integration
    • $ Accurate IT budget estimates
    • % Revenue growth directly tied to IT delivery
    • % Profit margin growth

    2.1.6 Create program metrics

    1-2 hours

    Input: IT capabilities, Mission, vision, and guiding principles, Rationale for the acquisition

    Output: Program metrics to support IT throughout the M&A process

    Materials: Flip charts/whiteboard, Markers, M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to determine how IT’s success throughout a growth transaction will be measured and determined.

    1. Document a list of appropriate metrics on the whiteboard. Remember to include metrics that demonstrate the business impact. You can use the sample metrics listed on the previous slide as a starting point.
    2. Set a target and deadline for each metric. This will help the group determine when it is time to evaluate progression.
    3. Establish a baseline for each metric based on information collected within your organization.
    4. Assign an owner for tracking each metric as well as someone to be accountable for performance.

    Record the results in the M&A Buy Playbook.

    Discovery & Strategy

    Step 2.2

    Prepare IT to Engage in the Acquisition

    Activities

    • 2.2.1 Establish the integration strategy
    • 2.2.2 Conduct a RACI
    • 2.2.3 Create the communication plan
    • 2.2.4 Assess the potential organization(s)

    This step involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Company M&A team

    Outcomes of Step

    Identify IT’s plan of action when it comes to the acquisition and align IT’s integration strategy with the business’ M&A strategy.

    Integration strategies

    There are several IT integration strategies that will help you achieve your target technology environment.

    IT Integration Strategies
    • Absorption. Convert the target organization’s strategy, structure, processes, and/or systems to that of the acquiring organization.
    • Best-of-Breed. Pick and choose the most effective people, processes, and technologies to form an efficient operating model.
    • Transformation Retire systems from both organizations and use collective capabilities, data, and processes to create something entirely new.
    • Preservation Retain individual business units that will operate within their own capability. People, processes, and technologies are unchanged.

    The approach IT takes will depend on the business objectives for the M&A.

    • Generally speaking, the integration strategy is well understood and influenced by the frequency of and rationale for acquiring.
    • Based on the initiatives generated by each business process owner, you need to determine the IT integration strategy that will best support the desired target technology environment.

    Key considerations when choosing an IT integration strategy include:

    • What are the main business objectives of the M&A?
    • What are the key synergies expected from the transaction?
    • What IT integration best helps obtain these benefits?
    • What opportunities exist to position the business for sustainable growth?

    Absorption and best-of-breed

    Review highlights and drawbacks of absorption and best-of-breed integration strategies

    Absorption
      Highlights
    • Recommended for businesses striving to reduce costs and drive efficiency gains.
    • Economies of scale realized through consolidation and elimination of redundant applications.
    • Quickest path to a single company operation and systems as well as lower overall IT cost.
      Drawbacks
    • Potential for disruption of the target company’s business operations.
    • Requires significant business process changes.
    • Disregarding the target offerings altogether may lead to inferior system decisions that do not yield sustainable results.
    Best-of-Breed
      Highlights
    • Recommended for businesses looking to expand their market presence or acquire new products. Essentially aligning the two organizations in the same market.
    • Each side has a unique offering but complementing capabilities.
    • Potential for better buy-in from the target because some of their systems are kept, resulting in willingness to
      Drawbacks
    • May take longer to integrate because it tends to present increased complexity that results in higher costs and risks.
    • Requires major integration efforts from both sides of the company. If the target organization is uncooperative, creating the desired technology environment will be difficult.

    Transformation and preservation

    Review highlights and drawbacks of transformation and preservation integration strategies

    Transformation
      Highlights
    • This is the most customized approach, although it is rarely used.
    • It is essential to have an established long-term vision of business capabilities when choosing this path.
    • When executed correctly, this approach presents potential for significant upside and creation of sustainable competitive advantages.
      Drawbacks
    • This approach requires extensive time to implement, and the cost of integration work may be significant.
    • If a new system is created without strategic capabilities, the organizations will not realize long-term benefits.
    • The cost of correcting complexities at later stages in the integration effort may be drastic.
    Preservation
      Highlights
    • This approach is appropriate if the merging organizations will remain fairly independent, if there will be limited or no communication between companies, and if the companies’ market strategies, products, and channels are entirely distinct.
    • Environment can be accomplished quickly and at a low cost.
      Drawbacks
    • Impact to each business is minimal, but there is potential for lost synergies and higher operational costs. This may be uncontrollable if the natures of the two businesses are too different to integrate.
    • Reduced benefits and limited opportunities for IT integration.

    2.2.1 Establish the integration strategy

    1-2 hours

    Input: Business integration strategy, Guiding principles, M&A governance

    Output: IT’s integration strategy

    Materials: Flip charts/whiteboard, Markers, M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to determine IT’s approach to integration. The approach might differ slightly from transaction to transaction. However, the business’ approach to transactions should give insight into the general integration strategy IT should adopt.

    1. Make sure you have clearly articulated the business objectives for the M&A, the technology end state for IT, and the magnitude of the overall integration.
    2. Review and discuss the highlights and drawbacks of each type of integration.
    3. Use Info-Tech’s Integration Posture Selection Framework on the next slide to select the integration posture that will appropriately enable the business. Consider these questions during your discussion:
      1. What are the main business objectives of the M&A? What key IT capabilities will need to support business objectives?
      2. What key synergies are expected from the transaction? What opportunities exist to position the business for sustainable growth?
      3. What IT integration best helps obtain these benefits?

    Record the results in the M&A Buy Playbook.

    Integration Posture Selection Framework

    Business M&A Strategy

    Resultant Technology Strategy

    M&A Magnitude (% of Acquirer Assets, Income, or Market Value)

    IT Integration Posture

    A. Horizontal Adopt One Model ‹10% Absorption
    10 to 75% Absorption or Best-of-Breed
    ›75% Best-of-Breed
    B. Vertical Create Links Between Critical Systems Any
    • Preservation (Differentiated Functions)
    • Absorption or Best-of-Breed (Non-Differentiated Functions)
    C. Conglomerate Independent Model Any Preservation
    D. Hybrid: Horizontal & Conglomerate Independent Model Any Preservation

    2.2.2 Conduct a RACI

    1-2 hours

    Input: IT capabilities, Transition team, Integration strategy

    Output: Completed RACI for transition team

    Materials: Reference architecture, Organizational structure, Flip charts/whiteboard, Markers, M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to identify the core accountabilities and responsibilities for the roles identified as critical to your transition team. While there might be slight variation from transaction to transaction, ideally each role should be performing certain tasks.

    1. First, identify a list of critical tasks that need to be completed to support the purchase or acquisition. For example:
      • Communicate with the company M&A team.
      • Identify critical IT risks that could impact the organization after the transaction.
      • Identify key artifacts to collect and review during due diligence.
    2. Next, identify at the activity level which role is accountable or responsible for each activity. Enter an A for accountable, R for responsible, or A/R for both.

    Record the results in the M&A Buy Playbook.

    Communication and change

    Prepare key stakeholders for the potential changes

    • Anytime you are starting a project or program that will depend on users and stakeholders to give up their old way of doing things, change will force people to become novices again, leading to lost productivity and added stress.
    • Change management can improve outcomes for any project where you need people to adopt new tools and procedures, comply with new policies, learn new skills and behaviors, or understand and support new processes.
    • M&As move very quickly, and it can be very difficult to keep track of which stakeholders you need to be communicating with and what you should be communicating.
    • Not all organizations embrace or resist change in the same ways. Base your change communications on your organization’s cultural appetite for change in general.
      • Organizations with a low appetite for change will require more direct, assertive communications.
      • Organizations with a high appetite for change are more suited to more open, participatory approaches.

    Three key dimensions determine the appetite for cultural change:

    • Power Distance. Refers to the acceptance that power is distributed unequally throughout the organization.
      In organizations with a high power distance, the unequal power distribution is accepted by the less powerful employees.
    • Individualism. Organizations that score high in individualism have employees who are more independent. Those who score low in individualism fall into the collectivism side, where employees are strongly tied to one another or their groups.
    • Uncertainty Avoidance. Describes the level of acceptance that an organization has toward uncertainty. Those who score high in this area find that their employees do not favor uncertain situations, while those that score low in this area find that their employees are comfortable with change and uncertainty.

    2.2.3 Create the communication plan

    1-2 hours

    Input: IT’s M&A mission, vision, and guiding principles, M&A transition team, IT integration strategy, RACI

    Output: IT’s M&A communication plan

    Materials: Flip charts/whiteboard, Markers, RACI, M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to create a communication plan that IT can leverage throughout the initiative.

    1. Create a structured communication plan that allows for continuous communication with the integration management office, senior management, and the business functional heads.
    2. Outline key topics of communication, with stakeholders, inputs, and outputs for each topic.
    3. Review Info-Tech’s example communication plan in the M&A Buy Playbook and update it with relevant information.
    4. Does this communication plan make sense for your organization? What doesn’t make sense? Adjust the communication guide to suit your organization.

    Record the results in the M&A Buy Playbook.

    Assessing potential organizations

    As soon as you have identified organizations to consider, it’s imperative to assess critical risks. Most IT leaders can attest that they will receive little to no notice when they have to assess the IT organization of a potential purchase. As a result, having a standardized template to quickly gauge the value of the business can be critical.

    Ways to Assess

    1. News: Assess what sort of news has been announced in relation to the organization. Have they had any risk incidents? Has a critical vendor announced working with them?
    2. LinkedIn: Scan through the LinkedIn profiles of employees. This will give you a sense of what platforms they have based on their employees.
    3. Trends: Some industries will have specific solutions that are relevant and popular. Assess what the key players are (if you don’t already know) to determine the solution.
    4. Business Architecture: While this assessment won’t perfect, try to understand the business’ value streams and the critical business and IT capabilities that would be needed to support them.

    2.2.4 Assess the potential organization(s)

    1-2 hours

    Input: Publicized historical risk events, Solutions and vendor contracts likely in the works, Trends

    Output: IT’s valuation of the potential organization(s) for acquisition

    Materials: M&A Buy Playbook

    Participants: IT executive/CIO

    The purpose of this activity is to assess the organization(s) that your organization is considering purchasing.

    1. Complete the Historical Valuation Worksheet in the M&A Buy Playbook to understand the type of IT organization that your company may inherit and need to integrate with.
      • The business likely isn’t looking for in-depth details at this time. However, as the IT leader, it is your responsibility to ensure critical risks are identified and communicated to the business.
    2. Use the information identified to help the business narrow down which organizations should be targeted for the acquisition.

    Record the results in the M&A Buy Playbook.

    By the end of this pre-transaction phase you should:

    Have a program plan for M&As and a repeatable M&A strategy for IT when engaging in growth transactions

    Key outcomes from the Discovery & Strategy phase
    • Be prepared to analyze and recommend potential organizations that the business can acquire or merge with, using a strong program plan that can be repeated across transactions.
    • Create a M&A strategy that accounts for all the necessary elements of a transaction and ensures sufficient governance, capabilities, and metrics exist.
    Key deliverables from the Discovery & Strategy phase
    • Create vision and mission statements
    • Establish guiding principles
    • Create a future-state operating model
    • Identify the key roles for the transaction team
    • Identify and communicate the M&A governance
    • Determine target metrics
    • Identify the M&A operating model
    • Select the integration strategy framework
    • Conduct a RACI for key transaction tasks for the transaction team
    • Document the communication plan

    M&A Buy Blueprint

    Phase 3

    Due Diligence & Preparation

    Phase 1Phase 2

    Phase 3

    Phase 4
    • 1.1 Identify Stakeholders and Their Perspective of IT
    • 1.2 Assess IT’s Current Value and Future State
    • 1.3 Drive Innovation and Suggest Growth Opportunities
    • 2.1 Establish the M&A Program Plan
    • 2.2 Prepare IT to Engage in the Acquisition
    • 3.1 Assess the Target Organization
    • 3.2 Prepare to Integrate
    • 4.1 Execute the Transaction
    • 4.2 Reflection and Value Realization

    This phase will walk you through the following activities:

    • Drive value with a due diligence charter
    • Identify data room artifacts
    • Assess technical debt
    • Valuate the target IT organization
    • Assess culture
    • Prioritize integration tasks
    • Establish the integration roadmap
    • Identify the needed workforce supply
    • Estimate integration costs
    • Create an employee transition plan
    • Create functional workplans for employees
    • Align project metrics with identified tasks

    This phase involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Company M&A team
    • Business leaders
    • Prospective IT organization
    • Transition team

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Pre-Work

    Day 1

    Day 2

    Day 3

    Day 4

    Day 5

    Establish the Transaction FoundationDiscover the Motivation for IntegrationAssess the Target Organization(s)Create the Valuation FrameworkPlan the Integration RoadmapNext Steps and Wrap-Up (offsite)

    Activities

    • 0.1 Identify the rationale for the company's decisions to pursue an acquisition.
    • 0.2 Identify key stakeholders and determine the IT transaction team.
    • 0.3 Gather and evaluate the M&A strategy, future-state operating model, and governance.
    • 1.1 Review the business rationale for the acquisition.
    • 1.2 Identify pain points and opportunities tied to the acquisition.
    • 1.3 Establish the integration strategy.
    • 1.4 Create the due diligence charter.
    • 2.1 Create a list of IT artifacts to be reviewed in the data room.
    • 2.2 Conduct a technical debt assessment.
    • 2.3 Assess the current culture and identify the goal culture.
    • 2.4 Identify the needed workforce supply.
    • 3.1 Valuate the target organization’s data.
    • 3.2 Valuate the target organization’s applications.
    • 3.3 Valuate the target organization’s infrastructure.
    • 3.4 Valuate the target organization’s risk and security.
    • 3.5 Combine individual valuations to make a single framework.
    • 4.1 Prioritize integration tasks.
    • 4.2 Establish the integration roadmap.
    • 4.3 Establish and align project metrics with identified tasks.
    • 4.4 Estimate integration costs.
    • 5.1 Complete in-progress deliverables from previous four days.
    • 5.2 Set up review time for workshop deliverables and to discuss next steps.

    Deliverables

    1. IT strategy
    2. IT operating model
    3. IT governance structure
    4. M&A transaction team
    1. Business context implications for IT
    2. Integration strategy
    3. Due diligence charter
    1. Data room artifacts
    2. Technical debt assessment
    3. Culture assessment
    4. Workforce supply identified
    1. IT valuation framework to assess target organization(s)
    1. Integration roadmap and associated resourcing
    1. Acquisition integration strategy for IT

    What is the Due Diligence & Preparation phase?

    Mid-transaction state

    The Due Diligence & Preparation phase during an acquisition is a critical time for IT. If IT fails to proactively participate in this phase, IT will have to merely react to integration expectations set by the business.

    While not all IT organizations are able to participate in this phase, the evolving nature of M&As to be driven by digital and technological capabilities increases the rationale for IT being at the table. Identifying critical IT risks, which will inevitably be business risks, begins during the due diligence phase.

    This is also the opportunity for IT to plan how it will execute the planned integration strategy. Having access to critical information only available in data rooms will further enable IT to successfully plan and execute the acquisition to deliver the value the business is seeking through a growth transaction.

    Goal: To thoroughly evaluate all potential risks associated with the organization(s) being pursued and create a detailed plan for integrating the IT environments

    Due Diligence Prerequisite Checklist

    Before coming into the Due Diligence & Preparation phase, you must have addressed the following:

    • Understand the rationale for the company's decisions to pursue an acquisition and what opportunities or pain points the acquisition should alleviate.
    • Identify the key roles for the transaction team.
    • Identify the M&A governance.
    • Determine target metrics.
    • Select an integration strategy framework.
    • Conduct a RACI for key transaction tasks for the transaction team.

    Before coming into the Due Diligence & Preparation phase, we recommend addressing the following:

    • Create vision and mission statements.
    • Establish guiding principles.
    • Create a future-state operating model.
    • Identify the M&A operating model.
    • Document the communication plan.
    • Examine the business perspective of IT.
    • Identify key stakeholders and outline their relationship to the M&A process.
    • Be able to valuate the IT environment and communicate IT’s value to the business.

    The Technology Value Trinity

    Delivery of Business Value & Strategic Needs

    • Digital & Technology Strategy
      The identification of objectives and initiatives necessary to achieve business goals.
    • IT Operating Model
      The model for how IT is organized to deliver on business needs and strategies.
    • Information & Technology Governance
      The governance to ensure the organization and its customers get maximum value from the use of information and technology.

    All three elements of the Technology Value Trinity work in harmony to deliver business value and achieve strategic needs. As one changes, the others need to change as well.

    • Digital and IT Strategy tells you what you need to achieve to be successful.
    • IT Operating Model and Organizational Design is the alignment of resources to deliver on your strategy and priorities.
    • Information & Technology Governance is the confirmation of IT’s goals and strategy, which ensures the alignment of IT and business strategy. It’s the mechanism by which you continuously prioritize work to ensure that what is delivered is in line with the strategy. This oversight evaluates, directs, and monitors the delivery of outcomes to ensure that the use of resources results in the achieving the organization’s goals.

    Too often strategy, operating model and organizational design, and governance are considered separate practices. As a result, “strategic documents” end up being wish lists, and projects continue to be prioritized based on who shouts the loudest – not based on what is in the best interest of the organization.

    Due Diligence & Preparation

    Step 3.1

    Assess the Target Organization

    Activities

    • 3.1.1 Drive value with a due diligence charter
    • 3.1.2 Identify data room artifacts
    • 3.1.3 Assess technical debt
    • 3.1.4 Valuate the target IT organization
    • 3.1.5 Assess culture

    This step involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Company M&A team
    • Business leaders
    • Prospective IT organization
    • Transition team

    Outcomes of Step

    This step of the process is when IT should actively evaluate the target organization being pursued for acquisition.

    3.1.1 Drive value with a due diligence charter

    1-2 hours

    Input: Key roles for the transaction team, M&A governance, Target metrics, Selected integration strategy framework, RACI of key transaction tasks for the transaction team

    Output: IT Due Diligence Charter

    Materials: M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to create a charter leveraging the items completed in the previous phase, as listed on the Due Diligence Prerequisite Checklist slide, to gain executive sign-off.

    1. In the IT Due Diligence Charter in the M&A Buy Playbook, complete the aspects of the charter that are relevant for you and your organization.
    2. We recommend including these items in the charter:
      • Communication plan
      • Transition team roles
      • Goals and metrics for the transaction
      • Integration strategy
      • Acquisition RACI
    3. Once the charter has been completed, ensure that business executives agree to the charter and sign off on the plan of action.

    Record the results in the M&A Buy Playbook.

    3.1.2 Identify data room artifacts

    4 hours

    Input: Future-state operating model, M&A governance, Target metrics, Selected integration strategy framework, RACI of key transaction tasks for the transaction team

    Output: List of items to acquire and review in the data room

    Materials: Critical domain lists on following slides, M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team, Transition team

    The purpose of this activity is to create a list of the key artifacts that should be asked for and reviewed during the due diligence process.

    1. Review the lists on the following pages as a starting point. Identify which domains, stakeholders, artifacts, and information should be requested for the data room. This information should be directed to the target organization.
    2. IT leadership may or may not be asked to enter the data room directly. Therefore, it’s important that you clearly identify these artifacts.
    3. List each question or concern, select the associated workstream in the M&A Buy Playbook, and update the status of the information retrieval.
    4. Use the comments section to document your discoveries or concerns.

    Record the results in the M&A Buy Playbook.

    Critical domains

    Understand the key stakeholders and outputs for each domain

    Each critical domain will likely have different stakeholders who know that domain best. Communicate with these stakeholders throughout the M&A process to make sure you are getting accurate information and interpreting it correctly.

    Domain

    Stakeholders

    Key Artifacts

    Key Information to request

    Business
    • Enterprise Architecture
    • Business Relationship Manager
    • Business Process Owners
    • Business capability map
    • Capability map (the M&A team should be taking care of this, but make sure it exists)
    • Business satisfaction with various IT systems and services
    Leadership/IT Executive
    • CIO
    • CTO
    • CISO
    • IT budgets
    • IT capital and operating budgets (from current year and previous year)
    Data & Analytics
    • Chief Data Officer
    • Data Architect
    • Enterprise Architect
    • Master data domains, system of record for each
    • Unstructured data retention requirements
    • Data architecture
    • Master data domains, sources, and storage
    • Data retention requirements
    Applications
    • Applications Manager
    • Application Portfolio Manager
    • Application Architect
    • Applications map
    • Applications inventory
    • Applications architecture
    • Copy of all software license agreements
    • Copy of all software maintenance agreements
    Infrastructure
    • Head of Infrastructure
    • Enterprise Architect
    • Infrastructure Architect
    • Infrastructure Manager
    • Infrastructure map
    • Infrastructure inventory
    • Network architecture (including which data centers host which infrastructure and applications)
    • Inventory (including integration capabilities of vendors, versions, switches, and routers)
    • Copy of all hardware lease or purchase agreements
    • Copy of all hardware maintenance agreements
    • Copy of all outsourcing/external service provider agreements
    • Copy of all service-level agreements for centrally provided, shared services and systems
    Products and Services
    • Product Manager
    • Head of Customer Interactions
    • Product lifecycle
    • Product inventory
    • Customer market strategy

    Critical domains (continued)

    Understand the key stakeholders and outputs for each domain

    Domain

    Stakeholders

    Key Artifacts

    Key Information to request

    Operations
    • Head of Operations
    • Service catalog
    • Service overview
    • Service owners
    • Access policies and procedures
    • Availability and service levels
    • Support policies and procedures
    • Costs and approvals (internal and customer costs)
    IT Processes
    • CIO
    • IT Management
    • VP of IT Governance
    • VP of IT Strategy
    • IT process flow diagram
    • Processes in place and productivity levels (capacity)
    • Critical processes/processes the organization feels they do particularly well
    IT People
    • CIO
    • VP of Human Resources
    • IT organizational chart
    • Competency & capacity assessment
    • IT organizational structure (including resources from external service providers such as contractors) with appropriate job descriptions or roles and responsibilities
    • IT headcount and location
    Security
    • CISO
    • Security Architect
    • Security posture
    • Information security staff
    • Information security service providers
    • Information security tools
    • In-flight information security projects
    Projects
    • Head of Projects
    • Project portfolio
    • List of all future, ongoing, and recently completed projects
    Vendors
    • Head of Vendor Management
    • License inventory
    • Inventory (including what will and will not be transitioning, vendors, versions, number of licenses)

    Assess the target organization’s technical debt

    The other organization could be costly to purchase if not yet modernizing.

    • Consider the potential costs that your business will have to spend to get the other IT organization modernized or even digital.
    • This will be highly affected by your planned integration strategy.
    • A best-of-breed strategy might simply mean there's little to bring over from the other organization’s environment.
    • It’s often challenging to identify a direct financial cost for technical debt. Consider direct costs but also assess categories of impact that can have a long-term effect on your business: lost customer, staff, or business partner goodwill; limited flexibility and resilience; and health, safety, and compliance impacts.
    • Use more objective measures to track subjective impact. For example, consider the number of customers who could be significantly affected by each tech debt in the next quarter.

    Focus on solving the problems you need to address.

    Analyzing technical debt has value in that the analysis can help your organization make better risk management and resource allocation decisions.

    Review these examples of technical debt

    Do you have any of these challenges?

    Applications
    • Inefficient or incomplete code
    • Fragile or obsolete systems of record that limit the implementation of new functionality
    • Out-of-date IDEs or compilers
    • Unsupported applications
    Data & Analytics
    • Data presented via API that does not conform to chosen standards (EDI, NRF-ARTS, etc.)
    • Poor data governance
    • No transformation between OLTP and the data warehouse
    • Heavy use of OLTP for reporting
    • Lack of AI model and decision governance, maintenance
    End-User Computing
    • Aging and slow equipment
    • No configuration management
    • No MDM/UEM
    Security
    • Unpatched/unpatchable systems
    • Legacy firewalls
    • No data classification system
    • “Perimeter” security architecture
    • No documented security incident response
    • No policies, or unenforced policies
    Operations
    • Incomplete, ineffective, or undocumented business continuity and disaster recovery plans
    • Insufficient backups or archiving
    • Inefficient MACD processes
    • Application sprawl with no record of installed applications or licenses
    • No ticketing or ITSM system
    • No change management process
    • No problem management process
    • No event/alert management
    Infrastructure
    • End-of-life/unsupported equipment
    • Aging power or cooling systems
    • Water- or halon-based data center fire suppression systems
    • Out-of-date firmware
    • No DR site
    • Damaged or messy cabling
    • Lack of system redundancy
    • Integrated computers on business equipment (e.g. shop floor equipment, medical equipment) running out-of-date OS/software
    Project & Portfolio Management
    • No project closure process
    • Ineffective project intake process
    • No resource management practices

    “This isn’t a philosophical exercise. Knowing what you want to get out of this analysis informs the type of technical debt you will calculate and the approach you will take.” (Scott Buchholz, CTO, Deloitte Government & Public Services Practice, The Wall Street Journal, 2015)

    3.1.3 Assess technical debt

    1-2 hours

    Input: Participant views on organizational tech debt, Five to ten key technical debts, Business impact scoring scales, Reasonable next-quarter scenarios for each technical debt, Technical debt business impact analysis

    Output: Initial list of tech debt for the target organization

    Materials: Whiteboard, Sticky notes, Technical Debt Business Impact Analysis Tool, M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership, Business leaders, Transition team

    The purpose of this activity is to assess the technical debt of the other IT organization. Taking on unnecessary technical debt is one of the biggest risks to the IT environment

    1. This activity can be completed by leveraging the blueprint Manage Your Technical Debt, specifically the Technical Debt Business Impact Analysis Tool. Complete the following activities in the blueprint:
      • 1.2.1 Identify your technical debt
      • 1.2.2 Select tech debt for your impact analysis
      • 2.2.2 Estimate tech debt impact
      • 2.2.3 Identify the most-critical technical debts
    2. Review examples of technical debt in the previous slide to assist you with this activity.
    3. Document the results from tab 3, Impact Analysis, in the M&A Buy Playbook if you are trying to record all artifacts related to the transaction in one place.

    Record the results in the M&A Buy Playbook.

    How to valuate an IT environment

    And why it matters so much

    • Valuating the target organization’s IT environment is a critical step to fully understand what it might be worth. Business partners are often not in the position to valuate the IT aspects to the degree that you would be.
    • The business investments in IT can be directly translated to a value amount. Meaning for every $1 invested in IT, the business might be gaining $100 in value back or possibly even loosing $100.
    • Determining, documenting, and communicating this information ensures that the business takes IT’s suggestions seriously and recognizes why investing in IT can be so critical.
    • There are three ways a business or asset can be valuated:
      • Cost Approach: Look at the costs associated with building, purchasing, replacing, and maintaining a given aspect of the business.
      • Market Approach: Look at the relative value of a particular aspect of the business. Relative value can fluctuate and depends on what the markets and consequently society believe that particular element is worth.
      • Discounted Cash Flow Approach: Focus on what the potential value of the business could be or the intrinsic value anticipated due to future profitability.

    The IT valuation conducted during due diligence can have a significant impact on the final financials of the transaction for the business.

    3.1.4 Valuate the target IT organization

    1 day

    Input: Valuation of data, Valuation of applications, Valuation of infrastructure and operations, Valuation of security and risk

    Output: Valuation of target organization’s IT

    Materials: Relevant templates/tools, Capital budget, Operating budget, M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership, Prospective IT organization

    The purpose of this activity is to valuate the other IT organization.

    1. Review each of slides 42 to 45 to generate a valuation of IT’s data, applications, infrastructure, and security and risk. These valuations consider several tangible and intangible factors and result in a final dollar amount. For more information on this activity, review Activity 1.2.1 from the Proactive phase.
    2. Identify financial amounts for each critical area and add the financial output to the summary slide in the M&A Buy Playbook.
    3. Compare this information against your own IT organization’s valuation.
      1. Does it add value to your IT organization?
      2. Is there too much risk to accept if this transaction goes through?

    Info-Tech Insight

    Consistency is key when valuating your IT organization as well as other IT organizations throughout the transaction process.

    Record the results in the M&A Buy Playbook.

    Culture should not be overlooked, especially as it relates to the integration of IT environments

    • There are three types of culture that need to be considered.
    • Most importantly, this transition is an opportunity to change the culture that might exist in your organization’s IT environment.
    • Make a decision on which type of culture you’d like IT to have post-transition.

    Target Organization’s Culture

    The culture that the target organization is currently embracing. Their established and undefined governance practices will lend insight into this.

    Your Organization’s Culture

    The culture that your organization is currently embracing. Examine people’s attitudes and behaviors within IT toward their jobs and the organization.

    Ideal Culture

    What will the future culture of the IT organization be once integration is complete? Are there aspects that your current organization and the target organization embrace that are worth considering?

    Culture categories

    Map the results of the IT Culture Diagnostic to an existing framework

    Competitive
    • Autonomy
    • Confront conflict directly
    • Decisive
    • Competitive
    • Achievement oriented
    • Results oriented
    • High performance expectations
    • Aggressive
    • High pay for good performance
    • Working long hours
    • Having a good reputation
    • Being distinctive/different
    Innovative
    • Adaptable
    • Innovative
    • Quick to take advantage of opportunities
    • Risk taking
    • Opportunities for professional growth
    • Not constrained by rules
    • Tolerant
    • Informal
    • Enthusiastic
    Traditional
    • Stability
    • Reflective
    • Rule oriented
    • Analytical
    • High attention to detail
    • Organized
    • Clear guiding philosophy
    • Security of employment
    • Emphasis on quality
    • Focus on safety
    Cooperative
    • Team oriented
    • Fair
    • Praise for good performance
    • Supportive
    • Calm
    • Developing friends at work
    • Socially responsible

    Culture Considerations

    • What culture category was dominant for each IT organization?
    • Do you share the same dominant category?
    • Is your current dominant culture category the most ideal to have post-integration?

    3.1.5 Assess Culture

    3-4 hours

    Input: Cultural assessments for current IT organization, Cultural assessment for target IT organization

    Output: Goal for IT culture

    Materials: IT Culture Diagnostic, M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership, IT employees of current organization, IT employees of target organization, Company M&A team

    The purpose of this activity is to assess the different cultures that might exist within the IT environments of both organizations. More importantly, your IT organization can select its desired IT culture for the long term if it does not already exist.

    1. Complete this activity by leveraging the blueprint Fix Your IT Culture, specifically the IT Culture Diagnostic. Fill out the diagnostic for the IT department in your organization:
      1. Answer the 16 questions in tab 2, Diagnostic.
      2. Find out your dominant culture and review recommendations in tab 3, Results.
    2. Document the results from tab 3, Results, in the M&A Buy Playbook if you are trying to record all artifacts related to the transaction in one place.
    3. Repeat the activity for the target organization.
    4. Leverage the information to determine what the goal for the culture of IT will be post-integration if it will differ from the current culture.

    Record the results in the M&A Buy Playbook.

    Due Diligence & Preparation

    Step 3.2

    Prepare to Integrate

    Activities

    • 3.2.1 Prioritize integration tasks
    • 3.2.2 Establish the integration roadmap
    • 3.2.3 Identify the needed workforce supply
    • 3.2.4 Estimate integration costs
    • 3.2.5 Create an employee transition plan
    • 3.2.6 Create functional workplans for employees
    • 3.2.7 Align project metrics with identified tasks

    This step involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Transition team
    • Company M&A team

    Outcomes of Step

    Have an established plan of action toward integration across all domains and a strategy toward resources.

    Don’t underestimate the importance of integration preparation

    Integration is the process of combining the various components of one or more organizations into a single organization.

    80% of integration should happen within the first two years. (Source: CIO Dive)

    70% of M&A IT integrations fail due to components that could and should be addressed at the beginning. (Source: The Wall Street Journal, 2019)

    Info-Tech Insight

    Integration is not rationalization. Once the organization has integrated, it can prepare to rationalize the IT environment.

    Integration needs

    Identify your domain needs to support the target technology environment

    Set up a meeting with your IT due diligence team to:

    • Address data, applications, infrastructure, and other domain gaps.
    • Discuss the people and processes necessary to achieve the target technology environment and support M&A business objectives.

    Use this opportunity to:

    • Identify data and application complexities between your organization and the target organization.
    • Identify the IT people and process gaps, redundancies, and initiatives.
    • Determine your infrastructure needs and identify redundancies.
      • Does IT have the infrastructure to support the applications and business capabilities of the resultant enterprise?
      • Identify any gaps between the current infrastructure in both organizations and the infrastructure required in the resultant enterprise.
      • Identify any redundancies.
      • Determine the appropriate IT integration strategies.
    • Document your gaps, redundancies, initiatives, and assumptions to help you track and justify the initiatives that must be undertaken and help estimate the cost of integration.

    Integration implications

    Understand the implications for integration with respect to each target technology environment

    Domain

    Independent Models

    Create Links Between Critical Systems

    Move Key Capabilities to Common Systems

    Adopt One Model

    Data & Analytics

    • Consider data sources that might need to be combined (e.g. financials, email lists, internet).
    • Understand where each organization will warehouse its data and how it will be managed in a cost-effective manner.
    • Consider your reporting and transactional needs. Initially systems may remain separate, but eventually they will need to be merged.
    • Analyze whether or not the data types are compatible between companies.
    • Understand the critical data needs and the complexity of integration activities.
    • Consider your reporting and transactional needs. Initially systems may remain separate, but eventually they will need to be merged.
    • Focus on the master data domains that represent the core of your business.
    • Assess the value, size, location, and cleanliness of the target organization’s data sets.
    • Determine the data sets that will be migrated to capture expected synergies and drive core capabilities while addressing how other data sets will be maintained and managed.
    • Decide which applications to keep and which to terminate. This includes setting timelines for application retirement.
    • Establish interim linkages and common interfaces for applications while major migrations occur.

    Applications

    • Establish whether or not there are certain critical applications that still need to be linked (e.g. email, financials).
    • Leverage the unique strengths and functionalities provided by the applications used by each organization.
    • Confirm that adequate documentation and licensing exists.
    • Decide which critical applications need to be linked versus which need to be kept separate to drive synergies. For example, financial, email, and CRM may need to be linked, while certain applications may remain distinct.
    • Pay particular attention to the extent to which systems relating to customers, products, orders, and shipments need to be integrated.
    • Determine the key capabilities that require support from the applications identified by business process owners.
    • Assess which major applications need to be adopted by both organizations, based on the M&A goals.
    • Establish interim linkages and common interfaces for applications while major migrations occur.
    • Decide which applications to keep and which to terminate. This includes setting timelines for application retirement.
    • Establish interim linkages and common interfaces for applications while major migrations occur.

    Integration implications (continued)

    Understand the implications for integration with respect to each target technology environment

    Domain

    Independent Models

    Create Links Between Critical Systems

    Move Key Capabilities to Common Systems

    Adopt One Model

    Infrastructure

    • Assess the infrastructure demands created by retaining separate models (e.g. separate domains, voice, network integration).
    • Evaluate whether or not there are redundant data centers that could be consolidated to reduce costs.
    • Assess the infrastructure demands created by retaining separate models (e.g. separate domains, voice, network integration).
    • Evaluate whether or not there are redundant data centers that could be consolidated to reduce costs.
    • Evaluate whether certain infrastructure components, such as data centers, can be consolidated to support the new model while also eliminating redundancies. This will help reduce costs.
    • Assess which infrastructure components need to be kept versus which need to be terminated to support the new application portfolio. Keep in mind that increasing the transaction volume on a particular application increases the infrastructure capacity that is required for that application.
    • Extend the network to integrate additional locations.

    IT People & Processes

    • Retain workers from each IT department who possess knowledge of key products, services, and legacy systems.
    • Consider whether there are redundancies in staffing that could be eliminated.
    • The IT processes of each organization will most likely remain separate.
    • Consider the impact of the target organization on your IT processes.
    • Retain workers from each IT department who possess knowledge of key products, services, and legacy systems.
    • Consider whether there are redundancies in staffing that could be eliminated.
    • Consider how critical IT processes of the target organization fit with your current IT processes.
    • Identify which redundant staff members should be terminated by focusing on the key skills that will be necessary to support the common systems.
    • If there is overlap with the IT processes in both organizations, you may wish to map out both processes to get a sense for how they might work together.
    • Assess what processes will be prioritized to support IT strategies.
    • Identify which redundant staff members should be terminated by focusing on the key skills that will be necessary to support the prioritized IT processes.

    Integration implications (continued)

    Understand the implications for integration with respect to each target technology environment

    Domain

    Independent Models

    Create Links Between Critical Systems

    Move Key Capabilities to Common Systems

    Adopt One Model

    Leadership/IT Executive

    • Have insight into the goals and direction of the organization’s leadership. Make sure that a communication path has been established to receive information and provide feedback.
    • The decentralized model will require some form of centralization and strong governance processes to enable informed decisions.
    • Ensure that each area can deliver on its needs while not overstepping the goals and direction of the organization.
    • This will help with integration in the sense that front-line employees can see a single organization beginning to form.
    • In this model, there is the opportunity to select elements of each leadership style and strategy that will work for the larger organization.
    • Leadership can provide a single and unified approach to how the strategic goals will be executed.
    • More often than not, this would be the acquiring organization’s strategic direction.

    Vendors

    • Determine which contracts the target organization currently has in place.
    • Having different vendors in place will not be a bad model if it makes sense.
    • Spend time reviewing the contracts and ensuring that each organization has the right contracts to succeed.
    • Identify what redundancies might exist (ERPs, for example) and determine if the vendor would be willing to terminate one contract or another.
    • Through integration, it might be possible to engage in one set of contract negotiations for a single application or technology.
    • Identify whether there are opportunities to combine contracts or if they must remain completely separated until the end of the term.
    • In an effort to capitalize on the contracts working well, reduce the contracts that might be hindering the organization.
    • Speak to the vendor offering the contract.
    • Going forward, ensure the contracts are negotiated to include clauses to allow for easier and more cost-effective integration.

    Integration implications (continued)

    Understand the implications for integration with respect to each target technology environment

    Domain

    Independent Models

    Create Links Between Critical Systems

    Move Key Capabilities to Common Systems

    Adopt One Model

    Security

    • Both organizations would need to have a process for securing their organization.
    • Sharing and accessing information might be more difficult, as each organization would need to keep the other organization separate to ensure the organization remains secure.
    • Creating standard policies and procedures that each organization must adhere to would be critical here (for example, multifactor authentication).
    • Establish a single path of communication between the two organizations, ensuring reliable and secure data and information sharing.
    • Leverage the same solutions to protect the business as a whole from internal and external threats.
    • Identify opportunities where there might be user points of failure that could be addressed early in the process.
    • Determine what method of threat detection and response will best support the business and select that method to apply to the entire organization, both original and newly acquired.

    Projects

    • Projects remain ongoing as they were prior to the integration.
    • Some projects might be made redundant after the initial integration is over.
    • Re-evaluate the projects after integration to ensure they continue to deliver on the business’ strategic direction.
    • Determine which projects are similar to one another and identify opportunities to leverage business needs and solutions for each organization where possible.
    • Review project histories to determine the rationale for and success of projects that could be reused in either organization going forward.
    • Determine which projects should remain ongoing and which projects could wait to be implemented or could be completely stopped.
    • There might be certain modernization projects ongoing that cannot be stopped.
    • However, for all other projects, embrace a single portfolio.
    • Completely reduce or remove all ongoing projects from the one organization and continue with only the projects of the other organization.
    • Add in new projects when they arise as needed.

    3.2.1 Prioritize integration tasks

    2 hours

    Input: Integration tasks, Transition team, M&A RACI

    Output: Prioritized integration list

    Materials: Integration task checklist, Integration roadmap

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to prioritize the different integration tasks that your organization has identified as necessary to this transaction. Some tasks might not be relevant for this particular transaction, and others might be critical.

    1. Download the SharePoint or Excel version of the M&A Integration Project Management Tool. Identify which integration tasks you want as part of your project plan. Alter or remove any tasks that are irrelevant to your organization. Add in tasks you think are missing.
    2. When deciding criticality of the task, consider the effect on stakeholders, those who are impacted or influenced in the process of the task, and dependencies (e.g. data strategy needs to be addressed first before you can tackle its dependencies, like data quality).
    3. Feel free to edit the way you measure criticality. The standard tool leverages a three-point scale. At the end, you should have a list of tasks in priority order based on criticality.

    Record the updates in the M&A Integration Project Management Tool (SharePoint).

    Record the updates in the M&A Integration Project Management Tool (Excel).

    Integration checklists

    Prerequisite Checklist
    • Build the project plan for integration and prioritize activities
      • Plan first day
      • Plan first 30/100 days
      • Plan first year
    • Create an organization-aligned IT strategy
    • Identify critical stakeholders
    • Create a communication strategy
    • Understand the rationale for the acquisition or purchase
    • Develop IT's purchasing strategy
    • Determine goal opportunities
    • Create the mission and vision statements
    • Create the guiding principles
    • Create program metrics
    • Consolidate reports from due diligence/data room
    • Conduct culture assessment
    • Create a transaction team
    • Assess workforce demand and supply
    • Plan and communicate potential layoffs
    • Create an employee transition plan
    • Identify the IT investment
    Business
    • Design an enterprise architecture
    • Document your business architecture
    • Identify and assess all of IT's risks
    Leadership/IT Executive
    • Build an IT budget
    • Structure operating budget
    • Structure capital budget
    • Identify the needed workforce demand vs. capacity
    • Establish and monitor key metrics
    • Communicate value realized/cost savings
    Data
    • Confirm data strategy
    • Confirm data governance
    • Data architecture
    • Data sources
    • Data storage (on-premises vs. cloud)
    • Enterprise content management
    • Compatibility of data types between organizations
    • Cleanliness/usability of target organization data sets
    • Identify data sets that need to be combined to capture synergies/drive core capabilities
    • Reporting and analytics capabilities
    Applications
    • Prioritize and address critical applications
      • ERP
      • CRM
      • Email
      • HRIS
      • Financial
      • Sales
      • Risk
      • Security
    • Leverage application rationalization framework to determine applications to keep, terminate, or create
    • Develop method of integrating applications
    • Model critical applications that have dependencies on one another
    • Identify the infrastructure capacity required to support critical applications
    Operations
    • Communicate helpdesk/service desk information
    • Manage sales access to customer data
    • Determine locations and hours of operation
    • Consolidate phone lists and extensions
    • Synchronize email address books

    Integration checklists (continued)

    Infrastructure
    • Determine single network access
    • Manage organization domains
    • Consolidate data centers
    • Compile inventory of vendors, versions, switches, and routers
    • Review hardware lease or purchase agreements
    • Review outsourcing/service provider agreements
    • Review service-level agreements
    • Assess connectivity linkages between locations
    • Plan to migrate to a single email system if necessary
    Vendors
    • Establish a sustainable vendor management office
    • Review vendor landscape
    • Identify warranty options
    • Rationalize vendor services and solutions
    • Identify opportunities to mature the security architecture
    People
    • Design an IT operating model
    • Redesign your IT organizational structure
    • Conduct a RACI
    • Conduct a culture assessment and identify goal IT culture
    • Build an IT employee engagement program
    • Determine critical roles and systems/process/products they support
    • Create a list of employees to be terminated
    • Create employee transition plans
    • Create functional workplans
    Projects
    • Stop duplicate or unnecessary target organization projects
    • Communicate project intake process
    • Prioritize projects
    Products & Services
    • Ensure customer services requirements are met
    • Ensure customer interaction requirements are met
    • Select a solution for product lifecycle management
    Security
    • Conduct a security assessment of target organization
    • Develop accessibility prioritization and schedule
    • Establish an information security strategy
    • Develop a security awareness and training program
    • Develop and manage security governance, risk, and compliance
    • Identify security budget
    • Build a data privacy and classification program
    IT Processes
    • Evaluate current process models
    • Determine productivity/capacity levels of processes
    • Identify processes to be terminated
    • Identify process expectations from target organization
    • Establish a communication plan
    • Develop a change management process
    • Establish/review IT policies

    3.2.2 Establish the integration roadmap

    2 hours

    Input: Prioritized integration tasks, Employee transition plan, Integration RACI, Costs for activities, Activity owners

    Output: Integration roadmap

    Materials: M&A Integration Project Plan Tool (SharePoint), M&A Integration Project Plan Tool (Excel)

    Participants: IT executive/CIO, IT senior leadership, Transition team, Company M&A team

    The purpose of this activity is to create a roadmap to support IT throughout the integration process. Using the information gathered in previous activities, you can create a roadmap that will ensure a smooth integration.

    1. Leverage our M&A Integration Project Management Tool to track critical elements of the integration project. There are a few options available:
      1. Follow the instructions on the next slide if you are looking to upload our SharePoint project template.
      2. If you cannot or do not want to use SharePoint as your project management solution, download our Excel version of the tool.
        **Remember that this your tool, so customize to your liking.
    2. Identify who will own or be accountable for each of the integration tasks and establish the time frame for when each project should begin and end. This will confirm which tasks should be prioritized.

    Record the updates in the M&A Integration Project Management Tool (SharePoint).

    Record the updates in the M&A Integration Project Management Tool (Excel).

    Integration Project Management Tool (SharePoint Template)

    Follow these instructions to upload our template to your SharePoint environment

    1. Create or use an existing SP site.
    2. Download the M&A Integration Project Plan Tool (SharePoint) .wsp file from the Mergers & Acquisitions: The Buy Blueprint landing page.
    3. To import a template into your SharePoint environment, do the following:
      1. Open PowerShell.
      2. Connect-SPO Service (need to install PowerShell module).
      3. Enter in your tenant admin URL.
      4. Enter in your admin credentials.
      5. Set-SPO Site https://YourDomain.sharepoint.com/sites/YourSiteHe... -DenyAddAndCustomizePages 0
      OR
      1. Turn on both custom script features to allow users to run custom
    4. Screenshot of the 'Custom Script' option for importing a template into your SharePoint environment. Feature description reads 'Control whether users can run custom script on personal sites and self-service created sites. Note: changes to this setting might take up to 24 hours to take effect. For more information, see http://go.microsoft.com/fwlink/?LinkIn=397546'. There are options to prevent or allow users from running custom script on personal/self-service created sites.
    5. Enable the SharePoint Server Standard Site Collection features.
    6. Upload the .wsp file in Solutions Gallery.
    7. Deploy by creating a subsite and select from custom options.
      • Allow or prevent custom script
      • Security considerations of allowing custom script
      • Save, download, and upload a SharePoint site as a template
    8. Refer to Microsoft documentation to understand security considerations and what is and isn’t supported:

    For more information, check out the SharePoint Template: Step-by-Step Deployment Guide.

    Participate in active workforce planning to transition employees

    The chosen IT operating model, primary M&A goals, and any planned changes to business strategy will dramatically impact IT staffing and workforce planning efforts.

    Visualization of the three aspects of 'IT workforce planning', as listed below.

    IT workforce planning

    • Primary M&A goals
      If the goal of the M&A is cost cutting, then workforce planning will be necessary to identify labor redundancies.
    • Changes to business strategy
      If business strategy will change after the merger, then workforce planning will typically be more involved than if business strategy will not change.
    • Integration strategy
      For independent models, workforce planning will typically be unnecessary.
      For connection of essential systems or absorption, workforce planning will likely be an involved, time-consuming process.
    1. Estimate the headcount you will need through the end of the M&A transition period.
    2. Outline the process you will use to assess staff for roles that have more than one candidate.
    3. Review employees in each department to determine the best fit for each role.
    4. Determine whether terminations will happen all together or in waves.

    Info-Tech Insight

    Don’t be a short-term thinker when it comes to workforce planning! IT teams that only consider the headcount needed on day one of the new entity will end up scrambling to find skilled resources to fill workforce gaps later in the transition period.

    3.2.3 Identify the needed workforce supply

    3-4 hours

    Input: IT strategy, Prioritized integration tasks

    Output: A clear indication of how many resources are required for each role and the number of resources that the organization actually has

    Materials: Resource Management Supply-Demand Calculator

    Participants: IT executive/CIO, IT senior leadership, Target organization employees, Company M&A team, Transition team

    The purpose of this activity is to determine the anticipated amount of work that will be required to support projects (like integration), administrative, and keep-the-lights-on activities.

    1. Download the Resource Management Supply-Demand Calculator.
    2. The calculator requires minimal up-front staff participation: You can obtain meaningful results with participation from as few as one person with insight on the distribution of your resources and their average work week or month.
    3. The calculator will yield a report that shows a breakdown of your annual resource supply and demand, as well as the gap between the supply and demand. Further insight on project and non-project supply and demand are provided.
    4. Repeat the tool several times to identify the needs of your IT environment for day one, day 30/100, and year one. Anticipate that these will change over time. Also, do not forget to obtain this information from the target organization. Given that you will be integrating, it’s important to know how many staff they have in which roles.
    5. **For additional information, please review slides starting from slide 44 in Establish Realistic IT Resource Management Practices to see how to use the tool.

    Record the results in the Resource Management Supply-Demand Calculator.

    Resource Supply-Demand Calculator Output Example

    Example of a 'Resource Management Supply-Demand Analysis Report' with charts and tables measuring Annualized Resource Supply and Demand, Resource Capacity Confidence, Project Capacity, and combinations of those metrics.

    Resource Capacity Confidence. This figure is based on your confidence in supply confidence, demand stability, and the supply-demand ratio.

    Importance of estimating integration costs

    Change is the key driver of integration costs

    Integration costs are dependent on the following:
    • Meeting synergy targets – whether that be cost saving or growth related.
      • Employee-related costs, licensing, and reconfiguration fees play a huge part in meeting synergy targets.
    • Adjustments related to compliance or regulations – especially if there are changes to legal entities, reporting requirements, or risk-mitigation standards.
    • Governance or third party–related support required to ensure timelines are met and the integration is a success.
    Integration costs vary by industry type.
    • Certain industries may have integration costs made up of mostly one type, differing from other industries, due to the complexity and different demands of the transaction. For example:
      • Healthcare integration costs are mostly driven by regulatory, safety, and quality standards, as well as consolidation of the research and development function.
      • Energy and Utilities tend to have the lowest integration costs due to most transactions occurring within the same sector rather than as a cross-sector investment. For example, oil and gas acquisitions tend to be for oil fields and rigs (strategic fixed assets), which can easily be added to the buyer’s portfolio.

    Integration costs are more related to the degree of change required than the size of the transaction.

    3.2.4 Estimate integration costs

    3-4 hours

    Input: Integration tasks, Transition team, Valuation of current IT environment, Valuation of target IT environment, Outputs from data room, Technical debt, Employees

    Output: List of anticipated costs required to support IT integration

    Materials: Integration task checklist, Integration roadmap, M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team, Transition team

    The purpose of this activity is to estimate the costs that will be associated with the integration. It’s important to ensure a realistic figure is identified and communicated to the larger M&A team within your company as early in the process as possible. This ensures that the funding required for the transaction is secured and budgeted for in the overarching transaction.

    1. On the associated slide in the M&A Buy Playbook, input:
      • Task
      • Domain
      • Cost type
      • Total cost amount
      • Level of certainty around the cost
    2. Provide a copy of the estimated costs to the company’s M&A team. Also provide any additional information identified earlier to help them understand the importance of those costs.

    Record the results in the M&A Buy Playbook.

    Employee transition planning

    Considering employee impact will be a huge component to ensure successful integration

    • Meet With Leadership
    • Plan Individual and Department Redeployment
    • Plan Individual and Department Layoffs
    • Monitor and Manage Departmental Effectiveness
    • For employees, the transition could mean:
      • Changing from their current role to a new role to meet requirements and expectations throughout the transition.
      • Being laid off because the role they are currently occupying has been made redundant.
    • It is important to plan for what the M&A integration needs will be and what the IT operational needs will be.
    • A lack of foresight into this long-term plan could lead to undue costs and headaches trying to retain critical staff, rehiring positions that were already let go, and keeping redundant employees longer then necessary.

    Info-Tech Insight

    Being transparent throughout the process is critical. Do not hesitate to tell employees the likelihood that their job may be made redundant. This will ensure a high level of trust and credibility for those who remain with the organization after the transaction.

    3.2.5 Create an employee transition plan

    3-4 hours

    Input: IT strategy, IT organizational design, Resource Supply-Demand Calculator output

    Output: Employee transition plans

    Materials: M&A Buy Playbook, Whiteboard, Sticky notes, Markers

    Participants: IT executive/CIO, IT senior leadership, Company M&A team, Transition team

    The purpose of this activity is to create a transition plan for employees.

    1. Transition planning can be done at specific individual levels or more broadly to reflect a single role. Consider these four items in the transition plan:
      • Understand the direction of the employee transitions.
      • Identify employees that will be involved in the transition (moved or laid off).
      • Prepare to meet with employees.
      • Meet with employees.
    2. For each employee that will be facing some sort of change in their regular role, permanent or temporary, create a transition plan.
    3. For additional information on transitioning employees, review the blueprint Streamline Your Workforce During a Pandemic.

    **Note that if someone’s future role is a layoff, then there is no need to record anything for skills needed or method for skill development.

    Record the results in the M&A Buy Playbook.

    3.2.6 Create functional workplans for employees

    3-4 hours

    Input: Prioritized integration tasks, Employee transition plan, Integration RACI, Costs for activities, Activity owners

    Output: Employee functional workplans

    Materials: M&A Buy Playbook, Learning and development tools

    Participants: IT executive/CIO, IT senior leadership, IT management team, Company M&A team, Transition team

    The purpose of this activity is to create a functional workplan for the different employees so that they know what their key role and responsibilities are once the transaction occurs.

    1. First complete the transition plan from the previous activity (3.2.5) and the separation roadmap. Have these documents ready to review throughout this process.
    2. Identify the employees who will be transitioning to a new role permanently or temporarily. Creating a functional workplan is especially important for these employees.
    3. Identify the skills these employees need to have to support the separation. Record this in the corresponding slide in the M&A Buy Playbook.
    4. For each employee, identify someone who will be a point of contact for them throughout the transition.

    It is recommended that each employee have a functional workplan. Leverage the IT managers to support this task.

    Record the results in the M&A Buy Playbook.

    Metrics for integration

    Valuation & Due Diligence

    • % Defects discovered in production
    • $ Cost per user for enterprise applications
    • % In-house-built applications vs. enterprise applications
    • % Owners identified for all data domains
    • # IT staff asked to participate in due diligence
    • Change to due diligence
    • IT budget variance
    • Synergy target

    Execution & Value Realization

    • % Satisfaction with the effectiveness of IT capabilities
    • % Overall end-customer satisfaction
    • $ Impact of vendor SLA breaches
    • $ Savings through cost-optimization efforts
    • $ Savings through application rationalization and technology standardization
    • # Key positions empty
    • % Frequency of staff turnover
    • % Emergency changes
    • # Hours of unplanned downtime
    • % Releases that cause downtime
    • % Incidents with identified problem record
    • % Problems with identified root cause
    • # Days from problem identification to root cause fix
    • % Projects that consider IT risk
    • % Incidents due to issues not addressed in the security plan
    • # Average vulnerability remediation time
    • % Application budget spent on new build/buy vs. maintenance (deferred feature implementation, enhancements, bug fixes)
    • # Time (days) to value realization
    • % Projects that realized planned benefits
    • $ IT operational savings and cost reductions that are related to synergies/divestitures
    • % IT staff–related expenses/redundancies
    • # Days spent on IT integration
    • $ Accurate IT budget estimates
    • % Revenue growth directly tied to IT delivery
    • % Profit margin growth

    3.2.7 Align project metrics with identified tasks

    3-4 hours

    Input: Prioritized integration tasks, Employee transition plan, Integration RACI, Costs for activities, Activity owners, M&A goals

    Output: Integration-specific metrics to measure success

    Materials: Roadmap template, M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership, Transition team

    The purpose of this activity is to understand how to measure the success of the integration project by aligning metrics to each identified task.

    1. Review the M&A goals identified by the business. Your metrics will need to tie back to those business goals.
    2. Identify metrics that align to identified tasks and measure achievement of those goals. For each metric you consider, ask the following questions:
      • What is the main goal or objective that this metric is trying to solve?
      • What does success look like?
      • Does the metric promote the right behavior?
      • Is the metric actionable? What is the story you are trying to tell with this metric?
      • How often will this get measured?
      • Are there any metrics it supports or is supported by?

    Record the results in the M&A Buy Playbook.

    By the end of this mid-transaction phase you should:

    Have successfully evaluated the target organization’s IT environment, escalated the acquisition risks and benefits, and prepared IT for integration.

    Key outcomes from the Due Diligence & Preparation phase
    • Participate in due diligence activities to accurately valuate the target organization(s) and determine if there are critical risks or benefits the current organization should be aware of.
    • Create an integration roadmap that considers the tasks that will need to be completed and the resources required to support integration.
    Key deliverables from the Due Diligence & Preparation phase
    • Establish a due diligence charter
    • Create a list of data room artifacts and engage in due diligence
    • Assess the target organization’s technical debt
    • Valuate the target IT organization
    • Assess and plan for culture
    • Prioritize integration tasks
    • Establish the integration roadmap
    • Identify the needed workforce supply
    • Estimate integration costs
    • Create employee transition plans
    • Create functional workplans for employees
    • Align project metrics with identified tasks

    M&A Buy Blueprint

    Phase 4

    Execution & Value Realization

    Phase 1Phase 2Phase 3

    Phase 4

    • 1.1 Identify Stakeholders and Their Perspective of IT
    • 1.2 Assess IT’s Current Value and Future State
    • 1.3 Drive Innovation and Suggest Growth Opportunities
    • 2.1 Establish the M&A Program Plan
    • 2.2 Prepare IT to Engage in the Acquisition
    • 3.1 Assess the Target Organization
    • 3.2 Prepare to Integrate
    • 4.1 Execute the Transaction
    • 4.2 Reflection and Value Realization

    This phase will walk you through the following activities:

    • Rationalize the IT environment
    • Continually update the project plan
    • Confirm integration costs
    • Review IT’s transaction value
    • Conduct a transaction and integration SWOT
    • Review the playbook and prepare for future transactions

    This phase involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Vendor management team
    • IT transaction team
    • Company M&A team

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Pre-Work

    Day 1

    Day 2

    Day 3

    Engage in Integration

    Day 4

    Establish the Transaction FoundationDiscover the Motivation for IntegrationPlan the Integration RoadmapPrepare Employees for the TransitionEngage in IntegrationAssess the Transaction Outcomes (Must be within 30 days of transaction date)

    Activities

    • 0.1 Understand the rationale for the company's decisions to pursue an acquisition.
    • 0.2 Identify key stakeholders and determine the IT transaction team.
    • 0.3 Gather and evaluate the M&A strategy, future-state operating model, and governance.
    • 1.1 Review the business rationale for the acquisition.
    • 1.2 Identify pain points and opportunities tied to the acquisition.
    • 1.3 Establish the integration strategy.
    • 1.4 Prioritize Integration tasks.
    • 2.1 Establish the integration roadmap.
    • 2.2 Establish and align project metrics with identified tasks.
    • 2.3 Estimate integration costs.
    • 3.1 Assess the current culture and identify the goal culture.
    • 3.2 Identify the needed workforce supply.
    • 3.3 Create an employee transition plan.
    • 3.4 Create functional workplans for employees.
    • I.1 Complete the integration by regularly updating the project plan.
    • I.2 Begin to rationalize the IT environment where possible and necessary.
    • 4.1 Confirm integration costs.
    • 4.2 Review IT’s transaction value.
    • 4.3 Conduct a transaction and integration SWOT.
    • 4.4 Review the playbook and prepare for future transactions.

    Deliverables

    1. IT strategy
    2. IT operating model
    3. IT governance structure
    4. M&A transaction team
    1. Business context implications for IT
    2. Integration strategy
    1. Integration roadmap and associated resourcing
    1. Culture assessment
    2. Workforce supply identified
    3. Employee transition plan
    1. Rationalized IT environment
    2. Updated integration project plan
    1. SWOT of transaction
    2. M&A Buy Playbook refined for future transactions

    What is the Execution & Value Realization phase?

    Post-transaction state

    Once the transaction comes to a close, it’s time for IT to deliver on the critical integration tasks. Set the organization up for success by having an integration roadmap. Retaining critical IT staff throughout this process will also be imperative to the overall transaction success.

    Throughout the integration process, roadblocks will arise and need to be addressed. However, by ensuring that employees, technology, and processes are planned for ahead of the transaction, you as IT will be able to weather those unexpected concerns with greater ease.

    Now that you as an IT leader have engaged in an acquisition, demonstrating the value IT was able to provide to the process is critical to establishing a positive and respected relationship with other senior leaders in the business. Be prepared to identify the positives and communicate this value to advance the business’ perception of IT.

    Goal: To carry out the planned integration activities and deliver the intended value to the business

    Execution Prerequisite Checklist

    Before coming into the Execution & Value Realization phase, you must have addressed the following:

    • Understand the rationale for the company's decisions to pursue an acquisition and what opportunities or pain points the acquisition should alleviate.
    • Identify the key roles for the transaction team.
    • Identify the M&A governance.
    • Determine target metrics and align to project tasks.
    • Select an integration strategy framework.
    • Conduct a RACI for key transaction tasks for the transaction team.
    • Create a list of data room artifacts and engage in due diligence (directly or indirectly).
    • Prioritize integration tasks.
    • Establish the integration roadmap.
    • Identify the needed workforce supply.
    • Create employee transition plans.

    Before coming into the Execution & Value Realization phase, we recommend addressing the following:

    • Create vision and mission statements.
    • Establish guiding principles.
    • Create a future-state operating model.
    • Identify the M&A operating model.
    • Document the communication plan.
    • Examine the business perspective of IT.
    • Identify key stakeholders and outline their relationship to the M&A process.
    • Be able to valuate the IT environment and communicate IT's value to the business.
    • Establish a due diligence charter.
    • Assess the target organization’s technical debt.
    • Valuate the target IT organization.
    • Assess and plan for culture.
    • Estimate integration costs.
    • Create functional workplans for employees.

    Integration checklists

    Prerequisite Checklist
    • Build the project plan for integration and prioritize activities
      • Plan first day
      • Plan first 30/100 days
      • Plan first year
    • Create an organization-aligned IT strategy
    • Identify critical stakeholders
    • Create a communication strategy
    • Understand the rationale for the acquisition or purchase
    • Develop IT's purchasing strategy
    • Determine goal opportunities
    • Create the mission and vision statements
    • Create the guiding principles
    • Create program metrics
    • Consolidate reports from due diligence/data room
    • Conduct culture assessment
    • Create a transaction team
    • Assess workforce demand and supply
    • Plan and communicate potential layoffs
    • Create an employee transition plan
    • Identify the IT investment
    Business
    • Design an enterprise architecture
    • Document your business architecture
    • Identify and assess all of IT's risks
    Leadership/IT Executive
    • Build an IT budget
    • Structure operating budget
    • Structure capital budget
    • Identify the needed workforce demand vs. capacity
    • Establish and monitor key metrics
    • Communicate value realized/cost savings
    Data
    • Confirm data strategy
    • Confirm data governance
    • Data architecture
    • Data sources
    • Data storage (on-premises vs. cloud)
    • Enterprise content management
    • Compatibility of data types between organizations
    • Cleanliness/usability of target organization data sets
    • Identify data sets that need to be combined to capture synergies/drive core capabilities
    • Reporting and analytics capabilities
    Applications
    • Prioritize and address critical applications
      • ERP
      • CRM
      • Email
      • HRIS
      • Financial
      • Sales
      • Risk
      • Security
    • Leverage application rationalization framework to determine applications to keep, terminate, or create
    • Develop method of integrating applications
    • Model critical applications that have dependencies on one another
    • Identify the infrastructure capacity required to support critical applications
    Operations
    • Communicate helpdesk/service desk information
    • Manage sales access to customer data
    • Determine locations and hours of operation
    • Consolidate phone lists and extensions
    • Synchronize email address books

    Integration checklists (continued)

    Infrastructure
    • Determine single network access
    • Manage organization domains
    • Consolidate data centers
    • Compile inventory of vendors, versions, switches, and routers
    • Review hardware lease or purchase agreements
    • Review outsourcing/service provider agreements
    • Review service-level agreements
    • Assess connectivity linkages between locations
    • Plan to migrate to a single email system if necessary
    Vendors
    • Establish a sustainable vendor management office
    • Review vendor landscape
    • Identify warranty options
    • Rationalize vendor services and solutions
    • Identify opportunities to mature the security architecture
    People
    • Design an IT operating model
    • Redesign your IT organizational structure
    • Conduct a RACI
    • Conduct a culture assessment and identify goal IT culture
    • Build an IT employee engagement program
    • Determine critical roles and systems/process/products they support
    • Create a list of employees to be terminated
    • Create employee transition plans
    • Create functional workplans
    Projects
    • Stop duplicate or unnecessary target organization projects
    • Communicate project intake process
    • Prioritize projects
    Products & Services
    • Ensure customer services requirements are met
    • Ensure customer interaction requirements are met
    • Select a solution for product lifecycle management
    Security
    • Conduct a security assessment of target organization
    • Develop accessibility prioritization and schedule
    • Establish an information security strategy
    • Develop a security awareness and training program
    • Develop and manage security governance, risk, and compliance
    • Identify security budget
    • Build a data privacy and classification program
    IT Processes
    • Evaluate current process models
    • Determine productivity/capacity levels of processes
    • Identify processes to be terminated
    • Identify process expectations from target organization
    • Establish a communication plan
    • Develop a change management process
    • Establish/review IT policies

    Execution & Value Realization

    Step 4.1

    Execute the Transaction

    Activities

    • 4.1.1 Rationalize the IT environment
    • 4.1.2 Continually update the project plan

    This step involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Vendor management team
    • IT transaction team
    • Company M&A team

    Outcomes of Step

    Successfully execute on the integration and strategize how to rationalize the two (or more) IT environments and update the project plan, strategizing against any roadblocks as they might come.

    Compile –› Assess –› Rationalize

    Access to critical information often does not happen until day one

    • As the transaction comes to a close and the target organization becomes the acquired organization, it’s important to start working on the rationalization of your organization.
    • One of the most important elements will be to have a complete understanding of the acquired organization’s IT environment. Specifically, assess the technology, people, and processes that might exist.
    • This rationalization will be heavily dependent on your planned integration strategy determined in the Discovery & Strategy phase of the process.
    • If your IT organization was not involved until after that phase, then determine whether your organization plans on remaining in its original state, taking on the acquired organization’s state, or forming a best-of-breed state by combining elements.
    • To execute on this, however, a holistic understanding of the new IT environment is required.

    Some Info-Tech resources to support this initiative:

    • Reduce and Manage Your Organization’s Insider Threat Risk
    • Build an Application Rationalization Framework
    • Rationalize Your Collaboration Tools
    • Consolidate IT Asset Management
    • Build Effective Enterprise Integration on the Back of Business Process
    • Consolidate Your Data Centers

    4.1.1 Rationalize the IT environment

    6-12 months

    Input: RACI chart, List of critical applications, List of vendor contracts, List of infrastructure assets, List of data assets

    Output: Rationalized IT environment

    Materials: Software Terms & Conditions Evaluation Tool

    Participants: IT executive/CIO, IT senior leadership, Vendor management

    The purpose of this activity is to rationalize the IT environment to reduce and eliminate redundant technology.

    1. Compile a list of the various applications and vendor contracts from the acquired organization and the original organization.
    2. Determine where there is repetition. Have a member of the vendor management team review those contracts and identify cost-saving opportunities.

    This will not be a quick and easy activity to complete. It will require strong negotiation on the behalf of the vendor management team.

    For additional information and support for this activity, see the blueprint Master Contract Review and Negotiations for Software Agreements.

    4.1.2 Continually update the project plan

    Reoccurring basis following transition

    Input: Prioritized integration tasks, Integration RACI, Activity owners

    Output: Updated integration project plan

    Materials: M&A Integration Project Management Tool

    Participants: IT executive/CIO, IT senior leadership, IT transaction team, Company M&A team

    The purpose of this activity is to ensure that the project plan is continuously updated as your transaction team continues to execute on the various components outlined in the project plan.

    1. Set a regular cadence for the transaction team to meet, update and review the status of the various integration task items, and strategize how to overcome any roadblocks.
    2. Employ governance best practices in these meetings to ensure decisions can be made effectively and resources allocated strategically.

    Record the updates in the M&A Integration Project Management Tool (SharePoint).

    Record the updates in the M&A Integration Project Management Tool (Excel).

    Execution & Value Realization

    Step 4.2

    Reflection and Value Realization

    Activities

    • 4.2.1 Confirm integration costs
    • 4.2.2 Review IT’s transaction value
    • 4.2.3 Conduct a transaction and integration SWOT
    • 4.2.4 Review the playbook and prepare for future transactions

    This step involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Transition team
    • Company M&A team

    Outcomes of Step

    Review the value that IT was able to generate around the transaction and strategize on how to improve future acquisition transactions.

    4.2.1 Confirm integration costs

    3-4 hours

    Input: Integration tasks, Transition team, Previous RACI, Estimated costs

    Output: Actual integration costs

    Materials: M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership, IT transaction team, Company M&A team

    The purpose of this activity is to confirm the associated costs around integration. While the integration costs would have been estimated previously, it’s important to confirm the costs that were associated with the integration in order to provide an accurate and up-to-date report to the company’s M&A team.

    1. Taking all the original items identified previously in activity 3.2.4, identify if there were changes in the estimated costs. This can be an increase or a decrease.
    2. Ensure that each cost has a justification for why the cost changed from the original estimation.

    Record the results in the M&A Buy Playbook.

    Track synergy capture through the IT integration

    The ultimate goal of the M&A is to achieve and deliver deal objectives. Early in the M&A, IT must identify, prioritize, and execute upon synergies that deliver value to the business and its shareholders. Continue to measure IT’s contribution toward achieving the organization’s M&A goals throughout the integration by keeping track of cost savings and synergies that have been achieved. When these achievements happen, communicate them and celebrate success.

    1. Define Synergy Metrics: Select metrics to track synergies through the integration.
      1. You can track value by looking at percentages of improvement in process-level metrics depending on the synergies being pursued.
      2. For example, if the synergy being pursued is increasing asset utilization, metrics could range from capacity to revenue generated through increased capacity.
    2. Prioritize Synergistic Initiatives: Estimate the cost and benefit of each initiative's implementation to compare the amount of business value to the cost. The benefits and costs should be illustrated at a high level. Estimating the exact dollar value of fulfilling a synergy can be difficult and misleading.
        Steps
      • Determine the benefits that each initiative is expected to deliver.
      • Determine the high-level costs of implementation (capacity, time, resources, effort).
    3. Track Synergy Captures: Develop a detailed workplan to resource the roadmap and track synergy captures as the initiatives are undertaken.

    Once 80% of the necessary synergies are realized, executive pressure will diminish. However, IT must continue to work toward the technology end state to avoid delayed progression.

    4.2.2 Review IT’s transaction value

    3-4 hours

    Input: Prioritized integration tasks, Integration RACI, Activity owners, M&A company goals

    Output: Transaction value

    Materials: M&A Buy Playbook

    Participants: IT executive/CIO, IT senior leadership, Company's M&A team

    The purpose of this activity is to track how your IT organization performed against the originally identified metrics.

    1. If your organization did not have the opportunity to identify metrics earlier, determine from the company M&A team what those metrics might be. Review activity 3.2.7 for more information on metrics.
    2. Identify whether the metric (which should be used to support a goal) was at, below, or above the original target metric. This is a very critical task for IT to complete because it allows IT to confirm that they were successful engaging in the transaction and that the business can count on them in future transactions.
    3. Be sure to record accurate and relevant information on why the outcomes (good or bad) are supporting the M&A goals that were set out by the business.

    Record the results in the M&A Buy Playbook.

    4.2.3 Conduct a transaction and integration SWOT

    2 hours

    Input: Integration costs, Retention rates, Value IT contributed to the transaction

    Output: Strengths, weaknesses, opportunities, and threats

    Materials: Flip charts, Markers, Sticky notes

    Participants: IT executive/CIO, IT senior leadership, Business transaction team

    The purpose of this activity is to assess the positive and negative elements of the transaction.

    1. Consider the various internal and external elements that could have impacted the outcome of the transaction.
      • Strengths. Internal characteristics that are favorable as they relate to your development environment.
      • Weaknesses Internal characteristics that are unfavorable or need improvement.
      • Opportunities External characteristics that you may use to your advantage.
      • Threats External characteristics that may be potential sources of failure or risk.

    Record the results in the M&A Buy Playbook.

    M&A Buy Playbook review

    With an acquisition complete, your IT organization is now more prepared then ever to support the business through future M&As

    • Now that the transaction is more than 80% complete, take the opportunity to review the key elements that worked well and the opportunities for improvement in future transactions.
    • Critically examine the M&A Buy Playbook your IT organization created and identify what worked well to help the transaction and where your organization could adjust to do better in future transactions.
    • If your organization were to engage in another acquisition under your IT leadership, how would you go about the transaction to make sure the company meets its goals?

    4.2.4 Review the playbook and prepare for future transactions

    4 hours

    Input: Transaction and integration SWOT

    Output: Refined M&A playbook

    Materials: M&A Buy Playbook

    Participants: IT executive/CIO

    The purpose of this activity is to revise the playbook and ensure it is ready to go for future transactions.

    1. Using the outputs from the previous activity, 4.2.3, determine what strengths and opportunities there were that should be leveraged in the next transaction.
    2. Likewise, determine which threats and weaknesses could be avoided in the future transactions.
      Remember, this is your M&A Buy Playbook, and it should reflect the most successful outcome for you in your organization.

    Record the results in the M&A Buy Playbook.

    By the end of this post-transaction phase you should:

    Have completed the integration post-transaction and be fluidly delivering the critical value that the business expected of IT.

    Key outcomes from the Execution & Value Realization phase
    • Ensure the integration tasks are being completed and that any blockers related to the transaction are being removed.
    • Determine where IT was able to realize value for the business and demonstrate IT’s involvement in meeting target goals.
    Key deliverables from the Execution & Value Realization phase
    • Rationalize the IT environment
    • Continually update the project plan for completion
    • Confirm integration costs
    • Review IT’s transaction value
    • Conduct a transaction and integration SWOT
    • Review the playbook and prepare for future transactions

    Summary of Accomplishment

    Problem Solved

    Congratulations, you have completed the M&A Buy Blueprint!

    Rather than reacting to a transaction, you have been proactive in tackling this initiative. You now have a process to fall back on in which you can be an innovative IT leader by suggesting how and why the business should engage in an acquisition. You now have:

    • Created a standardized approach for how your IT organization should address acquisitions.
    • Evaluated the target organizations successfully and established an integration project plan.
    • Delivered on the integration project plan successfully and communicated IT’s transaction value to the business.

    Now that you have done all of this, reflect on what went well and what can be improved in case if you have to do this all again in a future transaction.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information
    workshops@infotech.com 1-888-670-8899

    Research Contributors and Experts

    Ibrahim Abdel-Kader
    Research Analyst | CIO
    Info-Tech Research Group
    Brittany Lutes
    Senior Research Analyst | CIO
    Info-Tech Research Group
    John Annand
    Principal Research Director | Infrastructure
    Info-Tech Research Group
    Scott Bickley
    Principal Research Director | Vendor Management
    Info-Tech Research Group
    Cole Cioran
    Practice Lead | Applications
    Info-Tech Research Group
    Dana Daher
    Research Analyst | Strategy & Innovation
    Info-Tech Research Group
    Eric Dolinar
    Manager | M&A Consulting
    Deloitte Canada
    Christoph Egel
    Director, Solution Design & Deliver
    Cooper Tire & Rubber Company
    Nora Fisher
    Vice President | Executive Services Advisory
    Info-Tech Research Group
    Larry Fretz
    Vice President | Industry
    Info-Tech Research Group

    Research Contributors and Experts

    David Glazer
    Vice President of Analytics
    Kroll
    Jack Hakimian
    Senior Vice President | Workshops and Delivery
    Info-Tech Research Group
    Gord Harrison
    Senior Vice President | Research & Advisory
    Info-Tech Research Group
    Valence Howden
    Principal Research Director | CIO
    Info-Tech Research Group
    Jennifer Jones
    Research Director | Industry
    Info-Tech Research Group
    Nancy McCuaig
    Senior Vice President | Chief Technology and Data Office
    IGM Financial Inc.
    Carlene McCubbin
    Practice Lead | CIO
    Info-Tech Research Group
    Kenneth McGee
    Research Fellow | Strategy & Innovation
    Info-Tech Research Group
    Nayma Naser
    Associate
    Deloitte
    Andy Neill
    Practice Lead | Data & Analytics, Enterprise Architecture
    Info-Tech Research Group

    Research Contributors and Experts

    Rick Pittman
    Vice President | Research
    Info-Tech Research Group
    Rocco Rao
    Research Director | Industry
    Info-Tech Research Group
    Mark Rosa
    Senior Vice President & Chief Information Officer
    Mohegan Gaming and Entertainment
    Tracy-Lynn Reid
    Research Lead | People & Leadership
    Info-Tech Research Group
    Jim Robson
    Senior Vice President | Shared Enterprise Services (retired)
    Great-West Life
    Steven Schmidt
    Senior Managing Partner Advisory | Executive Services
    Info-Tech Research Group
    Nikki Seventikidis
    Senior Manager | Finance Initiative & Continuous Improvement
    CST Consultants Inc.
    Allison Straker
    Research Director | CIO
    Info-Tech Research Group
    Justin Waelz
    Senior Network & Systems Administrator
    Info-Tech Research Group
    Sallie Wright
    Executive Counselor
    Info-Tech Research Group

    Bibliography

    “5 Ways for CIOs to Accelerate Value During Mergers and Acquisitions.” Okta, n.d. Web.

    Altintepe, Hakan. “Mergers and acquisitions speed up digital transformation.” CIO.com, 27 July 2018. Web.

    “America’s elite law firms are booming.” The Economist, 15 July 2021. Web.

    Barbaglia, Pamela, and Joshua Franklin. “Global M&A sets Q1 record as dealmakers shape post-COVID world.” Nasdaq, 1 April 2021. Web.

    Boyce, Paul. “Mergers and Acquisitions Definition: Types, Advantages, and Disadvantages.” BoyceWire, 8 Oct. 2020. Web.

    Bradt, George. “83% Of Mergers Fail -- Leverage A 100-Day Action Plan For Success Instead.” Forbes, 27 Jan. 2015. Web.

    Capgemini. “Mergers and Acquisitions: Get CIOs, IT Leaders Involved Early.” Channel e2e, 19 June 2020. Web.

    Chandra, Sumit, et al. “Make Or Break: The Critical Role Of IT In Post-Merger Integration.” IMAA Institute, 2016. Web.

    Deloitte. “How to Calculate Technical Debt.” The Wall Street Journal, 21 Jan. 2015. Web.

    Ernst & Young. “IT As A Driver Of M&A Success.” IMAA Institute, 2017. Web.

    Fernandes, Nuno. “M&As In 2021: How To Improve The Odds Of A Successful Deal.” Forbes, 23 March 2021. Web.

    “Five steps to a better 'technology fit' in mergers and acquisitions.” BCS, 7 Nov. 2019. Web.

    Fricke, Pierre. “The Biggest Opportunity You’re Missing During an M&Aamp; IT Integration.” Rackspace, 4 Nov. 2020. Web.

    Garrison, David W. “Most Mergers Fail Because People Aren't Boxes.” Forbes, 24 June 2019. Web.

    Harroch, Richard. “What You Need To Know About Mergers & Acquisitions: 12 Key Considerations When Selling Your Company.” Forbes, 27 Aug. 2018. Web.

    Hope, Michele. “M&A Integration: New Ways To Contain The IT Cost Of Mergers, Acquisitions And Migrations.” Iron Mountain, n.d. Web.

    “How Agile Project Management Principles Can Modernize M&A.” Business.com, 13 April 2020. Web.

    Hull, Patrick. “Answer 4 Questions to Get a Great Mission Statement.” Forbes, 10 Jan. 2013. Web.

    Kanter, Rosabeth Moss. “What We Can Learn About Unity from Hostile Takeovers.” Harvard Business Review, 12 Nov. 2020. Web.

    Koller, Tim, et al. “Valuation: Measuring and Managing the Value of Companies, 7th edition.” McKinsey & Company, 2020. Web.

    Labate, John. “M&A Alternatives Take Center Stage: Survey.” The Wall Street Journal, 30 Oct. 2020. Web.

    Lerner, Maya Ber. “How to Calculate ROI on Infrastructure Automation.” DevOps.com, 1 July 2020. Web.

    Loten, Angus. “Companies Without a Tech Plan in M&A Deals Face Higher IT Costs.” The Wall Street Journal, 18 June 2019. Web.

    Low, Jia Jen. “Tackling the tech integration challenge of mergers today” Tech HQ, 6 Jan. 2020. Web.

    Lucas, Suzanne. “5 Reasons Turnover Should Scare You.” Inc. 22 March 2013. Web.

    “M&A Trends Survey: The future of M&A. Deal trends in a changing world.” Deloitte, Oct. 2020. Web.

    Maheshwari, Adi, and Manish Dabas. “Six strategies tech companies are using for successful divesting.” EY, 1 Aug. 2020. Web.

    Majaski, Christina. “Mergers and Acquisitions: What's the Difference?” Investopedia, 30 Apr. 2021.

    “Mergers & Acquisitions: Top 5 Technology Considerations.” Teksetra, 21 Jul. 2020. Web.

    “Mergers Acquisitions M&A Process.” Corporate Finance Institute, n.d. Web.

    “Mergers and acquisitions: A means to gain technology and expertise.” DLA Piper, 2020. Web.

    Nash, Kim S. “CIOs Take Larger Role in Pre-IPO Prep Work.” The Wall Street Journal, 5 March 2015. Web.

    Paszti, Laila. “Canada: Emerging Trends In Information Technology (IT) Mergers And Acquisitions.” Mondaq, 24 Oct. 2019. Web.

    Patel, Kiison. “The 8 Biggest M&A Failures of All Time” Deal Room, 9 Sept. 2021. Web.

    Peek, Sean, and Paula Fernandes. “What Is a Vision Statement?” Business News Daily, 7 May 2020. Web.

    Ravid, Barak. “Tech execs focus on growth amid increasingly competitive M&A market.” EY, 28 April 2021. Web.

    Resch, Scott. “5 Questions with a Mergers & Acquisitions Expert.” CIO, 25 June 2019. Web.

    Salsberg, Brian. “Four tips for estimating one-time M&A integration costs.” EY, 17 Oct. 2019. Web.

    Samuels, Mark. “Mergers and acquisitions: Five ways tech can smooth the way.” ZDNet, 15 Aug. 2018. Web.

    “SAP Divestiture Projects: Options, Approach and Challenges.” Cognizant, May, 2014. Web.

    Steeves, Dave. “7 Rules for Surviving a Merger & Acquisition Technology Integration.” Steeves and Associates, 5 Feb. 2020. Web.

    Tanaszi, Margaret. “Calculating IT Value in Business Terms.” CSO, 27 May 2004. Web.

    “The CIO Playbook. Nine Steps CIOs Must Take For Successful Divestitures.” SNP, 2016. Web.

    “The Role of IT in Supporting Mergers and Acquisitions.” Cognizant, Feb. 2015. Web.

    Torres, Roberto. “M&A playbook: How to prepare for the cost, staff and tech hurdles.” CIO Dive, 14 Nov. 2019. Web.

    “Valuation Methods.” Corporate Finance Institute, n.d. Web.

    Weller, Joe. “The Ultimate Guide to the M&A Process for Buyers and Sellers.” Smartsheet, 16 May 2019. Web.

    Business Intelligence and Reporting

    • Buy Link or Shortcode: {j2store}6|cart{/j2store}
    • Related Products: {j2store}6|crosssells{/j2store}
    • member rating overall impact: 8.9/10
    • member rating average dollars saved: $45,792
    • member rating average days saved: 29
    • Parent Category Name: Data and Business Intelligence
    • Parent Category Link: /improve-your-core-processes/data-and-business-intelligence

    The challenge

    • Your business partners need an environment that facilitates flexible data delivery.
    • Your data and BI strategy must continuously adapt to new business realities and data sources to stay relevant.
    • The pressure to go directly to the solution design is high.  

    Our advice

    Insight

    • A BI initiative is not static. It must be treated as a living platform to adhere to changing business goals and objectives. Only then will it support effective decision-making.
    • Hear the voice of the business; that is the "B" in BI.
    • Boys and their toys... The solution to better intelligence often lies not in the tool but the BI practices.
    • Build a roadmap that starts with quick-wins to establish base support for your initiative.

    Impact and results 

    • Use the business goals and objectives to drive your BI initiatives.
    • Focus first on what you already have in your company's business intelligence landscape before investing in a new tool that will only complicate things.
    • Understand the core of what your users need by leveraging different approaches to pinpointing BI capabilities.
    • Create a roadmap that details the iterative deliveries of your business intelligence initiative. Show both the short and long term.

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Get started

    Our concise executive brief shows why you should create or refresh your business intelligence (BI) strategy. We'll show you our methodology and the ways we can help you in handling this.

    Upon ordering you receive the complete guide with all files zipped.

    Understand your business context and BI landscape

    Understand critical business information and analyze your current business intelligence landscape.

    • Build a Next-Generation BI with a Game-Changing BI Strategy – Phase 1: Understand the Business Context and BI Landscape (ppt)
    • BI Strategy and Roadmap Template (doc)
    • BI End-User Satisfaction Survey Framework (ppt)

    Evaluate your current business intelligence practices

    Assess your current maturity level and define the future state.

    • Build a Next-Generation BI with a Game-Changing BI Strategy – Phase 2: Evaluate the Current BI Practice (ppt)
    • BI Practice Assessment Tool – Example 1 (xls)
    • BI Practice Assessment Tool – Example 2 (xls)

    Create your BI roadmap

    Create business intelligence focused initiatives for continuous improvement.

    • Build a Next-Generation BI with a Game-Changing BI Strategy – Phase 3: Create a BI Roadmap for Continuous Improvement (ppt)
    • BI Initiatives and Roadmap Tool (xls)
    • BI Strategy and Roadmap Executive Presentation Template (ppt)

     

    Establish a Foresight Capability

    • Buy Link or Shortcode: {j2store}88|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Innovation
    • Parent Category Link: /innovation
    • To be recognized and validated as a forward-thinking CIO, you must establish a structured approach to innovation that considers external trends as well as internal processes.
    • The CEO is expecting an investment in IT innovation to yield either cost reduction or revenue growth, but growth cannot happen without opportunity identification.

    Our Advice

    Critical Insight

    • Technological innovation is disrupting business models – and it’s happening faster than organizations can react.
    • Smaller, more agile organizations have an advantage because they have less resources tied to existing operations and can move faster.

    Impact and Result

    • Be the disruptor, not the disrupted. This blueprint will help you plan proactively and identify opportunities before your competitors.
    • Strategic foresight gives you the tools you need to effectively process the signals in your environment, build an understanding of relevant trends, and turn this understanding into action.

    Establish a Foresight Capability Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how to effectively apply strategic foresight, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Signal gathering

    Develop a better understanding of your external environment and build a database of signals.

    • Establish a Foresight Capability – Phase 1: Signal Gathering
    • Foresight Process Tool

    2. Trends and drivers

    Select and analyze trends to uncover drivers.

    • Establish a Foresight Capability – Phase 2: Trends and Drivers

    3. Scenario building

    Use trends and drivers to build plausible scenarios and brainstorm strategic initiatives.

    • Establish a Foresight Capability – Phase 3: Scenario Building

    4. Idea selection

    Apply the wind tunneling technique to assess strategic initiatives and determine which are most likely to succeed in the face of uncertainty.

    • Establish a Foresight Capability – Phase 4: Idea Selection
    [infographic]

    Workshop: Establish a Foresight Capability

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Pre-workshop – Gather Signals and Build a Repository

    The Purpose

    Note: this is preparation for the workshop and is not offered onsite.

    Gather relevant signals that will inform your organization about what is happening in the external competitive environment.

    Key Benefits Achieved

    A better understanding of the competitive landscape.

    Activities

    1.1 Gather relevant signals.

    1.2 Store signals in a repository for quick and easy recall during the workshop.

    Outputs

    A set of signal items ready for analysis

    2 Identify Trends and Uncover Drivers

    The Purpose

    Uncover trends in your environment and assess their potential impact.

    Determine the causal forces behind relevant trends to inform strategic decisions.

    Key Benefits Achieved

    An understanding of the underlying causal forces that are influencing a trend that is affecting your organization.

    Activities

    2.1 Cluster signals into trends.

    2.2 Analyze trend impact and select a key trend.

    2.3 Perform causal analysis.

    2.4 Select drivers.

    Outputs

    A collection of relevant trends with a key trend selected

    A set of drivers influencing the key trend with primary drivers selected

    3 Build Scenarios and Ideate

    The Purpose

    Leverage your understanding of trends and drivers to build plausible scenarios and apply them as a canvas for ideation.

    Key Benefits Achieved

    A set of potential responses or reactions to trends that are affecting your organization.

    Activities

    3.1 Build scenarios.

    3.2 Brainstorm potential strategic initiatives (ideation).

    Outputs

    Four plausible scenarios for ideation purposes

    A potential strategic initiative that addresses each scenario

    4 Apply Wind Tunneling and Select Ideas

    The Purpose

    Assess the various ideas based on which are most likely to succeed in the face of uncertainty.

    Key Benefits Achieved

    An idea that you have tested in terms of risk and uncertainty.

    An idea that can be developed and pitched to the business or stored for later use. 

    Activities

    4.1 Assign probabilities to scenarios.

    4.2 Apply wind tunneling.

    4.3 Select ideas.

    4.4 Discuss next steps and prototyping.

    Outputs

    A strategic initiative (idea) that is ready to move into prototyping

    Lead Strategic Decision Making With Service Portfolio Management

    • Buy Link or Shortcode: {j2store}397|cart{/j2store}
    • member rating overall impact: 9.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Service Management
    • Parent Category Link: /service-management
    • There are no standardized processes for the intake of new ideas and no consistent view of the drivers needed to assess the value of these ideas.
    • IT is spending money on low-value services and doesn’t have the ability to understand and track value in order to prioritize IT investment.
    • CIOs are not trusted to drive innovation.

    Our Advice

    Critical Insight

    • The service portfolio empowers IT to be a catalyst in business strategy, change, and growth.
    • IT must drive value-based investment by understanding value of all services in the portfolio.
    • Organizations must assess the value of their services throughout their lifecycle to optimize business outcomes and IT spend.

    Impact and Result

    • Optimize IT investments by prioritizing services that provide more value to the business, ensuring that you do not waste money on low-value or out-of-date IT services.
    • Ensure that services are directly linked to business objectives, goals, and needs, keeping IT embedded in the strategic vision of the organization.
    • Enable the business to understand the impact of IT capabilities on business strategy.
    • Ensure that IT maintains a strategic and tactical view of the services and their value.
    • Drive agility and innovation by having a streamlined view of your business value context and a consistent intake of ideas.
    • Provide strategic leadership and create new revenue by understanding the relative value of new ideas vs. existing services.

    Lead Strategic Decision Making With Service Portfolio Management Research & Tools

    Start here – read the Executive Brief

    Service portfolio management enables organizations to become strategic value creators by establishing a dynamic view of service value. Understand the driving forces behind the need to manage services through their lifecycles.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Establish the service portfolio

    Establish and understand the service portfolio process by setting up the Service Portfolio Worksheet.

    • Lead Strategic Decision Making With Service Portfolio Management – Phase 1: Establish the Service Portfolio
    • Service Portfolio Worksheet

    2. Develop a value assessment framework

    Use the value assessment tool to assess services based on the organization’s context of value.

    • Lead Strategic Decision Making With Service Portfolio Management – Phase 2: Develop a Value Assessment Framework
    • Value Assessment Tool
    • Value Assessment Example Tool

    3. Manage intake and assessment of initiatives

    Create a centralized intake process to manage all new service ideas.

    • Lead Strategic Decision Making With Service Portfolio Management – Phase 3: Manage Intake and Assessment of Initiatives
    • Service Intake Form

    4. Assess active services

    Continuously validate the value of the existing service and determine the future of service based on the value and usage of the service.

    • Lead Strategic Decision Making With Service Portfolio Management – Phase 4: Assess Active Services

    5. Manage and communicate the service portfolio

    Communicate and implement the service portfolio within the organization, and create a mechanism to seek out continuous improvement opportunities.

    • Lead Strategic Decision Making With Service Portfolio Management – Phase 5: Manage and Communicate the Service Portfolio
    [infographic]

    Workshop: Lead Strategic Decision Making With Service Portfolio Management

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish the Service Portfolio

    The Purpose

    Establish and understand the service portfolio process by setting up the Service Portfolio Worksheet.

    Understand at a high level the steps involved in managing the service portfolio.

    Key Benefits Achieved

    Adapt the Service Portfolio Worksheet to organizational needs and create a plan to begin documenting services in the worksheet.

    Activities

    1.1 Review the Service Portfolio Worksheet.

    1.2 Adapt the Service Portfolio Worksheet.

    Outputs

    Knowledge about the use of the Service Portfolio Worksheet.

    Adapt the worksheet to reflect organizational needs and structure.

    2 Develop a Value Assessment Framework

    The Purpose

    Understand the need for a value assessment framework.

    Key Benefits Achieved

    Identify the organizational context of value through a holistic look at business objectives.

    Leverage Info-Tech’s Value Assessment Tool to validate and determine service value.

    Activities

    2.1 Understand value from business context.

    2.2 Determine the governing body.

    2.3 Assess culture and organizational structure.

    2.4 Complete the value assessment.

    2.5 Discuss value assessment score.

    Outputs

    Alignment on value context.

    Clear roles and responsibilities established.

    Ensure there is a supportive organizational structure and culture in place.

    Understand how to complete the value assessment and obtain a value score for selected services.

    Understand how to interpret the service value score.

    3 Manage Intake and Assessment of Initiatives

    The Purpose

    Create a centralized intake process to manage all new service ideas.

    Key Benefits Achieved

    Encourage collaboration and innovation through a transparent, formal, and centralized service intake process.

    Activities

    3.1 Review or design the service intake process.

    3.2 Review the Service Intake Form.

    3.3 Design a process to assess and transfer service ideas.

    3.4 Design a process to transfer completed services to the service catalog.

    Outputs

    Create a centralized process for service intake.

    Complete the Service Intake Form for a specific initiative.

    Have a process designed to transfer approved projects to the PMO.

    Have a process designed for transferring of completed services to the service catalog.

    4 Assess Active Services

    The Purpose

    Continuously validate the value of existing services.

    Key Benefits Achieved

    Ensure services are still providing the expected outcome.

    Clear next steps for services based on value.

    Activities

    4.1 Discuss/review management of active services.

    4.2 Complete value assessment for an active service.

    4.3 Determine service value and usage.

    4.4 Determine the next step for the service.

    4.5 Document the decision regarding the service outcome.

    Outputs

    Understand how active services must be assessed throughout their lifecycles.

    Understand how to assess an existing service.

    Place the service on the 2x2 matrix based on value and usage.

    Understand the appropriate next steps for services based on value.

    Formally document the steps for each of the IRMR options.

    5 Manage and Communicate Your Service Portfolio

    The Purpose

    Communicate and implement the service portfolio within the organization.

    Key Benefits Achieved

    Obtain buy-ins for the process.

    Create a mechanism to identify changes within the organization and to seek out continuous improvement opportunities for the service portfolio management process and procedures.

    Activities

    5.1 Create a communication plan for service portfolio and value assessment.

    5.2 Create a communication plan for service intake.

    5.3 Create a procedure to continuously validate the process.

    Outputs

    Document the target audience, the message, and how the message should be communicated.

    Document techniques to encourage participation and promote participation from the organization.

    Document the formal review process, including cycle, roles, and responsibilities.

    Operations management

    • Buy Link or Shortcode: {j2store}12|cart{/j2store}
    • Related Products: {j2store}12|crosssells{/j2store}
    • Up-Sell: {j2store}12|upsells{/j2store}
    • member rating overall impact: 10.0/10
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Infra and Operations
    • Parent Category Link: /infra-and-operations
    IT Operations is all about effectiveness. We make sure that you deliver reliable services to the clients and users within the company.

    Scale Business Process Automation

    • Buy Link or Shortcode: {j2store}241|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Optimization
    • Parent Category Link: /optimization
    • Business process automation (BPA) adoption gained significant momentum as your business leaders saw the positive outcomes in your pilots, such as improvements in customer experience, operational efficiencies, and cost optimizations.
    • Your stakeholders are ready to increase their investments in more process automation solutions. They want to scale initial successes to other business and IT functions.
    • However, it is unclear how BPA can be successfully scaled and what benefits can be achieved from it.

    Our Advice

    Critical Insight

    The shift from isolated, task-based automations in your pilot to value-oriented, scaled automations brings new challenges and barriers to your organization such as:

    • Little motivation or tolerance to change existing business operations to see the full value of BPA.
    • Overinvesting in current BPA technologies to maximize the return despite available alternatives that can do the same tasks better.
    • BPA teams are ill-equipped to meet the demands and complexities of scaled BPA implementations.

    Impact and Result

    • Ground your scaling expectations. Set realistic and achievable goals centered on driving business value to the entire organization by optimizing and automating end-to-end business processes.
    • Define your scaling journey. Tailor your scaling approach according to your ability to ease BPA implementation, to broaden BPA adoption, and to loosen BPA constraints.
    • Prepare to scale BPA. Cement your BPA management and governance foundations to support BPA scaling using the lessons learned from your pilot implementation.

    Scale Business Process Automation Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Scale Business Process Automation Deck – A guide to learn the opportunities and values of scaling business process automation.

    This research walks you through the level setting of your scaled business process automation (BPA) expectations, factors to consider in defining your scaled BPA journey, and assessing your readiness to scale BPA.

    • Scale Business Process Automation Storyboard

    2. Scale Business Process Automation Readiness Assessment – A tool to help you evaluate your readiness to scale business process automation.

    Use this tool to identify key gaps in the people, processes, and technologies you need to support the scaling of business process automation (BPA). It also contains a canvas to facilitate your discussions around business process automation with your stakeholders and BPA teams.

    • Scale Business Process Automation Readiness Assessment
    [infographic]

    Further reading

    Scale Business Process Automation

    Take a value-first approach to automate the processes that matter

    Analyst Perspective

    Scaling business process automation (BPA) is an organization-wide commitment

    Business and IT must work together to ensure the right automations are implemented and BPA is grown and matured in a sustainable way. However, many organizations are not ready to make this commitment. Managing the automation demand backlog, coordinating cross-functional effort and organizational change, and measuring BPA value are some of the leading factors challenging scaling BPA.

    Pilot BPA with the intent to scale it. Pilots are safe starting points to establish your foundational governance and management practices and build the necessary relationships and collaborations for you to be successful. These factors will then allow you to explore more sophisticated, complicated, and innovative opportunities to drive new value to your team, department, and organization.

    A picture of Andrew Kum-Seun

    Andrew Kum-Seun
    Research Director,
    Application Delivery and Management
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    • Business process automation (BPA) adoption gained significant momentum as your business leaders see the positive outcomes in your pilots, such as improvements in customer experience, operational efficiencies, and cost optimizations.
    • Your stakeholders are ready to increase their investments in more process automation solutions. They want to scale initial successes to other business and IT functions.
    • However, it is unclear how BPA can be successfully scaled and what benefits can be achieved from it.

    Common Obstacles

    The shift from isolated, task-based automations in your pilot to value-oriented and scaled automations brings new challenges and barriers to your organization:

    • Little motivation or tolerance to change existing business operations to see the full value of BPA.
    • Overinvesting in current BPA technologies to maximize return despite available alternatives that can do the same tasks better.
    • BPA teams are ill-equipped to meet the demands and complexities of scaled BPA implementations.

    Info-Tech's Approach

    • Ground your scaling expectations. Set realistic and achievable goals centered on driving business value to the entire organization by optimizing and automating end-to-end business processes.
    • Define your scaling journey. Tailor your scaling approach according to your ability to ease BPA implementation, to broaden BPA adoption, and to loosen BPA constraints.
    • Prepare to scale BPA. Cement your BPA management and governance foundations to support BPA scaling using the lessons learned from your pilot implementation.

    Info-Tech Insight

    Take a value-first approach in your scaling business process automation (BPA) journey. Low-risk, task-oriented automations are good starting points to introduce BPA but constrain the broader returns your organization wants. Business value can only scale when everything and everyone in your processes are working together to streamline the entire value stream rather than the small gains from optimizing small, isolated automations.

    Scale Business Process Automation

    Take a value-first approach to automate the processes that matter

    Pilot Your BPA Capabilities

    • Learn the foundation practices to design, deliver, and support BPA.
    • Understand the fit and value of BPA.
    • Gauge the tolerance for business operational change and system risk.

    See Info-Tech's Build a Winning Business Process Automation Playbook blueprint for more information.

    Build Your Scaling BPA Vision

    Apply Lessons Learned to Scale

    1. Ground Your Scaling Expectations
      Set realistic and achievable goals centered on driving business value to the entire organization by optimizing and automating end-to-end business processes.
    2. Define Your Scaling Journey
      Tailor your scaling approach according to your ability to ease BPA implementation, to broaden BPA adoption, and to loosen BPA constraints.
    3. Prepare to Scale BPA
      Cement your BPA management and governance foundations to support BPA scaling using the lessons learned from your pilot implementation.

    Research deliverable

    Design and communicate your approach to scale business process automation with Info-Tech's Scale Business Process Automation Readiness Assessment:

    • Level set your scaled BPA goals and objectives.
    • Discuss and design your scaled BPA journey.
    • Identify the gaps and improvements needed to scale your BPA practices and implementation.

    A screenshot from Info-Tech's Scale Business Process Automation Readiness Assessment

    Step 1.1

    Ground Your Scaling Expectations

    Activities

    1.1.1 Define Your Scaling Objectives

    This step involves the following participants:

    • Business Process Owners
    • Product Owners
    • Application Directors
    • Business Architects
    • BPA Delivery & Support Teams

    Outcomes of this step

    Scaling BPA objectives

    Organizations want to scale their initial BPA success

    Notable Initial Benefits

    1. Time Saved: "In the first day of live operations, the robots were saving 51 hours each day or the equivalent of six people working an eight-hour shift." – Brendan MacDonald, Director of Customer Compliance Operations, Ladbrokes (UiPath)
    2. Documentation & Knowledge Sharing: "If certain people left, knowledge of some processes would be lost and we realized that we needed a reliable process management system in place." – Peta Kinnane, Acting Audit and Risk Coordinator, Liverpool City Council (Nintex)
    3. Improved Service Delivery: "Thanks to this automation, our percentage of triaged and assigned tickets is now 100%. Nothing falls through the cracks. It has also improved the time to assignment. We assign tickets 2x faster than before." – Sebastian Goodwin, Head of Cybersecurity, Nutanix (Workato)

    Can We Gain More From Automation?

    The Solution

    As industries evolve and adopt more tools and technology, their products, services, and business operating models become more complex. Task- and desktop-based automations are often not enough. More sophisticated and scaled automations are needed to simplify and streamline the process from end-to-end of complex operations and align them with organizational goals.

    Stakeholders see automation as an opportunity to scale the business

    The value of scaling BPA is dependent on the organization's ability to scale with it. In other words, stakeholders should see an increase in business value without a substantial increase in resources and operational costs (e.g., there should be little difference if sending out 10 emails versus 1000).

    Examples of how business can be scaled with automation

    • Processes triggered by incoming documents or email: in these processes, an incoming document or email (that has semi-structured or unstructured data) is collected by a script or an RPA bot. This document is then processed with a machine learning model that validates it either by rules or ML models. The validated and enriched machine-readable data is then passed on to the next system of record.
    • The accounts payable process: this process includes receiving, processing, and paying out invoices from suppliers that provided goods or services to the company. While manual processing can be expensive, take too much time, and lead to errors, businesses can automate this process with machine learning and document extraction technologies like optical characters recognition (OCR), which converts texts containing images into characters that can be readable by computers to edit, compute, and analyze.
    • Order management: these processes include retrieving email and relevant attachments, extracting information that tells the business what its customers want, updating internal systems with newly placed orders or modifications, or taking necessary actions related to customer queries.
    • Enhance customer experience: [BPA tools] can help teams develop and distribute customer loyalty offers faster while also optimizing these offers with customer insights. Now, enterprises can more easily guarantee they are delivering the relevant solutions their clients are demanding.

    Source: Stefanini Group

    Scaling BPA has its challenges

    Perceived Lack of Opportunities

    Pilot BPA implementations often involve the processes that are straightforward to automate or are already shortlisted to optimize. However, these low-hanging fruits will run out. Discovering new BPA opportunities can be challenged for a variety of reasons, such as:

    • Lack of documentation and knowledge
    • Low user participation or drive to change
    • BPA technology limitations and constraints

    Perceived Lack of Opportunities

    BPA is not a cheap investment. A single RPA bot, for example, can cost between $5,000 to $15,000. This cost does not include the added cost for training, renewal fees, infrastructure set up and other variable and reoccurring costs that often come with RPA delivery and support (Blueprint). This reality can motivate BPA owners to favor existing technologies over other cheaper and more effective alternatives in an attempt boost their return on investment.

    Ill-Equipped Support Teams

    Good technical skills and tools, and the right mindset are critical to ensure BPA capabilities are deployed effectively. Low-code no-code (LCNC) can help but success isn't guaranteed. Lack of experience with low-code platforms is the biggest obstacle in low-code adoption according to 60% of respondents (Creatio). The learning curve has led some organizations to hire contractors to onboard BPA teams, hire new employees, or dedicate significant funding and resources to upskill internal resources.

    Shift your objectives from task-based efficiencies to value-driven capabilities

    How can I improve myself?

    How can we improve my team?

    How can we improve my organization?

    Objectives

    • Improve worker productivity
    • Improve the repeatability and predictability of the process
    • Deliver outputs of consistent quality and cadence
    • Increase process, tool, and technology confidence
    • Increase the team's throughput, commitment, and load
    • Apply more focus on cognitive and complex tasks
    • Reduce the time to complete error-prone, manual, and routine collaborations
    • Deliver insightful, personalized, and valuable outputs
    • Drive more value in existing pipelines and introduce new value streams
    • Deliver consistent digital experiences involving different technologies
    • Automatically tailor a customer's experience to individual preferences
    • Forecast and rapidly respond to customer issues and market trends

    Goals

    • Learn the fit of BPA & set the foundations
    • Improve the practices & tools and optimize the performance
    • Scale BPA capabilities throughout the organization

    Gauge the success of your scaled BPA

    BPA Practice Effectiveness

    Key Question: Are stakeholders satisfied with how the BPA practice is meeting their automation needs?

    Examples of Metrics:

    • User satisfaction
    • Automation request turnaround time
    • Throughput of BPA team

    Automation Solution Quality

    Key Question: How do your automation solutions perform and meet your quality standards?

    Examples of Metrics:

    • Licensing and operational costs
    • Service level agreement and uptime/downtime
    • Number of defects

    Business Value Delivery

    Key Question: How has automation improved the value your employees, teams, and the organization delivers?

    Examples of Metrics:
    Increase in revenue generation
    Reduction in operational costs
    Expansion of business capabilities with minimal increases in costs and risks

    1.1.1 Define your scaling objectives

    5 minutes

    1. Complete the following fields to build your scaled business process automation canvas:
      1. Problem that scaling BPA is intending to solve
      2. Your vision for scaling BPA
      3. Stakeholders
      4. Scaled BPA business and IT objectives and metrics
      5. Business capabilities, processes, and application systems involved
      6. Notable constraints, roadblocks, and challenges to your scaled BPA success
    2. Document your findings and discussions in Info-Tech's Scale Business Process Automation Readiness Assessment.

    Output

    Scaled BPA value canvas

    Participants

    • Business Process Owners
    • Product Owners
    • Application Directors
    • Business Architects
    • BPA Delivery & Support Teams

    Record the results in the 2. Value Canvas Tab in the Scale Business Process Automation Readiness Assessment.

    1.1.1 cont'd

    Scaled BPA Value Canvas Template:

    A screenshot of Scaled BPA Value Canvas Template

    Align your objectives to your application portfolio strategy

    Why is an application portfolio strategy important for BPA?

    • All business process optimizations are designed, delivered, and managed to support a consistent interpretation of the business and IT vision and goals.
    • Clear understanding of the sprawl, criticality, and risks of automation solutions and applications to business capabilities.
    • BPA initiatives are planned, prioritized, and coordinated alongside modernization, upgrades, and other changes to the application portfolio.
    • Resources, skills, and capacities are strategically allocated to meet BPA demand considering other commitments in the backlog and roadmap.
    • BPA expectations and practices uphold the persona, values, and principles of the application team.

    What is an application portfolio strategy?

    An application portfolio strategy details the direction, activities, and tactics to deliver on the promise of your application portfolio. It often includes:

    • Portfolio vision and goals
    • Application, automation, and process portfolio
    • Values and principles
    • Portfolio health
    • Risks and constraints
    • Strategic roadmap

    See our Application Portfolio Management Foundations blueprint for more information.

    Leverage your BPA champions to drive change and support scaling initiatives

    An arrow showing the steps to Leverage your BPA champions to drive change and support scaling initiatives

    Expected Outcome From Your Pilot: Your pilot would have recognized the roles that know how to effectively apply good BPA practices (e.g., process analysis and optimization) and are familiar with the BPA toolset. These individuals are prime candidates who can standardize your Build a Winning Business Process Automation Playbook, upskill interested teams, and build relationships among those involved in the delivery and use of BPA.

    Step 1.2

    Define Your Scaling Journey

    Activities

    1.2.1 Discuss Your BPA Opportunities
    1.2.2 Lay Out Your Scaling BPA Journey

    Scale Business Process Automation

    This step involves the following participants:

    • Business Process Owners
    • Product Owners
    • Application Directors
    • Business Architects
    • BPA Delivery & Support Teams

    Outcomes of this step

    • List of scaling BPA opportunities
    • Tailored scaling journey

    Maintain a healthy demand pipeline

    A successful scaled BPA practice requires a continuous demand for BPA capabilities and the delivery of minimum viable automations (MVA) held together by a broader strategic roadmap.

    An image of a healthy demand pipeline.  it flows from opportunities to trends, with inputs from internal and external sources.

    An MVA focuses on a single and small process use case, involves minimal possible effort to improve, and is designed to satisfy a specific user group. Its purpose is to maximize learning and value and inform the further scaling of the BPA technology, approach, or practice.

    See our Build a Winning Business Process Automation Playbook blueprint for more information.

    Investigate how BPA trends can drive more value for the organization

    • Event-Driven Automation
      Process is triggered by a schedule, system output, scenario, or user (e.g., voice-activated, time-sensitive, system condition)
    • Low- & No-Code Automation build and management are completed through an easy-to-learn scripting language and/or a GUI.
    • Intelligent Document Processing
      Transform documents for better analysis, processing and handling (e.g., optical character recognition) by a tool or system.
    • End-to-End Process Automation & Transparency
      Linking cross-functional processes to enable automation of the entire value stream with seamless handoffs or triggers.
    • Orchestration of Different BPA Technologies
      Integrating and sequencing the execution of multiple automation solutions through a single console.
    • Cognitive Automation
      AI and other intelligent technologies automate information-intensive processes, including semi and unstructured data and human thinking simulation.
    • Intelligent Internet-of-Things
      Connecting process automation technologies to physical environments with sensors and other interaction devices (e.g., computer vision).
    • Ethical Design
      Optimizing processes that align to the moral value, principles, and beliefs of the organization (e.g., respects data privacy, resists manipulative patterns).
    • User Profiling & Tailored Experiences
      Customizing process outputs and user experience with user-defined configurations or system and user activity monitoring.
    • Process Mining & Discovery
      Gleaning optimization opportunities by analyzing system activities (mining) or monitoring user interactions with applications (discovery).

    1.2.1 Discuss your BPA opportunities

    5 minutes

    1. Review the goals and objectives of your initiative and the expectations you want to gain from scaling BPA.
    2. Discuss how BPA trends can be leveraged in your organization.
    3. List high priority scaling BPA opportunities.

    Output

    • Scaled BPA opportunities

    Participants

    • Business Process Owners
    • Product Owners
    • Application Directors
    • Business Architects
    • BPA Delivery & Support Teams

    Create your recipe for success

    Your scaling BPA recipe (approach) can involve multiple different flavors of various quantities to fit the needs and constraints of your organization and workers.

    What and how many ingredients you need is dependent on three key questions:

    1. How can we ease BPA implementation?
    2. How can we broaden the BPA scope?
    3. How can we loosen constraints?

    Personalize Scaling BPA To Your Taste

    • Extend BPA Across Business Units (Horizontal)
    • Integrate BPA Across Your Application Architecture (Vertical)
    • Embed AI/ML Into Your Automation Technologies
    • Empower Users With Business-Managed Automations
    • Combine Multiple Technologies for End-to-End Automation
    • Increase the Volume and Velocity of Automation
    • Automate Cognitive Processes and Making Variable Decisions

    Answer these questions in the definition of your scaling BPA journey

    Seeing the full value of your scaling approach is dependent on your ability to support BPA adoption across the organization

    How can we ease BPA implementation?

    • Good governance practices (e.g., role definitions, delivery and management processes, technology standards).
    • Support for innovation and experimentation.
    • Interoperable and plug-and-play architecture.
    • Dedicated technology management and support, including resources, documents, templates and shells.
    • Accessible and easy-to-understand knowledge and document repository.

    How can we broaden BPA scope?

    • Provide a unified experience across processes, fragmented technologies, and siloed business functions.
    • Improve intellectually intensive activities, challenging decision making and complex processes with more valuable insights and information using BPA.
    • Proactively react to business and technology environments and operational changes and interact with customers with unattended automation.
    • Infuse BPA technologies into your product and service to expand their functions, output quality, and reliability.

    How can we loosen constraints?

    • Processes are automated without the need for structured data and optimized processes, and there is no need to work around or avoid legacy applications.
    • Workers are empowered to develop and maintain their own automations.
    • Coaching, mentoring, training, and onboarding capabilities.
    • Accessibility and adoption of underutilized applications are improved with BPA.
    • BPA is used to overcome the limitations or the inefficiencies of other BPA technologies.

    1.2.2 Lay out your scaling BPA journey

    5 minutes

    1. Review the goals and objectives of your initiative, the expectations you want to gain from scaling BPA, and the various scaling BPA opportunities.
    2. Discuss the different scaling BPA flavors (patterns) and how each flavor is applicable to your situation. Ask yourself these key questions:
      1. How can we ease BPA implementation?
      2. How can we broaden the BPA scope?
      3. How can we loosen constraints?
    3. Design the broad steps of your scaling BPA journey. See the following slide for an example.
    4. Document your findings and discussions in Info-Tech's Scale Business Process Automation Readiness Assessment.

    Record the results in the 3. Scaled BPA Journey Tab in the Scale Business Process Automation Readiness Assessment.

    Output

    • Scaled BPA journey

    Participants

    • Business Process Owners
    • Product Owners
    • Application Directors
    • Business Architects
    • BPA Delivery & Support Teams

    1.2.2 cont'd

    An image of the marker used to identify Continuous business process optimization and automation Continuous business process optimization and automation
    An image of the marker used to identify Scope of Info-Tech's Build Your Business Process Automation Playbook blueprintScope of Info-Tech's Build Your Business Process Automation Playbook blueprint

    Example:

    An example of the BPA journey.  Below are the links included in the journey.

    Continuously review and realign expectations

    Optimizing your scaled BPA practices and applying continuous improvements starts with monitoring the process after implementation.

    Purpose of Monitoring

    1. Diligent monitoring confirms your scaled BPA implementation is performing as desired and meeting initial expectations.
    2. Holding reviews of your BPA practice and implementations helps assess the impact of marketplace and business operations changes and allows the organization to stay on top of trends and risks.

    Metrics

    Metrics are an important aspect of monitoring and sustaining the scaled practice. The metrics will help determine success and find areas where adjustments may be needed.

    Hold retrospectives to identify any practice issues to be resolved or opportunities to undertake

    The retrospective gives your organization the opportunity to review themselves and brainstorm solutions and a plan for improvements to be actioned. This session is reoccurring, typically, after key milestones. While it is important to allow all participants the opportunity to voice their opinions, feelings, and experiences, retrospectives must be positive, productive, and time boxed.

    Step 1.3

    Prepare to Scale BPA

    Activities

    1.3.1 Assess Your Readiness to Scale BPA

    This step involves the following participants:

    • Business Process Owners
    • Product Owners
    • Application Directors
    • Business Architects
    • BPA Delivery & Support Teams

    Outcomes of this step

    • Scale BPA readiness assessment

    Prepare to scale by learning from your pilot implementations

    "While most organizations are advised to start with automating the 'low hanging fruit' first, the truth is that it can create traps that will impede your ability to achieve RPA at scale. In fact, scaling RPA into the organizational structure is fundamentally different from implementing a conventional software product or other process automation."
    – Blueprint

    What should be the takeaways from your pilot?

    Degree of Required BPA Support

    • Practices needed to address the organization's tolerance to business process changes and automation adoption.
    • Resources, budget and skills needed to configure and orchestrate automation technologies to existing business applications and systems.

    Technology Integration & Compatibility

    • The BPA technology and application system's flexibility to be enhanced, modified, and removed.
    • Adherence to data and system quality standards (e.g., security, availability) across all tools and technologies.

    Good Practices Toolkit

    • A list of tactics, techniques, templates, and examples to assist teams assessing and optimizing business processes and applying BPA solutions in your organization's context.
    • Strategies to navigate common blockers, challenges, and risks.

    Controls & Measures

    • Defined guardrails aligned to your organization's policies and risk tolerance
    • Key metrics are gathered to gauge the value and performance of your processes and automations for enhancements and further scaling.

    Decide how to architect and govern your BPA solutions

    Centralized

    A single body and platform to coordinate, execute, and manage all automation solutions.

    An image of the Centralized approach to governing BPA solutions.

    Distributed

    Automation solutions are locally delivered and managed whether that is per business unit, type of technology, or vendor. Some collaboration and integration can occur among solutions but might be done without a holistic strategy or approach.

    An image of the Distributed approach to governing BPA solutions.

    Hybrid

    Automation solutions are locally delivered and managed and executed for isolated use cases. Broader and complex automations are centrally orchestrated and administered.

    An image of the Hybrid approach to governing BPA solutions.

    Be prepared to address the risks with scaling BPA

    "Companies tend to underestimate the complexity of their business processes – and bots will frequently malfunction without an RPA design team that knows how to anticipate and prepare for most process exceptions. Unresolved process exceptions rank among the biggest RPA challenges, prompting frustrated users to revert to manual work."
    – Eduardo Diquez, Auxis, 2020

    Scenarios

    • Handling Failures of Dependent Systems
    • Handling Data Corruption & Quality Issues
    • Alignment to Regulatory & Industry Standards
    • Addressing Changes & Regressions to Business Processes
    • "Run Away" & Hijacked Automations
    • Unauthorized Access to Sensitive Information

    Recognize the costs to support your scaled BPA environment

    Cost Factors

    Automation Operations
    How will chaining multiple BPA technologies together impact your operating budget? Is there a limit on the number of active automations you can have at a single time?

    User Licenses
    How many users require access to the designer, orchestrator, and other functions of the BPA solution? Do they also require access to dependent applications, services, and databases?

    System Enhancements
    Are application and system upgrades and modernizations needed to support BPA? Is your infrastructure, data, and security controls capable of handling BPA demand?

    Supporting Resources
    Are dedicated resources needed to support, govern, and manage BPA across business and IT functions? Are internal resources or third-party providers preferred?

    Training & Onboarding
    Are end users and supporting resources trained to deliver, support, and/or use BPA? How will training and onboarding be facilitated: internally or via third party providers?

    Create a cross-functional and supportive body to lead the scaling of BPA

    Your supportive body is a cross-functional group of individuals promoting collaboration and good BPA practices. It enables an organization to extract the full benefits from critical systems, guides the growth and evolution of strategic BPA implementations, and provides critical expertise to those that need it. A supportive body distinctly caters to optimizing and strengthening BPA governance, management, and operational practices for a single technology or business function or broadly across the entire organization encompassing all BPA capabilities.

    What a support body is not:

    • A Temporary Measure
    • Exclusive to Large Organizations
    • A Project Management Office
    • A Physical Office
    • A Quick Fix

    See our Maximize the Benefits from Enterprise Applications With a Center of Excellence blueprint for more information.

    What are my options?

    Center of Excellence (CoE)
    AND
    Community of Practice (CoP)

    CoEs and CoPs provide critical functions

    An image of the critical functions provided by CoE and CoP.

    Shift your principles as you scale BPA

    As BPA scales, users and teams must not only think of how a BPA solution operates at a personal and technical level or what goals it is trying to achieve, but why it is worth doing and how the outcomes of the automated process will impact the organization's reputation, morality, and public perception.

    An image of the journey from Siloed BPA to Scaled BPA.

    "I think you're going to see a lot of corporations thinking about the corporate responsibility of [organizational change from automation], because studies show that consumers want and will only do business with socially responsible companies."

    – Todd Lohr

    Source: Appian, 2018.

    Assess your readiness to scale BPA

    Vision & Objectives
    Clear direction and goals of the business process automation practice.

    Governance
    Defined BPA roles and responsibilities, processes, and technology controls.

    Skills & Competencies
    The capabilities users and support roles must have to be successful with BPA.

    Business Process Management & Optimization
    The tactics to document, analyze, optimize, and monitor business processes.

    Business Process Automation Delivery
    The tactics to review the fit of automation solutions and deliver and support according to end user needs and preferences.

    Business Process Automation Platform
    The capabilities to manage BPA platforms and ensure it supports the growing needs of the business.

    1.3.1 Assess your readiness to scale BPA

    5 minutes

    1. Review your scaling BPA journey and selected patterns.
    2. Conduct a readiness assessment using the 4. Readiness Assessment tab in Info-Tech's Scale Business Process Automation Readiness Assessment.
    3. Brainstorm solutions to improve the capability or address the gaps found in this assessment.

    Output

    • Scaled BPA readiness assessment

    Participants

    • Business Process Owners
    • Product Owners
    • Application Directors
    • Business Architects
    • BPA Delivery & Support Teams

    Record the results in the 4. Readiness Assessment tab in Info-Tech's Scale Business Process Automation Readiness Assessment.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Related Info-Tech Research

    Bibliography

    Alston, Roland. "With the Rise of Intelligent Automation, Ethics Matter Now More than Ever." Appian, 4 Sept. 2018. Web.
    "Challenges of Achieving RPA at Scale." Blueprint, N.d. Web.
    Dilmegani, Cem. "RPA Benefits: 20 Ways Bots Improve Businesses in 2023," AI Multiple, 9 Jan 2023. Web.
    Diquez, Eduardo. "Struggling To Scale RPA? Discover The Secret to Success." Auxis, 30 Sept. 2020. Web.
    "How much does Robotic Process Automation (RPA) Really Cost?" Blueprint, 14 Sept. 2021. Web.
    "Liverpool City Council improves document process with Nintex." Nintex, n.d. Web.
    "The State of Low-Code/No-Code." Creatio, 2021. Web.
    "Using automation to enhance security and increase IT NPS to 90+ at Nutanix." Workato, n.d. Web.
    "What Is Hyperautomation? A Complete Guide To One Of Gartner's Top Tech Trends." Stefanini Group, 26 Mar. 2021. Web.

    Get really good at resilience

    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A

    Why be resilient?

    Well, your clients demand it. And it makes business sense; it is much cheaper to retain a client than to acquire new ones. By all means, always expand your client base; just don't make it a zero-sum game by losing clients because you cannot provide decent service. 

    Although the term has existed since the 17th century, it has only received legal attention since 2020. Now, several years later, the EU and the US require companies to prove their resilience.

    To understand what resilience is, please read our article on resilience

    What does it take to become really good at IT resilience?

    IT Resilience is a mindset, a collection of techniques, and people management focused on providing consistent service to clients, all rolled into one discipline. While we discuss IT resilience, it takes more than IT staff or IT processes to become a truly resilient business.

    Here are 10 themes relevant the (IT) resilient organization:

    Transparent culture

    A transparent company culture empowers its people to act confidently, respond swiftly to challenges, and continuously learn and improve. This builds a strong foundation for resilience, enabling the organization to navigate disruption or adversity much more easily.

    At its core, transparency is about open communication, sharing information, and fostering a culture of honesty and trust. These traits directly influence the various aspects of resilience.

    Client service focus

    A client service focus isn't just about customer satisfaction; it's an integral part of a company's resilience strategy. Service stability and continuous value delivery are the elements that retain existing clients and attract new ones through reputation.  System outages, slowdowns, and errors lead to client frustration and erode confidence. In other words, client service focuses on making sure you are available. Once you have that, then you can look at enhancing and expanding services and products. 

    Resilient systems and processes often also include tools and capabilities for proactive communication with clients. This can include automated notifications during system maintenance or updates, providing transparency and minimizing inconvenience. A proactive approach to communication creates a sense of partnership, and it demonstrates that you value your clients' time and business.

    Adaptability

    Adaptable systems and processes give you the flexibility for rapid incident response and easy workarounds, bringing your service back to the level it is supposed to be at.

    In the bigger picture, when you design your systems for flexibility and modification, you can rapidly adjust to new market conditions, evolving customer demands, and technological advancements. This agility allows you to pivot swiftly, seizing opportunities while mitigating risks.

    In the same vein, adaptable processes, fostered by a culture of continuous improvement and open communication, empower teams to innovate and refine workflows in response to challenges. This constant evolution ensures the company remains competitive and aligned with its ever-changing environment.

    Robust change management

    When you establish standardized procedures for planning, testing, and implementing changes, IT change management ensures that every modification, no matter how seemingly small, is carefully considered and assessed for its impact on the broader IT ecosystem. This structured approach significantly reduces the risk of unexpected side effects, unforeseen conflicts, and costly downtime, protecting the company's operations and its reputation.

    It does not have to be a burdensome bureaucratic process. Modern processes and tools take the sting out of these controls. Many actions within change management can be automated without losing oversight by both the IT custodians and the business process owners.

    Redundancy and fault tolerance

    By having duplicates of essential components or systems in place, you ensure that even if one part fails, another is ready to take over. This helps you minimize the impact of unexpected events like hardware issues, software glitches, or other unforeseen problems. This might mean replicating critical policy data across multiple servers or data centers in different locations.

    Fault tolerance is all about your systems and processes being able to keep working even when facing challenges. By designing your software and systems architecture with fault tolerance in mind, you are sure it can gracefully handle errors and failures, preventing those small problems from causing bigger issues, outages, and unhappy clients.

    Security

    Clients entrust you with valuable information. Demonstrating a commitment to data security through resilient systems builds trust and provides reassurance that their data is safeguarded against breaches and unauthorized access.

    Monitoring and alerting

    Trusting that all working is good. making sure is better.  When you observe your systems and receive timely notifications when something seems off, you'll be able to address issues before they snowball into real problems. 

    In any industry, monitoring helps you keep an eye on crucial performance metrics, resource usage, and system health. You'll get insights into how your systems behave, allowing you to identify bottlenecks or potential points of failure before they cause serious problems. And with a well-tuned alerting system, you'll get those critical notifications when something requires immediate attention. This gives you the chance to respond quickly, minimize downtime, and keep things running smoothly for your customers.

    Monitoring is also all about business metrics. Keep your service chains running smoothly and understand the ebb and flow of when clients access your services. Then update and enhance in line with what you see happening. 

    Incident response processes

    Well-thought-out plans and processes are key. Work with your incident managers, developers, suppliers, business staff and product owners and build an embedded method for reacting to incidents. 

    The key is to limit the time of the service interruption. Not everything needs to be handled immediately, so your plan must be clear on how to react to important vs lower-priority incidents. Making the plan and process well-known in the company helps everybody and keeps the calm.

    Embedded business continuity

    Business continuity planning anticipates and prepares for various scenarios, allowing your company to adapt and maintain essential functions even in the face of unexpected disruptions.

    When you proactively address these non-IT aspects of recovery, you build resilience that goes beyond simply restoring technology. It enables you to maintain customer relationships, meet contractual obligations, and safeguard your reputation, even in the face of significant challenges.

    Business continuity is not about prevention; it is about knowing what to do when bad things happen that may threaten your company in a more existential way or when you face issues like a power outage in your building, a pandemic, major road works rendering your business unreachable and such events.

    Effective disaster recovery  

    Disaster recovery is your lifeline when the worst happens. Whether it's a major cyberattack, a natural disaster, or a catastrophic hardware failure, a solid disaster recovery plan ensures your business doesn't sink. It's your strategy to get those critical systems back online and your data restored as quickly as possible.

    Think of it this way: disaster recovery, just like business continuity, isn't about preventing bad things from happening; it's about being prepared to bounce back when they do. It's like having a spare tire in your car - you hope you never need it, but if you get a flat, you're not stranded. With a well-tested disaster recovery plan, you can minimize downtime, reduce data loss, and keep your operations running even in the face of the unexpected. That translates to happier customers, protected revenue, and a reputation for reliability even amidst chaos.

    Conclusion

    Resilience is the result of a well-conducted orchestra. Many disciplines come together to help you service your clients in a consistent way.

    The operational lifeline of your company and the reason it exists in the first place is to provide your clients with what they need, when they need it, and be able to command a good price for it. And that will keep your shareholders happy as well.

    Terms and Conditions for consulting to businesses

    By signing an agreement with Gert Taeymans bvba, Client declares that he agrees with the Terms and Conditions referred to hereafter. Terms and conditions on Client's order form or any other similar document shall not be binding upon Gert Taeymans bvba.

    The prices, quantities and delivery time stated in any quotation are not binding upon Gert Taeymans bvba. They are commercial estimates only which Gert Taeymans bvba will make reasonable efforts to achieve. Prices quoted in final offers will be valid only for 30 days. All prices are VAT excluded and do not cover expenses, unless otherwise agreed in writing. Gert Taeymans bvba reserves the right to increase a quoted fee in the event that Client requests a variation to the work agreed.

    The delivery times stated in any quotation are of an indicative nature and not binding upon Gert Taeymans bvba, unless otherwise agreed in writing. Delivery times will be formulated in working days. In no event shall any delay in delivery be neither cause for cancellation of an order nor entitle Client to any damages.

    Amendments or variations of the initial agreement between Client and Gert Taeymans bvba will only be valid when accepted by both parties in writing.

    Any complaints concerning the performance of services must be addressed to Gert Taeymans bvba in writing and by registered mail within 7 working days of the date of the performance of the services.

    In no event shall any complaint be just cause for non-payment or deferred payment of invoices. Any invoice and the services described therein will be deemed irrevocably accepted by Client if no official protest of non-payment has been sent by Client within 7 working days from the date of the mailing of the invoice.

    Client shall pay all invoices of Gert Taeymans bvba within thirty (30) calendar days of the date of invoice unless otherwise agreed in writing by Gert Taeymans bvba. In the event of late payment, Gert Taeymans bvba may charge a monthly interest on the amount outstanding at the rate of two (2) percent with no prior notice of default being required, in which case each commenced month will count as a full month. Any late payment will entitle Gert Taeymans bvba to charge Client a fixed handling fee of 300 EUR. All costs related to the legal enforcement of the payment obligation, including lawyer fees, will be charged to Client.

    In no event will Gert Taeymans bvba be liable for damages of any kind, including without limitation, direct, incidental or consequential damages (including, but not limited to, damages for lost profits, business interruption and loss of programs or information) arising out of the use of Gert Taeymans bvba services.

    Gert Taeymans bvba collects personal data from Client for the performance of its services and the execution of its contracts. Such personal data can also be used for direct marketing, allowing Gert Taeymans bvba to inform Client of its activities on a regular basis. If Client objects to the employment of its personal data for direct marketing, Client must inform Gert Taeymans bvba on the following address: gert@gerttaeymans.consulting.

    Client can consult, correct or amend its personal data by addressing such request to Gert Taeymans bvba by registered mail. Personal data shall in no event be sold, rented or made available to other firms or third parties where not needed for the execution of the contract. Gert Taeymans bvba reserves the right to update and amend its privacy policy from time to time to remain consistent with applicable privacy legislation.

    The logo of the Client will be displayed on the Gert Taeymans bvba website, together with a short description of the project/services.

    Any changes to Client’s contact information such as addresses, phone numbers or e-mail addresses must be communicated to Gert Taeymans bvba as soon as possible during the project.

    Both parties shall maintain strict confidence and shall not disclose to any third party any information or material relating to the other or the other's business, which comes into that party's possession and shall not use such information and material. This provision shall not, however, apply to information or material, which is or becomes public knowledge other than by breach by a party of this clause.

    Gert Taeymans bvba has the right at any time to change or modify these terms and conditions at any time without notice.

    The agreement shall be exclusively governed by and construed in accordance with the laws of Belgium. The competent courts of Antwerp, Belgium will finally settle any dispute about the validity, the interpretation or the execution of this agreement.

    These Terms and Conditions are the only terms and conditions applicable to both parties.

    If any provision or provisions of these Terms and Conditions shall be held to be invalid, illegal or unenforceable, such provision shall be enforced to the fullest extent permitted by applicable law, and the validity, legality and enforceability of the remaining provisions shall not in any way be affected or impaired thereby.

    Build a Service-Based Security Resourcing Plan

    • Buy Link or Shortcode: {j2store}267|cart{/j2store}
    • member rating overall impact: 10.0/10 Overall Impact
    • member rating average dollars saved: $20,799 Average $ Saved
    • member rating average days saved: 20 Average Days Saved
    • Parent Category Name: Security Processes & Operations
    • Parent Category Link: /security-processes-and-operations
    • IT and security leaders across all industries must determine what and how many resources are needed to support the information security program.
    • Estimating current usage and future demand for security resources can be a difficult and time-consuming exercise.

    Our Advice

    Critical Insight

    Not all security programs need to be the same. A service-aligned security resourcing strategy will put organizations in the best position to respond to current and future service demands and address business needs as they evolve over time.

    Impact and Result

    • Info-Tech’s approach to resource planning focuses less on benchmarks and more on estimating actual demand for security services to ensure that there are enough resources to deliver them.
    • A well-designed security services portfolio is the first step towards determining resourcing needs.
    • When planning resource allocations, plan for both mandatory and discretionary demand to optimize utilization.

    Build a Service-Based Security Resourcing Plan Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build a Service-Based Security Resourcing Plan – A blueprint to help you define security roles, build a service portfolio, estimate demand, and determine resourcing needs.

    This storyboard will help you to determine your security resourcing needs using a service-based approach.

    • Build a Service-Based Security Resourcing Plan – Phases 1-3

    2. Security Resources Planning Workbook – This tool will result in a defined security service portfolio and a three-year resourcing plan.

    Use this tool to build your security service portfolio and to determine resourcing needs to meet your service demand.

    • Security Resources Planning Workbook

    Infographic

    Workshop: Build a Service-Based Security Resourcing Plan

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Roles and Select Services

    The Purpose

    Identify the roles needed to implement and deliver your organization’s security services.

    Key Benefits Achieved

    A security services portfolio allows you to assign job roles to each service, which is the first step towards determining resourcing needs. Improve employee engagement and satisfaction with clearly defined job roles, responsibilities, and service levels.

    Activities

    1.1 Assess security needs and business pressures.

    1.2 Define security job roles.

    1.3 Define security services and assign ownership.

    Outputs

    Security Roles Definition

    Security Services Portfolio

    2 Estimate Current and Future Demand

    The Purpose

    Estimate the actual demand for security resources and determine how to allocate resources accordingly.

    Key Benefits Achieved

    Allocate resources more effectively across your Security and Risk teams.

    Raise the profile of your security team by aligning security service offerings with the demands of the business.

    Activities

    2.1 Estimate current and future demand.

    2.2 Review demand summary.

    2.3 Allocate resources where they are needed the most.

    Outputs

    Demand Estimates

    Resourcing Plan

    3 Identify Required Skills

    The Purpose

    When defining roles, consider the competencies needed to deliver your security services. Make sure to account for this need in your resource planning.

    Key Benefits Achieved

    Leverage the NCWF to establish the building blocks of a capable and ready cybersecurity workforce to effectively identify, recruit, develop and maintain cybersecurity talent.

    Activities

    3.1 Identify skills needed for planned initiatives.

    3.2 Prioritize your skill requirements.

    3.3 Assign work roles to the needs of your target environment.

    3.4 Discuss the NICE cybersecurity workforce framework.

    3.5 Develop technical skill requirements for current and future work roles.

    Outputs

    Prioritized Skill Requirements and Associated Roles

    4 Future Planning

    The Purpose

    Create a development plan to train and upskill your employees to address current and future service requirements.

    Key Benefits Achieved

    Skill needs are based on the strategic requirements of a business-aligned security program.

    Activities

    4.1 Continue developing technical skill requirements for current and future work roles.

    4.2 Conduct current workforce skills assessment.

    4.3 Develop a plan to acquire skills.

    4.4 Discuss training and certification opportunities for staff.

    4.5 Discuss next steps for closing the skills gap.

    4.6 Debrief.

    Outputs

    Role-Based Skills Gaps

    Workforce Development Plan

    Further reading

    Build a Service-Based Security Resourcing Plan

    Every security program is unique; resourcing allocations should reflect this.

    Analyst Perspective

    Start by looking inward.

    The image is a picture of Logan Rohde.The image is a picture of Isabelle Hertanto.

    Organizations have a critical need for skilled cybersecurity resources as the cyberthreat landscape becomes more complex. This has put a strain on many security teams who must continue to meet demand for an increasing number of security services. To deliver services well, we first need to determine what are the organization’s key security requirements. While benchmarks can be useful for quick peer-to-peer comparisons to determine if we are within the average range, they tend to make all security programs seem the same. This can lead to misguided investments in security services and personnel that might be better used elsewhere.

    Security teams will be most successful when organizations take a personalized approach to security, considering what must be done to lower risk and operate more efficiently and effectively.

    Logan Rohde

    Senior Research Analyst, Security

    Info-Tech Research Group

    Isabelle Hertanto

    Principal Research Director, Security

    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    • IT and Security leaders across all industries must determine what and how many resources are needed to support the information security program.
    • Estimating current usage, the right allocations, and future demand for security resources can be a difficult and time-consuming exercise.
    • Needing to provide a benchmark to justify increasing headcount.
    • Absence of formally defined security service offerings and service owners.
    • Lack of skills needed to provide necessary security services.
    • Info-Tech’s approach to resource planning focuses less on benchmarks and more on estimating actual demand for security services to ensure that there are enough resources to deliver them.
    • A well-designed security services portfolio is the first step toward determining resourcing needs.
    • When allocating resources, plan for both mandatory and discretionary demand to position yourself for greatest success.

    Info-Tech Insight

    Not all security programs need to be the same. A service-aligned security resourcing strategy will put organizations in the best position to respond to current and future service demands and address business needs as they evolve over time.

    Your challenge

    This research is designed to help organizations who are looking to:

    • Determine what and how many resources are needed to support the information security program.
    • Identify the organization's key service offerings and the required resourcing to support delivery of such services.
    • Estimate current staff utilization and required allocations to satisfy future demand for services.

    Every organization is unique and will need different security research allocations aligned with their business needs.

    “The number of priorities that CISOs have continues to grow, but if everything is a priority, nothing is. It’s important to focus on the ones that deliver the most value to your organization and that are synchronized with the overall business strategy.”

    Paige H. Adams

    Global CISO at Zurich

    Insurance

    Source: Proofpoint, 2021

    Common obstacles

    These barriers make this challenge difficult to address for many organizations:

    • Security leaders sometimes try to cut to the chase and lean on staffing benchmarks to justify their requests for resources. However, while staffing benchmarks are useful for quick peer-to-peer validation and decision making, they tend to reduce security programs down to a set of averages, which can be misleading when used out of context.
    • A more effective approach is to determine what security services need to be provided, the level of demand, and what it will take to meet that demand currently and in the coming years.
    • With these details available, it becomes much easier to predict what roles need to be hired, what skills need to be developed, and whether outsourcing is an option.

    Hiring delays and skills gaps can fuel resourcing challenges

    59% of organizations report taking 3-6+ months to fill a vacant cybersecurity position.

    Source: ISACA, 2020

    30% report IT knowledge as the most prevalent skills gap in today’s cybersecurity professionals.

    Source: ISACA, 2020

    Info-Tech’s methodology for Building a Service-Based Security Resourcing Plan

    1. Determine Security Service Portfolio Offerings

    2. Plan for Mandatory Versus Discretionary Demand

    3. Define Your Resourcing Model

    Phase Steps

    1 Gather Requirements and Define Roles

    1.2 Choose Security Service Offerings

    2.1 Assess Demand

    3.1 Review Demand Summary

    3.2 Develop an Action Plan

    Phase Outcomes

    Security requirements

    Security service portfolio

    Service demand estimates

    Service hour estimates

    Three-year resourcing plan

    Stay on top of resourcing demands with a security service portfolio

    Security programs should be designed to address unique business needs.

    A service-aligned security resourcing strategy will put organizations in the best position to respond to current and future service demands and address business needs as they evolve over time.

    Watch out for role creep.

    It may be tempting to assign tasks to the people who already know how to do them, but we should consider which role is most appropriate for each task. If all services are assigned to one or two people, we’ll quickly use up all their time.

    Time estimates will improve with practice.

    It may be difficult to estimate exactly how long it takes to carry out each service at first. But making the effort to time your activities each quarter will help you to improve the accuracy of your estimates incrementally.

    Start recruiting well in advance of need.

    Security talent can be difficult to come by, so make sure to begin your search for a new hire three to six months before your demand estimates indicate the need will arise.

    People and skills are both important.

    As the services in your portfolio mature and become more complex, remember to consider the skills you will need to be able to provide that service. Make sure to account for this need in your resource planning and keep in mind that we can only expect so much from one role. Therefore, hiring may be necessary to keep up with the diverse skills your services may require.

    Make sure your portfolio reflects reality.

    There’s nothing wrong with planning for future state, but we should avoid using the portfolio as a list of goals.

    Blueprint deliverable

    Use this tool to build your security services portfolio, estimate demand and hours needed, and determine FTE requirements.

    The image contains screenshots of the Security Resources Planning Workbook.

    Key deliverable:

    Security Resources Planning Workbook

    The Security Resources Planning Workbook will be used to:

    • Build a security services portfolio.
    • Estimate demand for security services and the efforts to deliver them.
    • Determine full-time equivalent (FTE) requirements for each service.
    The image contains a thought model to demonstrate the benchmarks that lead to a one-size-fits-all approach to security.

    Blueprint benefits

    IT Benefits

    Business Benefits

    • Allocate resources more effectively across your security and risk teams.
    • Improve employee engagement and satisfaction with clearly defined job roles, responsibilities, and service levels.
    • Raise the profile of your security team by aligning security service offerings with the demands of the business.
    • Ensure that people, financial, knowledge, and technology resources are appropriately allocated and leveraged across the organization.
    • Improve your organization’s ability to satisfy compliance obligations and reduce information security risk.
    • Increase customer and business stakeholder satisfaction through reliable service delivery.

    Measure the value of this blueprint

    Use these metrics to realize the value of completing this blueprint.

    Metric

    Expected Improvement

    Level of business satisfaction with IT security

    You can expect to see a 20% improvement in your IT Security Business Satisfaction Diagnostic.

    Reports on key performance indicators and service level objectives

    Expect to see a 40% improvement in security service-related key performance indicators and service level objectives.

    Employee engagement scores

    You can expect to see approximately a 10% improvement in employee engagement scores.

    Changes in rates of voluntary turnover

    Anticipating demand and planning resources accordingly will help lower employee turnover rates due to burnout or stress leave by as much as 10%.

    47% of cybersecurity professionals said that stress and burnout has become a major issue due to overwork, with most working over 41 hours a week, and some working up to 90.

    Source: Security Boulevard, 2021

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.” “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.” “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.” “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3

    Call #1: Scope requirements, objectives, and your specific drivers.

    Call #2: Discuss roles and duties.

    Call #3: Build service portfolio and assign ownership.

    Call #4: Estimate required service hours.

    Call #5: Review service demand and plan for future state.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 4 to 6 calls over the course of 2 to 3 months.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Day 5

    Define Roles and Select Services

    Estimate Current and Future Demand

    Identify Required Skills

    Future Planning

    Next Steps and
    Wrap-Up (offsite)

    Activities

    1.1 Assess Security Needs and Business Pressures.

    1.2 Define Security Job Roles.

    1.3 Define Security Services and Assign Ownership.

    2.1 Estimate Current and Future Demand.

    2.2 Review Demand Summary.

    2.3 Allocate Resources Where They Are Needed the Most.

    3.1 Identify Skills Needed Skills for Planned Initiatives.

    3.2 Prioritize Your Skill Requirements.

    3.3 Assign Work Roles to the Needs of Your Target Environment.

    3.4 Discuss the NICE Cybersecurity Workforce Framework.

    3.5 Develop Technical Skill Requirements for Current and Future Work Roles.

    4.1 Continue Developing Technical Skill Requirements for Current and Future Work Roles.

    4.2 Conduct Current Workforce Skills Assessment.

    4.3 Develop a Plan to Acquire Skills.

    4.4 Discuss Training and Certification Opportunities for Staff.

    4.5 Discuss Next Steps for Closing the Skills Gap.

    4.6 Debrief.

    5.1 Complete In-Progress Deliverables From Previous Four Days.

    5.2 Set Up Review Time for Workshop Deliverables and to Discuss Next steps.

    Deliverables
    1. FTE-Hours Calculation
    2. Security Roles Definition
    3. Security Services Portfolio
    1. Demand Estimates
    2. Resourcing Plan
    1. Skills Gap Prioritization Tool
    2. Technical Skills Tool
    1. Technical Skills Tool
    2. Current Workforce Skills Assessment
    3. Skills Development Plan

    Phase 1

    Determine Security Service Portfolio Offerings

    Phase 1

    Phase 2

    Phase 3

    1.1 Gather Requirements and Define Roles

    1.2 Choose Security Service Offerings

    2.1 Assess Demand

    3.1 Determine Resourcing Status

    This phase involves the following participants:

    • CISO
    • Core Security Team
    • Business Representative (optional)

    Step 1.1

    Gather Requirements and Define Roles

    Activities

    1.1.1 Assess Business Needs and Pressures

    1.1.2 Define Security Roles

    This step involves the following participants:

    • CISO
    • Core Security Team
    • Business Representative (optional)

    Outcomes of this step

    • Security program requirements
    • Security roles definitions

    1.1.1 Assess security needs and pressures

    1 hour

    1. As a group, brainstorm the security requirements for your organization and any business pressures that exist within your industry (e.g. compliance obligations).
    • To get started, consider examples of typical business pressures on the next slides. Determine how your organization must respond to these points (note: this is not an exhaustive list).
    • You will likely notice that these requirements have already influenced the direction of your security program and the kinds of services it needs to provide to the business side of the organization.
  • There may be some that have not been well addressed by current service offerings (e.g. current service maturity, under/over definition of a service). Be sure to make a note of these areas and what the current challenge is and use these details in Step 1.2.
  • Document the results for future use in Step 1.2.1.
  • Input Output
    • List of key business requirements and industry pressures
    • Prioritized list of security program requirements
    Materials Participants
    • Whiteboard
    • Sticky notes
    • CISO
    • Core Security Team
    • Business Representative (optional)

    Typical business pressures examples

    The security services you will provide to the organization should be based on its unique business requirements and pressures, which will make certain services more applicable than others. Use this exercise to get an idea of what those business drivers might be.

    The image contains a screenshot of Typical business pressures examples.

    1.1.2 Define security roles

    1-2 hours

    1. Using the link below, download the Security Resources Planning Workbook and review the examples provided on the next slide.
    2. On tab 1 (Roles), review the example roles and identify which roles you have within your security team.
    • If necessary, customize the roles and descriptions to match your security team’s current make up.
    • If you have roles within your security team that do not appear in the examples, you can add them to the bottom of the table.
  • For each role, use columns D-F to indicate how many people (headcount) you have, or plan to have, in that role.
  • Use columns H-J to indicate how many hours per year each role has available to deliver the services within your service catalog.
  • Input Output
    • Full-time hours worked per week Weeks worked per year Existing job descriptions/roles
    • Calculated full-time equivalents (FTE) Defined security roles
    Materials Participants
    • Security Resources Planning Workbook
    • CISO
    • Core Security Team

    Download the Security Resources Planning Workbook

    Calculating FTEs and defining security roles

    The image contains a screenshot of the workbook demonstrating calculating FTEs and defining security roles.

    1. Start by entering the current and planned headcount for each role
    2. Then enter number of hours each role works per week
    3. Estimate the number of administrative hours (e.g. team meetings, training) per week
    4. Enter the average number of weeks per year that each role is available for service delivery
    5. The tool uses the data from steps 2-4 to calculate the average number of hours each role has for service delivery per year (FTE)

    Info-Tech Insight

    Watch out for role creep. It may be tempting to assign tasks to the people who already know how to do them, but we should consider which role is most appropriate for each task. If all services are assigned to one or two people, we’ll quickly use up all their time.

    Other considerations

    Address your skills gap.

    Cybersecurity is a rapidly evolving discipline and security teams from all over are reporting challenges related to training and upskilling needed to keep pace with the developments of the threat landscape.

    95% Security leaders who agree the cybersecurity skills gap has not improved over the last few years.*

    44% Security leaders who say the skills gap situation has only gotten worse.*

    When defining roles, consider the competencies needed to deliver your security services. Use Info-Tech’s blueprint Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan to help you determine the required skillsets for each role.

    * Source: ISSA, 2021

    Info-Tech Insight

    As the services in your portfolio mature and become more complex, remember to consider the skills you need and will need to be able to provide that service. Make sure to account for this need in your resource planning and keep in mind that we can only expect so much from one role. Therefore, hiring may be necessary to keep up with the diverse skills your services may require.

    Download blueprint Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan

    Step 1.2

    Choose Security Service Offerings

    Activities

    1.2.1 Define Security Services and Role Assignments

    This step involves the following participants:

    • CISO
    • Core Security Team

    Outcomes of this step

    • Service portfolio
    • Service pipeline status
    • Service ownership

    1.2.1 Define security services and role assignments

    2-4 hours

    1. As a group, review the outputs from Step 1.1.1. These requirements will serve as the basis to prioritize the service offerings of your security portfolio.
    2. Take these outputs, as well as any additional notes you’ve made, and put them side by side with the example service offerings on tab 3 of the Security Resources Planning Workbook so each service can be considered alongside these requirements (i.e. to determine if that service should be included in the security service portfolio at this time).
    3. Using the following slides as a guide, work your way down the list of example services and choose the services for your portfolio. For each service selected, be sure to customize the definition of the service and state its outcome (i.e. what time is spent when providing this service, indicate if it is outsourced, which role is responsible for delivering it, and the service pipeline status (in use, plan to use, plan to retire)).
    InputOutput
    • Business and security requirements gathered in Step 1.1.1
    • Defined security service portfolio
    • Service ownership assigned to role
    MaterialsParticipants
    • Security Resources Planning Workbook
    • CISO
    • Core Security Team

    Download the Security Resources Planning Workbook

    Service needs aligned with your control framework

    Use Info-Tech's best-of-breed Security Framework to develop a comprehensive baseline set of security service areas.

    The image contains a screenshot of the Security Framework.

    Prioritize your security services

    Example of a custom security services portfolio definition

    Security Strategy and Governance Model

    • Aligned Business Goals
    • Security Program Objectives
    • Centralized vs. Decentralized Governance Model

    Compliance Obligations

    • Penetration testing
    • Annual security audits
    • Data privacy and protection laws

    CISO Accountabilities

    • Security Policy
    • Risk Management
    • Application & Infrastructure Security
    • Program Metrics and Reporting

    Consider each of the requirement categories developed in Step 1.1.1 against the taxonomy and service domain here. If there is a clear need to add this service, use the drop-down list in the “Include in Catalog” column to indicate “Yes.” Mark un-needed services as “No.”

    The image contains a screenshot of the security services portfolio definition.

    Assigning roles to services

    The image contains an example of assigning roles to services.

    1. If the service is being outsourced, use the drop-down list to select “Yes.” This will cause the formatting to change in the neighboring cell (Role), as this cell does not need to be completed.
    2. For all in-sourced services, indicate the role assigned to perform the service.
    3. Indicate the service-pipeline status for each of the services you include. The selection you make will affect the conditional formatting on the next tab, similar to what is described in step 1.

    Info-Tech Insight

    Make sure your portfolio reflects current state and approved plans. There’s nothing wrong with planning for the future, but we should avoid using the portfolio as a list of goals.

    Phase 2

    Plan for Mandatory Versus Discretionary Demand

    Phase 1

    Phase 2

    Phase 3

    1.1 Gather Requirements and Define Roles

    1.2 Choose Security Service Offerings

    2.1 Assess Demand

    3.1 Determine Resourcing Status

    This phase involves the following participants:

    • CISO
    • Core Security Team

    Step 2.1

    Assess Demand

    Activities

    2.1.1 Estimate Current and Future Demand

    This step involves the following participants:

    • CISO
    • Core Security Team

    Outcomes of this step

    • Service demand estimates
    • Total service hours required
    • FTEs required per service

    2.1.1 Estimate current and future demand

    2-4 hours

    1. Estimate the number of hours required to complete each of the services in your portfolio and how frequently it is performed. Remember the service-hour estimates should be based on the outcome of the service (see examples on the next slide).
    • To do this effectively, think back over the last quarter and count how many times the members of your team performed each service and how many hours it took to complete.
    • Then, think back over the last year and consider if the last quarter represents typical demand (i.e. you may notice that certain services have a greater demand at different parts of the year, such as annual audit) and arrive at your best estimate for both service hours and demand.
    • See examples on next slide.

    Note: For continuous services (i.e. 24/7 security log monitoring), use the length of the work shift for estimating the Hours to Complete and the corresponding number of shifts per year for Mandatory Demand estimates. Example: For an 8-hour shift, there are 3 shifts per day at 365 days/year, resulting in 1,095 total shifts per year.

    Download the Security Resources Planning Workbook

    InputOutput
    • Service-hour estimations
    • Expected demand for service
    • Discretionary demand for service
    • Total hours required for service
    • FTEs required for service
    MaterialsParticipants
    • Security Resources Planning Workbook
    • CISO
    • Core Security Team

    Info-Tech Insight

    Time estimates will improve over time. It may be difficult to estimate exactly how long it takes to carry out each service at first. But making the effort to time your activities each quarter will help you to improve the accuracy of your estimates incrementally.

    Understanding mandatory versus discretionary demand

    Every service may have a mix of mandatory and discretionary demands. Understanding and differentiating between these types of demand is critical to developing an efficient resourcing plan.

    The image contains a picture used to represent mandatory demand.

    Mandatory Demand

    Mandatory demand refers to the amount of work that your team must perform to meet compliance obligations and critical business and risk mitigation requirements.

    Failure to meet mandatory demand levels will have serious consequences, such as regulatory fines or the introduction of risks that far exceed risk tolerances. This is work you cannot refuse.

    The image contains a diagram to demonstrate the relationship between Mandatory and Discretionary demand.

    The image contains a picture used to represent discretionary demand.

    Discretionary Demand

    Discretionary demand refers to the amount of work the security team is asked to perform that goes above and beyond your mandatory demand. Discretionary demand often comes in the form of ad hoc requests from business units or the IT department.

    Failure to meet discretionary demand levels usually has limited consequences, allowing you more flexibility to decide how much of this type of work you can accept.

    Mandatory versus discretionary demand examples

    Service Name

    Mandatory Demand Example

    Discretionary Demand Example

    Penetration Testing

    PCI compliance requires penetration testing against all systems within the cardholder data environment annually (currently 2 systems per year).

    Business units request ad hoc penetration testing against non-payment systems (expected 2-3 systems per year).

    Vendor Risk Assessments

    GDPR compliance requires vendor security assessments against all third parties that process personal information on our behalf (expected 1-2 per quarter).

    IT department has requested that the security team conduct vendor security assessments for all cloud services, regardless of whether they store personal information (expected 2-3 assessments per quarter).

    e-Discovery and Evidence Handling

    There is no mandatory demand for this service.

    The legal department occasionally asks the security team to assist with e-Discovery requests (expected demand 1-2 investigations per quarter).

    Example of service demand estimations

    The image contains a screenshot example of service demand estimations.

    1. For each service, describe the specific outcome or deliverable that the service produces. Modify the example deliverables as required.
    2. Enter the number of hours required to produce one instance of the service deliverable. For example, if the deliverable for your security training service is an awareness campaign, it may require 40 person hours to develop and deliver.
    3. Enter the number of mandatory and discretionary demands expected for each service within a given year. For instance, if you are delivering quarterly security awareness campaigns, enter 4 as the demand.

    Phase 3

    Build Your Resourcing Plan

    Phase 1

    Phase 2

    Phase 3

    1.1 Gather Requirements and Define Roles

    1.2 Choose Security Service Offerings

    2.1 Assess Demand

    3.1 Determine Resourcing Status

    This phase involves the following participants:

    • CISO
    • Security Manager

    Step 3.1

    Determine Resourcing Status

    Activities

    3.1.1 Review Demand Summary

    3.1.2 Fill Resource Gaps

    This step involves the following participants:

    • CISO
    • Security Manager

    Outcomes of this step

    • The number of FTEs required to meet demand
    • Resourcing gaps

    3.1.1 Review demand summary

    1-2 hours

    1. On tab 5 of the Security Resourcing Planning Tool (Demand Summary), review the results. This tab will show you if you have enough FTE hours per role to meet the demand level for each service.
    • Green indicates that there is a surplus of FTEs and the number displayed shows how many extra FTEs there are.
    • Yellow text that you have adequate FTEs to meet all of your mandatory demand but may not have enough to meet all of your discretionary demand.
    • Red text indicates that there are too few FTEs available, and the number displayed shows how many additional FTEs you will require.
  • Take note of how many FTEs you will need to meet expected and discretionary demand in each of the years you’ve planned for.
  • Input Output
    • Current staffing
    • Resourcing model
    Materials Participants
    • Security Resources Planning Workbook
    • CISO
    • HR Representative

    Download the Security Resources Planning Workbook

    Info-Tech Insight

    Start recruiting well in advance of need. Security talent can be difficult to come by, so make sure to begin your search for a new hire three to six months before your demand estimates indicate the need will arise.

    Example of demand planning summary (1/2)

    The image contains a screenshot of an example of demand planning summary.

    Example of demand planning summary (2/2)

    The image contains a screenshot of an example of demand planning. This image has a screenshot of the dashboard.

    3.1.2 Fill resource gaps

    2-4 hours

    1. Now that you have a resourcing model for your security services, you will need to plan to close the gaps between available FTEs and required service hours. For each role that has been under/over committed to service delivery, review the services assignments on tab 3 and determine the viability of the following gap closure actions:
      1. Reassign service responsibility to another role with fewer commitments
      2. Create efficiencies to reduce required hours
      3. Hire to meet the service demand
      4. Outsource the service
    2. Your resourcing shortages may not all be apparent at once. Therefore, build a roadmap to determine which needs must be addressed immediately and which can be scheduled for years two and three.

    Consider outsourcing

    Outsourcing provides access to tools and talent that would otherwise be prohibitively expensive. Typical reasons for outsourcing security operations include:

    • Difficulty finding or retaining security staff with advanced and often highly specialized skillsets.
    • The desire to transfer liability for high-risk operational activities such as 24/7 security monitoring.
    • Workforce scalability to accommodate irregular or infrequent events such as incident response and incident-related forensic investigations.

    Given the above, three different models have emerged for the operational security organization:

    1. Outsourced SecOps

    A fully outsourced Security Operations Center, managed and governed by a smaller in-house team

    2. Balanced Hybrid

    In-house operational security staff with some reliance on managed services

    3. In-House SecOps

    A predominantly in-house security team, augmented by a small managed services contract

    Once you have determined that further outsourcing is needed, go back and adjust the status in your service portfolio. Use Info-Tech's blueprint Develop Your Security Outsourcing Strategy to determine the right approach for your business needs.

    “The workforce of the future needs to be agile and adaptable, enabled by strong partnerships with third-party providers of managed security services. I believe these hybrid models really are the security workforce of the future.”

    – Senior Manager, Cybersecurity at EY

    Download blueprint Develop Your Security Outsourcing Strategy

    Info-Tech Insight

    Choose the right model for your organization’s size, risk tolerance, and process maturity level. For example, it might make more sense for larger enterprises with low risk tolerance to grow their internal teams and build in-house capability.

    Create efficiencies

    Resourcing challenges are often addressed more directly by increased spending. However, for a lot of organizations, this just isn’t possible. While there is no magic solution to resolve resource constraints and small budgets, the following tactics should be considered as a means to reduce the hours required for the services your team provides.

    Upskill Your Staff

    If full-scale training is not an option, see if there are individual skills that could be improved to help improve time to completion for your services. Use Info-Tech's blueprint Close the InfoSec Skills Gap to determine which skills are needed for your security team.

    Improve Process Familiarity

    In some organizations, especially low-maturity ones, problems can arise simply because there is a lack of familiarity with what needs to be done. Review the process, socialize it, and make sure your staff can execute in within the target time allotment.

    Add Technology

    Resourcing crunch or not, technology can help us do things better. Investigate whether automation software might help to shave a few hours off a given service. Use Info-Tech's blueprint Build a Winning Business Process Automation Playbook to optimize and automate your business processes with a user-centric approach.

    Download the blueprint Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan

    Download the blueprint Build a Winning Business Process Automation Playbook

    Info-Tech Insight

    Every minute counts. While using these strategies may not solve every resourcing crunch you have, they can help put you in the best position possible to deliver on your commitments for each service.

    Plan for employee turnover

    Cybersecurity skills are in high demand; practitioners are few. The reality is that experienced security personnel have a lot of opportunities. While we cannot control for the personal reasons employees leave jobs, we can address the professional reasons that cause them to leave.

    Fair wage

    Reasonable expectations

    Provide training

    Defined career path

    It’s a sellers’ market for cybersecurity skills these days. Higher-paying offers are one of the major reasons security leaders leave their jobs (ISSA, 2021).

    Many teams lose out on good talent simply because they have unrealistic expectations, seeking 5+ years experience for an entry-level position, due to misalignment with HR (TECHNATION, 2021).

    Technology is changing (and being adopted) faster than security professionals can train on it. Ongoing training is needed to close these gaps (ISO, 2021).

    People want to see where they are now, visualize where they will be in the future, and understand what takes to get there. This helps to determine what types of training and specialization are necessary (DigitalGuardian, 2020).

    Use Info-Tech’s blueprint Build a Strategic IT Workforce Plan to help staff your security organization for success.

    The image contains a screenshot of the Build a Strategic IT Workforce Plan.

    Download blueprint Build a Strategic IT Workforce Plan

    Summary of Accomplishment

    Problem Solved

    You have now successfully identified your business and security drivers, determined what services your security program will provide, and determined your resourcing plan to meet these demands over the next three years.

    As needs change at your organization, don’t forget to re-evaluate the decisions you’ve made. Don’t forget that outsourcing a service may be the most reliable way to provide and resource it. However, this is just one tool among many that should be considered, along with upskilling, process improvement/familiarity, and process automation.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com

    1-888-670-8889

    Research Contributors and Experts

    The image contains a picture of George Al-Koura.

    George Al-Koura

    CISO

    Ruby Life

    The image contains a picture of Brian Barniner.

    Brian Barniner

    Head of Decision Science and Analytics

    ValueBridge Advisors

    The image contains a picture of Tracy Dallaire.

    Tracy Dallaire

    CISO / Director of Information Security

    McMaster University

    The image contains a picture of Ricardo Johnson.

    Ricardo Johnson

    Chief Information Security Officer

    Citrix

    Research Contributors and Experts

    The image contains a picture of Ryan Rodriguez.

    Ryan Rodriguez

    Senior Manager, Cyber Threat Management

    EY

    The image contains a picture of Paul Townley.

    Paul Townley

    VP Information Security and Personal Technology

    Owens Corning

    13 Anonymous Contributors

    Related Info-Tech Research

    Cost-Optimize Your Security Budget

    Develop Your Security Outsourcing Strategy

    Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan

    Bibliography

    2021 Voice of the CISO Report.” Proofpoint, 2021. Web.

    “2022 Voice of the CISO.” Proofpoint, 2022. Web.

    Brook, Chris. “How to Find and Retain Skilled Cybersecurity Talent.” DigitalGuardian, 17 Sep. 2020. Web.

    “Canadian Cybersecurity Skills Framework” TECHNATION Canada, April 2020. Web.

    “Cybersecurity Skills Crisis Continues for Fifth Year, Perpetuated by Lack of Business Investment.” ISSA, 28 July 2021. Web.

    “Cybersecurity Workforce, National Occupational Standard.” TECHNATION Canada, April 2020. Web.

    Naden, Clare. “The Cybersecurity Skills Gap: Why Education Is Our Best Weapon against Cybercrime.” ISO, 15 April 2021. Web.

    Purse, Randy. “Four Challenges in Finding Cybersecurity Talent And What Companies Can Do About It.” TECHNATION Canada, 29 March 2021. Web.

    Social-Engineer. “Burnout in the Cybersecurity Community.” Security Boulevard, 8 Dec. 2021. Web.

    “State of Cybersecurity 2020.” ISACA, 2020. Web.

    Cost-Reduction Planning for IT Vendors

    • Buy Link or Shortcode: {j2store}73|cart{/j2store}
    • member rating overall impact: 8.0/10 Overall Impact
    • member rating average dollars saved: $12,733 Average $ Saved
    • member rating average days saved: 5 Average Days Saved
    • Parent Category Name: Cost & Budget Management
    • Parent Category Link: /cost-and-budget-management
    • Unprecedented health and economic conditions are putting extreme pressure and controls on expense management.
    • IT needs to implement proactive measures to reduce costs with immediate results.
    • IT must sustain these reductions beyond the near term since no one knows how long the current conditions will last.

    Our Advice

    Critical Insight

    • Proactively initiating a “War on Waste” (WoW) to reduce the expenses and costs in areas that do not impact operational capabilities of IT is an easy way to reduce IT expenditures.
    • This is accomplished by following the principle “Stop Doing Stupid Stuff” (SDSS), which many organizations deemphasize or overlook during times of growth and prosperity.
    • Initiating a WoW and SDSS program with passion, creativity, and urgency will deliver short-term cost reductions.

    Impact and Result

    • Pinpoint and implement tactical countermeasures and savings opportunities to reduce costs immediately (Reactive: <3 months).
    • Identify and deploy proven practices to capture and sustain expense reduction throughout the mid-term (Proactive: 3-12months).
    • Create a long-term strategy to improve flexibility, make changes more swiftly, and quickly generate cost-cutting opportunities (Strategic: >12 months).
    • Use Info-Tech’s 4 R’s Framework (Required, Removed, Rescheduled, and Reduced) and guiding principles to develop your cost-reduction roadmap.

    Cost-Reduction Planning for IT Vendors Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Start here – read the Storyboard

    Read our concise Executive Brief to find out how you can reduce your IT cost in the short term while establishing a foundation for long-term sustainment of IT cost containment.

    • Cost-Reduction Planning for IT Vendors Storyboard
    • Cost-Cutting Classification and Prioritization Tool
    [infographic]

    Understand and Apply Internet-of-Things Use Cases to Drive Organizational Success

    • Buy Link or Shortcode: {j2store}535|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Customer Relationship Management
    • Parent Category Link: /customer-relationship-management
    • The Internet of Things (IoT) is a rapidly proliferating technology – connected devices have experienced unabated growth over the last ten years.
    • The business wants to capitalize on the IoT and move the needle forward for proactive customer service and operational efficiency.
    • Moreover, IT wants to maintain its reputation as forward-thinking, and the business wants to be innovative.

    Our Advice

    Critical Insight

    • Leverage Info-Tech’s comprehensive three-phase approach to IoT projects: understand the fundamentals of IoT capabilities, assess where the IoT will drive value within the organization, and present findings to stakeholders.
    • Conduct a foundational IoT discussion with stakeholders to level set expectations about the technology’s capabilities.
    • Determine your organization’s approach to the IoT in terms of both hardware and software.
    • Determine which use case your organization fits into: three of the use cases highlighted in this report include predictive customer service, smart offices, and supply chain applications.

    Impact and Result

    • Our methodology addresses the possible issues by using a case-study approach to demonstrate the “Art of the Possible” for the IoT.
    • With an understanding of the IoT, it is possible to find applicable use cases for this emerging technology and get a leg up on competitors.

    Understand and Apply Internet-of-Things Use Cases to Drive Organizational Success Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why your organization should care about the IoT’s potential to transform the service and the workplace, and how Info-Tech will support you as you identify and build your IoT use cases.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Understand core IoT use cases

    Analyze the scope of the IoT and the three most prominent enterprise use cases.

    • Understand and Apply Internet-of-Things Use Cases to Drive Organizational Success – Phase 1: Understand Core IoT Use Cases

    2. Build the business case for IoT applications

    Develop and prioritize use cases for the IoT using Info-Tech’s IoT Initiative Framework.

    • Understand and Apply Internet-of-Things Use Cases to Drive Organizational Success – Phase 2: Build the Business Case for IoT Initiatives

    3. Present IoT initiatives to stakeholders

    Present the IoT initiative to stakeholders and understand the way forward for the IoT initiative.

    • Understand and Apply Internet-of-Things Use Cases to Drive Organizational Success – Phase 3: Present IoT Initiatives to Stakeholders
    • Internet of Things Stakeholder Presentation Template
    [infographic]

    Prepare Your Organization to Successfully Embrace the “New Normal”

    • Buy Link or Shortcode: {j2store}422|cart{/j2store}
    • member rating overall impact: 9.3/10 Overall Impact
    • member rating average dollars saved: $61,749 Average $ Saved
    • member rating average days saved: 2 Average Days Saved
    • Parent Category Name: DR and Business Continuity
    • Parent Category Link: /business-continuity
    • The COVID-19 pandemic is creating significant challenges across every sector, but even the deepest crisis will eventually pass. However, many of the changes it has brought to how organizations function are here to stay.
    • As an IT leader, it can be challenging to envision what this future state will look like and how to position IT as a trusted partner to the business to help steer the ship as the crisis abates.

    Our Advice

    Critical Insight

    • Organizations need to cast their gaze into the “New Normal” and determine an appropriate strategy to stabilize their operations, mitigate ongoing challenges, and seize new opportunities that will be presented in a post-COVID-19 world.
    • IT needs to understand the key trends and permanent changes that will exist following the crisis and develop a proactive roadmap for rapidly adapting their technology stack, processes, and resourcing to adjust to the new normal.

    Impact and Result

    • Info-Tech recommends a three-step approach for adapting to the new normal: begin by surveying crucial changes that will occur as a result of the COVID-19 pandemic, assess their relevance to your organization’s unique situation, and create an initiatives roadmap to support the new normal.
    • This mini-blueprint will examine five key themes: changing paradigms for remote work, new product delivery models, more self-service options for customers, greater decentralization and agility for organizational decision making, and a renewed emphasis on security architecture.

    Prepare Your Organization to Successfully Embrace the “New Normal” Research & Tools

    Read the Research

    Understand the five key trends that will persist after the pandemic has passed and create a roadmap of initiatives to help your organization adapt to the "New Normal."

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Prepare Your Organization to Successfully Embrace the “New Normal” Storyboard
    [infographic]

    Effectively Recognize IT Employees

    • Buy Link or Shortcode: {j2store}547|cart{/j2store}
    • member rating overall impact: 8.0/10 Overall Impact
    • member rating average dollars saved: $100 Average $ Saved
    • member rating average days saved: 5 Average Days Saved
    • Parent Category Name: Engage
    • Parent Category Link: /engage
    • Even when organizations do have recognition programs, employees want more recognition than they currently receive.
    • In a recent study, McLean & Company found that 69% of IT employees surveyed felt they were not adequately praised and rewarded for superior work.
    • In a lot of cases, the issue with recognition programs isn’t that IT departments haven’t thought about the importance but rather that they haven’t focused on proper execution.

    Our Advice

    Critical Insight

    • You’re busy – don’t make your recognition program more complicated than it needs to be. Focus on day-to-day ideas and actively embed recognition into your IT team’s culture.
    • Recognition is impactful independent of rewards (i.e. items with a monetary value), but rewarding employees without proper recognition can be counterproductive. Put recognition first and use rewards as a way to amplify its effectiveness.

    Impact and Result

    • Info-Tech tools and guidance will help you develop a successful and sustainable recognition program aligned to strategic goals and values.
    • By focusing on three key elements – customization, alignment, and transparency – you can improve your recognition culture within four weeks, increasing employee engagement and productivity, improving relationships, and reducing turnover.

    Effectively Recognize IT Employees Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should implement an IT employee recognition program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Effectively Recognize IT Employees – Executive Brief
    • Effectively Recognize IT Employees – Phases 1-3

    1. Assess the current recognition landscape

    Understand the current perceptions around recognition practices in the organization and determine the behaviors that your program will seek to recognize.

    • Effectively Recognize IT Employees – Phase 1: Assess the Current Recognition Landscape
    • IT Employee Recognition Survey Questions

    2. Design the recognition program

    Determine the structure and processes to enable effective recognition in your IT organization.

    • Effectively Recognize IT Employees – Phase 2: Design the Recognition Program
    • Employee Recognition Program Guide
    • Employee Recognition Ideas Catalog
    • Employee Recognition Nomination Form

    3. Implement the recognition program

    Rapidly build and roll out a recognition action and sustainment plan, including training managers to reinforce behavior with recognition.

    • Effectively Recognize IT Employees – Phase 3: Implement the Recognition Program
    • Recognition Action and Communication Plan
    • Manager Training: Reinforce Behavior With Recognition
    [infographic]

    Enable Omnichannel Commerce That Delights Your Customers

    • Buy Link or Shortcode: {j2store}534|cart{/j2store}
    • member rating overall impact: 9.5/10 Overall Impact
    • member rating average dollars saved: $17,249 Average $ Saved
    • member rating average days saved: 7 Average Days Saved
    • Parent Category Name: Customer Relationship Management
    • Parent Category Link: /customer-relationship-management
    • Today’s customers expect to be able to transact with you in the channels of their choice. The proliferation of e-commerce, innovations in brick-and-mortar retail, and developments in mobile commerce and social media selling mean that IT organizations are managing added complexity in drafting a strategy for commerce enablement.
    • The right technology stack is critical in order to support world-class e-commerce and brick-and-mortar interactions with customers.

    Our Advice

    Critical Insight

    • Support the right transactional channels for the right customers: there is no “one-size-fits-all” approach to commerce enablement – understand your customers to drive selection of the right transactional channels.
    • Don’t assume that “traditional” commerce channels have stagnated: IoT, customer analytics, and blended retail are reinvigorating brick-and-mortar selling.
    • Don’t buy best-of-breed; buy best-for-you. Base commerce vendor selection on your requirements and use cases, not on the vendor’s overall performance.

    Impact and Result

    • Leverage Info-Tech’s proven, road-tested approach to using personas and scenarios to build strong business drivers for your commerce strategy.
    • Before selecting and deploying technology solutions, create a cohesive channel matrix outlining which channels your organization will support with transactional capabilities.
    • Understand evolving trends in the commerce solution space, such as AI-driven product recommendations and integration with other essential enterprise applications (i.e. CRM and marketing automation platforms).
    • Understand and apply operational best practices such as content optimization and dynamic personalization to improve the conversion rate via your e-commerce channels.

    Enable Omnichannel Commerce That Delights Your Customers Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Enable Omnichannel Commerce Deck – A deck outlining the importance of creating a cohesive omnichannel framework to improve your customer experience.

    E-commerce channels have proliferated, and traditional brick-and-mortar commerce is undergoing reinvention. In order to provide your customers with a strong experience, it's imperative to create a strategy – and to deploy the right enabling technologies – that allow for robust multi-channel commerce. This storyboard provides a concise overview of how to do just that.

    • Enable Omnichannel Commerce That Delights Your Customers – Phases 1-2

    2. Create Personas to Drive Omnichannel Requirements Template – A template to identify key customer personas for e-commerce and other channels.

    Customer personas are archetypal representations of your key audience segments. This template (and populated examples) will help you construct personas for your omnichannel commerce project.

    • Create Personas to Drive Omnichannel Requirements Template
    [infographic]

    Further reading

    Enable Omnichannel Commerce That Delights Your Customers

    Create a cohesive, omnichannel framework that supports the right transactions through the right channels for the right customers.

    Analyst Perspective

    A clearly outlined commerce strategy is a necessary component of a broader customer experience strategy.

    This is a picture of Ben Dickie, Research Lead, Research – Applications at Info-Tech Research Group

    Ben Dickie
    Research Lead, Research – Applications
    Info-Tech Research Group

    “Your commerce strategy is where the rubber hits the road, converting your prospects into paying customers. To maximize revenue (and provide a great customer experience), it’s essential to have a clearly defined commerce strategy in place.

    A strong commerce strategy seeks to understand your target customer personas and commerce journey maps and pair these with the right channels and enabling technologies. There is not a “one-size-fits-all” approach to selecting the right commerce channels: while many organizations are making a heavy push into e-commerce and mobile commerce, others are seeking to differentiate themselves by innovating in traditional brick-and-mortar sales. Hybrid channel design now dominates many commerce strategies – using a blend of e-commerce and other channels to deliver the best-possible customer experience.

    IT leaders must work with the business to create a succinct commerce strategy that defines personas and scenarios, outlines the right channel matrix, and puts in place the right enabling technologies (for example, point-of-sale and e-commerce platforms).”

    Stop! Are you ready for this project?

    This Research Is Designed For:

    • IT leaders and business analysts supporting their commercial and marketing organizations in developing and executing a technology enablement strategy for e-commerce or brick-and-mortar commerce.
    • Any organization looking to develop a persona-based approach to identifying the right channels for their commerce strategy.

    This Research Will Help You:

    • Identify key personas and customer journeys for a brick-and-mortar and/or e-commerce strategy.
    • Select the right channels for your commerce strategy and build a commerce channel matrix to codify the results.
    • Review the “art of the possible” and new developments in brick-and-mortar and e-commerce execution.

    This Research Will Also Assist:

    • Sales managers, brand managers, and any marketing professional looking to build a cohesive commerce strategy.
    • E-commerce or POS project teams or working groups tasked with managing an RFP process for vendor selection.

    This Research Will Help Them:

    • Build a persona-centric commerce strategy.
    • Understand key technology trends in the brick-and-mortar and e-commerce space.

    Executive Summary

    Your Challenge

    Today’s customers expect to be able to transact with you in the channels of their choice.

    The proliferation of e-commerce, innovations in brick-and-mortar retail, and developments in mobile commerce and social media selling mean that IT organizations are managing added complexity in drafting a strategy for commerce enablement.

    The right technology stack is critical to support world-class e-commerce and brick-and-mortar interactions with customers.

    Common Obstacles

    Many organizations do not define strong, customer-centric drivers for dictating which channels they should be investing in for transactional capabilities.

    As many retailers look to move shopping experiences online during the pandemic, the impetus for having a strong e-commerce suite has markedly increased. The proliferation of commerce vendors has made it difficult to identify and shortlist the right solution, while the pandemic has also highlighted the importance of adopting new vendors quickly and efficiently: companies need to understand the top players in different commerce market landscapes.

    IT is receiving a growing number of commerce platform requests and must be prepared to speak intelligently about requirements and the “art of the possible.”

    Info-Tech’s Approach

    • Leverage Info-Tech’s proven, road-tested approach to using personas and scenarios to build strong business drivers for your commerce strategy.
    • Before selecting and deploying technology solutions, create a cohesive channel matrix outlining which channels your organization will support with transactional capabilities.
    • Understand evolving trends in the commerce solution space, such as AI-driven product recommendations and integration with other essential enterprise applications (i.e. customer relationship management [CRM] and marketing automation platforms).
    • Understand and apply operational best practices such as content optimization and dynamic personalization to improve the conversion rate via your e-commerce channels.

    Info-Tech Insight

    • Support the right transactional channels for the right customers: there is no “one-size-fits-all” approach to commerce enablement – understand your customers to drive selection of the right transactional channels.
    • Don’t assume that “traditional” commerce channels have stagnated: IoT, customer analytics, and blended retail are reinvigorating brick-and-mortar selling.
    • Don’t buy best-of-breed; buy best-for-you: base commerce vendor selection on your requirements and use cases, not on the vendor’s overall performance.

    A strong commerce strategy is an essential component of a savvy approach to customer experience management

    A commerce strategy outlines an organization’s approach to selling its products and services. A strong commerce strategy identifies target customers’ personas, commerce journeys that the organization wants to support, and the channels that the organization will use to transact with customers.

    Many commerce strategies encompass two distinct but complementary branches: a commerce strategy for transacting through traditional channels and an e-commerce strategy. While the latter often receives more attention from IT, it still falls on IT leaders to provide the appropriate enabling technologies to support traditional brick-and-mortar channels as well. Traditional channels have also undergone a digital renaissance in recent years, with forward-looking companies capitalizing on new technology to enhance customer experiences in their stores.

    Traditional Channels

    • Physical Stores (Brick and Mortar)
    • Kiosks or Pop-Up Stores
    • Telesales
    • Mail Orders
    • EDI Transactions

    E-Commerce Channels

    • E-Commerce Websites
    • Mobile Commerce Apps
    • Embedded Social Shopping
    • Customer Portals
    • Configure Price Quote Tool Sets (CPQ)
    • Hybrid Retail

    Info-Tech Insight

    To better serve their customers, many companies position themselves as “click-and-mortar” shops – allowing customers to transact at a store or online.

    Customers’ expectations are on the rise: meet them!

    Today’s consumers expect speed, convenience, and tailored experiences at every stage of the customer lifecycle. Successful organizations strive to support these expectations.

    58%
    of retail customers admitted that their expectations now are higher than they were a year ago (FinancesOnline).

    70%
    of consumers between the ages of 18 and 34 have increasing customer expectations year after year (FinancesOnline).

    69%
    of consumers now expect store associates to be armed with a mobile device to deliver value-added services, such as looking up product information and checking inventory (V12).

    73%
    of support leaders agree that customer expectations are increasing, but only…

    42%
    of support leaders are confident that they’re actually meeting those expectations.

    How can you be sure that you are meeting your customers’ expectations?

    1. Offer more personalization throughout the entire customer journey
    2. Practice quality customer service – ensure staff have up-to-date knowledge and offer quick resolution time for complaints
    3. Focus on offering low-effort experiences and easy-to-use platforms (i.e. “one-click buying”)
    4. Ensure your products and services perform well and do what they’re meant to do
    5. Ensure omnichannel availability – 9 in 10 consumers want a seamless omnichannel experience

    Info-Tech Insight

    Customers expect to interact with organizations through the channels of their choice. Now more than ever, you must enable your organization to provide tailored commerce and transactional experiences.

    Omnichannel commerce is the way of the future

    Create a strategy that embraces this reality with the right tools!

    Get ahead of the competition by doing omnichannel right! Devise a strategy that allows you to create and maintain a consistent, seamless commerce experience by optimizing operations with an omnichannel framework. Customers want to interact with you on their own terms, and it falls to IT to ensure that applications are in place to support and manage both traditional and e-commerce channels. There must also be consistency of copy, collateral, offers, and pricing between commerce channels.

    71%
    of consumers want a consistent experience across all channels, but only…

    29%
    say that they actually get it.

    (Source: Business 2 Community, 2020)

    Omnichannel is a “multichannel approach that aims to provide customers with a personalized, integrated, and seamless shopping experience across diverse touchpoints and devices.”
    Source: RingCentral, 2021

    IT is responsible for providing technology enablement of the commerce strategy: e-commerce platforms are a cornerstone

    An e-commerce platform is an enterprise application that provides end-to-end capabilities for allowing customers to purchase products or services from your company via an online channel (e.g. a traditional website, a mobile application, or an embedded link in a social media post). Modern e-commerce platforms are essential for delivering a frictionless customer journey when it comes to purchasing online.

    $6.388
    trillion dollars worth of sales will be conducted online by 2024 (eMarketer, 14 Jan. 2021).

    44%
    of all e-commerce transactions are expected to be completed via a mobile device by 2024 (Insider).

    21.8%
    of all sales will be made from online purchases by 2024 (eMarketer, 14 Jan. 2021).

    Strong E-Commerce Platforms Enable a Wide Range of Functional Areas:

    • Product Catalog Management
    • Web Content Delivery
    • Product Search Engine
    • Inventory Management
    • Shopping Cart Management
    • Discount and Coupon Management
    • Return Management and Reverse Logistics
    • Dynamic Personalization
    • Dynamic Promotions
    • Predictive Re-Targeting
    • Predictive Product Recommendations
    • Transaction Processing
    • Compliance Management
    • Commerce Workflow Management
    • Loyalty Program Management
    • Reporting and Analytics

    An e-commerce solution boosts the effectiveness and efficiency of your operations and drives top-line growth

    Take time to learn the capabilities of modern e-commerce applications. Understanding the “art of the possible” will help you to get the most out of your e-commerce platform.

    An e-commerce platform helps marketers and sales staff in three primary ways:

    1. It allows the organization to effectively and efficiently operate e-commerce operations at scale.
    2. It allows commercial staff to have a single system for managing and monitoring all commercial activity through online channels.
    3. It allows the organization to improve the customer-facing e-commerce experience, boosting conversions and top-line sales.

    A dedicated e-commerce platform improves the efficiency of customer-commerce operations

    • Workflow automation reduces the amount of time spent executing dynamic e-commerce campaigns.
    • The use of internal or third-party data increases conversion effectiveness from customer databases across the organization.

    Info-Tech Insight

    A strong e-commerce provides marketers with the data they need to produce actionable insights about their customers.

    Case Study

    INDUSTRY - Retail
    SOURCE - Salesforce (a)

    PetSmart improves customer experience by leveraging a new commerce platform in the Salesforce ecosystem

    PetSmart

    PetSmart is a leading retailer of pet products, with a heavy footprint across North America. Historically, PetSmart was a brick-and-mortar retailer, but it has placed a heavy emphasis on being a true multi-channel “click-and-mortar” retailer to ensure it maintains relevance against competitors like Amazon.

    E-Commerce Overhaul Initiative

    To improve its e-commerce capabilities, PetSmart recognized that it needed to consolidate to a single, unified e-commerce platform to realize a 360-degree view of its customers. A new platform was also required to power dynamic and engaging experiences, with appropriate product recommendations and tailored content. To pursue this initiative, the company settled on Salesforce.com’s Commerce Cloud product after an exhaustive requirements definition effort and rigorous vendor selection approach.

    Results

    After platform implementation, PetSmart was able to effortlessly handle the massive transaction volumes associated with Black Friday and Cyber Monday and deliver 1:1 experiences that boosted conversion rates.

    PetSmart standardized on the Commerce Cloud from Salesforce to great effect.

    This is an image of the journey from Discover & Engage to Retain & Advocate.

    Case Study

    Icebreaker exceeds customer expectations by using AI to power product recommendations

    INDUSTRY - Retail
    SOURCE - Salesforce (b)

    Icebreaker

    Icebreaker is a leading outerwear and lifestyle clothing company, operating six global websites and owning over 5,000 stores across 50 countries. Icebreaker is focused on providing its shoppers with accurate, real-time product suggestions to ensure it remains relevant in an increasingly competitive online market.

    E-Commerce Overhaul Initiative

    To improve its e-commerce capabilities, Icebreaker recognized that it needed to adopt a predictive recommendation engine that would offer its customers a more personalized shopping experience. This new system would need to leverage relevant data to provide both known and anonymous shoppers with product suggestions that are of interest to them. To pursue this initiative, Icebreaker settled on using Salesforce.com’s Commerce Cloud Einstein, a fully integrated AI.

    Results

    After integrating Commerce Cloud Einstein on all its global sites, Icebreaker was able to cross-sell and up-sell its merchandise more effectively by providing its shoppers with accurate product recommendations, ultimately increasing average order value.

    IT must also provide technology enablement for other channels, such as point-of-sale systems for brick-and-mortar

    Point-of-sale systems are the “real world” complement to e-commerce platforms. They provide functional capabilities for selling products in a physical store, including basic inventory management, cash register management, payment processing, and retail analytics. Many firms struggle with legacy POS environments that inhibit a modern customer experience.

    $27.338
    trillion dollars in retail sales are expected to be made globally in 2022 (eMarketer, 2022).

    84%
    of consumers believe that retailers should be doing more to integrate their online and offline channels (Invoca).

    39%
    of consumers are unlikely or very unlikely to visit a retailer’s store if the online store doesn’t provide physical store inventory information (V12).

    Strong Point-of-Sale Platforms Enable a Wide Range of Functional Areas:

    • Product Catalog Management
    • Discount Management
    • Coupon Management and Administration
    • Cash Management
    • Cash Register Reconciliation
    • Product Identification (Barcode Management)
    • Payment Processing
    • Compliance Management
    • Basic Inventory Management
    • Commerce Workflow Management
    • Exception Reporting and Overrides
    • Loyalty Program Management
    • Reporting and Analytics

    E-commerce and POS don’t live in isolation

    They’re key components of a well-oiled customer experience ecosystem!

    Integrate commerce solutions with other customer experience applications – and with ERP or logistics systems – to handoff transactions for order fulfilment.

    Having a customer master database – the central place where all up-to-the-minute data on a customer profile is stored – is essential for traditional and e-commerce success. Typically, the POS or e-commerce platform is not the system of record for the master customer profile: this information lives in a CRM platform or customer data warehouse. Conceptually, this system is at the center of the customer-experience ecosystem.

    Strong POS and e-commerce solutions orchestrate transactions but typically do not do the heavy lifting in terms of order fulfilment, shipping logistics, economic inventory management, and reverse logistics (returns). In an enterprise-grade environment, these activities are executed by an enterprise resource planning (ERP) solution – integrating your commerce systems with a back-end ERP solution is a crucial step from an application architecture point of view.

    This is an example of a customer experience ecosystem.  Core Apps (CRM, ERP): MMS Suite; E-Commerce; POS; Web CMS; Data Marts/BI Tools; Social Media Platforms

    Case Study

    INDUSTRY - Retail
    SOURCES - Amazon, n.d. CNET, 2020

    Amazon is creating a hybrid omnichannel experience for retail by introducing innovative brick-and-mortar stores

    Amazon

    Amazon began as an online retailer of books in the mid-1990s, and rapidly expanded its product portfolio to nearly every category imaginable. Often hailed as the foremost success story in online commerce, the firm has driven customer loyalty via consistently strong product recommendations and a well-designed site.

    Bringing Physical Retail Into the Digital Age

    Beginning in 2016 (and expanding in 2018), Amazon introduced Amazon Go, a next-generation grocery retailer, to the Seattle market. While most firms that pursue an e-commerce strategy traditionally come from a brick-and-mortar background, Amazon upended the usual narrative: the world’s largest online retailer opening physical stores to become a true omnichannel, “click-and-mortar” vendor. From the get-go, Amazon Go focused on innovating the physical retail experience – using cameras, IoT capabilities, and mobile technologies to offer “checkout-free” virtual shopping carts that automatically know what products customers take off the shelves and bill their Amazon accounts accordingly.

    Results

    Amazon received a variety of industry and press accolades for re-inventing the physical store experience and it now owns and operates seven separate store brands, with more still on the horizon.

    Case Study

    INDUSTRY - Retail
    SOURCES - Glossy, 2020

    Old Navy

    Old Navy is a clothing and accessories retail company that owns and operates over 1,200 stores across North America and China. Typically, Old Navy has relied on using traditional marketing approaches, but recently it has shifted to producing more digitally focused campaigns to drive revenue.

    Bringing Physical Retail Into the Digital Age

    To overcome pandemic-related difficulties, including temporary store closures, Old Navy knew that it had to have strong holiday sales in 2020. With the goal of stimulating retail sales growth and maximizing its pre-existing omnichannel capabilities, Old Navy decided to focus more of its holiday campaign efforts online than in years past. With this campaign centered on connected TV platforms, such as Hulu, and social media channels including Facebook, Instagram, and TikTok, Old Navy was able to take a more unique, fun, and good-humored approach to marketing.

    Results

    Old Navy’s digitally focused campaign was a success. When compared with third quarter sales figures from 2019, third quarter net sales for 2020 increased by 15% and comparable sales increased by 17%.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3 Phase 4 Phase 5

    Call #1: Scope requirements, objectives, and your specific challenges.

    Call #2: Assess current maturity.

    Call #4: Identify relationship between current initiatives and capabilities.

    Call #6: Identify strategy risks.

    Call #8: Identify and prioritize improvements.

    Call #3: Identify target-state capabilities.

    Call #5: Create initiative profiles.

    Call #7: Identify required budget.

    Call #9: Summarize results and plan next steps.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

    Enable Omnichannel Commerce That Delights Your Customers – Project Overview

    1. Identify Critical Drivers for Your Omnichannel Commerce Strategy 2. Map Drivers to the Right Channels and Technologies
    Best Practice Toolkit

    1.1 Assess Personas and Scenarios

    1.2 Create Key Drivers and Metrics

    2.1 Build the Commerce Channel Matrix

    2.2 Review Technology and Trends Primer

    Guided Implementations
    • Validate customer personas.
    • Validate commerce scenarios.
    • Review key drivers and metrics.
    • Build the channel matrix.
    • Discuss technology and trends.
    Onsite Workshop

    Module 1:

    Module 2:

    Identify Critical Drivers for Your Omnichannel Commerce Strategy

    Map Drivers to the Right Channels and Technologies

    Phase 1 Outcome:

    Phase 2 Outcome:

    An initial shortlist of customer-centric drivers for your channel strategy and supporting metrics.

    A completed commerce channel matrix tailored to your organization, and a snapshot of enabling technologies and trends.

    Phase 1

    Identify Critical Drivers for Your Omnichannel Commerce Strategy

    1.1 Assess Personas and Scenarios

    1.2 Create Key Drivers and Metrics

    Enable Omnichannel Commerce That Delights Your Customers

    Step 1.1

    Assess Personas and Scenarios

    This step will walk you through the following activities:

    1.1.1 Build key customer personas for your commerce strategy.

    1.1.2 Create commerce scenarios (journey maps) that you need to enable.

    Identify Critical Drivers for Your Omnichannel Commerce Strategy

    This step involves the following participants:

    • Business stakeholders (Sales, Marketing)
    • IT project team

    Outcomes of this step:

    • Critical customer personas
    • Key traditional and e-commerce scenarios

    Use customer personas to picture who will be using your commerce channels and guide scenario design and key drivers

    What Are Personas?

    Personas are detailed descriptions of the targeted audience of your e-commerce presence. Effective personas:

    • Express and focus on the major needs and expectations of the most important user groups.
    • Give a clear picture of the typical user’s behavior.
    • Aid in uncovering universal features and functionality.
    • Describe real people with backgrounds, goals, and values.

    Source: Usability.gov, n.d.

    Why Are Personas Important?

    Personas help:

    • Focus the development of commerce platform features on the immediate needs of the intended audience.
    • Detail the level of customization needed to ensure content is valuable to the user.
    • Describe how users may behave when certain audio and visual stimulus are triggered from the website.
    • Outline the special design considerations required to meet user accessibility needs.

    Key Elements of a Persona:

    • Persona Group (e.g. executives)
    • Demographics (e.g. nationality, age, language spoken)
    • Purpose of Using Commerce Channels (e.g. product search versus ready to transact)
    • Typical Behaviors and Tendencies (e.g. goes to different websites when cannot find products in 20 seconds)
    • Technological Environment of User (e.g. devices, browsers, network connection)
    • Professional and Technical Skills and Experiences (e.g. knowledge of websites, area of expertise)

    Use Info-Tech’s guidelines to assist in the creation of personas

    How many personas should I create?

    The number of personas that should be created is based on the organizational coverage of your commerce strategy. Here are some questions you should ask:

    • Do the personas cover a majority of your revenues or product lines?
    • Is the number manageable for your project team to map out?

    How do I prioritize which personas to create?

    The identified personas should generate the most revenue – or provide a significant opportunity – for your business. Here are some questions that you should ask:

    • Are the personas prioritized based on the revenue they generate for the business?
    • Is the persona prioritization process considering both the present and future revenues the persona is generating?

    Sample: persona for e-commerce platform

    Example

    Persona quote: “After I call the company about the widget, I would usually go onto the company’s website and look at further details about the product. How am I supposed to do so when it is so hard to find the company’s website on everyday search engines, such as Google, Yahoo, or Bing?”

    Michael is a middle-aged manager working in the financial district. He wants to buy the company’s widgets for use in his home, but since he is distrusting of online shopping, he prefers to call the company’s call center first. Afterwards, if Michael is convinced by the call center representative, he will look at the company’s website for further research before making his purchase.

    Michael does not have a lot of free time on his hands, and tries to make his free time as relaxing as possible. Due to most of his work being client-facing, he is not in front of a computer most of the time during his work. As such, Michael does not consider himself to be skilled with technology. Once he makes the decision to purchase, Michael will conduct online transactions and pay most delivery costs due to his shortage of time.

    Needs:

    • Easy-to-find website and widget information.
    • Online purchasing and delivery services.
    • Answer to his questions about the widget.
    • To maintain contact post-purchase for easy future transactions.

    Info-Tech Tip

    The quote attached to a persona should be from actual quotes that your customers have used when you reviewed your voice of the customer (VoC) surveys or focus groups to drive home the impact of their issues with your company.

    1.1.1 Activity: Build personas for your key customers that you’ll need to support via traditional and e-commerce channels

    1 hour

    1. In two to four groups, list all the major, target customer personas that need to be built. In doing so, consider the people who interact with your e-commerce site (or other channels) most often.
    2. Build a demographic profile for each customer persona. Include information such as age, geographic location, occupation, and annual income.
    3. Augment the persona with a psychographic profile. Consider the goals and objectives of each customer persona and how these might inform buyer behaviors.
    4. Introduce your group’s personas to the entire group, in a round-robin fashion, as if you are introducing your persona at a party.
    5. Summarize the personas in a persona map. Rank your personas according to importance and remove any duplicates.
    6. Use Info-Tech’s Create Personas to Drive Omnichannel Requirements Template to assist.

    Info-Tech Insight

    Persona building is typically used for understanding the external customer; however, if you need to gain a better understanding of the organization’s internal customers (those who will be interacting with the e-commerce platform), personas can also be built for this purpose. Examples of useful internal personas are sales managers, brand managers, and customer service directors.

    1.1.1 Activity: Build personas for your key customers that you’ll need to support via traditional and e-commerce channels (continued)

    Input

    • Customer demographics and psychographics

    Output

    • List of prioritized customer personas

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project team

    Build use-case scenarios to model the transactional customer journey and inform drivers for your commerce strategy

    A use-case scenario is a story or narrative that helps explore the set of interactions that a customer has with an organization. Scenario mapping will help identify key business and technology drivers as well as more granular functional requirements for POS or e-commerce platform selection.

    A GOOD SCENARIO…

    • Describes specific task(s) that need to be accomplished.
    • Describes user goals and motivations.
    • Describes interactions with a compelling but not overwhelming amount of detail.
    • Can be rough, as long as it provokes ideas and discussion.

    SCENARIOS ARE USED TO...

    • Provide a shared understanding about what a user might want to do and how they might want to do it.
    • Help construct the sequence of events that are necessary to address in your user interface(s).

    TO CREATE GOOD SCENARIOS…

    • Keep scenarios high level, not granular, in nature.
    • Identify as many scenarios as possible. If you’re time constrained, try to develop two to three key scenarios per persona.
    • Sketch each scenario out so that stakeholders understand the goal of the scenario.

    1.1.2 Exercise: Build commerce user scenarios to understand what you want your customers to do from a transactional viewpoint

    1 hour

    Example

    Simplified E-Commerce Workflow Purchase Products

    This image contains an example of a Simplified E-Commerce Workflow Purchase Products

    Step 1.2

    Create Key Drivers and Metrics

    This step will walk you through the following activities:

    • Create the business drivers you need to enable with your commerce strategy.
    • Enumerate metrics to track the efficacy of your commerce strategy.

    Identify Critical Drivers for Your Omnichannel Commerce Strategy

    This step involves the following participants:

    • Business stakeholders (Sales, Marketing)
    • IT project team

    Outcomes of this step:

    • Business drivers for the commerce strategy
    • Metrics and key performance indicators for the commerce strategy

    1.2 Finish elaboration of your scenarios and map them to your personas: identify core business drivers for commerce

    1.5 hours

    1. List all commerce scenarios required to satisfy the immediate needs of your personas.
      1. Does the use-case scenario address commonly felt user challenges?
      2. Can the scenario be used by those with changing behaviors and tendencies?
    2. Look for recurring themes in use-case scenarios (for example, increasing average transaction cost through better product recommendations) and identify business drivers: drivers are common thematic elements that can be found across multiple scenarios. These are the key principles for your commerce strategy.
    3. Prioritize your use cases by leveraging the priorities of your business drivers.

    Example

    This is an example of how step 1.2 can help you identify business drivers

    1.2 Finish elaboration of your scenarios and map them to your personas: identify core business drivers for commerce (continuation)

    Input

    • User personas

    Output

    • List of use cases
    • Alignment of use cases to business objectives

    Materials

    • Whiteboard
    • Markers

    Participants

    • Business Analyst
    • Developer
    • Designer

    Show the benefits of commerce solution deployment with metrics aimed at both overall efficacy and platform adoption

    The ROI and perceived value of the organization’s e-commerce and POS solutions will be a critical indication of the success of the suite’s selection and implementation.

    Commerce Strategy and Technology Adoption Metrics

    EXAMPLE METRICS

    Commerce Performance Metrics

    Average revenue per unique transaction

    Quantity and quality of commerce insights

    Aggregate revenue by channel

    Unique customers per channel

    Savings from automated processes

    Repeat customers per channel

    User Adoption and Business Feedback Metrics

    User satisfaction feedback

    User satisfaction survey with technology

    Business adoption rates

    Application overhead cost reduction

    Info-Tech Insight

    Even if e-commerce metrics are difficult to track right now, the implementation of a dedicated e-commerce platform brings access to valuable customer intelligence from data that was once kept in silos.

    Phase 2

    Map Drivers to the Right Channels and Technologies

    2.1 Build the Commerce Channel Matrix

    2.2 Review Technology and Trends Primer

    Enable Omnichannel Commerce That Delights Your Customers

    Step 2.1

    Build the Commerce Channel Matrix

    This step will walk you through the following activities:

    • Based on your business drivers, create a blended mix of e-commerce channels that will suit your organization’s and customers’ needs.

    Map Drivers to the Right Channels and Technologies

    This step involves the following participants:

    • Business stakeholders (Sales, Marketing)
    • IT project team

    Outcomes of this step:

    • Commerce channel map

    Pick the transactional channels that align with your customer personas and enable your target scenarios and drivers

    Traditional Channels

    E-Commerce Channels

    Hybrid Channels

    Physical stores (brick and mortar) are the mainstay of retailers selling tangible goods – some now also offer intangible service delivery.

    E-commerce websites as exemplified by services like Amazon are accessible by a browser and deliver both goods and services.

    Online ordering/in-store fulfilment is a model whereby customers can place orders online but pick the product up in store.

    Telesales allows customers to place orders over the phone. This channel has declined in favor of mobile commerce via smartphone apps.

    Mobile commerce allows customers to shop through a dedicated, native mobile application on a smartphone or tablet.

    IoT-enabled smart carts/bags allow customers to shop in store, but check-out payments are handled by a mobile application.

    Mail order allows customers to send (”snail”) mail orders. A related channel is fax orders. Both have diminished in favor of e-commerce.

    Social media embedded shopping allows customers to order products directly through services such as Facebook.

    Info-Tech Insight

    Your channel selections should be driven by customer personas and scenarios. For example, social media may be extensively employed by some persona types (i.e. millennials) but see limited adoption in other demographics or use cases (i.e. B2B).

    2.1 Activity: Build your commerce channel matrix

    30 minutes

    1. Inventory which transactional channels are currently used by your firm (segment by product lines if variation exists).
    2. Interview product leaders, sales leaders, and marketing managers to determine if channels support transactional capabilities or are used for marketing and service delivery.
    3. Review your customer personas, scenarios, and drivers and assess which of the channels you will use in the future to sell products and services. Document below.

    Example: Commerce Channel Map

    Product Line A Product Line B Product Line C
    Currently Used? Future Use? Currently Used? Future Use? Currently Used? Future Use?
    Store Yes Yes No No No No
    Kiosk Yes No No No No No
    E-Commerce Site/Portal No Yes Yes Yes Yes Yes
    Mobile App No No Yes Yes No Yes
    Embedded Social Yes Yes Yes Yes Yes Yes

    Input

    • Personas, scenarios, and driver

    Output

    • Channel map

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project team

    Step 2.2

    Review Technology and Trends Primer

    This step will walk you through the following activities:

    • Review the scope of e-commerce and POS solutions and understand key drivers impacting e-commerce and traditional commerce.

    Map Drivers to the Right Channels and Technologies

    This step involves the following participants:

    • Business stakeholders (Sales, Marketing)
    • IT project team

    Outcomes of this step:

    • Understanding of key technologies
    • Understanding of key trends

    Application spotlight: e-commerce platforms

    How It Enables Your Strategy

    • Modern e-commerce platforms provide capabilities for end-to-end orchestration of online commerce experiences, from product site deployment to payment processing.
    • Some e-commerce platforms are purpose-built for business-to-business (B2B) commerce, emphasizing customer portals and EDI features. Other e-commerce vendors place more emphasis on business-to-consumer (B2C) capabilities, such as product catalog management and executing transactions at scale.
    • There has been an increasing degree of overlap between traditional web experience management solutions and the e-commerce market; for example, in 2018, Adobe acquired Magento to augment its overall web experience offering within Adobe Experience Manager.
    • E-commerce platforms typically fall short when it comes to order fulfilment and logistics; this piece of the puzzle is typically orchestrated via an ERP system or logistics management module.
    • This research provides a starting place for defining e-commerce requirements and selection artefacts.

    Key Trends

    • E-commerce vendors are rapidly supporting a variety of form factors and integration with other channels such as social media. Mobile is sufficiently popular that some vendors and industry commentators refer to it as “m-commerce” to differentiate app-based shopping experiences from those accessed through a traditional browser.
    • Hybrid commerce is driving more interplay between e-commerce solutions and POS.

    E-Commerce KPIs

    Strong e-commerce applications can improve:

    • Bounce Rates
    • Exit Rates
    • Lead Conversion Rates
    • Cart Abandonment Rates
    • Re-Targeting Efficacy
    • Average Cart Size
    • Average Cart Value
    • Customer Lifetime Value
    • Aggregate Reach/Impressions

    Familiarize yourself with the e-commerce market

    How it got here

    Initial Traction as the Dot-Com Era Came to Fruition

    Unlike some enterprise application markets, such as CRM, the e-commerce market appeared almost overnight during the mid-to-late nineties as the dot-com explosion fueled the need to have reliable solutions for executing transactions online.

    Early e-commerce solutions were less full-fledged suites than they were mediums for payment processing and basic product list management. PayPal and other services like Digital River were pioneers in the space, but their functionality was limited vis-à-vis tools such as web content management platforms, and their ability to amalgamate and analyze the data necessary for dynamic personalization and re-targeting was virtually non-existent.

    Rapidly Expanding Scope of Functional Capabilities as the Market Matured

    As marketers became more sophisticated and companies put an increased focus on customer experience and omnichannel interaction, the need arose for platforms that were significantly more feature rich than their early contemporaries. In this context, vendors such as Shopify and Demandware stepped into the limelight, offering far richer functionality and analytics than previous offerings, such as asset management, dynamic personalization, and the ability to re-target customers who abandoned their carts.

    As the market has matured, there has also been a series of acquisitions of some players (for example, Demandware by Salesforce) and IPOs of others (i.e. Shopify). Traditional payment-oriented services like PayPal still fill an important niche, while newer entrants like Square seek to disrupt both the e-commerce market and point-of-sale solutions to boot.

    Familiarize yourself with the e-commerce market

    Where it’s going

    Support for a Proliferation of Form Factors and Channels

    Modern e-commerce solutions are expanding the number of form factors (smartphones, tablets) they support via both responsive design and in-app capabilities. Many platforms now also support embedded purchasing options in non-owned channels (for example, social media). With the pandemic leading to a heightened affinity for online shopping, the importance of fully using these capabilities has been further emphasized.

    AI and Machine Learning

    E-commerce is another customer experience domain ripe for transformation via the potential of artificial intelligence. Machine learning algorithms are being used to enhance the effectiveness of dynamic personalization of product collateral, improve the accuracy of product recommendations, and allow for more effective re-targeting campaigns of customers who did not make a purchase.

    Merger of Online Commerce and Traditional Point-of-Sale

    Many e-commerce vendors – particularly the large players – are now going beyond traditional e-commerce and making plays into brick-and-mortar environments, offering point-of-sale capabilities and the ability to display product assets and customizations via augmented reality – truly blending the physical and virtual shopping experience.

    Emphasis on Integration with the Broader Customer Experience Ecosystem

    The big names in e-commerce recognize they don’t live on an island: out-of-the-box integrations with popular CRM, web experience, and marketing automation platforms have been increasing at a breakneck pace. Support for digital wallets has also become increasingly popular, with many vendors integrating contactless payment technology (i.e. Apple Pay) directly into their applications.

    E-Commerce Vendor Snapshot: Part 1

    Mid-Market E-Commerce Solutions

    This image contains the logos for the following Companies: Magento; Spryker; Bigcommerce; Woo Commerce; Shopify

    E-Commerce Vendor Snapshot: Part 2

    Large Enterprise and Full-Suite E-Commerce Platforms

    This image contains the logos for the following Companies: Salesforce commerce cloud; Oracle Commerce Cloud; Adobe Commerce Cloud; Sitecore; Sap Hybris Commerce

    Speak with category experts to dive deeper into the vendor landscape

    • Fact-based reviews of business software from IT professionals.
    • Product and category reports with state-of-the-art data visualization.
    • Top-tier data quality backed by a rigorous quality assurance process.
    • User-experience insight that reveals the intangibles of working with a vendor.

    Software Reviews is powered by Info-Tech

    Technology coverage is a priority for Info-Tech, and SoftwareReviews provides the most comprehensive unbiased data on today’s technology. The insights of our expert analysts provide unparalleled support to our members at every step of their buying journey.

    CLICK HERE to access SoftwareReviews Comprehensive software reviews to make better IT decisions.

    We collect and analyze the most detailed reviews on enterprise software from real users to give you an unprecedented view into the product and vendor before you buy.

    Evaluate software category leaders through vendor rankings and awards

    SoftwareReviews

    This is an image of the data quarant report

    The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.

    This is an image of the data quarant report chart

    Vendors are ranked by their Composite Score, based on individual feature evaluations, user satisfaction rankings, vendor capability comparisons, and likeliness to recommend the platform.

    This is a image of the Emotional Footprint Report

    The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.

    This is a image of the Emotional Footprint Report chart

    Vendors are ranked by their Customer Experience (CX) Score, which combines the overall Emotional Footprint rating with a measure of the value delivered by the solution.

    Leading B2B E-Commerce Platforms

    As of February 2022

    Data Quadrant

    This image contains a screenshot of the Data Quadrant chart for B2B E-commerce

    Emotional Footprint

    This image contains a screenshot of the Emotional Footprint chart for B2B E-commerce

    Leading B2C E-Commerce Platforms

    As of February 2022

    Data Quadrant

    This image contains a screenshot of the Data Quadrant chart for B2C E-commerce

    Emotional Footprint

    This image contains a screenshot of the Emotional Footprint chart for B2C E-commerce

    Application spotlight: point-of-sale solutions

    How It Enables Your Strategy

    • Point-of-sale solutions provide capabilities for cash register/terminal management, transaction processing, and lightweight inventory management.
    • Many POS vendors also offer products that have the ability to create orders from EDI, phone, or fax channels.
    • An increasing emphasis has been placed on retail analytics by POS vendors – providing reporting and analysis tools to help with inventory planning, promotion management, and product recommendations.
    • Integration of POS systems with a central customer data warehouse or other system of record for customer information allows for the ability to build richer customer profiles and compare shopping habits in physical stores against other transactional channels that are offered.
    • POS vendors often offer (or integrate with) loyalty management solutions to track, manage, and redeem loyalty points. See this note on loyalty management systems.
    • Legacy and/or homegrown POS systems tend to be an area of frustration for customer experience management modernization.

    Key Trends

    • POS solutions are moving from “cash-register-only” solutions to encompass mobile POS form factors like smartphones and tablets. Vendors such as Square have experienced tremendous growth in opening up the market via “mPOS” platforms that have lower costs to entry than the traditional hardware needed to support full-fledged POS solutions.
    • This development puts robust POS toolsets in the hands of small and medium businesses that otherwise would be priced out of the market.

    POS KPIs

    Strong POS applications can improve:

    • Customer Data Collection
    • Inventory or Cash Shrinkage
    • Cost per Transaction
    • Loyalty Program Administration Costs
    • Cycle Time for Transaction Execution

    Point-of-Sales Vendor Snapshot: Part 1

    Mid-Market POS Solutions

    This image contains the following company Logos: Square; Shopify; Vend; Heartland|Retail

    Point-of-Sales Vendor Snapshot: Part 2

    Large Enterprise POS Platforms

    This image contains the following Logos: Clover; Oracle Netsuite; RQ Retail Management; Salesforce Commerce Cloud; Korona

    Leading Retail POS Systems

    As of February 2022

    Data Quadrant

    This is an image of the Data Quadrant Chart for the Leading Retail Pos Systems

    Emotional Footprint

    This is an image of the Emotional Footprint chart for the Leading Retail POS Systems

    Summary of Accomplishment

    Knowledge Gained

    • Commerce channel framework
    • Customer affinities
    • Commerce channel overview
    • Commerce-enabling technologies

    Processes Optimized

    • Persona definition for commerce strategy
    • Persona channel shortlist

    Deliverables Completed

    • Customer personas
    • Commerce user scenarios
    • Business drivers for traditional commerce and e-commerce
    • Channel matrix for omnichannel commerce

    Bibliography

    “25 Amazing Omnichannel Statistics Every Marketer Should Know (Updated for 2021).” V12, 29 June 2021. Accessed 12 Jan. 2022.

    “Amazon Go.” Amazon, n.d. Web.

    Andersen, Derek. “33 Statistics Retail Marketers Need to Know in 2021.” Invoca, 19 July 2021. Accessed 12 Jan. 2022.

    Andre, Louie. “115 Critical Customer Support Software Statistics: 2022 Market Share Analysis & Data.” FinancesOnline, 14 Jan. 2022. Accessed 25 Jan. 2022.

    Chuang, Courtney. “The future of support: 5 key trends that will shape customer care in 2022.” Intercom, 10 Jan. 2022. Accessed 11 Jan. 2022.

    Cramer-Flood, Ethan. “Global Ecommerce Update 2021.” eMarketer, 13 Jan. 2021. Accessed 12 Jan. 2022.

    Cramer-Flood, Ethan. “Spotlight on total global retail: Brick-and-mortar returns with a vengeance.” eMarketer, 3 Feb. 2022. Accessed 12 Apr. 2022.

    Fox Rubin, Ben. “Amazon now operates seven different kinds of physical stores. Here's why.” CNET, 28 Feb. 2020. Accessed 12 Jan. 2022.

    Krajewski, Laura. “16 Statistics on Why Omnichannel is the Future of Your Contact Center and the Foundation for a Top-Notch Competitive Customer Experience.” Business 2 Community, 10 July 2020. Accessed 11 Jan. 2022.

    Manoff, Jill. “Fun and convenience: CEO Nany Green on Old Navy’s priorities for holiday.” Glossy, 8 Dec. 2020. Accessed 12 Jan. 2022.

    Meola, Andrew. “Rise of M-Commerce: Mobile Ecommerce Shopping Stats & Trends in 2021.” Insider, 30 Dec. 2020. Accessed 12 Jan. 2022.

    “Outdoor apparel retailer Icebreaker uses AI to exceed shopper expectations.” Salesforce, n.d.(a). Accessed 20 Jan. 2022.

    “Personas.” Usability.gov., n.d. Web. 28 Aug. 2018.

    “PetSmart – Why Commerce Cloud?” Salesforce, n.d.(b). Web. 30 April 2018.

    Toor, Meena. “Customer expectations: 7 Types all exceptional researchers must understand.” Qualtrics, 3 Dec. 2020. Accessed 11 Jan. 2022.

    Westfall, Leigh. “Omnichannel vs. multichannel: What's the difference?” RingCentral, 10 Sept. 2021. Accessed 11 Jan. 2022.

    “Worldwide ecommerce will approach $5 trillion this year.” eMarketer, 14 Jan. 2021. Accessed 12 Jan. 2022.

    2022 Tech Trends

    • Buy Link or Shortcode: {j2store}94|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Innovation
    • Parent Category Link: /innovation
    • The post-pandemic workplace continues to shift and requires collaboration between remote workers and office workers.
    • Digital transformation has accelerated across every organization and CIOs must maneuver to keep pace.
    • Customer expectations have shifted, and spending habits are moving away from in-person activities to online.
    • IT must improve its maturity in key capabilities to maintain relevance in the organization.

    Our Advice

    Critical Insight

    • Improve the capabilities that matter. Focus on IT capabilities that are most relevant to competing in the digital economy and will enable the CEO's mission for growth.
    • Assess how external environment presents opportunities or threats to your organization using a scenarios approach, then chart a plan.

    Impact and Result

    • Use the data and analysis from Info-Tech's 2022 Tech Trends report to inform your digital strategic plan.
    • Discover the five trends shaping IT's path in 2022 and explore use cases for emerging technologies.
    • Hear directly from leading subject matter experts on each trend with featured episodes from our Tech Insights podcast.

    2022 Tech Trends Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. 2022 Tech Trends Report – A deck that discusses five use cases that can improve on your organization’s ability to compete in the digital economy.

    The post-pandemic pace of change continues to accelerate as the economic rapidly becomes more digital. To keep pace with shifting consumer expectations, CIOs must help the CEO compete in the digital economy by focusing on five key capabilities: innovation, human resources management, data architecture, security strategy, and business process controls and internal audit. Raising maturity in these capabilities will help CIOs deliver on opportunities to streamline back-office processes and develop new lines of revenue.

    • 2022 Tech Trends Report

    Infographic

    Further reading

    2022 Tech Trends

    Enabling the digital economy

    Supporting the CEO for growth

    The post-pandemic pace of change

    The disruptions to the way we work caused by the pandemic haven’t bounced back to normal.

    As part of its research process for the 2022 Tech Trends Report, Info-Tech Research Group conducted an open online survey among its membership and wider community of professionals. The survey was fielded from August 2021 through to September 2021, collecting 475 responses. We asked some of the same questions as last year’s survey so we can compare results as well as new questions to explore new trends.

    How much do you expect your organization to change permanently compared to how it was operating before the pandemic?

    • 7% – No change. We'll keep doing business as we always have.
    • 33% – A bit of change. Some ways of working will shift long term
    • 47% – A lot of change. The way we work will be differ in many ways long term. But our business remains...
    • 13% – Transformative change. Our fundamental business will be different and we'll be working in new ways.

    This year, about half of IT professionals expect a lot of change to the way we work and 13% expect a transformative change with a fundamental shift in their business. Last year, the same percentage expected a lot of change and only 10% expected transformative change.

    30% more professionals expect transformative permanent change compared to one year ago.

    47% of professionals expect a lot of permanent change; this remains the same as last year. (Info-Tech Tech Trends 2022 Survey)

    The pandemic accelerated the speed of digital transformation

    With the massive disruption preventing people from gathering, businesses shifted to digital interactions with customers.

    A visualization of the growth of 'Global average share of customer interactions that are digital' from December 2019 to July 2020. In that time it went from 36% to 58% with an 'Acceleration of 3 years'.

    Companies also accelerated the pace of creating digital or digitally enhanced products and services.

    A visualization of the growth of 'Global average share of partially or fully digitized products and/or services' from December 2019 to July 2020. In that time it went from 35% to 55% with an 'Acceleration of 7 years'. (McKinsey, 2020)

    “The Digital Economy incorporates all economic activity reliant on or significantly enhanced by the use of digital inputs, including digital technologies, digital infrastructure, digital services and data.” (OECD Definition)

    IT must enable participation in the digital economy

    Consumer spending is tilting more digital.

    Consumers have cut back spending on sectors where purchases are mostly made offline. That spending has shifted to digital services and online purchases. New habits formed during the pandemic are likely to stick for many consumers, with a continued shift to online consumption for many sectors.

    Purchases on online platforms are projected to rise from 10% today to 33% by 2030.

    Estimated online share of consumption
    Recreation & culture 30%
    Restaurants & hotels 50%
    Transport 10%
    Communications 90%
    Education 50%
    Health 20%
    Housing & utilities 50%
    (HSBC, 2020)

    Changing customer expectations pose a risk.

    IT practitioners agree that customer expectations are changing. They expect this to be more likely to disrupt their business in the next 12 months than new competition, cybersecurity incidents, or government-enacted policy changes.

    Factors likely to disrupt business in next 12 months
    Government-enacted policy changes 22%
    Cybersecurity incidents 56%
    Regulatory changes 45%
    Established competitor wins 26%
    New player enters the market 23%
    Changing customer expectations 68%
    (Info-Tech Tech Trends 2022 Survey)

    This poses a challenge to IT departments below the “expand” level of maturity

    CIOs must climb the maturity ladder to help CEOs drive growth.

    Most IT departments rated their maturity in the “optimize” or “support” level on Info-Tech’s maturity ladder.

    CIOs at the “optimize” level can play a role in digital transformation by improving back-office processes but should aim for a higher mandate.

    CIOs achieving at the “expand” level can help directly improve revenues by improving customer-facing products and services, and those at the “transform” level can help fundamentally change the business to create revenue in new ways. CIOs can climb the maturity ladder by enabling new digital capabilities.

    Maturity is heading in the wrong direction.

    Only half of IT practitioners described their department’s maturity as “transform” compared to last year’s survey, and more than twice the number rated themselves as “struggle.”

    A colorful visualization of the IT 'Maturity Ladder' detailing levels of IT function within an organization. Percentages represent answers from IT practitioners to an Info-Tech survey about the maturity level of their company. Starting from the bottom: 13% answered 'Struggle', compared to 6% in 2020; 35% answered 'Support'; 37% answered 'Optimize'; 12% answered 'Expand'; and only 3% answered 'Transform', compared to 6% in 2020.

    48% rate their IT departments as low maturity.

    Improve maturity by focusing on key capabilities to compete in the digital economy

    Capabilities to unlock digital

    Innovation: Identify innovation opportunities and plan how to use technology innovation to create a competitive advantage or achieve improved operational effectiveness and efficiency.

    Human Resources Management: Provide a structured approach to ensure optimal planning, evaluation, and development of human resources.

    Data Architecture: Manage the business’ data stores, including technology, governance, and people that manage them. Establish guidelines for the effective use of data.

    Security Strategy: Define, operate, and monitor a system for information security management. Keep the impact and occurrence of information security incidents within risk appetite levels.

    Business Process Controls and Internal Audit: Manage business process controls such as self-assessments and independent assurance reviews to ensure information related to and used by business processes meets security and integrity requirements. (ISACA, 2020)

    A periodic table-esque arrangement of Info-Tech tools and templates titled 'IT Management and Governance Framework', subtitled 'A comprehensive and connected set of research to help you optimize and improve your core IT processes', and anchored by logos for Info-Tech and COBIT. Color-coded sections with highlighted tools or templates are: 'Strategy and Governance' with 'APO04 Innovation' highlighted; 'People and Resources' with 'APO07 Human Resources Management' highlighted; 'Security and Risk' with 'APO13 Security Strategy' and 'DSS06 MEA02 Business Process Controls and Internal Audit' highlighted; 'Data and BI' with 'ITRG07 Data Architecture' highlighted. Other sections are 'Financial Management', 'Service planning and architecture', 'Infrastructure and operations', 'Apps', and 'PPM and projects'.

    5 Tech Trends for 2022

    In this report, we explore five use cases for emerging technology that can improve on capabilities needed to compete in the digital economy. Use cases combine emerging technologies with new processes and strategic planning.

    DIGITAL ECONOMY

    TREND 01 | Human Resources Management

    HYBRID COLLABORATION
    Provide a digital employee experience that is flexible, contextual, and free from the friction of hybrid operating models.

    TREND 02 | Security Strategy

    BATTLE AGAINST RANSOMWARE
    Prevent ransomware infections and create a response plan for a worst-case scenario. Collaborate with relevant external partners to access resources and mitigate risks.

    TREND 03 | Business Process Controls and Internal Audit

    CARBON METRICS IN ENERGY 4.0
    Use internet of things (IoT) and auditable tracking to provide insight into business process implications for greenhouse gas emissions.

    TREND 04 | Data Architecture

    INTANGIBLE VALUE CREATION
    Provide governance around digital marketplace and manage implications of digital currency. Use blockchain technology to turn unique intellectual property into saleable digital products

    TREND 05 | Innovation

    AUTOMATION AS A SERVICE
    Automate business processes and access new sophisticated technology services through platform integration.

    Hybrid Collaboration

    TREND 01 | HUMAN RESOURCES MANAGEMENT

    Provide a digital employee experience that is flexible, contextual, and free from the friction of hybrid operating models.

    Emerging technologies:
    Intelligent conference rooms; intelligent workflows, platforms

    Introduction

    Hybrid work models enable productive, diverse, and inclusive talent ecosystems necessary for the digital economy.

    Hybrid work models have become the default post-pandemic work approach as most knowledge workers prefer the flexibility to choose whether to work remotely or come into the office. CIOs have an opportunity lead hybrid work by facilitating collaboration between employees mixed between meeting at the office and virtually.

    IT departments rose to the challenge to quickly facilitate an all-remote work scenario for their organizations at the outset of the pandemic. Now they must adapt again to facilitate the hybrid work model, which brings new friction to collaboration but also new opportunities to hire a talented, engaged, and diverse workforce.

    79% of organizations will have a mix of workers in the office and at home. (Info-Tech Tech Trends 2022 Survey)

    35% view role type as a determining factor in the feasibility of the hybrid work model.

    Return-to-the-office tensions

    Only 18% of employees want to return to the office full-time.

    But 70% of employers want people back in the office. (CNBC, April 2021)

    Signals

    IT delivers the systems needed to make the hybrid operating model a success.

    IT has an opportunity to lead by defining the hybrid operating model through technology that enables collaboration. To foster collaboration, companies plan to invest in the same sort of tools that helped them cope during the pandemic.

    As 79% of organizations envision a hybrid model going forward, investments into hybrid work tech stacks – including web conferencing tools, document collaboration tools, and team workspaces – are expected to continue into 2022.

    Plans for future investment in collaboration technologies

    Web Conferencing 41%
    Document Collaboration and Co-Authoring 39%
    Team Workspaces 38%
    Instant Messaging 37%
    Project and Task Management Tools 36%
    Office Meeting Room Solutions 35%
    Virtual Whiteboarding 30%
    Intranet Sites 21%
    Enterprise Social Networking 19%
    (Info-Tech Tech Trends 2022 Survey)

    Drivers

    COVID-19

    Vaccination rates around the world are rising and allowing more offices to welcome back workers because the risk of COVID-19 transmission is reduced and jurisdictions are lifting restrictions limiting gatherings.

    Worker satisfaction

    Most workers don't want to go to the office full-time. In a Bloomberg poll (2021), almost half of millennial and Gen Z workers say they would quit their job if not given an option to work remotely.

    IT spending

    Companies are investing more into IT budgets to find ways to support a mix of remote work and in-office resources to cope with work disruption. This extra spending is offset in some cases by companies saving money from having employees work from home some portion of the time. (CIO Dive, 2021)

    Risks and Benefits

    Benefits

    Flexibility Employees able to choose between working from home and working in the office have more control over their work/life balance.
    Intelligence Platforms that track contextual work relationships can accelerate workflows through smart recommendations that connect people at the right time, in the right place.
    Talent Flexible work arrangements provide businesses with access to the best talent available around the world and employees with more career options as they work from a home office (The Official Microsoft Blog, 2021).

    Risks

    Uncertainty The pandemic lacks a clear finish line and local health regulations can still waver between strict control of movement and open movement. There are no clear assurances of what to expect for how we'll work in the near future.
    FOMO With some employees going back to the office while others remain at home, employee bases could be fractured along the lines of those seeing each other in person every day and those still connecting by videoconference.
    Complexity Workers may not know in advance whether they're meeting certain people in person or online, or a mix of the two. They'll have to use technology on the fly to try and collaborate across a mixed group of people in the office and people working remotely (McKinsey Quarterly, 2021).

    “We have to be careful what we automate. Do we want to automate waste? If a company is accustomed to having a ton of meetings and their mode in the new world is to move that online, what are you going to do? You're going to end up with a lot of fatigue and disenchantment…. You have to rethink your methods before you think about the automation part of it." (Vijay Sundaram, Chief Strategy Officer, Zoho)

    Photo of Vijay Sundaram, Chief strategy officer, Zoho.

    Listen to the Tech Insights podcast: Unique approach to hybrid collaboration

    Case Study: Zoho

    Situation

    Zoho Corp. is a cloud software firm based in Chennai, India. It develops a wide range of cloud software, including enterprise collaboration software and productivity tools. Over the past decade, Zoho has used flexible work models to grant remote work options to some employees.

    When the coronavirus pandemic hit, not only did the office have to shut down but also many employees had to relocate back with families in rural areas. The human costs of the pandemic experienced by staff required Zoho to respond by offering counseling services and material support to employees.

    Complication

    Zoho prides itself as an employee-centric company and views its culture as a community that's purpose goes beyond work. That sense of community was lost because of the disruption caused by the pandemic. Employees lost their social context and their work role models. Zoho had to find a way to recreate that without the central hub of the office or find a way to work with the limitations of it not being possible.

    Resolution

    To support employees in rural settings, Zoho sent out phones to provide redundant bandwidth. As lockdowns in India end, Zoho is taking a flexible approach and giving employees the option to come to the office. It's seeing more people come back each week, drawn by the strong community.

    Zoho supports the hybrid mix of workers by balancing synchronous and asynchronous collaboration. It holds meetings when absolutely necessary through tools like Zoho Meet but tries to keep more work context to asynchronous collaboration that allows people to complete tasks quickly and move on. Its applications are connected to a common platform that is designed to facilitate workflows between employees with context and intelligence. (Interview with Vijay Sundaram, Chief Strategy Officer, Zoho)

    “We tend to think of it on a continuum of synchronous to asynchronous work collaboration. It’s become the paramount norm for so many different reasons…the point is people are going to work at different times in different locations. So how do we enable experiences where everyone can participate?" (Jason Brommet, Head of Modern Work and Security Business Group at Microsoft)

    Photo of Jason Brommet, Head of Modern Work and Security Business Group at Microsoft.

    Listen to the Tech Insights podcast: Microsoft on the ‘paradox of hybrid work’

    Case Study: Microsoft

    Situation

    Before the pandemic, only 18% of Microsoft employees were working remotely. As of April 1, 2020, they were joined by the other 82% of non-essential workers at the company in working remotely.

    As with its own customers, Microsoft used its own software to enable this new work experience, including Microsoft Teams for web conferencing and instant messaging and Office 365 for document collaboration. Employees proved just as productive getting their work done from home as they were working in the office.

    Complication

    At Microsoft, the effects of firm-wide remote work changed the collaboration patterns of the company. Even though a portion of the company was working remotely before the pandemic, the effects of everyone working remotely were different. Employees collaborated in a more static and siloed way, focusing on scheduled meetings with existing relationships. Fewer connections were made with more disparate parts of the organization. There was also a decrease in synchronous communication and an increase in asynchronous communication.

    Resolution

    Microsoft is creating new tools to break down the silos in organizations that are grappling with hybrid work challenges. For example, Viva Insights is designed to inform workers about their collaboration habits with analytics. Microsoft wants to provide workers with insights on their collaborative networks and whether they are creating new connections or deepening existing connections. (Interview with Jason Brommet, Head of Modern Work and Security Business Group, Microsoft; Nature Human Behaviour, 2021)

    What's Next?

    Distributed collaboration space:

    International Workplace Group says that more companies are taking advantage of its full network deals on coworking spaces. Companies such as Standard Charter are looking to provide their workers with a happy compromise between working from home and making the commute all the way to the central office. The hub-and-spoke model gives employees the opportunity to work near home and looks to be part of the hybrid operating model mix for many companies. (Interview with Wayne Berger, CEO of IWG Canada & Latin America)

    Optimized hybrid meetings:

    Facilitating hybrid meetings between employees grouped in the office and remote workers will be a major pain point. New hybrid meeting solutions will provide cameras embedded with intelligence to put boardroom participants into independent video streams. They will also focus on making connecting to the same meeting from various locations as convenient as possible and capture clear and crisp audio from each speaker.

    Uncertainties

    Mix between office and remote work:

    It's clear we're not going to work the way we used to previously with central work hubs, but full-on remote work isn't the right path forward either. A new hybrid work model is emerging, and organizations are experimenting to find the right approach.

    Attrition:

    Between April and September 2021, 15 million US workers quit their jobs, setting a record pace. Employees seek a renewed sense of purpose in their work, and many won’t accept mandates to go back to the office. (McKinsey, 2021)

    Equal footing in meetings:

    What are the new best practices for conducting an effective meeting between employees in the office and those who are remote? Some companies ask each employee to connect via a laptop. Others are using conference rooms with tech to group in-office workers together and connect them with remote workers.

    Hybrid Collaboration Scenarios

    Organizations can plan their response to the hybrid work context by plotting their circumstances across two continuums: synchronous to asynchronous collaboration approach and remote work to central hub work model.

    A map of hybrid collaboration scenarios with two axes representing 'Work Context, From all remote work to gathering in a central hub' and 'Collaboration Style, From collaborating at the same time to collaborating at different times'. The axes split the map into quarters. 'Work Context' ranges from 'Remote Work' on the left to 'Central Hub' on the right. 'Collaboration Style' ranges from 'Synchronous' on top to 'Asynchronous' on bottom. The top left quarter, synchronous remote work, reads 'Virtual collective collaboration via videoconference and collaboration software, with some workers meeting in coworking spaces.' The top right quarter, synchronous central hub, reads 'In-person collective collaboration in the office.' The bottom left quarter, asynchronous remote work, reads 'Virtual group collaboration via project tracking tools and shared documents.' The bottom right quarter, asynchronous central hub, reads 'In-person group collaboration in coworking spaces and the main office.'

    Recommendations

    Rethink technology solutions. Don't expect your pre-pandemic videoconference rooms to suffice. And consider how to optimize your facilities and infrastructure for hot-desking scenarios.

    Optimize remote work. Shift from the collaboration approach you put together just to get by to the program you'll use to maximize flexibility.

    Enable effective collaboration. Enable knowledge sharing no matter where and when your employees work and choose the best collaboration software solutions for your scenario.

    Run better meetings. Successful hybrid workplace plans must include planning around hybrid meetings. Seamless hybrid meetings are the result of thoughtful planning and documented best practices.

    89% of organizations invested in web conferencing technology to facilitate better collaboration, but only 43% invested in office meeting room solutions. (Info-Tech Tech Trends 2022 Survey)

    Info-Tech Resources

    Battle Against Ransomware

    TREND 02 | SECURITY STRATEGY

    Prevent ransomware infections and create a response plan for a worst-case scenario. Collaborate with relevant external partners to access resources and mitigate risks.

    Emerging technologies:
    Open source intelligence; AI-powered threat detection

    “It has been a national crisis for some time…. For every [breach] that hits the news there are hundreds that never make it.” (Steve Orrin, Federal Chief Technology Officer, Intel)

    Photo of Steve Orrin, Federal Chief Technology Officer, Intel.

    Listen to the Tech Insights podcast: Ransomware crisis and AI in military

    Introduction

    Between 2019 and 2020, ransomware attacks rose by 62% worldwide and by 158% in North America. (PBS NewsHour, 2021)

    Security strategies are crucial for companies to control access to their digital assets and confidential data, providing it only to the right people at the right time. Now security strategies must adapt to a new caliber of threat in ransomware to avoid operational disruption and reputational damage.

    In 2021, ransomware attacks exploiting flaws in widely used software from vendors Kaseya, SolarWinds, and Microsoft affected many companies and saw record-breaking ransomware payments made to state-sponsored cybercriminal groups.

    After a ransomware attack caused Colonial Pipeline to shut down its pipeline operations across the US, the ransomware issue became a topic of federal attention with executives brought before Senate committees. A presidential task force to combat ransomware was formed.

    62% of IT professionals say they are more concerned about being a victim of ransomware than they were one year ago. (Info-Tech Tech Trends 2022 Survey)

    $70 million demanded by REvil gang in ransom to unlock firms affected by the Kaseya breach. (TechRadar, 2021)

    Signals

    Organizations are taking a multi-faceted approach to preparing for the event of a ransomware breach.

    The most popular methods to prepare for ransomware are to buy an insurance policy or create offline backups and redundant systems. Few are making an effort to be aware of free decryption tools, and only 2% admit to budgeting to pay ransoms.

    44% of IT professionals say they spent time and money specifically to prevent ransomware over the past year. (Info-Tech Tech Trends 2022 Survey)

    Approaches to prepare for ransomware

    Kept aware of free decryption tools available 9%
    Set aside budget to pay ransoms 2%
    Designed network to contain ransomware 24%
    Implemented technology to eradicate ransomware 36%
    Created a specific incident response plan for ransomware 26%
    Created offline backups and redundant systems 41%
    Purchased insurance covering cyberattacks 47%

    (Info-Tech Tech Trends 2022 Survey)

    Drivers

    National security concerns

    Attacks on US infrastructure and government agencies have prompted the White House to treat ransomware as a matter of national security. The government stance is that Russia supports the attacks. The US is establishing new mechanisms to address the threat. Plans include new funding to support ransomware response, a mandate for organizations to report incidents, and requirements for organizations to consider the alternatives before paying a ransom. (Institute for Security and Technology, 2021)

    Advice from cybersecurity insurance providers

    Increases in ransom payouts have caused cybersecurity insurance providers to raise premiums and put in place more security requirements for policyholders to try and prevent ransomware infection. However, when clients are hit with ransomware, insurance providers advise to pay the ransom as it's usually the cheapest option. (ProPublica, 2019)

    Reputational damage

    Ransomware attacks also often include a data breach event with hackers exfiltrating the data before encrypting it. Admitting a breach to customers can seriously damage an organization's reputation as trustworthy. Organizations may also be obligated to pay for credit protection of their customers. (Interview with Frank Trovato, Research Director – Infrastructure, Info-Tech Research Group)

    Risks and Benefits

    Benefits

    Privacy Protecting personal data from theft improves people’s confidence that their privacy is being respected and they are not at risk of identity theft.
    Productivity Ransomware can lock out employees from critical work systems and stop them from being able to complete their tasks.
    Access Ransomware has prevented public access to transportation, healthcare, and any number of consumer services for days at a time. Ransomware prevention ensures public service continuity.

    Risks

    Expenses Investing in cybersecurity measures to protect against attacks is becoming more expensive, and recently cybersecurity insurance premiums have gone up in response to expensive ransoms.
    Friction More security requirements could create friction between IT priorities and business priorities in trying to get work done.
    Stability If ransomware attacks become worse or cybercriminals retaliate for not receiving payments, people could find their interactions with government services and commercial services are disrupted.

    Case Study: Victim to ransomware

    Situation

    In February 2020, a large organization found a ransomware note on an admin’s workstation. They had downloaded a local copy of the organization’s identity management database for testing and left a port open on their workstation. Hackers exfiltrated it and encrypted the data on the workstation. They demanded a ransom payment to decrypt the data.

    Complication

    Because private information of employees and customers was breached, the organization decided to voluntarily inform the state-level regulator. With 250,000 accounts affected, plans were made to require password changes en masse. A public announcement was made two days after the breach to ensure that everyone affected could be reached.

    The organization decided not to pay the ransom because it didn’t need the data back, since it had a copy on an unaffected server.

    Resolution

    After a one-day news cycle for the breach, the story about the ransom was over. The organization also received praise for handling the situation well and quickly informing stakeholders.

    The breach motivated the organization to put more protections in place. It implemented a deny-by-default network and turned off remote desktop protocol and secure shell. It mandated multi-factor authentication and put in a new endpoint-detection and response system. (Interview with CIO of large enterprise)

    What's Next

    AI for cybersecurity:

    New endpoint protections using AI are being deployed to help defend against ransomware and other cybersecurity intrusions. The solutions focus on the prevention and detection of ransomware by learning about the expected behavior of an environment and then detecting anomalies that could be attack attempts. This type of approach can be applied to everything from reading the contents of an email to helping employees detect phishing attempts to lightweight endpoint protection deployed to an Internet of Things device to detect an unusual connection attempt.

    Unfortunately, AI is a tool available to both the cybersecurity industry and hackers. Examples of hackers tampering with cybersecurity AI to bypass it have already surfaced. (Forbes, 23 Sept. 2021)

    Uncertainties

    Government response:

    In the US, the Ransomware Task Force has made recommendations to the government but it's not clear whether all of them will be followed. Other countries such as Russia are reported to be at least tolerating ransomware operations if not supporting them directly with resources.

    Supply chain security:

    Sophisticated attacks using zero-day exploits in widely used software show that organizations simply can't account for every potential vulnerability.

    Arms escalation:

    The ransomware-as-a-service industry is doing good business and finding new ways to evade detection by cybersecurity vendors. New detection techniques involving AI are being introduced by vendors, but will it just be another step in the back-and-forth game of one-upmanship? (Interview with Frank Trovato)

    Battle Against Ransomware Scenarios

    Determine your organization’s threat profile for ransomware by plotting two variables: the investment made in cybersecurity and the sophistication level of attacks that you should be prepared to guard against.

    A map of Battle Against Ransomware scenarios with two axes representing 'Attack Sophistication, From off-the-shelf, ransomware-as-a-service kits to state-sponsored supply chain attacks' and 'Investment in Cybersecurity, From low, minimal investment to high investment for a multi-layer approach.'. The axes split the map into quarters. 'Attack Sophistication' ranges from 'Ransomware as a Service' on the left to 'State-Sponsored' on the right. 'Investment in Cybersecurity' ranges from 'High' on top to 'Low' on bottom. The top left quarter, highly invested ransomware as a service, reads 'Organization is protected from most ransomware attacks and isn’t directly targeted by state-sponsored attacks.' The top right quarter, highly invested state-sponsored, reads 'Organization is protected against most ransomware attacks but could be targeted by state-sponsored attacks if considered a high-value target.' The bottom left quarter, low investment ransomware as a service, reads 'Organization is exposed to most ransomware attacks and is vulnerable to hackers looking to make a quick buck by casting a wide net.' The bottom right quarter, low investment state-sponsored, reads 'Organization is exposed to most ransomware attacks and risks being swept up in a supply chain attack by being targeted or as collateral damage.'

    Recommendations

    Create a ransomware incident response plan. Assess your current security practices and identify gaps. Quantify your ransomware risk to prioritize investments and run tabletop planning exercises for ransomware attacks.

    Reduce your exposure to ransomware. Focus on securing the frontlines by improving phishing awareness among staff and deploying AI tools to help flag attacks. Use multi-factor authentication. Take a zero-trust approach and review your use of RDP, SSH, and VPN.

    Require security in contracts. Security must be built into vendor contracts. Government contracts are now doing this, elevating security to the same level as functionality and support features. This puts money incentives behind improving security. (Interview with Intel Federal CTO Steve Orrin)

    42% of IT practitioners feel employees must do much more to help defend against ransomware. (Info-Tech Tech Trends 2022 Survey)

    Info-Tech Resources

    Carbon Metrics in Energy 4.0

    TREND 03 | BUSINESS PROCESS CONTROLS AND INTERNAL AUDIT

    Use Internet of Things (IoT) and auditable tracking to provide insight into business process implications for greenhouse gas emissions.

    Emerging technologies:
    IoT

    Introduction

    Making progress towards a carbon-neutral future.

    A landmark report published in 2021 by the United Nations Intergovernmental Panel on Climate Change underlines that human actions can still determine the future course of climate change. The report calls on governments, individuals, and organizations to stop putting new greenhouse gas emissions into the atmosphere no later than 2050, and to be at the halfway point to achieving that by 2030.

    With calls to action becoming more urgent, organizations are making plans to reduce the use of fossil fuels, move to renewable energy sources, and reduce consumption that causes more emissions downstream. As both voluntary and mandatory regulatory requirements task organizations with reducing emissions, they will first be challenged to accurately measure the size of their footprint.

    CIOs in organizations are well positioned to make conscious decisions to both influence how technology choices impact carbon emissions and implement effective tracking of emissions across the entire enterprise.

    Canada’s CIO strategy council is calling on organizations to sign a “sustainable IT pledge” to cut emissions from IT operations and supply chain and to measure and disclose emissions annually. (CIO Strategy Council, Sustainable IT Pledge)

    SCOPE 3 – Indirect Consumption

    • Goods and services
    • Fuel, travel, distribution
    • Waste, investments, leased assets, employee activity

    SCOPE 2 – Indirect Energy

    • Electricity
    • Heat and cooling

    SCOPE 1 – Direct

    • Facilities
    • Vehicles

    Signals

    Emissions tracking requires a larger scope.

    About two-thirds of organizations have a commitment to reduce greenhouse gas emissions. When asked about what tactics they use to reduce emissions, the most popular options affect either scope 1 emissions (retiring older IT equipment) or scope 2 emissions (using renewable energy sources). Fewer are using tactics that would measure scope 3 emissions such as using IoT to track or using software or AI.

    68% of organizations say they have a commitment to reduce greenhouse gas emissions. (Info-Tech Tech Trends 2022 Survey)

    Approaches to reducing carbon emissions

    Using "smart technologies" or IoT to help cut emissions 12%
    Creating incentive programs for staff to reduce emissions 10%
    Using software or AI to manage energy use 8%
    Using external DC or cloud on renewable energy 16%
    Committing to external emissions standards 15%
    Retiring/updating older IT equipment 33%
    Using renewable energy sources 41%

    (Info-Tech Tech Trends 2022 Survey)

    Drivers

    Investor pressure

    The world’s largest asset manager, at $7 trillion in investments, says it will move away from investing in firms that are not aligned to the Paris Agreement. (The New York Times, 2020)

    Compliance tipping point

    International charity CDP has been collecting environmental disclosure from organizations since 2002. In 2020, more than 9,600 of the world’s largest companies – representing over 50% of global market value – took part. (CDP, 2021)

    International law

    In 2021, six countries have net-zero emissions policies in law, six have proposed legislations, and 20 have policy documents. (Energy & Climate Intelligence Unit, 2021)

    Employee satisfaction

    In 2019, thousands of workers walked out of offices of Amazon, Google, Twitter, and Microsoft to demand their employers do more to reduce carbon emissions. (NBC News, 2021)

    High influence factors for carbon reduction

    • 25% – New government laws or policies
    • 9% – External social pressures
    • 9% – Pressure from investors
    • 8% – International climate compliance efforts
    • 7% – Employee satisfaction

    (Info-Tech Tech Trends 2022 Survey)

    Risks and Benefits

    Benefits

    Trust Tracking carbon emissions creates transparency into an organization’s operations and demonstrates accountability to its carbon emissions reduction goals.
    Innovation As organizations become more proficient with carbon measurement and modeling, insights can be leveraged as a decision-making tool.
    Resilience Reducing energy usage shrinks your carbon footprint, increases operational efficiency, and decreases energy costs.

    Risks

    Regulatory Divergence Standardization of compliance enforcement around carbon emissions is a work in progress. Several different voluntary frameworks exist, and different governments are taking different approaches including taxation and cap-and-trade markets.
    Perceptions Company communications that speak to emissions reduction targets without providing proof can be accused of “greenwashing” or falsely trying to improve public perception.
    Financial Pain Institutional investments are requiring clear commitments and plans to reduce greenhouse gases. Some jurisdictions are now taxing carbon emissions.

    “When you can take technology and embed that into management change decisions that impact the environment, you can essentially guarantee that [greenhouse gas] offset. Companies that are looking to reduce their emissions can buy those offsets and it creates value for everybody.” (Wade Barnes, CEO and founder of Farmers Edge)

    Photo of Wade Barnes, CEO and founder of Farmers Edge.

    Listen to the Tech Insights podcast: The future of farming is digital

    Case Study

    Situation

    The Alberta Technology Innovation and Emissions Reduction Regulation is Alberta’s approach to reduce emissions from large industrial emitters. It prices GHG and provides a trading system.

    No-till farming and nitrogen management techniques sequester up to 0.3 metric tons of GHG per year.

    Complication

    Farmers Edge offers farmers a digital platform that includes IoT and a unified data warehouse. It can turn farm records into digital environmental assets, which are aggregated and sold to emitters.

    Real-time data from connected vehicles, connected sensors, and other various inputs can be verified by third-party auditors.

    Resolution

    Farmers Edge sold aggregated carbon offsets to Alberta power producer Capital Power to help it meet regulatory compliance.

    Farmers Edge is expanding its platform to include farmers in other provinces and in the US, providing them opportunity to earn revenue via its Smart Carbon program.

    The firm is working to meet standards outlined by the U.S. Department of Agriculture’s Natural Resources Conservation Service. (Interview with Wade Barnes, CEO, Farmers Edge)

    What's Next

    Global standards:

    The International Sustainability Standards Board (ISSB) has been formed by the International Financial Reporting Standards Foundation and will have its headquarters location announced in November at a United Nations conference. The body is already governing a set of global standards that have a roadmap for development through 2023 through open consultation. The standards are expected to bring together the multiple frameworks for sustainability standards and offer one global set of standards. (Business Council of Canada, 2021)

    CIOs take charge:

    The CIO is well positioned to take the lead role on corporate sustainability initiatives, including measuring and reducing an organization’s carbon footprint (or perhaps even monetizing carbon credits for an organization that is a negative emitter). CIOs can use their position as facilities managers and cross-functional process owners and mandate to reduce waste and inefficiency to take accountability for this important role. CIOs will expand their roles to deliver transparent and auditable reporting on environmental, social, and governance (ESG) goals for the enterprise.

    Uncertainties

    International resolve:

    Fighting the climate crisis will require governments and private sector collaboration from around the world to commit to creating new economic structures to discourage greenhouse gas emissions and incentivize long-term sustainable thinking. If some countries or private sector forces continue to prioritize short-term gains over sustainability, the U.N.’s goals won’t be achieved and the human costs as a result of climate change will become more profound.

    Cap-and-trade markets:

    Markets where carbon credits are sold to emitters are organized by various jurisdictions around the world and have different incentive structures. Some are created by governments and others are voluntary markets created by industry. This type of organization for these markets limits their size and makes it hard to scale the impact. Organizations looking to sell carbon credits at volume face the friction of having to navigate different compliance rules for each market they want to participate in.

    Carbon Metrics in Energy 4.0 Scenarios

    Determine your organization’s approach to measuring carbon dioxide and other greenhouse gas emissions by considering whether your organization is likely to be a high emitter or a carbon sink. Also consider your capability to measure and report on your carbon footprint.

    A map of Carbon Metrics in Energy 4.0 scenarios with two axes representing 'Quantification Capability, From not tracking any emissions whatsoever to tracking all emissions at every scope' and 'Greenhouse Gas Emissions, From mitigating more emissions than you create to emitting more than regulations allow'. The axes split the map into quarters. 'Quantification Capability' ranges from 'No Measures' on the left to 'All Emissions Measured' on the right. 'Greenhouse Gas Emissions' ranges from 'More Than Allowed' on top to 'Net-Negative' on bottom. The top left quarter, no measures and more than allowed, reads 'Companies that are likely to be high emitters and not measuring will attract the most scrutiny from regulators and investors.' The top right quarter, all measured and more than allowed, reads 'Companies emit more than regulators allow but the measurements show a clear path to mitigation through the purchase of carbon credits.' The bottom left quarter, no measures and net-negative, reads 'Companies able to achieve carbon neutrality or even be net-negative in emissions but unable to demonstrate it will still face scrutiny from regulators.' The bottom right quarter, all measured and net-negative, reads 'Companies able to remove more emissions than they create have an opportunity to aggregate those reductions and sell on a cap-and-trade market.'

    Recommendations

    Measure the whole footprint. Devise a plan to measure scope 1, 2, and 3 greenhouse gas emissions at a level that is auditable by a third party.

    Gauge the impact of Industry 4.0. New technologies in Industry 4.0 include IoT, additive manufacturing, and advanced analytics. Make sustainability a core part of your focus as you plan out how these technologies will integrate with your business.

    Commit to net zero. Make a clear commitment to achieve net-zero emissions by a specific date as part of your organization’s core strategy. Take a continuous improvement approach to make progress towards the goal with measurable results.

    New laws from governments will have the highest degree of influence on an organization’s decision to reduce emissions. (Info-Tech Tech Trends 2022 Survey)

    Info-Tech Resources

    Intangible Value Creation

    TREND 04 | DATA ARCHITECTURE

    Use blockchain technology to turn unique intellectual property into saleable digital products. Provide governance around marketplaces where sales are made.

    Emerging technologies:
    Blockchain, Distributed Ledger Technology, Virtual Environments

    Introduction

    Decentralized technologies are propelling the digital economy.

    As the COVID-19 pandemic has accelerated our shift into virtual social and economic systems, blockchain technology poses a new technological frontier – further disrupting digital interactions and value creation by providing a modification of data without relying on third parties. New blockchain software developments are being used to redefine how central banks distribute currency and to track provenance for scarce digital assets.

    Tokenizing the blockchain

    Non-fungible tokens (NFTs) are distinct cryptographic tokens created from blockchain technology. The rarity systems in NFTs are redefining digital ownership and being used to drive creator-centric communities.

    Not crypto-currency, central currency

    Central Bank Digital Currencies (CBDC) combine the same architecture of cryptocurrencies built on blockchain with the financial authority of a central bank. These currencies are not decentralized because they are controlled by a central authority, rather they are distributed systems. (Decrypt, 2021)

    80% of banks are working on a digital currency. (Atlantic Council, 2021)

    Brands that launched NFTs

    NBA, NFL, Formula 1, Nike, Stella Artois, Coca-Cola, Mattel, Dolce & Gabbana, Ubisoft, Charmin

    Banks that launched digital currencies

    The Bahamas, Saint Kitts and Nevis, Antigua and Barbuda, Saint Lucia, Grenada

    Signals

    ID on the blockchain

    Blockchains can contain smart contracts that automatically execute given specific conditions, protecting stakeholders involved in a transaction. These have been used by central banks to automate when and how currency can be spent and by NFT platforms to attribute a unique identity to a digital asset. Automation and identity verification are the most highly valued digital capabilities of IT practitioners.

    $69.3 million – The world’s most expensive NFT artwork sale, for Beeple’s “Everydays: The First 5,000 Days” (The New York Times, Mar. 2021)

    Digital capabilities that provide high value to the organization

    E-commerce 50%
    Automation 79%
    Smart contracts 42%
    Community building and engagement 55%
    Real-time payments 46%
    Tracking provenance 33%
    Identity verification 74%

    (Info-Tech Tech Trends 2022 Survey)

    Drivers

    Financial autonomy

    Central banks view cryptocurrencies as "working against the public good" and want to maintain control over their financial system to maintain the integrity of payments and provide financial crime oversight and protections against money laundering. (Board of Governors of the Federal Reserve System, 2021)

    Bitcoin energy requirements and greenhouse gas emissions

    Annual energy consumption of the Bitcoin blockchain in China is estimated to peak in 2024 at 297 TwH and generate 130.5 million metric tons of carbon emissions. That would exceed the annual GHG of the Czech Republic and Qatar and rank in the top 10 among 182 cities and 42 industrial sectors in China. This is motiving cryptocurrency developers and central banks to move away from the energy-intensive "Proof of Work" mining approach and towards the "Proof of Stake" approach. (Nature Communications, 2021)

    Digital communities

    During the pandemic, people spent more time exploring digital spaces and interacting in digital communities. Asset ownership within those communities is a way for individuals to show their own personal investment in the community and achieve a status that often comes with additional privileges. The digital assets can also be viewed as an investment vehicle or to gain access to exclusive experiences.

    “The pillars of the music economy have always been based on three things that the artist has never had full control of. The idea of distribution is freed up. The way we are going to connect to fans in this direct to fan value prop is very interesting. The fact we can monetize it, and that money exchange, that transaction is immediate. And on a platform like S!NG we legitimately have a platform to community build…. Artists are getting a superpower.” (Raine Maida, Chief Product Officer, S!NG Singer, Our Lady Peace)

    Raine Maida, Chief Product Officer, S!NG, and Singer, Our Lady Peace.

    Listen to the Tech Insights podcast: Raine Maida's startup is an NFT app for music

    Case Study

    Situation

    Artists can create works and distribute them to a wide audience more easily than ever with the internet. Publishing a drawing or a song to a website allows it to be infinitely copied. Creators can use social media accounts and digital advertisements to build up a fan base for their work and monetize it through sales or premium-access subscriber schemes.

    Complication

    The internet's capacity for frictionless distribution is a boon and a burden for artists at the same time. Protecting copyright in a digital environment is difficult because there is no way to track a song or a picture back to its creator. This devalues the work because it can be freely exchanged by users.

    Resolution

    S!NG allows creators to mint their works with a digital token that stamps its origin to the file and tracks provenance as it is reused and adapted into other works. It uses the ERC 721 standard on the Ethereum blockchain to create its NFT tokens. They are portable files that the user can create for free on the S!NG platform and are interoperable with other digital token platforms. This enables a collaboration utility by reducing friction in using other people's works while giving proper attribution. Musicians can create mix tracks using the samples of others’ work easily and benefit from a smart-contract-based revenue structure that returns money to creators when sales are made. (Interview with Geoff Osler and Raine Maida, S!NG Executives)

    Risks and Benefits

    Benefits

    Autonomy Digital money and assets could proliferate the desire for autonomy as users have greater control over their assets (by cutting out the middlemen, democratizing access to investments, and re-claiming ownership over intangible data).
    Community Digital worlds and assets offer integrated and interoperable experiences influenced by user communities.
    Equity Digital assets allow different shareholder equity models as they grant accessible and affordable access to ownership.

    Risks

    Volatility Digital assets are prone to volatile price fluctuations. A primary reason for this is due to its perceived value relative to the fiat currency and the uncertainty around its future value.
    Security While one of the main features of blockchain-based digital assets is security, digital assets are vulnerable to breaches during the process of storing and trading assets.
    Access Access to digital marketplaces requires a steep learning curve and a base level of technical knowledge.

    What's Next

    Into the Metaverse:

    Digital tokens are finding new utility in virtual environments known as the Metaverse. Decentraland is an example of a virtual reality environment that can be accessed via a web browser. Based on the Ethereum blockchain, it's seen sales of virtual land plots for hundreds of thousands of dollars. Sotheby's is one buyer, building a digital replica of its New Bond Street gallery in London, complete with commissionaire Hans Lomuldur in avatar form to greet visitors. The gallery will showcase and sell Sotheby's digital artworks. (Artnet News, 2021)

    Bitcoin as legal tender:

    El Salvador became the first country in the world to make Bitcoin legal tender in September 2021. The government intended for this to help citizens avoid remittance fees when receiving money sent from abroad and to provide a way for citizens without bank accounts to receive payments. Digital wallet Chivo launched with technical glitches and in October a loophole that allowed “price scalping” had to be removed to stop speculators from using the app to trade for profit. El Salvador’s experiment will influence whether other countries consider using Bitcoin as legal tender. (New Scientist, 2021)

    Uncertainties

    Stolen goods at the mint:

    William Shatner complained that Twitter account @tokenizedtweets had taken his content without permission and minted tokens for sale. In doing so, he pointed out there’s no guarantee a minted digital asset is linked to the creator of the attached intellectual property.

    Decentralized vs. distributed finance:

    Will blockchain-based markets be controlled by a single platform operator or become truly open? For example, Dapper Labs centralizes the minting of NFTs on its Flow blockchain and controls sales through its markets. OpenSea allows NFTs minted elsewhere to be brought to the platform and sold.

    Supply and demand:

    Platforms need to improve the reliability of minting technology to create tokens in the future. Ethereum's network is facing more demand than it can keep up with and requires future upgrades to improve its efficiency. Other platforms that support minting tokens are also awaiting upgrades to be fully functional or have seen limited NFT projects launched on their platform.

    Intangible Value Creation Scenarios

    Determine your organization’s strategy by considering the different scenarios based on two main factors. The design decisions are made around whether digital assets are decentralized or distributed and whether the assets facilitate transactions or collections.

    A map of Intangible Value Creation scenarios with two axes representing 'Fungibility, From assets that are designed to be exchanged like currency to assets that are unique' and 'Asset Control Model, From decentralized control with open ownership to centralized control with distributed assets'. The axes split the map into quarters. 'Fungibility' ranges from 'Transactional' on the left to 'Collectible' on the right. 'Asset Control Model' ranges from 'Distributed' on top to 'Decentralized' on bottom. The top left quarter, distributed transactional, reads 'Platform-controlled digital exchanges and utility (e.g. tokens exchanged for fan experiences, central bank digital currency, S!NG).' The top right quarter, distributed collectible, reads 'Platform-controlled digital showcases and community (e.g. NBA Top Shot, Decentraland property).' The bottom left quarter, decentralized transactional, reads 'Peer-controlled digital exchanges and utility (e.g. Bitcoin).' The bottom right quarter, decentralized collectible, reads 'Peer-controlled digital showcases and community (e.g. OpenSea and Ethereum-based NFTs).'

    Recommendations

    Determine your role in the digital asset ecosystem.
    • Becoming a platform provider for digital tokens will require a minting capability to create blockchain-based assets and a marketplace for users to exchange them.
    • Issuing digital tokens to a platform through a sale will require making partnerships and marketing.
    • Investing in digital assets will require management of digital wallets and subject-matter expert analysis of the emerging markets.
    Track the implications of digital currencies.

    Track what your country’s central bank is planning for digital currency and determine if you’ll need to prepare to support it. Be informed about payment partner support for cryptocurrency and consider any complications that may introduce.

    $1 billion+ – The amount of cryptocurrency spent by consumers globally through crypto-linked Visa cards in first half of 2021. (CNBC, July 2021)

    Info-Tech Resources

    Automation as a Service

    TREND 05 | INNOVATION

    Automate business processes and access new sophisticated technology services through platform integration.

    Emerging technologies:
    Cloud platforms, APIs, Generative AI

    Introduction

    The glue for innovation

    Rapidly constructing a business model that is ready to compete in a digital economy requires continuous innovation. Application programming interfaces (APIs) can accelerate innovation by unlocking marketplaces of ready-to-use solutions to business problems and automating manual tasks to make more time for creativity. APIs facilitate a microarchitecture approach and make it possible to call upon a new capability with a few lines of code. This is not a new tool, as the first API was specified in 1951, but there were significant advances of both scale and capability in this area in 2021.

    In the past 18 months, API adoption has exploded and even industries previously considered as digital laggards are now integrating them to reinvent back-office processes. Technology platforms specializing in API management are attracting record-breaking investment. And sophisticated technology services such as artificial intelligence are being delivered by APIs.

    APIs can play a role in every company’s digital strategy, from transforming back-office processes to creating revenue as part of a platform.

    $500,000 was invested in API companies in 2016. (Forbes, May 2021)

    $2,000,000,000+ was invested in API companies in 2020. (Forbes, May 2021)

    69% of IT practitioners say digital transformation has been a high priority for their organization during the pandemic. (Info-Tech Tech Trends 2022 Survey)

    51% of developers used more APIs in 2020 than in 2019. (InsideHPC, 2021)

    71% of developers planned to use even more APIs in 2021. (InsideHPC, 2021)

    Signals

    IT practitioners indicate that digital transformation was a strong focus for their organization during the pandemic and will remain so during the period afterwards, and one-third say their organizations were “extremely focused” on digital transformation.

    When it came to shifting processes from being done manually to being completed digitally, more than half of IT practitioners say they shifted at least 21% of their processes during the past year. More than one in five say that at least 60% of their processes were shifted from manual to digital in the past year.

    3.5 trillion calls were performed on API management platform Apigee, representing a 50% increase year over year. (SiliconANGLE, 2021)

    Processes shifted from manual to digital in the past year

    A horizontal bar chart recording survey responses regarding the percent of processes that shifted from manual to digital in the past year. The horizontal axis is 'percent of survey respondents' with values from 0 to 35%. The vertical axis is 'percent of process shifted to digital' with bar labels 'Between 0 to 20%', 'Between 21 to 40%', and so on until 'Between 81 to 100%'. 20% of respondents answered '0 to 20%' of processes went digital. 28% of respondents answered '21 to 40%' of processes went digital. 30% of respondents answered '41 to 60%' of processes went digital. 15% of respondents answered '61 to 80%' of processes went digital. 7% of respondents answered '81 to 100%' of processes went digital.

    Drivers

    Covid-19

    The pandemic lockdowns pushed everyone into a remote-work scenario. With in-person interaction not an option, even more traditional businesses had to adapt to digital processes.

    Customer Expectations

    The success of digital services in the consumer space is causing expectations to rise in other areas, such as professional services. Consumers now want their health records to be portable and they want to pay their lawyer through e-transfer, not by writing a cheque. (Interview with Mik Lernout)

    Standardization

    Technology laggard industries such as legal and healthcare are recognizing the pain of working with siloed systems. New standardization efforts are driving the adoption of open APIs at a rapid rate. (Interview with Jennifer Jones, Research Director – Industry, Info-Tech Research Group)

    Risks and Benefits

    Benefits

    Speed Using a microarchitecture approach with readily available services constructed in different ways provides a faster way to get from idea to minimum-viable product.
    Intelligence Open APIs have more than ever exposed people to sophisticated AI algorithms that were in the domain of only advanced researchers just a couple years ago. Developers can integrate AI with a couple lines of code. Non-technical users can train algorithms with low-code and no-code tools (Forbes, Sept. 2021).
    Resilience If one function of a solution doesn't work, it can be easily replaced with another one available on the market and the overall experience is maintained.

    Risks

    Loss of Privacy APIs are being targeted by hackers as a way to access personal information. Recent API-related leaks affected Experian, John Deere, Clubhouse, and Peloton (VentureBeat, 2021).
    Complexity Using a decentralized approach to assemble applications means that there is no single party accountable for the solution. Different pieces can break, or oversights can go unnoticed.
    Copycats Platforms that take the approach of exposing all functions via API run the risk of having their services used by a competitor to offer the same solution but with an even better user experience.

    “When we think about what the pandemic did, we had this internal project called 'back to the future.' It kind of put the legal industry in a time machine and it kind of accelerated the legal industry 5, maybe even 10 years. A lot of the things we saw with the innovators became table stakes.” (Mik Lernout, Vice President of Product, Clio)

    Photo of Mik Lernout, Vice president of product, Clio.

    Listen to the Tech Insights podcast: Clio drives digital transformation to redefine the legal industry

    Case Study

    Situation

    The COVID-19 pandemic required the legal industry to shift to remote work. A typically change-resistant industry was now holding court hearings over videoconference, taking online payments, and collecting e-signatures on contracts. For Clio, a software-as-a-service software vendor that serves the legal industry, its client base grew and its usage increased. It previously focused on the innovators in the legal industry, but now it noticed laggards were going digital too.

    Complication

    Law firms have very different needs depending on their legal practice area (e.g. family law, corporate law, or personal injury) and what jurisdiction they operate in.

    Clients are also demanding more from their lawyers in terms of service experience. They don't want to travel to the law office to drop off a check but expect digital interactions on par with service they receive in other areas.

    Resolution

    Since its inception, Clio built its software product so that all of its functions could be called upon by an API as well. It describes its platform as the "operating system for the legal industry." Its API functions include capabilities like managing activities, billing, and contracts. External developers can submit applications to the Clio Marketplace to add new functionality. Its platform approach enables it to find solutions for its 150,000+ users. During the pandemic, Clio saw its customers rely on its APIs more than ever before. It expects this accelerated adoption to be the way of working in the future. (ProgrammableWeb, 2021; Interview with Mik Lernout)

    What's Next

    GOOGLE’S API-FIRST APPROACH:

    Google is expanding its Apigee API management platform so enterprises will be able to connect existing data and applications and access them via APIs. It's part of Google's API-first approach to digital transformation, helping enterprises with their integration challenges. The new release includes tools and a framework that's needed to integrate services in this way and includes pre-built connectors for common business apps and services such as Salesforce, Cloud SQL, MySQL, and BigQuery. (SiliconANGLE, 2021)

    Uncertainties

    API SECURITY:

    APIs represent another potential vulnerability for hackers to exploit and the rise in popularity has come with more security incidents. Companies using APIs have leaked data through APIs, with one research report on the state of API security finding that 91% of organizations have suffered an API security incident. Yet more than a quarter of firms running production APIs don’t have an API security strategy. (VentureBeat, 2021)

    For low IT maturity organizations moving onto platforms that introduce API capabilities, education is required about the consequences of creating more integrations. Platforms must bear some responsibility for monitoring for irregular activity. (Interview with Mik Lernout)

    Automation as a Service Scenarios

    Determine your organization’s platform strategy from the basis of your digital maturity – from that of a laggard to a native – and whether it involves monetized APIs vs. freely available public APIs. A strategy can include both the consumption of APIs and the creation of them.

    A map of Automation as a Service scenarios with two axes representing 'Business Model, From an open and public API to a monetized pay-for-use API' and 'Digital Maturity, From being a digital laggard to being a digital native'. The axes split the map into quarters. 'Business Model' ranges from 'Public APIs' on the left to 'Monetized APIs' on the right. 'Digital Maturity' ranges from 'Digital Native' on top to 'Digital Laggard' on bottom. The top left quarter, digital native public APIs, reads 'Platform business model that grows through adoption of free APIs (e.g. Clio).' The top right quarter, digital native monetized APIS, reads 'Platform business model with spectrum of API services including free tiers.' The bottom left quarter, digital laggard public APIs, reads 'Consume public APIs to simplify and automate business processes and improve customer experience (e.g. law firms using Clio).' The bottom right quarter, digital laggard monetized APIs, reads 'Consume paid APIs to provide customers with expanded services (e.g. retailer Lowe’s uses AccuWeather to predict supply and demand).'

    Recommendations

    Leverage APIs to connect your systems. Create a repeatable process to improve the quality, reusability, and governance of your web APIs.

    Transform your business model with digital platforms. Use the best practices of digital native enterprises and leverage your core assets to compete in a digital economy.

    Deliver sophisticated new capabilities with APIs. Develop an awareness of new services made available through API integration, such as artificial intelligence, and take advantage of them.

    4.5 billion words per day generated by the OpenAI natural language API GPT-3, just nine months after launch. (OpenAI, 2021)

    Info-Tech Resources

    Behind the design

    Inspiration provided by the golden ratio

    The golden ratio has long fascinated humans for its common occurrence in nature and inspired artists who adopted its proportions as a guiding principle for their creations. A new discovery of the golden ratio in economic cycles was published in August 2021 by Bert de Groot, et al. As the boundaries of value creation blur between physical and digital and the pace of change accelerates, these digital innovations may change our lives in many ways. But they are still bound by the context of the structure of the economy. Hear more about this surprising finding from de Groot and from this report’s designer by listening to our podcast. (Technological Forecasting and Social Change, 2021)

    “Everything happening will adapt itself into the next cycle, and that cycle is one phi distance away.” (Bert de Groot, professor of economics at Erasmus University Rotterdam)

    Photo of Bert de Groot, Professor of Economics at Erasmus University Rotterdam.

    Listen to the Tech Insights podcast: New discovery of the golden ratio in the economy

    Contributing Experts

    Vijay Sundaram
    Chief Strategy Officer, Zoho
    Photo of Vijay Sundaram, Chief Strategy Officer, Zoho.
    Jason Brommet
    Head of Modern Work and Security Business Group, Microsoft
    Photo of Jason Brommet, Head of Modern Work and Security Business Group at Microsoft.
    Steve Orrin
    Federal Chief Technology Officer, Intel
    Photo of Steve Orrin, Federal Chief Technology Officer, Intel.
    Wade Barnes
    CEO and Founder, Farmers Edge
    Photo of Wade Barnes, CEO and founder of Farmers Edge.

    Contributing Experts

    Raine Maida
    Chief Product Officer, S!NG
    Singer, Our Lady Peace
    Raine Maida, Chief Product Officer, S!NG Singer, Our Lady Peace.
    Geoff Osler
    CEO, S!NG
    Photo of Geoff Osler, CEO, S!NG.
    Mik Lernout
    Vice President of Product, Clio
    Photo of Mik Lernout, Vice President of Product, Clio.
    Bert de Groot
    Professor of Economics, Erasmus University Rotterdam
    Photo of Bert de Groot, Professor of Economics at Erasmus University Rotterdam.

    Bibliography – Enabling the Digital Economy

    “2021 Canada Dealer Financing Satisfaction Study.” J.D. Power, 13 May 2021. Accessed 27 May 2021.

    Brown, Sara. “The CIO Role Is Changing. Here’s What’s on the Horizon.” MIT Sloan, 2 Aug. 2021. Accessed 16 Aug. 2021.

    de Groot, E. A., et al. “Disentangling the Enigma of Multi-Structured Economic Cycles - A New Appearance of the Golden Ratio.” Technological Forecasting and Social Change, vol. 169, Aug. 2021, pp. 120793. ScienceDirect, https://doi.org/10.1016/j.techfore.2021.120793.

    Hatem, Louise, Daniel Ker, and John Mitchell. “Roadmap toward a common framework for measuring the Digital Economy.” Report for the G20 Digital Economy Task Force, OECD, 2020. Accessed 19 Oct. 2021.

    LaBerge, Laura, et al. “How COVID-19 has pushed companies over the technology tipping point—and transformed business forever.” McKinsey, 5 Oct. 2020. Accessed 14 June 2021.

    Pomeroy, James. The booming digital economy. HSBC, Sept. 2020. Web.

    Salman, Syed. “Digital Transformation Realized Through COBIT 2019.” ISACA, 13 Oct. 2020. Accessed 25 Oct. 2021.

    Bibliography – Hybrid Collaboration

    De Smet, Aaron, et al. “Getting Real about Hybrid Work.” McKinsey Quarterly, 9 July 2021. Web.

    Herskowitz, Nicole. “Brace Yourselves: Hybrid Work Is Hard. Here’s How Microsoft Teams and Office 365 Can Help.” Microsoft 365 Blog, 9 Sept. 2021. Web.

    Melin, Anders, and Misyrlena Egkolfopoulou. “Employees Are Quitting Instead of Giving Up Working From Home.” Bloomberg, 1 June 2021. Web.

    Spataro, Jared. “Microsoft and LinkedIn Share Latest Data and Innovation for Hybrid Work.” The Official Microsoft Blog, 9 Sept. 2021. Web.

    Subin, Samantha. “The new negotiation over job benefits and perks in post-Covid hybrid work.” CNBC, 23 Apr. 2021. Web.

    Torres, Roberto. “How to Sidestep Overspend as Hybrid Work Tests IT.” CIO Dive, 26 July 2021. Accessed 16 Sept. 2021.

    Wong, Christine. “How the hybrid workplace will affect IT spending.” ExpertIP, 15 July 2021. Web.

    Yang, Longqi, et al. “The Effects of Remote Work on Collaboration among Information Workers.” Nature Human Behaviour, Sept. 2021, pp. 1-12. Springer Nature, https://doi.org/10.1038/s41562-021-01196-4.

    Bibliography – Battle Against Ransomware

    Berg, Leandro. “RTF Report: Combatting Ransomware.” Institute for Security and Technology (IST), 2021. Accessed 21 Sept. 2021.

    Dudley, Renee. “The Extortion Economy: How Insurance Companies Are Fueling a Rise in Ransomware Attacks.” ProPublica, 27 Aug. 2019. Accessed 22 Sept. 2021.

    Durbin, Steve. “Council Post: Artificial Intelligence: The Future Of Cybersecurity?” Forbes, 23 Sept. 2021. Accessed 21 Oct. 2021.

    “FACT SHEET: Ongoing Public U.S. Efforts to Counter Ransomware.” The White House, 13 Oct. 2021. Web.

    Jeffery, Lynsey, and Vignesh Ramachandran. “Why ransomware attacks are on the rise — and what can be done to stop them.” PBS NewsHour, 8 July 2021. Web.

    McBride, Timothy, et al. Data Integrity: Recovering from Ransomware and Other Destructive Events. NIST Special Publication (SP) 1800-11, National Institute of Standards and Technology, 22 Sept. 2020. NIST Computer Security Resource Center (CSRC), https://doi.org/10.6028/NIST.SP.1800-11.

    Mehrotra, Karitkay, and Jennifer Jacobs. “Crypto Channels Targeted in Biden’s Fight Against Ransomware.” BNN Bloomberg, 21 Sept. 2021. Web.

    Sharma, Mayank. “Hackers demand $70m ransom after executing massive Solar Winds-like attack.” TechRadar, 5 July 2021. Web.

    “Unhacked: 121 Tools against Ransomware on a Single Website.” Europol, 26 July 2021. Web.

    Bibliography – Carbon Metrics in Energy 4.0

    “The A List 2020.” CDP, 2021. Web.

    Baazil, Diedrik, Hugo Miller, and Laura Hurst. “Shell loses climate case that may set precedent for big oil.” Australian Financial Review, 27 May 2021. Web.

    “BlackRock’s 2020 Carbon Footprint.” BlackRock, 2020. Accessed 25 May 2021.

    “CDP Media Factsheet.” CDP, n.d. Accessed 25 May 2021.

    Glaser, April, and Leticia Miranda. “Amazon workers demand end to pollution hitting people of color hardest.” NBC News, 24 May 2021. Accessed 25 May 2021.

    Little, Mark. “Why Canada should be the home of the new global sustainability standards board.” Business Council of Canada, 1 Oct. 2021. Accessed 22 Oct. 2021.

    McIntyre, Catherine. “Canada vying for global headquarters to oversee sustainable-finance standards.” The Logic, 22 July 2021. Web.

    “Net Zero Scorecard.” Energy & Climate Intelligence Unit, 2021. Accessed 25 May 2021.

    Sayer, Peter. “Greenhouse gas emissions: The next big issue for CIOs.” CIO, 13 Oct. 2021. Web.

    “Scope 1 and Scope 2 Inventory Guidance.” US EPA, OAR. 14 Dec. 2020. Web.

    Sorkin, Andrew Ross. “BlackRock C.E.O. Larry Fink: Climate Crisis Will Reshape Finance.” The New York Times, 14 Jan. 2020. Web.

    “Sustainable IT Pledge.” CIO Strategy Council, 2021. Accessed 22 Oct. 2021.

    Bibliography – Intangible Value Creation

    Areddy, James T. “China Creates Its Own Digital Currency, a First for Major Economy.” Wall Street Journal, 5 Apr. 2021. Web.

    Boar, Codruta, et al. Impending arrival - a sequel to the survey on central bank digital currency. BIS Papers No 107, Jan. 2020. Web.

    Brainard, Lael. “Speech by Governor Brainard on Private Money and Central Bank Money as Payments Go Digital: An Update on CBDCs.” Board of Governors of the Federal Reserve System, 24 May 2021. Accessed 28 May 2021.

    Howcroft, Elizabeth, and Ritvik Carvalho. “How a 10-second video clip sold for $6.6 million.” Reuters, 1 Mar. 2021. Web.

    “Central Bank Digital Currency Tracker.” Atlantic Council, 2021. Accessed 10 Sept. 2021.

    “Expert Comment From Warwick Business School: Problems With El Salvador’s Bitcoin Experiment Are Unsurprising.” Mondo Visione, 8 Sept. 2021. Accessed 10 Sept. 2021.

    Goldstein, Caroline. “In Its Ongoing Bid to Draw Crypto-Collectors, Sotheby’s Unveils a Replica of Its London H.Q. in the Blockchain World Decentraland.” Artnet News, 7 June 2021. Web.

    Hamacher, Adriana. “Taco Bell to Charmin: 10 Big Brands Jumping On The NFT Bandwagon.” Decrypt, 22 Mar. 2021. Web.

    Hazan, Eric, et al. “Getting tangible about intangibles: The future of growth and productivity?” McKinsey. 16 June 2021. Web.

    Bibliography – Intangible Value Creation

    Herrera, Pedro. “Dapp Industry Report: Q3 2021 Overview.” DappRadar, 1 Oct. 2021. Web.

    Holland, Frank. “Visa Says Crypto-Linked Card Usage Tops $1 Billion in First Half of 2021.” CNBC, 7 July 2021. Web.

    Jiang, Shangrong, et al. “Policy Assessments for the Carbon Emission Flows and Sustainability of Bitcoin Blockchain Operation in China.” Nature Communications, vol. 12, no. 1, Apr. 2021, p. 1938. Springer Nature, https://doi.org/10.1038/s41467-021-22256-3.

    Reyburn, Scott. “JPG File Sells for $69 Million, as ‘NFT Mania’ Gathers Pace.” The New York Times, 11 Mar. 2021. Web.

    Taylor, Luke. “Bitcoin: El Salvador’s Cryptocurrency Gamble Hit by Trading Loophole.” New Scientist, 25 Oct. 2021. Web.

    Bibliography – Automation as a Service

    Belsky, Scott. “The Furry Lisa, CryptoArt, & The New Economy Of Digital Creativity.” Medium, 21 Feb. 2021. Web.

    Culbertson, Joy. “10 Top Law APIs.” ProgrammableWeb, 14 Feb. 2021. Web.

    Caballar, Rina Diane. “Programming by Voice May Be the Next Frontier in Software Development - IEEE Spectrum.” IEEE Spectrum: Technology, Engineering, and Science News, 22 Mar 2021. Accessed 23 Mar. 2021.

    Gonsalves, Chris. “The Problem with APIs.” VentureBeat, 7 May 2021. Web.

    Graca, Joao. “Council Post: How APIs Are Democratizing Access To AI (And Where They Hit Their Limits).” Forbes, 24 Sept 2021. Accessed 28 Sept. 2021.

    Harris, Tony. “What is the API Economy?” API Blog: Everything You Need to Know, 4 May 2021. Web.

    Kitsing, Meelis. Scenarios for Digital Platform Ecosystems, 2020, pp. 453-57. ResearchGate, https://doi.org/10.1109/ICCCS49078.2020.9118571.

    Pilipiszyn, Ashley. “GPT-3 Powers the Next Generation of Apps.” OpenAI, 25 Mar. 2021. Web.

    Rethans, John. “So You Want to Monetize Your APIs?” APIs and Digital Transformation, 29 June 2018. Web.

    Bibliography – Automation as a Service

    Salyer, Patrick. “API Stack: The Billion Dollar Opportunities Redefining Infrastructure, Services & Platforms.” Forbes, 4 May 2021. Accessed 27 Oct. 2021.

    staff. “RapidAPI Raises $60M for Expansion of API Platform.” InsideHPC, 21 Apr. 2021. Web.

    Taulli, Tom. “API Economy: Is It The Next Big Thing?” Forbes, 18 Jan. 2021. Accessed 5 May 2021.

    Warren, Zach. “Clio Taking 2021 Cloud Conference Virtual, Announces New Mission Among Other News.” Legaltech News, 11 Mar. 2021. Web.

    Wheatley, Mike. “Google Announces API-First Approach to Application Data Integration with Apigee.” SiliconANGLE, 28 Sept. 2021. Web.

    About the research

    Tech trends survey

    As part of its research process for the 2022 Tech Trends Report, Info-Tech Research Group conducted an open online survey among its membership and wider community of professionals. The survey was fielded from August 2021 to September 2021, collecting 475 responses.

    The underlying metrics are diverse, capturing 14 countries and regions and 16 Industries.

    A geospatial chart of the world documenting the percentage of respondents from each country to Info-Tech's '2022 Tech Trends Report' Percentages are below.
    01 United States 45.3% 08 India 1.7%
    02 Canada 19.2% 09 Other (Asia) 1.7%
    03 Africa 9.3% 10 New Zealand 1.5%
    04 Other (Europe) 5.3% 11 Germany 0.8%
    05 Australia 4.2% 12 Mexico 0.4%
    06 Great Britain 3.8% 13 Netherlands 0.4%
    07 Middle East 2.9% 14 Japan 0.2%

    Industry

    01 Government 18.9%
    02 Media, Information, & Technology 12.8%
    03 Professional Services 12.8%
    04 Manufacturing 9.9%
    05 Education 8.8%
    06 Healthcare 8.2%
    07 Financial Services 7.8%
    08 Transportation & Logistics 3.4%
    09 Utilities 3.4%
    10 Insurance 2.5%
    11 Retail & Wholesale 2.5%
    12 Construction 2.3%
    13 Natural Resources 2.1%
    14 Real Estate & Property Management 1.7%
    15 Arts & Leisure 1.5%
    16 Professional Associations 1.3%

    Department

    IT (information technology) 88.2%
    Other (Department) 3.79%
    Operations 2.32%
    Research & Development 1.89%
    Sales 1.26%
    Administration 1.06%
    Finance 0.42%
    HR (Human Resources) 0.42%
    Marketing 0.42%
    Production 0.21%

    Role

    Manager 24%
    Director-level 22%
    C-level officer 19%
    VP-level 9%
    Team lead / supervisor 7%
    Owner / President / CEO 7%
    Team member 7%
    Consultant 5%
    Contractor 1%

    IT Spend

    Respondents on average spent 35 million per year on their IT budget.

    Accounting for the outlier responses – the median spend sits closer to 4.5 million per year. The highest spend on IT was within the Government, Healthcare, and Retail & Wholesale sectors.

    Build a Digital Workspace Strategy

    • Buy Link or Shortcode: {j2store}294|cart{/j2store}
    • member rating overall impact: 10.0/10 Overall Impact
    • member rating average dollars saved: $12,399 Average $ Saved
    • member rating average days saved: 10 Average Days Saved
    • Parent Category Name: End-User Computing Strategy
    • Parent Category Link: /end-user-computing-strategy
    • IT must figure out what a digital workspace is, why they’re building one, and what type they want.
    • Remote work creates challenges that cannot be solved by technology alone.
    • Focusing solely on technology risks building something the business doesn’t want or can’t use.

    Our Advice

    Critical Insight

    Building a smaller digital workspace doesn’t mean that the workspace will have a smaller impact on the business.

    Impact and Result

    • Partner with the business to create a team of digital workspace champions.
    • Empower employees with a tool that makes remote work easier.

    Build a Digital Workspace Strategy Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should partner with the business for building a digital workspace, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify the digital workspace you want to build

    Create a list of benefits that the organization will find compelling and build a cross-functional team to champion the workspace.

    • Build a Digital Workspace Strategy – Phase 1: Identify the Digital Workspace You Want to Build
    • Digital Workspace Strategy Template
    • Digital Workspace Executive Presentation Template

    2. Identify high-level requirements

    Design the digital workspace’s value proposition to drive your requirements.

    • Build a Digital Workspace Strategy – Phase 2: Identify High-Level Requirements
    • Sample Digital Workspace Value Proposition
    • Flexible Work Location Policy
    • Flexible Work Time Policy
    • Flexible Work Time Off Policy
    • Mobile Device Remote Wipe Waiver Template
    • Mobile Device Connectivity & Allowance Policy
    • General Security – User Acceptable Use Policy

    3. Identify initiatives and a high-level roadmap

    Take an agile approach to building your digital workspace.

    • Build a Digital Workspace Strategy – Phase 3: Identify Initiatives and a High-Level Roadmap
    [infographic]

    Workshop: Build a Digital Workspace Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify the Digital Workspace You Want to Build

    The Purpose

    Ensure that the digital workspace addresses real problems the business is facing.

    Key Benefits Achieved

    Defined benefits that will address business problems

    Identified strategic business partners

    Activities

    1.1 Identify the digital workspace’s direction.

    1.2 Prioritize benefits and define a vision.

    1.3 Assemble a team of digital workspace champions.

    Outputs

    Vision statement

    Mission statement

    Guiding principles

    Prioritized business benefits

    Metrics and key performance indicators

    Service Owner, Business Owner, and Project Sponsor role definitions

    Project roles and responsibilities

    Operational roles and responsibilities

    2 Identify Business Requirements

    The Purpose

    Drive requirements through a well-designed value proposition.

    Key Benefits Achieved

    Identified requirements that are based in employees’ needs

    Activities

    2.1 Design the value proposition.

    2.2 Identify required policies.

    2.3 Identify required level of input from users and business units.

    2.4 Document requirements for user experiences, processes, and services.

    2.5 Identify in-scope training and culture requirements.

    Outputs

    Prioritized functionality requirements

    Value proposition for three business roles

    Value proposition for two service provider roles

    Policy requirements

    Interview and focus group plan

    Business process requirements

    Training and culture initiatives

    3 Identify IT and Service Provider Requirements

    The Purpose

    Ensure that technology is an enabler.

    Key Benefits Achieved

    Documented requirements for IT and service provider technology

    Activities

    3.1 Identify systems of record requirements.

    3.2 Identify requirements for apps.

    3.3 Identify information storage requirements.

    3.4 Identify management and security integrations.

    3.5 Identify requirements for internal and external partners.

    Outputs

    Requirements for systems for record

    Prioritized list of apps

    Storage system requirements

    Data and security requirements

    Outsourcing requirements

    Learn the right way to manage metrics

    • Parent Category Name: Improve Your Processes
    • Parent Category Link: /improve-your-processes

    Learn to use metrics in the right way. Avoid staff (subconciously) gaming the numbers, as it is only natural to try to achieve the objective. This is really a case of be careful what you wish for, you may just get it.

    Register to read more …

    Recruit IT Talent

    • Buy Link or Shortcode: {j2store}574|cart{/j2store}
    • member rating overall impact: 9.6/10 Overall Impact
    • member rating average dollars saved: $17,565 Average $ Saved
    • member rating average days saved: 8 Average Days Saved
    • Parent Category Name: Attract & Select
    • Parent Category Link: /attract-and-select
    • Changing workforce dynamics and increased transparency have shifted the power from employers to job seekers, stiffening the competition for talent.
    • Candidate expectations match high consumer expectations and affect the employer brand, the consumer brand, and overall organizational reputation. Delivering a positive candidate experience (CX2) is no longer optional.

    Our Advice

    Critical Insight

    • Think about your candidates as consumers. Truly understanding their needs will attract great talent and build positive brand perceptions.
    • The CX2 starts sooner than you think. It encompasses all candidate interactions with an organization and begins before the formal application process.
    • Don’t try to emulate competitors. By differentiating your CX2, you build a competitive advantage.

    Impact and Result

    • Design a candidate-centric talent acquisition process that addresses candidate feedback from both unsuccessful and successful candidates.
    • Use design-thinking principles to focus your redesign on moments that matter to candidates to reduce unnecessary work or ad-hoc initiatives that don’t matter to candidates.

    Recruit IT Talent Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should redesign your CX2, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Establish your current process and set redesign goals

    Map the organization’s current state for CX2 and set high-level objectives and metrics.

    • Win the War for Talent With a Killer Candidate Experience – Phase 1: Establish Your Current Process and Set Redesign Goals
    • Candidate Experience Project Charter
    • Talent Metrics Library
    • Candidate Experience Process Mapping Template
    • Candidate Experience Assessment Tool

    2. Use design thinking to assess the candidate experience

    Strengthen the candidate lifecycle by improving upon pain points through design thinking methods and assessing the competitive landscape.

    • Win the War for Talent With a Killer Candidate Experience – Phase 2: Use Design Thinking to Assess the Candidate Experience
    • Design Thinking Primer
    • Empathy Map Template
    • Journey Map Guide

    3. Redesign the candidate experience

    Create action, communications, and training plans to establish the redesigned CX2 with hiring process stakeholders.

    • Win the War for Talent With a Killer Candidate Experience – Phase 3: Redesign the Candidate Experience
    • Candidate Experience Best Practices Action Guide
    • Candidate Experience Action and Communication Plan
    • Candidate Experience Service Level Agreement Template

    4. Appendix

    Leverage data collection and workshop activities.

    • Win the War for Talent With a Killer Candidate Experience – Appendix: Data Collection and Workshop Activities
    • Candidate Experience Phase One Data Collection Guide
    [infographic]

    Workshop: Recruit IT Talent

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish Your Current Process and Set Redesign Goals

    The Purpose

    Assess the organization’s current state for CX2.

    Set baseline metrics for comparison with new initiatives.

    Establish goals to strengthen the CX2.

    Key Benefits Achieved

    Gained understanding of where the organization is currently.

    Established where the organization would like to be and goals to achieve the new state.

    Activities

    1.1 Review process map of current candidate lifecycle.

    1.2 Analyze qualitative and quantitative data gathered.

    1.3 Set organizational objectives and project goals.

    1.4 Set metrics to measure progress on high-level goals.

    Outputs

    Process map

    CX2 data analyzed

    Candidate Experience Project Charter

    2 Use Design Thinking to Assess the Candidate Experience

    The Purpose

    Apply design thinking methods to identify pain points in your candidate lifecycle.

    Assess the competition and analyze results.

    Empathize with candidates and their journey.

    Key Benefits Achieved

    Segments with pain points have been identified.

    Competitor offering and differentiation has been analyzed.

    Candidate thoughts and feelings have been synthesized.

    Activities

    2.1 Identify extreme users.

    2.2 Conduct an immersive empathy session or go through the process as if you were a target candidate.

    2.3 Identify talent competitors.

    2.4 Analyze competitive landscape.

    2.5 Synthesize research findings and create empathy map.

    2.6 Journey map the CX2.

    Outputs

    Extreme users identified

    Known and unknown talent competitor’s CX2 analyzed

    Empathy map created

    Journey map created

    3 Redesign the Candidate Experience

    The Purpose

    Create a communications and action plan and set metrics to measure success.

    Set expectations with hiring managers and talent acquisition specialists through a service level agreement.

    Key Benefits Achieved

    Action plan created.

    Metrics set to track progress and assess improvement.

    Service level agreement completed and expectations collaboratively set.

    Activities

    3.1 Assess each stage of the lifecycle.

    3.2 Set success metrics for priority lifecycle stages.

    3.3 Select actions from the Candidate Experience Best Practices Action Guide.

    3.4 Brainstorm other potential (organization-specific) solutions.

    3.5 Set action timeline and assign accountabilities.

    3.6 Customize service level agreement guidelines.

    Outputs

    CX2 lifecycle stages prioritized

    Metrics to measure progress set

    CX2 best practices selected

    Candidate Experience Assessment Tool

    Candidate Experience Action and Communication Plan

    Service level agreement guidelines.

    Create a Holistic IT Dashboard

    • Buy Link or Shortcode: {j2store}117|cart{/j2store}
    • member rating overall impact: 9.5/10 Overall Impact
    • member rating average dollars saved: $8,049 Average $ Saved
    • member rating average days saved: 8 Average Days Saved
    • Parent Category Name: Performance Measurement
    • Parent Category Link: /performance-measurement
    • IT leaders do not have a single holistic view of how their 45 IT processes are operating.
    • Expecting any single individual to understand the details of all 45 IT processes is unrealistic.
    • Problems in performance only become evident when the process has already failed.

    Our Advice

    Critical Insight

    • Mature your IT department by measuring what matters.
    • Don’t measure things just because you can; change what you measure as your organization matures.

    Impact and Result

    • Use Info-Tech’s IT Metrics Library to review typical KPIs for each of the 45 process areas and select those that apply to your organization.
    • Configure your IT Management Dashboard to record your selected KPIs and start to measure performance.
    • Set up the cadence for review of the KPIs and develop action plans to improve low-performing indicators.

    Create a Holistic IT Dashboard Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how to develop your KPI program that leads to improved performance.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Choose the KPIs

    Identify the KPIs that matter to your organization’s goals.

    • Create a Holistic IT Dashboard – Phase 1: Choose the KPIs
    • IT Metrics Library

    2. Build the Dashboard

    Use the IT Management Dashboard on the Info-Tech website to display your chosen KPIs.

    • Create a Holistic IT Dashboard – Phase 2: Build the Dashboard

    3. Create the Action Plan

    Use the review of your KPIs to build an action plan to drive performance.

    • Create a Holistic IT Dashboard – Phase 3: Build the Action Plan
    [infographic]

    Workshop: Create a Holistic IT Dashboard

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify What to Measure (Offsite)

    The Purpose

    Determine the KPIs that matter to your organization.

    Key Benefits Achieved

    Identify organizational goals

    Identify IT goals and their organizational goal alignment

    Identify business pain points

    Activities

    1.1 Identify organizational goals.

    1.2 Identify IT goals and organizational alignment.

    1.3 Identify business pain points.

    Outputs

    List of goals and pain points to create KPIs for

    2 Configure the Dashboard Tool (Onsite)

    The Purpose

    Learn how to configure and use the IT Management Dashboard.

    Key Benefits Achieved

    Configured IT dashboard

    Initial IT scorecard report

    Activities

    2.1 Review metrics and KPI best practices.

    2.2 Use the IT Metrics Library.

    2.3 Select the KPIs for your organization.

    2.4 Use the IT Management Dashboard.

    Outputs

    Definition of KPIs to be used, data sources, and ownership

    Configured IT dashboard

    3 Review and Develop the Action Plan

    The Purpose

    Learn how to review and plan actions based on the KPIs.

    Key Benefits Achieved

    Lead KPI review to actions to improve performance

    Activities

    3.1 Create the scorecard report.

    3.2 Interpret the results of the dashboard.

    3.3 Use the IT Metrics Library to review suggested actions.

    Outputs

    Initial IT scorecard report

    Action plan with initial actions

    4 Improve Your KPIs (Onsite)

    The Purpose

    Use your KPIs to drive performance.

    Key Benefits Achieved

    Improve your metrics program to drive effectiveness

    Activities

    4.1 Develop your action plan.

    4.2 Execute the plan and tracking progress.

    4.3 Develop new KPIs as your practice matures.

    Outputs

    Understanding of how to develop new KPIs using the IT Metrics Library

    5 Next Steps and Wrap-Up (Offsite)

    The Purpose

    Ensure all documentation and plans are complete.

    Key Benefits Achieved

    Documented next steps

    Activities

    5.1 Complete IT Metrics Library documentation.

    5.2 Document decisions and next steps.

    Outputs

    IT Metrics Library

    Action plan

    Further reading

    Create a Holistic IT Dashboard

    Mature your IT department by measuring what matters.

    Executive Brief

    Analyst Perspective

    Measurement alone provides only minimal improvements

    It’s difficult for CIOs and other top-level leaders of IT to know if everything within their mandate is being managed effectively. Gaining visibility into what’s happening on the front lines without micromanaging is a challenge most top leaders face.

    Understanding Info-Tech’s Management and Governance Framework of processes that need to be managed and being able to measure what’s important to their organization's success can give leaders the ability to focus on their key responsibilities of ensuring service effectiveness, enabling increased productivity, and creating the ability for their teams to innovate.

    Even if you know what to measure, the measurement alone will lead to minimal improvements. Having the right methods in place to systematically collect, review, and act on those measurements is the differentiator to driving up the maturity of your IT organization.

    The tools in this blueprint can help you identify what to measure, how to review it, and how to create effective plans to improve performance.

    Tony Denford

    Research Director, Info-Tech Research Group

    Executive Summary

    Your Challenge

    • IT leaders do not have a single holistic view of how their IT processes are operating.
    • Expecting any single individual to understand the details of all IT processes is unrealistic.
    • Problems in performance only become evident when the process has already failed.

    Common Obstacles

    • Business changes quickly, and what should be measured changes as a result.
    • Most measures are trailing indicators showing past performance.
    • Measuring alone does not result in improved performance.
    • There are thousands of operational metrics that could be measured, but what are the right ones for an overall dashboard?

    Info-Tech's Approach

    • Use Info-Tech’s IT Metrics Library to review typical KPIs for each of the process areas and select those that apply to your organization.
    • Configure your IT Management Dashboard to record your selected KPIs and start to measure performance.
    • Set up the cadence for review of the KPIs and develop action plans to improve low-performing indicators.

    Info-Tech Insight

    Mature your IT department by aligning your measures with your organizational goals. Acting early when your KPIs deviate from the goals leads to improved performance.

    Your challenge

    This research is designed to help organizations quickly choose holistic measures, review the results, and devise action plans.

    • The sheer number of possible metrics can be overwhelming. Choose metrics from our IT Metrics Library or choose your own, but always ensure they are in alignment with your organizational goals.
    • Ensure your dashboard is balanced across all 45 process areas that a modern CIO is responsible for.
    • Finding leading indicators to allow your team to be proactive can be difficult if your team is focused on the day-to-day operational tasks.
    • It can be time consuming to figure out what to do if an indicator is underperforming.

    Build your dashboard quickly using the toolset in this research and move to improvement actions as soon as possible.

    The image is a bar graph, titled KPI-based improvements. On the X-axis are four categories, each with one bar for Before KPIs and another for After KPIs. The categories are: Productivity; Fire Incidents; Request Response Time; and Savings.

    Productivity increased by 30%

    Fire/smoke incidents decreased by 25% (high priority)

    Average work request response time reduced by 64%

    Savings of $1.6 million in the first year

    (CFI, 2013)

    Common obstacles

    These barriers make this challenge difficult to address for many organizations:

    • What should be measured can change over time as your organization matures and the business environment changes. Understanding what creates business value for your organization is critical.
    • Organizations almost always focus on past result metrics. While this is important, it will not indicate when you need to adjust something until it has already failed.
    • It’s not just about measuring. You also need to review the measures often and act on the biggest risks to your organization to drive performance.

    Don’t get overwhelmed by the number of things you can measure. It can take some trial and error to find the measures that best indicate the health of the process.

    The importance of frequent review

    35% - Only 35% of governing bodies review data at each meeting. (Committee of University Chairs, 2008)

    Common obstacles

    Analysis paralysis

    Poor data can lead to incorrect conclusions, limit analysis, and undermine confidence in the value of your dashboard.

    Achieving perfect data is extremely time consuming and may not add much value. It can also be an excuse to avoid getting started with metrics and analytics.

    Data quality is a struggle for many organizations. Consider how much uncertainty you can tolerate in your analysis and what would be required to improve your data quality to an acceptable level. Consider cost, technological resources, people resources, and time required.

    Info-Tech Insight

    Analytics are only as good as the data that informs it. Aim for just enough data quality to make informed decisions without getting into analysis paralysis.

    Common obstacles

    The problem of surrogation

    Tying KPIs and metrics to performance often leads to undesired behavior. An example of this is the now infamous Wells Fargo cross-selling scandal, in which 3.5 million credit card and savings accounts were opened without customers’ consent when the company incented sales staff to meet cross-selling targets.

    Although this is an extreme example, it’s an all-too-common phenomenon.

    A focus on the speed of closure of tickets often leads to shortcuts and lower-quality solutions.

    Tying customer value to the measures can align the team on understanding the objective rather than focusing on the measure itself, and the team will no longer be able to ignore the impact of their actions.

    Surrogation is a phenomenon in which a measure of a behavior replaces the intent of the measure itself. People focus on achieving the measure instead of the behavior the measure was intended to drive.

    Info-Tech’s thought model

    The Threefold Role of the IT Executive Core CIO Objectives
    IT Organization - Manager A - Optimize the Effectiveness of the IT Organization
    Enterprise - Partner B - Boost the Productivity of the Enterprise
    Market - Innovator C - Enable Business Growth Through Technology

    Low-Maturity Metrics Program

    Trailing indicators measure the outcomes of the activities of your organization. Hopefully, the initiatives and activities are aligned with the organizational goals.

    High-Maturity Metrics Program

    The core CIO objectives align with the organizational goals, and teams define leading indicators that show progress toward those goals. KPIs are reviewed often and adjustments are made to improve performance based on the leading indicators. The results are improved outcomes, greater transparency, and increased predictability.

    The image is a horizontal graphic with multiple text boxes. The first (on the left) is a box that reads Organizational Goals, second a second box nested within it that reads Core CIO Objectives. There is an arrow pointing from this box to the right. The arrow connects to a text box that reads Define leading indicators that show progress toward objectives. To the right of that, there is a title Initiatives & activities, with two boxes beneath it: Processes and Projects. Below this middle section, there is an arrow pointing left, with the text: Adjust behaviours. After this, there is an arrow pointing right, to a box with the title Outcomes, and the image of an unlabelled bar graph.

    Info-Tech’s approach

    Adopt an iterative approach to develop the right KPIs for your dashboard

    Periodically: As appropriate, review the effectiveness of the KPIs and adjust as needed.

    Frequently: At least once per month, but the more frequent, the more agility your organization will have.

    The image shows a series of steps in a process, each connected by an arrow. The process is iterative, so the steps circle back on themselves, and repeat. The process begins with IT Metrics Library, then Choose or build KPIs, then Build Dashboard, then Review KPIs and Create action plan. Review KPIs and Create action plan are steps that the graphic indicates should be repeated, so the arrows are arranged in a circle around these two items. Following that, there is an additional step: Are KPIs and action plans leading to improved results? After this step, we return to the Choose or build KPIs step.

    The Info-Tech difference:

    1. Quickly identify the KPIs that matter to your organization using the IT Metrics Library.
    2. Build a presentable dashboard using the IT Management Dashboard available on the Info-Tech website.
    3. When indicators show underperformance, quickly get them back on track using the suggested research in the IT Metrics Library.
    4. If your organization’s needs are different, define your own custom metrics using the same format as the IT Metrics Library.
    5. Use the action plan tool to keep track of progress

    Info-Tech’s methodology for creating a holistic IT dashboard

    1. Choose the KPIs 2. Build the Dashboard 3. Create the Action Plan
    Phase Steps
    1. Review available KPIs
    2. Select KPIs for your organization
    3. Identify data sources and owners
    1. Understand how to use the IT Management Dashboard
    2. Build and review the KPIs
    1. Prioritize low-performing indicators
    2. Review suggested actions
    3. Develop your action plan
    Phase Outcomes A defined and documented list of the KPIs that will be used to monitor each of the practice areas in your IT mandate A configured dashboard covering all the practice areas and the ability to report performance in a consistent and visible way An action plan for addressing low-performing indicators

    Insight summary

    Mature your IT department by aligning your measures with your organizational goals. Acting early when your KPIs deviate from the goals leads to improved performance.

    Don’t just measure things because you can. Change what you measure as your organization becomes more mature.

    Select what matters to your organization

    Measure things that will resolve pain points or drive you toward your goals.

    Look for indicators that show the health of the practice, not just the results.

    Review KPIs often

    Ease of use will determine the success of your metrics program, so keep it simple to create and review the indicators.

    Take action to improve performance

    If indicators are showing suboptimal performance, develop an action plan to drive the indicator in the right direction.

    Act early and often.

    Measure what your customers value

    Ensure you understand what’s valued and measure whether the value is being produced. Let front-line managers focus on tactical measures and understand how they are linked to value.

    Look for predictive measures

    Determine what action will lead to the desired result and measure if the action is being performed. It’s better to predict outcomes than react to them.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    IT Metrics Library

    Customize the KPIs for your organization using the IT Metrics Library

    IT Metrics Library Action Plan

    Keep track of the actions that are generated from your KPI review

    Key deliverable:

    IT Management Dashboard and Scorecard

    The IT Overall Scorecard gives a holistic view of the performance of each IT function

    Blueprint benefits

    IT Benefits

    • An IT dashboard can help IT departments understand how well they are performing against key indicators.
    • It can allow IT teams to demonstrate to their business partners the areas they are focusing on.
    • Regular review and action planning based on the results will lead to improved performance, efficiency, and effectiveness.
    • Create alignment of IT teams by focusing on common areas of performance.

    Business Benefits

    • Ensure alignment and transparency between the business and IT.
    • Understand the value that IT brings to the operation and strategic initiatives of your organization.
    • Understand the contribution of the IT team to achieving business outcomes.
    • Focus IT on the areas that are important to you by requesting new measures as business needs change.

    Measure the value of this blueprint

    Utilize the existing IT Metrics Library and IT Dashboard tools to quickly kick off your KPI program

    • Developing the metrics your organization should track can be very time consuming. Save approximately 120 hours of effort by choosing from the IT Metrics Library.
    • The need for a simple method to display your KPIs means either developing your own tool or buying one off the shelf. Use the IT Management Dashboard to quickly get your KPI program up and running. Using these tools will save approximately 480 hours.
    • The true value of this initiative comes from using the KPIs to drive performance.

    Keeping track of the number of actions identified and completed is a low overhead measure. Tracking time or money saved is higher overhead but also higher value.

    The image is a screen capture of the document titled Establish Baseline Metrics. It shows a table with the headings: Metric, Current, Goal.

    The image is a chart titled KPI benefits. It includes a legend indicating that blue bars are for Actions identified, purple bars are for Actions completed, and the yellow line is for Time/money saved. The graph shows Q1-Q4, indicating an increase in all areas across the quarters.

    Executive Brief Case Study

    Using data-driven decision making to drive stability and increase value

    Industry: Government Services

    Source: Info-Tech analyst experience

    Challenge

    A newly formed application support team with service desk responsibilities was becoming burned out due to the sheer volume of work landing on their desks. The team was very reactive and was providing poor service due to multiple conflicting priorities.

    To make matters worse, there was a plan to add a major new application to the team’s portfolio.

    Solution

    The team began to measure the types of work they were busy doing and then assessed the value of each type of work.

    The team then problem solved how they could reduce or eliminate their low-value workload.

    This led to tracking how many problems were being resolved and improved capabilities to problem solve effectively.

    Results

    Upon initial data collection, the team was performing 100% reactive workload. Eighteen months later slightly more than 80% of workload was proactive high-value activities.

    The team not only was able to absorb the additional workload of the new application but also identified efficiencies in their interactions with other teams that led to a 100% success rate in the change process and a 92% decrease in resource needs for major incidents.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostic and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 - Choose the KPIs

    Call #1: Scope dashboard and reporting needs.

    Call #2: Learn how to use the IT Metrics Library to select your metrics.

    Phase 2 – Build the Dashboard

    Call #3: Set up the dashboard.

    Call #4: Capture data and produce the report.

    Phase 3 – Create the Action Plan

    Call #5: Review the data and use the metrics library to determine actions.

    Call #6: Improve the KPIs you measure.

    A Guided Implementation (GI) is series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 5 and 8 calls over the course of 2 to 3 months.

    Workshop Overview

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Day 5
    Identify What to Measure Configure the Dashboard Tool Review and Develop the Action Plan Improve Your KPIs Compile Workshop Output
    Activities

    1.1 Identify organizational goals.

    1.2 Identify IT goals and organizational alignment.

    1.3 Identify business pain points.

    2.1 Determine metrics and KPI best practices.

    2.2 Learn how to use the IT Metrics Library.

    2.3 Select the KPIs for your organization.

    2.4 Configure the IT Management Dashboard.

    3.1 Create the scorecard report.

    3.2 Interpret the results of the dashboard.

    3.3 Use the IT Metrics Library to review suggested actions.

    4.1 Develop your action plan.

    4.2 Execute the plan and track progress.

    4.3 Develop new KPIs as your practice matures.

    5.1 Complete the IT Metrics Library documentation.

    5.2 Document decisions and next steps.

    Outcomes 1. List of goals and pain points that KPIs will measure

    1. Definition of KPIs to be used, data sources, and ownership

    2. Configured IT dashboard

    1. Initial IT scorecard report

    2. Action plan with initial actions

    1. Understanding of how to develop new KPIs using the IT Metrics Library

    1. IT Metrics Library documentation

    2. Action plan

    Phase 1

    Choose the KPIs

    Phase 1

    1.1 Review Available KPIs

    1.2 Select KPIs for Your Org.

    1.3 Identify Data Sources and Owners

    Phase 2

    2.1 Understand the IT Management Dashboard

    2.2 Build and Review the KPIs

    Phase 3

    3.1 Prioritize Low-Performing Indicators

    3.2 Review Suggested Actions

    3.3 Develop the Action Plan

    This phase will walk you through the following activities:

    Reviewing and selecting the KPIs suggested in the IT Metrics Library.

    Identifying the data source for the selected KPI and the owner responsible for data collection.

    This phase involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Step 1.1

    Review Available KPIs

    Activities

    1.1.1 Download the IT Metrics Library and review the KPIs for each practice area.

    Choose the KPIs

    Step 1.1 – Review Available KPIs

    Step 1.2 – Select KPIs for Your Org.

    Step 1.3 – Identify Data Sources and owners

    This step will walk you through the following activities:

    Downloading the IT Metrics Library

    Understanding the content of the tool

    Reviewing the intended goals for each practice area

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    Downloaded tool ready to select the KPIs for your organization

    Using the IT Metrics Library

    Match the suggested KPIs to the Management and Governance Framework

    The “Practice” and “Process” columns relate to each of the boxes on the Info-Tech Management and Governance Framework. This ensures you are measuring each area that needs to be managed by a typical IT department.

    The image shows a table on the left, and on the right, the Info-Tech Management and Governance Structure. Sections from the Practice and Process columns of the table have arrows emerging from them, pointing to matching sections in the framework.

    Using the IT Metrics Library

    Content for each entry

    KPI - The key performance indicator to review

    CSF - What needs to happen to achieve success for each goal

    Goal - The goal your organization is trying to achieve

    Owner - Who will be accountable to collect and report the data

    Data Source (typical) - Where you plan to get the data that will be used to calculate the KPI

    Baseline/Target - The baseline and target for the KPI

    Rank - Criticality of this goal to the organization's success

    Action - Suggested action if KPI is underperforming

    Blueprint - Available research to address typical underperformance of the KPI

    Practice/Process - Which practice and process the KPI represents

    1.1.1 Download the IT Metrics Library

    Input

    • IT Metrics Library

    Output

    • Ideas for which KPIs would be useful to track for each of the practice areas

    Materials

    • Whiteboard/flip charts

    Participants

    • IT senior leadership
    • Process area owners
    • Metrics program owners and administrators

    4 hours

    1. Click the link below to download the IT Metrics Library spreadsheet.
    2. Open the file and select the “Data Entry” tab.
    3. The sheet has suggested KPIs for each of the 9 practice areas and 45 processes listed in the Info-Tech Management and Governance Framework. You can identify this grouping in the “Practice” and “Process” columns.
    4. For each practice area, review the suggested KPIs and their associated goals and discuss as a team which of the KPIs would be useful to track in your organization.

    Download the IT Metrics Library

    Step 1.2

    Select KPIs for Your Organization

    Activities

    1.2.1 Select the KPIs that will drive your organization forward

    1.2.2 Remove unwanted KPIs from the IT Metrics Library

    Choose the KPIs

    Step 1.1 – Review Available KPIs

    Step 1.2 – Select KPIs for Your Org.

    Step 1.3 – Identify Data Sources and Owners

    This step will walk you through the following activities:

    • Selecting the KPIs for your organization and removing unwanted KPIs from IT Metrics Library

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    A shortlist of selected KPIs

    1.2.1 Select the KPIs that will drive your organization forward

    Input

    • IT Metrics Library

    Output

    • KPIs would be useful to track for each of the practice areas

    Materials

    • IT Metrics Library

    Participants

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    4 hours

    1. Review the suggested KPIs for each practice area and review the goal.
    2. Some suggested KPIs are similar, so make sure the goal is appropriate for your organization.
    3. Pick up to three KPIs per practice.

    1.2.2 Remove unwanted KPIs

    Input

    • IT Metrics Library

    Output

    • KPIs would be useful to track for each of the practice areas

    Materials

    • IT Metrics Library

    Participants

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    0.5 hours

    1. To remove unwanted KPIs from the IT Metric Library Tool, select the unwanted row, right-click on the row, and delete it.
    2. The result should be up to three KPIs per practice area left on the spreadsheet.

    Step 1.3

    Identify data sources and owners

    Activities

    1.3.1 Document the data source

    1.3.2 Document the owner

    1.3.3 Document baseline and target

    Choose the KPIs

    Step 1.1 – Review Available KPIs

    Step 1.2 – Select KPIs for Your Org.

    Step 1.3 – Identify Data Sources and Owners

    This step will walk you through the following activities:

    Documenting for each KPI where you plan to get the data, who is accountable to collect and report the data, what the current baseline is (if available), and what the target is

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    A list of KPIs for your organization with appropriate attributes documented

    1.3 Identify data sources, owners, baseline, and target

    Input

    • IT Metrics Library

    Output

    • Completed IT Metrics Library

    Materials

    • IT Metrics Library

    Participants

    • Process area owners
    • Metrics program owners and administrators

    2 hours

    1. For each selected KPI, complete the owner, data source, baseline, and target if the information is available.
    2. If the information is not available, document the owner and assign them to complete the other columns.

    Phase 2

    Build the Dashboard

    Phase 1

    1.1 Review Available KPIs

    1.2 Select KPIs for Your Org.

    1.3 Identify Data Sources and Owners

    Phase 2

    2.1 Understand the IT Management Dashboard

    2.2 Build and Review the KPIs

    Phase 3

    3.1 Prioritize Low-Performing Indicators

    3.2 Review Suggested Actions

    3.3 Develop the Action Plan

    This phase will walk you through the following activities:

    Understanding the IT Management Dashboard

    Configuring the IT Management Dashboard and entering initial measures

    Produce thing IT Scorecard from the IT Management Dashboard

    Interpreting the results

    This phase involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Step 2.1

    Understand the IT Management Dashboard

    Activities

    2.1.1 Logging into the IT Management Dashboard

    2.1.2 Understanding the “Overall Scorecard” tab

    2.1.3 Understanding the “My Metrics” tab

    Build the Dashboard

    Step 2.1 – Understand the IT Management Dashboard

    Step 2.2 – Build and review the KPIs

    This step will walk you through the following activities:

    Accessing the IT Management Dashboard

    Basic functionality of the tool

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    Understanding of how to administer the IT Management Dashboard

    2.1.1 Logging into the IT Management Dashboard

    Input

    • Info-Tech membership

    Output

    • Access to the IT Management Dashboard

    Materials

    • Web browser

    Participants

    • Metrics program owners and administrators

    0.5 hours

    1. Using your web browser, access your membership at infotech.com.
    2. Log into your Info-Tech membership account.
    3. Select the “My IT Dashboard” option from the menu (circled in red).
    4. If you cannot gain access to the tool, contact your membership rep.

    The image is a screen capture of the Info-Tech website, with the Login button at the top right of the window circled in red.

    2.1.2 Understanding the “Overall Scorecard” tab

    0.5 hours

    1. Once you select “My IT Dashboard,” you will be in the “Overall Scorecard” tab view.
    2. Scrolling down reveals the data entry form for each of the nine practice areas in the Info-Tech Management and Governance Framework, with each section color-coded for easy identification.
    3. Each of the section headers, KPI names, data sources, and data values can be updated to fit the needs of your organization.
    4. This view is designed to show a holistic view of all areas in IT that are being managed.

    2.1.3 Understanding the “My Metrics” tab

    0.5 hours

    1. On the “My Metrics” tab you can access individual scorecards for each of the nine practice areas.
    2. Below the “My Metrics” tab is each of the nine practice areas for you to select from. Each shows a different subset of KPIs specific to the practice.
    3. The functionality of this view is the same as the overall scorecard. Each title, KPI, description, and actuals are editable to fit your organization’s needs.
    4. This blueprint does not go into detail on this tab, but it is available to be used by practice area leaders in the same way as the overall scorecard.

    Step 2.2

    Build and review the KPIs

    Activities

    2.2.1 Entering the KPI descriptions

    2.2.2 Entering the KPI actuals

    2.2.3 Producing the IT Overall Scorecard

    Build the Dashboard

    Step 2.1 – Understand the IT Management Dashboard

    Step 2.2 – Build and review the KPIs

    This step will walk you through the following activities:

    Entering the KPI descriptions

    Entering the actuals for each KPI

    Producing the IT Overall Scorecard

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    An overall scorecard indicating the selected KPI performance

    2.2.1 Entering the KPI descriptions

    Input

    • Access to the IT Management Dashboard
    • IT Metrics Library with your organization’s KPIs selected

    Output

    • KPI descriptions entered into tool

    Materials

    • Web browser

    Participants

    • Metrics program owners and administrators

    1 hour

    1. Navigate to the IT Management Dashboard as described in section 2.1.1 and scroll down to the practice area you wish to complete.
    2. If needed, modify the section name to match your organization’s needs.
    3. Select “Add another score.”

    2.2.1 Entering the KPI descriptions

    1 hour

    1. Select if your metric is a custom metric or a standard metric available from one of the Info-Tech diagnostic tools.
    2. Enter the metric name you selected from the IT Metrics Library.
    3. Select the value type.
    4. Select the “Add Metric” button.
    5. The descriptions only need to be entered when they change.

    Example of a custom metric

    The image is a screen capture of the Add New Metric function. The metric type selected is Custom metric, and the metric name is Employee Engagement. There is a green Add Metric button, which is circled in red.

    Example of a standard metric

    The image is a screen capture of the Add New Metric function. The metric type selected is Standard Metric. The green Add Metric button at the bottom is circled in red.

    2.2.2 Entering the KPI actuals

    Input

    • Actual data from each data source identified

    Output

    • Actuals recorded in tool

    Materials

    • Web browser

    Participants

    • Metrics program owners and administrators

    1 hour

    1. Select the period you wish to create a scorecard for by selecting “Add New Period” or choosing one from the drop-down list.
    2. For each KPI on your dashboard, collect the data from the data source and enter the actuals.
    3. Select the check mark (circled) to save the data for the period.

    The image is a screen capture of the My Overall Scorecard Metrics section, with a button at the bottom that reads Add New Period circled in red

    The image has the text People and Resources at the top. It shows data for the KPI, and there is a check mark circled in red.

    2.2.3 Producing the IT Overall Scorecard

    Input

    • Completed IT Overall Scorecard data collection

    Output

    • IT Overall Scorecard

    Materials

    • Web browser

    Participants

    • Metrics program owners and administrators

    0.5 hours

    1. Select the period you wish to create a scorecard for by selecting from the drop-down list.
    2. Click the “Download as PDF” button to produce the scorecard.
    3. Once the PDF is produced it is ready for review or distribution.

    Phase 3

    Create the Action Plan

    Phase 1

    1.1 Review Available KPIs

    1.2 Select KPIs for Your Org.

    1.3 Identify Data Sources and Owners

    Phase 2

    2.1 Understand the IT Management Dashboard

    2.2 Build and Review the KPIs

    Phase 3

    3.1 Prioritize Low-Performing Indicators

    3.2 Review Suggested Actions

    3.3 Develop the Action Plan

    This phase will walk you through the following activities:

    Prioritizing low-performing indicators

    Using the IT Metrics Library to review suggested actions

    Developing your team’s action plan to improve performance

    This phase involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Step 3.1

    Prioritize low-performing indicators

    Activities

    3.1.1 Determine criteria for prioritization

    3.1.2 Identify low-performing indicators

    3.1.3 Prioritize low-performing indicators

    Create the action plan

    Step 3.1 – Prioritize low-performing indicators

    Step 3.2 – Review suggested actions

    Step 3.3 – Develop the action plan

    This step will walk you through the following activities:

    Determining the criteria for prioritization of low-performing indicators

    Identifying low-performing indicators

    Prioritizing the low-performing indicators

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    A prioritized list of low-performing indicators that need remediation

    3.1.1 Determine criteria for prioritization

    Often when metrics programs are established, there are multiple KPIs that are not performing at the desired level. It’s easy to expect the team to fix all the low-performing indicators, but often teams are stretched and have conflicting priorities.

    Therefore it’s important to spend some time to prioritize which of your indicators are most critical to the success of your business.

    Also consider, if one area is performing well and others have multiple poor indicators, how do you give the right support to optimize the results?

    Lastly, is it better to score slightly lower on multiple measures or perfect on most but failing badly on one or two?

    3.1.1 Determine criteria for prioritization

    Input

    • Business goals and objectives
    • IT goals and objectives
    • IT organizational structure

    Output

    • Documented scorecard remediation prioritization criteria

    Materials

    • Whiteboard or flip charts

    Participants

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    1 hour

    1. Identify any KPIs that are critical and cannot fail without high impact to your organization.
    2. Identify any KPIs that cannot fail for an extended period and document the time period.
    3. Rank the KPIs from most critical to least critical in the IT Metrics Library.
    4. Look at the owner accountable for the performance of each KPI. If there are any large groups, reassess the ownership or rank.
    5. Periodically review the criteria to see if they’re aligned with meeting current business goals.

    3.1.2 Identify low-performing indicators

    Input

    • Overall scorecard
    • Overall scorecard (previous period)
    • IT Metrics Library

    Output

    • List of low-performing indicators that need remediation
    • Planned actions to improve performance

    Materials

    • Whiteboard or flip charts

    Participants

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    1 hour

    1. Review the overall scorecard for the current period. List any KPIs that are not meeting the target for the current month in the “Action Plan” tab of the IT Metrics Library.
    2. Compare current month to previous month. List any KPIs that are moving away from the long-term target documented in the tool IT Metrics Library.
    3. Revise the target in the IT Metrics Library as business needs change.

    3.1.3 Prioritize low-performing indicators

    Input

    • IT Metrics Library

    Output

    • Prioritized list of planned actions for low-performing indicators

    Materials

    • IT Metrics Library

    Participants

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators
    • Task owners

    1 hour

    1. Look through the list of new and outstanding planned actions in the “Action Plan” tab of the IT Metrics Library, review progress, and prioritize outstanding items.
    2. Compare the list that needs remediation with the rank in the data entry tab.
    3. Adjust the priority of the outstanding and new actions to reflect the business needs.

    Step 3.2

    Review suggested actions

    Activities

    3.2.1 Review suggested actions in the IT Metrics Library

    Create the Action Plan

    Step 3.1 – Prioritize low-performing indicators

    Step 3.2 – Review suggested actions

    Step 3.3 – Develop the action plan

    This step will walk you through the following activities:

    Reviewing the suggested actions in the IT Metrics Library

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    An idea of possible suggested actions

    Take Action

    Knowing where you are underperforming is only half the battle. You need to act!

    • So far you have identified which indicators will tell you whether or not your team is performing and which indicators are most critical to your business success.
    • Knowing is the first step, but things will not improve without some kind of action.
    • Sometimes the action needed to course-correct is small and simple, but sometimes it is complicated and may take a long time.
    • Utilize the diverse ideas of your team to find solutions to underperforming indicators.
    • If you don’t have a viable simple solution, leverage the IT Metrics Library, which suggests high-level action needed to improve each indicator. If you need additional information, use your Info-Tech membership to review the recommended research.

    3.2.1 Review suggested actions in the IT Metrics Library

    Input

    • IT Metrics Library

    Output

    • Suggested actions

    Materials

    • IT Metrics Library

    Participants

    • Process area owners
    • Metrics program owners and administrators
    • Task owners

    0.5 hours

    1. For each of your low-performing indicators, review the suggested action and related research in the IT Metrics Library.

    Step 3.3

    Develop the action plan

    Activities

    3.3.1 Document planned actions

    3.3.2 Assign ownership of actions

    3.3.3 Determine timeline of actions

    3.3.4 Review past action status

    Create the action plan

    Step 3.1 – Prioritize low- performing indicators

    Step 3.2 – Review suggested actions

    Step 3.3 – Develop the action plan

    This step will walk you through the following activities:

    Using the action plan tool to document the expected actions for low-performing indicators

    Assigning an owner and expected due date for the action

    Reviewing past action status for accountability

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    An action plan to invoke improved performance

    3.3.1 Document planned actions

    Input

    • IT Metrics Library

    Output

    • Planned actions

    Materials

    • IT Metrics Library

    Participants

    • Process area owners
    • Metrics program owners and administrators
    • Task owners

    1 hour

    1. Decide on the action you plan to take to bring the indicator in line with expected performance and document the planned action in the “Action Plan” tab of the IT Metrics Library.

    Info-Tech Insight

    For larger initiatives try to break the task down to what is likely manageable before the next review. Seeing progress can motivate continued action.

    3.3.2 Assign ownership of actions

    Input

    • IT Metrics Library

    Output

    • Identified owners for each action

    Materials

    • IT Metrics Library

    Participants

    • Process area owners
    • Metrics program owners and administrators
    • Task owners

    0.5 hours

    1. For each unassigned task, assign clear ownership for completion of the task.
    2. The task owner should be the person accountable for the task.

    Info-Tech Insight

    Assigning clear ownership can promote accountability for progress.

    3.3.3 Determine timeline of actions

    Input

    • IT Metrics Library

    Output

    • Expected timeline for each action

    Materials

    • IT Metrics Library

    Participants

    • Process area owners
    • Metrics program owners and administrators
    • Task owners

    0.5 hours

    1. For each task, agree on an estimated target date for completion.

    Info-Tech Insight

    If the target completion date is too far in the future, break the task into manageable chunks.

    3.3.4 Review past action status

    Input

    • IT Metrics Library

    Output

    • Complete action plan for increased performance

    Materials

    • IT Metrics Library

    Participants

    • Process area owners
    • Metrics program owners and administrators
    • Task owners

    0.5 hours

    1. For each task, review the progress since last review.
    2. If desired progress is not being made, adjust your plan based on your organizational constraints.

    Info-Tech Insight

    Seek to understand the reasons that tasks are not being completed and problem solve for creative solutions to improve performance.

    Measure the value of your KPI program

    KPIs only produce value if they lead to action

    • Tracking the performance of key indicators is the first step, but value only comes from taking action based on this information.
    • Keep track of the number of action items that come out of your KPI review and how many are completed.
    • If possible, keep track of the time or money saved through completing the action items.

    Keeping track of the number of actions identified and completed is a low overhead measure.

    Tracking time or money saved is higher overhead but also higher value.

    The image is a chart titled KPI benefits. It includes a legend indicating that blue bars are for Actions identified, purple bars are for Actions completed, and the yellow line is for Time/money saved. The graph shows Q1-Q4, indicating an increase in all areas across the quarters.

    Establish Baseline Metrics

    Baseline metrics will be improved through:

    1. Identifying actions needed to remediate poor-performing KPIs
    2. Associating time and/or money savings as a result of actions taken
    Metric Current Goal
    Number of actions identified per month as a result of KPI review 0 TBD
    $ saved through actions taken due to KPI review 0 TBD
    Time saved through actions taken due to KPI review 0 TBD

    Summary of Accomplishment

    Problem Solved

    Through this project we have identified typical key performance indicators that are important to your organization’s effective management of IT.

    You’ve populated the IT Management Dashboard as a simple method to display the results of your selected KPIs.

    You’ve also established a regular review process for your KPIs and have a method to track the actions that are needed to improve performance as a result of the KPI review. This should allow you to hold individuals accountable for improvement efforts.

    You can also measure the effectiveness of your KPI program by tracking how many actions are identified as a result of the review. Ideally you can also track the money and time savings.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com

    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    To accelerate this project, engage your IT team in an Info-Tech Workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Select the KPIs for your organization

    Examine the benefits of the KPIs suggested in the IT Metrics Library and help selecting those that will drive performance for your maturity level.

    Build an action plan

    Discuss options for identifying and executing actions that result from your KPI review. Determine how to set up the discipline needed to make the most of your KPI review program.

    Research Contributors and Experts

    Valence Howden

    Principal Research Director, CIO – Service Management Info-Tech Research Group

    • Valence has extensive experience in helping organizations be successful through optimizing how they govern themselves, how they design and execute strategies, and how they drive service excellence in all work.

    Tracy-Lynn Reid

    Practice Lead, CIO – People & Leadership Info-Tech Research Group

    • Tracy-Lynn covers key topics related to People & Leadership within an information technology context.

    Fred Chagnon

    Practice Lead, Infrastructure & Operations Info-Tech Research Group

    • Fred brings extensive practical experience in all aspects of enterprise IT Infrastructure, including IP networks, server hardware, operating systems, storage, databases, middleware, virtualization and security.

    Aaron Shum

    Practice Lead, Security, Risk & Compliance Info-Tech Research Group

    • With 20+ years of experience across IT, InfoSec, and Data Privacy, Aaron currently specializes in helping organizations implement comprehensive information security and cybersecurity programs as well as comply with data privacy regulations.

    Cole Cioran

    Practice Lead, Applications and Agile Development Info-Tech Research Group

    • Over the past twenty-five years, Cole has developed software; designed data, infrastructure, and software solutions; defined systems and enterprise architectures; delivered enterprise-wide programs; and managed software development, infrastructure, and business systems analysis practices.

    Barry Cousins

    Practice Lead, Applications – Project and Portfolio Mgmt. Info-Tech Research Group

    • Barry specializes in Project Portfolio Management, Help/Service Desk, and Telephony/Unified Communications. He brings an extensive background in technology, IT management, and business leadership.

    Jack Hakimian

    Vice President, Applications Info-Tech Research Group

    • Jack has close to 25 years of Technology and Management Consulting experience. He has served multi-billion-dollar organizations in multiple industries, including Financial Services and Telecommunications. Jack also served several large public sector institutions.

    Vivek Mehta

    Research Director, CIO Info-Tech Research Group

    • Vivek publishes on topics related to digital transformation and innovation. He is the author of research on Design a Customer-Centric Digital Operating Model and Create Your Digital Strategy as well as numerous keynotes and articles on digital transformation.

    Carlos Sanchez

    Practice Lead, Enterprise Applications Info-Tech Research Group

    • Carlos has a breadth of knowledge in enterprise applications strategy, planning, and execution.

    Andy Neill

    Practice Lead, Enterprise Architecture, Data & BI Info-Tech Research Group

    • Andy has extensive experience in managing technical teams, information architecture, data modeling, and enterprise data strategy.

    Michael Fahey

    Executive Counselor Info-Tech Research Group

    • As an Executive Counselor, Mike applies his decades of business experience and leadership, along with Info-Tech Research Group’s resources, to assist CIOs in delivering outstanding business results.

    Related Info-Tech Research

    Develop Meaningful Service Metrics to Ensure Business and User Satisfaction

    • Reinforce service orientation in your IT organization by ensuring your IT metrics generate value-driven resource behavior.

    Use Applications Metrics That Matter

    • It all starts with quality and customer satisfaction.

    Take Control of Infrastructure Metrics

    • Master the metrics maze to help make decisions, manage costs, and plan for change.

    Bibliography

    Bach, Nancy. “How Often Should You Measure Your Organization's KPIs?” EON, 26 June 2018. Accessed Jan. 2020.

    “The Benefits of Tracking KPIs – Both Individually and for a Team.” Hoopla, 30 Jan. 2017. Accessed Jan. 2020.

    Chepul, Tiffany. “Top 22 KPI Examples for Technology Companies.” Rhythm Systems, Jan. 2020. Accessed Jan. 2020.

    Cooper, Larry. “CSF's, KPI's, Metrics, Outcomes and Benefits” itSM Solutions. 5 Feb. 2010. Accessed Jan 2020.

    “CUC Report on the implementation of Key Performance Indicators: case study experience.” Committee of University Chairs, June 2008. Accessed Jan 2020.

    Harris, Michael, and Bill Tayler. “Don’t Let Metrics Undermine Your Business.” HBR, Sep.–Oct 2019. Accessed Jan. 2020.

    Hatari, Tim. “The Importance of a Strong KPI Dashboard.” TMD Coaching. 27 Dec. 2018. Accessed Jan. 2020.

    Roy, Mayu, and Marian Carter. “The Right KPIs, Metrics for High-performing, Cost-saving Space Management.” CFI, 2013. Accessed Jan 2020.

    Schrage, Michael, and David Kiron. “Leading With Next-Generation Key Performance Indicators.” MIT Sloan Management Review, 26 June 2018. Accessed Jan. 2020.

    Setijono, Djoko, and Jens J. Dahlgaard. “Customer value as a key performance indicator (KPI) and a key improvement indicator (KII)” Emerald Insight, 5 June 2007. Accessed Jan 2020.

    Skinner, Ted. “Balanced Scorecard KPI Examples: Comprehensive List of 183 KPI Examples for a Balanced Scorecard KPI Dashboard (Updated for 2020).” Rhythm Systems, Jan. 2020. Accessed Jan 2020.

    Wishart, Jessica. “5 Reasons Why You Need The Right KPIs in 2020” Rhythm Systems, 1 Feb. 2020. Accessed Jan. 2020.

    Drive Successful Sourcing Outcomes With a Robust RFP Process

    • Buy Link or Shortcode: {j2store}216|cart{/j2store}
    • member rating overall impact: 9.4/10 Overall Impact
    • member rating average dollars saved: $25,860 Average $ Saved
    • member rating average days saved: 14 Average Days Saved
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management
    • Most IT organizations do not have standard RFP templates and tools.
    • Many RFPs lack sufficient requirements.
    • Most RFP team members are not adequately trained on RFP best practices.
    • Most IT departments underestimate the amount of time that is required to perform an effective RFP.

    Our Advice

    Critical Insight

    • Vendors generally do not like RFPs
      Vendors view RFPs as time consuming and costly to respond to and believe that the decision is already made.
    • Dont ignore the benefits of an RFI
      An RFI is too often overlooked as a tool for collecting information from vendors about their product offerings and services.
    • Leverage a pre-proposal conference to maintain an equal and level playing field
      Pre-proposal conference is a convenient and effective way to respond to vendors’ questions ensuring all vendors have the same information to provide a quality response.

    Impact and Result

    • A bad or incomplete RFP results in confusing and incomplete vendor RFP responses which consume time and resources.
    • Incomplete or misunderstood requirements add cost to your project due to the change orders required to complete the project.

    Drive Successful Sourcing Outcomes With a Robust RFP Process Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Storyboard – Leverage your vendor sourcing process to get better results

    Discover a proven process for your RFPs. Review Info-Tech’s process and understand how you can prevent your organization from leaking negotiation leverage while preventing vendors from taking control of your RFP. Our 7-phase process prevents a bad RFP from taking your time, money, and resources.

    • Drive Successful Sourcing Outcomes With a Robust RFP Process Storyboard

    2. Define your RFP Requirements Tool – A convenient tool to gather your requirements and align them to your negotiation strategy.

    Use this tool to assist you and your team in documenting the requirements for your RFP. Use the results of this tool to populate the requirements section of your RFP.

    • RFP Requirements Worksheet

    3. RFP Development Suite of Tools – Use Info-Tech’s RFP, pricing, and vendor response tools and templates to increase your efficiency in your RFP process.

    Configure this time-saving suite of tools to your organizational culture, needs, and most importantly the desired outcome of your RFP initiative. This suite contains four unique RFP templates. Evaluate which template is appropriate for your RFP. Also included in this suite are a response evaluation guidebook and several evaluation scoring tools along with a template to report the RFP results to stakeholders.

    • RFP Calendar and Key Date Tool
    • Vendor Pricing Tool
    • Lean RFP Template
    • Short-Form RFP Template
    • Long-Form RFP Template
    • Excel Form RFP Tool
    • RFP Evaluation Guidebook
    • RFP Evaluation Tool
    • Vendor TCO Tool
    • Consolidated Vendor RFP Response Evaluation Summary
    • Vendor Recommendation Presentation

    Infographic

    Workshop: Drive Successful Sourcing Outcomes With a Robust RFP Process

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Foundation for Creating Requirements

    The Purpose

    Problem Identification

    Key Benefits Achieved

    Current process mapped and requirements template configured

    Activities

    1.1 Overview and level-setting

    1.2 Identify needs and drivers

    1.3 Define and prioritize requirements

    1.4 Gain business authorization and ensure internal alignment

    Outputs

    Map Your Process With Gap Identification

    Requirements Template

    Map Your Process With Gap Identification

    Requirements Template

    Map Your Process With Gap Identification

    Requirements Template

    Map Your Process With Gap Identification

    Requirements Template

    2 Creating a Sourcing Process

    The Purpose

    Define Success Target

    Key Benefits Achieved

    Baseline RFP and evaluation templates

    Activities

    2.1 Create and issue RFP

    2.2 Evaluate responses/proposals and negotiate the agreement

    2.3 Purchase goods and services

    Outputs

    RFP Calendar Tool

    RFP Evaluation Guidebook

    RFP Respondent Evaluation Tool

    3 Configure Templates

    The Purpose

    Configure Templates

    Key Benefits Achieved

    Configured Templates

    Activities

    3.1 Assess and measure

    3.2 Review templates

    Outputs

    Long-Form RFP Template

    Short-Form RFP Template

    Excel-Based RFP Template

    Further reading

    Drive Successful Sourcing Outcomes With a Robust RFP Process

    Leverage your vendor sourcing process to get better results.

    EXECUTIVE BRIEF

    Drive Successful Sourcing Outcomes with a Robust RFP Process

    Lack of RFP Process Causes...
    • Stress
    • Confusion
    • Frustration
    • Directionless
    • Exhaustion
    • Uncertainty
    • Disappointment
    Solution: RFP Process
    Steps in an RFP Process, 'Identify Need', 'Define Business Requirements', 'Gain Business Authorization', 'Perform RFI/RFP', 'Negotiate Agreement', 'Purchase Good and Services', and 'Assess and Measure Performance'.
    • Best value solutions
    • Right-sized solutions
    • Competitive Negotiations
    • Better requirements that feed negotiations
    • Internal alignment on requirements and solutions
    • Vendor Management Governance Plan
    Requirements
    • Risk
    • Legal
    • Support
    • Security
    • Technical
    • Commercial
    • Operational
    • Vendor Management Governance
    Templates, Tools, Governance
    • RFP Template
    • Your Contracts
    • RFP Procedures
    • Pricing Template
    • Evaluation Guide
    • Evaluation Matrix
    Vendor Management
    • Scorecards
    • Classification
    • Business Review Meetings
    • Key Performance Indicators
    • Contract Management
    • Satisfaction Survey

    Analyst Perspective

    Consequences of a bad RFP

    Photo of Steven Jeffery, Principal Research Director, Vendor Management, Co-Author: The Art of Creating a Quality RFP, Info-Tech Research Group

    “A bad request for proposal (RFP) is the gift that keeps on taking – your time, your resources, your energy, and your ability to accomplish your goal. A bad RFP is ineffective and incomplete, it creates more questions than it answers, and, perhaps most importantly, it does not meet your organization’s expectations.”

    Steven Jeffery
    Principal Research Director, Vendor Management
    Co-Author: The Art of Creating a Quality RFP
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    • Most IT organizations are absent of standard RFP templates, tools, and processes.
    • Many RFPs lack sufficient requirements from across the business (Legal, Finance, Security, Risk, Procurement, VMO).
    • Most RFP team members are not adequately trained on RFP best practices.
    • Most IT departments underestimate the amount of time required to perform an effective RFP.
    • An ad hoc sourcing process is a common recipe for vendor performance failure.

    Common Obstacles

    • Lack of time
    • Lack of resources
    • Right team members not engaged
    • Poorly defined requirements
    • Too difficult to change supplier
    • Lack of a process
    • Lack of adequate tools/processes
    • Lack of a vendor communications plan that includes all business stakeholders.
    • Lack of consensus as to what the ideal result should look like.

    Info-Tech’s Approach

    • Establish a repeatable, consistent RFP process that maintains negotiation leverage and includes all key components.
    • Create reusable templates to expedite the RFP evaluation and selection process.
    • Maximize the competition by creating an equal and level playing field that encourages all the vendors to respond to your RFP.
    • Create a process that is clear and understandable for both the business unit and the vendor to follow.
    • Include Vendor Management concepts in the process.

    Info-Tech Insight

    A well planned and executed sourcing strategy that focuses on solid requirements, evaluation criteria, and vendor management will improve vendor performance.

    Executive Summary

    Your Challenge

    Your challenge is to determine the best sourcing tool to obtain vendor information on capabilities, solution(s), pricing and contracting: RFI, RFP, eRFX.

    Depending on your organization’s knowledge of the market, your available funding, and where you are in the sourcing process, there are several approaches to getting the information you need.

    An additional challenge is to answer the question “What is the purpose of our RFX?”

    If you do not have in-depth knowledge of the market, available solutions, and viable vendors, you may want to perform an RFI to provide available market information to guide your RFP strategy.

    If you have defined requirements, approved funding, and enough time, you can issue a detailed, concise RFP.

    If you have “the basics” about the solution to be acquired and are on a tight timeframe, an “enhanced RFI” may fit your needs.

    This blueprint will provide you with the tools and processes and insights to affect the best possible outcome.

    Executive Summary

    Common Obstacles

    • Lack of process/tools
    • Lack of input from stakeholders
    • Stakeholders circumventing the process to vendors
    • Vendors circumventing the process to key stakeholders
    • Lack of clear, concise, and thoroughly articulated requirements
    • Waiting until the vendor is selected to start contract negotiations
    • Waiting until the RFP responses are back to consider vendor management requirements
    • Lack of clear communication strategy to the vendor community that the team adheres to

    Many organizations underestimate the time commitment for an RFP

    70 Days is the average duration of an IT RFP.

    The average number of evaluators is 5-6

    4 Is the average number of vendor submissions, each requiring an average of two to three hours to review. (Source: Bonfire, 2019. Note: The 2019 Bonfire report on the “State of the RFP” is the most recent published.)

    “IT RFPs take the longest from posting to award and have the most evaluators. This may be because IT is regarded as a complex subject requiring complex evaluation. Certainly, of all categories, IT offers the most alternative solutions. The technology is also changing rapidly, as are the requirements of IT users – the half-life of an IT requirement is less than six months (half the requirements specified now will be invalid six months from now). And when the RFP process takes up two of those months, vendors may be unable to meet changed requirements when the time to implement arrives. This is why IT RFPs should specify the problem to be resolved rather than the solution to be provided. If the problem resolution is the goal, vendors are free to implement the latest technologies to meet that need.” (Bonfire, “2019 State of the RFP”)

    Why Vendors Don’t Like RFPs

    Vendors’ win rate

    44%

    Vendors only win an average of 44% of the RFPs they respond to (Loopio, 2022).
    High cost to respond

    3-5%

    Vendors budget 3-5% of the anticipated contract value to respond (LinkedIn, 2017, Note: LinkedIn source is the latest information available).
    Time spent writing response

    23.8 hours

    Vendors spend on average 23.8 hours to write or respond to your RFP (Marketingprofs, 2021).

    Negative effects on your organization from a lack of RFP process

    Visualization titled 'Lack of RFP Process Causes' with the following seven items listed.

    Stress, because roles and responsibilities aren’t clearly defined and communication is haphazard, resulting in strained relationships.

    Confusion, because you don’t know what the expected or desired results are.

    Directionless, because you don’t know where the team is going.

    Uncertainty, with many questions of your own and many more from other team members.

    Frustration, because of all the questions the vendors ask as a result of unclear or incomplete requirements.

    Exhaustion, because reviewing RFP responses of insufficient quality is tedious.

    Disappointment in the results your company realizes.

    (Source: The Art of Creating a Quality RFP)

    Info-Tech’s approach

    Develop an inclusive and thorough approach to the RFP Process

    Steps in an RFP Process, 'Identify Need', 'Define Business Requirements', 'Gain Business Authorization', 'Perform RFI/RFP', 'Negotiate Agreement', 'Purchase Good and Services', and 'Assess and Measure Performance'.

    The Info-Tech difference:

    1. The secret to managing an RFP is to make it as manageable and as thorough as possible. The RFP process should be like any other aspect of business – by developing a standard process. With a process in place, you are better able to handle whatever comes your way, because you know the steps you need to follow to produce a top-notch RFP.
    2. The business then identifies the need for more information about a product/service or determines that a purchase is required.
    3. A team of stakeholders from each area impacted gather all business, technical, legal, and risk requirements. What are the expectations of the vendor relationship post-RFP? How will the vendors be evaluated?
    4. Based on the predetermined requirements, either an RFI or an RFP is issued to vendors with a predetermined due date.

    Insight Summary

    Overarching insight

    Without a well defined, consistent RFP process, with input from all key stakeholders, the organization will not achieve the best possible results from its sourcing efforts.

    Phase 1 insight

    Vendors are choosing to not respond to RFPs due to their length and lack of complete requirements.

    Phase 2 insight

    Be clear and concise in stating your requirements and include, in addition to IT requirements, procurement, security, legal, and risk requirements.

    Phase 3 insight

    Consider adding vendor management requirements to manage the ongoing relationship post contract.

    Tactical insight

    Consider the RFP Evaluation Process as you draft the RFP, including weighting the RFP components. Don’t underestimate the level of effort required to effectively evaluate responses – write the RFP with this in mind.

    Tactical insight

    Provide strict, prescriptive instructions detailing how the vendor should submit their responses. Controlling vendor responses will increase your team’s efficiency in evaluations while providing ease of reference responses across multiple vendors.

    Key deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Key deliverables:

    Info-Tech provides you with the tools you need to go to market in the most efficient manner possible, with guidance on how to achieve your goals.

    Sample of

    Long-Form RFP Template
    For when you have complete requirements and time to develop a thorough RFP.
    Sample of the Long-Form RFP Template deliverable. Short-Form RFP Template
    When the requirements are not as extensive, time is short, and you are familiar with the market.
    Sample of the Short-Form RFP Template deliverable.
    Lean RFP Template
    When you have limited time and some knowledge of the market and wish to include only a few vendors.
    Sample of the Lean RFP Template deliverable. Excel-Form RFP Template
    When there are many requirements, many options, multiple vendors, and a broad evaluation team.
    Sample of the Excel-Form RFP Template deliverable.

    Blueprint benefits

    IT Benefits
    • Side-by-side comparison of vendor capabilities
    • Pricing alternatives
    • No surprises
    • Competitive solutions to deliver the best results
    Mutual IT and Business Benefits
    • Reduced time to implement
    • Improved alignment between IT /Business
    • Improved vendor performance
    • Improved vendor relations
    Business Benefits
    • Budget alignment, reduced cost
    • Best value
    • Risk mitigation
    • Legal and risk protections

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is seven to twelve calls over the course of four to six months.

    What does a typical GI on this topic look like?

    Phase 1

    Phase 2

    Phase 3

    Phase 4

    Phase 5

    Phase 6

    Phase 7

    Call #1: Identify the need Call #3: Gain business authorization Call #5: Negotiate agreement strategy Call #7: Assess and measure performance
    Call #2: Define business requirements Call #4: Review and perform the RFX or RFP Call #6: Purchase goods and services

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com1-888-670-8889

    Day 1 Day 2 Day 3
    Activities
    Answer “What problem do we need to solve?”

    1.1 Overview and level-setting

    1.2 Identify needs and drivers

    1.3 Define and prioritize requirements

    1.4 Gain business authorization and ensure internal alignment

    Define what success looks like?

    2.1 Create and issue RFP

    2.2 Evaluate responses/ proposals and negotiate the agreement.

    2.3 Purchase goods and services

    Configure Templates

    3.1 Assess and measure

    3.2 Review tools

    Deliverables
    1. Map your process with gap identification
    2. RFP Requirements Worksheet
    1. RFP Calendar and Key Date Tool
    2. RFP Evaluation Guidebook
    3. RFP Evaluation Tool
    1. Long-form RFP Template
    2. Short-form RFP Template
    3. Excel-based RFP Tool
    4. Lean RFP Template

    Phase 1

    Identify Need

    Steps

    1.1 Establish the need to either purchase goods/services (RFP) or acquire additional information from the market (RFI).

    Steps in an RFP Process with the first step, 'Identify Need', highlighted.

    This phase involves the following participants:

    • Business stakeholders
    • IT
    • Sourcing/Procurement
    • Finance

    Identify the need based on business requirements, changing technology, increasing vendor costs, expiring contracts, and changing regulatory requirements.

    Outcomes of this phase

    Agreement on the need to go to market to make a purchase (RFP) or to acquire additional information (RFI) along with a high-level agreement on requirements, rough schedule (is there time to do a full blown RFP or are you time constrained, which may result in an eRFP) and the RFP team is identified.

    Identify Need
    Phase 1 Phase 2 Phase 3 Phase 4 Phase 5 Phase 6 Phase 7

    Identify the Need for Your RFP

    • An RFP is issued to the market when you are certain that you intend to purchase a product/service and have identified an adequate vendor base from which to choose as a result of:

      • IT Strategy
      • Changes in technology
      • Marketplace assessment
      • Contract expiration/renewal
      • Changes in regulatory requirements
      • Changes in the business’ requirements
    • An RFI is issued to the market when you are uncertain as to available technologies or supplier capabilities and need budgetary costs for planning purposes.
    • Be sure to choose the right RFx tool for your situation!
    Stock photo of a pen circling the word 'needs' on a printed document.

    Phase 2

    Define Your RFP Requirements

    Steps

    2.1 Define and classify the technical, business, financial, legal, and support and security requirements for your business.

    Steps in an RFP Process with the second step, 'Define Business Requirements', highlighted.

    This phase involves the following participants:

    • IT
    • Legal
    • Finance
    • Risk management
    • Sourcing/Procurement
    • Business stakeholders

    Outcomes of this phase

    A detailed list of required business, technical, legal and procurement requirements classified as to absolute need(s), bargaining and concession need(s), and “nice to haves.”

    Define Business Requirements

    Phase 1 Phase 2 Phase 3 Phase 4 Phase 5 Phase 6 Phase 7

    Define RFP Requirements

    Key things to consider when defining requirements

    • Must be inclusive of the needs of all stakeholders: business, technical, financial, and legal
    • Strive for clarity and completeness in each area of consideration.
    • Begin defining your “absolute,” “bargaining,” “concession,” and ‘”dropped/out of scope” requirements to streamline the evaluation process.
    • Keep the requirements identified as “absolute” to a minimum, because vendors that do not meet absolute requirements will be removed from consideration.
    • Do you have a standard contract that can be included or do you want to review the vendor’s contract?
    • Don’t forget Data Security!
    • Begin defining your vendor selection criteria.
    • What do you want the end result to look like?
    • How will you manage the selected vendor after the contract? Include key VM requirements.
    • Defining requirements can’t be rushed or you’ll find yourself answering many questions, which may create confusion.
    • Collect all your current spend and budget considerations regarding the needed product(s) and service(s).

    “Concentrate on the needs of the organization and not the wants of the individuals when creating requirements to avoid scope creep.” (Donna Glidden, ITRG Research Director)

    Leverage the “ABCD” approach found in our Prepare for Negotiations More Effectively blueprint:
    https://tymansgrpup.com/research/ss/prepare-for-negotiations-more-effectively

    2.1 Prioritize your requirements

    1 hr to several days

    Input: List of all requirements from IT and IT Security, Business, Sourcing/Procurement, Risk Management, and Legal

    Output: Prioritized list of RFP requirements approved by the stakeholder team

    Materials: The RFP Requirements Worksheet

    Participants: All stakeholders impacted by the RFP: IT, IT Security, the Business, Sourcing/ Procurement, Risk Management, Legal

    1. Use this tool to assist you and your team in documenting the requirements for your RFP. Leverage it to collect and categorize your requirements in preparation for negotiations. Use the results of this tool to populate the requirements section of your RFP.
    2. As a group, review each of the requirements and determine their priority as they will ultimately relate to the negotiations.
      • Prioritizing your requirements will set up your negotiation strategy and streamline the process.
      • By establishing the priority of each requirement upfront, you will save time and effort in the selection process.
    3. Review RFP requirements with stakeholders for approval.

    Download the RFP Requirements Worksheet

    Phase 3

    Gain Business Authorization

    Steps

    3.1 Obtain business authorization from the business, technology, finance and Sourcing/Procurement

    Steps in an RFP Process with the third step, 'Gain Business Authorization', highlighted.

    This phase involves the following participants:

    • Business stakeholders
    • Technology and finance (depending upon the business)
    • Sourcing/Procurement

    Outcomes of this phase

    Approval by all key stakeholders to proceed with the issuing of the RFP and to make a purchase as a result.

    Gain Business Authorization

    Phase 1 Phase 2 Phase 3 Phase 4 Phase 5 Phase 6 Phase 7

    Gain Business Authorization

    Gain authorization for your RFP from all relevant stakeholders
    • Alignment of stakeholders
    • Agreement on final requirements
    • Financial authorization
    • Commitment of resources
    • Agreement on what constitutes vendor qualification
    • Finalization of selection criteria and their prioritization

    Obtaining cross-function alignment will clear the way for contract, SOW, and budget approvals and not waste any of your and your vendor’s resources in performing an RFP that your organization is not ready to implement or invest financial and human resources in.

    Stock photo of the word 'AUTHORIZED' stamped onto a white background with a much smaller stamp laying beside it.

    Phase 4

    Create and Issue

    Steps

    4.1 Build your RFP

    4.2 Decide RFI or not

    4.3 Create your RFP

    4.4 Receive & answer questions

    4.5 Perform Pre-Proposal Conference

    4.6 Evaluate responses

    Steps in an RFP Process with the fourth step, 'Perform RFI/RFP', highlighted.

    This phase involves the following participants:

    • The RFP owner
    • IT
    • Business SMEs/stakeholders

    Outcomes of this phase

    RFP package is issued to vendors and includes the date of the Pre-Proposal Conference, which should be held shortly after RFP release and includes all parties.

    SME’s/stakeholders participate in providing answers to RFP contact for response to vendors.

    Create and Issue Your RFP/RFI

    Phase 1 Phase 2 Phase 3 Phase 4 Phase 5 Phase 6 Phase 7

    Six Steps to Perform RFI/RFP

    Step 1

    • Build your RFP with evaluation in mind.

    Step 2

    • RFI or no RFI
    • Consider a Lean RFP

    Step 3

    • Create your RFP
    • Establish your RFP dates
    • Decide on RFP template
      • Short
      • Long
      • Excel
    • Create a template for vendors’ response
    • Create your Pricing Template

    Step 4

    • Receive RFP questions from vendors
    • Review and prepare answers to questions for the Pre-Proposal Conference

    Step 5

    • Conduct a Pre-Proposal Conference

    Step 6

    • Receive vendors’ proposals
    • Review for compliance and completion
    • Team evaluates vendors’ proposals.
    • Prepare TCO
    • Draft executive recommendation report

    Build your RFP with evaluation in mind

    Easing evaluation frustrations

    At the beginning of your RFP creation process consider how your requirements will impact the vendor’s response. Concentrate on the instructions you provide the vendors and how you wish to receive their responses. View the RFP through the lens of the vendors and envision how they are going to respond to the proposal.

    Limiting the number of requirements included in the RFP will increase the evaluation team’s speed when reviewing vendors’ responses. This is accomplished by not asking questions for common features and functionality that all vendors provide. Don’t ask multiple questions within a question. Avoid “lifting” vendor-specific language to copy into the RFP as this will signal to vendors who their competition might be and may deter their participation. Concentrate your requirement questions to those areas that are unique to your solution to reduce the amount of time required to evaluate the vendors’ response.

    Things to Consider When Creating Your RFP:

    • Consistency is the foundation for ease of evaluation.
    • Provide templates, such as an Excel worksheet, for the vendor’s pricing submissions and for its responses to close-ended questions.
    • Give detailed instructions on how the vendor should organize their response.
    • Limit the number of open-ended questions requiring a long narrative response to must-have requirements.
    • Organize your requirements and objectives in a numerical outline and have the vendor respond in the same manner, such as the following:
      • 1
      • 1.1
      • 1.1.1

    Increase your response quality

    Inconsistent formatting of vendor responses prevents an apples-to-apples evaluation between vendor responses. Evaluation teams are frequently challenged and are unable to evaluate vendors’ responses equally against each other for the following reasons:

    Challenges
    • Vendor responses are submitted with different and confusing nomenclature
    • Inconsistent format in response
    • Disparate order of sections in the vendors responses
    • Different style of outlining their responses, e.g. 1.1 vs. I.(i)
    • Pricing proposal included throughout their response
    • Responses are comingled with marketing messages
    • Vendor answers to requirements or objectives are not consolidated in a uniform manner
    • Disparate descriptions for response subsections
    Prevention
    • Provide specific instructions as to how the vendor is to organize their response:
      • How to format and outline the response
      • No marketing material
      • No pricing in the body of the response
    • Provide templates for pricing, technical, operational, and legal aspects.

    Six Steps to Perform RFI/RFP

    Step 1

    • Build your RFP with evaluation in mind.

    Step 2

    • RFI or no RFI
    • Consider a Lean RFP

    Step 3

    • Create your RFP
    • Establish your RFP dates
    • Decide on RFP template
      • Short
      • Long
      • Excel
    • Create a template for vendors’ response
    • Create your Pricing Template

    Step 4

    • Receive RFP questions from vendors
    • Review and prepare answers to questions for the Pre-Proposal Conference

    Step 5

    • Conduct a Pre-Proposal Conference

    Step 6

    • Receive vendors’ proposals
    • Review for compliance and completion
    • Team evaluates vendors’ proposals.
    • Prepare TCO
    • Draft executive recommendation report

    Perform Request for Information

    Don’t underestimate the importance of the RFI

    As the name implies, a request for information (RFI) is a tool for collecting information from vendors about the companies, their products, and their services. We find RFIs useful when faced with a lot of vendors that we don’t know much about, when we want to benchmark the marketplace for products and services, including budgetary information, and when we have identified more potential vendors than we care to commit a full RFP to.

    RFIs are simpler and less time-consuming than RFPs to prepare and evaluate, so it can make a lot of sense to start with an RFI. Eliminating unqualified vendors from further consideration will save your team from weeding through RFP responses that do not meet your objectives. For their part, your vendors will appreciate your efforts to determine up-front which of them are the best bets before asking them to spend resources and money producing a costly proposal.

    While many organizations rarely use RFIs, they can be an effective tool in the vendor manager’s toolbox when used at the right time in the right way. RFIs can be deployed in competitive targeted negotiations.

    A Lean RFP is a two-stage strategy that speeds up the typical RFP process. The first stage is like an RFI on steroids, and the second stage is targeted competitive negotiation.

    Don’t rely solely on the internet to qualify vendors; use an RFI to acquire additional information before finalizing an RFP.

    4.2.1 In a hurry? Consider a Lean RFP instead of an RFP

    Several days
    1. Create an RFI with all of the normal and customary components. Next, add a few additional RFP-like requirements (e.g. operational, technical, and legal requirements). Make sure you include a request for budgetary pricing and provide any significant features and functionality requirements so that the vendors have enough information to propose solutions. In addition, allow the vendors to ask questions through your single point of coordination and share answers with all of the vendors. Finally, notify the vendors that you will not be doing an RFP.
    2. Review the vendors’ proposals and evaluate their proposals against your requirements along with their notional or budgetary pricing.
    3. Have the evaluators utilize the Lean RFP Template to record their scores accordingly.
    4. After collecting the scores from the evaluators, consolidate the scores together to discuss which vendors – we recommend two or three – you want to present demos.
    5. Based on the vendors’ demos, the team selects at least two vendors to negotiate contract and pricing terms with intent of selecting the best-value vendor.
    6. The Lean RFP shortens the typical RFP process, maintains leverage for your organization, and works great with low- to medium-spend items (however your organization defines them). You’ll get clarification on vendors’ competencies and capabilities, obtain a fair market price, and meet your internal clients’ aggressive timelines while still taking steps to protect your organization.

    Download the Lean RFP Template

    Download the RFP Evaluation Tool

    4.2.1 In a hurry? Consider a Lean RFP instead of an RFP continued

    Input

    • List of technical, operational, business, and legal requirements
    • Budgetary pricing ask

    Output

    • A Lean RFP document that includes the primary components of an RFP
    • Lean RFP vendors response evaluation

    Materials

    • Lean RFP Template
    • RFP Evaluation Tool
    • Contracting requirements
    • Pricing

    Participants

    • IT
    • Business
    • Finance
    • Sourcing/Procurement

    Case Study

    A Lean RFP saves time
    INDUSTRY: Pharmaceutical
    SOURCE: Guided Implementation
    Challenge
    • The vendor manager (VM) was experiencing pressure to shorten the expected five-month duration to perform an RFP for software that planned, coordinated, and submitted regulatory documents to the US Food and Drug Administration.
    • The VM team was not completely familiar with the qualified vendors and their solutions.
    • The organization wanted to capitalize on this opportunity to enhance its current processes with the intent of improving efficiencies in documentation submissions.
    Solution
    • Leveraging the Lean RFP process, the team reduced the 200+ RFP questionnaire into a more manageable list of 34 significant questions to evaluate vendor responses.
    • The team issued the Lean RFP and requested the vendors’ responses in three weeks instead of the five weeks planned for the RFP process.
    • The team modified the scoring process to utilize a simple weighted-scoring methodology, using a scale of 1-5.
    Results
    • The Lean RFP scaled back the complexity of a large RFP.
    • The customer received three vendor responses ranging from 19 to 43 pages and 60-80% shorter than expected if the RFP had been used. This allowed the team to reduce the evaluation period by three weeks.
    • The duration of the RFx process was reduced by more than two months – from five months to just under three months.

    Six Steps to Perform RFI/RFP

    Step 1

    • Build your RFP with evaluation in mind.

    Step 2

    • RFI or no RFI
    • Consider a Lean RFP

    Step 3

    • Create your RFP
    • Establish your RFP dates
    • Decide on RFP template
      • Short
      • Long
      • Excel
    • Create a template for vendors’ response
    • Create your Pricing Template

    Step 4

    • Receive RFP questions from vendors
    • Review and prepare answers to questions for the Pre-Proposal Conference

    Step 5

    • Conduct a Pre-Proposal Conference

    Step 6

    • Receive vendors’ proposals
    • Review for compliance and completion
    • Team evaluates vendors’ proposals.
    • Prepare TCO
    • Draft executive recommendation report

    4.3.1 RFP Calendar

    1 hour

    Input: List duration in days of key activities, RFP Calendar and Key Date Tool, For all vendor-inclusive meetings, include the dates on your RFP calendar and reference them in the RFP

    Output: A timeline to complete the RFP that has the support of each stakeholder involved in the process and that allows for a complete and thorough vendor response.

    Materials: RFP Calendar and Key Date Tool

    Participants: IT management, Business stakeholder(s), Legal (as required), Risk management (as required), Sourcing/Procurement, Vendor management

    1. As a group, identify the key activities to be accomplished and the amount of time estimated to complete each task:
      1. Identify who is ultimately accountable for the completion of each task
      2. Determine the length of time required to complete each task
    2. Use the RFP Calendar and Key Date Tool to build the calendar specific to your needs.
    3. Include vendor-related dates in the RFP, i.e., Pre-Proposal Conference, deadline for RFP questions as well as response.

    Download the RFP Calendar and Key Date Tool

    Draft your RFP

    Create and issue your RFP, which should contain at least the following:
    • The ability for the vendors to ask clarifying questions (in writing, sent to the predetermined RFP contact)
    • Pre-Proposal/Pre-Bid Conference schedule where vendors can receive the same answer to all clarifying written questions
    • A calendar of events (block the time on stakeholder calendars – see template).
    • Instructions to potential vendors on how they should construct and return their response to enable effective and timely evaluation of each offer.
    • Requirements; for example: Functional, Operational, Technical, and Legal.
    • Specification drawings as if applicable.
    • Consider adding vendor management requirements – how do you want to manage the relationship after the deal is done?
    • A pricing template for vendors to complete that facilitates comparison across multiple vendors.
    • Contract terms required by your legal team (or your standard contract for vendors to redline as part of their response and rated/ranked accordingly).
    • Create your RFP with the evaluation process and team in mind to ensure efficiency and timeliness in the process. Be clear, concise, and complete in the document.
    • Consistency and completeness is the foundation for ease of evaluation.
    • Give vendors detailed instruction on how to structure and organize their response.
    • Limit the number of open-ended questions requiring a long narrative response.
    • Be sure to leverage Info-Tech’s proven and field-tested Short-Form, Long-Form, and Lean RFP Templates provided in this blueprint.

    Create a template for the vendors’ response

    Dictating to the vendors the format of their response will increase your evaluation efficiency
    Narrative Response:

    Create either a Word or Excel document that provides the vendor with an easy vehicle for their response. This template should include the question identifier that ties the response back to the requirement in the RFP. Instruct vendors to include the question number on any ancillary materials they wish to include.

    Pricing Response:

    Create a separate Excel template that the vendors must use to provide their financial offer. This template should include pricing for hardware, software, training, implementation, and professional services, as well as placeholders for any additional fees.

    Always be flexible in accepting alternative proposals after the vendor has responded with the information you requested in the format you require.

    Stock image of a paper checklist in front of a laptop computer's screen.

    4.3.2 Vendor Pricing Tool

    1 hour

    Input: Identify pricing components for hardware, software, training, consulting/services, support, and additional licenses (if needed)

    Output: Vendor Pricing Tool

    Materials: RFP Requirements Worksheet, Pricing template

    Participants: IT, Finance, Business stakeholders, Sourcing/Procurement, Vendor management

    1. Using a good pricing template will prevent vendors from providing pricing offers that create a strategic advantage designed to prevent you from performing an apples-to-apples comparison.
    2. Provide specific instructions as to how the vendor is to organize their pricing response, which should be submitted separate from the RFP response.
    3. Configure and tailor pricing templates that are specific to the product and/or services.
    4. Upon receipt of all the vendor’s responses, simply cut and paste their total response to your base template for an easy side-by-side pricing comparison.
    5. Do not allow vendors to submit financial proposals outside of your template.

    Download the Vendor Pricing Tool

    Three RFP Templates

    Choose the right template for the right sourcing initiative

    • Short-Form
    • Use the Short-Form RFP Template for simple, non-complex solutions that are medium to low dollar amounts that do not require numerous requirements.

    • Long-Form
    • We recommend the Long-Form RFP Template for highly technical and complex solutions that are high dollar and have long implementation duration.

    • Excel-Form
    • Leverage the Excel-Form RFP Tool for requirements that are more specific in nature to evaluate a vendor’s capability for their solution. This template is designed to be complete and inclusive of the RFP process, e.g., requirements, vendor response, and vendor response evaluation scoring.

    Like tools in a carpenters’ tool box or truck, there is no right or wrong template for any job. Take into account your organization culture, resources available, time frame, policies, and procedures to pick the right tool for the job. (Steve Jeffery, Principal Research Director, Vendor Management, Co-Author: The Art of Creating a Quality RFP, Info-Tech Research Group)

    4.3.3 Short-Form RFP Template

    1-2 hours

    Input: List of technical, legal, business, and data security requirements

    Output: Full set of requirements, prioritized, that all participants agree to

    Materials: Short-Form RFP Template, Vendor Pricing Tool, Supporting exhibits

    Participants: IT management, Business stakeholder(s), Legal (as required), Risk management (as required), Sourcing/Procurement, Vendor management

    • This is a less complex RFP that has relatively basic requirements and perhaps a small window in which the vendors can respond. As with the long-form RFP, exhibits are placed at the end of the RFP, an arrangement that saves both your team and the vendors time. Of course, the short-form RFP contains less-specific instructions, guidelines, and rules for vendors’ proposal submissions.
    • We find that short-form RFPs are a good choice when you need to use something more than a request for quote (RFQ) but less than an RFP running 20 or more pages. It’s ideal, for example, when you want to send an RFP to only one vendor or to acquire items such as office supplies, contingent labor, or commodity items that don’t require significant vendor risk assessment.

    Download the Short-Form RFP Template

    4.3.4 Long-Form RFP Template

    1-3 hours

    Input: List of technical, legal, business, and data security requirements

    Output: Full set of requirements, prioritized, that all stakeholders agree to

    Materials: Long-Form RFP Template, Vendor Pricing Tool, Supporting exhibits

    Participants: IT management, Business stakeholder(s), Legal (as required), Risk management (as required), Sourcing/Procurement, Vendor management

    • A long-form or major RFP is an excellent tool for more complex and complicated requirements. This template is for a baseline RFP.
    • It starts with best-in-class RFP terms and conditions that are essential to maintaining your control throughout the RFP process. The specific requirements for the business, functional, technical, legal, and pricing areas should be included in the exhibits at the end of the template. That makes it easier to tailor the RFP for each deal, since you and your team can quickly identify specific areas that need modification. Grouping the exhibits together also makes it convenient for both your team to review and the vendors to respond.
    • You can use this sample RFP as the basis for your template RFP, taking it all as is or picking and choosing the sections that best meet the mission and objectives of the RFP and your organization.

    Download the Long-Form RFP Template

    4.3.5 Excel-Form RFP Tool

    Several weeks

    Input: List of technical, legal, business, and data security requirements

    Output: Full set of requirements, prioritized, that all stakeholders agree to

    Materials: Excel-Form RFP Template, Vendor Pricing Tool, Supporting exhibits

    Participants: IT management, Business stakeholder(s), Legal (as required), Risk management (as required), Sourcing/Procurement, Vendor management

    • The Excel-Form RFP Tool is used as an alternative to the other RFP toolsets if you have multiple requirements and have multiple vendors to choose from.
    • Requirements are written as a “statement” and the vendor can select from five answers as to their ability to meet the requirements, with the ability to provide additional context and materials to augment their answers, as needed.
    • Requirements are listed separately in each tab, for example, Business, Legal, Technical, Security, Support, Professional Services, etc.

    Download the Excel-Form RFP Template

    Six Steps to Perform RFI/RFP

    Step 1

    • Build your RFP with evaluation in mind.

    Step 2

    • RFI or no RFI
    • Consider a Lean RFP

    Step 3

    • Create your RFP
    • Establish your RFP dates
    • Decide on RFP template
      • Short
      • Long
      • Excel
    • Create a template for vendors’ response
    • Create your Pricing Template

    Step 4

    • Receive RFP questions from vendors
    • Review and prepare answers to questions for the Pre-Proposal Conference

    Step 5

    • Conduct a Pre-Proposal Conference

    Step 6

    • Receive vendors’ proposals
    • Review for compliance and completion
    • Team evaluates vendors’ proposals.
    • Prepare TCO
    • Draft executive recommendation report

    Answer Vendor Questions

    Maintaining your equal and level playing field among vendors

    • Provide an adequate amount of time from the RFP issue date to the deadline for vendor questions. There may be multiple vendor staff/departments that need to read the RFP and then discuss their response approach and gather any clarifying questions, so we generally recommend three to five business days.
    • There should be one point of contact for all Q&A, which should be submitted in writing via email only. Be sure to plan for enough time to get the answers back from the RFP stakeholders.
    • After the deadline, collect all Q&A and begin the process of consolidating into one document.
    Large silver question mark.
    • Be sure to anonymize both vendor questions and your responses, so as not to reveal who asked or answered the question.
    • Send the document to all RFP respondents via your sourcing tool or BCC in an email to the point of contact, with read receipt requested. That way, you can track who has received and opened the correspondence.
    • Provide the answers a few days prior to the Pre-Proposal Conference to allow all respondents time to review the document and prepare any additional questions.
    • Begin the preparation for the Pre-Proposal Conference.

    Six Steps to Perform RFI/RFP

    Step 1

    • Build your RFP with evaluation in mind.

    Step 2

    • RFI or no RFI
    • Consider a Lean RFP

    Step 3

    • Create your RFP
    • Establish your RFP dates
    • Decide on RFP template
      • Short
      • Long
      • Excel
    • Create a template for vendors’ response
    • Create your Pricing Template

    Step 4

    • Receive RFP questions from vendors
    • Review and prepare answers to questions for the Pre-Proposal Conference

    Step 5

    • Conduct a Pre-Proposal Conference

    Step 6

    • Receive vendors’ proposals
    • Review for compliance and completion
    • Team evaluates vendors’ proposals.
    • Prepare TCO
    • Draft executive recommendation report

    Conduct Pre-Proposal Conference

    Maintain an equal and level playing field

    • Consolidate all Q&A to be presented to all vendors during the Pre-Proposal Conference.
    • If the Pre-Proposal Conference is conducted via conference call, be sure to record the session and advise all participants at the beginning of the call.
    • Be sure to have key stakeholders present on the call to answer questions.
    • Read each question and answer, after which ask if there are any follow up questions. Be sure to capture them and then add them to the Q&A document.
    • Remind respondents that no further questions will be entertained during the remainder of the RFP response period.
    • Send the updated and completed document to all vendors (even if circumstances prevented their attending the Pre-Proposal Conference). Use the same process as when you sent out the initial answers: via email, blind copy the respondents and request read/receipt.

    “Using a Pre-Proposal Conference allows you to reinforce that there is a level playing field for all of the vendors…that each vendor has an equal chance to earn your business. This encourages and maximizes competition, and when that happens, the customer wins.” (Phil Bode, Principal Research Director, Co-Author: The Art of Creating a Quality RFP, Info-Tech Research Group)

    Pre-Proposal Conference Agenda

    Modify this agenda for your specific organization’s culture
    1. Opening Remarks & Welcome – RFP Manager
      1. Agenda review
      2. Purpose of the Pre-Proposal Conference
    2. Review Agenda
      1. Introduction of your (customer) attendees
    3. Participating Vendor Introduction (company name)
    4. Executive or Sr. Leadership Comments (limit to five minutes)
      1. Importance of the RFP
      2. High-level business objective or definition of success
    5. Review Key Dates in the RFP

    (Source: The Art of Creating a Quality RFP, Jeffery et al., 2019)
    1. Review of any Technical Drawings or Information
      1. Key technical requirements and constraints
      2. Key infrastructure requirements and constraints
    2. Review of any complex RFP Issues
      1. Project scope/out of scope
    3. Question &Answer
      1. Vendors’ questions in alphabetical order
    4. Review of Any Specific Instructions for the Respondents
    5. Conclusion/Closing
      1. Review how to submit additional questions
      2. Remind vendors of the single point of contact

    Allow your executive or leadership sponsor to leave the Pre-Proposal Conference after they provide their comments to allow them to continue their day while demonstrating to the vendors the importance of the project.

    Six Steps to Perform RFI/RFP

    Step 1

    • Build your RFP with evaluation in mind.

    Step 2

    • RFI or no RFI
    • Consider a Lean RFP

    Step 3

    • Create your RFP
    • Establish your RFP dates
    • Decide on RFP template
      • Short
      • Long
      • Excel
    • Create a template for vendors’ response
    • Create your Pricing Template

    Step 4

    • Receive RFP questions from vendors
    • Review and prepare answers to questions for the Pre-Proposal Conference

    Step 5

    • Conduct a Pre-Proposal Conference

    Step 6

    • Receive vendors’ proposals
    • Review for compliance and completion
    • Team evaluates vendors’ proposals.
    • Prepare TCO
    • Draft executive recommendation report

    Evaluate Responses

    Other important information

    • Consider separating the pricing component from the RFP responses before sending them to reviewers to maintain objectivity until after you have received all ratings on the proposals themselves.
    • Each reviewer should set aside focused time to carefully read each vendor’s response
    • Read the entire vendor proposal – they spent a lot time and money responding to your request, so please read everything.
    • Remind reviewers that they should route any questions to the vendor through the RFP manager.
    • Using the predetermined ranking system for each section, rate each section of the response, capturing any notes, questions, or concerns as you proceed through the document(s).
    Stock photo of a 'Rating' meter with values 'Very Bad to 'Excellent'.

    Use a proven evaluation method

    Two proven methods to reviewing vendors’ proposals are by response and by objective

    The first, by response, is when the evaluator reviews each vendor’s response in its entirety.

    The second, reviewing by objective, is when the evaluator reviews each vendor’s response to a single objective before moving on to the next.

    By Response

    Two-way arrow with '+ Pros' in green on the left and 'Cons -' in red on the right.

    By Objective

    Two-way arrow with '+ Pros' in green on the left and 'Cons -' in red on the right.

    • Each response is thoroughly read all the way through.
    • Response inconsistencies are easily noticed.
    • Evaluators obtain a good feel for the vendor's response.
    • Evaluators will lose interest as they move from one response to another.
    • Evaluation will be biased if the beginning of response is subpar, influencing the rest of the evaluation.
    • Deficiencies of the perceived favorite vendor are overlooked.
    • Evaluators concentrate on how each objective is addressed.
    • Evaluators better understand the responses, resulting in identifying the best response for the objective.
    • Evaluators are less susceptible to supplier bias.
    • Electronic format of the response hampers response review per objective.
    • If a hard copy is necessary, converting electronic responses to hard copy is costly and cumbersome.
    • Discipline is required to score each vendor's response as they go.

    Maintain evaluation objectivity by reducing response evaluation biases

    Evaluation teams can be naturally biased during their review of the vendors’ responses.

    You cannot eliminate bias completely – the best you can do is manage it by identifying these biases with the team and mitigating their influence in the evaluation process.

    Vendor

    The evaluator only trusts a certain vendor and is uncomfortable with any other vendor.
    • Evaluate the responses blind of vendor names, if possible.
    Centerpiece for this table, titled 'BIAS' and surrounding by iconized representations of the four types listed.

    Account Representatives

    Relationships extend beyond business, and an evaluator doesn't want to jeopardize them.
    • Craft RFP objectives that are vendor neutral.

    Technical

    A vendor is the only technical solution the evaluator is looking for, and they will not consider anything else.
    • Conduct fair and open solution demonstrations.

    Price

    As humans, we can justify anything at a good price.
    • Evaluate proposals without awareness of price.

    Additional insights when evaluating RFPs

    When your evaluation team includes a member of the C-suite or senior leadership, ensure you give them extra time to sufficiently review the vendor's responses. When your questions require a definitive “Yes”/“True” or “No”/“False” responses, we recommend giving the maximum score for “Yes”/“True” and the minimum score for “No”/“False”.
    Increase your efficiency and speed of evaluation by evaluating the mandatory requirements first. If a vendor's response doesn't meet the minimum requirements, save time by not reviewing the remainder of the response. Group your RFP questions with a high-level qualifying question, then the supporting detailed requirements. The evaluation team can save time by not evaluating a response that does not meet a high-level qualifying requirement.

    Establish your evaluation scoring scale

    Define your ranking scale to ensure consistency in ratings

    Within each section of your RFP are objectives, each of which should be given its own score. Our recommended approach is to award on a scale of 0 to 5. With such a scale, you need to define every level. Below are the recommended definitions for a 0 to 5 scoring scale.

    Score Criteria for Rating
    5 Outstanding – Complete understanding of current and future needs; solution addresses current and future needs
    4 Competent – Complete understanding and adequate solution
    3 Average – Average understanding and adequate solution
    2 Questionable – Average understanding; proposal questionable
    1 Poor – Minimal understanding
    0 Not acceptable – Lacks understanding
    Stock photo of judges holding up their ratings.

    Weigh the sections of your RFP on how important or critical they are to the RFP

    Obtain Alignment on Weighting the Scores of Each Section
    • There are many ways to score responses, ranging from extremely simple to highly complicated. The most important thing is that everyone responsible for completing scorecards is in total agreement about how the scoring system should work. Otherwise, the scorecards will lose their value, since different weighting and scoring templates were used to arrive at their scores.
    • You can start by weighting the scores by section, with all sections adding up to 100%.
    Example RFP Section Weights
    Pie chart of example RFP section weights, 'Operational, 20%', 'Service-Level Agreements, 20%', 'Financial, 20%', 'Legal/Contractual, 15%', 'Technical, 10%' 'Functional, 15%'.
    (Source: The Art of Creating a Quality RFP, Jeffery et al., 2019)

    Protect your negotiation leverage with these best practices

    Protect your organization's reputation within the vendor community with a fair and balanced process.
    • Unless you regularly have the evaluators on your evaluation team, always assume that the team members are not familiar nor experienced with your process and procedures.
    • Do not underestimate the amount of preparations required to ensure that your evaluation team has everything they need to evaluate vendors’ responses without bias.
    • Be very specific about the expectations and time commitment required for the evaluation team to evaluate the responses.
    • Explain to the team members the importance of evaluating responses without conflicts of interest, including the fact that information contained within the responses and all discussions within the team are considered company owned and confidential.
    • Include examples of the evaluation and scoring processes to help the evaluators understand what they should be doing.
    • Finally – don’t forget to the thank the evaluation team and their managers for their time and commitment in contributing to this essential decision.
    Stock photo of a cork board with 'best practice' spelled out by tacked bits of paper, each with a letter in a different font.

    Evaluation teams must balance commercial vs. technical requirements

    Do not alter the evaluation weights after responses are submitted.
    • Evaluation teams are always challenged by weighing the importance of price, budget, and value against the technical requirements of “must-haves” and super cool “nice-to-haves.”
    • Encouraging the evaluation team not to inadvertently convert the nice-to-haves to must-haves will prevent scope creep and budget pressure. The evaluation team must concentrate on the vendors’ responses that drive the best value when balancing both commercial and technical requirements.
    Two blocks labelled 'Commercial Requirements' and 'Technical Requirements' balancing on either end of a flat sheet, which is balancing on a silver ball.

    4.6.1 Evaluation Guidebook

    1 hour

    Input: RFP responses, Weighted Scoring Matrix, Vendor Response Scorecard

    Output: One or two finalists for which negotiations will proceed

    Materials: RFP Evaluation Guidebook

    Participants: IT, Finance, Business stakeholders, Sourcing/Procurement, Vendor management

    1. Info-Tech provides an excellent resource for your evaluation team to better understand the process of evaluating vendor response. The guidebook is designed to be configured to the specifics of your RFP, with guidance and instructions to the team.
    2. Use this guidebook to provide instruction to the evaluation team as to how best to score and rate the RFP responses.
    3. Specific definitions are provided for applying the numerical scores to the RFP objectives will ensure consistency among the appropriate numerical score.

    Download the RFP Evaluation Guidebook

    4.6.2 RFP Vendor Proposal Scoring Tool

    1-4 hours

    Input: Each vendor’s RFP response, A copy of the RFP (less pricing), A list of the weighted criteria incorporated into a vendor response scorecard

    Output: A consolidated ranked and weighted comparison of the vendor responses with pricing

    Materials: Vendor responses, RFP Evaluation Tool

    Participants: Sourcing/Procurement, Vendor management

    1. Using the RFP outline as a base, develop a scorecard to evaluate and rate each section of the vendor response, based on the criteria predetermined by the team.
    2. Provide each stakeholder with the scorecard when you provide the vendor responses for them to review and provide the team with adequate time to review each response thoroughly and completely.
    3. Do not, at this stage, provide the pricing. Allow stakeholders to review the responses based on the technical, business, operational criteria without prejudice as to pricing.
    4. Evaluators should always be reminded that they are evaluating each vendor’s response against the objectives and requirements of the RFP. The evaluators should not be evaluating each vendor’s response against one another.
    5. While the team is reviewing and scoring responses, review and consolidate the vendor pricing submissions into one document for a side-by-side comparison.

    Download the RFP Evaluation Tool

    4.6.3 Total Cost of Owners (TCO)

    1-2 hours

    Input: Consolidated vendor pricing responses, Consolidated vendor RFP responses, Current spend within your organization for the product/service, if available, Budget

    Output: A completed TCO model summarizing the financial results of the RFP showing the anticipated costs over the term of the agreement, taking into consideration the impact of renewals.

    Materials: Vendor TCO Tool, Vendor pricing responses

    Participants: IT, Finance, Business stakeholders, Sourcing/Procurement

    • Use Info-Tech’s Vendor TCO Tool to normalize each vendor’s pricing proposal and account for the lifetime cost of the product.
    • Fill in pricing information (the total of all annual costs) from each vendor's returned Pricing Proposal.
    • The tool will summarize the net present value of the TCO for each vendor proposal.
    • The tool will also provide the rank of each pricing proposal.

    Download the Vendor TCO Tool

    Conduct an evaluation team results meeting

    Follow the checklist below to ensure an effective evaluation results meeting

    • Schedule the evaluation team’s review meeting well in advance to ensure there are no scheduling conflicts.
    • Collect the evaluation team’s scores in advance.
    • Collate scores and provide an initial ranking.
    • Do not reveal the pricing evaluation results until after initial discussions and review of the scoring results.
    • Examine both high and low scores to understand why the team members scored the response as they did.
    • Allow the team to discuss, debate, and arrive at consensus on the ranking.
    • After consensus, reveal the pricing to examine if or how it changes the ranking.
    • Align the team on the next steps with the applicable vendors.

    4.6.4 Consolidated RFP Response Scoring

    1-2 hours

    Input: Vendor Response Scorecard from each stakeholder, Consolidated RFP responses and pricing, Any follow up questions or items requiring further vendor clarification.

    Output: An RFP Response Evaluation Summary that identifies the finalists based on pre-determined criteria.

    Materials: RFP Evaluation Tool from each stakeholder, Consolidated RFP responses and pricing.

    Participants: IT, Finance, Business stakeholders, Sourcing/Procurement, Vendor management

    1. Collect from the evaluation team all scorecards and any associated questions requiring further clarification from the vendor(s). Consolidate the scorecards into one for presentation to the team and key decision makers.
    2. Present the final scores to the team, with the pricing evaluation, to determine, based on your needs, two or three finalists that will move forward to the next steps of negotiations.
    3. Discuss any scores that are have large gaps, e.g., a requirement with a score of one from one evaluator and the same requirement with a score five from different evaluator.
    4. Arrive at a consensus of your top one or two potential vendors.
    5. Determine any required follow-up actions with the vendors and include them in the Evaluation Summary.

    Download the Consolidated Vender RFP Response Evaluation Summary

    4.6.5 Vendor Recommendation Presentation

    1-3 hours
    1. Use the Vendor Recommendation Presentation to present your finalist and obtain final approval to negotiate and execute any agreements.
    2. The Vendor Recommendation Presentation provides leadership with:
      1. An overview of the RFP, its primary goals, and key requirements
      2. A summary of the vendors invited to participate and why
      3. A summary of each component of the RFP
      4. A side-by-side comparison of key vendor responses to each of the key/primary requirements, with ranking/weighting results
      5. A summary of the vendor’s responses to key legal terms
      6. A consolidated summary of the vendors’ pricing, augmented by the TCO calculations for the finalist(s).
      7. The RFP team’s vendor recommendations based on its findings
      8. A summary of next steps with dates
      9. Request approval to proceed to next steps of negotiations with the primary and secondary vendor

    Download the Vendor Recommendation Presentation

    4.6.5 Vendor Recommendation Presentation

    Input

    • Consolidated RFP responses, with a focus on key RFP goals
    • Consolidated pricing responses
    • TCO Model completed, approved by Finance, stakeholders

    Output

    • Presentation deck summarizing the key findings of the RFP results, cost estimates and TCO and the recommendation for approval to move to contract negotiations with the finalists

    Materials

    • Consolidated RFP responses, including legal requirements
    • Consolidated pricing
    • TCO Model
    • Evaluators scoring results

    Participants

    • IT
    • Finance
    • Business stakeholders
    • Legal
    • Sourcing/Procurement

    Caution: Configure templates and tools to align with RFP objectives

    Templates and tools are invaluable assets to any RFP process

    • Leveraging templates and tools saves time and provides consistency to your vendors.
    • Maintain a common repository of your templates and tools with different versions and variations. Include a few sentences with instructions on how to use the template and tools for team members who might not be familiar with them.

    Templates/Tools

    RFP templates and tools are found in a variety of places, such as previous projects, your favorite search engine, or by asking a colleague.

    Sourcing

    Regardless of the source of these documents, you must take great care and consideration to sanitize any reference to another vendor, company, or name of the deal.

    Review

    Then you must carefully examine the components of the deal before creating your final documents.

    Popular RFP templates include:

    • RFP documents
    • Pricing templates
    • Evaluation and scoring templates
    • RFP requirements
    • Info-Tech research

    Phase 5

    Negotiate Agreement(s)

    Steps

    5.1 Perform negotiation process

    Steps in an RFP Process with the fifth step, 'Negotiate Agreement', highlighted.

    This phase involves the following participants:

    • Procurement
    • Vendor management
    • Legal
    • IT stakeholders
    • Finance

    Outcomes of this phase

    A negotiated agreement or agreements that are a result of competitive negotiations.

    Negotiate Agreement(s)

    Phase 1 Phase 2 Phase 3 Phase 4 Phase 5 Phase 6 Phase 7

    Negotiate Agreement

    You should evaluate your RFP responses first to see if they are complete and the vendor followed your instructions.


    Then you should:

    • Plan negotiation(s) with one or more vendors based on your questions and opportunities identified during evaluation.
    • Select finalist(s).
    • Apply selection criteria.
    • Resolve vendors’ exceptions.

    Info-Tech Insight

    Be certain to include any commitments made in the RFP, presentations, and proposals in the agreement – dovetails to underperforming vendor.

    Centerpiece of the table, titled 'Negotiation Process'.

    Leverage Info-Tech's negotiation process research for additional information

    Negotiate before you select your vendor:
    • Negotiating with two or more vendors will maintain your competitive leverage while decreasing the time it takes to negotiate the deal.
    • Perform legal reviews as necessary.
    • Use sound competitive negotiations principles.

    Info-Tech Insight

    Providing contract terms in an RFP can dramatically reduce time for this step by understanding the vendor’s initial contractual position for negotiation.

    Phase 6

    Purchase Goods and Services

    Steps

    6.1 Purchase Goods & Services

    Steps in an RFP Process with the sixth step, 'Purchase Goods and Services', highlighted.

    This phase involves the following participants:

    • Procurement
    • Vendor management
    • IT stakeholders

    Outcomes of this phase

    A purchase order that completes the RFP process.

    The beginning of the vendor management process.

    Purchase Goods and Services

    Phase 1 Phase 2 Phase 3 Phase 4 Phase 5 Phase 6 Phase 7

    Purchase Goods and Services

    Prepare to purchase goods and services

    Prepare to purchase goods and services by completing all items on your organization’s onboarding checklist.
    • Have the vendor complete applicable tax forms.
    • Set up the vendor in accounts payable for electronic payment (ACH) set-up.
    Then transact day-to-day business:
    • Provide purchasing forecasts.
    • Complete applicable purchase requisition and purchase orders. Be sure to reference the agreement in the PO.
    Stock image of a computer monitor with a full grocery cart shown on the screen.

    Info-Tech Insight

    As a customer, honoring your contractual obligations and commitments will ensure that your organization is not only well respected but considered a customer of choice.

    Phase 7

    Assess and Measure Performance

    Steps

    7.1 Assess and measure performance against the agreement

    Steps in an RFP Process with the seventh step, 'Assess and Measure Performance', highlighted.

    This phase involves the following participants:

    • Vendor management
    • Business stakeholders
    • Senior leadership (as needed)
    • IT stakeholders
    • Vendor representatives & senior management

    Outcomes of this phase

    A list of what went well during the period – it’s important to recognize successes

    A list of areas needing improvement that includes:

    • A timeline for each item to be completed
    • The team member(s) responsible

    Purchase Goods and Services

    Phase 1 Phase 2 Phase 3 Phase 4 Phase 5 Phase 6 Phase 7

    Assess and Measure Performance

    Measure to manage: the job doesn’t end when the contract is signed.

    • Classify vendor
    • Assess vendor performance
    • Manage improvement
    • Conduct periodic vendor performance reviews or quarterly business reviews
    • Ensure contract compliance for both the vendor and your organization
    • Build knowledgebase for future
    • Re-evaluate and improve appropriately your RFP processes

    Info-Tech Insight

    To be an objective vendor manager, you should also assess and measure your company’s performance along with the vendor’s performance.

    Summary of Accomplishment

    Problem Solved

    Upon completion of this blueprint, guided implementation, or workshop, your team should have a comprehensive, well-defined end-to-end approach to performing a quality sourcing event. Leverage Info-Tech’s industry-proven tools and templates to provide your organization with an effective approach to maintain your negotiation leverage, improve the ease with which you evaluate vendor proposals, and reduce your risk while obtaining the best market value for your goods and services.

    Additionally, your team will have a foundation to execute your vendor management principles. These principles will assist your organization in ensuring you receive the perceived value from the vendor as a result of your competitive negotiations.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    Final Thoughts: RFP Do’s and Don’ts

    DO

    • Leverage your team’s knowledge
    • Document and explain your RFP process to stakeholders and vendors
    • Include contract terms in your RFP
    • Consider vendor management requirements up front
    • Plan to measure and manage performance after contract award leveraging RFP objectives
    • Seek feedback from the RFP team for process improvements

    DON'T

    • Reveal your budget
    • Do an RFP in a vacuum
    • Send an RFP to a vendor your team is not willing to award the business to
    • Hold separate conversations with candidate vendors during your RFP process
    • Skimp on the requirements definition to speed the process
    • Tell the vendor they are selected before negotiating

    Bibliography

    “2022 RFP Response Trends & Benchmarks.” Loopio, 2022. Web.

    Corrigan, Tony. “How Much Does it Cost to Respond to an RFP?” LinkedIn, March 2017. Accessed 10 Dec. 2019

    “Death by RFP:7 Reasons Not to Respond.” Inc. Magazine, 2013. Web.

    Jeffery, Steven, George Bordon, and Phil Bode. The Art of Creating a Quality RFP, 3rd ed. Info-Tech Research Group, 2019.

    “RFP Benchmarks: How Much Time and Staff Firms Devote to Proposals.” MarketingProfs, 2020. Web.

    “State of the RFP 2019.” Bonfire, 2019. Web.

    “What Vendors Want (in RFPs).” Vendorful, 2020. Web.

    Related Info-Tech Research

    Stock photo of two people looking at a tablet. Prepare for Negotiations More Effectively
    • Negotiations are about allocating risk and money – how much risk is a party willing to accept at what price point?
    • Using a cross-functional/cross-insight team structure for negotiation preparation yields better results.
    • Soft skills aren’t enough and theatrical negotiation tactics aren’t effective.
    Stock photo of two people in suits shaking hands. Understand Common IT Contract Provisions to Negotiate More Effectively
    • Focus on the terms and conditions, not just the price. Too often, organizations focus on the price contained within their contracts, neglecting to address core terms and conditions that can end up costing multiples of the initial price.
    • Lawyers can’t ensure you get the best business deal. Lawyers tend to look at general terms and conditions for legal risk and may not understand IT-specific components and business needs.
    Stock photo of three people gathered around a computer. Jump Start Your Vendor Management Initiative
    • Vendor management must be an IT strategy. Solid vendor management is an imperative – IT organizations must develop capabilities to ensure that services are delivered by vendors according to service-level objectives and that risks are mitigated according to the organization's risk tolerance.
    • Visibility into your IT vendor community. Understand how much you spend with each vendor and rank their criticality and risk to focus on the vendors you should be concentrating on for innovative solutions.

    Contact Tymans Group

    We're here to get your IT Operations performant and resilient

    We have the highest respect for your person. We contact you only with responses to your questions. Our company ethics insist on transparency and honesty.

    Continue reading

    Build Your Enterprise Innovation Program

    • Buy Link or Shortcode: {j2store}104|cart{/j2store}
    • member rating overall impact: 10.0/10 Overall Impact
    • member rating average dollars saved: $100,000 Average $ Saved
    • member rating average days saved: 10 Average Days Saved
    • Parent Category Name: Innovation
    • Parent Category Link: /innovation
    • You don’t know where to start when it comes to building an innovation program for your organization.
    • You need to create a culture of innovation in your business, department, or team.
    • Past innovation efforts have been met with resistance and cynicism.
    • You don’t know what processes you need to support business-led innovation.

    Our Advice

    Critical Insight

    Innovation is about people, not ideas or processes. Innovation does not require a formal process, a dedicated innovation team, or a large budget; the most important success factor for innovation is culture. Companies that facilitate innovative behaviors like growth mindset, collaboration, and taking smart risks are most likely to see the benefits of innovation.

    Impact and Result

    • Outperform your peers by 30% by adopting an innovative approach to your business.
    • Move quickly to launch your innovation practice and beat the competition.
    • Develop the skills and capabilities you need to sustain innovation over the long term.

    Build Your Enterprise Innovation Program Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build Your Enterprise Innovation Program Storyboard – A step-by-step process to create the innovation culture, processes, and tools you need for business-led innovation.

    This storyboard includes three phases and nine activities that will help you define your purpose, align your people, and build your practice.

    • Build Your Enterprise Innovation Program – Phases 1-3

    2. Innovation Program Template – An executive communication deck summarizing the outputs from this research.

    Use this template in conjunction with the activities in the main storyboard to create and communicate your innovation program. This template uses sample data from a fictional retailer, Acme Corp, to illustrate an ideal innovation program summary.

    • Innovation Program Template

    3. Job Description – Chief Innovation Officer

    This job description can be used to hire your Chief Innovation Officer. There are many other job descriptions available on the Info-Tech website and referenced within the storyboard.

    • Chief Innovation Officer

    4. Innovation Ideation Session Template – Use this template to facilitate innovation sessions with the business.

    Use this framework to facilitate an ideation session with members of the business. Instructions for how to customize the information and facilitate each section is included within the deck.

    • Innovation Ideation Session Template

    5. Initiative Prioritization Workbook – Use this spreadsheet template to easily and transparently prioritize initiatives for pilot.

    This spreadsheet provides an analytical and transparent method to prioritize initiatives based on weighted criteria relevant to your business.

    • Initiative Prioritization Workbook

    Infographic

    Workshop: Build Your Enterprise Innovation Program

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Your Ambitions

    The Purpose

    Define your innovation ambitions.

    Key Benefits Achieved

    Gain a better understanding of why you are innovating and what your organization will gain from an innovation program.

    Activities

    1.1 Understand your innovation mandate.

    1.2 Define your innovation ambitions.

    1.3 Determine value proposition & metrics.

    Outputs

    Complete the "Our purpose" section of the Innovation Program Template

    Complete "Vision and guiding principles" section

    Complete "Scope and value proposition" section

    Success metrics

    2 Align Your People

    The Purpose

    Build a culture, operating model, and team that support innovation.

    Key Benefits Achieved

    Develop a plan to address culture gaps and identify and implement your operating model.

    Activities

    2.1 Foster a culture of innovation.

    2.2 Define your operating model.

    Outputs

    Complete "Building an innovative culture" section

    Complete "Operating model" section

    3 Develop Your Capabilities

    The Purpose

    Create the capability to facilitate innovation.

    Key Benefits Achieved

    Create a resourcing plan and prioritization templates to make your innovation program successful.

    Activities

    3.1 Build core innovation capabilities.

    3.2 Develop prioritization criteria.

    Outputs

    Team structure and resourcing requirements

    Prioritization spreadsheet template

    4 Build Your Program

    The Purpose

    Finalize your program and complete the final deliverable.

    Key Benefits Achieved

    Walk away with a complete plan for your innovation program.

    Activities

    4.1 Define your methodology to pilot projects.

    4.2 Conduct a program retrospective.

    Outputs

    Complete "Operating model" section in the template

    Notable wins and goals

    Further reading

    Build Your Enterprise Innovation Program

    Transform your business by adopting the culture and practices that drive innovation.

    Analyst Perspective

    Innovation is not about ideas, it's about people.

    Many organizations stumble when implementing innovation programs. Innovation is challenging to get right, and even more challenging to sustain over the long term.

    One of the common stumbling blocks we see comes from organizations focusing more on the ideas and the process than on the culture and the people needed to make innovation a way of life. However, the most successful innovators are the ones which have adopted a culture of innovation and reinforce innovative behaviors across their organization. Organizational cultures which promote growth mindset, trust, collaboration, learning, and a willingness to fail are much more likely to produce successful innovators.

    This research is not just about culture, but culture is the starting point for innovation. My hope is that organizations will go beyond the processes and methodologies laid out here and use this research to dramatically improve their organization's performance.

    Kim Rodriguez

    Kim Osborne Rodriguez
    Research Director, CIO Advisory
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    As a leader in your organization, you need to:

    • Understand your organization's innovation goals.
    • Create an innovation program or structure.
    • Develop a culture of innovation across your team or organization.
    • Demonstrate an ability to innovate and grow the business.

    Common Obstacles

    In the past, you might have experienced one or more of the following:

    • Innovation initiatives lose momentum.
    • Cynicism and distrust hamper innovation.
    • Innovation efforts are unfocused or don't provide the anticipated value.
    • Bureaucracy has created a bottleneck that stifles innovation.

    Info-Tech's Approach

    This blueprint will help you:

    • Understand the different types of innovation.
    • Develop a clear vision, scope, and focus.
    • Create organizational culture and behaviors aligned with your innovation ambitions.
    • Adopt an operational model and methodologies best suited for your culture, goals, and budget.
    • Successfully run a pilot program.

    Info-Tech Insight

    There is no single right way to approach innovation. Begin with an understanding of your innovation ambitions, your existing culture, and the resources available to you, then adopt the innovation operating model that is best suited to your situation.

    Note: This research is written for the individual who is leading the development of the innovation. This role is referred to as the Chief Innovation Officer (CINO) throughout this research but could be the CIO, CTO, IT director, or another business leader.

    Why is innovation so challenging?

    Most organizations want to be innovative, but very few succeed.

    • Bureaucracy slows innovation: Innovation requires speed – it is important to fail fast and early so you can iterate to improve the final solution. Small, agile organizations like startups tend to be more risk tolerant and can move more quickly to iterate on new ideas compared to larger organizations.
    • Change is uncomfortable: Most people are profoundly uncomfortable with failure, risk, and unknowns – three critical components of innovation. Humans are wired to think efficiently rather than innovatively, which leads to confirmation bias and lack of ingenuity.
    • You will likely fail: Innovation initiatives rarely succeed on the first try – Harvard Business Review estimates between 70% and 90% of innovation efforts fail. Organizations which are more tolerant of failure tend to be significantly more innovative than those which are not (Review of Financial Studies, 2014).

    Based on a survey of global innovation trends and practices:

    75%

    Three-quarters of companies say innovation is a top-three priority.
    Source: BCG, 2021

    30%

    But only 30% of executives say their organizations are doing it well.
    Source: BCG, 2019

    The biggest obstacles to innovation are cultural

    The biggest obstacles to innovation in large companies

    Based on a survey of 270 business leaders.
    Source: Harvard Business Review, 2018

    A bar graph from the Harvard Business Review

    The most common challenges business leaders experience relate to people and culture. Success is based on people, not ideas.

    Politics, turf wars, and a lack of alignment: territorial departments, competition for resources, and unclear roles are holding back the innovation efforts of 55% of respondents.

    FIX IT
    Senior leadership needs to be clear on the innovation goals and how business units are expected to contribute to them.

    Cultural issues: many large companies have a culture that rewards operational excellence and disincentivizes risk. A history of failed innovation attempts may result in significant resistance to new change efforts.

    FIX IT
    Cultural change takes time. Ensure you are rewarding collaboration and risk-taking, and hire people with fresh new perspectives.

    Inability to act on signals crucial to the future of the business: only 18% of respondents indicated their organization was unaware of disruptions, but 42% said they struggled with acting on leading indicators of change.

    FIX IT
    Build the ability to quickly run pilots or partner with startups and incubators to test out new ideas without lengthy review and approval processes.
    Source: Harvard Business Review, 2018

    Build Your Enterprise Innovation Program

    Define your purpose, assess your culture, and build a practice that delivers true innovation.

    An image summarizing how to define your purpose, align your people, and Build your Practice.
    1 Source: Boston Consulting Group, 2021
    2 Source: Boston Consulting Group, 2019
    3 Source: Harvard Business Review, 2018

    Use this research to outperform your peers

    A seven-year review showed that the most innovative companies outperformed the market by upwards of 30%.

    A line graph showing the Normalized Market Capitalization for 2020.

    Innovators are defined as companies that were listed on Fast Company World's 50 Most Innovative Companies for 2+ years.

    Innovation is critical to business success.

    A 25-year study by Business Development Canada and Statistics Canada showed that innovation was more important to business success than management, human resources, marketing, or finance.

    Executive brief case study

    INDUSTRY: Healthcare
    SOURCE: Interview

    Culture is critical

    This Info-Tech member is a nonprofit, community-based mental health organization located in the US. It serves about 25,000 patients per year in community, school, and clinic settings.

    This organization takes its innovation culture very seriously and has developed methodologies to assess individual and team innovation readiness as well as innovation types, which it uses to determine everyone's role in the innovation process. These assessments look at knowledge of and trust in the organization, its innovation profile, and its openness to change. Innovation enthusiasts are involved early in the process when it's important to dream big, while more pragmatic perspectives are incorporated later to improve the final solution.

    Results

    The organization has developed many innovative approaches to delivering healthcare. Notably, they have reimagined patient scheduling and reduced wait times to the extent that some patients can be seen the same day. They are also working to improve access to mental health care despite a shortage of professionals.

    Developing an Innovative Culture

    • Innovation Readiness Assessment
    • Coaching Specific to Innovation Profile
    • Innovation Enthusiasts Involved Early
    • Innovation Pragmatists Involved Later
    • High Success Rate of Innovation

    Define innovation roles and responsibilities

    A table showing key innovation roles and responsibilities.

    Info-Tech's methodology for building your enterprise innovation program

    1. Define Your Purpose

    2. Align Your People

    3. Build Your Practice

    Phase Steps

    1. Understand your mandate
    2. Define your innovation ambitions
    3. Determine value proposition and metrics
    1. Foster a culture of innovation
    2. Define your operating model
    3. Build core innovation capabilities
    1. Build your ideation and prioritization methodologies
    2. Define your pilot project methodology
    3. Conduct a program retrospective

    Phase Outcomes

    Understand where the mandate for innovation comes from, and what the drivers are for pursuing innovation. Define what innovation means to your organization, and set the vision, mission, and guiding principles. Articulate the value proposition and key metrics for measuring success.

    Understand what it takes to build an innovative culture, and what types of innovation structure are most suited to your innovation goals. Define an innovation methodology and build your core innovation capabilities and team.

    Gather ideas and understand how to assess and prioritize initiatives based on standardized metrics. Develop criteria for tracking and measuring the success of pilot projects and conduct a program retrospective.

    Innovation program taxonomy

    This research uses the following common terms:

    Innovation Operating Model
    The operating model describes how the innovation program delivers value to the organization, including how the program is structured, the steps from idea generation to enterprise launch, and the methodologies used.
    Examples: Innovation Hub, Grassroots Innovation.

    Innovation Methodology
    Methodologies describe the ways the operating model is carried out, and the approaches used in the innovation practice.
    Examples: Design Thinking, Weighted Criteria Scoring

    Chief Innovation Officer
    This research is written for the person or team leading the innovation program – this might be a CINO, CIO, or other leader in the organization.

    Innovation Team
    The innovation team may vary depending on the operating model, but generally consists of the individuals involved in facilitating innovation across the organization. This may be, but does not have to be, a dedicated innovation department.

    Innovation Program
    The program for generating ideas, running pilot projects, and building a business case to implement across the enterprise.

    Pilot Project
    A way of testing and validating a specific concept in the real world through a minimum viable product or small-scale implementation. The pilot projects are part of the overall pilot program.

    Insight summary

    Innovation is about people, not ideas or processes
    Innovation does not require a formal process, a dedicated innovation team, or a large budget; the most important success factor for innovation is culture. Companies that facilitate innovative behaviors like growth mindset, collaboration, and the ability to take smart risk are most likely to see the benefits of innovation.

    Very few are doing innovation well
    Only 30% of companies consider themselves innovative, and there's a good reason: innovation involves unknowns, risk, and failure – three situations that people and organizations typically do their best to avoid. Counter this by removing the barriers to innovation.

    Culture is the greatest barrier to innovation
    In a survey of 270 business leaders, the top three most common obstacles were politics, turf wars, and alignment; culture issues; and inability to act on signals crucial to the business (Harvard Business Review, 2018). If you don't have a supportive culture, your ability to innovate will be significantly reduced.

    Innovation is a means to an end
    It is not the end itself. Don't get caught up in innovation for the sake of innovation – make sure you are getting the benefits from your investments. Measurable success factors are critical for maintaining the long-term success of your innovation engine.

    Tackle wicked problems
    Innovative approaches are better at solving complex problems than traditional practices. Organizations that prioritize innovation during a crisis tend to outperform their peers by over 30% and improve their market position (McKinsey, 2020).

    Innovate or die
    Innovation is critical to business growth. A 25-year study showed that innovation was more important to business success than management, human resources, marketing, or finance (Statistics Canada, 2006).

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Sample Job Descriptions and Organization Charts

    Determine the skills, knowledge, and structure you need to make innovation happen.

    Sample Job Descriptions and Organization Charts

    Ideation Session Template

    Facilitate an ideation session with your staff to identify areas for innovation.

    Ideation Session Template

    Initiative Prioritization Workbook

    Evaluate ideas to identify those which are most likely to provide value.

    Prioritization Workbook

    Key deliverable:

    Enterprise Innovation Program Summary

    Communicate how you plan to innovate with a report summarizing the outputs from this research.

    Enterprise Innovation Program Summary

    Measure the value of this research

    US businesses spend over half a trillion dollars on innovation annually. What are they getting for it?

    • The top innovators(1) typically spend 5-15% of their budgets on innovation (including R&D).
    • This research helps organizations develop a successful innovation program, which delivers value to the organization in the form of new products, services, and methods.
    • Leverage this research to:
      • Get your innovation program off the ground quickly.
      • Increase internal knowledge and expertise.
      • Generate buy-in and excitement about innovation.
      • Develop the skills and capabilities you need to drive innovation over the long term.
      • Validate your innovation concept.
      • Streamline and integrate innovation across the organization.

    (1) based on BCG's 50 Most Innovative Companies 2022

    30%

    The most innovative companies outperform the market by 30%.
    Source: McKinsey & Company, 2020

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided implementation

    What does a typical guided implementation (GI) on this topic look like?

    Phase 0 Phase 1 Phase 2 Phase 3 Finish

    Call #1: Scope requirements, objectives, and your specific challenges.

    Call #2: Understand your mandate.
    (Activity 1.1)

    Call #3: Innovation vision, guiding principles, value proposition, and scope.
    (Activities 1.2 and 1.3)

    Call #4: Foster a culture of innovation. (Activity 2.1)

    Call #5: Define your methodology. (Activity 2.2)

    Call #6: Build core innovation capabilities. (Activity 2.3)

    Call #7: Build your ideation and pilot programs. (Activities 3.1 and 3.2)

    Call #8: Identify success metrics and notable wins. (Activity 3.3)

    Call #9: Summarize results and plan next steps.

    A GI is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 8 to 12 calls over the course of three to six months.

    Workshop overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Session 1 Session 2 Session 3 Session 4

    Wrap Up

    Activities

    Define Your Ambitions

    Align Your People

    Develop Your Capabilities

    Build Your Program

    Next Steps and
    Wrap Up (offsite)

    1. Understand your innovation mandate (complete activity prior to workshop)
    2. Define your innovation ambitions
    3. Determine value proposition and metrics
    1. Foster a culture of innovation
    2. Define your operating model
    1. Build core innovation capabilities
    2. Develop prioritization criteria
    1. Define your methodology to pilot projects
    2. Conduct a program retrospective
    1. Complete in-progress deliverables from previous four days
    2. Set up review time for workshop deliverables and to discuss next steps

    Deliverables

    1. Our purpose
    2. Message from the CEO
    3. Vision and guiding principles
    4. Scope and value proposition
    5. Success metrics
    1. Building an innovative culture
    2. Operating model
    1. Core capabilities and structure
    2. Idea evaluation prioritization criteria
    1. Program retrospective
    2. Notable wins
    3. Executive summary
    4. Next steps
    1. Completed enterprise innovation program
    2. An engaged and inspired team

    Phase 1: Define Your Purpose

    Develop a better understanding of the drivers for innovation and what success looks like.

    Purpose

    People

    Practice

    1. Understand your mandate
    2. Define your innovation ambitions
    3. Determine value proposition and metrics
    1. Foster a culture of innovation
    2. Define your operating model
    3. Build core innovation capabilities
    1. Build your ideation and prioritization methodologies
    2. Define your pilot project methodology
    3. Conduct a program retrospective

    This phase will walk you through the following activities:

    • Understand your innovation mandate, including its drivers, scope, and focus.
    • Define what innovation means to your organization.
    • Develop an innovation vision and guiding principles.
    • Articulate the value proposition and proposed metrics for evaluating program success.

    This phase involves the following participants:

    • CINO
    • Business executives

    Case study

    INDUSTRY: Transportation
    SOURCE: Interview

    ArcBest
    ArcBest is a multibillion-dollar shipping and logistics company which leverages innovative technologies to provide reliable and integrated services to its customers.

    An Innovative Culture Starts at the Top
    ArcBest's innovative culture has buy-in and support from the highest level of the company. Michael Newcity, ArcBest's CEO, is dedicated to finding better ways of serving their customers and supports innovation across the company by dedicating funding and resources toward piloting and scaling new initiatives.
    Having a clear purpose and mandate for innovation at all levels of the organization has resulted in extensive grassroots innovation and the development of a formalized innovation program.

    Results
    ArcBest has a legacy of innovation, going back to its early days when it developed a business intelligence solution before anything else existed on the market. It continues to innovate today and is now partnering with start-ups to further expand its innovation capabilities.

    "We don't micromanage or process-manage incremental innovation. We hire really smart people who are inspired to create new things and we let them run – let them create – and we celebrate it.
    Our dedication to innovation comes from the top – I am both the President and the Chief Innovation Officer, and innovation is one of my top priorities."

    Michael Newcity

    Michael Newcity
    President and Chief Innovation Officer ArcBest

    1.1 Understand your innovation mandate

    Before you can act, you need to understand the following:

    • Where is the drive for innovation coming from?
      The source of your mandate dictates the scope of your innovation practice – in general, innovating outside the scope of your mandate (i.e. trying to innovate on products when you don't have buy-in from the product team) will not be successful.
    • What is meant by "innovation"?
      There are many different definitions for innovation. Before pursuing innovation at your organization, you need to understand how it is defined. Use the definition in this section as a starting point, and craft your own definition of innovation.
    • What kind of innovation are you targeting?
      Innovation can be internal or external, emergent or deliberate, and incremental or radically transformative. Understanding what kind of innovation you want is the starting point for your innovation practice.

    The source of your mandate dictates the scope of your influence

    You can only influence what you can control.

    Unless your mandate comes from the CEO or Board of Directors, driving enterprise-wide innovation is very difficult. If you do not have buy-in from senior business leaders, use lighthouse projects and a smaller innovation practice to prove the value of innovation before taking on enterprise innovation.

    In order to execute on a mandate to build innovation, you don't just need buy-in. You need support in the form of resources and funding, as well as strong leadership who can influence culture and the authority to change policies and practices that inhibit innovation.

    For more resources on building relationships in your organization, refer to Info-Tech's Become a Transformational CIO blueprint.

    What is "innovation"?

    Innovation is often easier to recognize than define.

    Align on a useful definition of innovation for your organization before you embark on a journey of becoming more innovative.

    Innovation is the practice of developing new methods, products or services which provide value to an organization.

    Practice
    This does not have to be a formal process – innovation is a means to an end, not the end itself.

    New
    What does "new" mean to you?

    • New application of an existing method
    • Developing a completely original product
    • Adopting a service from another industry

    Value
    What does value mean to you? Look to your business strategy to understand what goals the organization is trying to achieve, then determine how "value" will be measured.

    Info-Tech Insight

    Some innovations are incremental, while some are radically transformative. Decide what kind of innovation you want to cultivate before developing your strategy.

    We can categorize innovation in three ways

    Evaluate your goals with respect to innovation: focus, strategy, and potential to transform.

    Focus: Where will you innovate?

    Focus

    Strategy: To what extent will you guide innovation efforts?

    Strategy

    Potential: How radical will your innovations be?

    Potential

    What are your ambitions?

    1. Develop a better understanding of what type of innovation you are trying to achieve by plotting out your goals on the categories on the left.
    2. All categories are independent of one another, so your goals may fall anywhere on the scales for each category.
    3. Understanding your innovation ambitions helps establish the operating model best suited for your innovation practice.
    4. In general, innovation which is more external, deliberate, and radical tends to be more centralized.

    Activity 1.1 Understand your innovation mandate

    1 hour

    1. Schedule a 30-minute discussion with the person (i.e. CEO) or group (i.e. Board of Directors) ultimately requesting the shift toward innovation. If there is no external party, then conduct this assessment yourself.
    2. Facilitate a discussion that addresses the following questions:
    • What is meant by "innovation"?
    • What are they hoping to achieve through innovation?
    • What is the innovation scope? Are any areas off-limits (i.e. org structure, new products, certain markets)?
    • What is the budget (i.e. people, money) they are willing to commit to innovation?
    • What type of innovation are they pursuing?
    1. Record this information and complete the "Our Purpose" section of the Innovation Program Template.

    Download the Innovation Program Template.

    Input

    • Knowledge of the key decision maker/sponsor for innovation

    Output

    • Understanding of the mandate for innovation, including definition, value, scope, budget, and type of innovation

    Materials

    • Innovation Program Template

    Participants

    • CINO
    • CEO, CTO, or Board of Directors (whoever is requesting/sponsoring the pursuit of innovation)

    1.2 Define your innovation ambitions

    Articulate your future state through a vision and guiding principles.

    • Vision and purpose make up the foundation on which all other design aspects will be based. These aspects should not be taken lightly, but rather they should be the force that aligns everyone to work toward a common outcome. It is incumbent on leaders to make them part of the DNA of the organization – to drive organization, structure, culture, and talent strategy.
    • Your vision statement is a future-focused statement that summarizes what you hope to achieve. It should be inspirational, ambitious, and concise.
    • Your guiding principles outline the guardrails for your innovation practice. What will your focus be? How will you approach innovation? What is off-limits?
    • Define the scope and focus for your innovation efforts. This includes what you can innovate on and what is off limits.

    Your vision statement is your North Star

    Articulate an ambitious, inspirational, and concise vision statement for your innovation efforts.

    A strong vision statement:

    • Is future-focused and outlines what you want to become and what you want to achieve.
    • Provides focus and direction.
    • Is ambitious, focused, and concise.
    • Answers: What problems are we solving? Who and what are we changing?

    Examples:

    • "We create radical new technologies to solve some of the world's hardest problems." – Google X, the Moonshot Factory
    • "To be the most innovative enterprise in the world." – 3M
    • "To use our imagination to bring happiness to millions of people." – Disney

    "Good business leaders create a vision, articulate the vision, passionately own the vision, and relentlessly drive it to completion." – Jack Welch, Former Chairman and CEO of GE

    Your guiding principles are the guardrails for creativity

    Strong guiding principles give your team the freedom and direction to innovate.

    Strong guiding principles:

    • Focus on the approach, i.e. how things are done, as opposed to what needs to be done.
    • Are specific to the organization.
    • Inform and direct decision making with actionable statements. Avoid truisms, general statements, and observations.
    • Are long-lasting and based on values, not solutions.
    • Are succinct and easily digestible.
    • Can be measured and verified.
    • Answers: How do we approach innovation? What are our core values

    Craft your guiding principles using these examples

    Encourage experimentation and risk-taking
    Innovation often requires trying new things, even if they might fail. We encourage experimentation and learn from failure, so that new ideas can be tested and refined.

    Foster collaboration and cross-functional teams
    Innovation often comes from the intersection of different perspectives and skill sets.

    Customer-centric
    Focus on creating value for the end user. This means understanding their needs and pain points, and using that knowledge to develop new methods, products, or services.

    Embrace diversity and inclusivity
    Innovation comes from a variety of perspectives, backgrounds, and experiences. We actively seek out and encourage diversity and inclusivity among our team members.

    Foster a culture of learning and continuous improvement
    Innovation requires continuous learning, development, and growth. We facilitate a culture that encourages learning and development, and that seeks feedback and uses it to improve.

    Flexible and adaptable
    We adapt to changes in the market, customer needs, and new technologies, so that it can continue to innovate and create value over time.

    Data-driven
    We use performance metrics and data to guide our innovation efforts.

    Transparency
    We are open and transparent in our processes and let the business needs guide our innovation efforts. We do not lead innovation, we facilitate it.

    Activity 1.2 Craft your vision statement and guiding principles

    1-2 hours

    1. Gather your innovation team and key program sponsors. Review the guidelines for creating vision statements and guiding principles, as well as your mandate and focus for innovation.
    2. As a group, discuss what you hope to achieve through your innovation efforts.
    3. Separately, have each person write down their ideas for a vision statement. Bring the group back together and share ideas. Group the concepts together and construct a single statement which outlines your aspirational vision.
    4. As a group, review the example guiding principles.
    5. Separately, have each person write down three to five guiding principles. Bring the group back together and share ideas. Group similar concepts together and consolidate duplicate ideas. From this list, construct six to eight guiding principles.
    6. Document your vision and guiding principles in the appropriate sections of the Innovation Program Template.

    Input

    • Understanding of your innovation mandate
    • Business vision, mission, and values
    • Sample vision statements and guiding principles

    Output

    • Vision statement
    • Guiding principles

    Materials

    • In person: Whiteboard/flip charts, sticky notes, pens, and notepads
    • Virtual: Consider using a shared document, virtual whiteboard, or online facilitation tool like MURAL
    • Innovation Program Template

    Participants

    • CINO
    • Innovation sponsors
    • Business leaders
    • Innovation team

    1.3 Determine your value proposition and metrics

    Justify the existence of the innovation program with a strong value proposition.

    • The value proposition for developing an innovation program will be different for each organization, depending on what the organization hopes to achieve. Consider your mandate for innovation as well as the type of innovation you are pursuing when crafting the value proposition.
    • Some of the reasons organizations may pursue innovation:
      • Business growth: Respond to market disruption; create new customers; take advantage of opportunities.
      • Branding: Create market differentiation; increase customer satisfaction and retention; adapt to customer needs.
      • Profitability: Improve products, services, or operations to increase competitiveness and profitability; develop more efficient processes.
      • Culture: Foster a culture of creativity and experimentation within the organization, encouraging employees to think outside the box.
      • Positive impact: Address social challenges such as poverty and climate change.

    Develop a strong value proposition for your innovation program

    Demonstrate the value to the business.

    A strong value proposition not only articulates the value that the business will derive from the innovation program but also provides a clear focus, helps to communicate the innovation goals, and ultimately drives the success of the program.

    Focus
    Prioritize and focus innovation efforts to create solutions that provide real value to the organization

    Communicate
    Communicate the mandate and benefits of innovation in a clear and compelling way and inspire people to think differently

    Measure Success
    Measure the success of your program by evaluating outcomes based on the value proposition

    Track appropriate success metrics for your innovation program

    Your success metrics should link back to your organizational goals and your innovation program's value proposition.

    Revenue Growth: Increase in revenue generated by new products or services.

    Market Share: Percentage of total market that the business captures as a result of innovation.

    Customer Satisfaction: Reviews, customer surveys, or willingness to recommend the company.

    Employee Engagement: Engagement surveys, performance, employee retention, or turnover.

    Innovation Output: The number of new products, services, or processes that have been developed.

    Return on Investment: Financial return on the resources invested in the innovation process.

    Social Impact: Number of people positively impacted, net reduction in emissions, etc.

    Time to Launch: The time it takes for a new product or service to go from idea to launch.

    Info-Tech Insight

    The total impact of innovation is often intangible and extremely difficult to capture in performance metrics. Focus on developing a few key metrics rather than trying to capture the full value of innovation.

    How much does innovation cost?

    Company Industry Revenue(2)
    (USD billions)
    R&D Spend
    (USD billions)
    R&D Spend
    (% of revenue)
    Apple Technology $394.30 $26.25 6.70%
    Microsoft Technology $203.10 $25.54 12.50%
    Amazon.com Retail $502.20 $67.71 13.40%
    Alphabet Technology $282.10 $37.94 13.40%
    Tesla Manufacturing $74.90 $3.01 4.00%
    Samsung Technology $244.39 (2021)(3) $19.0 (2021) 7.90%
    Moderna Pharmaceuticals $23.39 $2.73 11.70%
    Huawei Technology $99.9 (2021)4 Not reported -
    Sony Technology $83.80 Not reported -
    IBM Technology $60.50 $1.61 2.70%
    Meta Software $118.10 $32.61 27.60%
    Nike Commercial goods $49.10 Not reported -
    Walmart Retail $600.10 Not reported -
    Dell Technology $105.30 $2.60 2.50%
    Nvidia Technology $28.60 $6.85 23.90%


    The top innovators(1) in the world spend 5% to 15% of their revenue on innovation.

    Innovation requires a dedicated investment of time, money, and resources in order to be successful. The most innovative companies, based on Boston Consulting Group's ranking of the 50 most innovative companies in the world, spend significant portions of their revenue on research and development.

    Note: This data uses research and development as a proxy for innovation spending, which may overestimate the total spend on what this research considers true innovation.

    (1) Based on Boston Consulting Group's ranking of the 50 most innovative companies in the world, 2022
    (2) Macrotrends, based on the 12 months ending Sept 30, 2022
    (3) Statista
    (4) CNBC, 2022

    Activity 1.3 Develop your value proposition and performance metrics

    1 hour

    1. Review your mandate and vision statement. Write down your innovation goals and desired outcomes from pursuing innovation, prioritize the desired outcomes, and select the top five.
    2. For each desired outcome, develop one to two metrics which could be used to track its success. Some outcomes are difficult to track, so get creative when it comes to developing metrics. If you get stuck, think about what would differentiate a great outcome from an unsuccessful one.
    3. Once you have developed a list of three to five key metrics, read over the list and ensure that the metrics you have developed don't negatively influence your innovation. For example, a metric of the number of successful launches may drive people toward launching before a product is ready.
    4. For each metric, develop a goal. For example, you may target 1% revenue growth over the next fiscal year or 20% energy use reduction.
    5. Document your value proposition and key performance metrics in the appropriate sections of the Innovation Program Template.

    Input

    • Understanding of your innovation mandate
    • Vision statement

    Output

    • Value proposition
    • Performance metrics

    Materials

    • Innovation Program Template

    Participants

    • CINO

    Phase 2: Align Your People

    Create a culture that fosters innovative behaviors and puts processes in place to support them.

    Purpose

    People

    Practice

    1. Understand your mandate
    2. Define your innovation ambitions
    3. Determine value proposition and metrics
    1. Foster a culture of innovation
    2. Define your operating model
    3. Build core innovation capabilities
    1. Build your ideation and prioritization methodologies
    2. Define your pilot project methodology
    3. Conduct a program retrospective

    This phase will walk you through the following activities:

    • Understand the key aspects of innovative cultures, and the behaviors associated with innovation.
    • Assess your culture and identify gaps.
    • Define your innovation operating model based on your organizational culture and the focus for innovation.
    • Build your core innovation capabilities, including an innovation core team (if required based on your operating model).

    This phase involves the following participants:

    • CINO
    • Innovation team

    2.1 Foster a culture of innovation

    Culture is the most important driver of innovation – and the most challenging to get right.

    • Fostering a culture of innovation requires a broad approach which considers the perspectives of individuals, teams, leadership, and the overall organization.
    • If you do not have support from leadership, it is very difficult to change organizational culture. It may be more effective to start with an innovation pilot or lighthouse project in order to gain support before addressing your culture.
    • Rather than looking to change outcomes, focus on the behaviors which lead to innovation – such as growth mindset and willingness to fail. If these aren't in place, your ability to innovate will be limited.
    • This section focuses on the specific behaviors associated with increased innovation. For additional resources on implementing these changes, refer to Info-Tech's other research:

    Info-Tech's Fix Your IT Culture can help you promote innovative behaviors

    Refer to Improve IT Team Effectiveness to address team challenges

    Build a culture of innovation

    Focus on behaviors, not outcomes.

    The following behaviors and key indicators either stifle or foster innovation.

    Stifles Innovation Key Indicators Fosters Innovation Key Indicators
    Fixed mindset "It is what it is" Growth mindset "I wonder if there's a better way"
    Performance focused "It's working fine" Learning focused "What can we learn from this?"
    Fear of reprisal "I'll get in trouble" Psychological safety "I can disagree"
    Apathy "We've always done it this way" Curiosity "I wonder what would happen if…"
    Cynicism "It will never work" Trust "You have good judgement"
    Punishing failure "Who did this?" Willingness to fail "It's okay to make mistakes"
    Individualism "How does this benefit me?" Collaboration "How does this benefit us?"
    Homogeneity "We never disagree" Diversity and inclusion "We appreciate different views"
    Excessive bureaucracy "We need approval" Autonomy "I can do this"
    Risk avoidance "We can't try that" Appropriate risk-taking "How can we do this safely?"

    Ensure you are not inadvertently stifling innovation.
    Review the following to ensure that the desired behaviors are promoted:

    • Hiring practices
    • Performance evaluation metrics
    • Rewards and incentives
    • Corporate policies
    • Governance structures
    • Leadership behavior

    Case study

    INDUSTRY: Commercial Real Estate and Retail
    SOURCE: Interview

    How not to approach innovation.

    This anonymous national organization owned commercial properties across the country and had the goal of becoming the most innovative real estate and retail company in the market.

    The organization pursued innovation in the digital solutions space across its commercial and retail properties. Within this space, there were significant differences in risk tolerance across teams, which resulted in the more risk-tolerant teams excluding the risk-averse members from discussions in order to circumvent corporate policies on risk tolerance. This resulted in an adversarial and siloed culture where each group believed they knew better than the other, and the more risk-averse teams felt like they were policing the actions of the risk-tolerant group.

    Results

    Morale plummeted, and many of the organization's top people left. Unfortunately, one of the solutions did not meet regulatory requirements, and the company faced negative media coverage and legal action. There was significant reputational damage as a result.

    Lessons Learned

    Considering differences in risk tolerance and risk appetite is critical when pursuing innovation. While everyone doesn't have to agree, leadership needs to understand the different perspectives and ensure that no one party is dominating the conversation over the others. An understanding of corporate risk tolerance and risk appetite is necessary to drive innovation.

    All perspectives have a place in innovation. More risk tolerant perspectives should be involved early in the ideas-generation phase, and risk-averse perspectives should be considered later when ideas are being refined.

    Speed should not override safety or circumvent corporate policies.

    Understand your risk tolerance and risk appetite

    Evaluate and align the appetite for risk.

    • It is important to understand the organization's risk tolerance as well as the desire for risk. Consider the following risk categories when investigating the organization's views on risk:
      • Financial risk: the potential for financial or property loss.
      • Operational risk: the potential for disruptions to operations.
      • Reputational risk: the potential for negative impact to brand or reputation.
      • Compliance risk: the potential for loss due to non-compliance with laws and regulations.
    • Greater risk tolerance typically enables greater innovation. Understand the varying levels of risk tolerance across your organization, and how these differences might impact innovation efforts.

    An arrow showing the directions of risk tolerance.

    It is more important to match the level of risk tolerance to the degree of innovation required. Not all innovation needs to be (or can feasibly be) disruptive.
    Many factors impact risk tolerance including:

    • Regulation
    • Organization size
    • Country
    • Industry
    • Personal experience
    • Type of risk

    Use Info-Tech's Security Risk Management research to better understand risk tolerance

    Activity 2.1 Assess your innovation culture

    1-3 hours

    1. Review the behaviors which support and stifle innovation and give each behavior a score from 1 (stifling innovation) to 5 (fostering innovation). Any behaviors which fall below a 4 on this scale should be prioritized in your efforts to create an innovative culture.
    2. Review the following policies and practices to determine how they may be contributing to the behaviors you see in your organization:
      1. Hiring practices
      2. Performance evaluation metrics
      3. Rewards, recognition, and incentives
      4. Corporate policies
      5. Governance structures
      6. Leadership behavior
    3. Identify three concrete actions you can take to correct any behaviors which are stifling innovation. Examples might be revising a policy which punishes failure or changing performance incentives to reward appropriate risk taking.
    4. Summarize your findings in the appropriate section of the Innovation Program Template.

    Input

    • Innovation behaviors

    Output

    • Understanding of your organization's culture
    • Concrete actions you can take to promote innovation

    Materials

    • List of innovative behaviors
    • Relevant policies and documents to review
    • Innovation Program Template

    Participants

    • CINO

    2.2 Define your innovation model

    Set up your innovation practice for success using proven models and methodologies.

    • There are many ways to approach innovation, from highly distributed forms where it's just part of everyone's job to very centralized and arm's-length innovation hubs or even outsourced innovation via startups. You can combine different approaches to create your own approach.
    • You may or may not have a formal innovation team, but if you do, their role is to facilitate innovation – not lead it. Innovation is most effective when it is led by the business.
    • There are many tools and methodologies you can use to facilitate innovation. Choose the one (or combination) that best suits your needs.

    Select the right model

    There is no one right way to pursue innovation, but some methods are better than others for specific situations and goals. Consider your existing culture, your innovation goals, and your budget when selecting the right methodology for your innovation.

    Model Description Advantages Disadvantages Good when…
    Grassroots Innovation Innovation is the responsibility of everyone, and there is no centralized innovation team. Ideas are piloted and scaled by the person/team which produces it.
    • Can be used in any organization or team
    • Can support low or high degree of structure
    • Low funding requirement
    • Requires a strong innovation culture
    • Often does not produce results since people don't have time to focus on innovation
    • Innovation culture is strong
    • Funding is limited
    • Goal is internal, incremental innovation
    Community of Practice Innovation is led by a cross-divisional Community of Practice (CoP) which includes representation from across the business. Champions consult with their practice areas and bring ideas forward.
    • Bringing people together can help stimulate and share ideas
    • Low funding requirement
    • Able to support many types of innovation
    • Some people may feel left out if they can't be involved
    • May not produce results if people are too busy to dedicate time to innovate
    • Innovation culture is present
    • Funding is limited
    • Goal is incremental or disruptive innovation
    Innovation Enablement
    *Most often recommended*
    A dedicated innovation team with funding set aside to support pilots with a high degree of autonomy, with the role of facilitating business-led innovation.
    • Most flexible of all options
    • Supports business-led innovation
    • Can deliver results quickly
    • Can enable a higher degree of innovation
    • Requires dedicated staff and funding
    • Innovation culture is present
    • Funding is available
    • Goal is internal or external, incremental or radical innovation
    Center of Excellence Dedicated team responsible for leading innovation on behalf of the organization. Generally, has business relationship managers who gather ideas and liaise with the business.
    • Can deliver results quickly
    • Can offer a fresh perspective
    • Can enable a higher degree of innovation
    • Requires dedicated staff and funding
    • Is typically separate from the business
    • Results may not align with the business needs or have adequate input
    • Innovation culture is weak
    • Funding is significant
    • Goal is external, disruptive innovation
    Innovation Hub An arm's length innovation team is responsible for all or much of the innovation and may not interact much with the core business.
    • Can deliver results quickly
    • Can be extremely innovative
    • Expensive
    • Results may not align with the business needs or have adequate/any input
    • Innovation culture is weak
    • Funding is very significant
    • Goal is external, radical innovation
    Outsourced Innovation Innovation is outsourced to an external organization which is not linked to the primary organization. This can take the form of working with or investing in startups.
    • Can lead to more innovative ideas than internal innovation
    • Investments can become a diverse revenue stream if startups are successful
    • Innovation does not rely on culture
    • Higher risk of failure
    • Less control over goals or focus
    • Results may not align with the business needs or have any input from users
    • Innovation does not rely on culture
    • Funding is significant
    • Goal is external or internal, radical innovation

    Use the right methodologies to support different stages of your innovation process

    A chart showing methodologies to support different stages of the integration process.

    Adapted from Niklaus Gerber via Medium, 2022

    Methodologies are most useful when they are aligned with the goals of the innovation organization.

    For example, design thinking tends to be excellent for earlier innovation planning, while Agile can allow for faster implementation and launch of initiatives later in the process.

    Consider combining two or more methodologies to create a custom approach that best suits your organization's capabilities and goals.

    Sample methodologies

    A robust innovation methodology ensures that the process for developing, prioritizing, selecting, implementing, and measuring initiatives is aligned with the results you are hoping to achieve.

    Different types of problems (drivers for innovation) may necessitate different methodologies, or a combination of methodologies.

    Hackathon: An event which brings people together to solve a well-defined problem.

    Design Thinking: Creative approach that focuses on understanding the needs of users.

    Lean Startup: Emphasizes rapid experimentation in order to validate business hypotheses.

    Design Sprint: Five-day process for answering business questions via design, prototyping, and testing.

    Agile: Iterative design process that emphasizes project management and retrospectives.

    Three Horizons: Framework that looks at opportunities on three different time horizons.

    Innovation Ambition Matrix: Helps organizations categorize projects as part of the core offering, an adjacent offering, or completely new.

    Global Innovation Management: A process of identifying, developing and implementing new ideas, products, services, or processes using alternative thinking.

    Blue Ocean Strategy: A methodology that helps organizations identify untapped market space and create new markets via unique value propositions.

    Activity 2.2 Design your innovation model

    1-2 hours

    1. Think about the following factors which influence the design of your innovation practice:
      1. Existing organizational culture
      2. Available funding to support innovation
      3. Type of innovation you are targeting
    2. Review the innovation approaches, and identify which approach is most suitable for your situation. Note why this approach was selected.
    3. Review the innovation methodologies and research those of interest. Select two to five methodologies to use for your innovation practice.
    4. Document your decisions in the Innovation Program Template.

    Input

    • Understanding of your mandate and existing culture

    Output

    • Innovation approach
    • Selected methodologies

    Materials

    • Innovation Program Template

    Participants

    • CINO
    • Innovation team

    2.3 Build your core innovation capabilities

    Develop the skills, knowledge, and experience to facilitate successful innovation.

    • Depending on the approach you selected in step 2.2, you may or may not require a dedicated innovation team. If you do, use the job descriptions and sample organization charts to build it. If not, focus on developing key capabilities which are needed to facilitate innovation.
    • Diversity is key for successful innovation – ensure your team (formal or otherwise) includes diverse perspectives and backgrounds.
    • Use your guiding principles when hiring and training your team.
    • Focus on three core roles: evangelists, enablers, and experts.

    Focus on three key roles when building your innovation team

    Types of roles will depend on the purpose and size of the innovation team.

    You don't need to grow them all internally. Consider partnering with vendors and other organizations to build capabilities.

    Evangelists

    Visionaries who inspire, support, and facilitate innovation across the business. Their responsibilities are to drive the culture of innovation.

    Key skills and knowledge:

    • Strong communication skills
    • Relationship-building
    • Consensus-building
    • Collaboration
    • Growth mindset

    Sample titles:

    • CINO
    • Chief Transformation Officer
    • Chief Digital Officer
    • Innovation Lead
    • Business Relationship Manager

    Enablers

    Translate ideas into tangible business initiatives, including assisting with business cases and developing performance metrics.

    Key skills and knowledge:

    • Critical thinking skills
    • Business knowledge
    • Facilitation skills
    • Consensus-building
    • Relationship-building

    Sample titles:

    • Product Owner
    • Design Thinking Lead
    • Data Scientist
    • Business Analyst
    • Human Factors Engineer
    • Digital Marketing Specialist

    Experts

    Provide expertise in product design, delivery and management, and responsible for supporting and executing on pilot projects.

    Key skills and knowledge:

    • Project management skills
    • Technical expertise
    • Familiarity with emerging technologies
    • Analytical skills
    • Problem-solving skills

    Sample titles:

    • Product Manager
    • Scrum Master/Agile Coach
    • Product Engineer/DevOps
    • Product Designer
    • Emerging tech experts

    Sample innovation team structure (large enterprise)

    Visualize the whole value delivery process end-to-end to help identify the types of roles, resources, and capabilities required. These capabilities can be sourced internally (i.e. grow and hire internally) or through collaboration with centers of excellence, commercial partners, etc.

    A flow chart of a sample innovation team structure.

    Streamline your process by downloading Info-Tech's job description templates:

    Activity 2.3 Build your innovation team

    2-3 hours

    1. Review your work from the previous activities as well as the organizational structure and the job description templates.
    2. Start a list with two columns: currently have and needed. Start listing some of the key roles and capabilities from earlier in this step, categorizing them appropriately.
    3. If you are using an organizational structure for your innovation process, start to frame out the structure and roles for your team.
    4. Develop a list of roles you need to hire, and the key capabilities you need from candidates. Using the job descriptions, write job postings for each role.
    5. Record your work in the appropriate section of the Innovation Program Template.

    Input

    • Previous work
    • Info-Tech job description templates

    Output

    • List of capabilities required
    • Org chart
    • Job postings for required roles

    Materials

    • Note-taking capability
    • Innovation Program Template

    Participants

    • CINO

    Related Info-Tech Research

    Fix Your IT Culture

    • Promote psychological safety and growth mindset within your organization.
    • Develop the organizational behaviors that lead to innovation.

    Improve IT Team Effectiveness

    • Address behaviors, processes, and cultural factors which impact team effectiveness.
    • Grow the team's ability to address challenges and navigate volatile, uncertain, complex and ambiguous environments.

    Master Organizational Change Management Practices

    • Transformation and change are increasingly becoming the new normal. While this normality may help make people more open to change in general, specific changes still need to be planned, communicated, and managed. Agility and continuous improvement are good but can degenerate into volatility if change isn't managed properly.

    Phase 3: Build Your Practice

    Define your innovation process, streamline pilot projects, and scale for success.

    Purpose

    People

    Practice

    1. Understand your mandate
    2. Define your innovation ambitions
    3. Determine value proposition and metrics
    1. Foster a culture of innovation
    2. Define your operating model
    3. Build core innovation capabilities
    1. Build your ideation and prioritization methodologies
    2. Define your pilot project methodology
    3. Conduct a program retrospective

    This phase will walk you through the following activities:

    • Build the methodologies needed to elicit ideas from the business.
    • Develop criteria to evaluate and prioritize ideas for piloting.
    • Define your pilot program methodologies and processes, including criteria to assess and compare the success of pilot projects.
    • Conduct an end-of-year program retrospective to evaluate the success of your innovation program.

    This phase involves the following participants:

    • CINO
    • Innovation team

    Case study

    INDUSTRY: Government
    SOURCE: Interview

    Confidential US government agency

    The business applications group at this government agency strongly believes that innovation is key to progress and has instituted a formal innovation program as part of their agile operations. The group uses a Scaled Agile Framework (SAFe) with 2-week sprints and a 12-week program cycle.

    To support innovation across the business unit, the last sprint of each cycle is dedicated toward innovation and teams do not commit to any other during these two weeks. At the end of each innovation sprint, ideas are presented to leadership and the valuable ones were either implemented initially or were given time in the next cycle of sprints for further development. This has resulted in a more innovative culture across the practice.

    Results

    There have been several successful innovations since this process began. Notably, the agency had previously purchased a robotic process automation platform which was only being used for a few specific applications. One team used their innovation sprint to expand the use cases for this solution and save nearly 10,000 hours of effort.

    Standard 12-week Program Cycle
    An image of a standard 12-week program

    Design your innovation operating model to maximize value and learning opportunities

    Pilots are an iterative process which brings together innovators and business teams to test and evaluate ideas.

    Your operating model should include several steps including ideation, validation, evaluation and prioritization, piloting, and a retrospective which follows the pilot. Use the example on this slide when designing your own innovation operating model.

    An image of the design process for innovation operation model.

    3.1 Build your ideation and prioritization methodologies

    Engage the business to generate ideas, then prioritize based on value to the business.

    • There are many ways of generating ideas, from informal discussion to formal ideation sessions or submission forms. Whatever you decide to use, make sure that you're getting the right information to evaluate ideas for prioritization.
    • Use quantitative and qualitative metrics to evaluate ideas generated during the ideation process.
      • Quantitative metrics might include potential return on investment (ROI) or effort and resources required to implement.
      • Qualitative metrics might include alignment with the organizational strategy or the level of risk associated with the idea.

    Engage the business to generate ideas

    There are many ways of generating innovative ideas. Pick the methods that best suit your organization and goals.

    Design Thinking
    A structured approach that encourages participants to think creatively about the needs of the end user.

    An image including the following words: Empathize, Define; Ideate; Test.

    Ideation Workshop
    A formal session that is used to understand a problem then generate potential solutions. Workshops can incorporate the other methodologies (such as brainstorming, design thinking, or mind mapping) to generate ideas.

    • Define the problem
    • Generate ideas
    • Capture ideas
    • Evaluate and prioritize
    • Assign next steps

    Crowdsourcing
    An informal method of gathering ideas from a large group of people. This can be a great way to generate many ideas but may lack focus.

    Value Proposition Canvas
    A visual tool which helps to identify customer (or user) needs and design products and services that meet those needs.

    an image of the Value Proposition Canvas

    Evaluate ideas and focus on those with the greatest value

    Evaluation should be transparent and use both quantitative and qualitative metrics. The exact metrics used will depend on your organization and goals.

    It is important to include qualitative metrics as these dimensions are better suited to evaluating highly innovative ideas and can capture important criteria like alignment with overall strategy and feasibility.

    Develop 5 to 10 criteria that you can use to evaluate and prioritize ideas. Some criteria may be a pass/fail (for example, minimum ROI) and some may be comparative.

    Evaluate
    The first step is to evaluate ideas to determine if they meet the minimum criteria. This might include quantitative criteria like ROI as well as qualitative criteria like strategic alignment and feasibility.

    Prioritize
    Ideas that pass the initial evaluation should be prioritized based on additional criteria which might include quantitative criteria such as potential market size and cost to implement, and qualitative criteria such as risk, impact, and creativity.

    Quantitative Metrics

    Quantitative metrics are objective and easily comparable between initiatives, providing a transparent and data-driven process for evaluation and prioritization.
    Examples:

    • Potential market size
    • ROI
    • Net present value
    • Payback period
    • Number of users impacted
    • Customer acquisition cost
    • Customer lifetime value
    • Breakeven analysis
    • Effort required to implement
    • Cost to implement

    Qualitative Metrics

    Qualitative metrics are less easily comparable but are equally important when it comes to evaluating ideas. These should be developed based on your organization strategy and innovation goals.
    Examples:

    • Strategy alignment
    • Impact on users
    • Uncertainty and risk
    • Innovation potential
    • Culture impact
    • Feasibility
    • Creativity and originality
    • Type of innovation

    Activity 3.1 Develop prioritization metrics

    1-3 hours

    1. Review your mandate, purpose, innovation goals and the sample prioritization and evaluation metrics.
    2. Write down a list of your goals and their associated metrics, then prioritize which are the most important.
    3. Determine which metrics will be used to evaluate ideas before they move on to the prioritization stage, and which metrics will be used to compare initiatives in order to determine which will receive further investment.
    4. For each evaluation metric, determine the minimum threshold required for an idea to move forward. For each prioritization metric identify the definition and how it will be evaluated. Qualitative metrics may require more precise definitions than quantitative metrics.
    5. Enter your metrics into the Initiative Prioritization Template.

    Input

    • Innovation mandate
    • Innovation goals
    • Sample metrics

    Output

    • Evaluation and prioritization metrics for ideas

    Materials

    • Whiteboard/Flip charts
    • Innovation Program Template

    Participants

    • Innovation leader

    Download the Initiative Prioritization Template

    3.2 Build your program to pilot initiatives

    Test and refine ideas through real-world pilot projects.

    • The purpose of your pilot is to test and refine ideas in the real world. In order to compare pilot projects, it's important to track key performance indicators throughout the pilot. Measurements should be useful and comparable.
    • Innovation facilitators are responsible for supporting pilot projects, including designing the pilot, setting up metrics, tracking outcomes, and facilitating retrospectives.
    • Pilots generally follow an Agile methodology where ideas may be refined as the pilot proceeds, and the process iterates until either the idea is discarded or it has been refined into an initiative which can be scaled.
    • Expect that most pilots will fail the first time, and many will fail completely. This is not a loss; lessons learned from the retrospective can be used to improve the process and later pilots.

    Use pilot projects to test and refine initiatives before scaling to the rest of the organization

    "Learning is as powerful as the outcome." – Brett Trelfa, CIO, Arkansas Blue Cross

    1. Clearly define the goals and objectives of the pilot project. Goals and objectives ensure that the pilot stays on track and can be measured.
    2. Your pilot group should include a variety of participants with diverse perspectives and skill sets, in order to gather unique insights.
    3. Continuously track the progress of the pilot project. Regularly identify areas of improvement and implement changes as necessary to refine ideas.
    4. Regularly elicit feedback from participants and iterate in order to improve the final innovation. Not all pilots will be successful, but every failure can help refine future solutions.
    5. Consider scalability. If the pilot project is successful, it should be scalable and the lessons learned should be implemented in the larger organization.

    Sample pilot metrics

    Metrics are used to validate and test pilot projects to ensure they deliver value. This is an important step before scaling to the rest of the organization.

    Adoption: How many end users have adopted the pilot solution?

    Utilization: Is the solution getting utilized?

    Support Requests: How many support requests have there been since the pilot was initiated?

    Value: Is the pilot delivering on the value that it proposed? For example, time savings.

    Feasibility: Has the feasibility of the solution changed since it was first proposed?

    Satisfaction: Focus groups or surveys can provide feedback on user/customer satisfaction.

    A/B Testing: Compare different methods, products or services.

    Info-Tech Insight

    Ensure standard core metrics are used across all pilot projects so that outcomes can be compared. Additional metrics may be used to refine and test hypotheses through the pilot process.

    Activity 3.2 Build your program to pilot initiatives

    1-2 hours

    1. Gather the innovation team and review your mandate, purpose, goals, and the sample innovation operating model and metrics.
    2. As a group, brainstorm the steps needed from idea generation to business case. Use sticky notes if in person, or a collaboration tool if remote.
    3. Determine the metrics that will be used to evaluate ideas at each decision step (for example, prior to piloting). Outline what the different decisions might be (for example, proceed, refine or discard) and what happens as a result of each decision.
    4. Document your final steps and metrics in the Innovation Program Template.

    Input

    • Innovation mandate
    • Innovation goals
    • Sample metrics

    Output

    • Pilot project methodology
    • Pilot project metrics

    Materials

    • Innovation Program Template
    • Sticky notes (in person) or digital collaboration tool (if remote)

    Participants

    • Innovation leader
    • Innovation team

    3.3 Conduct a program retrospective

    Generate value from your successful pilots by scaling ideas across the organization.

    • The final step in the innovation process is to scale ideas to the enterprise in order to realize the full potential.
    • Keeping track of notable wins is important for showing the value of the innovation program. Track performance of initiatives that come out of the innovation program, including their financial, cultural, market, and brand impacts.
    • Track the success of the innovation program itself by evaluating the number of ideas generated, the number of pilots run and the success of the pilots. Keep in mind that many failed pilots is not a failure of the program if the lessons learned were valuable.
    • Complete an innovation program retrospective every 6 to 12 months in order to adjust and make any changes if necessary to improve your process.

    Retrospectives should be objective, constructive, and action-oriented

    A retrospective is a review of your innovation program with the aim of identifying lessons learned, areas for improvement, and opportunities for growth.

    During a retrospective, the team will reflect on past experiences and use that information to inform future decision making and improve outcomes.

    The goal of a retrospective is to learn from the past and use that knowledge to improve in the future.

    Objective

    Ensure that the retrospective is based on facts and objective data, rather than personal opinions or biases.

    Constructive

    Ensure that the retrospective is a positive and constructive experience, with a focus on finding solutions rather than dwelling on problems.

    Action-Oriented

    The retrospective should result in a clear action plan with specific steps to improve future initiatives.

    Activity 3.3 Conduct a program retrospective

    1-2 hours

    1. Post a large piece of paper on the wall with a timeline from the last year. Include dates and a few key events, but not much more. Have participants place sticky notes in the spots to describe notable wins or milestones that they were proud of. This can be done as part of a formal meeting or asynchronously outside of meetings.
    2. Bring the innovation team together and review the poster with notable wins. Do any themes emerge? How does the team feel the program is doing? Are there any changes needed?
    3. Consider the metrics you use to track your innovation program success. Did the scaled projects meet their targets? Is there anything that could be refined about the innovation process?
    4. Evaluate the outcomes of your innovation program. Did it meet the targets set for it? Did the goals and innovation ambitions come to fruition?
    5. Complete this step every 6 to 12 months to assess the success of your program.
    6. Complete the "Notable Wins" section of the Innovation Program Template.

    Input

    • Innovation mandate
    • Innovation goals
    • Sample metrics

    Output

    • Notable wins
    • Action items for refining the innovation process

    Materials

    • Innovation Program Template
    • Sticky notes (in person) or digital collaboration tool (if remote)

    Participants

    • CIO
    • Innovation team
    • Others who have participated in the innovation process

    Related Info-Tech Research

    Adopt Design Thinking in Your Organization

    • A user's perspective while interacting with the products and services is very different from the organization's internal perspective while implementing and provisioning those. A design-based organization balances the two perspectives to drive user-satisfaction over end-to-end journeys.

    Prototype With an Innovation Design Sprint

    • Build and test a prototype in four days using Info-Tech's Innovation Design Sprint Methodology.
    • Create an environment for co-creation between IT and the business.

    Fund Innovation With a Minimum Viable Business Case

    • Our approach guides you through effectively designing a solution, de-risking a project through impact reduction techniques, building and pitching the case for your project, and applying the business case as a mechanism to ensure that benefits are realized.

    Summary of Accomplishment

    Congratulations on launching your innovation program!

    You have now completed your innovation strategy, covering the following topics:

    • Executive Summary
    • Our Purpose
    • Scope and Value Proposition
    • Guiding Principles
    • Building an Innovative Culture
    • Program Structure
    • Success Metrics
    • Notable Wins

    If you would like additional support, have our analysts guide you through an Info-Tech workshop or Guided Implementation.

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Related Info-Tech Research

    Accelerate Digital Transformation With a Digital Factory

    • Understand the foundations of good design: purpose, organizational support, and leadership.
    • Understand the design of the operating model: structure and organization, management practices, culture, environment, teams, technology platforms, and meaningful metrics and KPIs.

    Sustain and Grow the Maturity of Innovation in Your Enterprise

    • Unlock your innovation potential by looking at your innovation projects on both a macro and micro level.
    • Innovation capacity is directly linked with creativity; allow your employees' creativity to flourish using Info-Tech's positive innovation techniques.

    Define Your Digital Business Strategy

    • Design a strategy that applies innovation to your business model, streamline and transform processes, and make use of technologies to enhance interactions with customers and employees.
    • Create a balanced roadmap that improves digital maturity and prepares you for long-term success in a digital economy.

    Research Contributors and Experts

    Kim Osborne Rodriguez

    Kim Osborne Rodriguez
    Research Director, CIO Advisory
    Info-Tech Research Group

    Kim is a professional engineer and Registered Communications Distribution Designer with over a decade of experience in management and engineering consulting spanning healthcare, higher education, and commercial sectors. She has worked on some of the largest hospital construction projects in Canada, from early visioning and IT strategy through to design, specifications, and construction administration. She brings a practical and evidence-based approach, with a track record of supporting successful projects.
    Kim holds a Bachelor's degree in Mechatronics Engineering from University of Waterloo.

    Joanne Lee

    Joanne Lee
    Principal Research Director, CIO Advisory
    Info-Tech Research Group

    Joanne is an executive with over 25 years of experience in digital technology and management consulting across both public and private entities from solution delivery to organizational redesign across Canada and globally.
    Prior to joining Info-Tech Research Group, Joanne was a management consultant within KPMG's CIO management consulting services and the Western Canadas Digital Health Practice lead. She has held several executive roles in the industry with the most recent position as Chief Program Officer for a large $450M EHR implementation. Her expertise spans cloud strategy, organizational design, data and analytics, governance, process redesign, transformation, and PPM. She is passionate about connecting people, concepts, and capital.
    Joanne holds a Master's in Business and Health Policy from the University of Toronto and a Bachelor of Science (Nursing) from the University of British Columbia.

    Jack Hakimian

    Jack Hakimian
    Senior Vice President
    Info-Tech Research Group

    Jack has more than 25 years of technology and management consulting experience. He has served multi-billion-dollar organizations in multiple industries including Financial Services and Telecommunications. Jack also served a number of large public sector institutions.
    He is a frequent speaker and panelist at technology and innovation conferences and events and holds a Master's degree in Computer Engineering as well as an MBA from the ESCP-EAP European School of Management.

    Michael Tweedie

    Michael Tweedie
    Practice Lead, CIO Strategy
    Info-Tech Research Group

    Mike Tweedie brings over 25 years as a technology executive. He's led several large transformation projects across core infrastructure, application, and IT services as the head of Technology at ADP Canada. He was also the Head of Engineering and Service Offerings for a large French IT services firm, focused on cloud adoption and complex ERP deployment and management.
    Mike holds a Bachelor's degree in Architecture from Ryerson University.

    Mike Schembri

    Mike Schembri
    Senior Executive Advisor
    Info-Tech Research Group

    Mike is the former CIO of Fuji Xerox Australia and has 20+ years' experience serving IT and wider business leadership roles. Mike has led technical and broader business service operations teams to value and growth successfully in organizations ranging from small tech startups through global IT vendors, professional service firms, and manufacturers.
    Mike has passion for strategy and leadership and loves working with individuals/teams and seeing them grow.

    John Leidl

    John Leidl
    Senior Director, Member Services
    Info-Tech Research Group

    With over 35 years of IT experience, including senior-level VP Technology and CTO leadership positions, John has a breadth of knowledge in technology innovation, business alignment, IT operations, and business transformation. John's experience extends from start-ups to corporate enterprise and spans higher education, financial services, digital marketing, and arts/entertainment.

    Joe Riley

    Joe Riley
    Senior Workshop Director
    Info-Tech Research Group

    Joe ensures our members get the most value out of their Info-Tech memberships by scoping client needs, current state and desired business outcomes, and then drawing upon his extensive experience, certifications, and degrees (MBA, MS Ops/Org Mgt, BS Eng/Sci, ITIL, PMP, Security+, etc.) to facilitate our client's achievement of desired and aspirational business outcomes. A true advocate of ITSM, Joe approaches technology and technology practices as a tool and enabler of people, core business, and competitive advantage activities.

    Denis Goulet

    Denis Goulet
    Senior Workshop Director
    Info-Tech Research Group

    Denis is a transformational leader and experienced strategist who has worked with 100+ organizations to develop their digital, technology, and governance strategies.
    He has held positions as CIO, Chief Administrative Office (City Manager), General Manager, Vice President of Engineering, and Management Consultant, specializing in enterprise and technology strategy.

    Cole Cioran

    Cole Cioran
    Managing Partner
    Info-Tech Research Group

    I knew I wanted to build great applications that would delight their users. I did that over and over. Along the way I also discovered that it takes great teams to deliver great applications. Technology only solves problems when people, processes, and organizations change as well. This helped me go from writing software to advising some of the largest organizations in the world on how to how to build a digital delivery umbrella of Product, Agile, and DevOps and create exceptional products and services powered by technology.

    Carlene McCubbin

    Carlene McCubbin
    Research Lead, CIO Practice
    Info-Tech Research Group

    During her tenure at Info-Tech, Carlene has led the development of Info-Tech's Organization and Leadership practice and worked with multiple clients to leverage the methodologies by creating custom programs to fit each organization's needs.
    Before joining Info-Tech, Carlene received her Master of Communications Management from McGill University, where she studied development of internal and external communications, government relations, and change management.

    Isabelle Hertanto

    Isabelle Hertanto
    Principal Research Director
    Info-Tech Research Group

    Isabelle Hertanto has over 15 years of experience delivering specialized IT services to the security and intelligence community. As a former federal officer for Public Safety Canada, Isabelle trained and led teams on data exploitation and digital surveillance operations in support of Canadian national security investigations. Since transitioning into the private sector, Isabelle has held senior management and consulting roles across a variety of industry sectors, including retail, construction, energy, healthcare, and the broader Canadian public sector.

    Hans Eckman

    Hans Eckman
    Principal Research Director
    Info-Tech Research Group

    Hans Eckman is a business transformation leader helping organizations connect business strategy and innovation to operational excellence. He supports Info-Tech members in SDLC optimization, Agile and DevOps implementation, CoE/CoP creation, innovation program development, application delivery, and leadership development. Hans is based out of Atlanta, Georgia.

    Valence Howden

    Valence Howden
    Principal Research Director
    Info-Tech Research Group

    With 30 years of IT experience in the public and private sector, Valence has developed experience in many Information Management and Technology domains, with a particular focus in the areas of Service Management, Enterprise and IT Governance, Development and Execution of Strategy, Risk Management, Metrics Design and Process Design, and Implementation and Improvement. Prior to joining Info-Tech, he served in technical and client-facing roles at Bell Canada and CGI Group Inc., as well as managing the design, integration, and implementation of services and processes in the Ontario Public Sector.

    Clayton Gillett

    Clayton Gillett
    Managing Partner
    Info-Tech Research Group

    Clayton Gillett is a Managing Partner for Info-Tech, providing technology management advisory services to healthcare clients. Clayton joined Info-Tech with more than 28 years of experience in health care information technology. He has held senior IT leadership roles at Group Health Cooperative of Puget Sound and OCHIN, as well as advisory or consulting roles at ECG Management Consultants and Gartner.

    Donna Bales

    Donna Bales
    Principal Research Director
    Info-Tech Research Group

    Donna Bales is a Principal Research Director in the CIO Practice at Info-Tech Research Group specializing in research and advisory services in IT risk, governance, and compliance. She brings over 25 years of experience in strategic consulting and product development and has a history of success in leading complex, multi-stakeholder industry initiatives.

    Igor Ikonnikov

    Igor Ikonnikov
    Research Director
    Info-Tech Research Group

    Igor Ikonnikov is a Research and Advisory Director in the Data and Analytics practice. Igor has extensive experience in strategy formation and execution in the information management domain, including master data management, data governance, knowledge management, enterprise content management, big data, and analytics.
    Igor has an MBA from the Ted Rogers School of Management (Toronto, Canada) with a specialization in Management of Technology and Innovation.

    Research Contributors and Experts

    Michael Newcity

    Michael Newcity
    Chief Innovation Officer
    ArcBest

    Kevin Yoder

    Kevin Yoder
    Vice President, Innovation
    ArcBest

    Gary Boyd

    Gary Boyd
    Vice President, Information Systems & Digital Transformation
    Arkansas Blue Cross and Blue Shield

    Brett Trelfa

    Brett Trelfa
    Chief Information Officer
    Arkansas Blue Cross and Blue Shield

    Kristen Wilson-Jones

    Kristen Wilson-Jones
    Chief Technology & Product Officer
    Medcurio

    Note: additional contributors did not wish to be identified

    Bibliography

    Altringer, Beth. "A New Model for Innovation in Big Companies" Harvard Business Review. 19 Nov. 2013. Accessed 30 Jan. 2023. https://hbr.org/2013/11/a-new-model-for-innovation-in-big-companies
    Arpajian, Scott. "Five Reasons Why Innovation Fails" Forbes Magazine. 4 June 2019. Accessed 31 Jan. 2023. https://www.forbes.com/sites/forbestechcouncil/2019/06/04/five-reasons-why-innovation-fails/?sh=234e618914c6
    Baldwin, John & Gellatly, Guy. "Innovation Capabilities: The Knowledge Capital Behind the Survival and Growth of Firms" Statistics Canada. Sept. 2006. Accessed 30 Jan. 2023. https://www.bdc.ca/fr/documents/other/innovation_capabilities_en.pdf
    Bar Am, Jordan et al. "Innovation in a Crisis: Why it is More Critical Than Ever" McKinsey & Company, 17 June 2020. Accessed 12 Jan. 2023. <https://www.mckinsey.com/capabilities/strategy-and-corporate-finance/our-insights/innovation-in-a-crisis-why-it-is-more-critical-than-ever >
    Boston Consulting Group, "Most Innovative Companies 2021" BCG, April 2021. Accessed 30 Jan. 2023. https://web-assets.bcg.com/d5/ef/ea7099b64b89860fd1aa3ec4ff34/bcg-most-innovative-companies-2021-apr-2021-r.pdf
    Boston Consulting Group, "Most Innovative Companies 2022" BGC, 15 Sept. 2022. Accessed 6 Feb. 2023. https://www.bcg.com/en-ca/publications/2022/innovation-in-climate-and-sustainability-will-lead-to-green-growth
    Christensen, Clayton M. The Innovator's Dilemma: When New Technologies Cause Great Firms to Fail. Harvard Business Review Press, 2016.
    Gerber, Niklaus. "What is innovation? A beginner's guide into different models, terminologies and methodologies" Medium. 20 Sept 2022. Accessed 7 Feb. 2023. https://world.hey.com/niklaus/what-is-innovation-a-beginner-s-guide-into-different-models-terminologies-and-methodologies-dd4a3147
    Google X, Homepage. Accessed 6 Feb. 2023. https://x.company/
    Harnoss, Johann D. & Baeza, Ramón. "Overcoming the Four Big Barriers to Innovation Success" Boston Consulting Group, 24 Sept. 2019. Accessed 30 Jan 2023. https://www.bcg.com/en-ca/publications/2019/overcoming-four-big-barriers-to-innovation-success
    Jaruzelski, Barry et al. "Global Innovation 1000 Study" Pricewaterhouse Cooper, 30 Oct. 2018. Accessed 13 Jan. 2023. <https://www.strategyand.pwc.com/gx/en/insights/innovation1000.html>
    Kharpal, Arjun. "Huawei posts first-ever yearly revenue decline as U.S. sanctions continue to bite, but profit surges" CNBC. 28 March 2022. Accessed 7 Feb. 2023. https://www.cnbc.com/2022/03/28/huawei-annual-results-2021-revenue-declines-but-profit-surges.html
    Kirsner, Scott. "The Biggest Obstacles to Innovation in Large Companies" Harvard Business Review, 30 July 2018. Accessed 12 Jan. 2023. <https://hbr.org/2018/07/the-biggest-obstacles-to-innovation-in-large-companies>
    Macrotrends. "Apple Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/AAPL/apple/revenue
    Macrotrends. "Microsoft Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/MSFT/microsoft/revenue
    Macrotrends. "Amazon Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/AMZN/amazon/revenue
    Macrotrends. "Alphabet Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/GOOG/alphabet/revenue
    Macrotrends. "Tesla Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/TSLA/tesla/revenue
    Macrotrends. "Moderna Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/MRNA/moderna/revenue
    Macrotrends. "Sony Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/SONY/sony/revenue
    Macrotrends. "IBM Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/IBM/ibm/revenue
    Macrotrends. "Meta Platforms Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/META/meta-platforms/revenue
    Macrotrends. "NIKE Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/NKE/nike/revenue
    Macrotrends. "Walmart Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/WMT/walmart/revenue
    Macrotrends. "Dell Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/DELL/dell/revenue
    Macrotrends. "NVIDIA Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/NVDA/nvidia/revenue
    Sloan, Paul. "How to Develop a Vision for Innovation" Innovation Management, 10 Aug. 2009. Accessed 7 Feb. 2023. https://innovationmanagement.se/2009/08/10/how-to-develop-a-vision-for-innovation/
    Statista. "Samsung Electronics' global revenue from 2005 to 2021" Statista. Accessed 7 Feb. 2023. https://www.statista.com/statistics/236607/global-revenue-of-samsung-electronics-since-2005/
    Tichy, Noel & Ram Charan. "Speed, Simplicity, Self-Confidence: An Interview with Jack Welch" Harvard Business Review, 2 March 2020. Accessed 7 Feb. 2023. https://hbr.org/1989/09/speed-simplicity-self-confidence-an-interview-with-jack-welch
    Weick, Karl and Kathleen Sutcliffe. Managing the Unexpected: Sustained Performance in a Complex World, Third Edition. John Wiley & Sons, 2015.
    Xuan Tian, Tracy Yue Wang, Tolerance for Failure and Corporate Innovation, The Review of Financial Studies, Volume 27, Issue 1, 2014, Pages 211–255, Accessed https://doi.org/10.1093/rfs/hhr130

    Review and Improve Your IT Policy Library

    • Buy Link or Shortcode: {j2store}193|cart{/j2store}
    • member rating overall impact: 9.3/10 Overall Impact
    • member rating average dollars saved: $34,724 Average $ Saved
    • member rating average days saved: 14 Average Days Saved
    • Parent Category Name: IT Governance, Risk & Compliance
    • Parent Category Link: /it-governance-risk-and-compliance
    • Your policies are out of date, disorganized, and complicated. They don’t reflect current regulations and don’t actually mitigate your organization’s current IT risks.
    • Your policies are difficult to understand, aren’t easy to find, or aren’t well monitored and enforced for compliance. As a result, your employees don’t care about your policies.
    • Policy issues are taking up too much of your time and distracting you from the real issues you need to address.

    Our Advice

    Critical Insight

    A dynamic and streamlined policy approach will:

    1. Right-size policies to address the most critical IT risks.
    2. Clearly lay out a step-by-step process to complete daily tasks in compliance.
    3. Obtain policy adherence without having to be “the police.”

    To accomplish this, the policy writer must engage their audience early to gather input on IT policies, increase policy awareness, and gain buy-in early in the process.

    Impact and Result

    • Develop more effective IT policies. Clearly express your policy goals and objectives, standardize the approach to employee problem solving, and write policies your employees will actually read.
    • Improve risk coverage. Ensure full coverage on the risk landscape, including legal regulations, and establish a method for reporting, documenting, and communicating risks.
    • Improve employee compliance. Empathize with your employees and use policy to educate, train, and enable them instead of restricting them.

    Review and Improve Your IT Policy Library Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how to write better policies that mitigate the risks you care about and get the business to follow them, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess

    Assess your risk landscape and design a plan to update your policy network based on your most critical risks.

    • Review and Improve Your IT Policy Library – Phase 1: Assess
    • Policy Management RACI Chart Template
    • Policy Management Tool
    • Policy Action Plan

    2. Draft and implement

    Use input from key stakeholders to write clear, consistent, and concise policies that people will actually read and understand. Then publish them and start generating policy awareness.

    • Review and Improve Your IT Policy Library – Phase 2: Draft and Implement
    • Policy Template
    • Policy Communication Plan Template

    3. Monitor, enforce, revise

    Use your policies to create a compliance culture in your organization, set KPIs, and track policy effectiveness.

    • Review and Improve Your IT Policy Library – Phase 3: Monitor, Enforce, Revise
    [infographic]

    Workshop: Review and Improve Your IT Policy Library

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish & Assess

    The Purpose

    Identify the pain points associated with IT policies.

    Establish the policy development process.

    Begin formulating a plan to re-design the policy network.

    Key Benefits Achieved

    Establish the policy process.

    Highlight key issues and pain points regarding policy.

    Assign roles and responsibilities.

    Activities

    1.1 Introduce workshop.

    1.2 Identify the current pain points with policy management.

    1.3 Establish high-level goals around policy management.

    1.4 Select metrics to measure achievement of goals.

    1.5 Create an IT policy working group (ITPWG).

    1.6 Define the scope and purpose of the ITPWG.

    Outputs

    List of issues and pain points for policy management

    Set of six to ten goals for policy management

    Baseline and target measured value

    Amended steering committee or ITPWG charter

    Completed RACI chart

    Documented policy development process

    2 Assess Your Risk Landscape & Map Policies to Risks; Create a Policy Action Plan

    The Purpose

    Identify key risks.

    Develop an understanding of which risks are most critical.

    Design a policy network that best mitigates those risks.

    Key Benefits Achieved

    Use a risk-driven approach to decide which policies need to be written or updated first.

    Activities

    2.1 Identify risks at a high level.

    2.2 Assess each identified risk scenario on impact and likelihood.

    2.3 Map current and required policies to risks.

    2.4 Assess policy effectiveness.

    2.5 Create a policy action plan.

    2.6 Select policies to be developed during workshop.

    Outputs

    Ranked list of IT’s risk scenarios

    Prioritized list of IT risks (simplified risk register)

    Policy action plan

    3 Develop Policies

    The Purpose

    Outline what key features make a policy effective and write policies that mitigate the most critical IT risks.

    Key Benefits Achieved

    Write policies that work and get them approved.

    Activities

    3.1 Define the policy audience, constraints, and in-scope and out-of-scope requirements for a policy.

    3.2 Draft two to four policies

    Outputs

    Drafted policies

    4 Create a Policy Communication and Implementation Plan and Monitor & Reassess the Portfolio

    The Purpose

    Build an understanding of how well the organization’s value creation activities are being supported.

    Key Benefits Achieved

    Identify an area or capability that requires improvement.

    Activities

    4.1 Review draft policies and update if necessary.

    4.2 Create a policy communication plan.

    4.3 Select KPIs.

    4.4 Review root-cause analysis techniques.

    Outputs

    Final draft policies

    Policy communications plan

    KPI tracking log

    Reduce Risk With Rock-Solid Service-Level Agreements

    • Buy Link or Shortcode: {j2store}365|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management

    Organizations can struggle to understand what service-level agreements (SLAs) are required and how they can differ depending on the service type. In addition, these other challenges can also cloud an organization’s knowledge of SLAs:

    • No standardized SLAs documents, service levels, or metrics
    • Dealing with lost productivity and revenue due to persistent downtime
    • Not understanding SLAs components and what service levels are required for a particular service
    • How to manage the SLA and hold the vendor accountable

    Our Advice

    Critical Insight

    SLAs need to have clear, easy-to-measure objectives, to meet expectations and service level requirements, including meaningful reporting and remedies to hold the provider accountable to its obligations.

    Impact and Result

    This project will provide several benefits and learnings for almost all IT workers:

    • Better understanding of an SLA framework and required SLA elements
    • Standardized service levels and metrics aligned to the organization’s requirements
    • Reduced time in reviewing, evaluating, and managing service provider SLAs

    Reduce Risk With Rock-Solid Service-Level Agreements Research & Tools

    Start here – Read our Executive Brief

    Understand how to resolve your challenges with SLAs and their components and ensuring adequate metrics. Learn how to create meaningful SLAs that meet your requirements and manage them effectively.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Understand SLA elements – Understand the elements of SLAs, service types, service levels, metrics/KPIs, monitoring, and reporting

    • SLA Checklist
    • SLA Evaluation Tool

    2. Create requirements – Create your own SLA criteria and templates that meet your organization’s requirements

    • SLA Template & Metrics Reference Guide

    3. Manage obligations – Learn the SLA Management Framework to track providers’ performance and adherence to their commitments.

    • SLO Tracker & Trending Tool

    Infographic

    Workshop: Reduce Risk With Rock-Solid Service-Level Agreements

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Understand the Elements of SLAs

    The Purpose

    Understand key components and elements of an SLA.

    Key Benefits Achieved

    Properly evaluate an SLA for required elements.

    Activities

    1.1 SLA overview, objectives, SLA types, service levels

    1.2 SLA elements and objectives

    1.3 SLA components: monitoring, reporting, and remedies

    1.4 SLA checklist review

    Outputs

    SLA Checklist 

    Evaluation Process

    SLA Checklist

    Evaluation Process

    SLA Checklist

    Evaluation Process

    SLA Checklist

    Evaluation Process

    2 Create SLA Criteria and Management Framework

    The Purpose

    Apply knowledge of SLA elements to create internal SLA requirements.

    Key Benefits Achieved

    Templated SLAs that meet requirements.

    Framework to manage SLOs.

    Activities

    2.1 Creating SLA criteria and requirements

    2.2 SLA templates and policy

    2.3 SLA evaluation activity

    2.4 SLA Management Framework

    2.5 SLA monitoring, tracking, and remedy reconciliation

    Outputs

    Internal SLA Management Framework

    Evaluation of current SLAs

    SLA tracking and trending

    Internal SLA Management Framework

    Evaluation of current SLAs

    SLA tracking and trending

    Internal SLA Management Framework

    Evaluation of current SLAs

    SLA tracking and trending

    Internal SLA Management Framework

    Evaluation of current SLAs

    SLA tracking and trending

    Internal SLA Management Framework

    Evaluation of current SLAs

    SLA tracking and trending

    Further reading

    Reduce Risk With Rock-Solid Service-Level Agreements

    Hold Service Providers more accountable to their contractual obligations with meaningful SLA components & remedies

    EXECUTIVE BRIEF

    Analyst Perspective

    Reduce Risk With Rock-Solid Service-Level Agreements

    Every year organizations outsource more and more IT infrastructure to the cloud, and IT operations to managed service providers. This increase in outsourcing presents an increase in risk to the CIO to save on IT spend through outsourcing while maintaining required and expected service levels to internal customers and the organization. Ensuring that the service provider constantly meets their obligations so that the CIO can meet their obligation to the organization can be a constant challenge. This brings forth the importance of the Service Level Agreement.

    Research clearly indicates that there is a general lack of knowledge when comes to understanding the key elements of a Service Level Agreement (SLA). Even less understanding of the importance of the components of Service Levels and the Service Level Objectives (SLO) that service provider needs to meet so that the outsourced service consistently meets requirements of the organization. Most service providers are very good at providing the contracted service and they all are very good at presenting SLOs that are easy to meet with very few or no ramifications if they don’t meet their objectives. IT leaders need to be more resolute in only accepting SLOs that are meaningful to their requirements and have meaningful, proactive reporting and associated remedies to hold service providers accountable to their obligations.

    Ted Walker

    Principal Research Director, Vendor Practice

    Info-Tech Research Group

    Executive Brief

    Vendors provide service level commitments to customers in contracts to show a level of trust, performance, availability, security, and responsiveness in an effort create a sense of confidence that their service or platform will meet your organization’s requirements and expectations. Sifting through these promises can be challenging for many IT Leaders. Customers struggle to understand and evaluate what’s in the SLA – are they meaningful and protect your investment? Not understanding the details of SLAs applicable to various types of Service (SaaS, MSP, Service Desk, DR, ISP) can lead to financial and compliance risk for the organization as well as poor customer satisfaction.

    This project will provide IT leadership the knowledge & tools that will allow them to:

    • Understand what SLAs are and why they need them.
    • Develop standard SLAs that meet the organization’s requirements.
    • Negotiate meaningful remedies aligned to Service Levels metrics or KPIs.
    • Create SLA monitoring & reporting and remedies requirements to hold the provider accountable.

    This research:

    1. Is designed for:
    • The CIO or CFO who needs to better understand their provider’s SLAs.
    • The CIO or BU that could benefit from improved service levels.
    • Vendor management who needs to standardize SLAs for the organization IT leadership that needs consistent service levels to the business
    • The contract manager who needs a better understanding of contact SLAs
  • Will help you:
    • Understand what a Service Level Agreement is and what it’s for
    • Learn what the components are of an SLA and why you need them
    • Create a checklist of required SLA elements for your organization
    • Develop standard SLA template requirements for various service types
    • Learn the importance of SLA management to hold providers accountable
  • Will also assist:
    • Vendor management
    • Procurement and sourcing
    • Organizations that need to understand SLAs within contract language
    • With creating standardized monitoring & reporting requirements
    • Organizations get better position remedies & credits to hold vendors accountable to their commitments
  • Reduce Risk With Rock-Solid Service-Level Agreements (SLAs)

    Hold service providers more accountable to their contractual obligations with meaningful SLA components and remedies

    The Problem

    IT Leadership doesn't know how to evaluate an SLA.

    Misunderstanding of obligations given the type of service provided (SAAS, IAAS, DR/BCP, Service Desk)

    Expectations not being met, leading to poor service from the provider.

    No way to hold provider accountable.

    Why it matters

    SLAS are designed to ensure that outsourced IT services meet the requirements and expectations of the organization. Well-written SLAs with all the required elements, metrics, and remedies will allow IT departments to provide the service levels to their customer and avoid financial and contractual risk to the organization.

    The Solution

    1. Understand the key service elements within an SLA
    • Develop a solid understanding of the key elements within an SLA and why they're important.
  • Establish requirements to create SLA criteria
    • Prioritize contractual services and establish concise SLA checklists and performance metrics.
  • Manage SLA obligations to ensure commitments are met
    • Review the five steps for effective SLA management to track provider performance and deal with chronic issues.
  • Service types

    • Availability/Uptime
    • Response Times
    • Resolution Time
    • Accuracy
    • First-Call Resolution

    Agreement Types

    • SaaS/IaaS
    • Service Desk
    • MSP
    • Co-Location
    • DR/BCP
    • Security Ops

    Performance Metrics

    • Reporting
    • Remedies & Credits
    • Monitoring
    • Exclusion

    Example SaaS Provider

    • Response Times ✓
    • Availability/Uptime ✓
    • Resolution Time ✓
    • Update Times ✓
    • Coverage Time ✓
    • Monitoring ✓
    • Reporting ✓
    • Remedies/Credits ✓

    SLA Management Framework

    1. SLO Monitoring
    • SLOs must be monitored by the provider, otherwise they can't be measured.
  • Concise Reporting
    • This is the key element for the provider to validate their performance.
  • Attainment Tracking
    • Capturing SLO metric attainment provides performance trending for each provider.
  • Score carding
    • Tracking details provide input into overall vendor performance ratings.
  • Remedy Reconciliation
    • From SLO tracking, missed SLOs and associated credits needs to be actioned and consumed.
  • Executive Summary

    Your Challenge

    To understand which SLAs are required for your organization and how they can differ depending on the service type. In addition, these other challenges can also cloud your knowledge of SLAs

    • No standardized SLA documents, Service levels, or metrics
    • Dealing with lost productivity & revenue due to persistent downtime
    • Understanding SLA components and what service levels are requires for a particular service
    • How to manage the SLA and hold the vendor accountable

    Common Obstacles

    There are several unknowns that SLA can present to different departments within the organization:

    • Little knowledge of what service levels are required
    • Not knowing SLO standards for a service type
    • Lack of resources to manage vendor obligations
    • Negotiating required metrics/KPIs with the provider
    • Low understanding of the risk that poor SLAs can present to the organization

    Info-Tech's Approach

    Info-Tech has a three-step approach to effective SLAs

    • Understand the elements of an SLA
    • Create Requirements for your organization
    • Manage the SLA obligations

    There are some basic components that every SLA should have – most don’t have half of what is required

    Info-Tech Insight

    SLAs need to have clear, easy to measure objectives to meet your expectations and service level requirements, including meaningful reporting and remedies to hold the provider accountable to their obligations.

    Your challenge

    This research is designed to help organizations gain a better understanding of what an SLA is, understand the importance of SLAs in IT contracts, and ensure organizations are provided with rock-solid SLAs that meet their requirements and not just what the vendor wants to provide.

    • Vendors can make SLAs weak and difficult to understand; sometimes the metrics are meaningless. Not fully understanding what makes up a good SLA can bring unknown risks to the organization.
    • Managing vendor SLA obligations effectively is important. Are adequate resources available? Does the vendor provide manual vs. automated processes and which do you need? Is the process proactive from the vendor or reactive from the customer?

    SLAs come in many variations and for many service types. Understanding what needs to be in them is one of the keys to reducing risk to your organization.

    “One of the biggest mistakes an IT leader can make is ignoring the ‘A’ in SLA,” adds Wendy M. Pfeiffer, CIO at Nutanix. “

    An agreement isn’t a one-sided declaration of IT capabilities, nor is it a one-sided demand of business requirements,” she says. “An agreement involves creating a shared understanding of desired service delivery and quality, calculating costs related to expectations, and then agreeing to outcomes in exchange for investment.” (15 SLA mistakes IT leaders still make | CIO)

    Common obstacles

    There are typically a lot of unknowns when it comes to SLAs and how to manage them.

    Most organizations don’t have a full understanding of what SLAs they require and how to ensure they are met by the vendor. Other obstacles that SLAs can present are:

    • Inadequate resources to create and manage SLAs
    • Poor awareness of standard or required SLA metrics/KPIs
    • Lack of knowledge about each provider’s commitment as well as your obligations
    • Low vendor willingness to provide or negotiate meaningful SLAs and credits
    • The know-how or resources to effectively monitor and manage the SLA’s performance

    SLAs need to address your requirements

    55% of businesses do not find all of their service desk metrics useful or valuable (Freshservice.com)

    27% of businesses spend four to seven hours a month collating metric reports (Freshservice.com)

    Executive Summary

    Info-Tech’s Approach

    • Understand the elements of an SLA
      • Availability
      • Monitoring
      • Response Times
      • SLO Calculation
      • Resolution Time
      • Reporting
      • Milestones
      • Exclusions
      • Accuracy
      • Remedies & Credits
    • Create standard SLA requirements and criteria
      • SLA Element Checklist
      • Corporate Requirements and Standards
      • SLA Templates and Policy
    • Effectively Manage the SLA Obligations
      • SLA Management Framework
        • SLO Monitoring
        • Concise Reporting
        • Attainment Tracking
        • Score Carding
        • Remedy Reconciliation

    Info-Tech’s three phase approach

    Reduce Risk With Rock-Solid Service-Level Agreements

    Phase 1

    Understand SLA Elements

    Phase Content:

    • 1.1 What are SLAs, types of SLAs, and why are they needed?
    • 1.2 Elements of an SLA
    • 1.3 Obligation management monitoring, Reporting requirements
    • 1.4 Exclusions
    • 1.5 SLAs vs. SLOs vs. SLIs

    Outcome:

    This phase will present you with an understanding of the elements of an SLA: What they are, why you need them, and how to validate them.

    Phase 2

    Create Requirements

    Phase Content:

    • 2.1 Create a list of your SLA criteria
    • 2.2 Develop SLA policy & templates
    • 2.3 Create a negotiation strategy
    • 2.4 SLA Overachieving discussion

    Outcome:

    This phase will leverage knowledge gained in Phase 1 and guide you through the creation of SLA requirements, criteria, and templates to ensure that providers meet the service level obligations needed for various service types to meet your organization’s service expectations.

    Phase 3

    Manage Obligations

    Phase Content:

    • 3.1 SLA Monitoring, Tracking
    • 3.2 Reporting
    • 3.3 Vendor SLA Reviews & Optimizing
    • 3.4 Performance management

    Outcome:

    This phase will provide you with an SLA management framework and the best practices that will allow you to effectively manage service providers and their SLA obligations.

    Insight summary

    Overarching insight

    SLAs need to have clear, easy-to-measure objectives to meet your expectations and service level requirements, including meaningful reporting and remedies to hold the provider accountable to their obligations.

    Phase 1 insight

    Not understanding the required elements of an SLA and not having meaningful remedies to hold service providers accountable to their obligations can present several risk factors to your organization.

    Phase 2 insight

    Creating standard SLA criteria for your organization’s service providers will ensure consistent service levels for your business units and customers.

    Phase 3 insight

    SLAs can have appropriate SLOs and remedies but without effective management processes they could become meaningless.

    Tactical insight

    Be sure to set SLAs that are easily measurable from regularly accessible data and that are straight forward to interpret.

    Tactical insight

    Beware of low, easy to attain service levels and metrics/KPIs. Service levels need to meet your expectations and needs not the vendor’s.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    SLA Tracker & Trending Tool

    Track the provider’s SLO attainment and see how their performance is trending over time

    SLA Evaluation Tool

    Evaluate SLA service levels, metrics, credit values, reporting, and other elements

    SLA Template & Metrics Reference Guide

    Reference guide for typical SLA metrics with a generic SLA Template

    Service-Level Agreement Checklist

    Complete SLA component checklist for core SLA and contractual elements.

    Key deliverable:

    Service-Level Agreement Evaluation Tool

    Evaluate each component of the SLA , including service levels, metrics, credit values, reporting, and processes to meet your requirements

    Blueprint objectives

    Understand the components of an SLA and effectively manage their obligations

    • To provide an understanding of different types of SLAs, their required elements, and what they mean to your organization. How to identify meaningful service levels based on service types. We will break down the elements of the SLA such as service types and define service levels such as response times, availability, accuracy, and associated metrics or KPIs to ensure they are concise and easy to measure.
    • To show how important it is that all metrics have remedies to hold the service provider accountable to their SLA obligations.

    Once you have this knowledge you will be able to create and negotiate SLA requirements to meet your organization’s needs and then manage them effectively throughout the term of the agreement.

    InfoTech Insight:

    Right-size your requirements and create your SLO criteria based on risk mitigation and create measurements that motivate the desired behavior from the SLA.

    Blueprint benefits

    IT Benefits

    • An understanding of standard SLA service levels and metrics
    • Reduced financial risk through clear and concise easy-to-measure metrics and KPIs
    • Improved SLA commitments from the service provider
    • Meaningful reporting and remedies to hold the provider accountable
    • Service levels and metrics that meet your requirements to support your customers

    Business Benefits

    • Better understanding of an SLA framework and required SLA elements
    • Improved vendor performance
    • Standardized service levels and metrics aligned to your organization’s requirements
    • Reduced time in reviewing and comprehending vendor SLAs
    • Consistent performance from your service providers

    Measure the value of this blueprint

    1. Dollars Saved
    • Improved performance from your service provider
    • Reduced financial risk through meaningful service levels & remedies
    • Dollars gained through:
      • Reconciled credits from obligation tracking and management
      • Savings due to automated processes
  • Time Saved
    • Reduced time in creating effective SLAs through requirement templates
    • Time spent tracking and managing SLA obligations
    • Reduced negotiation time
    • Time spent tracking and reconciling credits
  • Knowledge Gained
    • Understanding of SLA elements, service levels, service types, reporting, and remedies
    • Standard metrics and KPIs required for various service types and levels
    • How to effectively manage the service provider obligations
    • Tactics to negotiate appropriate service levels to meet your requirements
  • Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way wound help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between three to six calls over the course of two to three months.

    Phase 1 - Understand

    • Call #1: Scope requirements, objectives, and your specific SLA challenges

    Phase 2 - Create Requirements

    • Call #2: Review key SLA and how to identify them
    • Call #3: Deep dive into SLA elements and why you need them
    • Call #4: Review your service types and SLA criteria
    • Call #5: Create internal SLA requirements and templates

    Phase 3 - Management

    • Call #6: Review SLA Management Framework
    • Call #7: Review and create SLA Reporting and Tracking

    Workshop Overview

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    Day 1 Day 2
    Understanding SLAs SLA Templating & Management
    Activities

    1.1 SLA overview, objectives, SLA types, service levels

    1.2 SLA elements and objectives

    1.3 SLA components – monitoring, reporting, remedies

    1.4 SLA Checklist review

    2.1 Creating SLA criteria and requirements

    2.2 SLA policy & template

    2.3 SLA evaluation activity

    2.4 SLA management framework

    2.5 SLA monitoring, tracking, remedy reconciliation

    Deliverables
    1. SLA Checklist
    2. SLA policy & template creation
    3. SLA management gap analysis
    1. Evaluation of current SLAs
    2. SLA tracking and trending
    3. Create internal SLA management framework

    Reduce Risk With Rock-Solid Service-Level Agreements

    Phase 1

    Phase 1

    Understand SLA Elements

    Phase Steps

    • 1.1 What are SLAs, the types of SLAs, and why are they needed?
    • 1.2 Elements of an SLA
    • 1.3 Obligation management monitoring, Reporting requirements
    • 1.4 Exclusions and exceptions
    • 1.5 SLAs vs. SLOs vs. SLIs

    Create Requirements

    Manage Obligations

    1.1 What are SLAs, the types of SLAs, and why are they needed?

    SLA Overview

    What is a Service Level Agreement?

    An SLA is an overarching contractual agreement between a service provider and a customer (can be external or internal) that describes the services that will be delivered by the provider. It describes the service levels and associated performance metrics and expectations, how the provider will show it has attained the SLAs, and defines any remedies or credits that would apply if the provider fails to meet its commitments. Some SLAs also include a change or revision process.

    SLAs come in a few forms. Some are unique, separate, standalone documents that define the service types and levels in more detail and is customized to your needs. Some are separate documents that apply to a service and are web posted or linked to an MSA or SSA. The most common is to have them embedded in, or as an appendix to an MSA or SSA. When negotiating an MSA it’s generally more effective to negotiate better service levels and metrics at the same time.

    Objectives of an SLA

    To be effective, SLAs need to have clearly described objectives that define the service type(s) that the service provider will perform, along with commitment to associated measurable metrics or KPIs that are sufficient to meet your expectations. The goal of these service levels and metrics is to ensure that the service provider is committed to providing the service that you require, and to allow you to maintain service levels to your customers whether internal or external.

    1.1 What are SLAs, the types of SLAs, and why are they needed?

    Key Elements of an SLA

    Principle service elements of an SLA

    There are several more common service-related elements of an SLA. These generally include:

    • The Agreement – the document that defines service levels and commitments.
    • The service types – the type of service being provided by the vendor. These can include SaaS, MSP, Service Desk, Telecom/network, PaaS, Co-Lo, BCP, etc.
    • The service levels – these are the measurable performance objectives of the SLA. They include availability (uptime), response times, restore times, priority level, accuracy level, resolution times, event prevention, completion time, etc.
    • Metrics/KPIs – These are the targets or commitments associated to the service level that the service provider is obligated to meet.
    • Other elements – Reporting requirements, monitoring, remedies/credit values and process.

    Contractual Construct Elements

    These are construct components of an SLA that outline their roles and responsibilities, T&Cs, escalation process, etc.

    In addition, there are several contractual-type elements including, but not limited to:

    • A statement regarding the purpose of the SLA.
    • A list of services being supplied (service types).
    • An in-depth description of how services will be provided and when.
    • Vendor and customer requirements.
    • Vendor and customer obligations.
    • Acknowledgment/acceptance of the SLA.
    • They also list each party’s responsibilities and how issues will be escalated and resolved.

    Common types of SLAs explained

    Service-level SLA

    • This service-level agreement construct is the Service-based SLA. This SLA covers an identified service for all customers in general (for example, if an IT service provider offers customer response times for a service to several customers). In a service-based agreement, the response times would be the same and apply to all customers using the service. Any customer using the service would be provided the same SLA – in this case the same defined response time.

    Customer-based SLA

    • A customer-based SLA is a unique agreement with one customer. The entire agreement is defined for one or all service levels provided to a particular customer (for example, you may use several services from one telecom vendor). The SLAs for these services would be covered in one contract between you and the vendor, creating a unique customer-based vendor agreement. Another scenario could be where a vendor offers general SLAs for its services but you negotiate a specific SLA for a particular service that is unique or exclusive to you. This would be a customer-based SLA as well.

    Multi-level SLA

    • This service-level agreement construct is the multi-level SLA. In a multi-level SLA, components are defined to the organizational levels of the customer with cascading coverage to sublevels of the organization. The SLA typically entails all services and is designed to the cover each sub-level or department within the organization. Sometimes the multi-level SLA is known as a master organization SLA as it cascades to several levels of the organization.

    InfoTech Insight: Beware of low, easy to attain Service levels and metrics/KPIs. Service levels need to meet your requirements, expectations, and needs not the vendor’s.

    1.2 Elements of SLA-objectives, service types, and service levels

    Objectives of Service Levels

    The objective of the service levels and service credits are to:

    • Ensure that the services are of a consistently high quality and meet the requirements of the customer
    • Provide a mechanism whereby the customer can attain meaningful recognition of the vendors failure to deliver the level of service for which it was contracted to deliver
    • Incentivize the vendor or service provider to comply with and to expeditiously provide a remedy for any failure to attain the service levels committed to in the SLA
    • To ensure that the service provider fulfills the defined objectives of the outsourced service

    Service types

    There are several service types that can be part of an SLA. Service types are the different nature of services associated with the SLA that the provider is performing and being measured against. These can include:

    Service Desk, SaaS, PaaS, IaaS, ISP/Telecom/Network MSP, DR & BCP, Co-location security ops, SOW.

    Each service type should have standard service level targets or obligations that can vary depending on your requirements and reliance on the service being provided.

    Service levels

    Service levels are measurable targets, metrics, or KPIs that the service provider has committed to for the particular service type. Service levels are the key element of SLAs – they are the performance expectations set between you and the provider. The service performance of the provider is measured against the service level commitments. The ability of the provider to consistently meet these metrics will allow your organization to fully benefit from the objectives of the service and associated SLAs. Most service levels are time related but not all are.

    Common service levels are:

    Response times, resolution times per percent, restore/recovery times, accuracy, availability/uptime, completion/milestones, updating/communication, latency.

    Each service level has standard or minimum metrics for the provider. The metrics, or KPIs, should be relatively easy to measure and report against on a regular basis. Service levels are generally negotiable to meet your requirements.

    1.2.1 Activity SLA Checklist Tool

    1-2 hours

    Input

    • SLA content, Service elements
    • Contract terms & exclusions
    • Service metrices/KPIs

    Output

    • A concise list of SLA components
    • A list of missing SLA elements
    • Evaluation of the SLA

    Materials

    • Comprehensive checklist
    • Service provider SLA
    • Internal templates or policies

    Participants

    • Vendor or contract manager
    • IT or business unit manager
    • Legal
    • Finance

    Using this checklist will help you review a provider’s SLA to ensure it contains adequate service levels and remedies as well as contract-type elements.

    Instructions:

    Use the checklist to identify the principal service level elements as well as the contractual-type elements within the SLA.

    Review the SLA and use the dropdowns in the checklist to verify if the element is in the SLA and whether it is within acceptable parameters as well the page or section for reference.

    The checklist contains a list of service types that can be used for reference of what SLA elements you should expect to see in that service type SLA.

    Download the SLA Checklist Tool

    1.3 Monitoring, reporting requirements, remedies/credit process

    Monitoring & Reporting

    As mentioned, well-defined service levels are key to the success of the SLA. Validating that the metrics/KPIs are being met on a consistent basis requires regular monitoring and reporting. These elements of the SLA are how you hold the provider accountable to the SLA commitments and obligations. To achieve the service level, the service must be monitored to validate that timelines are met and accuracy is achieved.

    • Data or details from monitoring must then be presented in a report and delivered to the customer in an agreed-upon format. These formats can be in a dashboard, portal, spreadsheet, or csv file, and they must have sufficient criteria to validate the service-level metric. Reports should be kept for future review and to create historical trending.
    • Monitoring and reporting should be the responsibility of the service provider. This is the only way that they can validate to the customer that a service level has been achieved.
    • Reporting criteria and delivery timelines should be defined in the SLA and can even have a service level associated with it, such as a scheduled report delivery on the fifth day of the following month.
    • Reports need to be checked and balanced. When defining report criteria, be sure to define data source(s) that can be easily validated by both parties.
    • Report criteria should include compliance requirements, target metric/KPIs, and whether they were attained.
    • The report should identify any attainment shortfall or missed KPIs.

    Too many SLAs do not have these elements as often the provider tries to put the onus on the customer to monitor their performance of the service levels. .

    1.3.1 Monitoring, reporting requirements, remedies/credit process

    Remedies and Credits

    Service-level reports validate the performance of the service provider to the SLA metrics or KPIs. If the metrics are met, then by rights, the service provider is doing its job and performing up to expectations of the SLA and your organization.

    • What if the metrics are not being met either periodically or consistently? Solving this is the goal of remedies. Remedies are typically monetary costs (in some form) to the provider that they must pay for not meeting a service-level commitment. Credits can vary significantly and should be aligned to the severity of the missed service level. Sometimes there no credits offered by the vendor. This is a red flag in an SLA.
    • Typically expressed as a monetary credit, the SLA will have service levels and associated credits if the service-level metric/KPI is not met during the reporting period. Credits can be expressed in a dollar format, often defined as a percentage of a monthly fee or prorated annual fee. Although less common, some SLAs offer non-financial credits. These could include: an extension to service term, additional modules, training credits, access to a higher support level, etc.
    • Regardless of how the credit is presented, this is typically the only way to hold your provider accountable to their commitments and to ensure they perform consistently to expectations. You must do a rough calculation to validate the potential monetary value and if the credit is meaningful enough to the provider.

    Research shows that credit values that equate to just a few dollars, when you are paying the provider tens of thousands of dollars a month for a service or product, the credit is insignificant and therefore doesn’t incent the provider to achieve or maintain a service level.

    1.3.2 Monitoring, reporting requirements, remedies/credit process

    Credit Process

    Along with meaningful credit values, there must be a defined credit calculation method and credit redemption process in the SLA.

    Credit calculation. The credit calculation should be simple and straight forward. Many times, we see providers define complicated methods of calculating the credit value. In some cases complicated service levels require higher effort to monitor and report on, but this shouldn’t mean that the credit for missing the service level needs to require the same effort to calculate. Do a sample credit calculation to validate if the potential credit value is meaningful enough or meets your requirements.

    Credit redemption process. The SLA should define the process of how a credit is provided to the customer. Ideally the process should be fairly automated by the service provider. If the report shows a missed service level, that should trigger a credit calculation and credit value posted to account followed by notification. In many SLAs that we review, the credit process is either poorly defined or not defined at all. When it is defined, the process typically requires the customer to follow an onerous process and submit a credit request that must then be validated by the provider and then, if approved, posted to your account to be applied at year end as long as you are in complete compliance with the agreement and up-to-date on your account etc. This is what we need to avoid in provider-written SLAs. You need a proactive process where the service provider takes responsibility for missing an SLA and automatically assigns an accurate credit to your account with an email notice.

    Secondary level remedies. These are remedies for partial performance. For example, the platform is accessible but some major modules are not working (i.e.: the payroll platform is up and running and accessible but the tax table is not working properly so you can’t complete your payroll run on-time). Consider the requirement of a service level, metric, and remedy for critical components of a service and not just the platform availability.

    Info-Tech Insight SLA’s without adequate remedies to hold the vendor accountable to their commitments make the SLAs essentially meaningless.

    1.4 Exclusions indemnification, force majeure, scheduled maintenance

    Contract-Related Exclusions

    Attaining service-level commitments by the provider within an SLA can depend on other factors that could greatly influence their performance to service levels. Most of these other factors are common and should be defined in the SLA as exclusions or exceptions. Exceptions/exclusions can typically apply to credit calculations as well. Typical exceptions to attaining service levels are:

    • Denial of Service (DoS) attacks
    • Communication/ISP outage
    • Outages of third-party hosting
    • Actions or inactions of the client or third parties
    • Scheduled maintenance but not emergency maintenance
    • Force majeure events which can cover several different scenarios

    Attention should be taken to review the exceptions to ensure they are in fact not within the reasonable control of the provider. Many times the provider will list several exclusions. Often these are not reasonable or can be avoided, and in most cases, they allow the service provider the opportunity to show unjustified service-level achievements. These should be negotiated out of the SLA.

    1.5 Activity SLA Evaluation Tool

    1-2 hours

    Input

    • SLA content
    • SLA elements
    • SLA objectives
    • SLO calculation methods

    Output

    • Rating of the SLA service levels and objectives
    • Overall rating of the SLA content
    • Targeted list of required improvements

    Materials

    • SLA comprehensive checklist
    • Service provider SLA

    Participants

    • Vendor or contract manager
    • IT manager or leadership
    • Application or business unit manager

    The SLA Evaluation Tool will allow you evaluate an SLA for content. Enter details into the tool and evaluate the service levels and SLA elements and components to ensure the agreement contains adequate SLOs to meet your organization’s service requirements.

    Instructions:

    Review and identify SLA elements within the service provider’s SLA.

    Enter service-level details into the tool and rate the SLOs.

    Enter service elements details, validate that all required elements are in the SLA, and rate them accordingly.

    Capture and evaluate service-level SLO calculations.

    Review the overall rating for the SLA and create a targeted list for improvements with the service provider.

    Download the SLA Evaluation Tool

    1.5 Clarification: SLAs vs. SLOs vs. SLIs

    SLA – Service-Level Agreement The promise or commitment

    • This is the formal agreement between you and your service provider that contains their service levels and obligations with measurable metrics/KPIs and associated remedies. SLAs can be a separate or unique document, but are most commonly embedded within an MSA, SOW, SaaS, etc. as an addendum or exhibit.

    SLO – Service-Level Objective The goals or targets

    • This service-level agreement construct is the customer-based SLA. A Customer-based SLA is a unique agreement with one customer. The entire agreement is defined for one or all service levels provided to a particular customer. For example, you may use several services from one telecom vendor. The SLAs for these services would be covered in one contract between you and the Telco vendor, creating a unique customer-based to vendor agreement. Another scenario: a vendor offers general SLAs for its services and you negotiate a specific SLA for a particular service that is unique or exclusive to you. This would be a customer-based SLA as well.

    Other common names are Metrics and Key Performance Indicators (KPIs )

    SLI – Service-Level Indicator How did we do? Did we achieve the objectives?

    • An SLI is the actual metric attained after the measurement period. SLI measures compliance with an SLO (service level objective). So, for example, if your SLA specifies that your systems will be available 99.95% of the time, your SLO is 99.95% uptime and your SLI is the actual measurement of your uptime. Maybe it’s 99.96%. maybe 99.99% or even 99.75% For the vendor to be compliant to the SLA, the SLI(s) must meet or exceed the SLOs within the SLA document.

    Other common names: attainment, results, actual

    Info-Tech Insight:

    Web-posted SLAs that are not embedded within a signed MSA, can present uncertainty and risk as they can change at any time and typically without direct notice to the customer

    Reduce Risk With Rock-Solid Service-Level Agreements

    Phase 2

    Understand SLA Elements

    Phase 2

    Create Requirements

    Phase Steps

    • 2.1 Create a list of your SLA criteria
    • 2.2 Develop SLA policy & templates
    • 2.3 Create a negotiation strategy
    • 2.4 SLA overachieving discussion

    Manage Obligations

    2.1 Create a list of your SLA criteria

    Principle Service Elements

    With your understanding of the types of SLAs and the elements that comprise a well-written agreement

    • The next step is to start to create a set of SLA criteria for service types that your organization outsources or may require in the future.
    • This criteria should define the elements of the SLA with tolerance levels that will require the provider to meet your service expectations.
    • Service levels, metrics/KPIs, associated remedies and reporting criteria. This criteria could be captured into table-like templates that can be referenced or inserted into service provider SLAs.
    • Once you have defined minimum service-level criteria, we recommend that you do a deeper review of the various service provider types that your organization has in place. The goal of the review is to understand the objective of the service type and associated service levels and then compare them to your requirements for the service to meet your expectations. Service levels and KPIs should be no less than if your IT department was providing the service with its own resources and infrastructure.
    • Most IT departments have service levels that they are required to meet with their infrastructure to the business units or organization, whether it’s App delivery, issue or problem resolution, availability etc. When any of these services are outsourced to an external service provider, you need to make all efforts to ensure that the service levels are equal to or better than the previous or existing internal expectations.
    • Additionally, the goal is to identify service levels and metrics that don’t meet your requirements or expectations and/or service levels that are missing.

    2.2 Develop SLA policies and templates

    Contract-type Elements

    After creating templates for minimum-service metrics & KPIs, reporting criteria templates, process, and timing, the next step should be to work on contract-type elements and additional service-level components. These elements should include:

    • Reporting format, criteria, and timelines
    • Monitoring requirements
    • Minimum acceptable remedy or credits process; proactive by provider vs. reactive by customer
    • Roles & responsibilities
    • Acceptable exclusion details
    • Termination language for persistent failure to meet SLOs

    These templates or criteria minimums can be used as guidelines or policy when creating or negotiating SLAs with a service provider.

    Start your initial element templates for your strategic vendors and most common service types: SaaS, IaaS, Service Desk, SecOps, etc. The goal of SLA templates is to create simple minimum guidelines for service levels that will allow you to meet your internal SLAs and expectations. Having SLA templates will show the service provider that you understand your requirements and may put you in a better negotiating position when reviewing with the provider.

    When considering SLO metrics or KPIs consider the SMART guidance:

    Simple: A KPI should be easy to measure. It should not be complicated, and the purpose behind recording it must be documented and communicated.

    Measurable: A KPI that cannot be measured will not help in the decision-making process. The selected KPIs must be measurable, whether qualitatively or quantitatively. The procedure for measuring the KPIs must be consistent and well-defined.

    Actionable: KPIs should contribute to the decision-making process of your organization. A KPI that does not make any such contributions serves no purpose.

    Relevant: KPIs must be related to operations or functions that a security team seeks to assess.

    Time-based: KPIs should be flexible enough to demonstrate changes over time. In a practical sense, an ideal KPI can be grouped together by different time intervals.

    (Guide for Security Operations Metrics)

    2.2.1 Activity: Review SLA Template & Metrics Reference Guide

    1-2 hours

    Input

    • Service level metrics
    • List of who is accountable for PPM decisions

    Output

    • SLO templates for service types
    • SLA criteria that meets your organization’s requirements

    Materials

    • SLA Checklist
    • SLA criteria list with SLO & credit values
    • PPM Decision Review Workbook

    Participants

    • Vendor manager
    • IT leadership
    • Procurement or contract manager
    1. Review the SLA Template and Metrics Reference Guide for common metrics & KPIs for the various service types. Each Service Type tab has SLA elements and SLO metrics typically associated with the type of service.
    2. Some service levels have common or standard credits* that are typically associated with the service level or metric.
    3. Use the SLA Template to enter service levels, metrics, and credits that meet your organization’s criteria or requirements for a given service type.

    Download the SLA Template & Metrics Reference Guide

    *Credit values are not standard values, rather general ranges that our research shows to be the typical ranges that credit values should be for a given missed service level

    2.3 Create a negotiation strategy

    Once you have created service-level element criteria templates for your organization’s requirements, it’s time to document a negotiation position or strategy to use when negotiating with service providers. Not all providers are flexible with their SLA commitments, in fact most are reluctant to change or create “unique” SLOs for individual customers. Particularly cloud vendors providing IaaS, SaaS, or PaaS, SLAs. ISP/Telcom, Co-Lo and DR/BU providers also have standard SLOs that they don’t like to stray far from. On the other hand, security ops (SIEM), service desk, hardware, and SOW/PS providers who are generally contracted to provide variable services are somewhat more flexible with their SLAs and more willing to meet your requirements.

    • Service providers want to avoid being held accountable to SLOs, and their SLAs are typically written to reflect that.

    The goal of creating internal SLA templates and policies is to set a minimum baseline of service levels that your organization is willing to accept, and that will meet their requirements and expectations for the outsourced service. Using these templated SLOs will set the basis for negotiating the entire SLA with the provider. You can set the SLA purpose, objectives, roles, and responsibilities and then achieve these from the service provider with solid SLOs and associated reporting and remedies.

    Info-Tech Insight

    Web-posted SLAs that are not embedded within a signed MSA can present uncertainty and risk as they can change at any time and typically without direct notice to the customer

    2.3.1 Negotiating strategy guidance

    • Be prepared. Create a negotiating plan and put together a team that understands your organization’s requirements for SLA.
    • Stay informed. Request provider’s recent performance data and negotiate SLOs to the provider’s average performance.
    • Know what you need. Corporate SLA templates or policies should be positioned to service providers as baseline minimums.
    • Show some flexibility. Be willing to give up some ground on one SLO in exchange for acceptance of SLOs that may be more important to your organization.
    • Re-group. Have a fallback position or Plan B. What if the provider can’t or won’t meet your key SLOs? Do you walk?
    • Do your homework. Understand what the typical standard SLOs are for the type of service level.

    2.4 SLO overachieving incentive discussion

    Monitoring & Reporting

    • SLO overachieving metrics are seen in some SLAs where there is a high priority for a service provider to meet and or exceed the SLOs within the SLA. These are not common terms but can be used to improve the overall service levels of a provider. In these scenarios the provider is sometimes rewarded for overachieving on the SLOs, either consistently or on a monthly or quarterly basis. In some cases, it can make financial sense to incent the service provider to overachieve on their commitments. Incentives can drive behaviors and improved performance by the provider that can intern improve the benefits to your organization and therefore justify an incent of some type.
    • Example: You could have an SLO for invoice accuracy. If not achieved, it could cost the vendor if they don’t meet the accuracy metric, however if they were to consistently overachieve the metric it could save accounts payable hours of time in validation and therefore you could pass on some of these measurable savings to the provider.
    • Overachieving incentives can add complexity to the SLA so they need to be easily measurable and simple to manage.
    • Overachieving incentives can also be used in provider performance improvement plans, where a provider might have poor trending attainment and you need to have them improve their performance in a short period of time. Incentives typically will motivate provider improvement and generally will cost much less than replacing the provider.
    • There is another school of thought that you shouldn’t have to pay a provider for doing their job; however, others are of the opinion that incentives or bonuses improve the overall performance of individuals or teams and are therefore worth consideration if both parties benefit from the over performance.

    Reduce Risk With Rock-Solid Service-Level Agreements

    Phase 3

    Understand SLA Elements

    Create Requirements

    Phase 3

    Manage Obligations

    Phase Steps

    • 3.1 SLA monitoring and tracking
    • 3.2 Reporting
    • 3.3 Vendor SLA reviews & optimizing
    • 3.4 Performance management

    3.1 SLA monitoring, tracking, and remedy reconciliation

    The next step to effective SLAs is the management component. It could be fruitless if you were to spend your time and efforts negotiating your required service levels and metrics and don’t have some level of managing the SLA. In that situation you would have no way of knowing if the service provider is attaining their SLOs.

    There are several key elements to effective SLA management:

    • SLO monitoring
    • Simple, concise reporting
    • SLO attainment tracking
    • Score carding & trending
    • Remedy reconciliation

    SLA Management framework

    SLA Monitoring → Concise Reporting → Attainment Tracking → Score Carding →Remedy Reconciliation

    “A shift we’re beginning to see is an increased use of data and process discovery tools to measure SLAs,” says Borowski of West Monroe. “While not pervasive yet, these tools represent an opportunity to identify the most meaningful metrics and objectively measure performance (e.g., cycle time, quality, compliance). When provided by the client, it also eliminates the dependency on provider tools as the source-of-truth for performance data.” – Stephanie Overby

    3.1 SLA management framework

    SLA Performance Management

    • SLA monitoring provides data for SLO reports or dashboards. Reports provide attainment data for tacking over time. Attainment data feeds scorecards and allows for trending analysis. Missed attainment data triggers remedies.
    • All service providers monitor their systems, platforms, tickets, agents, sensors etc. to be able to do their jobs. Therefore, monitoring is readily available from your service provider in some form.
    • One of the key purposes of monitoring is to generate data into internal reports or dashboards that capture the performance metrics of the various services. Therefore, service-level and metric reports are readily available for all of the service levels that a service provider is contracted or engaged to provide.
    • Monitoring and reporting are the key elements that validate how your service provider is meeting its SLA obligations and thus are very important elements of an SLA. SLO report data becomes attainment data once the metric or KPI has been captured.
    • As a component of effective SLA management, this attainment data needs to be tracked/recorded in an easy-to-read format or table over a period of time. Attainment data can then be used to generate scorecards and trending reports for your review both internally and with the provider as required.
    • If attainment data shows that the service provider is meeting their SLA obligations, then the SLA is meeting your requirements and expectations. If on the other hand, attainment data shows that obligations are not being met, then actions must be taken to hold the service provider accountable. The most common method is through remedies that are typically in the form of a credit through a defined process (see Sec. 1.3). Any credits due for missed SLOs should also be tracked and reported to stakeholders and accounting for validation, reconciliation, and collection.

    3.2 Reporting

    Monitoring & Reporting

    • Many SLAs are silent on monitoring and reporting elements and require that the customer, if aware or able, to monitor the providers service levels and attainment and create their own KPI and reports. Then if SLOs are not met there is an arduous process that the customer must go through to request their rightful credit. This manual and reactive method creates all kinds of risk and cost to the customer and they should make all attempts to ensure that the service provider proactively provides SLO/KPI attainment reports on a regular basis.
    • Automated monitoring and reporting is a common task for many IT departments. There is no reason that a service provider can’t send reports proactively in a format that can be easily interpreted by the customer. The ideal state would be to capture KPI report data into a customer’s internal service provider scorecard.
    • Automated or automatic credit posting is another key element that service providers tend to ignore, primarily in hopes that the customer won’t request or go through the trouble of the process. This needs to change. Some large cloud vendors already have automated processes that automatically post a credit to your account if they miss an SLO. This proactive credit process should be at the top of your negotiation checklist. Service providers are avoiding thousands of credit dollars every year based on the design of their credit process. As more customers push back and negotiate more efficient credit processes, vendors will soon start to change and may use it as a differentiator with their service.

    3.2.1 Performance tracking and trending

    What gets measured gets done

    SLO Attainment Tracking

    A primary goal of proactive and automated reporting and credit process is to capture the provider’s attainment data into a tracker or vendor scorecard. These tracking scorecards can easily create status reports and performance trending of service providers, to IT leadership as well as feed QBR agenda content.

    Remedy Reconciliation

    Regardless of how a credit is processed it should be tracked and reconciled with internal stakeholders and accounting to ensure credits are duly applied or received from the provider and in a timely manner. Tracking and reconciliation must also align with your payment terms, whether monthly or annually.

    “While the adage, ‘You can't manage what you don't measure,’ continues to be true, the downside for organizations using metrics is that the provider will change their behavior to maximize their scores on performance benchmarks.” – Rob Lemos

    3.2.1 Activity SLA Tracker and Trending Tool

    1-2 hours setup

    Input

    • SLO metrics/KPIs from the SLA
    • Credit values associated with SLO

    Output

    • Monthly SLO attainment data
    • Credit tracking
    • SLO trending graphs

    Materials

    • Service provider SLO reports
    • Service provider SLA
    • SLO Tracker & Trending Tool

    Participants

    • Contract or vendor managers
    • Application or service managers
    • Service provider

    An important activity in the SLA management framework is to track the provider’s SLO attainment on a monthly or quarterly basis. In addition, if an SLO is missed, an associated credit needs to be tracked and captured. This activity allows you to capture the SLOs from the SLA and track them continually and provide data for trending and review at vendor performance meetings and executive updates.

    Instructions: Enter SLOs from the SLA as applicable.

    Each month, from the provider’s reports or dashboards, enter the SLO metric attainment.

    When an SLO is met, the cell will turn green. If the SLO is missed, the cell will turn red and a corresponding cell in the Credit Tracker will turn green, meaning that a credit needs to be reconciled.

    Use the Trending tab to view trending graphs of key service levels and SLOs.

    Download the SLO Tracker and Trending Tool

    3.3 Vendor SLA reviews and optimizing

    Regular reviews should be done with providers

    Collecting attainment data with scorecards or tracking tools provides summary information on the performance of the service provider to their SLA obligations. This information should be used for regular reviews both internally and with the provider.

    Regular attainment reviews should be used for:

    • Performance trending upward or downward
    • Identifying opportunities to revise or improve SLOs
    • Optimizing SLO and processes
    • Creating a Performance Improvement Plan (PIP) for the service provider

    Some organizations choose to review SLA performance with providers at regular QBRs or at specific SLA review meetings

    This should be determined based on the criticality, risk, and strategic importance of the provider’s service. Providers that provide essential services like ERP, payroll, CRM, HRIS, IaaS etc. should be reviewed much more regularly to ensure that any decline in service is identified early and addressed properly in accordance with the service provider. Negative trending performance should also be documented for consideration at renewal time.

    3.4 Performance management

    Dealing with persistent poor performance and termination

    Service providers that consistently miss key service level metrics or KPIs present financial and security risk to the organization. Poor performance of a service provider reflects directly on the IT leadership and will affect many other business aspects of the organization including:

    • Ability to conduct day-to-day business activities
    • Meet internal obligations and expectations
    • Employee productivity and satisfaction
    • Maintain corporate policies or industry compliance
    • Meet security requirements

    Communication is key. Poor performance of a service provider needs to be dealt with in a timely manner in order to avoid more critical impact of the poor performance. Actions taken with the provider can also vary depending again on the criticality, risk, and strategic importance of the provider’s service.

    Performance reviews should provide the actions required with the goal of:

    • Making the performance problems into opportunities
    • Working with the provider to create a PIP with aggressive timelines and ramifications if not attained
    • Non-renewal or termination consideration, if feasible including provider replacement options, risk, costs, etc.
    • SLA renegotiation or revisions
    • Warning notifications to the service provider with concise issues and ramifications

    To avoid the issues and challenges of dealing with chronic poor performance, consider a Persistent or Chronic Failure clause into the SLA contract language. These clauses can define chronic failure, scenarios, ramifications there of, and defined options for the client including increased credit values, non-monetary remedies, and termination options without liability.

    Info-Tech Insight

    It’s difficult to prevent chronic poor performance but you can certainly track it and deal with it in a way that reduces risk and cost to your organization.

    SLA Hall of Shame

    Crazy service provider SLA content collection

    • Excessive list of unreasonable exclusions
    • Subcontractors’ behavior could be excluded
    • Downtime credit, equal to downtime percent x the MRC
    • Controllable FM events (internal labor issues, health events)
    • Difficult downtime or credit calculations that don’t make sense
    • Credits are not valid if agreement is terminated early or not renewed
    • Customer is not current on their account, SLA or credits do not count/apply
    • Total downtime = to prorated credit value (down 3 hrs = 3/720hrs = 0.4% credit)
    • SLOs don’t apply if customer fails to report the issue or request a trouble ticket
    • Downtime during off hours (overnight) do not count towards availability metrics
    • Different availability commitments based on different support-levels packages
    • Extending the agreement term by the length of downtime as a form of a remedy

    SLA Dos and Don’ts

    Dos

    • Do negotiate SLOs to vendor’s average performance
    • Do strive for automated reporting and credit processes
    • Do right-size and create your SLO criteria based on risk mitigation
    • Do review SLA attainment results with strategic service providers on a regular basis
    • Do ensure that all key elements and components of an SLA are present in the document or appendix

    Don'ts

    • Don’t accept the providers response that “we can’t change the SLOs for you because then we’d have to change them for everyone”
    • Don’t leave SLA preparation to the last minute. Give it priority as you negotiate with the provider
    • Don’t create complex SLAs with numerous service levels and SLOs that need to be reported and managed
    • Don’t aim for absolute perfection. Rather, prioritize which service levels are most important to you for the service

    Summary of Accomplishment

    Problem Solved

    Knowledge Gained

    • Understanding of the elements and components of an SLA
    • A list of SLO metrics aligned to service types that meet your organization’s criteria
    • SLA metric/KPI templates
    • SLA Management process for your provider’s service objectives
    • Reporting and tracking process for performance trending

    Deliverables Completed

    • SLA component and contract element checklist
    • Evaluation or service provider SLAs
    • SLA templates for strategic service types
    • SLA tracker for strategic service providers

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com

    1-888-670-8889

    Related Info-Tech Research

    Improve IT-Business Alignment Through an Internal SLA

    • Understand business requirements, clarify current capabilities, and enable strategies to close service-level gaps.

    Data center Co-location SLA & Service Definition Template

    • In essence, the SLA defines the “product” that is being purchased, permitting the provider to rationalize resources to best meet the needs of varied clients, and permits the buyer to ensure that business requirements are being met.

    Ensure Cloud Security in IaaS, PaaS, and SaaS Environments

    • Keep your information security risks manageable when leveraging the benefits of cloud computing.

    Bibliography

    Henderson, George. “3 Most Common Types of Service Level Agreement (SLA).” Master of Project Academy. N.d. Web.

    “Guide to Security Operations Metrics.” Logsign. Oct 5, 2020. Web.

    Lemos, Rob. “4 lessons from SOC metrics: What your SpecOps team needs to know.” TechBeacon. N.d. Web.

    “Measuring and Making the Most of Service Desk Metrics.” Freshworks. N.d. Web.

    Overby, Stephanie. “15 SLA Mistakes IT Leaders Still Make.” CIO. Jan 21, 2021.

    Embrace Business-Managed Applications

    • Buy Link or Shortcode: {j2store}179|cart{/j2store}
    • member rating overall impact: 9.0/10 Overall Impact
    • member rating average dollars saved: $64,999 Average $ Saved
    • member rating average days saved: 18 Average Days Saved
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • The traditional model of managing applications does not address the demands of today’s rapidly changing market and digitally minded business, putting stress on scarce IT resources. The business is fed up with slow IT responses and overbearing desktop and system controls.
    • The business wants more control over the tools they use. Software as a service (SaaS), business process management (BPM), robotic process automation (RPA), artificial intelligence (AI), and low-code development platforms are all on their radar.
    • However, your current governance and management structures do not accommodate the risks and shifts in responsibilities to business-managed applications.

    Our Advice

    Critical Insight

    • IT is a business partner, not just an operator. Effective business operations hinge on high-quality, valuable, fit-for-purpose applications. IT provides the critical insights, guidance, and assistance to ensure applications are implemented and leveraged in a way that maximizes return on investment, whether it is being managed by end users or lines of business (LOBs). This can only happen if the organization views IT as a critical asset, not just a supporting player.
    • All applications should be business owned. You have applications because LOBs need them to meet the objectives and key performance indicators defined in the business strategy. Without LOBs, there would be no need for business applications. LOBs define what the application should be and do for it to be successful, so LOBs should own them.
    • Everything boils down to trust. The business is empowered to make their own decisions on how they want to implement and use their applications and, thus, be accountable for the resulting outcomes. Guardrails, role-based access, application monitoring, and other controls can help curb some risk factors, but it should not come at the expense of business innovation and time-sensitive opportunities. IT must trust the business will make rational application decisions, and the business must trust IT to support them in good times and bad.

    Impact and Result

    • Focus on the business units that matter. BMA can provide significant value to LOBs if teams and stakeholders are encouraged and motivated to adopt organizational and operational changes.
    • Reimagine the role of IT. IT is no longer the gatekeeper that blocks application adoption. Rather, IT enables the business to adopt the tools they need to be productive and they guide the business on successful BMA practices.
    • Instill business accountability. With great power comes great responsibility. If the business wants more control of their applications, they must be willing to take ownership of the outcomes of their decisions.

    Embrace Business-Managed Applications Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should embrace business-managed applications, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Embrace Business-Managed Applications – Phases 1-3
    • Business-Managed Applications Communication Template

    1. State your objectives

    Level-set the expectations for your business-managed applications.

    • Embrace Business- Managed Applications – Phase 1: State Your Objectives

    2. Design your framework and governance

    Identify and define your application managers and owners and build a fit-for-purpose governance model.

    • Embrace Business-Managed Applications – Phase 2: Design Your Framework & Governance

    3. Build your roadmap

    Build a roadmap that illustrates the key initiatives to implement your BMA and governance models.

    • Embrace Business-Managed Applications – Phase 3: Build Your Roadmap

    [infographic]

    Workshop: Embrace Business-Managed Applications

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 State Your Objectives

    The Purpose

    Define business-managed applications in your context.

    Identify your business-managed application objectives.

    State the value opportunities with business-managed applications.

    Key Benefits Achieved

    A consensus definition and list of business-managed applications goals

    Understanding of the business value business-managed applications can deliver

    Activities

    1.1 Define business-managed applications.

    1.2 List your objectives and metrics.

    1.3 State the value opportunities.

    Outputs

    Grounded definition of a business-managed application

    Goals and objectives of your business-managed applications

    Business value opportunity with business-managed applications

    2 Design Your Framework & Governance

    The Purpose

    Develop your application management framework.

    Tailor your application delivery and ownership structure to fit business-managed applications.

    Discuss the value of an applications committee.

    Discuss technologies to enable business-managed applications.

    Key Benefits Achieved

    Fit-for-purpose and repeatable application management selection framework

    Enhanced application governance model

    Applications committee design that meets your organization’s needs

    Shortlist of solutions to enable business-managed applications

    Activities

    2.1 Develop your management framework.

    2.2 Tune your delivery and ownership accountabilities.

    2.3 Design your applications committee.

    2.4 Uncover your solution needs.

    Outputs

    Tailored application management selection framework

    Roles definitions of application owners and managers

    Applications committee design

    List of business-managed application solution features and services

    3 Build Your Roadmap

    The Purpose

    Build your roadmap to implement busines-managed applications and build the foundations of your optimized governance model.

    Key Benefits Achieved

    Implementation initiatives

    Adoption roadmap

    Activities

    3.1 Build your roadmap.

    Outputs

    Business-managed application adoption roadmap

     

    Define Your Cloud Vision

    • Buy Link or Shortcode: {j2store}448|cart{/j2store}
    • member rating overall impact: 9.5/10 Overall Impact
    • member rating average dollars saved: $182,333 Average $ Saved
    • member rating average days saved: 28 Average Days Saved
    • Parent Category Name: Cloud Strategy
    • Parent Category Link: /cloud-strategy

    The cloud permeates the enterprise technology discussion. It can be difficult to separate the hype from the value. Should everything go to the cloud, or is that sentiment stoked by vendors looking to boost their bottom lines? Not everything should go to the cloud, but coming up with a systematic way to determine what belongs where is increasingly difficult as offerings get more complex.

    Our Advice

    Critical Insight

    Don’t think about the cloud as an inevitable next step for all workloads. The cloud is merely another tool in the toolbox, ready to be used when appropriate and put away when it’s not needed. Cloud-first isn’t always the way to go.

    Impact and Result

    • Evaluate workloads’ suitability for the cloud using Info-Tech’s methodology to select the optimal migration (or non-migration) path based on the value of cloud characteristics.
    • Codify risks tied to workloads’ cloud suitability and plan mitigations.
    • Build a roadmap of initiatives for actions by workload and risk mitigation.
    • Define a cloud vision to share with stakeholders.

    Define Your Cloud Vision Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define Your Cloud Vision – A step-by-step guide to generating, validating, and formalizing your cloud vision.

    The cloud vision storyboard walks readers through the process of generating, validating and formalizing a cloud vision, providing a framework and tools to assess workloads for their cloud suitability and risk.

    • Define Your Cloud Vision – Phases 1-4

    2. Cloud Vision Executive Presentation – A document that captures the results of the exercises, articulating use cases for cloud/non-cloud, risks, challenges, and high-level initiative items.

    The executive summary captures the results of the vision exercise, including decision criteria for moving to the cloud, risks, roadblocks, and mitigations.

    • Cloud Vision Executive Presentation

    3. Cloud Vision Workbook – A tool that facilitates the assessment of workloads for appropriate service model, delivery model, support model, and risks and roadblocks.

    The cloud vision workbook comprises several assessments that will help you understand what service model, delivery model, support model, and risks and roadblocks you can expect to encounter at the workload level.

    • Cloud Vision Workbook
    [infographic]

    Workshop: Define Your Cloud Vision

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Understand the Cloud

    The Purpose

    Align organizational goals to cloud characteristics.

    Key Benefits Achieved

    An understanding of how the characteristics particular to cloud can support organizational goals.

    Activities

    1.1 Generate corporate goals and cloud drivers.

    1.2 Identify success indicators.

    1.3 Explore cloud characteristics.

    1.4 Explore cloud service and delivery models.

    1.5 Define cloud support models and strategy components.

    1.6 Create state summaries for the different service and delivery models.

    1.7 Select workloads for further analysis.

    Outputs

    Corporate cloud goals and drivers

    Success indicators

    Current state summaries

    List of workloads for further analysis

    2 Assess Workloads

    The Purpose

    Evaluate workloads for cloud value and action plan.

    Key Benefits Achieved

    Action plan for each workload.

    Activities

    2.1 Conduct workload assessment using the Cloud Strategy Workbook tool.

    2.2 Discuss assessments and make preliminary determinations about the workloads.

    Outputs

    Completed workload assessments

    Workload summary statements

    3 Identify and Mitigate Risks

    The Purpose

    Identify and plan to mitigate potential risks in the cloud project.

    Key Benefits Achieved

    A list of potential risks and plans to mitigate them.

    Activities

    3.1 Generate a list of risks and potential roadblocks associated with the cloud.

    3.2 Sort risks and roadblocks and define categories.

    3.3 Identify mitigations for each identified risk and roadblock

    3.4 Generate initiatives from the mitigations.

    Outputs

    List of risks and roadblocks, categorized

    List of mitigations

    List of initiatives

    4 Bridge the Gap and Create the Strategy

    The Purpose

    Clarify your vision of how the organization can best make use of cloud and build a project roadmap.

    Key Benefits Achieved

    A clear vision and a concrete action plan to move forward with the project.

    Activities

    4.1 Review and assign work items.

    4.2 Finalize the decision framework for each of the following areas: service model, delivery model, and support model.

    4.3 Create a cloud vision statement

    Outputs

    Cloud roadmap

    Finalized task list

    Formal cloud decision rubric

    Cloud vision statement

    5 Next Steps and Wrap-Up

    The Purpose

    Complete your cloud vision by building a compelling executive-facing presentation.

    Key Benefits Achieved

    Simple, straightforward communication of your cloud vision to key stakeholders.

    Activities

    5.1 Build the Cloud Vision Executive Presentation

    Outputs

    Completed cloud strategy executive presentation

    Completed Cloud Vision Workbook.

    Further reading

    Define Your Cloud Vision

    Define your cloud vision before it defines you

    Analyst perspective

    Use the cloud’s strengths. Mitigate its weaknesses.

    The cloud isn’t magic. It’s not necessarily cheaper, better, or even available for the thing you want it to do. It’s not mysterious or a cure-all, and it does take a bit of effort to systematize your approach and make consistent, defensible decisions about your cloud services. That’s where this blueprint comes in.

    Your cloud vision is the culmination of this effort all boiled down into a single statement: “This is how we want to use the cloud.” That simple statement should, of course, be representative of – and built from – a broader, contextual strategy discussion that answers the following questions: What should go to the cloud? What kind of cloud makes sense? Should the cloud deployment be public, private, or hybrid? What does a migration look like? What risks and roadblocks need to be considered when exploring your cloud migration options? What are the “day 2” activities that you will need to undertake after you’ve gotten the ball rolling?

    Taken as a whole, answering these questions is difficult task. But with the framework provided here, it’s as easy as – well, let’s just say it’s easier.

    Jeremy Roberts

    Research Director, Infrastructure and Operations

    Info-Tech Research Group

    Executive Summary

    Your Challenge

    • You are both extrinsically motivated to move to the cloud (e.g. by vendors) and intrinsically motivated by internal digital transformation initiatives.
    • You need to define the cloud’s true value proposition for your organization without assuming it is an outsourcing opportunity or will save you money.
    • Your industry, once cloud-averse, is now normalizing the use of cloud services, but you have not established a basic cloud vision from which to develop a strategy at a later point.

    Common Obstacles

    • Organizations jump to the cloud before defining their cloud vision and without any clear plan for realizing the cloud’s benefits.
    • Many organizations have a foot in the cloud already, but these decisions have been made in an ad hoc rather than systematic fashion.
    • You lack a consistent framework to assess your workloads’ suitability for the cloud.

    Info-Tech's Approach

    • Evaluate workloads’ suitability for the cloud using Info-Tech’s methodology to select the optimal migration (or non-migration) path based on the value of cloud characteristics.
    • Codify risks tied to workloads’ cloud suitability and plan mitigations.
    • Build a roadmap of initiatives for actions by workload and risk mitigation.
    • Define a cloud vision to share with stakeholders.

    Info-Tech Insight: 1) Base migration decisions on cloud characteristics. If your justification for the migration is simply getting your workload out of the data center, think again. 2) Address the risks up front in your migration plan. 3) The cloud changes roles and calls for different skill sets, but Ops is here to stay.

    Your challenge

    This research is designed to help organizations who need to:

    • Identify workloads that are good candidates for the cloud.
    • Develop a consistent, cost-effective approach to cloud services.
    • Outline and mitigate risks.
    • Define your organization’s cloud archetype.
    • Map initiatives on a roadmap.
    • Communicate your cloud vision to stakeholders so they can understand the reasons behind a cloud decision and differentiate between different cloud service and deployment models.
    • Understand the risks, roadblocks, and limitations of the cloud.

    “We’re moving from a world where companies like Oracle and Microsoft and HP and Dell were all critically important to a world where Microsoft is still important, but Amazon is now really important, and Google also matters. The technology has changed, but most of the major vendors they’re betting their business on have also changed. And that’s super hard for people..” –David Chappell, Author and Speaker

    Common obstacles

    These barriers make this challenge difficult to address for many organizations:

    • Organizations jump to the cloud before defining their cloud vision and without any clear plan for realizing the cloud’s benefits.
    • Many organizations already have a foot in the cloud, but the choice to explore these solutions was made in an ad hoc rather than systematic fashion. The cloud just sort of happened.
    • The lack of a consistent assessment framework means that some workloads that probably belong in the cloud are kept on premises or with hosted services providers – and vice versa.
    • Securing cloud expertise is remarkably difficult – especially in a labor market roiled by the global pandemic and the increasing importance of cloud services.

    Standard cloud challenges

    30% of all cloud spend is self-reported as waste. Many workloads that end up in the cloud don’t belong there. Many workloads that do belong in the cloud aren’t properly migrated. (Flexera, 2021)

    44% of respondents report themselves as under-skilled in the cloud management space. (Pluralsight, 2021)

    Info-Tech’s approach

    Goals and drivers

    • Service model
      • What type of cloud makes the most sense for workload archetypes? When does it make sense to pick SaaS over IaaS, for example?
    • Delivery model
      • Will services be delivered over the public cloud, a private cloud, or a hybrid cloud? What challenges accompany this decision?
    • Migration Path
      • What does the migration path look like? What does the transition to the cloud look like, and how much effort will be required? Amazon’s 6Rs framework captures migration options: rehosting, repurchasing, replatforming, and refactoring, along with retaining and retiring. Each workload should be assessed for its suitability for one or more of these paths.
    • Support model
      • How will services be provided? Will staff be trained, new staff hired, a service provider retained for ongoing operations, or will a consultant with cloud expertise be brought on board for a defined period? The appropriate support model is highly dependent on goals along with expected outcomes for different workloads.

    Highlight risks and roadblocks

    Formalize cloud vision

    Document your cloud strategy

    The Info-Tech difference:

    1. Determine the hypothesized value of cloud for your organization.
    2. Evaluate workloads with 6Rs framework.
    3. Identify and mitigate risks.
    4. Identify cloud archetype.
    5. Plot initiatives on a roadmap.
    6. Write action plan statement and goal statement.

    What is the cloud, how is it deployed, and how is service provided?

    Cloud Characteristics

    1. On-demand self-service: the ability to access reosurces instantly without vendor interaction
    2. Broad network access: all services delivered over the network
    3. Resource pooling: multi-tenant environment (shared)
    4. Rapid elasticity: the ability to expand and retract capabilities as needed
    5. Measured service: transparent metering

    Service Model:

    1. Software-as-a-Service: all but the most minor configuration is done by the vendor
    2. Platform-as-a-Service: customer builds the application using tools provided by the provider
    3. Infrastructure-as-a-Service: the customer manages OS, storage, and the application

    Delivery Model

    1. Public cloud: accessible to anyone over the internet; multi-tenant environment
    2. Private cloud: provisioned for a single organization with multiple units
    3. Hybrid cloud: two or more connected clouds; data is portage across them
    4. Community cloud: provisioned for a specific group of organizations

    (National Institute of Standards and Technology)

    A workload-first approach will allow you to take full advantage of the cloud’s strengths

    • Under all but the most exceptional circumstances, good cloud strategies will incorporate different service models. Very few organizations are “IaaS shops” or “SaaS shops,” even if they lean heavily in one direction.
    • These different service models (including non-cloud options like colocation and on-premises infrastructure) each have different strengths. Part of your cloud strategy should involve determining which of the services makes the most sense for you.
    • Own the cloud by understanding which cloud (or non-cloud!) offering makes the most sense for you given your unique context.

    Migration paths

    In a 2016 blog post, Amazon introduced a framework for understanding cloud migration strategies. The framework presented here is slightly modified – including a “relocate” component rather than a “retire” component – but otherwise hews close to the standard.

    These migration paths reflect organizational capabilities and desired outcomes in terms of service models – cloud or otherwise. Retention means keeping the workload where it is, in a datacenter or a colocation service, or relocating to a colocation or hosted software environment. These represent the “non-cloud” migration paths.

    In the graphic on the right, the paths within the red box lead to the cloud. Rehosting means lifting and shifting to an infrastructure environment. Migrating a virtual machine from your VMware environment on premises to Azure Virtual machines is a quick way to realize some benefits from the cloud. Migrating from SQL Server on premises to a cloud-based SQL solution looks a bit more like changing platforms (replatforming). It involves basic infrastructure modification without a substantial architectural component.

    Refactoring is the most expensive of the options and involves engaging the software development lifecycle to build a custom solution, fundamentally rewriting the solution to be cloud native and take advantage of cloud-native architectures. This can result in a PaaS or an IaaS solution.

    Finally, repurchasing means simply going to market and procuring a new solution. This may involve migrating data, but it does not require the migration of components.

    Migration Paths

    Retain (Revisit)

    • Keep the application in its current form, at least for now. This doesn’t preclude revisiting it in the future.

    Relocate

    • Move the workload between datacenters or to a hosted software/colocation provider.

    Rehost

    • Move the application to the cloud (IaaS) and continue to run it in more or less the same form as it currently runs.

    Replatform

    • Move the application to the cloud and perform a few changes for cloud optimizations.

    Refactor

    • Rewrite the application, taking advantage of cloud-native architectures.

    Repurchase

    • Replace with an alternative, cloud-native application and migrate the data.

    Support model

    Support models by characteristic

    Duration of engagement Specialization Flexibility
    Internal IT Indefinite Varies based on nature of business Fixed, permanent staff
    Managed Service Provider Contractually defined General, some specialization Standard offering
    Consultant Project-based Specific, domain-based Entirely negotiable

    IT services, including cloud services, can be delivered and managed in multiple ways depending on the nature of the workload and the organization’s intended path forward. Three high-level options are presented here and may be more or less valuable based on the duration of the expected engagement with the service (temporary or permanent), the skills specialization required, and the flexibility necessary to complete the job.

    By way of example, a highly technical, short-term project with significant flexibility requirements might be a good fit for an expensive consultant, whereas post-implementation maintenance of a cloud email system requires relatively little specialization and flexibility and would therefore be a better fit for internal management.

    There is no universally applicable rule here, but there are some workloads that are generally a good fit for the cloud and others that are not as effective, with that fit being conditional on the appropriate support model being employed.

    Risks, roadblocks, and strategy components

    No two cloud strategies are exactly alike, but all should address 14 key areas. A key step in defining your cloud vision is an assessment of these strategy components. Lower maturity does not preclude an aggressive cloud strategy, but it does indicate that higher effort will be required to make the transition.

    Component Description Component Description
    Monitoring What will system owners/administrators need visibility into? How will they achieve this? Vendor Management What practices must change to ensure effective management of cloud vendors?
    Provisioning Who will be responsible for deploying cloud workloads? What governance will this process be subject to? Finance Management How will costs be managed with the transition away from capital expenditure?
    Migration How will cloud migrations be conducted? What best practices/standards must be employed? Security What steps must be taken to ensure that cloud services meet security requirements?
    Operations management What is the process for managing operations as they change in the cloud? Data Controls How will data residency, compliance, and protection requirements be met in the cloud?
    Architecture What general principles must apply in the cloud environment? Skills and roles What skills become necessary in the cloud? What steps must be taken to acquire those skills?
    Integration and interoperability How will services be integrated? What standards must apply? Culture and adoption Is there a cultural aversion to the cloud? What steps must be taken to ensure broad cloud acceptance?
    Portfolio Management Who will be responsible for managing the growth of the cloud portfolio? Governing bodies What formal governance must be put in place? Who will be responsible for setting standards?

    Cloud archetypes – a cloud vision component

    Once you understand the value of the cloud, your workloads’ general suitability for cloud, and your proposed risks and mitigations, the next step is to define your cloud archetype.

    Your organization’s cloud archetype is the strategic posture that IT adopts to best support the organization’s goals. Info-Tech’s model recognizes seven archetypes, divided into three high-level archetypes.

    After consultation with your stakeholders, and based on the results of the suitability and risk assessment activities, define your archetype. The archetype feeds into the overall cloud vision and provides simple insight into the cloud future state for all stakeholders.

    The cloud vision itself is captured in a “vision statement,” a short summary of the overall approach that includes the overall cloud archetype.

    We can best support the organization's goals by:

    More Cloud

    Less Cloud

    Cloud Focused Cloud-Centric Providing all workloads through cloud delivery.
    Cloud-First Using the cloud as our default deployment model. For each workload, we should ask “why NOT cloud?”
    Cloud Opportunistic Hybrid Enabling the ability to transition seamlessly between on-premises and cloud resources for many workloads.
    Integrated Combining cloud and traditional infrastructure resources, integrating data and applications through APIs or middleware.
    Split Using the cloud for some workloads and traditional infrastructure resources for others.
    Cloud Averse Cloud-Light Using traditional infrastructure resources and limiting our use of the cloud to when it is absolutely necessary.
    Anti-Cloud Using traditional infrastructure resources and avoiding use of the cloud wherever possible.

    Info-Tech’s methodology for defining your cloud vision

    1. Understand the Cloud 2. Assess Workloads 3. Identify and Mitigate Risks 4. Bridge the Gap and Create the Vision
    Phase Steps
    1. Generate goals and drivers
    2. Explore cloud characteristics
    3. Create a current state summary
    4. Select workloads for analysis
    1. Conduct workload assessments
    2. Determine workload future state
    1. Generate risks and roadblocks
    2. Mitigate risks and roadblocks
    3. Define roadmap initiatives
    1. Review and assign work items
    2. Finalize cloud decision framework
    3. Create cloud vision
    Phase Outcomes
    1. List of goals and drivers
    2. Shared understanding of cloud terms
    3. Current state of cloud in the organization
    4. List of workloads to be assessed
    1. Completed workload assessments
    2. Defined workload future state
    1. List of risks and roadblocks
    2. List of mitigations
    3. Defined roadmap initiatives
    1. Cloud roadmap
    2. Cloud decision framework
    3. Completed Cloud Vision Executive Presentation

    Insight summary

    The cloud may not be right for you – and that’s okay!

    Don’t think about the cloud as an inevitable next step for all workloads. The cloud is merely another tool in the toolbox, ready to be used when appropriate and put away when it’s not needed. Cloud first isn’t always the way to go.

    Not all clouds are equal

    It’s not “should I go to the cloud?” but “what service and delivery models make sense based on my needs and risk tolerance?” Thinking about the cloud as a binary can force workloads into the cloud that don’t belong (and vice versa).

    Bottom-up is best

    A workload assessment is the only way to truly understand the cloud’s value. Work from the bottom up, not the top down, understand what characteristics make a workload cloud suitable, and strategize on that basis.

    Your accountability doesn’t change

    You are still accountable for maintaining available, secure, functional applications and services. Cloud providers share some responsibility, but the buck stops where it always has: with you.

    Don’t customize for the sake of customization

    SaaS providers make money selling the same thing to everyone. When migrating a workload to SaaS, work with stakeholders to pursue standardization around a selected platform and avoid customization where possible.

    Best of both worlds, worst of both worlds

    Hybrid clouds are in fashion, but true hybridity comes with additional cost, administration, and other constraints. A convoy moves at the speed of its slowest member.

    The journey matters as much as the destination

    How you get there is as important as what “there” actually is. Any strategy that focuses solely on the destination misses out on a key part of the value conversation: the migration strategy.

    Blueprint benefits

    Cloud Vision Executive Presentation

    This presentation captures the results of the exercises and presents a complete vision to stakeholders including a desired target state, a rubric for decision making, the results of the workload assessments, and an overall risk profile.

    Cloud Vision Workbook

    This workbook includes the standard cloud workload assessment questionnaire along with the results of the assessment. It also includes the milestone timeline for the implementation of the cloud vision.

    Blueprint benefits

    IT Benefits

    • A consistent approach to the cloud takes the guesswork out of deployment decisions and makes it easier for IT to move on to the execution stage.
    • When properly incorporated, cloud services come with many benefits, including automation, elasticity, and alternative architectures (micro-services, containers). The cloud vision project will help IT readers articulate expected benefits and work towards achieving them.
    • A clear framework for incorporating organizational goals into cloud plans.

    Business benefits

    • Simple, well-governed access to high-quality IT resources.
    • Access to the latest and greatest in technology to facilitate remote work.
    • Framework for cost management in the cloud that incorporates OpEx and chargebacks/showbacks. A clear understanding of expected changes to cost modeling is also a benefit of a cloud vision.
    • Clarity for stakeholders about IT’s response (and contribution to) IT strategic initiatives.

    Measure the value of this blueprint

    Don’t take our word for it:

    • The cloud vision material in various forms has been offered for several years, and members have generally benefited substantially, both from cloud vision workshops and from guided implementations led by analysts.
    • After each engagement, we send a survey that asks members how they benefited from the experience. Of 30 responses, the cloud vision research has received an average score of 9.8/10. Real members have found significant value in the process.
    • Additionally, members reported saving between 2 and 120 days (for an average of 17), and financial savings ranged from $1,920 all the way up to $1.27 million, for an average of $170,577.90! If we drop outliers on both ends, the average reported value of a cloud vision engagement is $37, 613.
    • Measure the value by calculating the time saved from using Info-Tech’s framework vs. a home-brewed cloud strategy alternative and by comparing the overall cost of a guided implementation or workshop with the equivalent offering from another firm. We’re confident you’ll come out ahead.

    9.8/10 Average reported satisfaction

    17 Days Average reported time savings

    $37, 613 Average cost savings (adj.)

    Executive Brief Case Study

    Industry: Financial

    Source: Info-Tech workshop

    Anonymous financial institution

    A small East Coast financial institution was required to develop a cloud strategy. This strategy had to meet several important requirements, including alignment with strategic priorities and best practices, along with regulatory compliance, including with the Office of the Comptroller of the Currency.

    The bank already had a significant cloud footprint and was looking to organize and formalize the strategy going forward.

    Leadership needed a comprehensive strategy that touched on key areas including the delivery model, service models, individual workload assessments, cost management, risk management and governance. The output had to be consumable by a variety of audiences with varying levels of technical expertise and had to speak to IT’s role in the broader strategic goals articulated earlier in the year.

    Results

    The bank engaged Info-Tech for a cloud vision workshop and worked through four days of exercises with various IT team members. The bank ultimately decided on a multi-cloud strategy that prioritized SaaS while also allowing for PaaS and IaaS solutions, along with some non-cloud hosted solutions, based on organizational circumstances.

    Bank cloud vision

    [Bank] will provide innovative financial and related services by taking advantage of the multiplicity of best-of-breed solutions available in the cloud. These solutions make it possible to benefit from industry-level innovations, while ensuring efficiency, redundancy, and enhanced security.

    Bank cloud decision workflow

    • SaaS
      • Platform?
        • Yes
          • PaaS
        • No
          • Hosted
        • IaaS
          • Other

    Non-cloud

    Cloud

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this crticial project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off imediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge the take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

    Phase 1

    • Call #1: Discuss current state, challenges, etc.
    • Call #2: Goals, drivers, and current state.

    Phase 2

    • Call #3: Conduct cloud suitability assessment for selected workloads.

    Phase 3

    • Call #4: Generate and categorize risks.
    • Call #5: Begin the risk mitigation conversation.

    Phase 4

    • Call #6: Complete the risk mitigation process
    • Call #7: Finalize vision statement and cloud decision framework.

    Workshop Overview

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Offsite day
    Understand the cloud Assess workloads Identify and mitigate risks Bridge the gap and create the strategy Next steps and wrap-up (offsite)
    Activities

    1.1 Introduction

    1.2 Generate corporate goals and cloud drivers

    1.3 Identify success indicators

    1.4 Explore cloud characteristics

    1.5 Explore cloud service and delivery models

    1.6 Define cloud support models and strategy components

    1.7 Create current state summaries for the different service and delivery models

    1.8 Select workloads for further analysis

    2.1 Conduct workload assessments using the cloud strategy workbook tool

    2.2 Discuss assessments and make preliminary determinations about workloads

    3.1 Generate a list of risks and potential roadblocks associated with the cloud

    3.2 Sort risks and roadblocks and define categories

    3.3 Identify mitigations for each identified risk and roadblock

    3.4 Generate initiatives from the mitigations

    4.1 Review and assign work items

    4.2 Finalize the decision framework for each of the following areas:

    • Service model
    • Delivery model
    • Support model

    4.3 Create a cloud vision statement

    5.1 Build the Cloud Vision Executive Presentation
    Deliverables
    1. Corporate goals and cloud drivers
    2. Success indicators
    3. Current state summaries
    4. List of workloads for further analysis
    1. Completed workload assessments
    2. Workload summary statements
    1. List of risks and roadblocks, categorized
    2. List of mitigations
    3. List of initiatives
    1. Finalized task list
    2. Formal cloud decision rubric
    3. Cloud vision statement
    1. Completed cloud strategy executive presentation
    2. Completed cloud vision workbook

    Understand the cloud

    Build the foundations of your cloud vision

    Phase 1

    Phase 1

    Understand the Cloud

    Phase 1

    1.1 Generate goals and drivers

    1.2 Explore cloud characteristics

    1.3 Create a current state summary

    1.4 Select workloads for analysis

    Phase 2

    2.1 Conduct workload assessments

    2.2 Determine workload future states

    Phase 3

    3.1 Generate risks and roadblocks

    3.2 Mitigate risks and roadblocks

    3.3 Define roadmap initiatives

    Phase 4

    4.1 Review and assign work items

    4.2 Finalize cloud decision framework

    4.3 Create cloud vision

    This phase will walk you through the following activities:

    1.1.1 Generate organizational goals

    1.1.2 Define cloud drivers

    1.1.3 Define success indicators

    1.3.1 Record your current state

    1.4.1 Select workloads for further assessment

    This phase involves the following participants:

    IT management, the core working group, security, infrastructure, operations, architecture, engineering, applications, non-IT stakeholders.

    It starts with shared understanding

    Stakeholders must agree on overall goals and what “cloud” means

    The cloud is a nebulous term that can reasonably describe services ranging from infrastructure as a service as delivered by providers like Amazon Web Services and Microsoft through its Azure platform, right up to software as a service solutions like Jira or Salesforce. These solutions solve different problems – just because your CRM would be a good fit for a migration to Salesforce doesn’t mean the same system would make sense in Azure or AWS.

    This is important because the language we use to talk about the cloud can color our approach to cloud services. A “cloud-first” strategy will mean something different to a CEO with a concept of the cloud rooted in Salesforce than it will to a system administrator who interprets it to mean a transition to cloud-hosted virtual machines.

    Add to this the fact that not all cloud services are hosted externally by providers (public clouds) and the fact that multiple delivery models can be engaged at once through hybrid or multi-cloud approaches, and it’s apparent that a shared understanding of the cloud is necessary for a coherent strategy to take form.

    This phase proceeds in four steps, each governed by the principle of shared understanding. The first requires a shared understanding of corporate goals and drivers. Step 2 involves coming to a shared understanding of the cloud’s unique characteristics. Step 3 requires a review of the current state. Finally, in Step 4, participants will identify workloads that are suitable for analysis as candidates for the cloud.

    Step 1.1

    Generate goals and drivers

    Activities

    1.1.1 Define organizational goals

    1.1.2 Define cloud drivers

    1.1.3 Define success indicators

    Generate goals and drivers

    Explore cloud characteristics

    Create a current state summary

    Select workloads for analysis

    This step involves the following participants:

    • IT management
    • Core working group
    • Security
    • Applications
    • Infrastructure
    • Service management
    • Leadership

    Outcomes of this step

    • List of organizational goals
    • List of cloud drivers
    • Defined success indicators

    What can the cloud do for you?

    The cloud is not valuable for its own sake, and not all users derive the same value

    • The cloud is characterized by on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. Any or all of those characteristics might be enough to make the cloud appealing, but in most cases, there is an overriding driver.
    • Multiple paths may lead to the cloud. Consider an organization with a need to control costs by showing back to business units, or perhaps by reducing capital expenditure – the cloud may be the most appropriate way to effect these changes. Conversely, an organization expanding rapidly and with a need to access the latest and greatest technology might benefit from the elasticity and pooled resources that major cloud providers can offer.
    • In these cases, the destination might be the same (a cloud solution) but the delivery model – public, private, or hybrid – and the decisions made around the key strategy components, including architecture, provisioning, and cost management, will almost certainly be different.
    • Defining goals, understanding cloud drivers, and – crucially – understanding what success means, are all therefore essential elements of the cloud vision process.

    1.1.1 Generate organizational goals

    1-3 hours

    Input

    • Strategy documentation

    Output

    • Organizational goals

    Materials

    • Whiteboard (digital/physical)

    Participants

    • IT leadership
    • Infrastructure
    • Applications
    • Security
    1. As a group, brainstorm organizational goals, ideally based on existing documentation
      • Review relevant corporate and IT strategies.
      • If you do not have access to internal documentation, review the standard goals on the next slide and select those that are most relevant for you.
    2. Record the most important business goals in the Cloud Vision Executive Presentation. Include descriptions where possible to ensure wide readability.
    3. Make note of these goals. They should inform the answers to prompts offered in the Cloud Vision Workbook and should be a consistent presence in the remainder of the visioning exercise. If you’re conducting the session in person, leave the goals up on a whiteboard and make reference to them throughout the workshop.

    Cloud Vision Executive Presentation

    Standard COBIT 19 enterprise goals

    1. Portfolio of competitive products and services
    2. Managed business risk
    3. Compliance with external laws and regulations
    4. Quality of financial information
    5. Customer-oriented service culture
    6. Business service continuity and availability
    7. Quality of management information
    8. Optimization of internal business process functionality
    9. Optimization of business process costs
    10. Staff skills, motivation, and productivity
    11. Compliance with internal policies
    12. Managed digital transformation programs
    13. Product and business innovation

    1.1.2 Define cloud drivers

    30-60 minutes

    Input

    • Organizational goals
    • Strategy documentation
    • Management/staff perspective

    Output

    • List of cloud drivers

    Materials

    • Sticky notes
    • Whiteboard
    • Markers

    Participants

    • IT leadership
    • Infrastructure
    • Applications
    • Security
    1. Cloud drivers sit at a level of abstraction below organizational goals. Keeping your organizational goals in mind, have each participant in the session write down how they expect to benefit from the cloud on a sticky note.
    2. Solicit input one at a time and group similar responses. Encourage participants to bring forward their cloud goals even if similar goals have been mentioned previously. The number of mentions is a useful way to gauge the relative weight of the drivers.
    3. Once this is done, you should have a few groups of similar drivers. Work with the group to name each category. This name will be the driver reported in the documentation.
    4. Input the results of the exercise into the Cloud Vision Executive Presentation, and include descriptions based on the constituent drivers. For example, if a driver is titled “do more valuable work,” the constituent drivers might be “build cloud skills,” “focus on core products,” and “avoid administration work where possible.” The description would be based on these components.

    Cloud Vision Executive Presentation

    1.1.3 Define success indicators

    1 hour

    Input

    • Cloud drivers
    • Organizational goals

    Output

    • List of cloud driver success indicators

    Materials

    • Whiteboard
    • Markers

    Participants

    • IT leadership
    • Infrastructure
    • Applications
    • Security
    1. On a whiteboard, draw a table with each of the cloud drivers (identified in 1.1.2) across the top.
    2. Work collectively to generate success indicators for each cloud driver. In this case, a success indicator is some way you can report your progress with the stated driver. It is a real-world proxy for the sometimes abstract phenomena that make up your drivers. Think about what would be true if your driver was realized.
      1. For example, if your driver is “faster access to resources,” you might consider indicators like developer satisfaction, project completion time, average time to provision, etc.
    3. Once you are satisfied with your list of indicators, populate the slide in the Cloud Vision Executive Presentation for validation from stakeholders.

    Cloud Vision Executive Presentation

    Step 1.2

    Explore cloud characteristics

    Activities

    Understand the value of the cloud:

    • Review delivery models
    • Review support models
    • Review service models
    • Review migration paths

    Understand the Cloud

    Generate goals and drivers

    Explore cloud characteristics

    Create a current state summary

    Select workloads for analysis

    This step involves the following participants:

    • Core working group
    • Architecture
    • Engineering
    • Security

    Outcomes of this step

    • Understanding of cloud service models and value

    Defining the cloud

    Per NIST, the cloud has five fundamental characteristics. All clouds have these characteristics, even if they are executed in somewhat different ways between delivery models, service models, and even individual providers.

    Cloud characteristics

    On-demand self-service

    Cloud customers are capable of provisioning cloud resources without human interaction (e.g. contacting sales), generally through a web console.

    Broad network access

    Capabilities are designed to be delivered over a network and are generally intended for access by a wide variety of platform types (cloud services are generally device-agnostic).

    Resource pooling

    Multiple customers (internal, in the case of private clouds) make use of a highly abstracted shared infrastructure managed by the cloud provider.

    Rapid elasticity

    Customers are capable of provisioning additional resources as required, pulling from a functionally infinite pool of capacity. Cloud resources can be spun-down when no longer needed.

    Measured service

    Consumption is metered based on an appropriate unit of analysis (number of licenses, storage used, compute cycles, etc.) and billing is transparent and granular.

    Cloud delivery models

    The NIST definition of cloud computing outlines four cloud delivery models: public, private, hybrid, and community clouds. A community cloud is like a private cloud, but it is provisioned for the exclusive use of a like-minded group of organizations, usually in a mutually beneficial, non-competitive arrangement. Universities and hospitals are examples of organizations that can pool their resources in this way without impacting competitiveness. The Info-Tech model covers three key delivery models – public, private, and hybrid, and an overarching model (multi-cloud) that can comprise more than one of the other models – public + public, public + hybrid, etc.

    Public

    The cloud service is provisioned for access by the general public (customers).

    Private

    A private cloud has the five key characteristics, but is provisioned for use by a single entity, like a company or organization.

    Hybrid

    Hybridity essentially refers to interoperability between multiple cloud delivery models (public +private).

    Multi

    A multi-cloud deployment requires only that multiple clouds are used without any necessary interoperability (Nutanix, 2019).

    Public cloud

    This is what people generally think about when they talk about cloud

    • The public cloud is, well, public! Anyone can make use of its resources, and in the case of the major providers, capacity is functionally unlimited. Need to store exabytes of data in the cloud? No problem! Amazon will drive a modified shipping container to your datacenter, load it up, and “migrate” it to a datacenter.
    • Public clouds offer significant variety on the infrastructure side. Major IaaS providers, like Microsoft and Amazon, offer dozens of services across many different categories including compute, networking, and storage, but also identity, containers, machine learning, virtual desktops, and much, much more. (See a list from Microsoft here, and Amazon here)
    • There are undoubtedly strengths to the public cloud model. Providers offer the “latest and greatest” and customers need not worry about the details, including managing infrastructure and physical locations. Providers offer built-in redundancy, multi-regional deployments, automation tools, management and governance solutions, and a variety of leading-edge technologies that would not be feasible for organizations to run in-house, like high performance compute, blockchain, or quantum computing.
    • Of course, the public cloud is not all sunshine and rainbows – there are downsides as well. It can be expensive; it can introduce regulatory complications to have to trust another entity with your key information. Additionally, there can be performance hiccups, and with SaaS products, it can be difficult to monitor at the appropriate (per-transaction) level.

    Prominent examples include:

    AWS

    Microsoft

    Azure

    Salesforce.com

    Workday

    SAP

    Private cloud

    A lower-risk cloud for cloud-averse customers?

    • A cloud is a cloud, no matter how small. Some IT shops deploy private clouds that make use of the five key cloud characteristics but provisioned for the exclusive use of a single entity, like a corporation.
    • Private clouds have numerous benefits. Some potential cloud customers might be uncomfortable with the shared responsibility that is inherent in the public cloud. Private clouds allow customers to deliver flexible, measured services without having to surrender control, but they require significant overhead, capital expenditure, administrative effort, and technical expertise.
    • According to the 2021 State of the Cloud Report, private cloud use is common, and the most frequently cited toolset is VMware vSphere, followed by Azure Stack, OpenStack, and AWS Outposts. Private cloud deployments are more common in larger organizations, which makes sense given the overhead required to manage such an environment.

    Private cloud adoption

    The images shows a graph titled Private Cloud Adoption for Enterprises. It is a horizontal bar graph, with three segments in each bar: dark blue marking currently use; mid blue marking experimenting; and light blue marking plan to use.

    VMware and Microsoft lead the pack among private cloud customers, with Amazon and Red Hat also substantially present across private cloud environments.

    Hybrid cloud

    The best of both worlds?

    Hybrid cloud architectures combine multiple cloud delivery models and facilitate some level of interoperability. NIST suggests bursting and load balancing as examples of hybrid cloud use cases. Note: it is not sufficient to simply have multiple clouds running in parallel – there must be a toolset that allows for an element of cross-cloud functionality.

    This delivery model is attractive because it allows users to take advantage of the strengths of multiple service models using a single management pane. Bursting across clouds to take advantage of additional capacity or disaster recovery capabilities are two obvious use cases that appeal to hybrid cloud users.

    But while hybridity is all the rage (especially given the impact Covid-19 has had on the workplace), the reality is that any hybrid cloud user must take the good with the bad. Multiple clouds and a management layer can be technically complex, expensive, and require maintaining a physical infrastructure that is not especially valuable (“I thought we were moving to the cloud to get out of the datacenter!”).

    Before selecting a hybrid approach through services like VMware Cloud on AWS or Microsoft’s Azure Stack, consider the cost, complexity, and actual expected benefit.

    Amazon, Microsoft, and Google dominate public cloud IaaS, but IBM is betting big on hybrid cloud:

    The image is a screencap of a tweet from IBM News. The tweet reads: IBM CEO Ginni Rometty: Hybrid cloud is a trillion dollar market and we'll be number one #Think2019.

    With its acquisition of Red Hat in 2019 for $34 billion, Big Blue put its money where its mouth is and acquired a substantial hybrid cloud business. At the time of the acquisition, Red Hat’s CEO, Jim Whitehurst, spoke about the benefit IBM expected to receive:

    “Joining forces with IBM gives Red Hat the opportunity to bring more open source innovation to an even broader range of organizations and will enable us to scale to meet the need for hybrid cloud solutions that deliver true choice and agility” (Red Hat, 2019).

    Multi-cloud

    For most organizations, the multi-cloud is the most realistic option.

    Multi-cloud is popular!

    The image shows a graph titled Multi-Cloud Architectures Used, % of all Respondents. The largest percentage is Apps siloed on different clouds, followed by DAta integration between clouds.

    Multi-cloud solutions exist at a different layer of abstraction from public, private, and even hybrid cloud delivery models. A multi-cloud architecture, as the name suggests, requires the user to be a customer of more than one cloud provider, and it can certainly include a hybrid cloud deployment, but it is not bound by the same rules of interoperability.

    Many organizations – especially those with fewer resources or a lack of a use case for a private cloud – rely on a multi-cloud architecture to build applications where they belong, and they manage each environment separately (or occasionally with the help of cloud management platforms).

    If your data team wants to work in AWS and your enterprise services run on basic virtual machines in Azure, that might be the most effective architecture. As the Flexera 2021 State of the Cloud Report suggests, this architecture is far more common than the more complicated bursting or brokering architectures characteristic of hybrid clouds.

    NIST cloud service models

    Software as a service

    SaaS has exploded in popularity with consumers who wish to avail themselves of the cloud’s benefits without having to manage underlying infrastructure components. SaaS is simple, generally billed per-user per-month, and is almost entirely provider-managed.

    Platform as a service

    PaaS providers offer a toolset for their customers to run custom applications and services without the requirement to manage underlying infrastructure components. This service model is ideal for custom applications/services that don’t benefit from highly granular infrastructure control.

    Infrastructure as a service

    IaaS represents the sale of components. Instead of a service, IaaS providers sell access to components, like compute, storage, and networking, allowing for customers to build anything they want on top of the providers’ infrastructure.

    Cloud service models

    • This research focuses on five key service models, each of which has its own strengths and weaknesses. Moving right from “on-prem,” customers gradually give up more control over their environments to cloud service providers.
    • An entirely premises-based environment means that the customer is responsible for everything ranging from the dirt under the datacenter to application-level configurations. Conversely, in a SaaS environment, the provider is responsible for everything but those top-level application configurations.
    • A managed service provider or other third party can manage any or of the components of the infrastructure stack. A service provider may, for example, build a SaaS solution on top of another provider’s IaaS, or might offer configuration assistance with a commercially available SaaS.

    Info-Tech Insight

    Not all workloads fit well in the cloud. Many environments will mix service models (e.g. SaaS for some workloads, some in IaaS, some on-premises), and this can be perfectly effective. It must be consistent and intentional, however.

    On-prem Co-Lo IaaS PaaS SaaS
    Application Application Application Application Application
    Database Database Database Database Database
    Runtime/ Middleware Runtime/ Middleware Runtime/ Middleware Runtime/ Middleware Runtime/ Middleware
    OS OS OS OS OS
    Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor
    Server Network Storage Server Network Storage Server Network Storage Server Network Storage Server Network Storage
    Facilities Facilities Facilities Facilities Facilities

    Organization has control

    Organization or vendor may control

    Vendor has control

    Analytics folly

    SaaS is good, but it’s not a panacea

    Industry: Healthcare

    Source: Info-Tech workshop

    Situation

    A healthcare analytics provider had already moved a significant number of “non-core workloads” to the cloud, including email, HRIS, and related services.

    The company CEO was satisfied with the reduced effort required by IT to manage SaaS-based workloads and sought to extend the same benefits to the core analytics platform where there was an opportunity to reduce overhead.

    Complication

    Many components of the health analytics service were designed to run specifically in a datacenter and were not ready to be migrated to the cloud without significant effort/refactoring. SaaS was not an option because this was a core platform – a SaaS provider would have been the competition.

    That left IaaS, which was expensive and would not bring the expected benefits (reduced overhead).

    Results

    The organization determined that there were no short-term gains from migrating to the cloud. Due to the nature of the application (its extensive customization, the fact that it was a core product sold by the company) any steps to reduce operational overhead were not feasible.

    The CEO recognized that the analytics platform was not a good candidate for the cloud and what distinguished the analytics platform from more suitable workloads.

    Migration paths

    In a 2016 blog post, Amazon Web Services articulated a framework for cloud migration that incorporates elements of the journey as well as the destination. If workload owners do not choose to retain or retire their workloads, there are four alternatives. These alternatives all stack up differently along five key dimensions:

    1. Value: does the workload stand to benefit from unique cloud characteristics? To what degree?
    2. Effort: how much work would be required to make the transition?
    3. Cost: how much money is the migration expected to cost?
    4. Time: how long will the migration take?
    5. Skills: what skills must be brought to bear to complete the migration?

    Not all migration paths can lead to all destinations. Rehosting generally means IaaS, while repurchasing leads to SaaS. Refactoring and replatforming have some variety of outcomes, and it becomes possible to take advantage of new IaaS architectures or migrate workloads over fully to SaaS.

    As part of the workload assessment process, use the five dimensions (expanded upon on the next slide) to determine what migration path makes sense. Preferred migration paths form an important part of the overall cloud vision process.

    Retain (Revisit)

    • Keep the application in its current form, at least for now. This doesn’t preclude revisiting it in the future.

    Retire

    • Get rid of the application completely.

    Rehost

    • Move the application to the cloud (IaaS) and continue to run it in more or less the same form as it currently runs.

    Replatform

    • Move the application to the cloud and perform a few changes for cloud optimizations.

    Refactor

    • Rewrite the application, taking advantage of cloud native architectures.

    Repurchase

    • Replace with an alternative, cloud-native application and migrate the data.

    Migration paths – relative value

    Migration path Value Effort Cost Time Skills
    Retain No real change in the absolute value of the workload if it is retained. No effort beyond ongoing workload maintenance. No immediate hard dollar costs, but opportunity costs and technical debt abound. No time required! (At least not right away…) Retaining requires the same skills it has always required (which may be more difficult to acquire in the future).
    Rehire A retired workload can provide no value, but it is not a drain! Spinning a service down requires engaging that part of the lifecycle. N/A Retiring the service may be simple or complicated depending on its current role. N/A
    Rehost Some value comes with rehosting, but generally components stay the same (VM here vs. a VM there). Minimal effort required, especially with automated tools. The effort will depend on the environment being migrated. Relatively cheap compared to other options. Rehosting infrastructure is the simplest cloud migration path and is useful for anyone in a hurry. Rehosting is the simplest cloud migration path for most workloads, but it does require basic familiarity with cloud IaaS.

    Replatform

    Replatformed workloads can take advantage of cloud-native services (SQL vs. SQLaaS). Replatforming is more effortful than rehosting, but less effortful than refactoring. Moderate cost – does not require fundamental rearchitecture, just some tweaking. Relatively more complicated than a simple rehost, but less demanding than a refactor. Platform and workload expertise is required; more substantial than a simple rehost.
    Refactor A fully formed, customized cloud-based workload that can take advantage of cloud-native architectures is generally quite valuable. Significant effort required based on the requirement to engage the full SDLC. Significant cost required to engage SDLC and rebuild the application/service. The most complicated and time-consuming. The most complicated and time-consuming.
    Repurchase Repurchasing is the quickest way to achieve cloud-native value. There are compromises, however (high cost, vendor-lock-in). Repurchasing is the quickest way to achieve cloud-native value. There are compromises, however (high cost, vendor-lock-in). Repurchasing is the quickest way to achieve cloud-native value. There are compromises, however (high cost, vendor-lock-in). Configuration – especially for massive projects – can be time consuming, but in general repurchasing can be quite fast. Buying software does require knowledge of requirements and integrations, but is otherwise quite simple.

    Where should you get your cloud skills?

    Cloud skills are certainly top of mind right now. With the great upheaval in both work patterns and in the labor market more generally, expertise in cloud-related areas is simultaneously more valuable and more difficult to procure. According to Pluralsight’s 2021 “State of Upskilling” report, 44% of respondents report themselves under-skilled in the cloud management area, making cloud management the most significant skill gap reported on the survey.

    Everyone left the office. Work as we know it is fundamentally altered for a generation or more. Cloud services shot up in popularity by enabling the transition. And yet there is a gap – a prominent gap – in skilling up for this critically important future. What is the cloud manager to do?

    Per the framework presented here, that manager has three essential options. They may take somewhat different forms depending on specific requirements and the quirks of the local market, but the options are:

    1. Train or hire internal resources: This might be easier said than done, especially for more niche skills, but makes sense for workloads that are critical to operations for the long term.
    2. Engage a managed service provider: MSPs are often engaged to manage services where internal IT lacks bandwidth or expertise.
    3. Hire a consultant: Consultants are great for time-bound implementation projects where highly specific expertise is required, such as a migration or implementation project.

    Each model makes sense to some degree. When evaluating individual workloads for cloud suitability, it is critical to consider the support model – both immediate and long term. What makes sense from a value perspective?

    Cloud decisions – summary

    A key component of the Info-Tech cloud vision model is that it is multi-layered. Not every decision must be made at every level. At the workload level, it makes sense to select service models that make sense, but each workload does not need its own defined vision. Workload-level decisions should be guided by an overall strategy but applied tactically, based on individual workload characteristics and circumstances.

    Conversely, some decisions will inevitably be applied at the environment level. With some exceptions, it is unlikely that cloud customers will build an entire private/hybrid cloud environment around a single solution; instead, they will define a broader strategy and fit individual workloads into that strategy.

    Some considerations exist at both the workload and environment levels. Risks and roadblocks, as well as the preferred support model, are concerns that exist at both the environment level and at the workload level.

    The image is a Venn diagram, with the left side titled Workload level, and the right side titled Environment Level. In the left section are: service model and migration path. On the right section are: Overall vision and Delivery model. In the centre section are: support model and Risks and roadblocks.

    Step 1.3

    Create a current state summary

    Activities

    1.3.1 Record your current state

    Understand the Cloud

    Generate goals and drivers

    Explore cloud characteristics

    Create a current state summary

    Select workloads for analysis

    This step involves the following participants: Core working group

    Outcomes of this step

    • Current state summary of cloud solutions

    1.3.1 Record your current state

    30 minutes

    Input

    • Knowledge of existing cloud workloads

    Output

    • Current state cloud summary for service, delivery, and support models

    Materials

    • Whiteboard

    Participants

    • Core working group
    • Infrastructure team
    • Service owners
    1. On a whiteboard (real or virtual) draw a table with each of the cloud service models across the top. Leave a cell below each to list examples.
    2. Under each service model, record examples present in your environment. The purpose of the exercise is to illustrate the existence of cloud services in your environment or the lack thereof, so there is no need to be exhaustive. Complete this in turn for each service model until you are satisfied that you have created an effective picture of your current cloud SaaS state, IaaS state, etc.
    3. Input the results into their own slide titled “current state summary” in the Cloud Vision Executive Presentation.
    4. Repeat for the cloud delivery models and support models and include the results of those exercises as well.
    5. Create a short summary statement (“We are primarily a public cloud consumer with a large SaaS footprint and minimal presence in PaaS and IaaS. We retain an MSP to manage our hosted telephony solution; otherwise, everything is handled in house.”

    Cloud Vision Executive Presentation

    Step 1.4

    Select workloads for current analysis

    Activities

    1.4.1 Select workloads for assessment

    This step involves the following participants:

    • Core working group

    Outcomes of this step

    • List of workloads for assessment

    Understand the cloud

    Generate goals and drivers

    Explore cloud characteristics

    Create a current state summary

    Select workloads for analysis

    1.4.1 Select workloads for assessment

    30 minutes

    Input

    • Knowledge of existing cloud workloads

    Output

    • List of workloads to be assessed

    Materials

    • Whiteboard
    • Cloud Vision Workbook

    Participants

    • Core working group
    • IT management
    1. In many cases, the cloud project is inspired by a desire to move a particular workload or set of workloads. Solicit feedback from the core working group about what these workloads might be. Ask everyone in the meeting to suggest a workload and record each one on a sticky note or white board (virtual or physical).
    2. Discuss the results with the group and begin grouping similar workloads together. They will be subject to the assessments in the Cloud Vision Workbook, so try to avoid selecting too many workloads that will produce similar answers. It might not be obvious, but try to think about workloads that have similar usage patterns, risk levels, and performance requirements, and select a representative group.
    3. You should embrace counterintuition by selecting a workload that you think is unlikely to be a good fit for the cloud if you can and subjecting it to the assessment as well for validation purposes.
    4. When you have a list of 4-6 workloads, record them on tab 2 of the Cloud Vision Workbook.

    Cloud Vision Workbook

    Assess your cloud workloads

    Build the foundations of your cloud vision

    Phase 2

    Phase 2

    Evaluate Cloud Workloads

    Phase 1

    1.1 Generate goals and drivers

    1.2 Explore cloud characteristics

    1.3 Create a current state summary

    1.4 Select workloads for analysis

    Phase 2

    2.1 Conduct workload assessments

    2.2 Determine workload future states

    Phase 3

    3.1 Generate risks and roadblocks

    3.2 Mitigate risks and roadblocks

    3.3 Define roadmap initiatives

    Phase 4

    4.1 Review and assign work items

    4.2 Finalize cloud decision framework

    4.3 Create cloud vision

    This phase will walk you through the following activities:

    • Conduct workload assessments
    • Determine workload future state

    This phase involves the following participants:

    • Subject matter experts
    • Core working group
    • IT management

    Define Your Cloud Vision

    Work from the bottom up and assess your workloads

    A workload-first approach will help you create a realistic vision.

    The concept of a cloud vision should unquestionably be informed by the nature of the workloads that IT is expected to provide for the wider organization. The overall cloud vision is no greater than the sum of its parts. You cannot migrate to the cloud in the abstract. Workloads need to go – and not all workloads are equally suitable for the transition.

    It is therefore imperative to understand which workloads are a good fit for the cloud, which cloud service models make the most sense, how to execute the migration, what support should look like, and what risks and roadblocks you are likely to encounter as part of the process.

    That’s where the Cloud Vision Workbook comes into play. You can use this tool to assess as many workloads as you’d like – most people get the idea after about four – and by the end of the exercise, you should have a pretty good idea about where your workloads belong, and you’ll have a tool to assess any net new or previously unconsidered workloads.

    It’s not so much about the results of the assessment – though these are undeniably important – but about the learnings gleaned from the collaborative assessment exercise. While you can certainly fill out the assessment without any additional input, this exercise is most effective when completed as part of a group.

    Introducing the Cloud Vision Workbook

    • The Cloud Vision Workbook is an Excel tool that answers the age old question: “What should I do with my workloads?”
    • It is divided into eight tabs, each of which offers unique value. Start by reading the introduction and inputting your list of workloads. Work your way through tabs 3-6, completing the suitability, migration, management, and risk and roadblock assessments, and review the results on tab 7.
    • If you choose to go through the full battery of assessments for each workload, expect to answer and weight 111 unique questions across the four assessments. This is an intensive exercise, so carefully consider which assessments are valuable to you, and what workloads you have time to assess.
    • Tab 8 hosts the milestone timeline and captures the results of the phase 3 risk and mitigation exercise.

    Understand Cloud Vision Workbook outputs

    The image shows a graphic with several graphs and lists on it, with sections highlighted with notes. At the top, there's the title Database with the note Workload title (populated from tab 2). Below that, there is a graph with the note Relative suitability of the five service models. The Risks and roadblocks section includes the note: The strategy components – the risks and roadblocks – are captured relative to one another to highlight key focus areas. To the left of that, there is a Notes section with the note Notes populated based on post-assessment discussion. At the bottom, there is a section titled Where should skills be procured?, with the note The radar diagram captures the recommended support model relative to the others (MSP, consultant, internal IT). To the right of that, there is a section titled Migration path, with the note that Ordered list of migration paths. Note: a disconnect here with the suggested service model may indicate an unrealistic goal state.

    Step 2.1

    Conduct workload assessments

    Activities

    2.1.1 Conduct workload assessments

    2.1.2 Interpret your results

    Phase Title

    Conduct workload assessments

    Determine workload future state

    This step involves the following participants:

    • Core working group
    • Workload subject matter experts

    Outcomes of this step

    • Completed workload assessments

    2.1.1 Conduct workload assessments

    2 hours per workload

    Input

    • List of workloads to be assessed

    Output

    • Completed cloud vision assessments

    Materials

    • Cloud Vision Workbook

    Participants

    • Core working group
    • Service owners/workload SMEs
    1. The Cloud Vision Workbook is your one stop shop for all things workload assessment. Open the tool to tab 2 and review the workloads you identified at the end of phase 1. Ensure that these are correct. Once satisfied, project the tool (virtually, if necessary) so that all participants can see the assessment questions.
    2. Work through tabs 3-6, answering the questions and assigning a multiplier for each one. A higher multiplier increases the relative weight of the question, giving it a greater impact on the overall outcome.
    3. Do your best to induce participants to offer opinions. Consensus is not absolutely necessary, but it is a good goal. Ask your participants if they agree with initial responses and occasionally take the opposite position (“I’m surprised you said agree – I would have thought we didn’t care about CapEx vs. OpEx”). Stimulate discussion.
    4. Highlight any questions that you will need to return to or run by someone not present. Include a placeholder answer, as the tool requires all cells to be filled for computation.

    Cloud Vision Workbook

    2.1.2 Interpret your results

    10 minutes

    Input

    • Completed cloud vision assessments

    Output

    • Shared understanding of implications

    Materials

    • Cloud Vision Workbook

    Participants

    • Core working group
    • Service owners/workload SMEs
    1. Once you’ve completed all 111 questions for each workload, you can review your results on tab 7. On tab 7, you will see four populated graphics: cloud suitability, migration path, “where should skills be procured?”, and risks and roadblocks. These represent the components of the overall cloud vision that you will present to stakeholders.
    2. The “cloud suitability” chart captures the service model that the assessment judges to be most suitable for the workload. Ask those present if any are surprised by the output. If there is any disagreement, discuss the source of the surprise and what a more realistic outcome would be. Revisit the assessment if necessary.
    3. Conduct a similar exercise with each of the other outputs. Does it make sense to refactor the workload based on its cloud suitability? Does the fact that we scored so highly on the “consultant” support model indicate something about how we handle upskilling internally? Does the profile of risks and roadblocks identified here align with expectations? What should be ranked higher? What about lower?
    4. Once everyone is generally satisfied with the results, close the tool and take a break! You’ve earned it.

    Cloud Vision Workbook

    Understand the cloud strategy components

    Each cloud strategy will take a slightly different form, but all should contain echoes of each of these components. This process will help you define your vision and direction, but you will need to take steps to execute on that vision. The remainder of the cloud strategy, covered in the related blueprint Document Your Cloud Strategy comprises these fourteen topics divided across three categories: people, governance, and technology. The workload assessment covers these under risks and roadblocks and highlights areas that may require specific additional attention. When interpreting the results, think of these areas as comprising things that you will need to do to make your vision a reality.

    People

    • Skills and roles
    • Culture and adoption
    • Governing bodies

    Governance

    • Architecture
    • Integration and interoperability
    • Operations management
    • Cloud portfolio management
    • Cloud vendor management
    • Finance management
    • Security
    • Data controls

    Technology

    • Monitoring
    • Provisioning
    • Migration

    Strategy component: People

    People form the core of any good strategy. As part of your cloud vision, you will need to understand the implications a cloud transition will have on your staff and users, whether those users are internal or external.

    Component Description Challenges
    Skills and roles The move to the cloud will require staff to learn how to handle new technology and new operational processes. The cloud is a different way of procuring IT resources and may require the definition of new roles to handle things like cost management and provisioning. Staff may not have the necessary experience to migrate to a cloud environment or to effectively manage resources once the cloud transition is made. Cloud skills are difficult to hire for, and with the ever-changing nature of the platforms themselves, this shows no sign of abating. Redefining roles can also be politically challenging and should be done with due care and consideration.
    Culture and adoption If you build it, they will come…right? It is not always the case that a new service immediately attracts users. Ensuring that organizational culture aligns with the cloud vision is a critical success factor. Equally important is ensuring that cloud resources are used as intended. Those unfamiliar with cloud resources may be less willing to learn to use them. If alternatives exist (e.g. a legacy service that has not been shut down), or if those detractors are influential, this resistance may impede your cloud execution. Also, if the cloud transition involves significant effort or a fundamental rework (e.g. a DevOps transition) this role redefinition could cause some internal turmoil.
    Governing bodies A large-scale cloud deployment requires formal governance. Formal governance requires a governing body that is ultimately responsible for designing the said governance. This could take the form of a “center of excellence” or may rest with a single cloud architect in a smaller, less complicated environment. Governance is difficult. Defining responsibilities in a way that includes all relevant stakeholders without paralyzing the decision-making process is difficult. Implementing suggestions is a challenge. Navigating the changing nature of service provision (who can provision their own instances or assign licenses?) can be difficult as well. All these concerns must be addressed in a cloud strategy.

    Strategy component: Governance

    Without guardrails, the cloud deployment will grow organically. This has strengths (people tend to adopt solutions that they select and deploy themselves), but these are more than balanced out by the drawbacks that come with inconsistency, poor administration, duplication of services, suboptimal costing, and any number of other unique challenges. The solution is to develop and deploy governance. The following list captures some of the necessary governance-related components of a cloud strategy.

    Component Description Challenges
    Architecture Enterprise architecture is an important function in any environment with more than one interacting workload component (read: any environment). The cloud strategy should include an approach to defining and implementing a standard cloud architecture and should assign responsibility to an individual or group. Sometimes the cloud transition is inspired by the desire to rearchitect. The necessary skills and knowledge may not be readily available to design and transition to a microservices-based environment, for example, vs. a traditional monolithic application architecture. The appropriateness of a serverless environment may not be well understood, and it may be the case that architects are unfamiliar with cloud best practices and reference architectures.
    Integration and interoperability Many services are only highly functional when integrated with other services. What is a database without its front-end? What is an analytics platform without its data lake? For the cloud vision to be properly implemented, a strategy for handling integration and interoperability must be developed. It may be as simple as “all SaaS apps must be compatible with Okta” but it must be there. Migration to the cloud may require a fundamentally new approach to integration, moving away from a point-to-point integrations and towards an ESB or data lake. In many cases, this is easier said than done. Centralization of management may be appealing, but legacy applications – or those acquired informally in a one-off fashion – might not be so easy to integrate into a central management platform.
    Operations management Service management (ITIL processes) must be aligned with your overall cloud strategy. Migrating to the cloud (where applicable) will require refining these processes, including incident, problem, request, change, and configuration management, to make them more suitable for the cloud environment. Operations management doesn’t go away in the cloud, but it does change in line with the transition to shared responsibility. Responding to incidents may be more difficult on the cloud when troubleshooting is a vendor’s responsibility. Change management in a SaaS environment may be more receptive than staff are used to as cloud providers push changes out that cannot be rolled back.

    Strategy component: Governance (cont.)

    Component Description Challenges
    Cloud portfolio management This component refers to the act of managing the portfolio of cloud services that is available to IT and to business users. What requirements must a SaaS service meet to be onboarded into the environment? How do we account for exceptions to our IaaS policy? What about services that are only available from a certain provider? Rationalizing services offers administrative benefits, but may make some tasks more difficult for end users who have learned things a certain way or rely on niche toolsets. Managing access through a service catalog can also be challenging based on buy-in and ongoing administration. It is necessary to develop and implement policy.
    Cloud vendor management Who owns the vendor management function, and what do their duties entail? What contract language must be standard? What does due diligence look like? How should negotiations be conducted? What does a severing of the relationship look like? Cloud service models are generally different from traditional hosted software and even from each other (e.g. SaaS vs. PaaS). There is a bit of a learning curve when it comes to dealing with vendors. Also relevant: the skills that it takes to build and maintain a system are not necessarily the same as those required to coherently interact with a cloud vendor.
    Finance management Cloud services are, by definition, subject to a kind of granular, operational billing that many shops might not be used to. Someone will need to accurately project and allocate costs, while ensuring that services are monitored for cost abnormalities. Cloud cost challenges often relate to overall expense (“the cloud is more expensive than an alternative solution”), expense variability (“I don’t know what my budget needs to be this quarter”), and cost complexity (“I don’t understand what I’m paying for – what’s an Elastic Beanstalk?”).
    Security The cloud is not inherently more or less secure than a premises-based alternative, though the risk profile can be different. Applying appropriate security governance to ensure workloads are compliant with security requirements is an essential component of the strategy.

    Technical security architecture can be a challenge, as well as navigating the shared responsibility that comes with a cloud transition. There are also a plethora of cloud-specific security tools like cloud access security brokers (CASBs), cloud security posture management (CSPM) solutions, and even secure access services edge (SASE) technology.

    Data controls Data residency, classification, quality, and protection are important considerations for any cloud strategy. With cloud providers taking on outsized responsibility, understanding and governing data is essential. Cloud providers like to abstract away from the end user, and while some may be able to guarantee residency, others may not. Additionally, regulations may prevent some data from going to the cloud, and you may need to develop a new organizational backup strategy to account for the cloud.

    Strategy component: Technology

    Good technology will never replace good people and effective process, but it remains important in its own right. A migration that neglects the undeniable technical components of a solid cloud strategy is doomed to mediocrity at best and failure at worst. Understanding the technical implications of the cloud vision – particularly in terms of monitoring, provisioning, and migration – makes all the difference. You can interpret the results of the cloud workload assessments by reviewing the details presented here.

    Component Description Challenges
    Monitoring The cloud must be monitored in line with performance requirements. Staff must ensure that appropriate tools are in place to properly monitor cloud workloads and that they are capturing adequate and relevant data. Defining requirements for monitoring a potentially unfamiliar environment can be difficult, as can consolidating on a monitoring solution that both meets requirements and covers all relevant areas. There may be some upskilling and integration work required to ensure that monitoring works as required.
    Provisioning How will provisioning be done? Who will be responsible for ensuring the right people have access to the right resources? What tooling must be deployed to support provisioning goals? What technical steps must be taken to ensure that the provisioning is as seamless as possible? There is the inevitable challenge of assigning responsibility and accountability in a changing infrastructure and operations environment, especially if the changes are substantial (e.g. a fundamental operating model shift, reoriented around the cloud). Staff may also need to familiarize themselves with cloud-based provisioning tools like Ansible, Terraform, or even CloudFormation.
    Migration The act of migrating is important as well. In some cases, the migration is as simple as configuring the new environment and turning it up (e.g. with a net new SaaS service). In other cases, the migration itself can be a substantial undertaking, involving large amounts of data, a complicated replatforming/refactoring, and/or a significant configuration exercise.

    Not all migration journeys are created equal, and challenges include a general lack of understanding of the requirements of a migration, the techniques that might be necessary to migrate to a particular cloud (there are many) and the disruption/risk associated with moving large amounts of data. All of these challenges must be considered as part of the overall cloud strategy, whether in terms of architectural principles or skill acquisition (or both!).

    Step 2.2

    Determine workload future state

    Activities

    2.2.1 Determine workload future state

    Conduct workload assessments

    Determine workload future state

    This step involves the following participants:

    • IT management
    • Core working group

    Outcomes of this step

    • Completed workload assessments
    • Defined workload future state

    2.2.1 Determine workload future state

    1-3 hours

    Input

    • Completed workload assessments

    Output

    • Preliminary future state outputs

    Materials

    • Cloud Vision Workbook
    • Cloud Vision Executive Presentation

    Participants

    • Core working group
    • Service owners
    • IT management
    1. After you’ve had a chance to validate your results, refer to tab 7 of the tool, where you will find a blank notes section.
    2. With the working group, capture your answers to each of the following questions:
      1. What service model is the most suitable for the workload? Why?
      2. How will we conduct the migration? Which of the six models makes the most sense? Do we have a backup plan if our primary plan doesn’t work out?
      3. What should the support model look like?
      4. What are some workload-specific risks and considerations that must be taken into account for the workload?
    3. Once you’ve got answers to each of these questions for each of the workloads, include your summary in the “notes” section of tab 7.

    Cloud Vision Executive Presentation

    Paste the output into the Cloud Vision Executive Presentation

    • The Cloud Vision Workbook output is a compact, consumable summary of each workload’s planned future state. Paste each assessment in as necessary.
    • There is no absolutely correct way to present the information, but the output is a good place to start. Do note that, while the presentation is designed to lead with the vision statement, because the process is workload-first, the assessments are populated prior to the overall vision in a bottom-up manner.
    • Be sure to anticipate the questions you are likely to receive from any stakeholders. You may consider preparing for questions like: “What other workloads fit this profile?” “What do we expect the impact on the budget to be?” “How long will this take?” Keep these and other questions in mind as you progress through the vision definition process.

    The image shows the Cloud Vision Workbook output, which was described in an annotated version in an earlier section.

    Info-Tech Insight

    Keep your audience in mind. You may want to include some additional context in the presentation if the results are going to be presented to non-technical stakeholders or those who are not familiar with the terms or how to interpret the outputs.

    Identify and Mitigate Risks

    Build the foundations of your cloud vision

    PHASE 3

    Phase 3

    Identify and Mitigate Risks

    Phase 1

    1.1 Generate goals and drivers

    1.2 Explore cloud characteristics

    1.3 Create a current state summary

    1.4 Select workloads for analysis

    Phase 2

    2.1 Conduct workload assessments

    2.2 Determine workload future states

    Phase 3

    3.1 Generate risks and roadblocks

    3.2 Mitigate risks and roadblocks

    3.3 Define roadmap initiatives

    Phase 4

    4.1 Review and assign work items

    4.2 Finalize cloud decision framework

    4.3 Create cloud vision

    This phase will walk you through the following activities:

    • Generate risks and roadblocks
    • Mitigate risks and roadblocks
    • Define roadmap initiatives

    This phase involves the following participants:

    • Core working group
    • Workload subject matter experts

    You know what you want to do, but what do you have to do?

    What questions remain unanswered?

    There are workload-level risks and roadblocks, and there are environment-level risks. This phase is focused primarily on environment-level risks and roadblocks, or those that are likely to span multiple workloads (but this is not hard and fast rule – anything that you deem worth discussing is worth discussing). The framework here calls for an open forum where all stakeholders – technical and non-technical, pro-cloud and anti-cloud, management and individual contributor – have an opportunity to articulate their concerns, however specific or general, and receive feedback and possible mitigation.

    Start by soliciting feedback. You can do this over time or in a single session. Encourage anyone with an opinion to share it. Focus on those who are likely to have a perspective that will become relevant at some point during the creation of the cloud strategy and the execution of any migration. Explain the preliminary direction; highlight any major changes that you foresee. Remind participants that you are not looking for solutions (yet), but that you want to make sure you hear any and every concern as early as possible. You will get feedback and it will all be valuable.

    Before cutting your participants loose, remind them that, as with all business decisions, the cloud comes with trade-offs. Not everyone will have every wish fulfilled, and in some cases, significant effort may be needed to get around a roadblock, risks may need to be accepted, and workloads that looked like promising candidates for one service model or another may not be able to realize that potential. This is a normal and expected part of the cloud vision process.

    Once the risks and roadblocks conversation is complete, it is the core working group’s job to propose and validate mitigations. Not every risk can be completely resolved, but the cloud has been around for decades – chances are someone else has faced a similar challenge and made it through relatively unscathed. That work will inevitably result in initiatives for immediate execution. Those initiatives will form the core of the initiative roadmap that accompanies the completed Cloud Vision Executive Presentation.

    Step 3.1

    Generate risks and roadblocks

    Activities

    3.1.1 Generate risks and roadblocks

    3.1.2 Generate mitigations

    Identify and mitigate risks

    Generate risks and roadblocks

    Mitigate risks and roadblocks

    Define roadmap initiatives

    This step involves the following participants:

    • Core working group
    • IT management
    • Infrastructure
    • Applications
    • Security
    • Architecture

    Outcomes of this step

    • List of risks and roadblocks

    Understand risks and roadblocks

    Risk

    • Something that could potentially go wrong.
    • You can respond to risks by mitigating them:
      • Eliminate: take action to prevent the risk from causing issues.
      • Reduce: take action to minimize the likelihood/severity of the risk.
      • Transfer: shift responsibility for the risk away from IT, towards another division of the company.
      • Accept: where the likelihood or severity is low, it may be prudent to accept that the risk could come to fruition.

    Roadblock

    • There are things that aren’t “risks” that we care about when migrating to the cloud.
    • We know, for example, that a complicated integration situation will create work items for any migration – this is not an “unknown.”
    • We respond to roadblocks by generating work items.

    3.1.1 Generate risks and roadblocks

    1.5 hours

    Input

    • Completed cloud vision assessments

    Output

    • List of risks and roadblocks

    Materials

    • Whiteboard
    • Sticky notes

    Participants

    • Core working group
    • Service owners/workload SMEs
    • Anyone with concerns about the cloud
    1. Gather your core working group – and really anyone with an intelligent opinion on the cloud – into a single meeting space. Give the group 5-10 minutes to list anything they think could present a difficulty in transitioning workloads to the cloud. Write each risk/roadblock on its own sticky note. You will never be 100% exhaustive, but don’t let anything your users care about go unaddressed.
    2. Once everyone has had time to write down their risks and roadblocks, have everyone share one by one. Make sure you get them all. Overlap in risks and roadblocks is okay! Group similar concerns together to give a sort of heat map of what your participants are concerned about. (This is called “affinity diagramming.”)
    3. Assign names to these categories. Many of these categories will align with the strategy components discussed in the previous phase (governance, security, etc.) but some will be specific whether by nature or by degree.
    4. Sort each of the individual risks into its respective category, collapsing any exact duplicates, and leaving room for notes and mitigations (see the next slide for a visual).

    Understand risks and roadblocks

    The image is two columns--on the left, the column is titled Affinity Diagramming. Below the title, there are many colored blocks, randomly arranged. There is an arrow pointing right, to the same coloured blocks, now sorted by colour. In the right column--titled Categorization--each colour has been assigned a category, with subcategories.

    Step 3.2

    Mitigate risks and roadblocks

    Activities

    3.2.1 Generate mitigations

    Identify and mitigate risks

    Generate risks and roadblocks

    Mitigate risks and roadblocks

    Define roadmap initiatives

    This step involves the following participants:

    • Core working group

    Outcomes of this step

    • List of mitigations

    Is the public cloud less secure?

    This is the key risk-related question that most cloud customers will have to answer at some point: does migrating to the cloud for some services increase their exposure and create a security problem?

    As with all good questions, the answer is “it depends.” But what does it depend on? Consider these cloud risks and potential mitigations:

    1. Misconfiguration: An error grants access to unauthorized parties (as happened to Capital One in 2019). This can be mitigated by careful configuration management and third-party tooling.
    2. Unauthorized access by cloud provider/partner employees: Though rare, it is possible that a cloud provider or partner can be a vector for a breach. Careful contract language, choosing to own your own encryption keys, and a hybrid approach (storing data on-premises) are some possible ways to address this problem.
    3. Unauthorized access to systems: Cloud services are designed to be accessed from anywhere and may be accessed by malicious actors. Possible mitigations include risk-based conditional access, careful identity access management, and logging and detection.

    “The cloud is definitely more secure in that you have much more control, you have much more security tooling, much more visibility, and much more automation. So it is more secure. The caveat is that there is more risk. It is easier to accidentally expose data in the cloud than it is on-premises, but, especially for security, the amount of tooling and visibility you get in cloud is much more than anything we’ve had in our careers on-premises, and that’s why I think cloud in general is more secure.” –Abdul Kittana, Founder, ASecureCloud

    Breach bests bank

    No cloud provider can protect against every misconfiguration

    Industry: Finance

    Source: The New York Times, CNET

    Background

    Capital One is a major Amazon Web Services customer and is even featured on Amazon’s site as a case study. That case study emphasizes the bank’s commitment to the cloud and highlights how central security and compliance were. From the CTO: “Before we moved a single workload, we engaged groups from across the company to build a risk framework for the cloud that met the same high bar for security and compliance that we meet in our on-premises environments. AWS worked with us every step of the way.”

    Complication

    The cloud migration was humming along until July 2019, when the bank suffered a serious breach at the hands of a hacker. That hacker was able to steal millions of credit card applications and hundreds of thousands of Social Security numbers, bank account numbers, and Canadian social insurance numbers.

    According to investigators and to AWS, the breach was caused by an open reverse proxy attack against a misconfigured web app firewall, not by an underlying vulnerability in the cloud infrastructure.

    Results

    Capital One reported that the breach was expected to cost it $150 million, and AWS fervently denied any blame. The US Senate got involved, as did national media, and Capital One’s CEO issued a public apology, writing, “I sincerely apologize for the understandable worry this incident must be causing those affected, and I am committed to making it right.”

    It was a bad few months for IT at Capital One.

    3.2.1 Generate mitigations

    3-4.5 hours

    Input

    • Completed cloud vision assessments

    Output

    • List of risks and roadblocks

    Materials

    • Whiteboard
    • Sticky notes

    Participants

    • Core working group
    • Service owners/workload SMEs
    • Anyone with concerns about the cloud
    1. Recall the four mitigation strategies: eliminate, reduce, transfer, or accept. Keep these in mind as you work through the list of risks and roadblocks with the core working group. For every individual risk or roadblock raised in the initial generation session, suggest a specific mitigation. If the concern is “SaaS providers having access to confidential information,” a mitigation might be encryption, specific contract language, or proof of certifications (or all the above).
    2. Work through this for each of the risks and roadblocks, identifying the steps you need to take that would satisfy your requirements as you understand them.
    3. Once you have gone through the whole list – ideally with input from SMEs in particular areas like security, engineering, and compliance/legal – populate the Cloud Vision Workbook (tab 8) with the risks, roadblocks, and mitigations (sorted by category). Review tab 8 for an example of the output of this exercise.

    Cloud Vision Workbook

    Cloud Vision Workbook – mitigations

    The image shows a large chart titled Risks, roadblocks, and mitigations, which has been annotated with notes.

    Step 3.3

    Define roadmap initiatives

    Activities

    3.3.1 Generate roadmap initiatives

    Identify and mitigate risks

    Generate risks and roadblocks

    Mitigate risks and roadblocks

    Define roadmap initiatives

    This step involves the following participants:

    • Core working group

    Outcomes of this step

    • Defined roadmap initiatives

    3.3.1 Generate roadmap initiatives

    1 hour

    Input

    • List of risk and roadblock mitigations

    Output

    • List of cloud initiatives

    Materials

    • Cloud Vision Workbook

    Participants

    • Core working group
    1. Executing on your cloud vision will likely require you to undertake some key initiatives, many of which have already been identified as part of your mitigation exercise. On tab 8 of the Cloud Vision Workbook, review the mitigations you created in response to the risks and roadblocks identified. Initiatives should generally be assignable to a party and should have a defined scope/duration. For example, “assess all net new applications for cloud suitability” might not be counted as an initiative, but “design a cloud application assessment” would likely be.
    2. Design a timeline appropriate for your specific needs. Generally short-term (less than 3 months), medium-term (3-6 months), and long-term (greater than 6 months) will work, but this is entirely based on preference.
    3. Review and validate the parameters with the working group. Consider creating additional color-coding (highlighting certain tasks that might be dependent on a decision or have ongoing components).

    Cloud Vision Workbook

    Bridge the gap and create the vision

    Build the foundations of your cloud vision

    Phase 4

    Phase 4

    Bridge the Gap and Create the Vision

    Phase 1

    1.1 Generate goals and drivers

    1.2 Explore cloud characteristics

    1.3 Create a current state summary

    1.4 Select workloads for analysis

    Phase 2

    2.1 Conduct workload assessments

    2.2 Determine workload future states

    Phase 3

    3.1 Generate risks and roadblocks

    3.2 Mitigate risks and roadblocks

    3.3 Define roadmap initiatives

    Phase 4

    4.1 Review and assign work items

    4.2 Finalize cloud decision framework

    4.3 Create cloud vision

    This phase will walk you through the following activities:

    • Assign initiatives and propose timelines
    • Build a delivery model rubric
    • Build a service model rubric
    • Built a support model rubric
    • Create a cloud vision statement
    • Map cloud workloads
    • Complete the Cloud Vision presentation

    This phase involves the following participants:

    • IT management, the core working group, security, infrastructure, operations, architecture, engineering, applications, non-IT stakeholders

    Step 4.1

    Review and assign work items

    Activities

    4.1.1 Assign initiatives and propose timelines

    Bridge the gap and create the vision

    Review and assign work items

    Finalize cloud decision framework

    Create cloud vision

    This step involves the following participants:

    • Core working group
    • IT management

    Outcomes of this step

    • Populated cloud vision roadmap

    4.1.1 Assign initiatives and propose timelines

    1 hour

    Input

    • List of cloud initiatives

    Output

    • Initiatives assigned by responsibility and timeline

    Materials

    • Cloud Vision Workbook

    Participants

    • Core working group
    1. Once the list is populated, begin assigning responsibility for execution. This is not a RACI exercise, so focus on the functional responsibility. Once you have determined who is responsible, assign a timeline and include any notes. This will form the basis of a more formal project plan.
    2. To assign the initiative to a party, consider 1) who will be responsible for execution and 2) if that responsibility will be shared. Be as specific as possible, but be sure to be consistent to make it easier for you to sort responsibility later on.
    3. When assigning timelines, we suggest including the end date (when you expect the project to be complete) rather than the start date, though whatever you choose, be sure to be consistent. Make use of the notes column to record anything that you think any other readers will need to be aware of in the future, or details that may not be possible to commit to memory.

    Cloud Vision Workbook

    Step 4.2

    Finalize cloud decision framework

    Activities

    4.2.1 Build a delivery model rubric

    4.2.2 Build a service model rubric

    4.2.3 Build a support model rubric

    Bridge the gap and create the vision

    Review and assign work items

    Finalize cloud decision framework

    Create cloud vision

    This step involves the following participants:

    • Core working group

    Outcomes of this step

    • Cloud decision framework

    4.2.1 Build a delivery model rubric

    1 hour

    Input

    • List of cloud initiatives

    Output

    • Initiatives assigned by responsibility and timeline

    Materials

    Participants

    • Core working group
    1. Now that we have a good understanding of the cloud’s key characteristics, the relative suitability of different workloads for the cloud, and a good understanding of some of the risks and roadblocks that may need to be overcome if a cloud transition is to take place, it is time to formalize a delivery model rubric. Start by listing the delivery models on a white board vertically – public, private, hybrid, and multi-cloud. Include a community cloud option as well if that is feasible for you. Strike any models that do not figure into your vision.
    2. Create a table style rubric for each delivery model. Confer with the working group to determine what characteristics best define workloads suitable for each model. If you have a hybrid cloud option, you may consider workloads that are highly dynamic; a private cloud hosted on-premises may be more suitable for workloads that have extensive regulatory requirements.
    3. Once the table is complete, include it in the Cloud Vision Executive Presentation.

    Cloud Vision Executive Presentation

    Vision for the cloud future state (example)

    Delivery model Decision criteria
    Public cloud
    • Public cloud is the primary destination for all workloads as the goal is to eliminate facilities and infrastructure management
    • Offers features, broad accessibility, and managed updates along with provider-managed facilities and hardware
    Legacy datacenter
    • Any workload that is not a good fit for the public cloud
    • Dependency (like a USB key for license validation)
    • Performance requirements (e.g. workloads highly sensitive to transaction thresholds)
    • Local infrastructure components (firewall, switches, NVR)

    Summary statement: Everything must go! Public cloud is a top priority. Anything that is not compatible (for whatever reason) with a public cloud deployment will be retained in a premises-based server closet (downgraded from a full datacenter). The private cloud does not align with the overall organizational vision, nor does a hybrid solution.

    4.2.2 Build a service model rubric

    1 hour

    Input

    • Output of workload assessments
    • Output of risk and mitigation exercise

    Output

    • Service model rubric

    Materials

    • Whiteboard
    • Cloud Vision Executive Presentation

    Participants

    • Core working group
    1. This next activity is like the delivery model activity, but covers the relevant cloud service models. On a whiteboard, make a vertical list of the cloud service models (SaaS, PaaS, IaaS, etc.) that will be considered for workloads. If you have an order of preference, place your most preferred at the top, your least preferred at the bottom.
    2. Describe the circumstances under which you would select each service model. Do your best to focus on differentiators. If a decision criterion appears for multiple service models, consider refining or excluding it. (For additional information, check out Info-Tech’s Reimagine IT Operations for a Cloud-First World blueprint.)
    3. Create a summary statement to capture your overall service model position. See the next slide for an example. Note: this can be incorporated into your cloud vision statement, so be sure that it reflects your genuine cloud preferences.
    4. Record the results in the Cloud Vision Executive Presentation.

    Cloud Vision Executive Presentation

    Vision for the cloud future state (example)

    Service model Decision criteria
    SaaS

    SaaS first; opt for SaaS when:

    • A SaaS option exists that meets all key business requirements
    • There is a strong desire to have someone else (the vendor) manage infrastructure components/the platform
    • Not particularly sensitive to performance thresholds
    • The goal is to transition management of the workload outside of IT
    • SaaS is the only feasible way to consume the desired service
    PaaS
    • Highly customized service/workload – SaaS not feasible
    • Still preferable to offload as much management as possible to third parties
    • Customization required, but not at the platform level
    • The workload is built using a standard framework
    • We have the time/resources to replatform
    IaaS
    • Service needs to be lifted and shifted out of the datacenter quickly
    • Customization is required at the platform level/there is value in managing components
    • There is no need to manage facilities
    • Performance is not impacted by hosting the workload offsite
    • There is value in right-sizing the workload over time
    On-premises Anything that does not fit in the cloud for performance or other reasons (e.g. licensing key)

    Summary statement: SaaS will be the primary service model. All workloads will migrate to the public cloud where possible. Anything that cannot be migrated to SaaS will be migrated to PaaS. IaaS is a transitory step.

    4.2.3 Build a support model rubric

    1 hour

    Input

    • Results of the cloud workload assessments

    Output

    • Support model rubric

    Materials

    • Whiteboard
    • Cloud Vision Executive Presentation

    Participants

    • Core working group
    1. The final rubric covered here is that for the support model. Where will you procure the skills necessary to ensure the vision’s proper execution? Much like the other rubric activities, write the three support models vertically (in order of preference, if you have one) on a whiteboard.
    2. Next to each model, describe the circumstances under which you would select each support model. Focus on the dimensions: the duration of the engagement, specialization required, and flexibility required. If you have existing rules/practices around hiring consultants/MSPs, consider those as well.
    3. Once you have a good list of decision criteria, form a summary statement. This should encapsulate your position on support models and should mention any notable criteria that will contribute to most decisions.
    4. Record the results in the Cloud Vision Executive Presentation.

    Cloud Vision Executive Presentation

    Vision for the cloud future state (example)

    Support model Decision criteria
    Internal IT

    The primary support model will be internal IT going forward

    • Chosen where the primary work required is administrative
    • Where existing staff can manage the service in the cloud easily and effectively
    • Where the chosen solution fits the SaaS service model
    Consultant
    • Where the work required is time-bound (e.g. a migration/refactoring exercise)
    • Where the skills do not exist in house, and where the skills cannot easily be procured (specific technical expertise required in areas of the cloud unfamiliar to staff)
    • Where opportunities for staff to learn from consultant SMEs are valuable
    • Where ongoing management and maintenance can be handled in house
    MSP
    • Where an ongoing relationship is valued
    • Where ongoing administration and maintenance are disproportionately burdensome on IT staff (or where this administration and maintenance is likely to be burdensome)
    • Where the managed services model has already been proven out
    • Where specific expertise in an area of technology is required but this does not rise to the need to hire an FTE (e.g. telephony)

    Summary statement: Most workloads will be managed in house. A consultant will be employed to facilitate the transition to micro-services in a cloud container environment, but this will be transitioned to in-house staff. An MSP will continue to manage backups and telephony.

    Step 4.3

    Create cloud vision

    Activities

    4.3.1 Create a cloud vision statement

    4.3.2 Map cloud workloads

    4.3.3 Complete the Cloud Vision Presentation

    Review and assign work items

    Finalize cloud decision framework

    Create cloud vision

    This step involves the following participants:

    • Core working group
    • IT management

    Outcomes of this step

    Completed Cloud Vision Executive Presentation

    4.3.1 Create a cloud vision statement

    1 hour

    Input

    • List of cloud initiatives

    Output

    • Initiatives assigned by responsibility and timeline

    Materials

    • Cloud Vision Workbook

    Participants

    • Core working group
    1. Now that you know what service models are appropriate, it’s time to summarize your cloud vision in a succinct, consumable way. A good vision statement should have three components:
      • Scope: Which parts of the organization will the strategy impact?
      • Goal: What is the strategy intended to accomplish?
      • Key differentiator: What makes the new strategy special?
    2. On a whiteboard, make a chart with three columns (one column for each of the features of a good mission statement). Have the group generate a list of words to describe each of the categories. Ideally, the group will produce multiple answers for each category.
    3. Once you’ve gathered a few different responses for each category, have the team put their heads down and generate pithy mission statements that capture the sentiments underlying each category.
    4. Have participants read their vision statements in front of the group. Use the rest of the session to produce a final statement. Record the results in the Cloud Strategy Executive Presentation.

    Example vision statement outputs

    “IT at ACME Corp. hereby commits to providing clients and end users with an unparalleled, productivity-enabling technology experience, leveraging, insofar as it is possible and practical, cloud-based services.”

    “At ACME Corp. our employees and customers are our first priority. Using new, agile cloud services, IT is devoted to eliminating inefficiency, providing cutting-edge solutions for a fast-paced world, and making a positive difference in the lives of our colleagues and the people we serve.”

    As a global leader in technology, ACME Corp. is committed to taking full advantage of new cloud services, looking first to agile cloud options to optimize internal processes wherever efficiency gaps exist. Improved efficiency will allow associates to spend more time on ACME’s core mission: providing an unrivalled customer experience.”

    Scope

    Goal

    Key differentiator

    4.3.2 Map cloud workloads

    1 hour

    Input

    • List of workloads
    • List of acceptable service models
    • List of acceptable migration paths

    Output

    • Workloads mapped by service model/migration path

    Materials

    • Whiteboard
    • Sticky notes

    Participants

    • Core working group
    1. Now that you have defined your overall cloud vision as well as your service model options, consider aligning your service model preferences with your migration path preferences. Draw a table with your expected migration strategies across the top (retain, retire, rehost, replatform, refactor, repurchase, or some of these) and your expected service models across the side.
    2. On individual sticky notes, write a list of workloads in your environment. In a smaller environment, this list can be exhaustive. Otherwise take advantage of the list you created as part of phase 1 along with any additional workloads that warrant discussion.
    3. As a group, go through the list, placing the sticky notes first in the appropriate row based on their characteristics and the decision criteria that have already been defined, and then in the appropriate column based on the appropriate migration path. (See the next slide for an example of what this looks like.)
    4. Record the results in the Cloud Vision Executive Presentation. Note: not every cell will be filled; some migration path/service model combinations are impossible or otherwise undesirable.

    Cloud Vision Executive Presentation

    Example cloud workload map

    Repurchase Replatform Rehost Retain
    SaaS

    Office suite

    AD

    PaaS SQL Database
    IaaS File Storage DR environment
    Other

    CCTV

    Door access

    4.3.3 Complete the Cloud Vision Presentation

    1 hour

    Input

    • List of cloud initiatives

    Output

    • Initiatives assigned by responsibility and timeline

    Materials

    • Cloud Vision Workbook

    Participants

    • Core working group
    1. Open the Cloud Vision Executive Presentation to the second slide and review the templated executive brief. This comprises several sections (see the next slide). Populate each one:
      • Summary of the exercise
      • The cloud vision statement
      • Key cloud drivers
      • Risks and roadblocks
      • Top initiatives and next steps
    2. Review the remainder of the presentation. Be sure to elaborate on any significant initiatives and changes (where applicable) and to delete any slides that you no longer require.

    Cloud Vision Workbook

    Sample cloud vision executive summary

    • From [date to date], a cross-functional group representing IT and its constituents met to discuss the cloud.
    • Over the course of the week, the group identified drivers for cloud computing and developed a shared vision, evaluated several workloads through an assessment framework, identified risks, roadblocks, and mitigations, and finally generated initiatives and next steps.
    • From the process, the group produced a summary and a cloud suitability assessment framework that can be applied at the level of the workload.

    Cloud Vision Statement

    [Organization] will leverage public cloud solutions and retire existing datacenter and colocation facilities. This transition will simplify infrastructure administration, support, and security, while modernizing legacy infrastructure and reducing the need for additional capital expenditure.

    Cloud Drivers Retire the datacenter Do more valuable work
    Right-size the environment Reduce CapEx
    Facilitate ease of mgmt. Work from anywhere
    Reduce capital expenditure Take advantage of elasticity
    Performance and availability Governance Risks and roadblocks
    Security Rationalization
    Cost Skills
    Migration Remaining premises resources
    BC, backup, and DR Control

    Initiatives and next steps

    • Close the datacenter and colocation site in favor of a SaaS-first cloud approach.
    • Some workloads will migrate to infrastructure-as-a-service in the short term with the assistance of third-party consultants.

    Document your cloud strategy

    You did it!

    Congratulations! If you’ve made it this far, you’ve successfully articulated a cloud vision, assessed workloads, developed an understanding (shared with your team and stakeholders) of cloud concepts, and mitigated risks and roadblocks that you may encounter along your cloud journey. From this exercise, you should understand your mission and vision, how your cloud plans will interact with any other relevant strategic plans, and what successful execution looks like, as well as developing a good understanding of overall guiding principles. These are several components of your overall strategy, but they do not comprise the strategy in its entirety.

    How do you fix this?

    First, validate the results of the vision exercise with your stakeholders. Socialize it and collect feedback. Make changes where you think changes should be made. This will become a key foundational piece. The next step is to formally document your cloud strategy. This is a separate project and is covered in the Info-Tech blueprint Document Your Cloud Strategy.

    The vision exercise tells you where you want to go and offers some clues as to how to get there. The formal strategy exercise is a formal documentation of the target state, but also captures in detail the steps you’ll need to take, the processes you’ll need to refine, and the people you’ll need to hire.

    A cloud strategy should comprise your organizational stance on how the cloud will change your approach to people and human resources, technology, and governance. Once you are confident that you can make and enforce decisions in these areas, you should consider moving on to Document Your Cloud Strategy. This blueprint, Define Your Cloud Vision, often serves as a prerequisite for the strategy documentation conversation(s).

    Appendix

    Summary of Accomplishment

    Additional Support

    Research Contributors

    Related Info-Tech Research

    Vendor Resources

    Bibliography

    Summary of Accomplishment

    Problem Solved

    You have now documented what you want from the cloud, what you mean when you say “cloud,” and some preliminary steps you can take to make your vision a reality.

    You now have at your disposal a framework for identifying and evaluating candidates for their cloud suitability, as well as a series of techniques for generating risks and mitigations associated with your cloud journey. The next step is to formalize your cloud strategy using the takeaways from this exercise. You’re well on your way to a completed cloud strategy!

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com

    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Generate drivers for cloud adoption

    Work with stakeholders to understand the expected benefits of the cloud migration and how these drivers will impact the overall vision.

    Conduct workload assessments

    Assess your individual cloud workloads for their suitability as candidates for the cloud migration.

    Bibliography

    “2021 State of the Cloud Report.” Flexera, 2021. Web.

    “2021 State of Upskilling Report.” Pluralsight, 2021. Web.

    “AWS Snowmobile.” Amazon Web Services, n.d. Web.

    “Azure products.” Microsoft, n.d. Web.

    “Azure Migrate Documentation.” Microsoft, n.d. Web.

    Bell, Harold. “Multi-Cloud vs. Hybrid Cloud: What’s the Difference?” Nutanix, 2019. Web.

    “Cloud Products.” Amazon Web Services, n.d. Web.

    “COBIT 2019 Framework: Introduction and Methodology.” ISACA, 2019. Web.

    Edmead, Mark T. “Using COBIT 2019 to Plan and Execute an Organization’s Transformation Strategy.” ISACA, 2020. Web.

    Flitter, Emily, and Karen Weise. “Capital One Data Breach Compromises Data of Over 100 Million.” The New York Times, 29 July 2019. Web.

    Gillis, Alexander S. “Cloud Security Posture Management (CSPM).” TechTarget, 2021. Web.

    “’How to Cloud’ with Capital One.” Amazon Web Services, n.d. Web.

    “IBM Closes Landmark Acquisition of Red Hat for $34 Billion; Defines Open, Hybrid Cloud Future.” Red Hat, 9 July 2019. Web.

    Mell, Peter, and Timothy Grance. “The NIST Definition of Cloud Computing.” National Institute of Standards and Technology, Sept. 2011. Web.

    Ng, Alfred. “Amazon Tells Senators it Isn't to Blame for Capital One Breach.” CNET, 2019. Web.

    Orban, Stephen. “6 Strategies for Migrating Applications to the Cloud.” Amazon Web Services, 2016. Web.

    Sullivan, Dan. “Cloud Access Security Broker (CASB).” TechTarget, 2021. Web.

    “What Is Secure Access Service Edge (SASE)?” Cisco, n.d. Web.

    Develop an IT Asset Management Strategy

    • Buy Link or Shortcode: {j2store}295|cart{/j2store}
    • member rating overall impact: 8.5/10 Overall Impact
    • member rating average dollars saved: $52,211 Average $ Saved
    • member rating average days saved: 31 Average Days Saved
    • Parent Category Name: Asset Management
    • Parent Category Link: /asset-management

    You have a mandate to create an accurate and actionable database of the IT assets in your environment, but:

    • The data you have is often incomplete or wrong.
    • Processes are broken or non-existent.
    • Your tools aren’t up to the task of tracking ever more hardware, software, and relevant metadata.
    • The role of stakeholders outside the core ITAM team isn’t well defined or understood.

    Our Advice

    Critical Insight

    ITAM is a foundational IT service that provides accurate, accessible, actionable data on IT assets. But there’s no value in data for data’s sake. Enable collaboration between IT asset managers, business leaders, and IT leaders to develop an ITAM strategy that maximizes the value they can deliver as service providers.

    Impact and Result

    • Develop an approach and strategy for ITAM that is sustainable and aligned with your business priorities.
    • Clarify the structure for the ITAM program, including scope, responsibility and accountability, centralization vs. decentralization, outsourcing vs. insourcing, and more.
    • Create a practical roadmap to guide improvement.
    • Summarize your strategy and approach using Info-Tech’s templates for review with stakeholders.

    Develop an IT Asset Management Strategy Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Develop an IT Asset Management Strategy – A methodology to create a business-aligned, coherent, and durable approach to ITAM.

    This two-phase, step-by-step methodology will guide you through the activities to build a business-aligned, coherent, and durable approach to ITAM. Review the executive brief at the start of the slide deck for an overview of the methodology and the value it can provide to your organization.

    • Develop an IT Asset Management Strategy – Phases 1-2

    2. ITAM Strategy Template – A presentation-ready repository for the work done as you define your ITAM approach.

    Use this template to document your IT asset management strategy and approach.

    • ITAM Strategy Template

    3. IT Asset Estimations Tracker – A rough-and-ready inventory exercise to help you evaluate the work ahead of you.

    Use this tool to estimate key data points related to your IT asset estate, as well as your confidence in your estimates.

    • IT Asset Estimations Tracker

    Infographic

    Workshop: Develop an IT Asset Management Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify ITAM Priorities & Goals, Maturity, Metrics and KPIs

    The Purpose

    Align key stakeholders to the potential strategic value of the IT asset management practice.

    Ensure the ITAM practice is focused on business-aligned goals.

    Key Benefits Achieved

    Define a business-aligned direction and expected outcomes for your ITAM program.

    Activities

    1.1 Brainstorm ITAM opportunities and challenges.

    1.2 Conduct an executive alignment working session.

    1.3 Set ITAM priorities, goals and tactics.

    1.4 Identify target and current state ITAM maturity.

    Outputs

    ITAM opportunities and challenges

    Align executive priorities with ITAM opportunities.

    ITAM metrics and KPIs

    ITAM maturity

    2 Identify Your Approach to Support ITAM Priorities and Goals

    The Purpose

    Translate goals into specific and coherent actions to enable your ITAM practice to deliver business value.

    Key Benefits Achieved

    A business-aligned approach to ITAM, encompassing scope, structure, tools, audits, budgets, documentation and more.

    A high-level roadmap to achieve your vision for the ITAM practice.

    Activities

    2.1 Define ITAM scope.

    2.2 Acquire ITAM services (outsourcing and contracting).

    2.3 Centralize or decentralize ITAM capabilities.

    2.4 Create a RACI for the ITAM practice.

    2.5 Align ITAM with other service management practices.

    2.6 Evaluate ITAM tools and integrations.

    2.7 Create a plan for internal and external audits.

    2.8 Improve your budget processes.

    2.9 Establish a documentation framework.

    2.10 Create a roadmap and communication plan.

    Outputs

    Your ITAM approach

    ITAM roadmap and communication plan

    Further reading

    Develop an IT Asset Management Strategy

    Define your business-aligned approach to ITAM.

    Table of Contents

    4 Analyst Perspective

    5 Executive Summary

    17 Phase 1: Establish Business-Aligned ITAM Goals and Priorities

    59 Phase 2: Support ITAM Goals and Priorities

    116 Bibliography

    Develop an IT Asset Management Strategy

    Define your business-aligned approach to ITAM.

    EXECUTIVE BRIEF

    Analyst Perspective

    Track hardware and software. Seems easy, right?

    It’s often taken for granted that IT can easily and accurately provide definitive answers to questions like “how many laptops do we have at Site 1?” or “do we have the right number of SQL licenses?” or “how much do we need to budget for device replacements next year?” After all, don’t we know what we have?

    IT can’t easily provide these answers because to do so you must track hardware and software throughout its lifecycle – which is not easy. And unfortunately, you often need to respond to these questions on very short notice because of an audit or to support a budgeting exercise.

    IT Asset Management (ITAM) is the solution. It’s not a new solution – the discipline has been around for decades. But the key to success is to deploy the practice in a way that is sustainable, right-sized, and maximizes value.

    Use our practical methodology to develop and document your approach to ITAM that is aligned with the goals of your organization.

    Photo of Andrew Sharp, Research Director, Infrastructure & Operations Practice, Info-Tech Research Group.

    Andrew Sharp
    Research Director
    Infrastructure & Operations Practice
    Info-Tech Research Group

    Realize the value of asset management

    Cost optimization, application rationalization and reduction of technical debt are all considered valuable to right-size spending and improve service outcomes. Without access to accurate data, these activities require significant investments of time and effort, starting with creation of point-in-time inventories, which lengthens the timeline to reaching project value and may still not be accurate.

    Cost optimization and reduction of technical debt should be part of your culture and technical roadmap rather than one-off projects. Why? Access to accurate information enables the organization to quickly make decisions and pivot plans as needed. Through asset management, ongoing harvest and redeployment of assets improves utilization-to-spend ratios. We would never see any organization saying, “We’ve closed our year end books, let’s fire the accountants,” but often see this valuable service relegated to the back burner. Similar to the philosophy that “the best time to plant a tree is 20 years ago and the next best time is now,” the sooner you can start to collect, validate, and analyze data, the sooner you will find value in it.

    Photo of Sandi Conrad, Principal Research Director, Infrastructure & Operations Practice, Info-Tech Research Group.

    Sandi Conrad
    Principal Research Director
    Infrastructure & Operations Practice
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    You have a mandate to create an accurate and actionable database of the IT assets in your environment, but:

    • The data you have is often incomplete or wrong.
    • Processes are broken or non-existent.
    • Your tools aren’t up to the task of tracking ever more hardware, software, and relevant metadata.
    • The role of stakeholders outside the core ITAM team isn’t well defined or understood.
    Common Obstacles

    It is challenging to make needed changes because:

    • There’s cultural resistance to asset tracking, it’s seen as busywork that doesn’t clearly create value.
    • Decentralized IT teams aren’t generating the data required to track hardware and licenses.
    • ITAM can’t direct needed tool improvements because the admins don’t report to ITAM.
    • It’s hard to find time to improve processes given the day-to-day demands on your time.
    Info-Tech’s Approach
    • Develop an approach and strategy for ITAM that is sustainable and aligned with your business priorities.
    • Clarify the structure for the ITAM program, including scope, responsibility and accountability, centralization vs. decentralization, outsourcing vs. insourcing, and more.
    • Create a practical roadmap to guide improvement.
    • Summarize your strategy and approach using Info-Tech’s templates for review with stakeholders.

    Info-Tech Insight

    ITAM is a foundational IT service that provides accurate, accessible, actionable data on IT assets. But there’s no value in data for data’s sake. Enable collaboration between IT asset managers, business leaders, and IT leaders to develop an ITAM strategy that maximizes the value they can deliver as service providers.

    Unlock business value with IT asset management

    • IT asset management (ITAM) is the practice of maintaining accurate, accessible, and actionable data on the assets within the organization’s IT estate. Each IT asset will have a record that tracks it across its lifecycle from purchase to disposal.
    • ITAM’s value is realized through other processes and practice areas that can leverage ITAM data to manage risk, improve IT services, and control costs.
    • Develop an approach to ITAM that maximizes the value delivered to the business and IT. ITAM succeeds when its partners succeed at delivering business value, and it fails when it doesn’t show value to those partners.

    This blueprint will help you develop your approach for the management of IT hardware and software, including cloud services. Leverage other Info-Tech methodologies to dive directly into developing hardware asset management procedures, software asset management procedures, or to implement configuration management best practices.

    Info-Tech Members report significant savings from implementing our hardware and software asset management frameworks. In order to maximize value from the process-focused methodologies below, develop your ITAM strategy first.

    Implement Hardware Asset Management (Based on Info-Tech Measured Value Surveys results from clients working through these blueprints, as of February 2022.)

    9.6/10

    $23k

    32

    Overall Impact Average $ Saved Average Days Saved
    Implement Software Asset Management (Based on Info-Tech Measured Value Surveys results from clients working through these blueprints, as of February 2022.)

    9.0/10

    $12k

    5

    Overall Impact Average $ Saved Average Days Saved

    ITAM provides both early and ongoing value

    ITAM isn’t one-and-done. Properly supported, your ITAM practice will deliver up-front value that will help demonstrate the value ongoing ITAM can offer through the maintenance of an accurate, accessible, and actionable ITAM database.

    Example: Software Savings from ITAM



    This chart shows the money saved between the first quote and the final price for software and maintenance by a five-person ITAM team. Over a year and a half, they saved their organization a total of $7.5 million from a first quote total of $21 million over that period.

    This is a perfect example of the direct value that ITAM can provide on an ongoing basis to the organization, when properly supported and integrated with IT and the business.

    Examples of up-front value delivered in the first year of the ITAM practice:

    • Save money by reviewing and renegotiating critical, high-spend, and undermanaged software and service contracts.
    • Redeploy or dispose of clearly unused hardware and software.
    • Develop and enforce standards for basic hardware and software.
    • Improve ITAM data quality and build trust in the results.

    Examples of long-term value from ongoing governance, management, and operational ITAM activities:

    • Optimize spend: Reallocate unused hardware and software, end unneeded service agreements, and manage renewals and audits.
    • Reduce risk: Provide comprehensive asset data for security controls development and incident management; manage equipment disposal.
    • Improve IT service: Support incident, problem, request, and change management with ITAM data. Develop new solutions with an understanding of what you have already.

    Common obstacles

    The rulebook is available, but hard to follow
    • ITAM takes a village, but stakeholders aren’t aware of their role. ITAM processes rely on technicians to update asset records, vendors to supply asset data, administrators to manage tools, leadership to provide direction and support, and more.
    • Constant change in the IT and business environment undermines the accuracy of ITAM records (e.g. licensing and contract changes, technology changes that break discovery tools, personnel and organizational changes).
    • Improvement efforts are overwhelmed by day-to-day activities. One study found that 83% of SAM teams’ time is consumed by audit-related activities. (Flexera State of ITAM Report 2022) A lack of improvement becomes a vicious cycle when stakeholders who don’t see the value of ITAM decline to dedicate resources for improvement.
    • Stakeholders expect ITAM tools to be a cure-all, but even at their best, they can’t provide needed answers without some level of configuration, manual input, and supervision.
    • There’s often a struggle to connect ITAM to value. For example, respondents to Info-Tech’s Management & Governance Diagnostic consistently rank ITAM as less important than other processes that ITAM directly supports (e.g. budget management and budget optimization). (Info-Tech MGD Diagnostic (n=972 unique organizations))
    ITAM is a mature discipline with well-established standards, certifications, and tools, but we still struggle with it.
    • Only 28% of SAM teams track IaaS and PaaS spend, and only 35% of SAM teams track SaaS usage.
    • Increasing SAM maturity is a challenge for 76% of organizations.
    • 10% of organizations surveyed have spent more than $5 million in the last three years in audit penalties and true-ups.
    • Half of all of organizations lack a viable SAM tool.
    • Seventy percent of SAM teams have a shortfall of qualified resources.
    • (Flexera State of ITAM Report 2022)

    Info-Tech's IT Asset Management Framework (ITAM)

    Adopt, manage, and mature activities to enable business value thorugh actionable, accessible, and accurate ITAM data

    Logo for Info-Tech Research Group. Enable Business Value Logo for #iTRG.
    Business-Aligned Spend
    Optimization and Transparency
    Facilitate IT Services
    and Products
    Actionable, Accessible,
    and Accurate Data
    Context-Aware Risk Management
    and Security Controls

    Plan & Govern

    Business Goals, Risks, and Structure
    • ITAM Goals & Priorities
    • Roles, Accountability, Responsibilities
    • Scope
    Ongoing Management Commitment
    • Resourcing & Funding
    • Policies & Enforcement
    • Continuous Improvement
    Culture
    • ITAM Education, Awareness & Training
    • Organizational Change Management
    Section title 'Operate' with a cycle surrounding key components of Operate: 'Data Collection & Validation', 'Tool Administration', 'License Management', and 'Lease Management'. The cycle consists of 'Request', 'Procure', 'Receive', 'Deploy', 'Manage', 'Retire & Dispose', and back to 'Request'.

    Build & Manage

    Tools & Data
    • ITAM Tool Selection & Deployment
    • Configuration Management Synchronization
    • IT Service Management Integration
    Process
    • Process Management
    • Data & Process Audits
    • Document Management
    People, Policies, and Providers
    • Stakeholder Management
    • Technology Standardization
    • Vendor & Contract Management

    Info-Tech Insight

    ITAM is a foundational IT service that provides actionable, accessible, and accurate data on IT assets. But there's no value in data for data's sake. Use this methodology to enable collaboration between ITAM, the business, and IT to develop an approach to ITAM that maximizes the value the ITAM team can deliver as service providers.

    Key deliverable

    IT asset management requires ongoing practice – you can’t just implement it and walk away.

    Our methodology will help you build a business-aligned strategy and approach for your ITAM practice with the following outputs:

    • Business-aligned ITAM priorities, opportunities, and goals.
    • Current and target state ITAM maturity.
    • Metrics and KPIs.
    • Roles, responsibilities, and accountability.
    • Insourcing, outsourcing, and (de)centralization.
    • Tools and technology.
    • A documentation framework.
    • Initiatives, a roadmap, and a communication plan.
    Each step of this blueprint is designed to help you create your IT asset management strategy:
    Sample of Info-Tech's key deliverable 'IT Asset Management' blueprint.

    Info-Tech’s methodology to develop an IT asset management strategy

    1. Establish business-aligned ITAM goals and priorities 2. Identify your approach to support ITAM priorities and goals
    Phase Steps
    • 1.1 Define ITAM and brainstorm opportunities and challenges.
    • Executive Alignment Working Session:
    • 1.2 Review organizational priorities, strategy, and key initiatives.
    • 1.3 Align executive priorities with ITAM opportunities and priorities.
    • 1.4 Identify business-aligned ITAM goals and target maturity.
    • 1.5 Write mission and vision statements.
    • 1.6 Define ITAM metrics and KPIs.
    • 2.1 Define ITAM scope.
    • 2.2 Acquire ITAM services (outsourcing and contracting).
    • 2.3 Centralize or decentralize ITAM capabilities.
    • 2.4 Create a RACI for the ITAM practice.
    • 2.5 Align ITAM with other service management practices.
    • 2.6 Evaluate ITAM tools and integrations.
    • 2.7 Create a plan for internal and external audits.
    • 2.8 Improve your budget processes.
    • 2.9 Establish a documentation framework.
    • 2.10 Create a roadmap and communication plan.
    Phase Outcomes Defined, business-aligned goals and priorities for ITAM. Establish an approach to achieving ITAM goals and priorities including scope, structure, tools, service management integrations, documentation, and more.
    Project Outcomes Develop an approach and strategy for ITAM that is sustainable and aligned with your business priorities.

    Insight Summary

    There’s no value in data for data’s sake

    ITAM is a foundational IT service that provides accurate, accessible, actionable data on IT assets. Enable collaboration between IT asset managers, business leaders, and IT leaders to develop an approach to ITAM that maximizes the value they can deliver as service providers.

    Service provider to a service provider

    ITAM is often viewed (when it’s viewed at all) as a low-value administrative task that doesn’t directly drive business value. This can make it challenging to build a case for funding and resources.

    Your ITAM strategy is a critical component to help you define how ITAM can best deliver value to your organization, and to stop creating data for the sake of data or just to fight the next fire.

    Collaboration over order-taking

    To align ITAM practices to deliver organizational value, you need a very clear understanding of the organization’s goals – both in the moment and as they change over time.

    Ensure your ITAM team has clear line of sight to business strategy, objectives, and decision-makers, so you can continue to deliver value as priorities change

    Embrace dotted lines

    ITAM teams rely heavily on staff, systems, and data beyond their direct area of control. Identify how you will influence key stakeholders, including technicians, administrators, and business partners.

    Help them understand how ITAM success relies on their support, and highlight how their contributions have created organizational value to encourage ongoing support.

    Project benefits

    Benefits for IT
    • Set a foundation and direction for an ITAM practice that will allow IT to manage risk, optimize spend, and enhance services in line with business requirements.
    • Establish accountability and responsibility for essential ITAM activities. Decide where to centralize or decentralize accountability and authority. Identify where outsourcing could add value.
    • Create a roadmap with concrete, practical next steps to develop an effective, right-sized ITAM practice.
    Stock image of a trophy. Benefits for the business
    • Plan and control technology spend with confidence based on trustworthy ITAM data.
    • Enhance IT’s ability to rapidly and effectively support new priorities and launch new projects. Effective ITAM can support more streamlined procurement, deployment, and management of assets.
    • Implement security controls that reflect your total technology footprint. Reduce the risk that a forgotten device or unmanaged software turns your organization into the next Colonial Pipeline.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI around 12 calls over the course of 6 months.

    What does a typical GI on this topic look like?

    Call #1: Scope requirements, objectives, and your specific challenges.

    Call #2: Review business priorities.

    Call #3: Identify ITAM goals & target maturity.

    Call #4: Identify metrics and KPIs. Call #5: Define ITAM scope.

    Call #6: Acquire ITAM services.

    Call #7: ITAM structure and RACI.

    Call #8: ITAM and service management.

    Tools and integrations.

    Call #10: Internal and external audits.

    Call #11: Budgets & documentation

    Call #12: Roadmap, comms plan. Wrap-up.

    Phase 1 Phase 2

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com1-888-670-8889
    Day 1 Day 2 Day 3 Day 4 Day 5
    Identify ITAM priorities & goals, maturity, metrics and KPIs
    Identify your approach to support ITAM priorities and goals
    Next Steps and wrap-Up (offsite)
    Activities

    1.1 Define ITAM.

    1.2 Brainstorm ITAM opportunities and challenges.

    Conduct an executive alignment working session:

    1.3 Review organizational priorities, strategy, and key initiatives.

    1.4 Align executive priorities with ITAM opportunities.

    1.5 Set ITAM priorities.

    2.1 Translate opportunities into ITAM goals and tactics.

    2.2 Identify target and current state ITAM maturity.

    2.3 Create mission and vision statements.

    2.4 Identify key ITAM metrics and KPIs.

    3.1 Define ITAM scope.

    3.2 Acquire ITAM services (outsourcing and contracting)

    3.3 Centralize or decentralize ITAM capabilities.

    3.4 Create a RACI for the ITAM practice.

    3.5 Align ITAM with other service management practices.

    3.6 Evaluate ITAM tools and integrations.

    4.1 Create a plan for internal and external audits.

    4.2 Improve your budget processes.

    4.3 Establish a documentation framework and identify documentation gaps.

    4.4 Create a roadmap and communication plan.

    5.1 Complete in-progress deliverables from previous four days.

    5.2 Set up review time for workshop deliverables and to discuss next steps.

    Deliverables
    1. ITAM opportunities and challenges.
    2. Align executive priorities with ITAM opportunities.
    3. Set ITAM priorities.
    1. ITAM goals and tactics.
    2. Current and target ITAM maturity.
    3. Mission and vision statements.
    4. ITAM metrics and KPIs.
    1. Decisions that will shape your ITAM approach, including:
      1. What’s in scope (hardware, software, and cloud services).
      2. Where to centralize, decentralize, or outsource ITAM activities.
      3. Accountability, responsibility, and structure for ITAM activities.
      4. Service management alignment, tooling gaps, audit plans, budget processes, and required documentation.
    2. A roadmap and communication plan.
    1. Your completed ITAM strategy template.
    Develop an IT Asset Management Strategy

    Phase 1:

    Establish business-aligned ITAM goals and priorities

    Phase 1

    1.1 Define ITAM and brainstorm opportunities and challenges.

    Executive Alignment Working Session:

    1.2 Review organizational priorities, strategy, and key initiatives.

    1.3 Align executive priorities with ITAM opportunities & priorities.

    1.4 Identify business-aligned ITAM goals and target maturity.

    1.5 Write mission and vision statements.

    1.6 Define ITAM metrics and KPIs.

    Phase 2

    2.1 Define ITAM scope.

    2.2 Acquire ITAM services (outsourcing and contracting).

    2.3 Centralize or decentralize ITAM capabilities.

    2.4 Create a RACI for the ITAM practice.

    2.5 Align ITAM with other service management practices.

    2.6 Evaluate ITAM tools and integrations.

    2.7 Create a plan for internal and external audits.

    2.8 Improve your budget processes.

    2.9 Establish a documentation framework.

    2.10 Create a roadmap and communication plan.

    Phase Outcomes:

    Defined, business-aligned goals, priorities, and KPIs for ITAM. A concise vision and mission statement. The direction you need to establish a practical, right-sized, effective approach to ITAM for your organization.

    Before you get started

    Set yourself up for success with these three steps:
    • This methodology and the related slides are intended to be executed via intensive, collaborative working sessions using the rest of this slide deck.
    • Ensure the working sessions are a success by working through these steps before you start work on your IT asset management strategy.

    1. Identify participants

    Review recommended roles and identify who should participate in the development of your ITAM strategy.

    2. Estimate assets managed today

    Work through an initial assessment to establish ease of access to ITAM data and your level of trust in the data available to you.

    3. Create a working folder

    Create a repository to house your notes and any work in progress, including your copy of the ITAM Strategy Template.

    0.1 Identify participants

    30 minutes

    Output: List of key roles for the strategy exercises outlined in this methodology

    Participants: Project sponsor, Lead facilitator, ITAM manager and SMEs

    This methodology relies on having the right stakeholders in the room to identify ITAM goals, challenges, roles, structure, and more. On each activity slide in this deck, you’ll see an outline of the recommended participants. Use the table below to translate the recommended roles into specific people in your organization. Note that some people may fill multiple roles.

    Role Expectations People
    Project Sponsor Accountable for the overall success of the methodology. Ideally, participates in all exercises in this methodology. May be the asset manager or whoever they report to. Jake Long
    Lead Facilitator Leads, schedules, and manages all working sessions. Guides discussions and ensures activity outputs are completed. Owns and understands the methodology. Has a working knowledge of ITAM. Robert Loblaw
    Asset Manager(s) SME for the ITAM practice. Provides strategic direction to mature ITAM practices in line with organizational goals. Supports the facilitator. Eve Maldonado
    ITAM Team Hands-on ITAM professionals and SMEs. Includes the asset manager. Provide input on tactical ITAM opportunities and challenges. Bruce Wayne, Clark Kent
    IT Leaders & Managers Leaders of key stakeholder groups from across the IT department – the CIO and direct reports. Provide input on what IT needs from ITAM, and the role their teams should play in ITAM activities. May include delegates, particularly those familiar with day-to-day processes relevant to a particular discussion or exercise. Marcelina Hardy, Edmund Broughton
    ITAM Business Partners Non-IT business stakeholders for ITAM. This could include procurement, vendor management, accounting, and others. Zhang Jin, Effie Lamont
    Business Executives Organizational leaders and executives (CFO, COO, CEO, and others) or their delegates. Will participate in a mini-workshop to identify organizational goals and initiatives that can present opportunities for the ITAM practice. Jermaine Mandar, Miranda Kosuth

    0.2 Estimate asset numbers

    1 hour

    Output: Estimates of quantity and spend related to IT assets, Confidence/margin of error on estimates

    Participants: IT asset manager, ITAM team

    What do you know about your current IT environment, and how confident are you in that knowledge?

    This exercise will help you evaluate the size of the challenge ahead in terms of the raw number of assets in your environment, the spend on those assets, and the level of trust your organization has in the ITAM data.

    It is also a baseline snapshot your ability to relay key ITAM metrics quickly and confidently, so you can measure progress (in terms of greater confidence) over time.

    1. Download the estimation tracker below. Add any additional line items that are particularly important to the organization.
    2. Time-box this exercise to an hour. Use your own knowledge and existing data repositories to identify count/spend for each line item, then add a margin of error to your guess. Larger margins of error on larger counts will typically indicate larger risks.
    3. Track any assumptions, data sources used, or SMEs consulted in the comments.

    Download the IT Asset Estimation Tracker

    “Any time there is doubt about the data and it doesn’t get explained or fixed, then a new spreadsheet is born. Data validation and maintenance is critical to avoid the hidden costs of having bad data”

    Allison Kinnaird,
    Operations Practice Lead,
    Info-Tech Research Group

    0.3 Create a working folder

    15 minutes

    Output: A repository for templates and work in progress

    Participants: Lead facilitator

    Create a central repository for collaboration – it seems like an obvious step, but it’s one that gets forgotten about
    1. Download a copy of the ITAM Strategy Template.
      1. This will be the repository for all the work you do in the activities listed in this blueprint; take a moment to read it through and familiarize yourself with the contents.
    2. House the template in a shared repository that can house other related work in progress. Share this folder with participants so they can check in on your progress.
    3. You’ll see this callout box: Add your results to your copy of the ITAM Strategy Template as you work through activities in this blueprint. Copy the output to the appropriate slide in the ITAM Strategy Template.
    Stock image of a computer screen with a tiny person putting likes on things.

    Collect action items as you go

    Don’t wait until the end to write down your good ideas.
    • The last exercise in this methodology is to gather everything you’ve learned and build a roadmap to improve the ITAM practice.
    • The output of the exercises will inform the roadmap, as they will highlight areas with opportunities for improvement.
    • Write them down as you work through the exercises, or you risk forgetting valuable ideas.
    • Keep an “idea space” – a whiteboard with sticky notes or a shared document – to which any of your participants can post an idea for improvement and that you can review and consolidate later.
    • Encourage participants to add their ideas at any time during the exercises.
    Pad of sticky notes, the top of which reads 'Good ideas go here!'

    Step 1.1: Brainstorm ITAM opportunities and challenges

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers
    • ITAM business partners

    Outcomes

    • Rally the working group around a collection of ideas that, when taken together, create a vision for the future ITAM practice.
    • Identify your organization’s current ITAM challenges.

    “ITAM is a cultural shift more than a technology shift.” (Rory Canavan, SAM Charter)

    What is an IT Asset?

    Any piece of technology can be considered an asset, but it doesn’t mean you need to track everything. Image of three people building a computer from the inside.
    Icon of a power button.

    According to the ISO 19770 standard on ITAM, an IT Asset is “[an] item, thing, or entity that can be used to acquire, process, store and distribute digital information and has potential or actual value to an organization.”
    These are all things that IT is expected to support and manage, or that have the potential to directly impact services that IT supports and manages.

    Icon of a half-full battery.

    IT assets are distinct from capital assets. Some IT assets will also be capital assets, but not all will be. And not all capital assets are IT assets, either.

    Icon of a microphone.

    IT assets are typically tracked by IT, not by finance or accounting.
    IT needs more from their IT asset tracking system than the typical finance department can deliver.
    This can include end-user devices, software, IT infrastructure, cloud-based resources, third-party managed IT services, Internet-of-Things devices, embedded electronics, SCADA equipment, “smart” devices, and more.

    Icon of a fingerprint.

    It’s important to track IT assets in a way that enables IT to deliver value to the business – and an important part of this is understanding what not to track. This list should be aligned to the needs of your organization.

    What is IT asset management?

    • IT asset management is the practice of maintaining accurate, accessible, and actionable data on IT hardware, software, and cloud assets from procurement to disposal.
    • Trustworthy data maintained by an IT asset management practice will help your business meet its goals by managing risk, controlling costs, and enabling IT services and products.
    • ITAM tends to focus on the asset itself – its technical, financial, contractual, lifecycle, and ownership attributes – rather than its interactions or connections to other IT assets, which tends to be part of configuration management.

    What IT Asset Management is NOT:

    Configuration Management: Configuration management databases (CMDBs) often draw from the same data pool as ITAM (many configuration items are assets, and vice versa), but they focus on the interaction, interconnection, and interoperation of configuration items within the IT estate.

    In practice, many configuration items will be IT assets (or parts of assets) and vice versa. Configuration and asset teams should work closely together as they develop different but complementary views of the IT environment. Use Info-Tech’s methodology to harness configuration management superpowers.

    Organizational Data Management: Leverage a different Info-Tech methodology to develop a digital and data asset management program within Info-Tech’s DAM framework.

    “Asset management’s job is not to save the organization money, it’s not to push back on software audits.

    It’s to keep the asset database as up-to-date and as trustworthy as possible. That’s it.” (Jeremy Boerger, Consultant & Author)

    “You can’t make any real decisions on CMDB data that’s only 60% accurate.

    You start extrapolating that out, you’re going to get into big problems.” (Mike Austin, Founder & CEO, MetrixData 360)

    What is an ITAM strategy?

    Our strategy document will outline a coherent, sustainable, business-aligned approach to ITAM.

    No single approach to ITAM fits all organizations. Nor will the same approach fit the same organization at different times. A world-leading research university, a state government, and a global manufacturer all have very different goals and priorities that will be best supported by different approaches to ITAM.

    This methodology will walk you through these critical decisions that will define your approach to ITAM:

    • Business-aligned priorities, opportunities, and goals: What pressing opportunities and challenges do we face as an organization? What opportunities does this create that ITAM can seize?
    • Current and future state maturity, challenges: What is the state of the practice today? Where do we need to improve to meet our goals? What challenges stand in the way of improvement?
    • Responsibility, accountability, sourcing and (de)centralization: Who does what? Who is accountable? Where is there value to outsourcing? What authority will be centralized or decentralized?
    • Tools, policies, and procedures: What technology do we need? What’s our documentation framework?
    • Initiatives, KPIs, communication plan, and roadmap: What do we need to do, in what order, to build the ITAM practice to where we need it to be? How long do we expect this to take? How will we measure success?

    “A good strategy has coherence, coordinating actions, policies, and resources so as to accomplish an important end. Most organizations, most of the time, don’t have this.

    Instead, they have multiple goals and initiatives that symbolize progress, but no coherent approach to accomplish that progress other than ‘spend more and try harder.’” (Good Strategy, Bad Strategy, Richard Rumelt)

    Enable business value with IT asset management

    If you’ve never experienced a mature ITAM program before, it is almost certainly more rewarding than you’d expect once it’s functioning as intended.

    Each of the below activities can benefit from accessible, actionable, and accurate ITAM data.

    • Which of the activities, practices, and initiatives below have value to your organization?
    • Which could benefit most from ITAM data?
    Manage Risk: Effective ITAM practices provide data and processes that help mitigate the likelihood and impact of potentially damaging IT risks.

    ITAM supports the following practices that help manage organizational risk:

    • Security Controls Development
    • Security Incident Response
    • Security Audit Reports
    • Regulatory Compliance Reports
    • IT Risk Management
    • Technical Debt Management
    • M&A Due Diligence
    Optimize Spend: Asset data is essential to maintaining oversight of IT spend, ensuring that scarce resources are allocated where they can have the most impact.

    ITAM supports these activities that help optimize spend:

    • Vendor Management & Negotiations
    • IT Budget Management & Variance Analysis
    • Asset Utilization Analysis
    • FinOps & Cloud Spend Optimization
    • Showback & Chargeback
    • Software Audit Defense
    • Application Rationalization
    • Contract Consolidation
    • License and Device Reallocation
    Improve IT Services: Asset data can help inform solutions development and can be used by service teams to enhance and improve IT service practices.

    Use ITAM to facilitate these IT services and initiatives:

    • Solution and Enterprise Architecture
    • Service Level Management
    • Technology Procurement
    • Technology Refresh Projects
    • Incident & Problem Management
    • Request Management
    • Change Management
    • Green IT

    1.1 Brainstorm ideas to create a vision for the ITAM practice

    30 minutes

    Input: Stakeholders with a vision of what ITAM could provide, if resourced and funded adequately

    Output: A collection of ideas that, when taken together, create a vision for the future ITAM practice

    Materials: ITAM strategy template, Whiteboard or virtual whiteboard

    Participants: ITAM team, IT leaders and managers, ITAM business partners

    It can be easy to lose sight of long-term goals when you’re stuck in firefighting mode. Let’s get the working group into a forward-looking mindset with this exercise.

    Think about what ITAM could deliver with unlimited time, money, and technology.

    1. Provide three sticky notes to each participant.
    2. Add the headings to a whiteboard, or use a blank slide as a digital whiteboard
    3. On each sticky note, ask participants to outline a single idea as follows:
      1. We could: [idea]
      2. Which would help: [stakeholder]
      3. Because: [outcome]
    4. Ask participants to present their sticky notes and post them to the whiteboard. Ask later participants to group similar ideas together.

    As you hear your peers describe what they hope and expect to achieve with ITAM, a shared vision of what ITAM could be will start to emerge.

    1.1 Identify structural ITAM challenges

    30 minutes

    Input: The list of common challenges on the next slide, Your estimated visibility into IT assets from the previous exercise, The experience and knowledge of your participants

    Output: Identify current ITAM challenges

    Materials: Your working copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, ITAM business partners

    What’s standing in the way today of delivering the ITAM practices you want to achieve?

    Review the list of common challenges on the next slide as a group.

    1. Delete any challenges that don’t apply to your organization.
    2. Modify any challenges as required to reflect your organization.
    3. Add further challenges that aren’t on the list, as required.
    4. Highlight challenges that are particularly painful.

    Add your results to your copy of the ITAM Strategy Template

    “The problem – the reason why asset management initiatives keep falling on their face – is that people attack asset management as a problem to solve, instead of a practice and epistemological construct.” (Jeremy Boerger, Consultant & Author)

    1.1 Identify structural ITAM challenges

    Review and update the list of common challenges below to reflect your own organization.

    • Leadership and executives don’t understand the value of asset management and don’t fund or resource it.
    • Tools aren’t fit for purpose, don’t scale, or are broken.
    • There’s a cultural tendency to focus on tools over processes.
    • ITAM data is fragmented across multiple repositories.
    • ITAM data is widely viewed as untrustworthy.
    • Stakeholders respond to vendor audits before consulting ITAM, which leads to confusion and risks penalties.
    • No time for improvement; we’re always fighting fires.
    • We don’t audit our own ITAM data for accuracy.
    • End-user equipment is shared, re-assigned, or disposed without notifying or involving IT.
    • No dedicated resources.
    • Lack of clarity on roles and responsibilities.
    • Technicians don’t track assets consistently; ITAM is seen as administrative busywork.
    • Many ITAM tasks are manual and prone to error.
    • Inconsistent organizational policies and procedures.
    • We try to manage too many hardware types/software titles.
    • IT is not involved in the procurement process.
    • Request and procurement is seen as slow and excessively bureaucratic.
    • Hardware/software standards don’t exist or aren’t enforced.
    • Extensive rogue purchases/shadow IT are challenging to manage via ITAM tools and processes.
    What Else?

    Copy results to your copy of the ITAM Strategy Template

    Step 1.2: Review organizational priorities, strategy, initiatives

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers
    • Business executives or their delegates

    Outcomes

    • Review organizational priorities and strategy.
    • Identify key initiatives.

    Enter the executives

    Deliver on leadership priorities

    • Your business’ major transformative projects and executive priorities might seem far removed from hardware and software tracking. Why would we start with business strategy and executive priorities as we’re setting goals for the ITAM program?
    • While business executives have (likely) no interest in how software and hardware is tracked, they are accountable for the outcomes ITAM can enable. They are the most likely to understand why and how ITAM can deliver value to the organization.
    • ITAM succeeds by enabling its stakeholders to achieve business outcomes. The next three activities are designed to help you identify how you can enable your stakeholders, and what outcomes are most important from their point of view. Specifically:
      • What are the business’ planned transformational initiatives?
      • What are your highest priority goals?
      • What should the priorities of the ITAM practice be?
    • The answers to these questions will shape your approach to ITAM. Direct input from your leadership and executives – or their delegates – will help ensure you’re setting a solid foundation for your ITAM practice.

    “What outcomes does the organization want from IT asset management? Often, senior managers have a clear vision for the organization and where IT needs to go, and the struggle is to communicate that down.” (Kylie Fowler, ITAM Intelligence)

    Stock image of many hands with different puzzle pieces.

    Executive Alignment Session Overview

    ITAM Strategy Working Sessions

    • Discover & Brainstorm
    • Executive Alignment Working Session
      • 1.2 Review organizational strategy, priorities, and key initiatives
      • 1.3 Align executive priorities with ITAM opportunities, set ITAM priorities
    • ITAM Practice Maturity, Vision & Mission, Metrics & KPIs
    • Scope, Outsourcing, (De)Centralization, RACI
    • Service Management Integration
    • ITAM Tools
    • Audits, Budgets, Documents
    • Roadmap & Comms Plan

    A note to the lead facilitator and project sponsor:
    Consider working through these exercises by yourself ahead of time. As you do so, you’ll develop your own ideas about where these discussions may go, which will help you guide the discussion and provide examples to participants.

    1.2 Review organizational strategy and priorities

    30 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The diagram in the next slide, and/or a whiteboard, Your copy of the ITAM Strategy Template

    Participants: Asset manager, IT leadership, Business executives or delegates

    Welcome your group to the working session and outline the next few exercises using the previous slide.

    Ask the most senior leader present to provide a summary of the following:

    1. What is the vision for the organization?
    2. What are our priorities and what must we absolutely get right?
    3. What do we expect the organization to look like in three years?

    The facilitator or a dedicated note-taker should record key points on a whiteboard or flipchart paper.

    1.2 Identify transformational initiatives

    30 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The diagram in the next slide, and/or a whiteboard, Your copy of the ITAM Strategy Template

    Participants: Asset manager, IT leadership, Business executives or delegates

    Ask the most senior leader present to provide a summary of the following: What transformative business and IT initiatives are planned? When will they begin and end?

    Using one box per initiative, draw the initiatives in a timeline like the one below.

    Sample timeline for ITAM initiatives.

    Add your results to your copy of the ITAM Strategy Template

    Step 1.3: Set business-aligned ITAM priorities

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers
    • Business executives

    Outcomes

    • Connect executive priorities to ITAM opportunities.
    • Set business-aligned priorities for the ITAM practice.

    1.3 Align executive priorities with ITAM opportunities

    45 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The diagram in the next slide, and/or a whiteboard, Your copy of the ITAM Strategy Template

    Participants: Asset manager, IT leaders and managers, Business executives or delegates

    In this exercise, we’ll use the table on the next slide to identify the top priorities of key business and IT stakeholders and connect them to opportunities for the ITAM practice.

    1. Ask your leadership or executive delegates – what are their goals? What are they trying to accomplish? List roles and related goals in the table.
    2. Brainstorm opportunities for IT asset management to support listed goals:
      1. Can ITAM provide an enhanced level of service, access, or insight?
      2. Can ITAM address an existing issue or mitigate an existing risk?

    Add your results to your copy of the ITAM Strategy Template

    1.3 Align executive priorities with ITAM opportunities (example)

    ITAM is for the… Who wants to… Which presents these ITAM opportunities
    CEO Deliver transformative business initiatives Acquire the right tech at the right time to support transformational initiatives.
    Establish a data-driven culture of stewardship Improve data to increase IT spend transparency.
    COO Improve organizational efficiency Increase asset use.
    Consolidate major software contracts to drive discounts.
    CFO Accurately forecast spending Track and anticipate IT asset spending.
    Control spending Improve data to increase IT spend transparency.
    Consolidate major software contracts to drive discounts.
    CIO Demonstrate IT value Use data to tell a story about value delivered by IT assets.
    Govern IT use Improve data to increase IT spend transparency.
    CISO Manage IT security and compliance risks Identify abandoned or out-of-spec IT assets.
    Provide IT asset data to support controls development.
    Respond to security incidents Support security incident teams with IT asset data.
    Apps Leader Build, integrate, and support applications Identify opportunities to retire applications with redundant functionality.
    Connect applications to relevant licensing and support agreements.
    IT Infra Leader Build and support IT infrastructure. Provide input on opportunities to standardize hardware and software.
    Provide IT asset data to technicians supporting end users.

    1.3 Categorize ITAM opportunities

    10-15 minutes

    Input: The outputs from the previous exercise

    Output: Executive priorities, sorted into the three categories at the right

    Materials: The table in this slide, The outputs from the previous exercise

    Participants: Lead facilitator

    Give your participants a quick break. Quickly sort the identified ITAM opportunities into the three main categories below as best you can.

    We’ll use this table as context for the next exercise.

    Example: Optimize Spend Enhance IT Services Manage Risk
    ITAM Opportunities
    • Improve data to increase IT spend transparency.
    • Consolidate major software contracts to drive discounts.
    • Increase asset utilization.
    • Identify opportunities to retire applications with redundant functionality
    • Acquire the right tech at the right time to support transformational initiatives.
    • Provide IT asset data to technicians supporting end users.
    • Identify abandoned or out-of-spec IT assets.
    • Provide IT asset data to support controls development.
    • Support security incident teams with IT asset data.

    Add your results to your copy of the ITAM Strategy Template

    1.3 Set ITAM priorities

    30 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: Whiteboard, The template on the next slide, Your copy of the ITAM Strategy Template

    Participants: Asset manager, IT leaders and managers, Business executives or delegates

    The objective of this exercise is to prioritize the outcomes your organization wants to achieve from its ITAM practice, given the context from the previous exercises.

    Review the image below. The three points of the triangle are the three core goals of ITAM: Enhance IT Service, Manage Risk, and Optimize Spend. This exercise was first developed by Kylie Fowler of ITAM Intelligence. It is an essential exercise to understand ITAM priorities and the tradeoffs associated with those priorities. These priorities aren’t set in stone and should be revisited periodically as technology and business priorities change.

    Draw the diagram on the next slide on a whiteboard. Have the most senior leader in the room place the dot on the triangle – the closer it is to any one of the goals, the more important that goal is to the organization. Note: The center of the triangle is off limits! It’s very rarely possible to deliver on all three at once.
    Track notes on what’s being prioritized – and why – in the template on the next slide.
    Triangle with the points labelled 'Enhance IT Service', 'Manage Risk', and 'Optimize Spend'.

    Add your results to your copy of the ITAM Strategy Template

    1.3 Set ITAM Priorities

    The priorities of the ITAM practice are to:
    • Optimize Spend
    • Manage Risk
    Why?
    • We believe there is significant opportunity right now to rationalize spend by consolidating key software contracts.
    • Major acquisitions are anticipated in the near future. Effective ITAM processes are expected to mitigate acquisition risk by supporting due diligence and streamlined integration of acquired organizations.
    • Ransomware and supply chain security threats have increased demands for a comprehensive accounting of IT assets to support security controls development and security incident response.
    (Update this section with notes from your discussion.)
    Triangle with the points labelled 'Enhance IT Service', 'Manage Risk', and 'Optimize Spend'. There is a dot close to the 'Optimize Spend' corner, a legend labelling the dot as 'Our Target', and a note reading 'Move this dot to reflect your priorities'.

    Step 1.4: Identify ITAM goals, target maturity

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers

    Outcomes

    • Connect executive priorities to ITAM opportunities.
    • Set business-aligned priorities for the ITAM practice.

    “ITAM is really no different from the other ITIL practices: to succeed, you’ll need some ratio of time, treasure, and talent… and you can make up for less of one with more of the other two.” (Jeremy Boerger, Consultant and Author)

    1.4 Identify near- and medium-term goals

    15-30 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers

    Narrow down the list of opportunities to identify specific goals for the ITAM practice.

    1. Use one color to highlight opportunities you will seize in the next year.
    2. Use a second color to highlight opportunities you plan to address in the next three years.
    3. Leave blank anything you don’t intend to address in this timeframe.

    The highlighted opportunities are your near- and medium-term objectives.

    Optimize Spend Enhance IT Services Manage Risk
    Priority Critical Normal High
    ITAM Opportunities
    • Improve data to increase IT spend transparency.
    • Increase asset utilization.
    • Consolidate major software contracts to drive discounts.
    • Identify opportunities to retire applications with redundant functionality
    • Acquire the right tech at the right time to support transformational initiatives.
    • Provide IT asset data to technicians supporting end users.
    • Identify abandoned or out-of-spec IT assets.
    • Provide IT asset data to support controls development.
    • Support security incident teams with IT asset data.

    1.4 Connect ITAM goals to tactics

    30 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers

    Let’s dig down a little deeper. Connect the list of opportunities from earlier to specific ITAM tactics that allow the team to seize those opportunities.

    Add another row to the earlier table for ITAM tactics. Brainstorm tactics with your participants (e.g. sticky notes on a whiteboard) and align them with the priorities they’ll support.

    Optimize SpendEnhance IT ServicesManage Risk
    PriorityCriticalNormalHigh
    ITAM Opportunities
    • Improve data to increase IT spend transparency.
    • Increase asset utilization.
    • Consolidate major software contracts to drive discounts.
    • Identify opportunities to retire applications with redundant functionality
    • Acquire the right tech at the right time to support transformational initiatives.
    • Provide IT asset data to technicians supporting end users.
    • Identify abandoned or out-of-spec IT assets.
    • Provide IT asset data to support controls development.
    • Support security incident teams with IT asset data.
    ITAM Tactics to Seize Opportunities
    • Review and improve hardware budgeting exercises.
    • Reallocate unused licenses, hardware.
    • Ensure ELP reports are up to date.
    • Validate software usage.
    • Data to support software renewal negotiations.
    • Use info from ITAM for more efficient adds, moves, changes.
    • Integrate asset records with the ticket intake system, so that when someone calls the service desk, the list of their assigned equipment is immediately available.
    • Find and retire abandoned devices or services with access to the organization’s network.
    • Report on lost/stolen devices.
    • Develop reliable disposal processes.
    • Report on unpatched devices/software.

    Add your results to your copy of the ITAM Strategy Template

    1.4 Identify current and target state

    20 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers

    We’ll use this exercise to identify the current and one-year target state of ITAM using Info-Tech’s ITAM maturity framework.

    1. Review the maturity framework on the next slide as a group.
    2. In one color, highlight statements that reflect your organization today. Summarize your current state. Are you in firefighter mode? Between “firefighter” and “trusted operator”?
    3. In a second color, highlight statements that reflect where you want to be one year from today, taking into consideration the goals and tactics identified in the last exercise.
    4. During a break, copy the highlighted statements to the table on the slide after next, then add this final slide to your working copy of the ITAM Strategy Template.

    Add your results to your copy of the ITAM Strategy Template

    Establish current and target ITAM maturity

    IT maturity ladder with five color-coded levels. Innovator – Optimized Asset Management
    • All items from Business & Technology Partner, plus:
    • Business and IT stakeholders collaborate regularly with the ITAM team to identify new opportunities to leverage or deploy ITAM practices and data to mitigate risks, optimize spend, and improve service. The ITAM program scales with the business.
    Business & Technology Partner – Proactive Asset Management
    • All items from Trusted Operator, plus:
    • The ITAM data is integral to decisions related to budget, project planning, IT architecture, contract renewal, and vendor management. Software and cloud assets are reviewed as frequently as required to manage costs. ITAM data consumers have self-serve access to ITAM data.
    • Continuous improvement practices strengthen ITAM efficiency and effectiveness.
    • ITAM processes, standards, and related policies are regularly reviewed and updated. ITAM teams work closely with SMEs for key tools/systems integrated with ITAM (e.g. AD, ITSM, monitoring tools) to maximize the value and reliability of integrations.
    Trusted Operator – Controls Assets
    • ITAM data for deployed hardware and software is regularly audited for accuracy.
    • Sufficient staff and skills to support asset tracking, including a dedicated IT asset management role. Teams responsible for ITAM data collection cooperate effectively. Policies and procedures are documented and enforced. Key licenses and contracts are available to the ITAM team. Discovery, tracking, and analysis tools support most important use cases.
    Firefighter – Reactive Asset Tracking
    • Data is often untrustworthy, may be fragmented across multiple repositories, and typically requires significant effort to translate or validate before use.
    • Insufficient staff, fragmented or incomplete policies or documentation. Data tracking processes are extremely highly manual. Effective cooperation for ITAM data collection is challenging.
    • ITAM tools are in place, but additional configuration or tooling is needed.
    Unreliable - Struggles to Support
    • No data, or data is typically unusable.
    • No allocated staff, no cooperation between parties responsible for ITAM data collection.
    • No related policies or documentation.
    • Tools are non-existent or not fit-for-purpose.

    Current and target ITAM maturity

    Today:
    Firefighter
    • Data is often untrustworthy, is fragmented across multiple repositories, and typically requires significant effort to translate or validate before use.
    • Insufficient staff, fragmented or incomplete policies or documentation.
    • Tools are non-existent.
    In One Year:
    Trusted Operator
    • ITAM data for deployed hardware and software is regularly audited for accuracy.
    • Sufficient staff and skills to support asset tracking, including a dedicated IT asset management role.
    • Teams responsible for ITAM data collection cooperate effectively.
    • Discovery, tracking, and analysis tools support most important use cases.
    IT maturity ladder with five color-coded levels.

    Innovator – Optimized Asset Management

    Business & Technology Partner – Proactive Asset Management

    Trusted Operator – Controls Assets

    Firefighter – Reactive Asset Tracking

    Unreliable - Struggles to Support

    Step 1.5: Write mission and vision statements

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers

    Outcomes

    • Write a mission statement that encapsulates the purpose and intentions of the ITAM practice today.
    • Write a vision statement that describes what the ITAM practice aspires to become and achieve.

    Write vision and mission statements

    Create two statements to summarize the role of the ITAM practice today – and where you want it to be in the future.

    Create two short, compelling statements that encapsulate:
    • The vision for what we want the ITAM practice to be in the future; and
    • The mission – the purpose and intentions – of the ITAM practice today.

    Why bother creating mission and vision statements? After all, isn’t it just rehashing or re-writing all the work we’ve just done? Isn’t that (at best) a waste of time?

    There are a few very important reasons to create mission and vision statements:

    • Create a compass that can guide work today and your roadmap for the future.
    • Focus on the few things you must do, rather than the many things you could do.
    • Concisely communicate a compelling vision for the ITAM practice to a larger audience who (let’s face it) probably won’t read the entire ITAM Strategy deck.

    “Brevity is the soul of wit.” (Hamlet, Act 2, Scene 2)

    “Writing is easy. All you have to do is cross out the wrong words.” (Mark Twain)

    1.5 Write an ITAM vision statement

    30 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: A whiteboard, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT Leaders and managers

    Your vision statement describes the ITAM practice as it will be in the far future. It is a target to aspire to, beyond your ability to achieve in the near or medium term.

    Examples of ITAM vision statements:

    Develop the single accurate view of IT assets, available to anyone who needs it.

    Indispensable data brokers that support strategic decisions on the IT environment.

    Provide sticky notes to participants. Write out the three questions below on a whiteboard side by side. Have participants write their answers to the questions and post them below the appropriate question. Give everyone 10 minutes to write and post their ideas.

    1. What’s the desired future state of the ITAM practice?
    2. What needs to be done to achieved this desired state?
    3. How do we want ITAM to be perceived in this desired state?

    Review the answers and combine them into one focused vision statement. Use the 20x20 rule: take no more than 20 minutes and use no more than 20 words. If you’re not finished after 20 minutes, the ITAM manager should make any final edits offline.

    Document your vision statement in your ITAM Strategy Template.

    Add your results to your copy of the ITAM Strategy Template

    1.5 Write an ITAM mission statement

    30 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers

    Your ITAM mission statement is an expression of what your IT asset management function brings to your organization today. It should be presented in straightforward language that is compelling, easy to understand, and sharply focused.

    Examples of ITAM mission statements:

    Maintain accurate, actionable, accessible on data on all IT assets.

    Support IT and the business with centralized and integrated asset data.

    Provide sticky notes to participants. Write out the questions below on a whiteboard side by side. Have participants write their answers to the questions and post them below the appropriate question. Give everyone 10 minutes to write and post their ideas.

    1. What is our role as the asset management team?
    2. How do we support the IT and business strategies?
    3. What does our asset management function offer that no one else can?

    Review the answers and combine them into one focused vision statement. Use the 20x20 rule: take no more than 20 minutes and use no more than 20 words. If you’re not finished after 20 minutes, the ITAM manager should make any final edits offline.

    Document your vision statement in your ITAM Strategy Template.

    Add your results to your copy of the ITAM Strategy Template

    Step 1.6: Define ITAM metrics and KPIs

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers

    Outcomes

    • Identify metrics, data, or reports that may be of interest to different consumers of ITAM data.
    • Identify the key performance indicators (KPIs) for the ITAM practice, based on the goals and priorities established earlier.

    Navigate a universe of ITAM metrics

    When you have the data, how will you use it?

    • There’s a dizzying array of potential metrics you can develop and track across your ITAM environment.
    • Different stakeholders will need different data feeds, metrics, reports, and dashboards.
    • Different measures will be useful at different times. You will often need to filter or slice the data in different ways (by department, timeframe, equipment type, etc.)
    • We’ll use the next few exercises to identify the types of metrics that may be useful to different stakeholders and the KPIs to measure progress towards ITAM goals and priorities.

    ITAM Metrics

    • Quantity
      e.g. # of devices or licenses
    • Cost
      e.g. average laptop cost
    • Compliance
      e.g. effective license position reports
    • Progress
      e.g. ITAM roadmap items completed
    • Quality
      e.g. ITAM data accuracy rate
    • Time
      e.g. time to procure/ deploy

    Drill down by:

    • Vendor
    • Date
    • Dept.
    • Product
    • Location
    • Cost Center

    Develop different metrics for different teams

    A few examples:

    • CIOs — CIOs need asset data to govern technology use, align to business needs, and demonstrate IT value. What do we need to budget for hardware and software in the next year? Where can we find money to support urgent new initiatives? How many devices and software titles do we manage compared to last year? How has IT helped the business achieve key goals?
    • Asset Managers — Asset managers require data to help them oversee ITAM processes, technology, and staff, and to manage the fleet of IT assets they’re expected to track. What’s the accuracy rate of ITAM data? What’s the state of integrations between ITAM and other systems and processes? How many renewals are coming up in the next 90 days? How many laptops are in stock?
    • IT Leaders — IT managers need data that can support their teams and help them manage the technology within their mandate. What technology needs to be reviewed or retired? What do we actually manage?
    • Technicians — Service desk technicians need real-time access to data on IT assets to support service requests and incident management – for example, easy access to the list of equipment assigned to a particular user or installed in a particular location.
    • Business Managers and Executives — Business managers and executives need concise, readable dashboards to support business decisions about business use of IT assets. What’s our overall asset spend? What’s our forecasted spend? Where could we reallocate spend?

    1.6 Identify useful ITAM metrics and reports

    60 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers

    Use this exercise to identify as many potentially useful ITAM metrics and reports as possible, and narrow them down to a few high-priority metrics. Leverage the list of example metrics on the next slide for your own exercise. If you have more than six participants, consider splitting into two or more groups, and divide the table between groups to minimize overlap.

    1. List potential consumers of ITAM data in the column on the left.
    2. What type of information do we think this role needs? What questions about IT assets do we get on a regular basis from this role or team?
    3. Review and consolidate the list as a group. Discuss and highlight any metrics the group thinks are a particularly high priority for tracking.
    Role Compliance Quality Quantity Cost Time Progress
    IT Asset Manager Owned devices not discovered in last 60 days Discrepancies between discovery data and ITAM DB records # of corporate-owned devices Spend on hardware (recent and future/ planned) Average time, maximum time to deploy end-user devices Number of ITAM roadmap items in progress
    Service Desk

    Add your results to your copy of the ITAM Strategy Template

    Examples of ITAM metrics

    Compliance Quality Quantity Cost Time/Duration/Age Progress
    Owned devices not discovered in last 60 days Discrepancies between discovery data and ITAM DB records # of corporate-owned devices Spend on hardware (recent and future/planned) Average time, maximum time to deploy end-user devices Number of ITAM roadmap items in progress or completed
    Disposed devices without certificate of destruction Breakage rates (in and out of warranty) by vendor # of devices running software title X, # of licenses for software title X Spend on software (recent and future/planned) Average time, maximum time to deploy end user software Number of integrations between ITAM DB and other sources
    Discrepancies between licenses and install count, by software title RMAs by vendor, model, equipment type Number of requests by equipment model or software title Spend on cloud (recent and future/planned) Average & total time spent on software audit responses Number of records in ITAM database
    Compliance reports (e.g. tied to regulatory compliance or grant funding) Tickets by equipment type or software title Licenses issued from license pool in the last 30 days Value of licenses issued from license pool in the last 30 days (cost avoidance) Devices by age Software titles with an up-to-date ELP report
    Reports on lost and stolen devices, including last assigned, date reported stolen, actions taken User device satisfaction scores, CSAT scores Number of devices retired or donated in last year Number of IT-managed capital assets Number of hardware/software request tickets beyond time-to-fulfil targets Number of devices audited (by ITAM team via self-audit)
    Number of OS versions, unpatched systems Number of devices due for refresh in the next year Spend saved by harvesting unused software Number of software titles, software vendors managed by ITAM team
    Audit accuracy rate Equipment in stock Cost savings from negotiations
    # of users assigned more than one device Number of non-standard devices or requests Dollars charged during audit or true-up

    Differentiate between metrics and KPIs

    Key performance indicators (KPIs) are metrics with targets aligned to goals.

    Targets could include one or more of:

    • Target state (e.g. completed)
    • Target magnitude (e.g. number, percent, rate, dollar amount)
    • Target direction (e.g. trending up or down)

    You may track many metrics, but you should have only a few KPIs (typically 2-3 per objective).

    A breached KPI should be a trigger to investigate and remediate the root cause of the problem, to ensure progress towards goals and priorities can continue.

    Which KPIs you track will change over the life of the practice, as ITAM goals and priorities shift. For example, KPIs may initially track progress towards maturing ITAM practices. Once you’ve reached target maturity, KPIs may shift to track whether the key service targets are being met.

    1.6 Identify ITAM KPIs

    20 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers

    Good KPIs are a more objective measure of whether you’re succeeding in meeting the identified priorities for the ITAM practice.

    Identify metrics that can measure progress or success against the priorities and goals set earlier. Aim for around three metrics per goal. Identify targets for the metric you think are SMART (specific, measurable, achievable, relevant, and timebound). Track your work using the example table below.

    Goal Metric Target
    Consolidate major software contracts to drive discounts Amount spent on top 10 software contracts Decrease by 10% by next year
    Customer satisfaction scores with enterprise software Satisfaction is equal to or better than last year
    Value of licenses issued from license pool 30% greater than last year
    Identify abandoned or out-of-spec IT assets # of security incidents involving undiscovered assets Zero
    % devices with “Deployed” status in ITAM DB but not discovered for 30+ days ‹1% of all records in ITAM DB
    Provide IT asset data to technicians for service calls Customer satisfaction scores Satisfaction is equal to or better than last year
    % of end-user devices meeting minimum standards 97%

    Add your results to your copy of the ITAM Strategy Template

    Develop an IT Asset Management Strategy

    Phase 2:

    Identify your approach to support ITAM priorities and goals

    Phase 1

    1.1 Define ITAM and brainstorm opportunities and challenges.

    Executive Alignment Working Session:

    1.2 Review organizational priorities, strategy, and key initiatives.

    1.3 Align executive priorities with ITAM opportunities & priorities.

    1.4 Identify business-aligned ITAM goals and target maturity.

    1.5 Write mission and vision statements.

    1.6 Define ITAM metrics and KPIs.

    Phase 2

    2.1 Define ITAM scope.

    2.2 Acquire ITAM services (outsourcing and contracting).

    2.3 Centralize or decentralize ITAM capabilities.

    2.4 Create a RACI for the ITAM practice.

    2.5 Align ITAM with other service management practices.

    2.6 Evaluate ITAM tools and integrations.

    2.7 Create a plan for internal and external audits.

    2.8 Improve your budget processes.

    2.9 Establish a documentation framework.

    2.10 Create a roadmap and communication plan.

    Phase Outcomes:

    Establish an approach to achieving ITAM goals and priorities, including scope, structure, tools, service management integrations, documentation, and more.

    Create a roadmap that enables you to realize your approach.

    Step 2.1: Define ITAM Scope

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers
    • ITAM business partners

    Outcomes

    • Establish what types of equipment and software you’ll track through the ITAM practice.
    • Establish which areas of the business will be in scope of the ITAM practice.

    Determine ITAM Scope

    Focus on what’s most important and then document it so everyone understands where they can provide the most value.

    Not all categories of assets require the same level of tracking, and some equipment and software should be excluded from the ITAM practice entirely.

    In some organizations, portions of the environment won’t be tracked by the asset management team at all. For example, some organizations will choose to delegate tracking multi-function printers (MFPs) or proprietary IoT devices to the department or vendor that manages them.

    Due to resourcing or technical limitations, you may decide that certain equipment or software is out of scope for the moment.

    What do other organizations typically track in detail?
    • Installs and entitlements for major software contracts that represent significant spend and/or are highly critical to business goals.
    • Equipment managed directly by IT that needs to be refreshed on a regular cycle:
      • End-user devices such as laptops, desktops, and tablets.
      • Server, network, and telecoms devices.
    • High value equipment that is not regularly refreshed may also be tracked, but in less detail – for example, you may not refresh large screen TVs, but you may need to track date of purchase, deployed location, vendor, and model for insurance or warranty purposes.

    2.1 Establish scope for ITAM

    45 minutes

    Input: Organizational strategy documents

    Output: ITAM scope, in terms of types of assets tracked and not tracked

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, ITAM business partners

    Establish the hardware and software that are within the scope of the ITAM program by updating the tables below to reflect your own environment. The “out of scope” category will include asset types that may be of value to track in the future but for which the capability or need don’t exist today.

    Hardware Software Out of Scope
    • End-user devices housing data or with a dollar value of more than $300, which will be replaced through lifecycle refresh.
    • Infrastructure devices, including network, telecom, video conferencing, servers and more
    • End-user software purchased under contract
    • Best efforts on single license purchases
    • Infrastructure software, including solutions used by IT to manage the infrastructure
    • Enterprise applications
    • Cloud (SaaS, IaaS, PaaS)
    • Departmental applications
    • Open-source applications
    • In-house developed applications
    • Freeware & shareware
    • IoT devices

    The following locations will be included in the ITAM program: All North and South America offices and retail locations.

    Add your results to your copy of the ITAM Strategy Template

    Step 2.2: Acquire ITAM Services

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers
    • ITAM business partners

    Outcomes

    • Define the type of work that may be more effectively or efficiently delivered by an outsourcer or contractor.

    “We would like our clients to come to us with an idea of where they want to get to. Why are you doing this? Is it for savings? Because you want to manage your security attack surface? Are there digital initiatives you want to move forward? What is the end goal?” (Mike Austin, MetrixData 360)

    Effectively acquire ITAM services

    Allow your team to focus on strategic, value-add activities by acquiring services that free them from commodity tasks.
    • When determining which asset capabilities and activities are best kept in-house and which ones are better handled by a supplier, it is imperative to keep the value to the business in mind.
    • Activities/capabilities that are challenging to standardize and are critical to enabling business goals are better kept in-house.
    • Activities/capabilities that are (or should be) standardized and automated are ideal candidates for outsourcing.
    • Outsourcing can be effective and successful with a narrow scope of engagement and an alignment to business outcomes.
    • Organizations that heavily weigh cost reduction as a significant driver for outsourcing are far less likely to realize the value they expected to receive.
    Business Enablement
    • Supports business-aligned ITAM opportunities & priorities
    • Highly specialized
    • Offers competitive advantages
    Map with axes 'Business Enablement' and 'Vendor's Performance Advantage' for determining whether or not to outsource.
    Vendor’s Performance Advantage
    • Talent or access to skills
    • Economies of scale
    • Access to technology
    • Does not require deep knowledge of your business

    Decide what to outsource

    It’s rarely all or nothing.

    Ask yourself:
    • How important is this activity or capability to ITAM, IT, and business priorities and goals?
    • Is it a non-commodity IT service that can improve customer satisfaction?
    • Is it a critical service to the business and the specialized knowledge must remain in-house?
    • Does the function require access to talent or skills not currently available in-house, and is cost-prohibitive to obtain?
    • Are there economies of scale that can help us meet growing demand?
    • Does the vendor provide access to best-of-breed tools and solutions that can handle the integration, management, maintenance and support of the complete system?

    You may ultimately choose to engage a single vendor or a combination of multiple vendors who can best meet your ITAM needs.

    Establishing effective vendor management processes, where you can maximize the amount of service you receive while relying on the vendor’s expertise and ability to scale, can help you make your asset management practice a net cost-saver.

    ITAM activities and capabilities
    • Contract review
    • Software audit management
    • Asset tagging
    • Asset disposal and recycling
    • Initial ITAM record creation
    • End-user device imaging
    • End-user device deployment
    • End-user software provisioning
    • End-user image management
    • ITAM database administration
    • ELP report creation
    • ITAM process management
    • ITAM report generation
    ITAM-adjacent activities and capabilities
    • Tier 1 support/service desk
    • Deskside/field support
    • Tier 3 support
    • IT Procurement
    • Device management/managed IT services
    • Budget development
    • Applications development, maintenance
    • Infrastructure hosting (e.g. cloud or colocation)
    • Infrastructure management and support
    • Discovery/monitoring tools management and support

    2.2 Identify outsourcing opportunities

    1-2 hours

    Input: Understanding of current ITAM processes and challenges

    Output: Understanding of potential outsourcing opportunities

    Materials: The table in this slide, and insight in previous slides, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, ITAM business partners

    At a high level, discuss which functions of ITAM are good candidates for outsourcing.

    Start with the previous slide for examples of outsourcing activities or capabilities directly related to or adjacent to the ITAM practice. Categorize these activities as follows:

    Outsource Potentially Outsource Insource
    • Asset disposal/recycling
    • ELP report creation
    • ITAM process management

    Go through the list of activities to potentially or definitely outsource and confirm:

    1. Will outsourcing solve a resourcing need for an existing process, or can you deliver this adequately in-house?
    2. Will outsourcing improve the effectiveness and efficiency of current processes? Will it deliver more effective service channels or improved levels of reliability and performance consistency?
    3. Will outsourcing provide or enable enhanced service capabilities that your IT customers could use, and which you cannot deliver in-house due to lack of scale or capacity?

    Answering “no” to more than one of these questions suggests a need to further review options to ensure the goals are aligned with the potential value of the service offerings available.

    Add your results to your copy of the ITAM Strategy Template

    Step 2.3: Centralize or decentralize ITAM capabilities

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers
    • ITAM business partners

    Outcomes

    • Outline where the team(s) responsible for ITAM sit across the organization, who they report to, and who they need to work with across IT and the business.

    Align ITAM with IT’s structure

    ITAM’s structure will typically align with the larger business and IT structure. The wrong structure will undermine your ability to meet ITAM goals and lead to frustration, missed work, inefficiency, and loss of value.

    Which of the four archetypes below reflects the structure you need?

    1. Centralized — ITAM is entirely centralized in a single function, which reports into a central IT department.
    2. Decentralized — Local IT groups are responsible and accountable for ITAM. They may coordinate informally but do not report to any central team.
    3. Hybrid-Shared Services — Local IT can opt in to shared services but must follow centrally set ITAM practices to do so, usually with support from a shared ITAM function.
    4. Hybrid-Federated — Local IT departments are free to develop their own approach to ITAM outside of core, centrally set requirements.

    Centralized ITAM

    Total coordination, control, and oversight

    • ITAM accountability, policies, tools, standards, and expertise – in this model, they’re all concentrated in a single, specialized IT asset management practice. Accountability, authority, and oversight are concentrated in the central function as well.
    • A central ITAM team will benefit from knowledge sharing and task specialization opportunities. They are a visible single point of contact for ITAM-related questions
    • The central ITAM team will coordinate ITAM activities across the organization to optimize spend, manage risk, and enhance service. Any local IT teams are supported by and directly answerable to the central ITAM team for ITAM activities.
    • There is a single, centrally managed ITAM database. Wherever possible, this database should be integrated with other tools to support cross-solution automation (e.g. integrate AD to automatically reflect user identity changes in the ITAM database).
    • This model drives cross-organization coordination and oversight, but it may not be responsive to specific and nuanced local requirements.
    Example: Centralized
    Example of a Centralized ITAM.

    Solid line. Direct reporting relationship

    Dotted line. Dotted line working or reporting relationship

    Decentralized ITAM

    Maximize choice

    • ITAM accountability and oversight are entirely devolved to local or regional IT and/or ITAM organizations, which are free to set their own priorities, goals, policies, and standards. This model maximizes the authority of local groups to build practices that meet local requirements.
    • It may be challenging to resource and mature local practices. ITAM maturity will vary from one local organization to the next.
    • It is more likely that ITAM managers are a part-time role, and sometimes even a non-IT role. Local ITAM teams or coordinators may coordinate and share knowledge informally, but specialization can be challenging to build or leverage effectively across the organization.
    • There is likely no central ITAM tool. Local tools may be acquired, implemented, and integrated by local IT departments to suit their own needs, which can make it very difficult to report on assets organization-wide – for example, to establish compliance on an enterprise software contract.
    Example: Decentralized


    Example of a Decentralized ITAM.

    Solid line. Direct reporting relationship

    Dotted line. Dotted line working or reporting relationship

    Blue dotted line. Informal working relationships, knowledge sharing

    Hybrid: Federation

    Centralization with a light touch

    • A middle ground between centralized and decentralized ITAM, this model balances centralized decision making, specialization, and governance with local autonomy.
    • A central team will define organization-wide ITAM goals, develop capabilities, policies, and standards, and monitor compliance by local and central teams. All local teams must comply with centrally defined requirements, but they can also develop further capabilities to meet local goals.
    • For example, there will typically be a central ITAM database that must be used for at least a subset of assets, but other teams may build their own databases for day-to-day operations and export data to the central database as required.
    • There are often overlapping responsibilities in this model. A strong collaborative relationship between central and local ITAM teams is especially important here, particularly after major changes to requirements, processes, tools, or staffing when issues and breakdowns are more likely.
    Example: Federation


    Example of a Federation ITAM.

    Solid line. Direct reporting relationship

    Purple solid line. Oversight/governance

    Dotted line. Dotted line working or reporting relationship

    Hybrid: Shared Services

    Optional centralization

    • A special case of federated ITAM that balances central control and local autonomy, but with more power given to local IT to opt out of centralized shared services that come with centralized ITAM requirements.
    • ITAM requirements set by the shared services team will support management, allocation, and may have showback or chargeback implications. Following the ITAM requirements is a condition of service. If a local organization chooses to stop using shared services, they are (naturally) no longer required to adhere to the shared services ITAM requirements.
    • As with the federated model, local teams may develop further capabilities to meet local goals.
    Example: Shared Services


    Example of a Shared Services ITAM.

    Solid line. Direct reporting relationship

    Dotted line. Dotted line working relationship

    Blue dotted line. Informal working relationships, knowledge sharing

    Structure data collection & analysis

    Consider the implications of structure on data.

    Why centralize?
    • There is a need to build reports that aggregate data on assets organization-wide, rather than just assets within a local environment.
    • Decentralized ITAM tracking isn’t producing accurate or usable data, even for local purposes.
    • Tracking tools have overlapping functionality. There’s an opportunity to rationalize spend, management and support for ITAM tools.
    • Contract centralization can optimize spend and manage risks, but only with the data required to manage those contracts.
    Why decentralize?
    • Tracking and reporting on local assets is sufficient to meet ITAM goals; there is limited or no need to track assets organization-wide.
    • Local teams have the skills to track and maintain asset data; subsidiaries have appropriate budgets and tools to support ITAM tracking.
    • Decentralized ITSM/ITAM tools are in place, populated, and accurate.
    • The effort to consolidate tools and processes may outweigh the benefits to data centralization.
    • Lots of variability in types of assets and the environment is stable.
    Requirements for success:
    • A centralized IT asset management solution is implemented and managed.
    • Local teams must understand the why and how of centralized data tracking and be held accountable for assigned responsibilities.
    • The asset tool should offer both centralized and localized views of the data.
    Requirements for success:
    • Guidelines and expectations for reporting to centralized asset management team will be well defined and supported.
    • Local asset managers will have opportunity to collaborate with others in the role for knowledge transfer and asset trading, where appropriate.

    Structure budget and contract management

    Contract consolidation creates economies of scale for vendor management and license pooling that strengthen your negotiating position with vendors and optimize spend.

    Why centralize?
    • Budgeting, governance, and accountability are already centralized. Centralized ITAM practices can support the existing governance practices.
    • Centralizing contract management and negotiation can optimize spend and/or deliver access to better service.
    • Centralize management for contracts that cover most of the organization, are highly complex, involve large spend and/or higher risk, and will benefit from specialization of asset staff.
    Why decentralize?
    • Budgeting, governance, and accountability rest with local organizations.
    • There may be increased need for high levels of customer responsiveness and support.
    • Decentralize contract management for contracts used only by local groups (e.g. a few divisions, a few specialized functions), and that are smaller, low risk, and come with standard terms and conditions.
    Requirements for success:
    • A centralized IT asset management solution is implemented and managed.
    • Contract terms must be harmonized across the organization.
    • Centralized fulfillment is as streamlined as possible. For example, software contracts should include the right to install at any time and pay through a true-up process.
    Requirements for success:
    • Any expectations for harmonization with the centralized asset management team will be well defined and supported.
    • Local asset managers can collaborate with other local ITAM leads to support knowledge transfer, asset swapping, etc.

    Structure technology management

    Are there opportunities to centralize or decentralize support functions?

    Why centralize?
    • Standard technologies are deployed organization-wide.
    • There are opportunities to improve service and optimize costs by consolidating knowledge, service contracts, and support functions.
    • Centralizing data on product supply allows for easier harvest and redeployment of assets by a central support team.
    • A stable, central support function can better support localized needs during seasonal staffing changes, mergers and acquisitions.
    Why decentralize?
    • Technology is unique to a local subset of users or customers.
    • Minimal opportunity for savings or better support by consolidating knowledge, service contracts, or support functions.
    • Refresh standards are set at a local level; new tech adoption may be impeded by a reliance on older technologies, local budget shortfalls, or other constraints.
    • Hardware may need to be managed locally if shipping costs and times can’t reasonably be met by a distant central support team.
    Requirements for success:
    • Ensure required processes, technologies, skills, and knowledge are in place to enable centralized support.
    • Keep a central calendar of contract renewals, including reminders to start work on the renewal no less than 90 days prior. Prioritize contracts with high dollar value or high risk.
    • The central asset management solution should be configured to provide data that can enable the central support team.
    Requirements for success:
    • Ensure required processes, technologies, skills, and knowledge are in place to enable decentralized support.
    • Decentralized support teams must understand and adhere to ITAM activities that are part of support work (e.g. data entry, data audits).
    • The central asset management solution should be configured to provide data that can enable the central support team, or decentralized asset solutions must be funded, and teams trained on their use.

    2.3 Review ITAM Structure

    1-2 hours

    Input: Understanding of current organizational structure, Understanding of challenges and opportunities related to the current structure

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, ITAM business partners

    Outline the current model for your organization and identify opportunities to centralize or decentralize ITAM-related activities.

    1. What model best describes how ITAM should be structured in your organization? Modify the slide outlining structure as a group to outline your own organization, as required.
    2. In the table below, outline opportunities to centralize or decentralize data tracking, budget and contract management, and technology management activities.
    Centralize Decentralize
    Data collection & analysis
    • Make better use of central ITAM database.
    • Support local IT departments building runbooks for data tracking during lifecycle activities (create templates, examples)
    Budget and contract management
    • Centralize Microsoft contracts.
    • Create a runbook to onboard new companies to MSFT contracts.
    • Create tools and data views to support local department budget exercises.
    Technology management
    • Ensure all end-user devices are visible to centrally managed InTune, ConfigMgr.
    • Enable direct shipping from vendor to local sites.
    • Establish disposal/pickup at local sites.

    Add your results to your copy of the ITAM Strategy Template

    Step 2.4: Create a RACI

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers
    • ITAM business partners

    Outcomes

    • Review the role of the IT asset manager.
    • Identify who’s responsible, accountable, consulted, and informed for key ITAM activities.

    Empower your asset manager

    The asset manager is the critical ITAM role. Ensure they’re positioned to succeed.

    There’s too much change in the technology and business environment to expect ITAM to be “a problem to solve.” It is a practice that requires care and feeding through regular iteration to achieve success. At the helm of this practice is your asset manager, whose approach and past experience will have a significant impact on how you approach ITAM.

    The asset manager role requires a variety of skills, knowledge, and abilities including:

    • Operations, process, and practice management.
    • An ability to communicate, influence, negotiate, and facilitate.
    • Organizational knowledge and relationship management.
    • Contract and license agreement analysis, attention to detail.
    • Natural curiosity and a willingness to learn.
    • A strong understanding of technologies in use by the organization, and how they fit into the asset management program.
    Where the asset manager sits in the organization will also have an impact on their focus and priorities. When the asset manager reports into a service team, their focus will often reflect their team’s focus: end-user devices and software, customer satisfaction, request fulfillment. Asset teams that report into a leadership or governance function will be more likely to focus on organization-wide assets, governance, budget management, and compliance.

    “Where your asset manager sits, and what past experience they have, is going to influence how they do asset management.” (Jeremy Boerger, Consultant & Author)

    “It can be annoying at times, but a good IT asset manager will poke their nose into activities that do not obviously concern them, such as programme and project approval boards and technical design committees. Their aim is to identify and mitigate ITAM risks BEFORE the technology is deployed as well as to ensure that projects and solutions ‘bake in’ the necessary processes and tools that ensure IT assets can be managed effectively throughout their lifecycle.” (Kylie Fowler, ITAM by Design, 2017)

    IT asset managers must have a range of skills and knowledge

    • ITAM Operations, Process, and Practice Management
      The asset manager is typically responsible for managing and improving the ITAM practice and related processes and tools. The asset manager may administer the ITAM tool, develop reports and dashboards, evaluate and implement new technologies or services to improve ITAM maturity, and more.
    • Organizational Knowledge
      An effective IT asset manager has a good understanding of your organization and its strategy, products, stakeholders, and culture.
    • Technology & Product Awareness
      An IT asset manager must learn about new and changing technologies and products adopted by the organization (e.g. IoT, cloud) and develop recommendations on how to track and manage them via the ITAM practice.
    A book surrounded by icons corresponding to the bullet points.
    • People Management
      Asset managers often manage a team directly and have dotted-line reports across IT and the business.
    • Communication
      Important in any role, but particularly critical where learning, listening, negotiation, and persuasion are so critical.
    • Finance & Budgeting
      A foundational knowledge of financial planning and budgeting practices is often helpful, where the asset manager is asked to contribute to these activities.
    • Contract Review & Analysis
      Analyze new and existing contracts to evaluate changes, identify compliance requirements, and optimize spend.

    Assign ITAM responsibilities and accountabilities

    Align authority and accountability.
    • A RACI exercise will help you discuss and document accountability and responsibility for critical ITAM activities.
    • When responsibility and accountability are not currently well documented, it’s often useful to invite a representative of the roles identified to participate in this alignment exercise. The discussion can uncover contrasting views on responsibility and governance, which can help you build a stronger management and governance model.
    • The RACI chart can help you identify who should be involved when making changes to a given activity. Clarify the variety of responsibilities assigned to each key role.
    • In the future, you may need to define roles in more detail as you change your hardware and software asset management procedures.

    R

    Responsible: The person who actually gets the job done.

    Different roles may be responsible for different aspects of the activity relevant to their role.

    A

    Accountable: The one role accountable for the activity (in terms completion, quality, cost, etc.)

    Must have sufficient authority to be held accountable; responsible roles are often accountable to this role.

    C

    Consulted: Must have the opportunity to provide meaningful input at certain points in the activity.

    Typically, subject matter experts or stakeholders. The more people you must consult, the more overhead and time you’ll add to a process.

    I

    Informed: Receives information regarding the task, but has no requirement to provide feedback.

    Information might relate to process execution, changes, or quality.

    2.4 Conduct a RACI Exercise

    1-2 hours

    Input: An understanding of key roles and activities in ITAM practices, An understanding of your organization, High-level structure of your ITAM program

    Output: A RACI diagram for IT asset management

    Materials: The table in the next slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, ITAM business partners

    Let’s face it – RACI exercises can be dry. We’ve found that the approach below is more collaborative, engaging, and effective compared to filling out the table as a large group.

    1. Create a shared working copy of the RACI charts on the following slides (e.g. write it out on a whiteboard or provide a link to this document and work directly in it).
    2. Review the list of template roles and activities as a group. Add, change, or remove roles and activities from the table as needed.
    3. Divide into small groups. Assign each group a set of roles, and have them define whether that role is accountable, responsible, consulted, or informed for each activity in the chart. Refer to the previous slide for context on RACI. Give everyone 15 minutes to update their section of the chart.
    4. Come back together as a large group to review the chart. First, check for accountability – there should generally be just one role accountable for each activity. Then, have each small group walk through their section, and encourage participants to ask questions. Is there at least one role responsible for each task, and what are they responsible for? Does everyone listed as consulted or informed really need to be? Make any necessary adjustments.

    Add your results to your copy of the ITAM Strategy Template

    Define ITAM governance activities

    RACI Chart for ITAM governance activities. In the first column is a list of governance activities, and the row headers are positions within a company. Fields are marked with an R, A, C, or I.

    Document asset management responsibilities and accountabilities

    RACI Chart for ITAM asset management responsibilities and accountabilities. In the first column is a list of responsibilities and accountabilities, and the row headers are positions within a company. Fields are marked with an R, A, C, or I.

    Step 2.5: Align ITAM with other Service Management Practices

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers

    Outcomes

    • Establish shared and separate responsibilities for asset and configuration management.
    • Identify how ITAM can support other practices, and how other practices can support ITAM.

    Asset vs. Configuration

    Asset and configuration management look at the same world through different lenses.
    • IT asset management tends to focus on each IT asset in its own right: assignment or ownership, its lifecycle, and related financial obligations and entitlements.
    • Configuration management is focused on configuration items (CIs) that must be managed to deliver a service and the relationships and integrations to other CIs.
    • ITAM and configuration management teams and practices should work closely together. Though asset and configuration management focus on different outcomes, they tend use overlapping tools and data sets. Each practice, when working effectively, can strengthen the other.
    • Many objects will exist in both the CMDB and AMDB, and the data on those shared objects will need to be kept in sync.
    Asset and Configuration Management: An Example

    Configuration Management Database (CMDB)

    A database of uniquely identified configuration items (CIs). Each CI record may include information on:
    Service Attributes

    Supported Service(s)
    Service Description, Criticality, SLAs
    Service Owners
    Data Criticality/Sensitivity

    CI Relationships

    Physical Connections
    Logical Connections
    Dependencies

    Arrow connector.

    Discovery, Normalization, Dependency Mapping, Business Rules*

    Manual Data Entry

    Arrow connector.
    This shared information could be attached to asset records, CI records, or both, and it should be synchronized between the two databases where it’s tracked in both.
    Hardware Information

    Serial, Model and Specs
    Network Address
    Physical Location

    Software Installations

    Hypervisor & OS
    Middleware & Software
    Software Configurations

    Arrow connector.

    Asset Management Database (AMDB)

    A database of uniquely identified IT assets. Each asset record may include information on:
    Procurement/Purchasing

    Purchase Request/Purchase Order
    Invoice and Cost
    Cost Center
    Vendor
    Contracts and MSAs
    Support/Maintenance/Warranties

    Asset Attributes

    Model, Title, Product Info, License Key
    Assigned User
    Lifecycle Status
    Last ITAM Audit Date
    Certificate of Disposal

    Arrows connecting multiple fields.

    IT Security Systems

    Vulnerability Management
    Threat Management
    SIEM
    Endpoint Protection

    IT Service Management (ITSM) System

    Change Tickets
    Request Tickets
    Incident Tickets
    Problem Tickets
    Project Tickets
    Knowledgebase

    Financial System/ERP

    General Ledger
    Accounts Payable
    Accounts Receivable
    Enterprise Assets
    Enterprise Contract Database

    (*Discovery, dependency mapping, and data normalization are often features or modules of configuration management, asset management, or IT service management tools.)

    2.5 Integrate ITAM and configuration practices

    45 minutes

    Input: Knowledge of the organization’s configuration management processes

    Output: Define how ITAM and configuration management will support one another

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, Configuration manager

    Work through the table below to identify how you will collaborate and synchronize data across ITAM and configuration management practices and tools.

    What are the goals (if any currently exist) for the configuration management practice? Connect configuration items to services to support service management.
    How will configuration and asset management teams collaborate? Weekly status updates. As-needed working sessions.
    Shared visibility on each others’ Kanban tracker.
    Create tickets to raise and track issues that require collaboration or attention from the other team.
    How can config leverage ITAM? Connect CIs to financial, contractual, and ownership data.
    How can ITAM leverage config? Connect assets to services, changes, incidents.
    What key fields will be primarily tracked/managed by ITAM? Serial number, unique ID, user, location, PO number, …
    What key fields will be primarily tracked/managed by configuration management? Supported service(s), dependencies, service description, service criticality, network address…

    Add your results to your copy of the ITAM Strategy Template

    ITAM supports service management

    Decoupling asset management from other service management practices can result in lost value. Establish how asset management can support other service management practices – and how those practices can support ITAM.

    Incident Management

    What broke?
    Was it under warranty?
    Is there a service contract?
    Was it licensed?
    Who was it assigned to?
    Is it end-of-life?

    ITAM
    Practice

    Request Management

    What can this user request or purchase?
    What are standard hardware and software offerings?
    What does the requester already have?
    Are there items in inventory to fulfil the request?
    Did we save money by reissuing equipment?
    Is this a standard request?
    What assets are being requested regularly?

    What IT assets are related to the known issue?
    What models and vendors are related to the issue?
    Are the assets covered by a service contract?
    Are other tickets related to this asset?
    What end-of-life assets have been tied to incidents recently?

    Problem Management

    What assets are related to the change?
    Is the software properly licensed?
    Has old equipment been properly retired and disposed?
    Have software licenses been returned to the pool?
    Is the vendor support on the change part of a service contract?

    Change Enablement

    2.5. Connect with other IT service practices

    45 minutes

    Input: Knowledge of existing organizational IT service management processes

    Output: Define how ITAM will help other service management processes, and how other service management processes will help ITAM

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, Service leads

    Complete the table below to establish what ITAM can provide to other service management practices, and what other practices can provide to ITAM.

    Practice ITAM will help Will help ITAM
    Incident Management Provide context on assets involved in an incident (e.g. ownership, service contracts). Track when assets are involved in incidents (via incident tickets).
    Request Management Oversee request & procurement processes. Help develop asset standards. Enter new assets in ITAM database.
    Problem Management Collect information on assets related to known issues. Report back on models/titles that are generating known issues.
    Change Enablement Provide context on assets for change review. Ensure EOL assets are retired and licenses are returned during changes.
    Capacity Management Identify ownership, location for assets at capacity. Identify upcoming refreshes or purchases.
    Availability Management Connect uptime and reliability to assets. Identify assets that are causing availability issues.
    Monitoring and Event Management Provide context to events with asset data. Notify asset of unrecognized software and hardware.
    Financial Management Establish current and predict future spending. Identify upcoming purchases, renewals.

    Add your results to your copy of the ITAM Strategy Template

    Step 2.6: Evaluate ITAM tools and integrations

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers

    Outcomes

    • Create a list of the ITAM tools currently in use, how they’re used, and their current limitations.
    • Identify new tools that could provide value to the ITAM practice, and what needs to be done to acquire and implement them.

    “Everything is connected. Nothing is also connected.” (Dirk Gently’s Holistic Detective Agency)

    Establish current strengths and gaps in your ITAM toolset

    ITAM data quality relies on tools and integrations that are managed by individuals or teams who don’t report directly to the ITAM function.

    Without direct line of sight into tools management, the ITAM team must influence rather than direct improvement initiatives that are in some cases critical to the performance of the ITAM function. To more effectively influence improvement efforts, you must explicitly identify what you need, why you need it, from which tools, and from which stakeholders.

    Data Sources
    Procurement Tools
    Discovery Tools
    Active Directory
    Purchase Documents
    Spreadsheets
    Input To Asset System(s) of Record
    ITAM Database
    ITSM Tool
    CMDB
    Output To Asset Data Consumption
    ITFM Tools
    Security Tools
    TEM Tools
    Accounting Tools
    Spreadsheets
    “Active Directory plays a huge role in audit defense and self-assessment, but no-one really goes out there and looks at Active Directory.

    I was talking to one organization that has 1,600,000 AD records for 100,000 employees.” (Mike Austin, Founder, MetrixData 360)

    2.6 Evaluate ITAM existing technologies

    30 minutes

    Input: Knowledge of existing ITAM tools

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers

    Identify the use, limitations, and next steps for existing ITAM tools, including those not directly managed by the ITAM team.

    1. What tools do we have today?
    2. What are they used for? What are their limitations?
    3. Who manages them?
    4. What actions could we take to maximize the value of the tools?
    Existing Tool Use Constraints Owner Proposed Action?
    ITAM Module
    • Track HW/SW
    • Connect assets to incident, request
    • Currently used for end-user devices only
    • Not all divisions have access
    • SAM capabilities are limited
    ITAM Team/Service Management
    • Add license for additional read/write access
    • Start tracking infra in this tool
    Active Directory
    • Store user IDs, organizational data
    Major data quality issues IT Operations
    • Work with AD team to identify issues creating data issues

    Add your results to your copy of the ITAM Strategy Template

    2.6 Identify potential new tools

    30 minutes

    Input: Knowledge of tooling gaps, An understanding of available tools that could remediate gaps

    Output: New tools that can improve ITAM capabilities, including expected value and proposed next steps

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers

    Identify tools that are required to support the identified goals of the ITAM practice.

    1. What types of tools do we need that we don’t have?
    2. What could these tools help us do?
    3. What needs to be done next to investigate or acquire the appropriate tool?
    New Tool Expected Value Proposed Next Steps
    SAM tool
    • Automatically calculate licensing entitlements from contract data.
    • Automatically calculate licensing requirements from discovery data.
    • Support gap analyses.
    • Further develop software requirements.
    • Identify vendors in the space and create a shortlist.

    Add your results to your copy of the ITAM Strategy Template

    Step 2.7: Create a plan for internal and external audits

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers
    • ITAM business partners

    Outcomes

    • Establish your approach to internal data audits.
    • Create a high-level response plan for external audits.

    Validate ITAM data via internal audits

    Data audits provide assurance that the records in the ITAM database are as accurate as possible. Consider these three approaches:

    Compare Tool Records

    Audit your data by comparing records in the ITAM system to other discovery sources.

    • Ideally, use three separate data sources (e.g. ITAM database, discovery tool, security tool). Use a common field, such as the host name, to compare across fields. (To learn more about discovery tool analysis, see Jeremy Boerger’s book, Rethinking IT Asset Management.)
    • Run reports to compare records and identify discrepancies. This could include assets missing from one system or metadata differences such as different users or installed software.
    • Over time, discrepancies between tools should be well understood and accepted; otherwise, they should be addressed and remediated.
    IT-led Audit

    Conduct a hands-on investigation led by ITAM staff and IT technicians.

    • In-person audits require significant effort and resources. Each audit should be scoped and planned ahead of time to focus on known problem areas.
    • Provide the audit team with exact instructions on what needs to be verified and recorded. Depending on the experience and attention to detail of the audit team, you may need to conduct spot checks to ensure you’re catching any issues in the audit process itself.
    • Automation should be used wherever possible (e.g. through barcodes, scanners, and tables for quick access to ITAM records).
    User-led audit

    Have users validate the IT assets assigned to them.

    • Even more than IT-led audits: don’t use this approach too frequently; keep the scope as narrow as possible and the process as simple as possible.
    • Ensure users have all the information and tools they’ll need readily available to complete this task, or the result will be ineffective and will only frustrate your users.
    • Consider a process integrated with your ITSM tool: once a year, when a user logs in to the portal, they will be asked to enter the asset code for their laptop (and provided with instructions on where to find that code). Investigate discrepancies between assignments and ITAM records.

    2.7 Set an approach to internal data audits

    30 minutes

    Input: An understanding of current data audit capabilities and needs

    Output: An outline of how you’ll approach data audits, including frequency, scope, required resources

    Materials: Your copy of the ITAM Strategy Template

    Participants: ITAM team

    Review the three internal data audit approaches outlined on the previous slide, and identify which of the three approaches you’ll use. For each approach, complete the fields in the table below.

    Audit Approach How often? What scope? Who’s involved? Comments
    Compare tool records Monthly Compare ITAM DB, Intune/ConfigMgr, and Vulnerability Scanner Data; focus on end-user devices to start Asset manager will lead at first.
    Work with tool admins to pull data and generate reports.
    IT-led audit Annual End-user devices at a subset of locations Asset manager will work with ITSM admins to generate reports. In-person audit to be conducted by local techs.
    User-led audit Annual Assigned personal devices (start with a pilot group) Asset coordinator to develop procedure with ITSM admin. Run pilot with power users first.

    Add your results to your copy of the ITAM Strategy Template

    Prepare for and respond to external audits and true-ups

    Are you ready when software vendors come knocking?

    • Vendor audits are expensive.
    • If you’re out of compliance, you will at minimum be required to pay the missing license fees. At their discretion, vendors may choose to add punitive fees and require you to cover the hourly cost of their audit teams. If you choose not to pay, the vendor could secure an injunction to cut off your service, which in many cases will be far more costly than the fines. And this is aside from the intangible costs of the disruption to your business and damaged relationships between IT, ITAM, your business, and other partners.
    • Having a plan to respond to an audit is critical to reducing audit risk. Preparation will help you coordinate your audit response, ensure the audit happens on the most favorable possible terms, and even prevent some audits from happening in the first place.
    • The best defense, as they say, is a good offense. Good ITAM and SAM processes will allow you to track acquisition, allocation, and disposal of software licenses; understand your licensing position; and ensure you remain compliant whenever possible. The vendor has no reason to audit you when there’s nothing to find.
    • Know when and where your audit risk is greatest, so you can focus your resources where they can deliver the most value.
    “If software audits are a big part of your asset operations, you have problems. You can reduce the time spent on audits and eliminate some audits by having a proactive ITAM practice.” (Sandi Conrad, Principal Research Director)

    Info-Tech Insight

    Audit defense starts long before you get audited. For an in-depth review of your audit approach, see Info-Tech’s Prepare and Defend Against a Software Audit.

    Identify areas of higher audit risk

    Watch for these warning signs
    • Your organization is visibly fighting fires. Signs of disorder may signal to vendors that there are opportunities to exploit via an audit. Past audit failures make future audits more likely.
    • You are looking for ways to decrease spend. Vendors may counter attempts to true-down licensing by launching an audit to try to find unlicensed software that provides them leverage to negotiate maintained or even increased spending.
    • Your license/contract terms with the vendor are particularly complex or highly customized. Very complex terms may make it harder to validate your own compliance, which may present opportunities to the vendor in an audit.
    • The vendor has earned a reputation for being particularly aggressive with audits. Some vendors include audits as a standard component of their business model to drive revenue. This may include acquiring smaller vendors or software titles that may not have been audit-driven in the past, and running audits on their new customer base.

    “The reality is, software vendors prey on confusion and complication. Where there’s confusion, there’s opportunity.” (Mike Austin, Founder, MetrixData 360)

    Develop an audit response plan

    You will be on the clock once the vendor sends you an audit request. Have a plan ready to go.
    • Don’t panic: Resist knee-jerk reactions. Follow the plan.
    • Form an audit response team and centralize your response: This team should be led by a member of the ITAM group, and it should include IT leadership, software SMEs, representatives from affected business areas, vendor management, contract management, and legal. You may also need to bring on a contractor with deep expertise with the vendor in question to supplement your internal capabilities. Establish clearly who will be the point of contact with the vendor during the audit.
    • Clarify the scope of the audit: Clearly establish what the audit will cover – what products, subsidiaries, contracts, time periods, geographic regions, etc. Manage the auditors to prevent scope creep.
    • Establish who covers audit costs: Vendors may demand the auditee cover the hourly cost of their audit team if you’re significantly out of compliance. Consider asking the vendor to pay for your team’s time if you’re found to be compliant.
    • Know your contract: Vendors’ contracts change over time, and it’s no guarantee that even your vendor’s licensing experts will be aware of the rights you have in your contract. You must know your entitlements to negotiate effectively.
    1. Bring the audit request received to the attention of ITAM and IT leadership. Assemble the response team.
    2. Acknowledge receipt of audit notice.
    3. Negotiate timing and scope of the audit.
    4. Direct staff not to remove or acquire licenses for software under audit without directly involving the ITAM team first.
    5. Gather installation data and documentation to establish current entitlements, including original contract, current contract, addendums, receipts, invoices.
    6. Compare entitlements to installed software.
    7. Investigate any anomalies (e.g. unexpected or non-compliant software).
    8. Review results with the audit response team.

    2.7 Clarify your vendor audit response plan

    1 hour

    Input: Organizational knowledge on your current audit response procedures

    Output: Audit response team membership, High-level audit checklist, A list of things to start, stop, and continue doing as part of the audit response

    Materials: Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, ITAM business partners

    1. Who’s on the audit response team, and what’s their role? Who will lead the team? Who will be the point of contact with the auditor?
    2. What are the high-level steps in our audit response workflow? Use the example checklist below as a starting point.
    3. What do we need to start, stop, and continue doing in response to audit requests?

    Example Audit Checklist

    • Bring the audit request received to the attention of ITAM and IT leadership. Assemble the response team.
    • Acknowledge receipt of audit notice.
    • Negotiate timing and scope of the audit.
    • Direct staff not to remove or acquire licenses for software under audit without directly involving the ITAM team first.
    • Gather installation data and documentation to establish current entitlements, including original contract, current contract, addendums, receipts, invoices.
    • Compare entitlements to installed software.
    • Investigate any anomalies (e.g. unexpected or non-compliant software).
    • Review results with the audit response team.

    Add your results to your copy of the ITAM Strategy Template

    Step 2.8: Improve budget processes

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers
    • ITAM business partners

    Outcomes

    • Identify what you need to start, stop, and continue to do to support budgeting processes.

    Improve budgeting and forecasting

    Insert ITAM into budgeting processes to deliver significant value.

    Some examples of what ITAM can bring to the budgeting table:
    • Trustworthy data on deployed assets and spending obligations tied to those assets.
    • Projections of hardware due for replacement in terms of quantity and spend.
    • Knowledge of IT hardware and software contract terms and pricing.
    • Lists of unused or underused hardware and software that could be redeployed to avoid spend.
    • Comparisons of spend year-over-year.

    Being part of the budgeting process positions ITAM for success in other ways:

    • Helps demonstrate the strategic value of the ITAM practice.
    • Provides insight into business and IT strategic projects and priorities for the year.
    • Strengthens relationships with key stakeholders, and positions the ITAM team as trusted partners.

    “Knowing what you have [IT assets] is foundational to budgeting, managing, and optimizing IT spend.” (Dave Kish, Info-Tech, Practice Lead, IT Financial Management)

    Stock image of a calculator.

    2.8 Build better budgets

    20 minutes

    Input: Context on IT budgeting processes

    Output: A list of things to start, stop, and continue doing as part of budgeting exercises

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, ITAM business partners

    What should we start, stop, and continue doing to support organizational budgeting exercises?

    Start Stop Continue
    • Creating buckets of spend and allocating assets to those buckets.
    • Zero-based review on IaaS instances quarterly.
    • Develop dashboards plugged into asset data for department heads to view allocated assets and spend.
    • Create value reports to demonstrate hard savings as well as cost avoidance.
    • Waiting for business leaders to come to us for help (start reaching out with reports proactively, three months before budget cycle).
    • % increases on IT budgets without further review.
    • Monthly variance budget analysis.
    • What-if analysis for asset spend based on expected headcount increases.

    Add your results to your copy of the ITAM Strategy Template

    Step 2.9: Establish a documentation framework

    Participants

    • Project sponsor and lead facilitator
    • ITAM team

    Outcomes

    • Identify key documentation and gaps in your documentation.
    • Establish where documentation should be stored, who should own it, who should have access, and what should trigger a review.

    Create ITAM documentation

    ITAM documentation will typically support governance or operations.

    Long-term planning and governance
    • ITAM policy and/or related policies (procurement policy, security awareness policy, acceptable use policy, etc.)
    • ITAM strategy document
    • ITAM roadmap or burndown list
    • Job descriptions
    • Functional requirements documents for ITAM tools

    Operational documentation

    • ITAM SOPs (hardware, software) and workflows
    • Detailed work instructions/knowledgebase articles
    • ITAM data/records
    • Contracts, purchase orders, invoices, MSAs, SOWs, etc.
    • Effective Licensing Position (ELP) reports
    • Training and communication materials
    • Tool and integration documentation
    • Asset management governance, operations, and tools typically generate a lot of documentation.
    • Don’t create documentation for the sake of documentation. Prioritize building and maintaining documentation that addresses major risks or presents opportunities to improve the consistency and reliability of key processes.
    • Maximize the value of ITAM documentation by ensuring it is as current, accessible, and usable as it needs to be.
    • Clearly identify where documentation is stored and who should have access to it.
    • Identify who is accountable for the creation and maintenance of key documentation, and establish triggers for reviews, updates, and changes.

    Consider ITAM policies

    Create policies that can and will be monitored and enforced.
    • Certain requirements of the ITAM practice may need to be backed up by corporate policies: formal statements of organizational expectations that must be recognized by staff, and which will lead to sanctions/penalties if breached.
    • Some organizations will choose to create one or more ITAM-specific policies. Others will include ITAM-related statements in other existing policies, such as acceptable use policies, security training and awareness policies, procurement policies, configuration policies, e-waste policies, and more.
    • Ensure that you are prepared to monitor compliance with policies and evenly enforce breaches of policy. Failing to consistently enforce your policies exposes you and your organization to claims of negligence or discriminatory conduct.
    • For a template for ITAM-specific policies, see Info-Tech’s policy templates for Hardware Asset Management and Software Asset Management.

    2.9 Establish documentation gaps

    15-30 minutes

    Input: An understanding of existing documentation gaps and risks

    Output: Documentation gaps, Identified owners, repositories, access rights, and review/update protocols

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, Optional: IT managers, ITAM business partners

    Discuss and record the following:

    • What planning/governance, operational, and tooling documentation do we still need to create? Who is accountable for the creation and maintenance of these documents?
    • Where will the documentation be stored? Who can access these documents?
    • What will trigger reviews or changes to the documents?
    Need to Create Owner Stored in Accessible by Trigger for review
    Hardware asset management SOP ITAM manager ITAM SharePoint site › Operating procedures folder
    • All IT staff
    • Annual review
    • As-needed for major tooling changes that require a documentation update

    Add your results to your copy of the ITAM Strategy Template

    Step 2.10: Create a roadmap and communication plan

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers

    Outcomes

    • A timeline of key ITAM initiatives.
    • Improvement ideas aligned to key initiatives.
    • A communication plan tailored to key stakeholders.
    • Your ITAM Strategy document.

    “Understand that this is a journey. This is not a 90-day project. And in some organizations, these journeys could be three or five years long.” (Mike Austin, MetrixData 360)

    2.10 Identify key ITAM initiatives

    30-45 minutes

    Input: Organizational strategy documents

    Output: A roadmap that outlines next steps

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, Project sponsor

    1. Identify key initiatives that are critical to improving practice maturity and meeting business goals.
    2. There should only be a handful of really key initiatives. This is the work that will have the greatest impact on your ability to deliver value. Too many initiatives muddy the narrative and can distract from what really matters.
    3. Plot the target start and end dates for each initiative in the business and IT transformation timeline you created in Phase 1.
    4. Review the chart and consider – what new capabilities should the ITAM practice have once the identified initiatives are complete? What transformational initiatives will you be better positioned to support?

    Add your results to your copy of the ITAM Strategy Template

    Transformation Timeline

    Example transformation timeline with row headers 'Business Inititiaves', 'IT Initiatives', and 'ITAM Initiatives'. Each initiative is laid out along the timeline appropriately.

    2.10 Align improvement ideas to initiatives

    45 minutes

    Input: Key initiatives, Ideas for ITAM improvement collected over the course of previous exercises

    Output: Concrete action items to support each initiative

    Materials: The table in the next slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, Project sponsor

    As you’ve been working through the previous exercises, you have been tracking ideas for improvement – now we’ll align them to your roadmap.

    1. Review the list of ideas for improvement you’ve produced over the working sessions. Consolidate the list – are there any ideas that overlap or complement each other? Record any new ideas. Frame each idea as an action item – something you can actually do.
    2. Connect the action items to initiatives. It may be that not every action item becomes part of a key initiative. (Don’t lose ideas that aren’t part of key initiatives – track them in a separate burndown list or backlog.)
    3. Identify a target completion date and owner for each action item that’s part of an initiative.

    Add your results to your copy of the ITAM Strategy Template

    Example ITAM initiatives

    Initiative 1: Develop hardware/software standards
    Task Target Completion Owner
    Laptop standards Q1-2023 ITAM manager
    Identify/eliminate contracts for unused software using scan tool Q2-2023 ITAM manager
    Review O365 license levels and standard service Q3-2023 ITAM manager

    Initiative 2: Improve ITAM data quality
    Task Target Completion Owner
    Implement scan agent on all field laptops Q3-2023 Desktop engineer
    Conduct in person audit on identified data discrepancies Q1-2024 ITAM team
    Develop and run user-led audit Q1-2024 Asset manager

    Initiative 3: Acquire & implement a new ITAM tool
    Task Target Completion Owner
    Select an ITAM tool Q3-2023 ITAM manager
    Implement ITAM tool, incl. existing data migration Q1-2024 ITAM manager
    Training on new tool Q1-2024 ITAM manager
    Build KPIs, executive dashboards in new tool Q2-2024 Data analyst
    Develop user-led audit functionality in new tool Q3-2024 ITAM coordinator

    2.10 Create a communication plan

    45 minutes

    Input: Proposed ITAM initiatives, Stakeholder priorities and goals, and an understanding of how ITAM can help them meet those goals

    Output: A high-level communication plan to communicate the benefits and impact of proposed changes to the ITAM program

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: IT asset manager, Project sponsor

    Develop clear, consistent, and targeted messages to key ITAM stakeholders.

    1. Modify the list of stakeholders in the first column.
    2. What benefits should those stakeholders realize from ITAM? What impact may the proposed improvements have on them? Refer back to exercises from Phase 1, where you identified key stakeholders, their priorities, and how ITAM could help them.
    3. Identify communication channels (in-person, email, all-hands meeting, etc.) and timing – when you’ll distribute the message. You may choose to use more than one channel, and you may need to convey the message more than once.
    Group ITAM Benefits Impact Channel(s) Timing
    CFO
    • More accurate IT spend predictions
    • Better equipment utilization and value for money
    • Sponsor integration project between ITAM DB and financial system
    • Support procurement procedures review
    Face-to-face – based on their availability Within the next month
    CIO
    • Better oversight into IT spend
    • Data to help demonstrate IT value
    • Resources required to support tool and ITAM process improvements
    Standing bi-monthly 1:1 meetings Review strategy at next meeting
    IT Managers
    Field Techs

    Add your results to your copy of the ITAM Strategy Template

    2.10 Put the final touches on your ITAM Strategy

    30 minutes

    Input: Proposed ITAM initiatives, Stakeholder priorities and goals, and an understanding of how ITAM can help them meet those goals

    Output: A high-level communication plan to communicate the benefits and impact of proposed changes to the ITAM program

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: IT asset manager, Project sponsor

    You’re almost done! Do a final check of your work before you send a copy to your participants.

    1. Summarize in three points the key findings from the activities you’ve worked through. What have you learned? What are your priorities? What key message do you need to get across? Add these to the appropriate slide near the start of the ITAM Strategy Template.
    2. What are your immediate next steps? Summarize no more than five and add them to the appropriate slide near the start of the ITAM Strategy Template.
      1. Are you asking for something? Approval for ITAM initiatives? Funding? Resources? Clearly identify the ask as part of your next steps.
    3. Are the KPIs identified in Phase 1 still valid? Will they help you monitor for success in the initiatives you’ve identified in Phase 2? Make any adjustments you think are required to the KPIs to reflect the additional completed work.

    Add your results to your copy of the ITAM Strategy Template

    Research Contributors and Experts

    Kylie Fowler
    Principal Consultant
    ITAM Intelligence

    Kylie is an experienced ITAM/FinOps consultant with a track record of creating superior IT asset management frameworks that enable large companies to optimize IT costs while maintaining governance and control.

    She has operated as an independent consultant since 2009, enabling organizations including Sainsbury's and DirectLine Insurance to leverage the benefits of IT asset management and FinOps to achieve critical business objectives. Recent key projects include defining an end-to-end SAM strategy, target operating model, policies and processes which when implemented provided a 300% ROI.

    She is passionate about supporting businesses of all sizes to drive continuous improvement, reduce risk, and achieve return on investment through the development of creative asset management and FinOps solutions.

    Rory Canavan
    Owner and Principal Consultant
    SAM Charter

    Rory is the founder, owner, and principal consultant of SAM Charter, an internationally recognized consultancy in enterprise-wide Software & IT Asset Management. As an industry leader, SAM Charter is uniquely poised to ensure your IT & SAM systems are aligned to your business requirements.

    With a technical background in business and systems analysis, Rory has a wide range of first-hand experience advising numerous companies and organizations on the best practices and principles pertaining to software asset management. This experience has been gained in both military and civil organizations, including the Royal Navy, Compaq, HP, the Federation Against Software Theft (FAST), and several software vendors.

    Research Contributors and Experts

    Jeremy Boerger
    Founder, Boerger Consulting
    Author of Rethinking IT Asset Management

    Jeremy started his career in ITAM fighting the Y2K bug at the turn of the 21st century. Since then, he has helped companies in manufacturing, healthcare, banking, and service industries build and rehabilitate hardware and software asset management practices.

    These experiences prompted him to create the Pragmatic ITAM method, which directly addresses and permanently resolves the fundamental flaws in current ITAM and SAM implementations.

    In 2016, he founded Boerger Consulting, LLC to help business leaders and decision makers fully realize the promises a properly functioning ITAM can deliver. In his off time, you will find him in Cincinnati, Ohio, with his wife and family.

    Mike Austin
    Founder and CEO
    MetrixData 360

    Mike Austin leads the delivery team at MetrixData 360. Mike brings more than 15 years of Microsoft licensing experience to his clients’ projects. He assists companies, from Fortune 500 to organizations with as few as 500 employees, with negotiations of Microsoft Enterprise Agreements (EA), Premier Support Contracts, and Select Agreements. In addition to helping negotiate contracts, he helps clients build and implement software asset management processes.

    Previously, Mike was employed by Microsoft for more than 8 years as a member of the global sales team. With Microsoft, Mike successfully negotiated more than a billion dollars in new and renewal EAs. Mike has also negotiated legal terms and conditions for all software agreements, developed Microsoft’s best practices for global account management, and was awarded Microsoft’s Gold Star Award in 2003 and Circle of Excellence in 2008 for his contributions.

    Bibliography

    “Asset Management.” SFIA v8. Accessed 17 March 2022.

    Boerger, Jeremy. Rethinking IT Asset Management. Business Expert Press, 2021.

    Canavan, Rory. “C-Suite Cheat Sheet.” SAM Charter, 2021. Accessed 17 March 2022.

    Fisher, Matt. “Metrics to Measure SAM Success.” Snow Software, 26 May 2015. Accessed 17 March 2022.

    Flexera (2021). “State of ITAM Report.” Flexera, 2021. Accessed 17 March 2022.

    Fowler, Kylie. “ITAM by design.” BCS, The Chartered Institute for IT, 2017. Accessed 17 March 2022.

    Fowler, Kylie. “Ch-ch-ch-changes… Is It Time for an ITAM Transformation?” ITAM Intelligence, 2021. Web. Accessed 17 March 2022.

    Fowler, Kylie. “Do you really need an ITAM policy?” ITAM Accelerate, 15 Oct. 2021. Accessed 17 March 2022.

    Hayes, Chris. “How to establish a successful, long-term ITAM program.” Anglepoint, Sept. 2021. Accessed 17 March 2022.

    ISO/IEC 19770-1-2017. IT Asset Management Systems – Requirements. Third edition. ISO, Dec 2017.

    Joret, Stephane. “IT Asset Management: ITIL® 4 Practice Guide”. Axelos, 2020.

    Jouravlev, Roman. “IT Service Financial Management: ITIL® 4 Practice Guide”. Axelos, 2020.

    Pagnozzi, Maurice, Edwin Davis, Sam Raco. “ITAM Vs. ITSM: Why They Should Be Separate.” KPMG, 2020. Accessed 17 March 2022.

    Rumelt, Richard. Good Strategy, Bad Strategy. Profile Books, 2013.

    Stone, Michael et al. “NIST SP 1800-5 IT Asset Management.” Sept, 2018. Accessed 17 March 2022.

    Initiate Digital Accessibility for IT

    • Buy Link or Shortcode: {j2store}520|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Lead
    • Parent Category Link: /lead
    • Determining IT requirements (legal and business needs) is overwhelming.
    • Prioritizing people in the process is often overlooked.
    • Mandating changes instead of motivating change isn’t sustainable.

    Our Advice

    Critical Insight

    • Compliance is the minimum; the people and behavior changes are the harder part and have the largest impact on accessibility. Preparing for and building awareness of the reasons for accessibility makes the necessary behavior changes easier. Communicate, communicate, and communicate some more.
    • Accessibility is a practice, not a project. Therefore, accessibility is an organizational initiative, however, IT support is critical. Use change management theory to guide the new behaviors, processes, and thinking to adopt accessibility beyond compliance. Determining where to start is challenging, the tendency is to start with tech or compliance, however, starting with the people is key. It must be culture.
    • Think about accessibility like you think about IT security. Use IT security concepts that you and your team are already familiar with to initiate the accessibility program.

    Impact and Result

    • Take away the overwhelm that many feel when they hear ‘accessibility’ and make the steps for your organization approachable.
    • Clearly communicate why accessibility is critical and how it supports the organization’s key objectives and initiatives.
    • Understand your current state related to accessibility and identify areas for key initiatives to become part of the IT strategic roadmap.
    • Build your accessibility plan while prioritizing the necessary culture change
    • Use change management and communication practices to elicit the behavior shift needed to sustain accessibility.

    Initiate Digital Accessibility for IT Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Initiate Digital Accessibility for IT – Use this blueprint to narrow down the requirements for your organization and team while also clearly communicating why accessibility is critical and how it supports the organization’s key objectives and initiatives.

    A step-by-step approach to walk you through understanding the IT accessibility compliance requirements, building your roadmap, and communicating with your department. This storyboard will help you figure out what’s needed from IT to support the business and launch accessibility with your team.

    • Initiate Digital Accessibility for IT – Phases 1-2

    2. IT Manager Meeting Template – A clear, concise, and compelling communication to introduce accessibility for your organization to IT managers and to facilitate their participation in building the roadmap.

    Accessibility compliance can be overwhelming at first. Use this template to simplify the requirements for the IT managers and build out a roadmap.

    • IT Manager Meeting Template

    3. Accessibility Compliance Tracking Tool – This tool helps to decrease the overwhelm of accessibility compliance. Narrow down the list of controls needed to the ones that apply to your organization and to IT.

    Using the EN 301 549 V3.2.1 (2021-03) as a basis for digital accessibility conformance. Use this tool to build a priorities list of requirements that are applicable to your organization.

    • Accessibility Compliance Tracking Tool

    4. Departmental Meeting Template – Cascade your communication down to the IT department with this facilitation guide for introducing accessibility and the roadmap to the entire IT team.

    Use this pre-built slide deck to customize your accessibility communication to the IT department. It will help you build a shared vision for accessibility, a current state picture, and plans to build to the target future state.

    • Departmental Meeting Template
    • Accessibility Quick Cards

    Infographic

    Further reading

    Initiate Digital Accessibility For IT

    Make accessibility accessible.

    EXECUTIVE BRIEF

    Analyst Perspective

    Accessibility is a practice, not a project.

    Accessibility is an organizational directive; however, IT plays a fundamental role in its success. As business partners require support and expertise to assist with their accessibility requirements IT needs to be ready to respond. Even if your organization hasn't fully committed to an accessibility standard, you can proactively get ready by planting the seeds to change the culture. By building understanding and awareness of the significant impact technology has on accessibility, you can start to change behaviors.

    Implementing an accessibility program requires many considerations: legal requirements; international guidelines, such as Web Content Accessibility Guidelines (WCAG); training for staff; ongoing improvement; and collaborating with accessibility experts and people with disabilities. It can be overwhelming to know where to start. The tendency is to start with compliance, which is a fantastic first step. For a sustained program use, change management practices are needed to change behaviors and build inclusion for people with disabilities.

    15% of the world's population identify as having some form of a disability (not including others that are impacted, e.g. caretakers, family). Why would anyone want to alienate over 1.1 billion people?

    This is a picture of Heather Leier-Murray

    Heather Leier-Murray
    Senior Research Analyst, People & Leadership
    Info-Tech Research Group

    Disability is part of being human

    Merriam-Webster defines disability as a "physical, mental, cognitive, or developmental condition that impairs, interferes with, or limits a person's ability to engage in certain tasks or actions or participate in typical daily activities and interactions."(1)

    The World Health Organization points out that a crucial part of the definition of disability is that it's not just a health problem, but the environment impacts the experience and extent of disability. Inaccessibility creates barriers for full participation in society.(2)

    The likelihood of you experiencing a disability at some point in your life is very high, whether a physical or mental disability, seen or unseen, temporary or permanent, severe or mild.(2)

    Many people acquire disabilities as they age yet may not identify as "a person with a disability."3 Where life expectancies are over 70 years of age, 11.5% of life is spent living with a disability. (4)

    "Extreme personalization is becoming the primary difference in business success, and everyone wants to be a stakeholder in a company that provides processes, products, and services to employees and customers with equitable, person-centered experiences and allows for full participation where no one is left out."
    – Paudie Healy, CEO, Universal Access

    (1.) Merriam-Webster
    (2.) World Health Organization, 2022
    (3.) Digital Leaders, as cited in WAI, 2018
    (4.) Disabled World, as cited in WAI, 2018

    Executive Summary

    Your Challenge

    You know the push for accessibility is coming in your organization. You might even have a program started or approval to build one. But you're not sure if you and your team are ready to support and enable the organization on its accessibility journey.

    Common Obstacles

    Understanding where to start, where accessibility lives, and if or when you're done can be overwhelmingly difficult. Accessibility is an organizational initiative that IT enables; being able to support the organization requires a level of understanding of common obstacles.

    • Determining IT requirements (legal and business needs) is overwhelming.
    • Prioritizing people in the process is often overlooked.
    • Mandating changes instead of motivating change isn't sustainable.

    Info-Tech's Approach

    Prepare your people for accessibility and inclusion, even if your organization doesn't have a formal standard yet. Take your accessibility from mandate to movement, i.e. from Phase 1 - focused on compliance to Phase 2 - driven by experience for sustained change.

    • Use this blueprint to build your accessibility plan while prioritizing the necessary culture change.
    • Use change management and communication practices to elicit the behavior shift needed to sustain accessibility.

    Info-Tech Insight

    Accessibility is a practice, not a project. Therefore, accessibility is an organizational initiative; however, IT support is critical. Use change management theory to guide the new behaviors, processes, and thinking to adopt accessibility beyond compliance. Determining where to start is challenging because the tendency is to start with tech or compliance; however, starting with the people is key. It must be a change in organizational culture.

    Your challenge

    This research is designed to help IT leaders who are looking to:

    • Determine accessibility requirements of IT based on the business' needs and priorities, and the existing standards and regulations.
    • Prepare the IT leaders to implement and sustain accessibility and prepare for the behavior shift that is necessary.
    • Build the plan for IT as it pertains to accessibility, including a list of business needs and priorities, and prioritization of accessibility initiatives that IT is responsible for.
    • Ensure that accessibility is sustained in the IT department by following phase 2 of this blueprint on using change management and communication to impact behavior and change the culture.

    90% of companies claim to prioritize diversity.
    Source: Harvard Business Review, 2020

    Over 30% of those that claim to prioritize diversity are focused on compliance.
    Source: Harvard Business Review, 2022

    Accessibility is an organizational initiative

    Is IT ready and capable to enable it?

    • With increasing rates of lawsuits related to digital accessibility, more organizations are prioritizing initiatives to support increased accessibility. About 68% of Applause's survey respondents indicated that digital accessibility is a higher priority for their organization than it was last year.
    • This increase in priority will trickle into IT's tasks – get ahead and start working toward accessibility proactively so you're ready when business requests start coming in.

    A survey of nearly 1,800 respondents conducted by Applause found that:

    • 79% of respondents rated digital accessibility either a top priority or important for their organizations.
    • 42% of respondents indicated they have limited or no in-house expertise or resources to test accessibility.
      Source: Business Wire, May 2022

    How organizations prioritize digital accessibility

    • 43% rated accessibility as a top priority.
    • 36% rated accessibility as important.
    • Fewer than 5% rated accessibility as either low priority or not even on the radar.
    • More than 65% agreed or strongly agreed that accessibility is a higher priority than last year.

    Source: Angel Business Communications, 2022

    Why organizations address accessibility

    Top three reasons:

    1. 61% To comply with laws
    2. 62% To provide the best user experience
    3. 78% To include people with disabilities
      Source: Level Access, 2022

    Still, most businesses aren't meeting compliance standards. Even though legislation has been in place for over 30 years, a 2022 study by WebAIM of 1,000,000 homepages returned a 96.8% WCAG 2.0 failure rate.

    Source: Institute for Disability Research, Policy, and Practice, 2022

    Info-Tech's approach to Initiate Digital Accessibility

    An image of the Business Case for Accessibility

    The Info-Tech difference:

    1. Phase 1 of this blueprint gets you started and helps you build a plan to get you to the initial compliance driven maturity level. It's focused more on standards and regulations than on the user and employee experience.
    2. Phase 2 takes you further in maturity and helps you become experience driven in your efforts. It focuses on building your accessibility maturity into the developing, defined, and managed levels, as well as balancing mandate and movement of the accessibility maturity continuum.

    Determining conformance seems overwhelming

    Unfortunately, it's the easier part.

    • Focus on local regulations and what corporate leaders are setting as accessibility standards for the organization. This will narrow down the scope of what compliance looks like for your team.
    • Look to best practices like WCAG guidelines to ensure digital assets are accessible and usable for all users. WCAG's international guideline outlines principles that can also aid in scoping.
    • In phase 1 of this blueprint, use the Accessibility Compliance Tracking Toolto prioritize criteria and legislation for which IT is responsible.
    • Engage with business partners and other areas of the organization to figure out what is needed from IT. Accessibility is an organizational initiative; it shouldn't be on IT to figure it all out. Determine what your team is specifically responsible for before tackling it all.

    Motivating behavior change

    This is the hard part.

    Changing behaviors and mindsets is necessary to be experience driven and sustain accessibility.

    • Compliance is the minimum when it comes to accessibility, much like employment or labor regulations.
    • Making accessibility an organizational imperative is an iterative process. Managing the change is hard. People, culture, and behavior change matures accessibility from compliance driven to experience driven, increasing the benefits of accessibility.
    • Focus accessibility initiatives on improving the experience of everyone and improving engagement (customer and employee).
    • Being people focused and experience driven enables the organization to provide the best user experience and realize the benefits of accessibility.

    A picture of Jordyn Zimmerman

    "Compliance is the minimum. And when we look at web tech, people are still arguing about their positioning on the standards that need to be enforced in order to comply, forgetting that it isn't enough to comply."
    -- Jordyn Zimmerman, M.Ed., Director of Professional Development, The Nora Project, and Appointee, President's Committee for People with Intellectual Disabilities.

    This is an image of the Info-Tech Accessibility Maturity Framework Table.

    To see more on the Info-Tech Accessibility Maturity Framework:

    The Accessibility Business Case for IT

    Think of accessibility like you think of IT security

    Use IT security concepts to build your accessibility program.

    • Risk management: identify and prioritize accessibility risks and implement controls to mitigate those risks.
    • Compliance: use an IT security-style compliance approach to ensure that the accessibility program is compliant with the many accessibility regulations and standards.
    • Defense in depth: implement multiple layers of accessibility controls to address different types of accessibility risks and issues.
    • Response and recovery: quickly and effectively respond to accessibility issues, minimizing the potential impact on the organization and its users.
    • End-user education: educate end users about accessibility best practices, such as how to use assistive technologies and how to report accessibility issues.
    • Monitor and audit: use monitoring and auditing tools to ensure that accessibility remains over time and to identify and address issues that arise.
    • Collaboration: ensure the accessibility program is effective and addresses the needs of all users by collaborating with accessibility experts and people with disabilities.

    "As an organization matures, the impact of accessibility shifts. A good company will think of security at the very beginning. The same needs to be applied to accessibility thinking. At the peak of accessibility maturity an organization will have people with disabilities involved at the outset."
    -- Cam Beaudoin, Owner, Accelerated Accessibility

    This is a picture of Cam Beaudoin

    Info-Tech's methodology for Initiate Digital Accessibility for IT

    1. Planning IT's accessibility requirements

    2. Change enablement of accessibility

    Phase Steps

    1. Determine accessibility requirements of IT
    2. Build the IT accessibility plan
    1. Build awareness
    2. Support new behaviors
    3. Continuous reinforcement

    Phase Outcomes

    List of business needs and priorities related to accessibility

    IT accessibility requirements for conformance

    Assessment of state of accessibility conformance

    Prioritization of accessibility initiatives for IT

    Remediation plan for IT related to accessibility conformance

    Accessibility commitment statement

    Team understanding of what, why, and how

    Accessibility Quick Cards

    Sustainment plan

    Insight summary

    Overarching insight

    Accessibility is a practice, not a project. Therefore, accessibility is an organizational initiative; however, IT support is critical. Use change management theory to guide the new behaviors, processes, and thinking to adopt accessibility beyond compliance. Determining where to start is challenging. The tendency is to start with tech or compliance; however, starting with the people is key. It must be a change in organizational culture.

    Insight 1

    Compliance is the minimum; people and behavior changes are the hardest part and have the largest impact on accessibility. Preparing for and building awareness of the reasons for accessibility makes the necessary behavior changes easier. Communicate, communicate, and communicate some more.

    Insight 2

    Think about accessibility like you think about IT security. Use IT security concepts that you and your team are already familiar with to initiate the accessibility program.

    Insight 3

    People are learning a new way to behave and think; this can be an unsettling period. Patience, education, communication, support, and time are keys for success of the implementation of accessibility. There is a transition period needed; people will gradually change their practices and attitudes. Celebrate small successes as they arise.

    Insight 4

    Accessibility isn't a project as there is no end. Effective planning and continuous reinforcement of "the new way of doing things" is necessary to enable accessibility as the new status quo.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals.

    IT Manager Meeting Template

    IT Manager Meeting Template
    Use this meeting slide deck to work with IT managers to build out the accessibility remediation plan and commitment statement.

    Departmental Meeting Template

    Departmental Meeting Template
    Use this meeting slide deck to introduce the concept of accessibility and communicate IT goals and objectives.

    Accessibility Quick Cards

    Accessibility Quick Cards
    Using the Info-Tech IT Management and Governance Framework to identify key activities to help improve and maintain the accessibility of your organization and your core IT processes.

    Key deliverable:

    Accessibility Compliance Tracking Tool

    Accessibility Compliance Tracking Tool
    This tool will assist you in identifying remediation priorities applicable to your organization.

    Blueprint benefits

    IT Benefits

    Business Benefits

    • Know and understand your role and responsibility in accessibility implementation within the organization.
    • Provide effective support and excellent business service experience to internal stakeholders related to accessibility.
    • You will be set up to effectively support your team through the necessary behavior, process, and thinking changes.
    • Proactively prepare for accessibility requests that will be coming in.
    • Move beyond compliance to support your organization's sustainment of accessibility.
    • Don't lose out on a trillion-dollar market.
    • Don't miss opportunities to work with organizations because you're not accessible.
    • Enable and empower current employees with disabilities.
    • Minimize potential for negative brand reputation due to a lack of consideration for people with disabilities.
    • Decrease the risk of legal action being brought upon the organization.

    Measure the value of this blueprint

    Improve IT effectiveness and employee buy-in to change.

    Measuring the effectiveness of your program helps contribute to a culture of continuous improvement. Having consistent measures in place helps to inform decisions and enables your plan to be iterative to take advantage of emerging opportunities.

    Monitor employee engagement, overall stakeholder satisfaction with IT, and the overall end-customer satisfaction.

    Remember, accessibility is not a project – just because measures are positive does not mean your work is done.

    In phase 1 of this blueprint, we will help you establish metrics for your organization.
    In phase 2, we will help you develop a sustainment for achieving those metrics.

    A screenshot of the slide titled Establish Baseline Metrics.

    Suggested Metrics
    • Overall end-customer satisfaction
    • Requests for accommodation or assistive technology fulfilled
    • Employee engagement
    • Overall compliance status

    Info-Tech's IT Metrics Library

    Executive brief case study

    INDUSTRY: Technology


    SOURCE: Microsoft.com
    https://blogs.microsoft.com/accessibility/accessib...

    Microsoft

    Microsoft's accessibility journey starts with the goal of building a culture of accessibility and disability inclusion. They recognize that the starting point for the magnitude of organizational change is People.

    "Accessibility in Action Badge"

    Every employee at Microsoft is trained on accessibility to build understanding of why and how to be inclusive using accessibility. The program entails 90 minutes of virtual content.

    Microsoft treats accessibility and inclusion like a business, managing and measuring it to ensure sustained growth and success. They have worked over the years to bust systemic bias company-wide and to build a program with accessibility criteria that works for their business.

    Results

    The program Microsoft has built allows them to shift the accessibility lens earlier in their processes and listen to its users' needs. This allows them to continuously mature their accessibility program, which means continuously improving its users' experience.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided implementation

    What does a typical guided implementation (GI) on this topic look like?

    Phase 1 Phase 2

    Call #1: Discuss motivation for the initiative and foundational knowledge requirements.
    Call #2: Discuss stakeholder analysis and business needs of IT.

    Call #3: Identify current maturity and IT accountabilities.
    Call #4: Discuss introduction to senior IT leaders and drivers.
    Call #5: Discuss manager meeting outline and slides.

    Call #6: Review key messages and next steps to prepare for departmental meeting.
    Call #7: Discuss post-meetings next steps and timelines.

    Call #8: Review sustainment plan and plan next steps.

    A GI is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is eight to ten calls over the course of four to six months.

    Workshop overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Pre-Work

    Day 1

    Day 2

    Day 3

    Day 4

    Day 5

    Understand Your Legislative Environment

    Understand Your Current State

    Define the
    IT Target State

    Build the IT Accessibility Plan

    Prepare for Change Enablement

    Next Steps and
    Wrap-Up

    Activities

    0.1 Make a list of the legislation you need to comply with
    0.2 Seek legal counsel or and/or professional services' input on compliance
    0.3 Complete the Accessibility Maturity Assessment
    0.4 Conduct stakeholder analysis

    1.1 Define the risks of inaction
    1.2 Review maturity assessment
    1.3 Conduct stakeholder focus group

    2.1 Define IT compliance accountabilities
    2.2 Define IT accessibility goals/objectives/ metrics
    2.3 Indicate the target-state maturity

    3.1 Assess current accessibility compliance and mitigation
    3.2 Decide on priorities
    3.3 Write an IT accessibility commitment statement

    4.1 Prepare the roadmap
    4.2 Prepare the communication plan

    5.1 Complete in-progress deliverables from previous four days
    5.2 Set up review time for workshop deliverables and to discuss next steps

    Deliverables

    1. Legislative requirements for your organization
    2. List of stakeholders
    3. Completed maturity assessment.
    1. Defined risks of inaction
    2. Stakeholder analysis completed with business needs identified
    1. IT accessibility goals/objectives
    2. Target maturity
    1. Accessibility Compliance Tracking Tool completed
    2. Accessibility commitment statement
    3. Current compliance and mitigation assessed
    1. IT accessibility roadmap
    2. Communication plan
    1. IT accessibility roadmap
    2. Communication plan

    Phase 1

    Planning IT's Accessibility Requirements.

    Phase 1

    Phase 2

    1.1 Determine accessibility requirements of IT

    1.2 Build IT accessibility plan

    2.1 Build awareness

    2.2 Support new behaviors

    2.3 Continuous reinforcement

    Initiate Digital Accessibility For IT

    This phase will walk you through the following activities:

    • Analyzing stakeholders to determine accessibility needs of business for IT.
    • Determining accessibility compliance requirements of IT.
    • Build a manager communication deck.
    • Assess current accessibility compliance and mitigation.
    • Prioritize and assign timelines.
    • Build a sunrise diagram to visualize your accessibility roadmap.
    • Write an IT accessibility commitment statement.

    This phase involves the following participants:

    • CIO
    • IT leadership team
    • Business partners in other areas of the organization (e.g., HR, finance, communications)

    Step 1.1

    Determine the accessibility requirements of IT.

    Activities

    1.1.1 Determine what the business needs from IT
    1.1.2 Complete the Accessibility Maturity Assessment (optional)
    1.1.3 Determine IT compliance requirements
    1.1.4 Define target state
    1.1.5 Create a list of goals and objectives
    1.1.6 Finalize key metrics
    1.1.7 Prepare a meeting for IT managers

    Prepare to support the organization with accessibility

    This step involves the following participants:

    • CIO
    • IT senior leaders
    • IT managers
    • Business partners in other areas of the organization (e.g., HR, finance, communications)

    Outcomes of this step

    • Stakeholder analysis with business needs listed
    • Defined target future state
    • List of goals and objectives
    • Key metrics
    • Communication deck for IT management rollout meeting

    While defining future state, consider your drivers

    The Info-Tech Accessibility Maturity Framework identifies three key strategic drivers: compliance, experience, and incorporation.

    • Over 30% of organizations are focused on compliance, according to a 2022 survey by Harvard Business Review and Slack's Future Forum. The survey asked more than 10,000 workers in six countries about their organizations' approach to diversity, equity, and inclusion (DEI).(2)
    • Even though 90% of companies claim to prioritize diversity, over 30% are focused on compliance.(1)

    1. Harvard Business Review, 2020
    2. Harvard Business Review, 2022

    31.6% of companies remain in the compliant stage where they are focused on DEI compliance and not on integrating DEI throughout the organization or on creating continual improvement, from Harvard Business Review 2022.

    Info-Tech accessibility maturity framework

    This is an image of Info-Tech's accessibility maturity framework

    Info-Tech Insight

    IT typically works through maturity frameworks from the bottom to the top, progressing at each level until they reach the end. When it comes to IT accessibility initiatives, being especially thorough, thoughtful, and collaborative is critical to success. This will mean spending more time in the Developing, Defined, and Managed levels of maturity rather than trying to reach Optimized as quickly as you can. This may feel contrary to what IT historically considers as a successful implementation.

    After initially ensuring your organization is compliant with regulations and standards, you will progress to building disciplined process and consistent standardized processes. Eventually you will build the ability for predictable process, and lastly, you'll optimize by continuously improving.

    Depending on the level of maturity you are trying to achieve, it could take months or even years to implement. The important thing to understand, however, is that accessibility work is never done.

    At all levels of the maturity framework, you must consider the interconnected aspects of people, process, and technology. However, as the organization progresses, the impact will shift from largely being focused on process and technology improvement to being focused on people.

    Align the benefits of program drivers to organizational goals or outcomes

    Although there will be various motivating factors, aligning the drivers of your accessibility program provides direction to the program. Connecting the advantages of program drivers to organizational goals builds the confidence of senior leaders and decision makers, increasing the continued commitment to invest in accessibility programming.

    This is an image of a table describing the maturity level; Description; Advantages, and Disadvantages for the three drivers: Compliance; Experience; and Incorporation.

    Accessibility maturity levels

    Driver Description Benefits
    Initial Compliance
    • Accessibility processes are mostly undocumented.
    • Accessibility happens mostly on a reactive or ad hoc basis.
    • No one is aware of who is responsible for accessibility or what role they play.
    • Heavily focused on complying with regulations and standards to decrease legal risk.
    • The organization is aware of the need for accessibility.
    • Legal risk is decreased.
    Developing Experience
    • The organization is starting to take steps to increase accessibility beyond compliance.
    • Lots of opportunity for improvement.
    • Defining and refining processes.
    • Working toward building a library of assistive tools.
    • Awareness of the need for accessibility is growing.
    • Process review for accessibility increases process efficiency through avoiding rework.
    Defined Experience
    • Accessibility processes are repeatable.
    • There is a tendency to resort to old habits under stress.
    • Tools are in place to facilitate accommodation.
    • Employees know accommodations are available to them.
    • Accessibility is becoming part of daily work.
    Managed Experience
    • Defined by effective accessibility controls, processes, and metrics.
    • Mostly anticipating preferences.
    • Roles and responsibilities are defined.
    • Disability is included as part of DEI.
    • Employees understand their role in accessibility.
    • Engagement is positively impacted.
    • Attraction and retention are positively impacted.
    Optimized Incorporation
    • Not the goal for every organization.
    • Characterized by a dramatic shift in organizational culture and a feeling of belonging.
    • Ongoing continuous improvement.
    • Seamless interactions with the organization for everyone.
    • Using feedback to inform future initiatives.
    • More likely to be innovative and inclusive, reach more people positively, and meet emerging global legal requirements.
    • Better equipped for success.

    Cheat sheet: Identify stakeholders

    Ask stakeholders, "Who else should I be talking to?" to discover additional stakeholders and ensure you don't miss anyone.

    Identify stakeholders through the following questions:

    Take a 360-degree view of potential internal and external stakeholders who might be impacted by the initiative.

    • Who in areas of influence will be adversely affected by potential environmental and social impacts of what you are doing?
    • At which stage will stakeholders be most affected (e.g. procurement, implementation, operations, decommissioning)?
    • Will other stakeholders emerge as the phases are started and completed?
    • Who is sponsoring the initiative?
    • Who benefits from the initiative?
    • Who is negatively impacted by the initiative?
    • Who can make approvals?
    • Who controls resources?
    • Who has specialist skills?
    • Who implements the changes?
    • Who are the owners, governors, customers, and suppliers of impacted capabilities or functions?
    • Executives
    • Peers
    • Direct reports
    • Partners
    • Customers
    • Subcontractors
    • Suppliers
    • Contractors
    • Lobby groups
    • Regulatory agencies

    Categorize your stakeholders with a stakeholder prioritization map

    A stakeholder prioritization map help teams categorize their stakeholders by their level of influence and ownership.

    There are four areas in the map, and the stakeholders within each area should be treated differently.

    This is an image of a quadrant analysis for mediators; players; spectators; and noisemakers.
    • Players – Players have a high interest in the initiative and high influence to affect change over the initiative. Their support is critical, and a lack of support can cause significant impediment to the objectives.
    • Mediators – Mediators have a low interest but significant influence over the initiative. They can help to provide balance and objective opinions to issues that arise.
    • Noisemakers – Noisemakers have low influence but high interest. They tend to be very vocal and engaged, either positively or negatively, but have little ability to enact their wishes.
    • Spectators – Generally, spectators are apathetic and have little influence over or interest in the initiative.

    Strategize to engage stakeholders by type

    Each group of stakeholders draws attention and resources away from critical tasks.

    By properly identifying your stakeholder groups, you can develop corresponding actions to manage stakeholders in each group. This can dramatically reduce wasted effort trying to satisfy spectators and noisemakers while ensuring the needs of the mediators and players are met.

    Type Quadrant Actions
    Players High influence, high interest Actively Engage
    Keep them engaged through continuous involvement. Maintain their interest by demonstrating their value to its success.
    Mediators High influence, low interest Keep Satisfied
    They can be the game changers in groups of stakeholders. Turn them into supporters by gaining their confidence and trust, and include them in important decision-making steps. In turn, they can help you influence other stakeholders.
    Noisemakers Low influence, high interest Keep InformedTry to increase their influence (or decrease it if they are detractors) by providing them with key information, supporting them in meetings, and using mediators to help them.
    Spectators Low influence, low interest MonitorThey are followers. Keep them in the loop by providing clarity on objectives and status updates.

    1.1.1 Determine what the business needs from IT (stakeholder analysis)

    1.5 hours

    1. Consider all the potential individuals or groups of individuals who will be impacted or influence the accessibility needs of IT.
    2. List each of the stakeholders you identify. If in person, use sticky notes to define the target audiences. The individuals or group of individuals that potentially have needs from IT related to accessibility before, during, or after the initiative.
    3. As you list each stakeholder, consider how they perceive IT. This perception could impact how you choose to interact with them.
    4. For each stakeholder identified as potentially having a business need requirement for IT related to accessibility, conduct an analysis to understand their degree of influence or impact.
    5. Based on the stakeholder, the influence or impact of the business need can inform the interaction and prioritization of IT requirements.
    6. Update slide 9 of the IT Manager Meeting Template.

    Input

    • The change
    • Why the change is needed
    • Key stakeholder map from activity 2.1.1 of The Accessibility Business Case for IT (optional)

    Output

    • The degree of influence or impact each stakeholder has on accessibility needs from IT

    Materials

    • Stakeholder Management Analysis Tool (optional)

    Participants

    • CIO/ head of IT/ initiative lead
    • Business partners

    Proactively consider how accessibility could be received

    Think about the positive and negative reactions you could face about implementing accessibility.

    It's likely individuals will have an emotional reaction to change and may have different emotions at different times during the change process.
    Plan for how to leverage support and deal with resistance to change by assessing people's emotional responses:

    • What are possible questions, objections, suggestions, and concerns that might arise.
    • How will you respond to the possible questions and concerns.
    • Include proactive messaging in your communications that address possible objections.
    • Express an understanding for others point of views by re-positioning objections and suggestions as questions.

    This is an image of the 10 change chakras

    Determine your level of maturity

    Use Info-Tech's Accessibility Maturity Assessment.

    On the accessibility questionnaire, tab 2, choose the amount you agree or disagree with each statement. Answer the questions based on your knowledge of your current state organizationally.

    Once you've answered all the questions, see the results on the tab 3, Accessibility Results. You can see your overall maturity level and the maturity level for each of six dimensions that are necessary to increase the success of an accessibility program.

    Click through to tab 4, Recommendations, to see specific recommendations based on your results and proven research to progress through the maturity levels. Keep in mind that not all organizations will or should aspire to the "Optimize" maturity level.

    A series of three screenshots from the Accessibility Maturity Assessment

    Download the Accessibility Maturity Assessment

    1.1.2 Complete the Accessibility Maturity Assessment (optional)

    1. Download the Accessibility Maturity Assessment and save it with the date so that as you work on your accessibility program, you can reassess later and track your progress.
    2. Once you have saved the assessment, select the appropriate answer for each statement on tab 2, Accessibility Questions, based on your knowledge of the organization's approach.
    3. After reviewing all the accessibility statements, see your maturity level results on tab 3, Accessibility Results. Then see tab 4, Recommendations, for suggestions based on your answers.
    4. Document your accessibility maturity results on slides 12 and 13 of the IT Manager Meeting Template and slide 17 of the Departmental Meeting Template.
    5. Use the maturity assessment results in activity 1.1.3.

    Input

    • Assess your current state of accessibility by choosing all the statements that apply to your organization

    Output

    • Identified accessibility maturity level

    Materials

    • Accessibility Maturity Assessment
    • Accessibility Business Case Template

    Participants

    • Project leader/sponsor
    • IT leadership team

    1.1.3 Determine IT compliance responsibilities

    1-3 hours

    Before you start this activity, you may need to discuss with your organization's legal counsel to determine the legislation that applies to your organization.

    1. Determine which controls apply to your organization based on your knowledge of the organization goals, stakeholders, and accessibility maturity target. If you haven't determined your current and future state maturity model, use the Info-Tech resource from the Accessibility Business Case for IT(see previous two slides).
    2. Using the drop down in column J – Applies to My Org., select "Yes" or "No" for each control on each of the data entry tabs of the Accessibility Compliance Tracking Tool.
    3. For each control you have selected "Yes" for in column J, identify the control owner in column I.
    4. Update slide 10 in the IT Manager Meeting Template and slide 13 in the IT Departmental Meeting Template.

    Input

    • Local, regional, and/or global legislation and guidelines applicable to your organization
    • Organizational accessibility standard
    • Business needs list
    • Completed Accessibility Maturity Assessment (optional)

    Output

    • List of legislation and standards requirements that are narrowed based on organization need

    Materials

    • Accessibility Maturity Assessment
    • Accessibility Business Case Template

    Participants

    • CIO/ head of IT/ CAO/ initiative leader
    • Legal counsel

    Download the Accessibility Compliance Tracking Tool

    1.1.4 Conduct future-state analysis*

    Identify your target state of maturity.

      1. Provide the group with the accessibility maturity levels to review as well as the slides on the framework and drivers (slides 27-29).
      2. Ask the group to brainstorm pain points created by inaccessibility (e.g. challenges related to stakeholders, process issues).
      3. Next, discuss opportunities to be gained from improving these practices.
      4. Then, have everyone look at the accessibility maturity levels and, based on the descriptions, determine as a group the current maturity level of accessibility in your organization .
      5. Next, review the benefits listed on the accessibility maturity levels slide to those that you named in step 3 and determine which maturity level best describes your target state. Discuss as a group and agree on one desired maturity level to reach.
      6. Document your current and target states on slide 14 of the IT Manager Meeting Template.

    *Note: If you've completed the Accessibility Business Case for IT blueprint you may already have this information compiled. Refer to activities 2.1.2 and 2.1.3.

    Input

    • Accessibility maturity levels chart, framework, and drivers slides
    • Maturity level assessment results (optional)

    Output

    • Target maturity level documented

    Materials

    • Paper and pens
    • Handouts of maturity levels

    Participants

    • CIO
    • IT senior leaders

    What does a good goal look like?

    SMART is a common framework for setting effective goals. Make sure your goals satisfy these criteria to ensure you can achieve real results.

    Use the SMART framework to build effective goals.

    S

    Specific: Is the goal clear, concrete, and well defined?

    M

    Measurable: How will you know when the goal is met?

    A

    Achievable: Is the goal possible to achieve in a reasonable time?

    R

    Relevant: Does this goal align with your responsibilities and with departmental and organizational goals?

    T

    Time-based: Have you specified a time frame in which you aim to achieve the goal?

    1.1.5 Create a list of goals and objectives*

    Use the outcomes from activity 1.2.1.

    1. Using the information from activity 1.2.1, develop goals.
    2. Remember to use the SMART goal framework to build out each goal (see the previous slide for more information on SMART goals).
    3. Ensure each goal supports departmental and organizational goals to ensure it is meaningful.
    4. Document your goals and objectives on slides 6 and 9 in your IT Manager Meeting Template.

    *Note: If you've completed the Accessibility Business Case for IT blueprint you may already have this information compiled. Refer to activity 2.2.1.

    Input

    • Outcomes of activity 1.2.1
    • Organizational and departmental goals

    Output

    • Accessibility goals and objectives identified

    Materials

    • n/a

    Participants

    • CIO/ head of IT/ initiative lead
    • IT senior leaders

    Establish baseline metrics

    Baseline metrics will be improved through:

    1. Progressing through the accessibility maturity model.
    2. Addressing accessibility earlier in processes with input from people with disabilities.
    3. Motivating behavior changes and culture that supports accessibility and disability inclusion.
    4. Ensuring compliance with regulations and standards.
    5. Focusing on experience and building a disability inclusive culture.
    Metric Definition Calculation
    Overall end-customer satisfaction The percentage of end customers who are satisfied with the IT department. Number of end customers who are satisfied / Total number of end customers
    Requests for accommodation or assistive technology fulfilled The percentage of accommodation/assistive technology requests fulfilled by the IT department. Number of requests fulfilled / Total number of requests
    Employee engagement The percentage of employees who are engaged within an organization. Number of employees who are engaged / Total number of employees
    Overall compliance status The percentage of accessibility controls in place in the IT department. The number of compliance controls in place / Total number of applicable accessibility controls

    1.1.6 Finalize key metrics*

    Finalize key metrics the organization will use to measure accessibility success.

    1. Brainstorm how you will measure the success of each goal you identified in the previous activity, based on the benefits, challenges, and risks you previously identified.
    2. Write each of the metric ideas down and finalize three to five key metrics which you will track. The metrics you choose should relate to the key challenges or risks you have identified and match your desired maturity level and driver.
    3. Document your key metrics on slide 15 of your IT Manager Meeting Templateand slide 23 of the Departmental Meeting Template.

    Input

    • Accessibility challenges and benefits
    • Goals from activity 1.2.2

    Output

    • Three to five key metrics to track

    Materials

    • n/a

    Participants

    • IT leadership team
    • Project lead/sponsor

    *Note: If you've completed the Accessibility Business Case for IT blueprint you may already have this information compiled. Refer to activity 2.2.2.

    Use Info-Tech's template to communicate with IT managers

    Cascade messages down to IT managers next. This ensures they will have time to internalize the change before communicating it to others.

    Communicate with and build the accessibility plan with IT managers by customizing Info-Tech's IT Manager Meeting Template, which is designed to effectively convey your key messages. Tailor the template to suit your needs.

    It includes:

    • Project scope and objectives
    • Current state analysis
    • Compliance planning
    • Commitment statement drafting

    IT Manager Meeting Template

    Download the IT Manager Meeting Template

    Info-Tech Insight

    Preparing for and building awareness of the reasons for accessibility make the necessary behavior changes easier.

    1.1.7 Prepare a meeting for IT managers

    Now that you understand your current and desired accessibility maturity, the next step is to communicate with IT managers and begin planning your initiatives.

    Know your audience:

    1. Consider who will be included in your presentation audience.
    2. You want your presentation to be succinct and hard-hitting. Managers are under huge demands and time is tight, they will lose interest if you drag out the delivery.
    3. Contain the presentation and planning activities to no more than an afternoon. You want to ensure adequate time for questions and answers, as well as the planning activities necessary to inform the roll out to the larger IT department later.
    4. Schedule a meeting with the IT managers.

    Download the IT Manager Meeting Template

    Input

    • Activity results

    Output

    • A completed presentation to communicate your accessibility initiatives to IT managers

    Materials

    • IT Manager Meeting Template

    Participants

    • CIO/ head of IT/ initiative lead
    • IT senior leaders
    • IT managers

    Step 1.2

    Build the IT accessibility action plan.

    Activities

    1.2.1 Assess current accessibility compliance and mitigation

    1.2.2 Decide on your priorities

    1.2.3 Add priorities to the roadmap

    1.2.4 Write an IT accessibility commitment statement

    Planning IT's accessibility requirements

    This step involves the following participants:

    • CIO/ head of IT/ initiative lead
    • IT senior leaders
    • IT managers

    Outcomes of this step

    • Priority controls and mitigation list with identified control owners.
    • IT accessibility commitment statement.
    • Draft visualization of roadmap/sunrise diagram.

    Involve managers in assessing current compliance

    To know what work needs to happen you need to know what's already happening.

    Use the spreadsheet from activity 1.1.3 where you identified which controls apply to your organization.

    Have managers work in groups to identify which controls (of the applicable ones) are currently being met and which ones have an existing mitigation plan.

    Info-Tech Insight

    Based on EN 301 549 V3.2.1 (2021-03) as a basis for digital accessibility conformance. This tool is designed to assist you in building a priorities list of requirements that are applicable to your organization. EN 301 549 is currently the most robust accessibility regulation and encompasses other regulations within it. Although EN 301 549 is the European Standard, other countries are leaning on it as the standard they aspire to as well.

    This is an image of the Compliance Tracing Tool, with a green box drawn around the columns for Current Compliance, and Mitigation.

    1.2.1 Assess current accessibility compliance and mitigation

    1-3 hours

    1. Share the Accessibility Compliance Tracking Tool with the IT leaders and managers during the meeting with IT management that you scheduled in activity 1.1.7.
    2. Break into smaller groups (or if too small, continue as a single group):
      1. Divide up the controls between the small groups to work on assessing current compliance and mitigation plans.
      2. For each control that is identified as applying to your organization, identify if there currently is compliance by selecting "yes" from the drop-down. For controls where the organization is not compliant, select "no" and identify if there is a mitigation plan in place by selecting "yes" or "no" in column L.
      3. Use the comments column to add any pertinent information regarding the control.

    Input

    • List of IT compliance requirements applicable to the org. from activities 1.1.2 and 1.1.3

    Output

    • List of IT compliance requirements that have current compliance or mitigation plans

    Materials

    • Accessibility Compliance Tracking Tool

    Participants

    • CIO
    • IT senior leaders
    • IT managers

    Download the Accessibility Compliance Tracking Tool

    Involve managers in building accountability into the accessibility plan

    Building accountability into your compliance tracking will help ensure accessibility is prioritized.

    Use the spreadsheet from activity 1.3.1.

    Have managers work in the same groups to prioritize controls by assigning a quarterly timeline for compliance.

    An image of the Compliance Tracking tool, with the timeline column highlighted in green.

    1.2.2 Decide on your priorities

    1-3 hours

    1. In the same groups used in activity 1.2.1, prioritize the list of controls that have no compliance and no mitigation plan.
    2. As you work through the spreadsheet again, assign a timeline using the drop-down menu in column M for each control that applies to the organization and has no current compliance. Consider the following in your prioritization:
      1. Does the control impact customers or is it public-facing?
      2. What are the business needs related to accessibility?
      3. Does the team currently have the skills and knowledge needed to address the control?
      4. What future state accessibility maturity are you targeting?
    3. Be prepared to review with the larger group.

    Input

    • List from activity 1.2.1
    • Business needs from activity 1.1.1

    Output

    • List of IT compliance requirements with accountability timelines

    Materials

    • Accessibility Compliance Tracking Tool

    Participants

    • CIO
    • IT senior leaders
    • IT managers

    Download the Accessibility Compliance Tracking Tool

    Review your timeline

    Don't overload your team. Make sure the timelines assigned in the breakout groups make sense and are realistic.

    A screenshot of the Accessibility Compliance Dashboard.

    Download the Accessibility Compliance Tracking Tool

    Empty roadmap template

    An image of an empty Roadmap Template.

    1.2.3 Add priorities to the roadmap

    1 hour

    1. Using the information entered in the compliance tracking spreadsheet during activities 1.2.1 and 1.2.2, build a visual representation to capture your strategic initiatives over time, using themes and timelines. Consider group initiatives in four categories, technology, people, process, and other.
    2. Copy and paste the controls onto the roadmap from the Accessibility Compliance Tracking Toolto the desired time quadrant on the roadmap.
    3. Set your desired timelines by changing the Q1-Q4 blocks (set the timelines that make sense for your situation).

    Input

    • Output of activity 1.2.2
    • Roadmap template
    • Other departmental project plans and timelines

    Output

    • Visual roadmap of accessibility compliance controls

    Materials

    • n/a

    Participants

    • CIO
    • IT senior leaders
    • IT managers

    Communicate commitment

    Support people leaders in leading by example with an accessibility commitment statement.

    A commitment statement communicates why accessibility and disability inclusion are important and guides behaviors toward the ideal state. The statement will guide and align work, build accountability, and acknowledge the dedication of the leadership team to accessibility and disability inclusion. The statement will:

    • Publicly commit the team to fostering disability inclusivity.
    • Highlight related values and goals of the team or organization.
    • Set expectations.
    • Help build trust and increase feelings of belonging.
    • Connect the necessary changes (people, process, and technology related) to organization strategy.

    Take action! Writing the statement is only the first step. It takes more than words to build accessibility and make your work environment more disability inclusive.

    Info-Tech Insight

    Preparing for and building awareness of the reasons for accessibility make the necessary behavior changes easier.

    Sample accessibility commitment statements

    theScore

    "theScore strives to provide products and services in a way that respects the dignity and independence of persons with disabilities. We are committed to giving persons with disabilities the same opportunity to access our products and services and allowing them to benefit from the same services, in the same place and in a similar way as other clients. We are also committed to meeting the needs of persons with disabilities in a timely manner, and we will meet applicable legislative requirements for preventing and removing barriers."(1)

    Apple Canada

    "Apple Canada is committed to ensuring equal access and participation for people with disabilities. Apple Canada is committed to treating people with disabilities in a way that allows them to maintain their dignity and independence. Apple Canada believes in integration and is committed to meeting the needs of people with disabilities in a timely manner. Apple Canada will do so by removing and preventing barriers to accessibility and meeting accessibility requirements under the AODA and provincial and federal laws across Canada." (2)

    Google Canada

    "We are committed to meeting the accessibility needs of people with disabilities in a timely manner, and will do so by identifying, preventing and removing barriers to accessibility, and by meeting the accessibility requirements under the AODA." (3)

    Source 1: theScore
    Source 2: Apple Canada
    Source 3: Google Canada.

    1.2.4 Write an IT accessibility commitment statement

    45 minutes

    1. As a group, brainstorm the key reasons and necessity for disability inclusion and accessibility for your organization, and the drivers and behaviors required. Record the ideas brainstormed by the group.
    2. Break into smaller groups or pairs (or if too small, continue as a single group):
      • Each group uses the brainstormed ideas to draft an accessibility commitment statement.
    3. Each smaller group shares their statement with the larger group and receives feedback. Smaller groups redraft their statements based on the feedback.
    4. Post each redrafted statement and provide each person two dot stickers to place on the two statements that resonate the most with them.
    5. Using the two statements with the highest number of dot votes, write the final accessibility commitment statement.
    6. Add the commitment statement to slide 18 of the Departmental Meeting Template.

    Input

    • Business objectives
    • Risks related to accessibility
    • Target future accessibility maturity

    Output

    • IT accessibility commitment statement

    Materials

    • Whiteboard/flip charts
    • Dot stickers or other voting mechanism

    Participants

    • CIO
    • IT senior leaders
    • IT managers

    Phase 2

    Change Enablement for Accessibility.

    Phase 1

    Phase 2

    1.1 Determine accessibility requirements of IT

    1.2 Build IT accessibility plan

    2.1 Build awareness

    2.2 Support new behaviors

    2.3 Continuous reinforcement

    This phase will walk you through the following activities:

    • Clarifying key messages
    • IT department accessibility presentation
    • Establishing a frequency and timeframe for communications
    • Obtaining feedback
    • Sustainment plan

    This phase involves the following participants:

    • CIO
    • IT senior leaders
    • IT managers
    • Other key business stakeholders
    • Marketing and communications team

    Be experience driven

    Building awareness and focusing on experience helps move along the accessibility maturity framework. Shifting from mandate to movement.

    In this phase, start to move beyond compliance. Build the IT team's understanding of accessibility, disability inclusion, and their role.
    Communicate the following messages to your team:

    • The motivation behind the change.
    • The reasons for the change.
    • And encourage feedback.

    Info-Tech Accessibility Maturity Framework

    an image of the Info-Tech Accessibility Maturity Framework

    Info-Tech Insight

    Compliance is the minimum; the people and behavior changes are the harder part and have the largest impact on accessibility. Preparing for and building awareness of the reasons for accessibility make the necessary behavior changes easier. Communicate, communicate, and communicate some more.

    What is an organizational change?

    Before communicating, understand the degree of change.

    Incremental Change:

    • Changes made to improve current processes or systems (e.g. optimizing current technology).

    Transitional Change:

    • Changes that involve dismantling old systems and/or processes in favor of new ones (e.g. new product or services added).

    Transformational Change:

    • Significant change in organizational strategy or culture resulting in substantial shift in direction.

    Examples:

    • New or changed policy
    • Switching from on-premises to cloud-first infrastructure
    • Implementing ransomware risk controls
    • Implementing a Learning and Development Plan

    Examples:

    • Moving to an insourced or outsourced service desk
    • Developing a BI and analytics function
    • Integrating risk into organization risk
    • Developing a strategy (technology, architecture, security, data, service, infrastructure, application)

    Examples:

    • Organizational redesign
    • Acquisition or merger of another organization
    • Implementing a digital strategy
    • A new CEO or board taking over the organization's direction

    Consider the various impacts of the change

    Invest time at the start to develop a detailed understanding of the impact of the change. This will help to create a plan that will simplify the change and save time. Evaluate the impact from a people, process, and technology perspective.

    Leverage a design thinking principle: Empathize with the stakeholder – what will change?

    People

    Process Technology
    • Team structure
    • Reporting structure
    • Career paths
    • Job skills
    • Responsibilities
    • Company vision/mission
    • Number of FTE
    • Culture
    • Training required
    • Budget
    • Work location
    • Daily workflow
    • Working conditions
    • Work hours
    • Reward structure
    • Required number of completed tasks
    • Training required
    • Required tools
    • Required policies
    • Required systems
    • Training required

    Change depends on how well people understand it

    Help people internalize what they can do to make the organization more inclusive.

    Anticipate responses to change:

    1. Emotional reaction – different people require different styles of management to guide them through the change. Individual's may have different emotions at different times during the change process. The more easily you can identify persona characteristics, the better you can manage them.
    2. Level of impact – the higher level of change on an individual's day-to-day, the more difficult it will be to adjust to the change. The more impactful the change, the more time focused on people management.

    an image showing staff personas at different stages through the change process.

    Quickly assess the size of change by answering these questions:

    1. Will the change affect your staff's daily work?
    2. Is the change high urgency?
    3. Is there a change in reporting relationships?
    4. Is there a change in skills required for staff to be successful?
    5. Will the change modify entrenched cultural practices?
    6. Is there a change in the mission or vision of the role?

    If you answered "Yes" to two or more questions, the change is bigger than you think. Your staff will feel the impact.

    Ensure effective communication by focusing on four key elements

    1. Audience
    • Stakeholders (either groups or individuals) who will receive the communication.
  • Message
    • Information communicated to impacted stakeholders. Must be rooted in a purpose or intent.
  • Messenger
    • Person who delivers the communication to the audience. The communicator and owner are two different things.
  • Channel
    • Method or channel used to communicate to the audience.
  • Step 2.1

    Build awareness and define key messages for IT.

    This step involves the following participants:

    • IT leadership team
    • Marketing/communications (optional)

    Outcomes of this step

    • Key accessibility messages

    Determine the desired outcome of communicating within IT

    This phase is focused on communicating within IT. All communication has an overall goal. This outcome or purpose of communicating is often dependent on the type of influence the stakeholder wields within the organization as well as the type of impact the change will have on them. Consider each of the communication outcomes listed below.

    Communicating within IT

    • Obtain buy-in
    • Inform about the IT change
    • Create a training plan
    • Inform about department changes
    • Inform about organization changes
    • Inform about a crisis
    • Obtain adoption related to the change
    • Distribute key messages to change agents

    Departmental Meeting Template

    Departmental Meeting Template

    Accessibility Quick Cards

    Accessibility Quick Cards

    Establish and define key messages based on organizational objectives

    What are key messages?

    1. Key messages guide all internal communications to ensure they are consistent, unified, and straightforward.
    2. Distill key messages down from organizational objectives and use them to reinforce the organization's strategic direction. Key messages should inspire employees to act in a way that will help the organization reach its objectives.

    How to establish key messages

    Ground key messages in organizational strategy and culture. These should be the first places you look to determine the organization's key messages:

    • Refer to organizational strategy documents. What needs to be reinforced in internal communications to ensure the organization can achieve its strategy? This is a key message.
    • Look at the organization's values. How do values guide how work should be done? Do employees need to behave in a certain way or keep a certain value top of mind? This is a key message.

    The intent of key messages is to convey important information in a way that is relatable and memorable, to promote reinforcement, and ultimately, to drive action.

    Info-Tech Insight

    Empathizing with the audience is key to anticipating and addressing objections as well as identifying benefits. Customize messaging based on audience attributes such as work model (e.g. hybrid), anticipated objections, what's in it for me?, and specific expectations.

    2.1.1 Clarify the key messages

    30 minutes

    1. Brainstorm the key stakeholders and target audiences you will likely need to communicate with to sustain the accessibility initiative (depending on the size of your group, you might break into pairs or smaller groups and each work on one target audience).
    2. Based on the outcome expected from engaging the target audience in communications, define one to five key messages that should be expressed about accessibility.
    3. The key messages should highlight benefits anticipated, concerns anticipated, details about the change, plan of action, or next steps. The goal here is to ensure the target audience is included in the communication process.
    4. The key messages should be focused on how the target audience receives a consistent message, especially if different communication messengers are involved.
    5. Document the key messages on Tab 3 of the Communications Planner Tool.

    Download the Communications Planner Tool

    Input

    • The change
    • Target audience
    • Communication outcomes

    Output

    • Key messages to support a consistent approach

    Materials

    • Communications Planner Tool
    • Sticky notes
    • Whiteboard

    Participants

    • IT leadership team
    • Marketing/communications partner (optional)

    Step 2.2

    Support new behaviors.

    Activities

    2.2.1 Prepare for IT department meeting

    2.2.2 Practice delivery of your presentation

    2.2.3 Hold department meeting

    This step involves the following participants:

    • Entire IT department

    Outcomes of this step

    • IT departmental meeting slides
    • Accessibility quick cards
    • Task list of how each IT team will support the accessibility roadmap

    Key questions to answer with change communication

    To effectively communicate change, answer questions before they're asked, whenever possible. To do this, outline at each stage of the change process what's happening next for the audience, as well as answer other anticipated questions. Pair key questions with core messages.

    Examples of key questions by change stage include:

    The outline for each stage of the change process, showing what happens next.

    2.2.1 Prepare for the IT departmental meeting

    2 hours

    1. Download the IT Department Presentation Template and follow the instructions on each slide to update for your organization.
    2. Insert information on the current accessibility maturity level. If you haven't determined your current and future state maturity level, use the Info-Tech resource from The Accessibility Business Case for IT.
    3. Review the presentation with the information added.
    4. Consider what could be done to make the presentation better:
      1. Concise: Identify opportunities to remove unnecessary information.
      2. Clear: It uses only terms or language the target audience would understand.
      3. Relevant: It matters to the target audience and the problems they face.
      4. Consistent: The message could be repeated across audiences.
    5. Schedule a departmental meeting or add the presentation to an existing departmental meeting.

    Download the Departmental Presentation Template

    Input

    • Organizational accessibility risks
    • Accessibility maturity current state
    • Outputs from manager presentation
    • Key messages

    Output

    • Prepared presentation to introduce accessibility to the entire IT department

    Materials

    • Departmental Presentation Template

    Participants

    • CIO/ head of IT/ CAO/ initiative leader

    Hone presentation skills before meeting with key stakeholders

    Using voice and body

    Think about the message you are trying to convey and how your body can support that delivery. Hands, stance, frame – all have an impact on what might be conveyed.

    If you want your audience to lean in and be eager about your next point, consider using a pause or softer voice and volume.

    Be professional and confident

    State the main points of your presentation confidently. While this should be obvious, it is essential. Your audience should be able to clearly see that you believe the points you are stating.

    Present in a way that is genuine to you and your voice. Whether you have an energetic personality or calm and composed personality, the presentation should be authentic to you.

    Connect with your audience

    Look each member of the audience in the eye at least once during your presentation. Avoid looking at the ceiling, the back wall, or the floor. Your audience should feel engaged – this is essential to keeping their attention.

    Avoid reading from your slides. If there is text on a slide, paraphrase it while maintaining eye contact.

    Info-Tech Insight

    You are responsible for the response of your audience. If they aren't engaged, it is on you as the communicator.

    2.2.2 Practice delivery of your presentation and schedule department meeting

    45 minutes

    1. Take ten minutes to think about how to deliver your presentation. Where will you emphasize words, speak louder, softer, lean in, stand tall, make eye contact, etc.?
    2. Set a timer on your phone or watch. Record yourself if possible.
    3. Take a few seconds to center yourself and prepare to deliver your pitch.
    4. Practice delivery of your presentation out loud. Don't forget to use your body language and your voice to deliver.
    5. Listen to the recording. Are the ideas communicated correctly? Are you convinced?
    6. Review and repeat.

    Input

    • Presentation deck from activity 2.2.1
    • Best practices for delivering

    Output

    • An ability to deliver the presentation in a clear and concise manner that creates understanding

    Materials

    • Recorder
    • Timer

    Participants

    • CIO/ head of IT/ initiative leader

    2.2.3 Lead the IT department meeting

    1–2 hours

    1. Gather the IT department in a manner appropriate for your organization and facilitate the meeting prepared in activity 2.2.1.
    2. Within the meeting, capture all key action items and outcomes from the Quick Cards Development and Roadmap Planning.
    3. Following the meeting, review the quick cards that everyone built and share these with all IT participants.
    4. Update your sunrise diagram to include any initiatives that came up in the team meetings to support moving to experiential.

    Input

    • Presentation deck from activity 2.2.1

    Output

    • A shared understanding of accessibility at your organization and everyone's role
    • Area task list (including behavior change needs)
    • Accessibility quick cards

    Materials

    Participants

    • CIO/ head of IT/ initiative leader

    Download the Accessibility Quick Cards template

    Step 2.3

    Continuous reinforcement – keep the conversation going – sustain the change.

    Activities

    2.3.1 Establish a frequency and timeframe for communications

    2.3.2 Obtain feedback and improve

    2.3.3 Sustainment plan

    This step involves the following participants:

    • CIO/ head of IT/ initiative lead
    • IT leadership team

    Outcomes of this step

    • Assigned roles for ongoing program monitoring
    • Communication plan
    • Accessibility maturity monitoring plan
    • Program evaluation

    Communication is ongoing before, during, and after implementing a change initiative

    Just because you've rolled out the plan doesn't mean you can stop talking about it.

    An image of the five steps, with steps four and five highlighted in a green box. The five headings are: Identify and Prioritize; Prepare for initiative; Create a communication plan; Implement change; Sustain the desired outcome

    Don't forget: Cascade messages down through the organization to ensure those who need to deliver messages have time to internalize the change before communicating it to others. Include a mix of personal and organizational messages, but where possible, separate personal and organizational content into different communications.

    2.3.1 Establish a frequency and timeframe

    30 minutes

    1. For each row in Tab 3, determine how frequently that communication needs to take place and when that communication needs to be completed by.
      • Frequency: How often the communication will be delivered to the audience (e.g. one-time, monthly, as needed).
      • Timeframe: When the communication will be delivered to the audience (e.g. a planned period or a specific date).
    2. When selecting the timeframe, consider what dependencies need to take place prior to that communication. For example, IT employees should not be communicated with on anything that has not yet been approved by the CEO. Also consider when other communications might be taking place so that the message is not lost in the noise.
    3. For frequency, the only time that a communication needs to take place once is when presenting up to senior leaders of the organizations. And even then, it will sometimes require more than one conversation. Be mindful of this.

    Input

    • The change
    • Target audience
    • Communication outcome
    • Communication channel

    Output

    • Frequency and timeframe of the communication

    Materials

    • Communications Planner Tool
    • Sticky notes
    • Whiteboard

    Participants

    • Changes based on those who would be relevant to your initiative

    Download the Communications Planner Tool

    Ensure feedback mechanisms are in place

    Soliciting and acting on feedback involves employees in the decision-making process and demonstrates to them that their contributions matter.

    Make sure you have established feedback mechanisms to collect feedback on both the messages delivered and how they were delivered. Some ways to collect feedback include:

    • Evaluating intranet comments and interactions (e.g. likes, etc.) if this function is enabled.
    • Measuring comprehension and satisfaction through surveys and polls.
    • Looking for themes in the feedback and questions employees bring forward to managers during in-person briefings.

    Feedback Mechanisms:

    • CIO business vision survey
    • Engagement surveys
    • Focus groups
    • Suggestion boxes
    • Team meetings
    • Random sampling
    • Informal feedback
    • Direct feedback
    • Audience body language
    • Repeating the message back

    Gather feedback on plan and iterate

    Who

    The project team gathers feedback from:

    • As many members of impacted groups as possible, as it helps build broad buy-in for the plan.
    • All levels (e.g. frontline employees, managers, directors).

    What

    Gather feedback on:

    • How to implement tactics successfully.
    • The timing of implementation (helps inform the next slide).
    • The resources required (helps inform the next slide).
    • Potential unforeseen impacts, questions, and concerns.

    How

    • Use focus groups to gather feedback.
    • Adjust sustainment plan based on feedback.

    Use Info-Tech's Standard Focus Group Guide

    2.3.2 Obtain feedback and improve

    20 minutes

    1. Evenly distribute the number of rows in the communication plan to all those involved. Consider a metric that would help inform whether the communication outcome was achieved.
    2. For each row, identify a feedback mechanism (slide 75) that could be used to enable the collection and confirm a successful outcome.
    3. Come back as a group and validate the feedback mechanisms selected.
    4. The important aspect here is not just to measure if the desired outcome was achieved. If the desired outcome is not achieved, consider what you might do to change or enable better communication to that target audience.
    5. Every communication can be better. Feedback, whether it be tactical or strategic, will help inform methods to improve future communication activities.

    Input

    • Communication outcome
    • Target audience
    • Communication channel

    Output

    • A mechanism to measure communication feedback and adjust future communications when necessary

    Materials

    • Communications Planner Tool
    • Sticky notes
    • Whiteboard

    Participants

    • Changes based on those who would be relevant to your initiative

    Download the Communications Planner Tool

    Identify owners and assign other roles

    • Eventually there needs to be a hand off to leaders to sustain accessibility. Senior leaders continue to play the role of guide and facilitator, helping the team identify owners and transfer ownership.
    • Guide the team to work with owners to assign roles to other stakeholders. Spread responsibility across multiple people to avoid overload.

    R

    Responsible
    Carries out the work to implement the component (e.g. payroll manager).

    A

    Accountable
    Owner of the component and held accountable for its implementation (e.g. VP of finance).

    C

    Consulted
    Asked for feedback and input to modify sustainment tactics (e.g. sustainment planning team).

    I

    Informed
    Told about progress of implementation (senior leadership team, impacted staff).

    Identify required resources and secure budget

    Sustainment is critical to success of accessibility

    • This step (i.e. sustainment) often gets overlooked because leaders are focused on the implementation. It takes resources and budget to sustain a plan and change as well.
    • Resorting to the old way is more likely to occur when you don't plan to support sustainment with ongoing resources and budget that's required.

    Resources

    Identify resources required for sustainment components using metrics and input from implementation owners, subject matter experts, and frontline managers.

    For example:

    • Inventory
    • Collateral for communications
    • Technology
    • Physical space
    • People resources (FTE)

    Budget

    Estimate the budget required for resources based on past projects that used similar resources, and then estimate the time it will take until the change evolves into "business as usual" (e.g. 6 months, 12 months).

    Monitor accessibility maturity

    If you haven't already performed the Accessibility Maturity Assessment, complete it in the wake of the accessibility initiative to assess improvements and progress toward target future accessibility maturity.
    As your accessibility program starts to scale out over a range of projects, revisit the assessment on a quarterly or bi-annual basis to help focus your improvement efforts across the six accessibility categories.

    • Vendor relations
    • Products and services
    • Policy and process
    • Support and accommodation
    • Communication
    • People and culture

    Info-Tech Insight

    To drive continual improvement of your organizational accessibility and disability inclusion, continue to share progress, wins, challenges, feedback, and other accessibility related concerns with stakeholders. At the end of the day, IT's efforts to become a change leader and support organizational accessibility will come down to stakeholder perceptions based upon employee morale and benefits realized.

    Download the Accessibility Maturity Assessment

    An image of the maturity level bar graph.

    Evaluate and iterate the program on an ongoing basis

    1. Continually monitor the results of project metrics.
      • Track progress toward goals and metrics set at the beginning of the initiative to gauge the success of the program.
      • Analyze metrics at the work-unit level to highlight successes and challenges in accessibility and disability inclusion and the parameters around it for each impacted unit.
    2. Regularly gather feedback on program effectiveness using questions such as:
      • Has the desired culture been effectively communicated and leveraged, or has the culture changed?
      • Collect feedback through regular channels (e.g. manager check-ins) and set up a cadence to survey employees on the program (e.g. three months after rollout and then annually).
    3. Determine if changes to the program structure are needed.
      • Revisit the accessibility maturity framework and the compliance requirements of IT. Understand what is being experienced; it may be necessary to select a different target or adjust the parameters to mitigate the common challenges.
      • Evaluate the effectiveness of current internal processes to determine if the program would benefit from a dedicated resource.

    2.3.3 Sustain the change

    1. Identify who will own what pieces of the program going forward and assign roles to transition the initiative from implementation to the new normal.
    2. Continue to communicate with stakeholders about accessibility and disability inclusion initiatives, controls, and requirements.
    3. Identify required resources and secure any budget that will be needed to support the accessibility program. Think about employee training, consulting needs, assistive technology requirements, human resources (FTE), etc.
    4. Continue to monitor your accessibility maturity. Use the Accessibility Maturity Assessment tool to periodically evaluate progress on goals and targets. Also, use this tool to communicate progress with senior leaders and executives.
    5. Strive for continuous improvement by evaluating and iterating the program on an ongoing basis.

    Input

    • Activity outputs from this blueprint

    Output

    • Ongoing continuous improvement and progress related to accessibility
    • Demonstrable results

    Materials

    • n/a

    Participants

    • CIO/ head of IT/ initiative Lead
    • IT senior leaders
    • IT managers

    Related Info-Tech Research

    The Accessibility Business Case for IT

    • Take away the overwhelm that many feel when they hear "accessibility" and make the steps for your organization approachable.
    • Clearly communicate why accessibility is critical and how it supports the organization's key objectives and initiatives.
    • Understand your current state related to accessibility and identify areas for key initiatives to become part of the IT strategic roadmap.

    Lead Staff through Change

    • Anticipate and respond to staff questions about the change in order to keep messages consistent, organized, and clear.
    • Manage staff based on their specific concerns and change personas to get the best out of your team during the transition through change.
    • Maintain a feedback loop between staff, executives, and other departments in order to maintain the change momentum and reduce angst throughout the process.

    IT Diversity and Inclusion Tactics

    • Although inclusion is key to the success of a diversity and inclusion (D&I) strategy, the complexity of the concept makes it a daunting pursuit.
    • This is further complicated by the fact that creating inclusion is not a one-and-done exercise. Rather, it requires the ongoing commitment of employees and managers to reassess their own behaviors and to drive a cultural shift.

    Implement and Mature Your User Experience Design Practice

    • Create a practice that is focused on human outcomes; it starts and ends with the people you are designing for. This includes:
      • Establishing a practice with a common vision.
      • Enhancing the practice through four design factors.
      • Communicating a roadmap to improve your business through design.

    Works cited

    "2021 State of Digital Accessibility." Level Access, n.d. Accessed 10 Aug. 2022
    "Apple Canada Accessibility Policy & Plan." Apple Canada, 11 March 2019. .
    Casey, Caroline. "Do Your D&I Efforts Include People With Disabilities?" Harvard Business Review, 19 March 2020. Accessed 28 July 2022.
    Digitalisation World. "Organisations failing to meet digital accessibility standards." Angel Business Communications, 19 May 2022. Accessed Oct. 2022.
    "disability." Merriam-Webster.com Dictionary, Merriam-Webster, . Accessed 10 Aug. 2022.
    "Disability." World Health Organization, 2022. Accessed 10 Aug 2022.
    "Google Canada Corporation Accessibility Policy and Multi Year Plan." Google Canada, June 2020. .
    Hypercontext. "The State of High Performing Teams in Tech 2022." Hypercontext. 2022..
    Lay-Flurrie, Jenny. "Accessibility Evolution Model: Creating Clarity in your Accessibility Journey." Microsoft, 2023. <https://blogs.microsoft.com/accessibility/accessibility-evolution-model/>.
    Maguire, Jennifer. "Applause 2022 Global Accessibility Survey Reveals Organizations Prioritize Digital Accessibility but Fall Short of Conformance with WCAG 2.1 Standards." Business Wire, 19 May 2022. . Accessed 2 January 2023.
    "The Business Case for Digital Accessibility." W3C Web Accessibility Initiative (WAI), 9 Nov. 2018. Accessed 4 Aug. 2022.
    "THESCORE's Commitment to Accessibility." theScore, May 2021. .
    "The WebAIM Million." Web AIM, 31 March 2022. Accessed 28 Jul. 2022.
    Washington, Ella F. "The Five Stages of DEI Maturity." Harvard Business Review, November - December 2022. Accessed 7 Nov. 2022.
    Web AIM. "The WebAIM Million." Institute for Disability Research, Policy, and Practice, 31 March 2022. Accessed 28 Jul. 2022.

    Improve Incident and Problem Management

    • Buy Link or Shortcode: {j2store}290|cart{/j2store}
    • member rating overall impact: 9.6/10 Overall Impact
    • member rating average dollars saved: $43,761 Average $ Saved
    • member rating average days saved: 23 Average Days Saved
    • Parent Category Name: Incident and problem management
    • Parent Category Link: /improve-your-core-processes/infra-and-operations/i-and-o-process-management/incident-and-problem-management
    • IT infrastructure managers have conflicting accountabilities. It can be difficult to fight fires as they appear while engaging in systematic fire prevention.
    • Repetitive interruptions erode faith in IT. If incidents recur consistently, why should the business trust IT to resolve them?

    Continue reading

    Release management

    • Buy Link or Shortcode: {j2store}9|cart{/j2store}
    • Related Products: {j2store}9|crosssells{/j2store}
    • Up-Sell: {j2store}9|upsells{/j2store}
    • member rating overall impact: 10.0/10
    • member rating average dollars saved: $35,731
    • member rating average days saved: 20
    • Parent Category Name: Infra and Operations
    • Parent Category Link: /infra-and-operations
    Today's world requires frequent and fast deployments. Stay in control with release management.

    Implement Lean Management Practices That Work

    • Buy Link or Shortcode: {j2store}116|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Performance Measurement
    • Parent Category Link: /performance-measurement
    • Service delivery teams do not measure, or have difficulty demonstrating, the value they provide.
    • There is a lack of continuous improvement.
    • There is low morale within the IT teams leading to low productivity.

    Our Advice

    Critical Insight

    • Create a problem-solving culture. Frequent problem solving is the differentiator between sustaining Lean or falling back to old management methods.
    • Commit to employee growth. Empower teams to problem solve and multiply your organizational effectiveness.

    Impact and Result

    • Apply Lean management principles to IT to create alignment and transparency and drive continuous improvement and customer value.
    • Implement huddles and visual management.
    • Build team capabilities.
    • Focus on customer value.
    • Use metrics and data to make better decisions.
    • Systematically solve problems and improve performance.
    • Develop an operating rhythm to promote adherence to Lean.

    Implement Lean Management Practices That Work Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how a Lean management system can help you increase transparency, demonstrate value, engage your teams and customers, continuously improve, and create alignment.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Understand Lean concepts

    Understand what a Lean management system is, review Lean philosophies, and examine simple Lean tools and activities.

    • Implement Lean Management Practices That Work – Phase 1: Understand Lean Concepts
    • Lean Management Education Deck

    2. Determine the scope of your implementation

    Understand the implications of the scope of your Lean management program.

    • Implement Lean Management Practices That Work – Phase 2: Determine the Scope of Your Implementation
    • Lean Management Scoping Tool

    3. Design huddle board

    Examine the sections and content to include in your huddle board design.

    • Implement Lean Management Practices That Work – Phase 3: Design Huddle Board
    • Lean Management Huddle Board Template

    4. Design Leader Standard Work and operating rhythm

    Determine the actions required by leaders and the operating rhythm.

    • Implement Lean Management Practices That Work – Phase 4: Design Leader Standard Work and Operating Rhythm
    • Leader Standard Work Tracking Template
    [infographic]

    Workshop: Implement Lean Management Practices That Work

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Understand Lean Concepts

    The Purpose

    Understand Lean management.

    Key Benefits Achieved

    Gain a common understanding of Lean management, the Lean management thought model, Lean philosophies, huddles, visual management, team growth, and voice of customer.

    Activities

    1.1 Define Lean management in your organization.

    1.2 Create training materials.

    Outputs

    Lean management definition

    Customized training materials

    2 Understand Lean Concepts (Continued) and Determine Scope

    The Purpose

    Understand Lean management.

    Determine the scope of your program.

    Key Benefits Achieved

    Understand metrics and performance review.

    Understand problem identification and continuous improvement.

    Understand Kanban.

    Understand Leader Standard Work.

    Define the scope of the Lean management program.

    Activities

    2.1 Develop example operational metrics

    2.2 Simulate problem section.

    2.3 Simulate Kanban.

    2.4 Build scoping tool.

    Outputs

    Understand how to use operational metrics

    Understand problem identification

    Understand Kanban/daily tasks section

    Defined scope for your program

    3 Huddle Board Design and Huddle Facilitation Coaching

    The Purpose

    Design the sections and content for your huddle board.

    Key Benefits Achieved

    Initial huddle board design.

    Activities

    3.1 Design and build each section in your huddle board.

    3.2 Simulate coaching conversations.

    Outputs

    Initial huddle board design

    Understanding of how to conduct a huddle

    4 Design and Build Leader Standard Work

    The Purpose

    Design your Leader Standard Work activities.

    Develop a schedule for executing Leader Standard Work.

    Key Benefits Achieved

    Standard activities identified and documented.

    Sample schedule developed.

    Activities

    4.1 Identify standard activities for leaders.

    4.2 Develop a schedule for executing Leader Standard Work.

    Outputs

    Leader Standard Work activities documented

    Initial schedule for Leader Standard Work activities

    Application Maintenance

    • Buy Link or Shortcode: {j2store}30|cart{/j2store}
    • Related Products: {j2store}30|crosssells{/j2store}
    • member rating overall impact: 10.0/10
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Applications
    • Parent Category Link: /applications

    The challenge

    • If you work with application maintenance or operations teams that handle the "run" of your applications, you may find that the sheer volume and variety of requests create large backlogs.
    • Your business and product owners may want scrum or DevOps teams to work on new functionality rather than spend effort on lifecycle management.
    • Increasing complexity and increasing reliance on technology may create unrealistic expectations for your maintenance teams. Business applications must be available around the clock, and new feature roadmaps cannot be side-tracked by maintenance.

    Our advice

    Insight

    • Improving maintenance focus may mean doing less work but create more value. Your teams need to be realistic about what commitments they take—balance maintenance with business value and risk levels.
    • Treat maintenance the same as any other development practice. Use the same intake and prioritization practices. Uphold the same quality standards.

    Impact and results 

    • Justify the necessity of streamlined and regular maintenance. Understand each stakeholder's objectives and concerns, validate them against your staff's current state, processes, and technologies involved.
    • Maintenance and risk go hand in hand. And the business wants to move forward all the time as well. Strengthen your prioritization practice. Use a holistic view of the business and technical impacts, risks, urgencies across the maintenance needs and requests. That allows you to justify their respective positions in the overall development backlog. Identify opportunities to bring some requirements and features together.
    • Build a repeatable process with appropriate governance around it. Ensure that people know their roles and responsibilities and are held accountable.
    • Instill development best-practices into your maintenance processes.

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Get started.

    Read our executive brief to understand everyday struggles regarding application maintenance, the root causes, and our methodology to overcome these. We show you how we can support you.

    Understand your maintenance priorities

    Identify your stakeholders and understand their drivers.

    • Streamline Application Maintenance – Phase 1: Assess the Current Maintenance Landscape (ppt)
    • Application Maintenance Operating Model Template (doc)
    • Application Maintenance Resource Capacity Assessment (xls)
    • Application Maintenance Maturity Assessment (xls)

    Define and employ maintenance governance

    Identify the right level of governance appropriate to your company and business context for your application maintenance. That ensures that people uphold standards across maintenance practices.

    • Streamline Application Maintenance – Phase 2: Develop a Maintenance Release Schedule (ppt)

    Enhance your prioritization practices

    Most companies cannot do everything for all applications and systems. Build your maintenance triage and prioritization rules to safeguard your company, maximize business value generation and IT risks and requirements.

    • Streamline Application Maintenance – Phase 3: Optimize Maintenance Capabilities (ppt)

    Streamline your maintenance delivery

    Define quality standards in maintenance practices. Enforce these in alignment with the governance you have set up. Show a high degree of transparency and open discussions on development challenges.

    • Streamline Application Maintenance – Phase 4: Streamline Maintenance Delivery (ppt)
    • Application Maintenance Business Case Presentation Document (ppt)

     

     

    Run Better Meetings

    • Buy Link or Shortcode: {j2store}287|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Voice & Video Management
    • Parent Category Link: /voice-video-management

    Your newly hybrid workplace will include virtual, hybrid, and physical meetings, presenting several challenges:

    • The experience for onsite and remote attendees is not equal.
    • Employees are experiencing meeting and video fatigue.
    • Meeting rooms are not optimized for hybrid meetings.
    • The fact is that many people have not successfully run hybrid meetings before.

    Our Advice

    Critical Insight

    • Successful hybrid workplace plans must include planning around hybrid meetings. Seamless hybrid meetings are the result of thoughtful planning and documented best practices.

    Impact and Result

    • Identify your current state and the root cause of unsatisfactory meetings.
    • Review and identify meetings best practices around meeting roles, delivery models, and training.
    • Improve the technology that supports meetings.
    • Use Info-Tech’s quick checklists and decision flowchart to accelerate meeting planning and cover your bases.

    Run Better Meetings Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should run better meetings, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify the current state of meetings

    Understand the problem before you try to fix it. Before you can improve meetings, you need to understand what your norms and challenges currently are.

    • Checklist: Run a Virtual or Hybrid Meeting

    2. Publish best practices for how meetings should run

    Document meeting roles, expectations, and how meetings should run. Decide what kind of meeting delivery model to use and develop a training program.

    • Meeting Challenges and Best Practices
    • Meeting Type Decision Flowchart (Visio)
    • Meeting Type Decision Flowchart (PDF)

    3. Improve meeting technology

    Always be consulting with users: early in the process to set a benchmark, during and after every meeting to address immediate concerns, and quarterly to identify trends and deeper issues.

    • Team Charter
    • Communications Guide Poster Template
    [infographic]

    Workshop: Run Better Meetings

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify Current State of Meetings

    The Purpose

    Understand the current state of meetings in your organization.

    Key Benefits Achieved

    What you need to keep doing and what you need to change

    Activities

    1.1 Brainstorm meeting types.

    1.2 Document meeting norms.

    1.3 Document and categorize meeting challenges.

    Outputs

    Documented challenges with meetings

    Meeting norms

    Desired changes to meeting norms

    2 Review and Identify Best Practices

    The Purpose

    Review and implement meeting best practices.

    Key Benefits Achieved

    Defined meeting best practices for your organization

    Activities

    2.1 Document meeting roles and expectations.

    2.2 Review common meeting challenges and identify best practices.

    2.3 Document when to use a hybrid meeting, virtual meeting, or an in-person meeting.

    2.4 Develop a training program.

    Outputs

    Meeting roles and expectations

    List of meeting best practices

    Guidelines to help workers choose between a hybrid, virtual, or in-person meeting

    Training plan for meetings

    3 Improve Meeting Technology

    The Purpose

    Identify opportunities to improve meeting technology.

    Key Benefits Achieved

    A strategy for improving the underlying technologies and meeting spaces

    Activities

    3.1 Empower virtual meeting attendees.

    3.2 Optimize spaces for hybrid meetings.

    3.3 Build a team of meeting champions.

    3.4 Iterate to build and improve meeting technology.

    3.5 Guide users toward each technology.

    Outputs

    Desired improvements to meeting rooms and meeting technology

    Charter for the team of meeting champions

    Communications Guide Poster

    Domino – Maintain, Commit to, or Vacate?

    If you have a Domino/Notes footprint that is embedded within your business units and business processes and is taxing your support organization, you may have met resistance from the business and been asked to help the organization migrate away from the Lotus Notes platform. The Lotus Notes platform was long used by technology and businesses and a multipurpose solution that, over the years, became embedded within core business applications and processes.

    Our Advice

    Critical Insight

    For organizations that are struggling to understand their options for the Domino platform, the depth of business process usage is typically the biggest operational obstacle. Migrating off the Domino platform is a difficult option for most organizations due to business process and application complexity. In addition, migrating clients have to resolve the challenges with more than one replaceable solution.

    Impact and Result

    The most common tactic is for the organization to better understand their Domino migration options and adopt an application rationalization strategy for the Domino applications entrenched within the business. Options include retiring, replatforming, migrating, or staying with your Domino platform.

    Domino – Maintain, Commit to, or Vacate? Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Domino – Maintain, Commit to, or Vacate? – A brief deck that outlines key migration options for HCL Domino platforms.

    This blueprint will help you assess the fit, purpose, and price of Domino options; develop strategies for overcoming potential challenges; and determine the future of Domino for your organization.

    • Domino – Maintain, Commit to, or Vacate? Storyboard

    2. Application Rationalization Tool – A tool to understand your business-developed applications, their importance to business process, and the potential underlying financial impact.

    Use this tool to input the outcomes of your various application assessments.

    • Application Rationalization Tool

    Infographic

    Further reading

    Domino – Maintain, Commit to, or Vacate?

    Lotus Domino still lives, and you have options for migrating away from or remaining with the platform.

    Executive Summary

    Info-Tech Insight

    “HCL announced that they have somewhere in the region of 15,000 Domino customers worldwide, and also claimed that that number is growing. They also said that 42% of their customers are already on v11 of Domino, and that in the year or so since that version was released, it’s been downloaded 78,000 times. All of which suggests that the Domino platform is, in fact, alive and well.”
    – Nigel Cheshire in Team Studio

    Your Challenge

    You have a Domino/Notes footprint embedded within your business units and business processes. This is taxing your support organization; you are meeting resistance from the business, and you are now asked to help the organization migrate away from the Lotus Notes platform. The Lotus Notes platform was long used by technology and businesses as a multipurpose solution that, over the years, became embedded within core business applications and processes.

    Common Obstacles

    For organizations that are struggling to understand their options for the Domino platform, the depth of business process usage is typically the biggest operational obstacle. Migrating off the Domino platform is a difficult option for most organizations due to business process and application complexity. In addition, migrating clients have to resolve the challenges with more than one replaceable solution.

    Info-Tech Approach

    The most common tactic is for the organization to better understand their Domino migration options and adopt an application rationalization strategy for the Domino applications entrenched within the business. Options include retiring, replatforming, migrating, or staying with your Domino platform.

    Review

    Is “Lotus” Domino still alive?

    Problem statement

    The number of member engagements with customers regarding the Domino platform has, as you might imagine, dwindled in the past couple of years. While many members have exited the platform, there are still many members and organizations that have entered a long exit program, but with how embedded Domino is in business processes, the migration has slowed and been met with resistance. Some organizations had replatformed the applications but found that the replacement target state was inadequate and introduced friction because the new solution was not a low-code/business-user-driven environment. This resulted in returning the Domino platform to production and working through a strategy to maintain the environment.

    This research is designed for:

    • IT strategic direction decision-makers
    • IT managers responsible for an existing Domino platform
    • Organizations evaluating migration options for mission-critical applications running on Domino

    This research will help you:

    1. Evaluate migration options.
    2. Assess the fit and purpose.
    3. Consider strategies for overcoming potential challenges.
    4. Determine the future of this platform for your organization.

    The “everything may work” scenario

    Adopt and expand

    Believe it or not, Domino and Notes are still options to consider when determining a migration strategy. With HCL still committed to the platform, there are options organizations should seek to better understand rather than assuming SharePoint will solve all. In our research, we consider:

    Importance to current business processes

    • Importance of use
    • Complexity in migrations
    • Choosing a new platform

    Available tools to facilitate

    • Talent/access to skills
    • Economies of scale/lower cost at scale
    • Access to technology

    Info-Tech Insight

    With multiple options to consider, take the time to clearly understand the application rationalization process within your decision making.

    • Archive/retire
    • Application migration
    • Application replatform
    • Stay right where you are

    Eliminate your bias – consider the advantages

    “There is a lot of bias toward Domino; decisions are being made by individuals who know very little about Domino and more importantly, they do not know how it impacts business environment.”

    – Rob Salerno, Founder & CTO, Rivet Technology Partners

    Domino advantages include:

    Modern Cloud & Application

    • No-code/low-code technology

    Business-Managed Application

    • Business written and supported
    • Embrace the business support model
    • Enterprise class application

    Leverage the Application Taxonomy & Build

    • A rapid application development platform
    • Develop skill with HCL training

    HCL Domino is a supported and developed platform

    Why consider HCL?

    • Consider scheduling a Roadmap Session with HCL. This is an opportunity to leverage any value in the mission and brand of your organization to gain insights or support from HCL.
    • Existing Domino customers are not the only entities seeking certainty with the platform. Software solution providers that support enterprise IT infrastructure ecosystems (backup, for example) will also be seeking clarity for the future of the platform. HCL will be managing these relationships through the channel/partner management programs, but our observations indicate that Domino integrations are scarce.
    • HCL Domino should be well positioned feature-wise to support low-code/NoSQL demands for enterprises and citizen developers.

    Visualize Your Application Roadmap

    1. Focus on the application portfolio and crafting a roadmap for rationalization.
      • The process is intended to help you determine each application’s functional and technical adequacy for the business process that it supports.
    2. Document your findings on respective application capability heatmaps.
      • This drives your organization to a determination of application dispositions and provides a tool to output various dispositions for you as a roadmap.
    3. Sort the application portfolio into a disposition status (keep, replatform, retire, consolidate, etc.)
      • This information will be an input into any cloud migration or modernization as well as consolidation of the infrastructure, licenses, and support for them.

    Our external support perspective

    by Darin Stahl

    Member Feedback

    • Some members who have remaining Domino applications in production – while the retire, replatform, consolidate, or stay strategy is playing out – have concerns about the challenges with ongoing support and resources required for the platform. In those cases, some have engaged external services providers to augment staff or take over as managed services.
    • While there could be existing support resources (in house or on retainer), the member might consider approaching an external provider who could help backstop the single resource or even provide some help with the exit strategies. At this point, the conversation would be helpful in any case. One of our members engaged an external provider in a Statement of Work for IBM Domino Administration focused on one-time events, Tier 1/Tier 2 support, and custom ad hoc requests.
    • The augmentation with the managed services enabled the member to shift key internal resources to a focus on executing the exit strategies (replatform, retire, consolidate), since the business knowledge was key to that success.
    • The member also very aggressively governed the Domino environment support needs to truly technical issues/maintenance of known and supported functionality rather than coding new features (and increasing risk and cost in a migration down the road) – in short, freezing new features and functionality unless required for legal compliance or health and safety.
    • There obviously are other providers, but at this point Info-Tech no longer maintains a market view or scan of those related to Domino due to low member demand.

    Domino database assessments

    Consider the database.

    • Domino database assessments should be informed through the lens of a multi-value database, like jBase, or an object system.
    • The assessment of the databases, often led by relational database subject matter experts grounded in normalized databases, can be a struggle since Notes databases must be denormalized.
    Key/Value Column

    Use case: Heavily accessed, rarely updated, large amounts of data
    Data Model: Values are stored in a hash table of keys.
    Fast access to small data values, but querying is slow
    Processor friendly
    Based on amazon's Dynamo paper
    Example: Project Voldemort used by LinkedIn

    this is a Key/Value example

    Use case: High availability, multiple data centers
    Data Model: Storage blocks of data are contained in columns
    Handles size well
    Based on Google's BigTable
    Example: Hadoop/Hbase used by Facebook and Yahoo

    This is a Column Example
    Document Graph

    Use case: Rapid development, Web and programmer friendly
    Data Model: Stores documents made up of tagged elements. Uses Key/Value collections
    Better query abilities than Key/Value databases.
    Inspired by Lotus Notes.
    Example: CouchDB used by BBC

    This is a Document Example

    Use case: Best at dealing with complexity and relationships/networks
    Data model: Nodes and relationships.
    Data is processed quickly
    Inspired by Euler and graph theory
    Can easily evolve schemas
    Example: Neo4j

    This is a Graph Example

    Understand your options

    Archive/Retire

    Store the application data in a long-term repository with the means to locate and read it for regulatory and compliance purposes.

    Migrate

    Migrate to a new version of the application, facilitating the process of moving software applications from one computing environment to another.

    Replatform

    Replatforming is an option for transitioning an existing Domino application to a new modern platform (i.e. cloud) to leverage the benefits of a modern deployment model.

    Stay

    Review the current Domino platform roadmap and understand HCL’s support model. Keep the application within the Domino platform.

    Archive/retire

    Retire the application, storing the application data in a long-term repository.

    Abstract

    The most common approach is to build the required functionality in whatever new application/solution is selected, then archive the old data in PDFs and documents.

    Typically this involves archiving the data and leveraging Microsoft SharePoint and the new collaborative solutions, likely in conjunction with other software-as-a-service (SaaS) solutions.

    Advantages

    • Reduce support cost.
    • Consolidate applications.
    • Reduce risk.
    • Reduce compliance and security concerns.
    • Improve business processes.

    Considerations

    • Application transformation
    • eDiscovery costs
    • Legal implications
    • Compliance implications
    • Business process dependencies

    Info-Tech Insights

    Be aware of the costs associated with archiving. The more you archive, the more it will cost you.

    Application migration

    Migrate to a new version of the application

    Abstract

    An application migration is the managed process of migrating or moving applications (software) from one infrastructure environment to another.

    This can include migrating applications from one data center to another data center, from a data center to a cloud provider, or from a company’s on-premises system to a cloud provider’s infrastructure.

    Advantages

    • Reduce hardware costs.
    • Leverage cloud technologies.
    • Improve scalability.
    • Improve disaster recovery.
    • Improve application security.

    Considerations

    • Data extraction, starting from the document databases in NSF format and including security settings about users and groups granted to read and write single documents, which is a powerful feature of Lotus Domino documents.
    • File extraction, starting from the document databases in NSF format, which can contain attachments and RTF documents and embedded files.
    • Design of the final relational database structure; this activity should be carried out without taking into account the original structure of the data in Domino files or the data conversion and loading, from the extracted format to the final model.
    • Design and development of the target-state custom applications based on the new data model and the new selected development platform.

    Application replatform

    Transition an existing Domino application to a new modern platform

    Abstract

    This type of arrangement is typically part of an application migration or transformation. In this model, client can “replatform” the application into an off-premises hosted provider platform. This would yield many benefits of cloud but in a different scaling capacity as experienced with commodity workloads (e.g. Windows, Linux) and the associated application.

    Two challenges are particularly significant when migrating or replatforming Domino applications:

    • The application functionality/value must be reproduced/replaced with not one but many applications, either through custom coding or a commercial-off-the-shelf/SaaS solution.
    • Notes “databases” are not relational databases and will not migrate simply to an SQL database while retaining the same business value. Notes databases are essentially NoSQL repositories and are difficult to normalize.

    Advantages

    • Leverage cloud technologies.
    • Improve scalability.
    • Align to a SharePoint platform.
    • Improve disaster recovery.
    • Improve application security.

    Considerations

    • Application replatform resource effort
    • Network bandwidth
    • New platform terms and conditions
    • Secure connectivity and communication
    • New platform security and compliance
    • Degree of complexity

    Info-Tech Insights

    There is a difference between a migration and a replatform application strategy. Determine which solution aligns to the application requirements.

    Stay with HCL

    Stay with HCL, understanding its future commitment to the platform.

    Abstract

    Following the announced acquisition of IBM Domino and up until around December 2019, HCL had published no future roadmap for the platform. The public-facing information/website at the time stated that HCL acquired “the product family and key lab services to deliver professional services.” Again, there was no mention or emphasis on upcoming new features for the platform. The product offering on their website at the time stated that HCL would leverage its services expertise to advise clients and push applications into four buckets:

    1. Replatform
    2. Retire
    3. Move to cloud
    4. Modernize

    That public-facing messaging changed with release 11.0, which had references to IBM rebranded to HCL for the Notes and Domino product – along with fixes already inflight. More information can be found on HCL’s FAQ page.

    Advantages

    • Known environment
    • Domino is a supported platform
    • Domino is a developed platform
    • No-code/low-code optimization
    • Business developed applications
    • Rapid application framework

    This is the HCL Domino Logo

    Understand your tools

    Many tools are available to help evaluate or migrate your Domino Platform. Here are a few common tools for you to consider.

    Notes Archiving & Notes to SharePoint

    Summary of Vendor

    “SWING Software delivers content transformation and archiving software to over 1,000 organizations worldwide. Our solutions uniquely combine key collaborative platforms and standard document formats, making document production, publishing, and archiving processes more efficient.”*

    Tools

    Lotus Notes Data Migration and Archiving: Preserve historical data outside of Notes and Domino

    Lotus Note Migration: Replacing Lotus Notes. Boost your migration by detaching historical data from Lotus Notes and Domino.

    Headquarters

    Croatia

    Best fit

    • Application archive and retire
    • Migration to SharePoint

    This is an image of the SwingSoftware Logo

    * swingsoftware.com

    Domino Migration to SharePoint

    Summary of Vendor

    “Providing leading solutions, resources, and expertise to help your organization transform its collaborative environment.”*

    Tools

    Notes Domino Migration Solutions: Rivit’s industry-leading solutions and hardened migration practice will help you eliminate Notes Domino once and for all.

    Rivive Me: Migrate Notes Domino applications to an enterprise web application

    Headquarters

    Canada

    Best fit

    • Application Archive & Retire
    • Migration to SharePoint

    This is an image of the RiVit Logo

    * rivit.ca

    Lotus Notes to M365

    Summary of Vendor

    “More than 300 organizations across 40+ countries trust skybow to build no-code/no-compromise business applications & processes, and skybow’s community of customers, partners, and experts grows every day.”*

    Tools

    SkyBow Studio: The low-code platform fully integrated into Microsoft 365

    Headquarters:

    Switzerland

    Best fit

    • Application Archive & Retire
    • Migration to SharePoint

    This is an image of the SkyBow Logo

    * skybow.com | About skybow

    Notes to SharePoint Migration

    Summary of Vendor

    “CIMtrek is a global software company headquartered in the UK. Our mission is to develop user-friendly, cost-effective technology solutions and services to help companies modernize their HCL Domino/Notes® application landscape and support their legacy COBOL applications.”*

    Tools

    CIMtrek SharePoint Migrator: Reduce the time and cost of migrating your IBM® Lotus Notes® applications to Office 365, SharePoint online, and SharePoint on premises.

    Headquarters

    United Kingdom

    Best fit

    • Application replatform
    • Migration to SharePoint

    This is an image of the CIMtrek Logo

    * cimtrek.com | About CIMtrek

    Domino replatform/Rapid application selection framework

    Summary of Vendor

    “4WS.Platform is a rapid application development tool used to quickly create multi-channel applications including web and mobile applications.”*

    Tools

    4WS.Platform is available in two editions: Community and Enterprise.
    The Platform Enterprise Edition, allows access with an optional support pack.

    4WS.Platform’s technical support provides support services to the users through support contracts and agreements.

    The platform is a subscription support services for companies using the product which will allow customers to benefit from the knowledge of 4WS.Platform’s technical experts.

    Headquarters

    Italy

    Best fit

    • Application replatform

    This is an image of the 4WS PLATFORM Logo

    * 4wsplatform.org

    Activity

    Understand your Domino options

    Application Rationalization Exercise

    Info-Tech Insight

    Application rationalization is the perfect exercise to fully understand your business-developed applications, their importance to business process, and the potential underlying financial impact.

    This activity involves the following participants:

    • IT strategic direction decision-makers.
    • IT managers responsible for an existing Domino platform
    • Organizations evaluating platforms for mission-critical applications.

    Outcomes of this step:

    • Completed Application Rationalization Tool

    Application rationalization exercise

    Use this Application Rationalization Tool to input the outcomes of your various application assessments

    In the Application Entry tab:

    • Input your application inventory or subset of apps you intend to rationalize, along with some basic information for your apps.

    In the Business Value & TCO Comparison tab, determine rationalization priorities.

    • Input your business value scores and total cost of ownership (TCO) of applications.
    • Review the results of this analysis to determine which apps should require additional analysis and which dispositions should be prioritized.

    In the Disposition Selection tab:

    • Add to or adapt our list of dispositions as appropriate.

    In the Rationalization Inputs tab:

    • Add or adapt the disposition criteria of your application rationalization framework as appropriate.
    • Input the results of your various assessments for each application.

    In the Disposition Settings tab:

    • Add or adapt settings that generate recommended dispositions based on your rationalization inputs.

    In the Disposition Recommendations tab:

    • Review and compare the rationalization results and confirm if dispositions are appropriate for your strategy.

    In the Timeline Considerations tab:

    • Enter the estimated timeline for when you execute your dispositions.

    In the Portfolio Roadmap tab:

    • Review and present your roadmap and rationalization results.

    Follow the instructions to generate recommended dispositions and populate an application portfolio roadmap.

    This image depicts a scatter plot graph where the X axis is labeled Business Value, and the Y Axis is labeled Cost. On the graph, the following datapoints are displayed: SF; HRIS; ERP; ALM; B; A; C; ODP; SAS

    Info-Tech Insight

    Watch out for misleading scores that result from poorly designed criteria weightings.

    Related Info-Tech Research

    Build an Application Rationalization Framework

    Manage your application portfolio to minimize risk and maximize value.

    Embrace Business-Managed Applications

    Empower the business to implement their own applications with a trusted business-IT relationship.

    Satisfy Digital End Users With Low- and No-Code

    Extend IT, automation, and digital capabilities to the business with the right tools, good governance, and trusted organizational relationships.

    Maximize the Benefits from Enterprise Applications with a Center of Excellence

    Optimize your organization’s enterprise application capabilities with a refined and scalable methodology.

    Drive Successful Sourcing Outcomes With a Robust RFP Process

    Leverage your vendor sourcing process to get better results.

    Research Authors

    Darin Stahl, Principal Research Advisor, Info-Tech Research Group

    Darin Stahl, Principal Research Advisor,
    Info-Tech Research Group

    Darin is a Principal Research Advisor within the Infrastructure practice, leveraging 38+ years of experience. His areas of focus include IT operations management, service desk, infrastructure outsourcing, managed services, cloud infrastructure, DRP/BCP, printer management, managed print services, application performance monitoring, managed FTP, and non-commodity servers (zSeries, mainframe, IBM i, AIX, Power PC).

    Troy Cheeseman, Practice Lead, Info-Tech Research Group

    Troy Cheeseman, Practice Lead,
    Info-Tech Research Group

    Troy has over 24 years of experience and has championed large enterprise-wide technology transformation programs, remote/home office collaboration and remote work strategies, BCP, IT DRP, IT operations and expense management programs, international right placement initiatives, and large technology transformation initiatives (M&A). Additionally, he has deep experience working with IT solution providers and technology (cloud) startups.

    Research Contributors

    Rob Salerno, Founder & CTO, Rivit Technology Partners

    Rob Salerno, Founder & CTO, Rivit Technology Partners

    Rob is the Founder and Chief Technology Strategist for Rivit Technology Partners. Rivit is a system integrator that delivers unique IT solutions. Rivit is known for its REVIVE migration strategy which helps companies leave legacy platforms (such as Domino) or move between versions of software. Rivit is the developer of the DCOM Application Archiving solution.

    Bibliography

    Cheshire, Nigel. “Domino v12 Launch Keeps HCL Product Strategy On Track.” Team Studio, 19 July 2021. Web.

    “Is LowCode/NoCode the best platform for you?” Rivit Technology Partners, 15 July 2021. Web.

    McCracken, Harry. “Lotus: Farewell to a Once-Great Tech Brand.” TIME, 20 Nov. 2012. Web.

    Sharwood, Simon. “Lotus Notes refuses to die, again, as HCL debuts Domino 12.” The Register, 8 June 2021. Web.

    Woodie, Alex. “Domino 12 Comes to IBM i.” IT Jungle, 16 Aug. 2021. Web.

    Explore the Secrets of IBM Software Contracts to Optimize Spend and Reduce Compliance Risk

    • Buy Link or Shortcode: {j2store}141|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Licensing
    • Parent Category Link: /licensing
    • IBM customers want to make effective use of their paid-up licenses to avoid overspending and stay compliant with agreements.
    • Each IBM software product is subject to different rules.
    • Clients control and have responsibility for aligning usage and payments. Over time, the usage of the software may be out of sync with what the client has paid for, resulting in either overspending or violation of the licensing agreement.
    • IBM audits software usage in order to generate revenue from non-compliant customers.

    Our Advice

    Critical Insight

    • You have a lot of work to do if you haven’t been paying attention to your IBM software.
    • Focus on needs first. Conduct and document a thorough requirements assessment. Well-documented needs will be your core asset in negotiation.
    • Know what’s in IBM’s terms and conditions. Failure to understand these can lead to major penalties after an audit.
    • Review your agreements and entitlements quarterly. IBM may have changed the rules, and you have almost certainly changed your usage.

    Impact and Result

    • Establish clear licensing requirements.
    • Maintain an effective process for managing your IBM license usage and compliance.
    • Identify any cost-reduction opportunities.
    • Prepare for penalty-free IBM audits.

    Explore the Secrets of IBM Software Contracts to Optimize Spend and Reduce Compliance Risk Research & Tools

    Start here – read the Executive Brief

    Read this Executive Brief to understand why you need to invest effort in managing usage and licensing of your IBM software.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Review terms and conditions for your IT contract

    Use Info-Tech’s licensing best practices to avoid the common mistakes of overspending on IBM licensing or failing an IBM audit.

    • IBM Passport Advantage Software RFQ Template
    • IBM 3-Year Bundled Price Analysis Tool
    [infographic]

    Optimize Your Software Selection Process: Why 5 and 30 Are the Magic Numbers

    • Buy Link or Shortcode: {j2store}607|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Selection & Implementation
    • Parent Category Link: /selection-and-implementation
    • Software selection takes forever. The process of choosing even the smallest apps can drag on for years: sometimes in perpetuity. Software selection teams are sprawling, leading to scheduling slowdowns and scope creep. Moreover, cumbersome or ad hoc selection processes lead to business-driven software selection.

    Our Advice

    Critical Insight

    • Maximize project effectiveness with a five-person team. Project satisfaction and effectiveness is stagnant or decreases once the team grows beyond five people.
    • Tight project timelines are critical. Keep stakeholders engaged with a defined application selection timeline that moves the project forward briskly – 30 days is optimal.
    • Empower both IT and end users with a standardized selection process to consistently achieve high satisfaction coming out of software selection projects.

    Impact and Result

    • Shatter stakeholder expectations with truly rapid application selections.
    • Put the “short” back in shortlist by consolidating the vendor shortlist up-front and reducing downstream effort.
    • Identify high-impact software functionality by evaluating fewer use cases.
    • Lock in hard savings and do not pay list price by using data-driven tactics.

    Optimize Your Software Selection Process: Why 5 and 30 Are the Magic Numbers Research & Tools

    Discover the Magic Numbers

    Increase project satisfaction with a five-person core software selection team that will close out projects within 30 days.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Optimize Your Software Selection Process: Why 5 and 30 Are the Magic Numbers Storyboard

    1. Align and eliminate elapsed time

    Ensure a formal selection process is in place and make a concerted effort to align stakeholder calendars.

    2. Reduce low-impact activities

    Reduce time spent watching vendor dog and pony shows, while reducing the size of your RFPs or skipping them entirely.

    3. Focus on high-impact activities

    Narrow the field to four contenders prior to in-depth comparison and engage in accelerated enterprise architecture oversight.

    4. Use these rapid and essential selection tools

    Focus on key use cases rather than lists of features.

    • The Software Selection Workbook
    • The Vendor Evaluation Workbook
    • The Guide to Software Selection: A Business Stakeholder Manual

    5. Engage Two Viable Vendors in Negotiation

    Save more by bringing two vendors to the final stage of the project and surfacing a consolidated list of demands prior to entering negotiation.

    [infographic]

    Further reading

    Optimize Your Software Selection Process: Why 5 and 30 Are the Magic Numbers

    Select your applications better, faster, and cheaper.

    How to Read This Software Selection Insight Primer

    1. 43,000 Data Points
    2. This report is based on data gathered from a survey of 43,000 real-world IT practitioners.

    3. Aggregating Feedback
    4. The data is compiled from SoftwareReviews (a sister company of Info-Tech Research Group), which collects and aggregates feedback on a wide variety of enterprise technologies.

    5. Insights Backed by Data
    6. The insights, charts, and graphs in this presentation are all derived from data submitted by real end users.

    The First Magic Number Is Five

    The optimal software selection team comprises five people

    • Derived from 43,000 data points. Analysis of thousands of software selection projects makes it clear a tight core selection team accelerates the selection process.
    • Five people make up the core team. A small but cross-functional team keeps the project moving without getting bogged down on calendar alignment and endless back-and-forth.
    • It is a balancing act. Having too few stakeholders on the core selection team will lead to missing valuable information, while having too many will lead to delays and politically driven inefficiencies.

    There Are Major Benefits to Narrowing the Selection Team Size to Five

    Limit the risk of ineffective “decision making by committee”

    Expedite resolution of key issues and accelerate crucial decisions

    Achieve alignment on critical requirements

    Streamline calendar management

    Info-Tech Insight

    Too many cooks spoil the broth: create a highly focused selection team that can devote the majority of its time to the project while it’s in flight to demonstrate faster time to value.

    Arm Yourself With Data to Choose the Right Plays for Selection

    Software selection takes forever. The process of choosing even the smallest apps can drag on for years: sometimes in perpetuity.

    Organizations keep too many players on the field, leading to scheduling slowdowns and scope creep.

    Keeping the size of the core selection team down, while liaising with more stakeholders and subject matter experts (SMEs), leads to improved results.

    Maximize project effectiveness with a five-person team. Project satisfaction and effectiveness are stagnant or decrease once the team grows beyond five people.

    Cumbersome or ad hoc selection processes lead to business-driven software selection.

    Increase stakeholder satisfaction by using a consistent selection framework that captures their needs while not being a burden.

    Empower both IT and end users with a standardized selection process to consistently achieve high satisfaction coming out of software selection projects.

    The image contains a graph that is titled: A compact selection team can save you weeks. The graph demonstrates time saved with a five person team in comparison to larger teams.

    Project Satisfaction and Effectiveness Are Stagnant Once the Team Grows Beyond Five People

    The image contains a graph to demonstrate project satisfaction and effectiveness being stagnant with a team larger than five.
    • There is only a marginal difference in selection effectiveness when more people are involved, so why include so many? It only bogs down the process!
    • Full-time resourcing: At least one member of the five team members must be allocated to the selection initiative as a full-time resource.

    Info-Tech Insight

    It sounds natural to include as many players as possible in the core selection group; however, expanding the group beyond five people does not lead to an increase in satisfaction. Consider including a general stakeholder feedback working session instead.

    Shorten Project Duration by Capping the Selection Team at Five People

    However, it is important to make all stakeholders feel heard

    The image contains a graph to demonstrate that an increase in time and effort connects with an increase in total number of people involved.

    Exclusion is not the name of the game.

    • Remember, we are talking about the core selection team.
    • Help stakeholders understand their role in the project.
    • Educate stakeholders about your approach to selection.
    • Ensure stakeholders understand why the official selection team is being capped at five people.
    • Soliciting requirements and feedback from a broader array of stakeholders is still critical.

    Large Organizations Benefit From Compact Selection Teams Just as Much as Small Firms

    Think big even if your organization is small

    Small organizations

    Teams smaller than five people are common due to limited resources.

    Medium organizations

    Selection project satisfaction peaks with teams of fewer than two people. Consider growing the team to about five people to make stakeholders feel more included with minimal drops in satisfaction.

    Large organizations

    Satisfaction peaks when teams are kept to three to five people. With many SMEs available, it is critical to choose the right players for your team.

    The image contains a multi bar graph to demonstrate the benefits of compact selection teams depending on the size of the company, small, medium, or large.

    Keep the Core Selection Team to Five People Regardless of the Software Category

    Smaller selection teams yield increased satisfaction across software categories

    Info-Tech Insight

    Core team size remains the same regardless of the application being selected. However, team composition will vary depending on the end users being targeted.

    Think beyond application complexity

    • Our instinct is to vary the size of the core selection team based on perceived application complexity.
    • The data has demonstrated that a small team yields increased satisfaction for applications across a wide array of application complexity profiles.
    • The real differentiator for complex applications will be the number of stakeholders that the core selection team liaise with, particularly for defining strong requirements.

    The image contains a graph to demonstrate satisfaction across software categories increases with smaller selection teams.

    The Second Magic Number Is 30

    Finish the project while stakeholders are still fully engaged in order to maximize satisfaction

    • 30- to 60-day project timelines are critical. Keep stakeholders engaged with a defined application selection timeline that moves the project forward briskly.
    • Strike while the iron is hot. Deliver applications in a timely manner after the initial request. Don’t let IT become the bottleneck for process optimization.
    • Minimize scope creep: As projects drag on in perpetuity, the scope of the project balloons to something that cannot possibly achieve key business objectives in a timely fashion.

    Aggressively Timeboxing the Project Yields Benefits Across Multiple Software Categories

    After four weeks, stakeholder satisfaction is variable

    The image contains a graph to demonstrate that aggressively timeboxing the project yields benefits across multiple software categories.
    Only categories with at least 1,000 responses were included in the analysis.

    Achieve peak satisfaction by allotting 30 days for an application selection project.

    • Spending two weeks or less typically leads to higher levels of satisfaction for each category because it leaves more time for negotiation, implementation, and making sure everything works properly (especially if there is a time constraint).
    • Watch out for the “satisfaction danger zone” once project enters the 6- to 12-week mark. Completing a selection in four weeks yields greater satisfaction.

    Spend Your Time Wisely to Complete the Selection in 30 Days

    Save time in the first three phases of the selection project

    Awareness

    Education & Discovery

    Evaluation

    Reduce Time

    Reduce Time

    Reduce Time

    Save time duplicating existing market research. Save time and maintain alignment with focus groups.

    Save time across tedious demos and understanding the marketplace.

    Save time gathering detailed historical requirements. Instead, focus on key issues.

    Info-Tech Insight – Awareness

    Timebox the process of impact analysis. More time should be spent performing the action than building a business case.

    Info-Tech Insight – Education

    Save time duplicating existing market research. Save time and maintain alignment with focus groups.

    Info-Tech Insight – Evaluation

    Decision committee time is valuable. Get up to speed using third-party data and written collateral. Use committee time to conduct investigative interviews instead. Salesperson charisma and marketing collateral quality should not be primary selection criteria. Sadly, this is the case far too often.

    Limit Project Duration to 30 Days Regardless of the Application Being Selected

    Timeboxing application selection yields increased satisfaction across software categories

    The image contains a graph to demonstrate selection effort in weeks by satisfaction. The graph includes informal and formal methods on the graph across the software categories.

    Info-Tech Insight

    Office collaboration tools are a great case study for increasing satisfaction with decreased time to selection. Given the sharp impetus of COVID-19, many organizations quickly selected tools like Zoom and Teams, enabling remote work with very high end-user satisfaction.

    There are alternative approaches for enterprise-sized applications:

    • New applications that demand rigorous business process improvement efforts may require allotting time for prework before engaging in the 30-day selection project.
    • To ensure that IT is using the right framework, understand the cost and complexity profile of the application you’re looking to select.

    The Data Also Shows That There Are Five Additional Keys to Improving Your Selection Process

    1. ALIGN & ELIMINATE ELAPSED TIME
    • Ensure a formal selection process is in place.
    • Balance the core selection team’s composition.
    • Make a concerted effort to align stakeholder calendars.
    2. REDUCE TIME SPENT ON LOW-IMPACT ACTIVITIES
    • Reduce time spent on internet research. Leverage hard data and experts.
    • Reduce RFP size or skip RFPs entirely.
    • Reduce time spent watching vendor dog and pony shows.
    3. FOCUS ON HIGH- IMPACT ACTIVITIES
    • Narrow the field to four contenders prior to in-depth comparison.
    • Identify portfolio overlap with accelerated enterprise architecture oversight.
    • Focus on investigative interviews and proof of concept projects.
    4. USE RAPID & ESSENTIAL ASSESSMENT TOOLS
    • Focus on key use cases, not lists of features.
    • You only need three essential tools: Info-Tech’s Vendor Evaluation Workbook, Software Selection Workbook, and Business Stakeholder Manual.
    5. ENGAGE TWO VIABLE VENDORS IN NEGOTIATION
    • Save more during negotiation by selecting two viable alternatives.
    • Surface a consolidated list of demands prior to entering negotiation.
    • Communicate your success with the organization.

    1. Align & Eliminate Elapsed Time

    ✓ Ensure a formal selection process is in place.

    ✓ Reduce time by timeboxing the project to 30 days.

    ✓ Align the calendars of the five-person core selection team.

    Improving Your IT Department’s Software Selection Capability Yields Big Results

    Time spent building a better process for software selection is a great investment

    • Enterprise application selection is an activity that every IT department must embark on, often many times per year.
    • The frequency and repeatability of software selection means it is an indispensable process to target for optimization.
    • A formal process is not always synonymous with a well-oiled process.
    • Even if you have a formal selection process already in place, it’s imperative to take a concerted approach to continuous improvement.

    It is critical to improve the selection process before formalizing

    Leverage Info-Tech’s Rapid Application Selection Framework to gain insights on how you can fine-tune and accelerate existing codified approaches to application selection.

    Before Condensing the Selection Team, First Formalize the Software Selection Process

    Software selection processes are challenging

    Vendor selection is politically charged, requiring Procurement to navigate around stakeholder biases and existing relationships.

    Stakeholders

    The process is time consuming and often started too late. In the absence of clarity around requirements, it is easy to default to looking at price instead of best functional and architectural fit.

    Timing

    Defining formal process and methodology

    Formal selection methodologies are repeatable processes that anybody can consistently follow to quickly select new technology.

    Repeatable

    The goal of formalizing the approach is to enable IT to deliver business value consistently while also empowering stakeholders to find tools that meet their needs. Remember! A formal selection process is synonymous with a bureaucratic, overblown approach.

    Driving Value

    Most Organizations Are Already Using a Formal Software Selection Methodology

    Don’t get left behind!

    • A common misconception for software selection is that only large organizations have formal processes.
    • The reality is that organizations of all sizes are making use of formal processes for software selection.
    • Moreover, using a standardized method to evaluate new technology is most likely common practice among your competitors regardless of their size.
    • It is important to remember that the level of rigor for the processes will vary based not only on project size but also on organization size.
    Only categories with at least 1,000 responses were included in the analysis.

    The image contains a double bar graph that compares the sizes of companies using formal or informal evaluation and selection methodology.

    Use a Formal Evaluation and Selection Methodology to Achieve Higher Satisfaction

    A formal selection process does not equal a bloated selection process

    • No matter what process is being used, you should consider implementing a formal methodology to reduce the amount of time required to select the software. This trend continues across different levels of software (commodity, complex, and enterprise).
    • It is worth noting that using a process can actually add more time to the selection process, so it is important to know how to use it properly.
    • Don’t use just one process: you should use a combination, but don’t use more than three when selecting your software.
    The image contains a double bar graph to demonstrate the difference between formal and informal evaluation to achieve a higher satisfaction.

    Hit a Home Run With Your Business Stakeholders

    Use a data-driven approach to select the right application vendor for their needs – fast

    The image contains a screenshot of the data-drive approach. The approach includes: awareness, education & discovery, evaluation, selection, negotiation & configuration.

    Investing time improving your software selection methodology has big returns.

    Info-Tech Insight

    Not all software selection projects are created equal – some are very small; some span the entire enterprise. To ensure that IT is using the right framework, understand the cost and complexity profile of the application you’re looking to select. The Rapid Application Selection Framework approach is best for commodity and mid-tier enterprise applications; selecting complex applications is better handled by the methodology described in Implement a Proactive and Consistent Vendor Selection Process.

    Lock Down the Key Players Before Setting Up the Relevant Timeline

    You are the quarterback of your selection team

    Don’t get bogged down “waiting for the stars to align” in terms of people’s availability: if you wait for the perfect alignment, the project may never get done.

    If a key stakeholder is unavailable for weeks or months due to PTO or other commitments, don’t jeopardize project timelines to wait for them to be free. Find a relevant designate that can act in their stead!

    You don’t need the entire team on the field at once. Keep certain stakeholders on the bench to swap in and out as needed.

    Info-Tech Insight

    Assemble the key stakeholders for project kick-off to synchronize the application selection process and limit elapsed time. Getting all parties on the same page increases output satisfaction and eliminates rework. Save time and get input from key stakeholders at the project kick-off.

    Assemble a Cross-Functional Team for Best Results

    A blend of both worlds gets the best of both worlds from domain expertise (technical and business)

    The image contains a graph labelled: Likeliness to recommend. It is described in the text below.

    How to manage the cross-functional selection team:

    • There should be a combination of IT and businesspeople involved in the selection process, and ideally the ratio would be balanced.
    • No matter what you are looking for, you should never include more than five people in the selection process.
    • You can keep key stakeholders and other important individuals informed with what is going on, but they don’t necessarily have to be involved in the selection process.

    Leverage a Five-Person Team With Players From Both IT and the Business

    For maximum effectiveness, assign at least one resource to the project on a full-time basis

    IT Leader

    Technical IT

    Business Analyst/ Project Manager

    Business Lead

    Process Expert

    This team member is an IT director or CIO who will provide sponsorship and oversight from the IT perspective.

    This team member will focus on application security, integration, and enterprise architecture.

    This team member elicits business needs and translates them into technology requirements.

    This team member will provide sponsorship from the business needs perspective.

    This team member will contribute their domain-specific knowledge around the processes that the new application supports.

    Info-Tech Insight

    It is critical for the selection team to determine who has decision rights. Organizational culture will play the largest role in dictating which team member holds the final say for selection decisions.

    Ensure That Your Project Has the Right Mix of the Core Team and Ancillary Stakeholders

    Who is involved in selecting the new application?

    • Core selection team:
      • The core team ideally comprises just five members.
      • There will be representatives from IT and the specific business function that is most impacted by the application.
      • The team is typically anchored by a business analyst or project management professional.
      • This is the team that is ultimately accountable for ensuring that the project stays on track and that the right vendor is selected.
    • Ancillary stakeholders:
      • These stakeholders are brought into the selection project on an as-needed basis. They offer commentary on requirements and technical know-how.
      • They will be impacted by the project outcome but they do not bear ultimate accountability for selecting the application.
    The image contains an outer circle that lists Ancillary Stakeholders, and an inner selection team that lists core selection teams.

    Tweak the Team Composition Based on the Application Category in Question

    All applications are different. Some categories may require a slightly different balance of business and IT users.

    When to adjust the selection team’s business to IT ratio:

    • Increase the number of business stakeholders for customer-centric applications like customer relationship management and customer service management.
    • Keep projects staffed with more technical resources when selecting internal-facing tools like network monitoring platforms, next-generation firewalls, and endpoint protection systems.
    The image contains a graph to demonstrate how to tweak the team composition based on the application category.

    When to adjust the selection team’s business to IT ratio:

    • Increase the number of business stakeholders for customer-centric applications like customer relationship management and customer service management.
    • Keep projects staffed with more technical resources when selecting internal-facing tools like network monitoring platforms, next-generation firewalls, and endpoint protection systems.

    Balance the Selection Team With Decision Makers and Front-Line Resources

    Find the right balance!

    • Make sure to include key decision makers to increase the velocity of approvals.
    • However, it is critical to include the right number of front-line resources to ensure that end-user needs are adequately reflected in the requirements and decision criteria used for selection.

    The image contains a graph on the team composition with number of decision makers involved.

    Info-Tech Insight

    When selecting their software, organizations have an average of two to four business and IT decision makers/influencers on the core selection team.

    Optimize Meeting Cadence to Complete Selection in 30 Days

    Project Cadence:

    • Execute approximately one phase per week.
    • Conduct weekly checkpoints to move through your formal selection framework.
    • Allot two to four hours per touchpoint.

    The image contains a calendar with the five phases spread put over five weeks.

    Info-Tech Insight

    Use weekly touchpoints with the core selection team to eliminate broken telephone. Hold focus groups and workshops to take a more collaborative, timely, and consensus-driven approach to zero in on critical requirements.

    2. Reduce Time Spent on Low-Impact Activities

    ✓ Reduce time spent on internet research. Leverage hard data and experts.

    ✓ Reduce RFP size or skip RFPs entirely.

    ✓ Reduce time spent watching vendor dog and pony shows.

    Reduce Time Spent on Internet Research by Leveraging Hard Data and Experts

    REDUCE BIAS

    Taking a data-driven approach to vendor selection ensures that decisions are made in a manner that reduces human bias and exposure to misaligned incentives.

    SCORING MODELS

    Create a vendor scoring model that uses several different scored criteria (alignment to needs, alignment to architecture, cost, relationship, etc.) and weight them.

    AGGREGATE EXPERIENCES

    When you leverage services such as SoftwareReviews, you’re relying on amalgamated data from hundreds of others that have already been down this path: benefit from their experience!

    PEER-DRIVEN INSIGHTS

    Formally incorporate a review of Category Reports from SoftwareReviews into your vendor selection process to take advantage of peer-driven expert insights.

    Contact Us

    Info-Tech is just a phone call away. Our expert analysts can guide you to successful project completion at no additional cost to you.

    Bloated RFPs Are Weighing You Down

    Avoid “RFP overload” – parse back deliverables for smaller projects

    1. Many IT and procurement professionals are accustomed to deliverable-heavy application selection projects.
    2. Massive amounts of effort is spent creating onerous RFIs, RFPs, vendor demo scripts, reference guides, and Pugh matrices – with only incremental (if any) benefits.
    3. For smaller projects, focus on creating a minimum viable RFP that sketches out a brief need statement and highlights three or four critical process areas to avoid RFP fatigue.

    Draft a lightweight RFI (or minimum viable RFP) to give vendors a snapshot of your needs while managing effort

    An RFI or MV-RFP is a truncated RFP document that highlights core use cases to vendors while minimizing the amount of time the team has to spend building it.

    You may miss out on the right vendor if:

    • The RFP is too long or cumbersome for the vendor to respond.
    • Vendors believe their time is better spent relationship selling.
    • The RFP is unclear and leads them to believe they won’t be successful.
    • The vendor was forced to guess what you were looking for.

    How to write a successful RFI/MV-RFP:

    • Expend your energy relative to the complexity of the required solution or product you’re seeking.
    • A good MV-RFP is structured as follows: a brief description of your organization, business context, and key requirements. It should not exceed a half-dozen pages in length.
    • Be transparent.
    • This could potentially be a long-term relationship, so don’t try to trick suppliers.
    • Be clear in your expectations and focus on the key aspects of what you’re trying to achieve.

    Use the appropriate Info-Tech template for your needs (RFI, RFQ, or RFP). The Request for Information Template is best suited to the RASF approach.

    If Necessary, Make Sure That You Are Going About RFPs the Right Way

    RFPs only add satisfaction when done correctly

    The image contains a graph to demonstrate RFP and satisfaction.

    Info-Tech Insight

    Prescriptive yet flexible: Avoid RFP overload when selecting customer experience–centric applications, but a formal approach to selection is still beneficial.

    When will an RFP increase satisfaction?

    • Satisfaction is increased when the RFP is used in concert with a formal selection methodology. An RFP on its own does not drive significant value.
    • RFPs that focus on an application’s differentiating features lead to higher satisfaction with the selection process.
    • Using the RFP to evaluate mandatory or standard and/or mandatory features yields neutral results.

    Reduce Time Spent Watching Vendor Dog and Pony Shows

    Salesperson charisma and marketing collateral quality should not be primary selection criteria. Sadly, this is the case far too often.

    Use data to take control back from the vendor

    • Taking a data-driven approach to vendor selection ensures that decisions are made in a manner that reduces human bias and exposure to misaligned incentives.
    • When you leverage services such as SoftwareReviews, you’re relying on amalgamated data from hundreds of others that have already been down this path: benefit from their collective experience!

    Kill the “golf course effect” and eliminate stakeholder bias

    • A leading cause of selection failure is human bias. While rarely malicious, the reality is that decision makers and procurement staff can become unduly biased over time by vendor incentives. Conference passes, box seats, a strong interpersonal relationship – these are all things that may be valuable to a decision maker but have no bearing on the efficacy of an enterprise application.
    • A strong selection process mitigates human bias by using a weighted scoring model and basing decisions on hard data: cost, user satisfaction scores, and trusted third-party data from services such as SoftwareReviews.

    Conduct a Day of Rapid-Fire Investigative Interviews

    Zoom in on high-value use cases and answers to targeted questions

    Make sure the solution will work for your business

    Give each vendor 60 to 90 minutes to give a rapid-fire presentation. We suggest the following structure:

    • 20 minutes: company introduction and vision
    • 20 minutes: one high-value scenario walkthrough
    • 20-40 minutes: targeted Q&A from the business stakeholders and procurement team

    To ensure a consistent evaluation, vendors should be asked analogous questions, and a tabulation of answers should be conducted.

    How to challenge the vendors in the investigative interview

    • Change the visualization/presentation.
    • Change the underlying data.
    • Add additional data sets to the artifacts.
    • Collaboration capabilities.
    • Perform an investigation in terms of finding BI objects and identifying previous changes and examine the audit trail.

    Rapid-Fire Vendor Investigative Interview

    Invite vendors to come onsite (or join you via videoconference) to demonstrate the product and to answer questions. Use a highly targeted demo script to help identify how a vendor’s solution will fit your organization’s particular business capability needs.

    Spend Your Time Wisely and Accelerate the Process

    Join the B2B software selection r/evolution

    Awareness

    Education & Discovery

    Evaluation

    Selection

    Negotiation & Configuration

    Reduce Time

    Reduce Time

    Reduce Time

    Reduce Time

    Reduce Time

    Save time
    duplicating existing market research. Save time and maintain alignment with focus groups.

    Save time across tedious demos and understanding the marketplace.

    Save time gathering detailed historical requirements. Instead, focus on key issues.

    Use your time to validate how the solution will handle mission-critical requirements.

    Spend time negotiating with two viable alternatives to reduce price by up to 50%.

    Use a tier-based model to accelerate commodity and complex selection projects.

    Eliminate elapsed process time with focus groups and workshops.

    3. Focus on High-Impact Activities

    ✓ Narrow the field to four contenders prior to in-depth comparison.

    ✓ Identify portfolio overlap with accelerated enterprise architecture oversight.

    ✓ Focus on investigative interviews and proof of concept projects.

    Narrow the Field to a Maximum of Four Contenders

    Focus time spent on the players that we know can deliver strong value

    1. ACCELERATE SELECTION

    Save time by exclusively engaging vendors that support the organization’s differentiating requirements.

    2. DECISION CLARITY

    Prevent stakeholders from getting lost in the weeds with endless lists of vendors.

    3.CONDENSED DEMOS

    Limiting the project to four contenders allows you to stack demos/investigative interviews into the same day.

    4. LICENSING LEVERAGE

    Keep track of key differences between vendor offerings with a tight shortlist.

    Rapid & Effective Selection Decisions

    Consolidating the Vendor Shortlist Up-Front Reduces Downstream Effort

    Put the “short” back in shortlist!

    • Radically reduce effort by narrowing the field of potential vendors earlier in the selection process. Too many organizations don’t funnel their vendor shortlist until nearing the end of the selection process. The result is wasted time and effort evaluating options that are patently not a good fit.
    • Leverage external data (such as SoftwareReviews) and expert opinion to consolidate your shortlist into a smaller number of viable vendors before the investigative interview stage and eliminate time spent evaluating dozens of RFP responses.
    • Having fewer RFP responses to evaluate means you will have more time to do greater due diligence.

    Rapid Enterprise Architecture Evaluations Are High-Impact Activities

    When accelerating selection decisions, finding the right EA is a balancing act

    • Neglecting enterprise architecture as a shortcut to save time often leads to downstream integration problems and decreases application satisfaction.
    • On the other hand, overly drawn out enterprise architecture evaluations can lead to excessively focusing on technology integration versus having a clear and concise understanding of critical business needs.

    Info-Tech Insight

    Targeting an enterprise architecture evaluation as part of your software selection process that does not delay the selection while also providing sufficient insight into platform fit is critical.

    Key activities for rapid enterprise architecture evaluation include:

    1. Security analysis
    2. Portfolio overlap review + integration assessment
    3. Application standards check

    The data confirms that it is worthwhile to spend time on enterprise architecture

    • Considering software architecture fit up-front to determine if new software aligns with the existing application architecture directly links to greater satisfaction.
    • Stakeholders are most satisfied with their software value when there is a good architectural platform fit.
    • Stakeholders that ranked Architectural Platform Fit lower during the selection process were ultimately more unsatisfied with their software choice.

    The image contains a screenshot of data to demonstrate that it is worthwhile to spend time on enterprise architecture.

    Identify Portfolio Overlap With an Accelerated Enterprise Architecture Assessment

    Develop a clear view of any overlap within your target portfolio subset and clear rationalization/consolidation options

    • Application sprawl is a critical pain point in many organizations. It leads to wasted time, money, and effort as IT (and the business) maintain myriad applications that all serve the same functional purpose.
    • Opportunities are missed to consolidate and streamline associated business process management, training, and end-user adoption activities.
    • Identify which applications in your existing architecture serve a duplicate purpose: these applications are the ones you will want to target for consolidation.
    • As you select a new application, identify where it can be used to serve the goal for application rationalization (i.e. can we replace/retire existing applications in our portfolio by standardizing the new one?).

    Keep the scope manageable!

    • Highlight the major functional processes that are closely related to the application you’re selecting and identify which applications support each.
    • The template below represents a top-level view of a set of customer experience management (CXM) applications. Identify linkages between sets of applications and if they’re uni- or bi-directional.
    The image contains a screenshot of images that demonstrate portfolio overlap with an accelerated enterprise architecture assessment.

    Rapidly Evaluate the Security & Risk Profile for a Right-Sized Enterprise Architecture Evaluation

    There are four considerations for determining the security and risk profile for the new application

    1. Financial Risk
    • Consider the financial impact the new application has on the organization.
      • How significant is the investment in technology?
    • If this application fails to meet its business goals and deliver strong return on investment, will there be a significant amount of financial resources to mitigate the problem?
  • Data Sensitivity Risk
    • Understand the type of data that will be handled/stored by the application.
      • For example, a CRM will house customer personally identifiable information (PII) and an ECM will store confidential business documentation.
    • Determine the consequences of a potential breach (i.e. legal and financial).
  • Application Vulnerability Risk
    • Consider whether the application category has a historically strong security track record.
      • For example, enterprise cloud storage solutions may have a different level of vulnerability than an HRIS platform.
  • Infrastructure Risk
    • Determine whether the new application requires changes to infrastructure or additional security investments to safeguard expanded infrastructure.
    • Consider the ways in which the changes to infrastructure increase the vectors for security breaches.

    Spend More Time Validating Key Issues With Deep Technical Assessments

    The image contains a screenshot of an image of an iceberg. The top part of the iceberg is above water and labelled 40%. The rest of the iceberg is below water and is labelled 60%.

    Conversations With the Vendor

    • Initial conversations with the vendor build alignment on overall application capabilities, scope of work, and pricing.

    Pilot Projects and Trial Environments

    • Conduct a proof of concept project to ensure that the application satisfies your non-functional requirements.
    • Technical assessments not only demonstrate whether an application is compatible with your existing systems but also give your technical resources the confidence that the implementation process will be as smooth as possible.
    • Marketing collateral glosses over actual capabilities and differentiation. Use unbiased third-party data and detailed system training material.

    4. Use Rapid & Essential Assessment Tools

    ✓ Focus on key use cases, not lists of features.

    ✓ You only need three essential tools:

    1. Info-Tech’s Vendor Evaluation Workbook
    2. The Software Selection Workbook
    3. A Business Stakeholder Manual

    Focus on Key Use Cases, Not an Endless Laundry List of Table Stakes Features

    Focus on Critical Requirements

    Failure to differentiate must-have and nice-to-have use cases leads to applications full of non-critical features.

    Go Beyond the Table Stakes

    Accelerate the process by skipping common requirements that we know that every vendor will support.

    Streamline the Quantity of Use Cases

    Working with a tighter list of core use cases increases time spent evaluating the most impactful functionality.

    Over-Customization Kills Projects

    Eliminating dubious “sacred cow” requirements reduces costly and painful platform customization.

    Only Make Use of Essential Selection Artifacts

    Vendor selection projects often demand extensive and unnecessary documentation

    The Software Selection Workbook

    Work through the straightforward templates that tie to each phase of the Rapid Application Selection Framework, from assessing the business impact to requirements gathering.

    The image contains a screenshot of The Software Selection Workbook.

    The Vendor Evaluation Workbook

    Consolidate the vendor evaluation process into a single document. Easily compare vendors as you narrow the field to finalists.

    The image contains a screenshot of The Vendor Evaluation Workbook.

    The Guide to Software Selection: A Business Stakeholder Manual

    Quickly explain the Rapid Application Selection Framework to your team while also highlighting its benefits to stakeholders.

    The image contains a screenshot of The Guide to Software Selection: A Business Stakeholder Manual.

    Software Selection Engagement

    Five advisory calls over a five-week period to accelerate your selection process

    • Expert analyst guidance over five weeks on average to select and negotiate software.
    • Save money, align stakeholders, speed up the process, and make better decisions.
    • Use a repeatable, formal methodology to improve your application selection process.
    • Better, faster results, guaranteed, included in membership.
    The image contains a screenshot of the calendar over 30 days that outlines the five calls.

    Click here to book your selection engagement

    Software Selection Workshop

    With 40 hours of advisory assistance delivered online, select better software, faster.

    • 40 hours of expert analyst guidance.
    • Project and stakeholder management assistance.
    • Save money, align stakeholders, speed up the process, and make better decisions.
    • Better, faster results, guaranteed; $20K standard engagement fee.
    The image contains a screenshot of the calendar over 30 days that outlines the five calls.

    CLICK HERE TO BOOK YOUR WORKSHOP ENGAGEMENT

    5. Select Two Viable Options & Engage Both in Negotiation

    ✓ Save more during negotiation by selecting two viable alternatives.

    ✓ Surface a consolidated list of demands prior to entering negotiation.

    ✓ Communicate your success with the organization.

    Save More During Negotiation by Selecting Two Viable Alternatives

    VENDOR 1

    Build in a realistic plan B that allows you to apply leverage to the incumbent or primary vendor of choice.

    VENDOR 2

    If the top contender is aware that they do not have competition, they will be less inclined to make concessions.

    Maintain momentum with two options

    • Should you realize that the primary contender is no longer a viable option (i.e. security concerns), keeping a second vendor in play enables you to quickly pivot without slowing down the selection project.

    Secure best pricing by playing vendors off each other

    • Vendors are more likely to give concessions on the base price once they become aware that a direct competitor has entered the evaluation.

    Truly commit to a thorough analysis of alternatives

    • By evaluating competitive alternatives, you’ll get a more comprehensive view on market standards for a solution and be able to employ a range of negotiation tactics.

    Focus on 5-10 Specific Contract Change Requests

    Accelerate negotiation by picking your battles

    ANALYZE

    DOCUMENT

    CONSOLIDATE

    PRESENT

    • Parse the contract, order form, and terms & conditions for concerning language.
    • Leverage expertise from internal subject matter experts in addition to relevant legal council.
    • Document all concerns and challenges with the language in the vendor contract in a single spreadsheet.
    • Make vendors more receptive to your cause by going one step beyond writing what the change should be. Provide the reasoning behind the change and even the relevant context.
    • Identify the change requests that are most important for the success of the selection project.
    • Compile a list of the most critical change requests.
    • Consider including nice-to-have requests that you can leverage as strategic concessions.
    • Present the consolidated list of critical change requests to the vendor rather than sharing the entire range of potential changes to the contract.
    • Make sure to include context and background for each request.
    • Eliminate potential delays by proactively establishing a timeline for the vendor’s response.

    Share Stories of Cost Savings With the Organization

    Secure IT’s seat at the table

    Hard cost savings speak louder than words. Executive leadership will see IT as the go-to team for driving business value quickly, yet responsibly.

    Build hype around the new software

    Generate enthusiasm by highlighting the improved user experience provided by the new software that was has just been selected.

    Drive end-user adoption

    Position the cost savings as an opportunity to invest in onboarding. An application is only as valuable as your employees’ ability to effectively use it.

    Keep the process rolling

    Use the momentum from the project and its successful negotiation to roll out the accelerated selection approach to more departments across the organization.

    Overall: The Magic Number Saves You Time and Money

    Software selection takes forever. The process of choosing even the smallest apps can drag on for years: sometimes in perpetuity.

    Organizations keep too many players on the field, leading to scheduling slowdowns and scope creep.

    Keeping the size of the core selection team down, while liaising with more stakeholders and subject matter experts (SMEs), leads to improved results.

    Maximize project effectiveness with a five-person team. Project satisfaction and effectiveness are stagnant or decrease once the team grows beyond five people.

    Cumbersome or ad hoc selection processes lead to business-driven software selection.

    Increase stakeholder satisfaction by using a consistent selection framework that captures their needs while not being a burden.

    Empower both IT and end users with a standardized selection process to consistently achieve high satisfaction coming out of software selection projects.

    The image contains a graph that is titled: A compact selection team can save you weeks. The graph demonstrates time saved with a five person team in comparison to larger teams.

    Key Takeaways for Improving Your Selection Process

    1. ALIGN & ELIMINATE ELAPSED TIME

    • Ensure a formal selection process is in place and reduce time by timeboxing the project to 30 days.
    • Align the calendars of the five-person core selection team to maximize efficiency.

    2. REDUCE TIME SPENT ON LOW-IMPACT ACTIVITIES

    • Go beyond the table stakes and accelerate the process by skipping common requirements that we know that every vendor will support.
    • Only make use of essential selection artifacts.

    3. FOCUS ON HIGH- IMPACT ACTIVITIES

    • Skip the vendor dog and pony shows with investigative interviews.
    • Minimize time spent on novel-sized RFPs; instead highlight three or four critical process areas.

    4. USE RAPID & ESSENTIAL ASSESSMENT TOOLS

    • Consolidating the vendor shortlist up-front reduces downstream effort.
    • Application sprawl is a critical pain point in many organizations that leads to wasted time and money.

    5. ENGAGE TWO VIABLE VENDORS IN NEGOTIATION

    • Build in a realistic plan B that allows you to apply leverage to the incumbent or primary vendor of choice.
    • Pick your battles and focus on 5-10 specific contract change requests.

    Appendix

    This study is based on a survey of 43,000 real-world IT practitioners.

    • SoftwareReviews (a sister company of Info-Tech Research Group) collects and aggregates feedback on a wide variety of enterprise technologies.
    • The practitioners are actual end users of hundreds of different enterprise application categories.
    • The following slides highlight the supplementary data points from the comprehensive survey.

    Methodology

    A comprehensive study based on the responses of thousands of real-world practitioners.

    Qualitative & Secondary

    Using comprehensive statistical techniques, we surveyed what our members identified as key drivers of success in selecting enterprise software. Our goal was to determine how organizations can accelerate selection processes and improve outcomes by identifying where people should spend their time for the best results.

    Large-n Survey

    To determine the “Magic Numbers,” we used a large-n survey: 40,000 respondents answered questions about their applications, selection processes, organizational firmographics, and personal characteristics. We used this data to determine what drives satisfaction not only with the application but with the selection process itself.

    Quantitative Drill-Down

    We used the survey to narrow the list of game-changing practices. We then conducted additional quantitative research to understand why our respondents may have selected the responses they did.

    Manage Poor Performance While Working From Home

    • Buy Link or Shortcode: {j2store}599|cart{/j2store}
    • member rating overall impact: 9.0/10 Overall Impact
    • member rating average dollars saved: $1,600 Average $ Saved
    • member rating average days saved: 18 Average Days Saved
    • Parent Category Name: Manage & Coach
    • Parent Category Link: /manage-coach
    • For many, emergency WFH comes with several new challenges such as additional childcare responsibilities, sudden changes in role expectations, and negative impacts on wellbeing. These new challenges, coupled with previously existing ones, can result in poor performance. Owing to the lack of physical presence and cues, managers may struggle to identify that an employee’s performance is suffering. Even after identifying poor performance, it can be difficult to address remotely when such conversations would ideally be held in person.

    Our Advice

    Critical Insight

    • Poor performance must be managed, despite the pandemic. Evaluating root causes of performance issues is more important than ever now that personal factors such as lack of childcare and eldercare for those working from home are complicating the issue.

    Impact and Result

    • Organizations need to have a clear process for improving performance for employees working remotely during the COVID-19 pandemic. Provide managers with resources to help them identify performance issues and uncover their root causes as part of addressing overall performance. This will allow managers to connect employees with the required support while working with them to improve performance.

    Manage Poor Performance While Working From Home Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Follow the remote performance improvement process

    Determine how managers can identify poor performance remotely and help them navigate the performance improvement process while working from home.

    • Manage Poor Performance While Working From Home Storyboard
    • Manage Poor Performance While Working From Home: Manager Guide
    • Manage Poor Performance While Working From Home: Infographic

    2. Clarify roles and leverage resources

    Clarify roles and responsibilities in the performance improvement process and tailor relevant resources.

    • Wellness and Working From Home
    [infographic]

    Further reading

    Manage Poor Performance While Working From Home

    Assess and improve remote work performance with our ready-to-use tools.

    Executive Summary

    McLean & Company Insight

    Poor performance must be managed, despite the pandemic. Evaluating root causes of performance issues is more important than ever now that personal factors such as lack of childcare and eldercare for those working from home are complicating the issue.

    Situation

    COVID-19 has led to a sudden shift to working from home (WFH), resulting in a 72% decline in in-office work (Ranosa, 2020). While these uncertain times have disrupted traditional work routines, employee performance remains critical, as it plays a role in determining how organizations recover. Managers must not turn a blind eye to performance issues but rather must act quickly to support employees who may be struggling.

    Complication

    For many, emergency WFH comes with several new challenges such as additional childcare responsibilities, sudden changes in role expectations, and negative impacts on wellbeing. These new challenges, coupled with previously existing ones, can result in poor performance. Owing to the lack of physical presence and cues, managers may struggle to identify that an employee’s performance is suffering. Even after identifying poor performance, it can be difficult to address remotely when such conversations would ideally be held in person.

    Solution

    Organizations need to have a clear process for improving performance for employees working remotely during the COVID-19 pandemic. Provide managers with resources to help them identify performance issues and uncover their root causes as part of addressing overall performance. This will allow managers to connect employees with the required support while working with them to improve performance.

    Manage Poor Performance While Working From Home is made up of the following resources:

    1

    Identify

    2

    Initiate

    3

    Deploy

    4

    a) Follow Up
    b) Decide
    Storyboard

    This storyboard is organized by the four steps of the performance improvement process: identify, initiate, deploy, and follow up/decide. These will appear on the left-hand side of the slides as a roadmap.

    The focus is on how HR can design the process for managing poor performance remotely and support managers through it while emergency WFH measures are in place. Key responsibilities, email templates, and relevant resources are included at the end.

    Adapt the process as necessary for your organization.

    Manager Guide

    The manager guide contains detailed advice for managers on navigating the process and focuses on the content of remote performance discussions.

    It consists of the following sections:

    • Identifying poor performance.
    • Conducting performance improvement discussions.
    • Uncovering and addressing root causes of poor performance.
    Manager Infographic

    The manager infographic illustrates the high-level steps of the performance improvement process for managers in a visually appealing and easily digestible manner.

    This can be used to easily outline the process, providing managers with a resource to quickly reference as they navigate the process with their direct reports.

    In this blueprint, “WFH” and “remote working” are used interchangeably.

    This blueprint will not cover the performance management framework; it is solely focused on managing performance issues.

    For information on adjusting the regular performance management process during the pandemic, see Performance Management for Emergency Work-From-Home.

    Identify how low performance is normally addressed

    A process for performance improvement is not akin to outlining the steps of a performance improvement plan (PIP). The PIP is a development tool used within a larger process for performance improvement. Guidance on how to structure and use a PIP will be provided later in this blueprint.

    Evaluate how low performance is usually brought to the attention of HR in a non-remote situation:
    • Do managers approach HR for an employee transfer or PIP without having prior performance conversations with the employee?
    • Do managers come to HR when they need support in developing an employee in order to meet expectations?
    • Do managers proactively reach out to HR to discuss appropriate L&D for staff who are struggling?
    • Do some departments engage with the process while others do not?
    Poor performance does not signal the immediate need to terminate an employee. Instead, managers should focus on helping the struggling employee to develop so that they may succeed.
    Evaluate how poor performance is determined:
    • Do managers use performance data or concrete examples?
    • Is it based on a subjective assessment by the manager?
    Keep in mind that “poor performance” now might look different than it did before the pandemic. Employees must be aware of the current expectations placed on them before they can be labeled as underperforming – and the performance expectations must be assessed to ensure they are realistic.

    For information on adjusting performance expectations during the pandemic, see Performance Management for Emergency Work-From-Home.

    The process for non-union and union employees will likely differ. Make sure your process for unionized employees aligns with collective agreements.

    Determine how managers can identify poor performance of staff working remotely

    1

    Identify

    2

    Initiate

    3

    Deploy

    4

    a) Follow Up
    b) Decide
    Identify: Determine how managers can identify poor performance.
    In person, it can be easy to see when an employee is struggling by glancing over at their desk and observing body language. In a remote situation, this can be more difficult, as it is easy to put on a brave face for the half-hour to one-hour check-in. Advise managers on how important frequent one-one-ones and open communication are in helping identify issues when they arise rather than when it’s too late.

    Managers must clearly document and communicate instances where employees aren’t meeting role expectations or are showing other key signs that they are not performing at the level expected of them.

    What to look for:
    • PM data/performance-related assessments
    • Continual absences
    • Decreased quality or quantity of output
    • Frequent excuses (e.g. repeated internet outages)
    • Lack of effort or follow-through
    • Missed deadlines
    • Poor communication or lack of responsiveness
    • Failure to improve
    It’s crucial to acknowledge an employee might have an “off week” or need time to adjust to working from home, which can be addressed with performance management techniques. Managers should move into the process for performance improvement when:
    • Performance fluctuates frequently or significantly.
    • Performance has dropped for an extended period of time.
    • Expectations are consistently not being met.

    While it’s important for managers to keep an eye out for decreased performance, discourage them from over-monitoring employees, as this can lead to a damaging environment of distrust.

    Support managers in initiating performance conversations and uncovering root causes

    1

    Identify

    2

    Initiate

    3

    Deploy

    4

    a) Follow Up
    b) Decide
    Initiate: Require that managers have several conversations about low performance with the employee.
    Before using more formal measures, ensure managers take responsibility for connecting with the employee to have an initial performance conversation where they will make the performance issue known and try to diagnose the root cause of the issue.

    Coach managers to recognize behaviors associated with the following performance inhibitors:

    Personal Factors

    Personal factors, usually outside the workplace, can affect an employee’s performance.

    Lack of clarity

    Employees must be clear on performance expectations before they can be labeled as a poor performer.

    Low motivation

    Lack of motivation to complete work can impact the quality of output and/or amount of work an employee is completing.

    Inability

    Resourcing, technology, organizational change, or lack of skills to do the job can all result in the inability of an employee to perform at their best.

    Poor people skills

    Problematic people skills, externally with clients or internally with colleagues, can affect an employee’s performance or the team’s engagement.

    Personal factors are a common performance inhibitor due to emergency WFH measures. The decreased divide between work and home life and the additional stresses of the pandemic can bring up new cases of poor performance or exacerbate existing ones. Remind managers that all potential root causes should still be investigated rather than assuming personal factors are the problem and emphasize that there can be more than one cause.

    Ensure managers continue to conduct frequent performance conversations

    Once an informal conversation has been initiated, the manager should schedule frequent one-on-one performance conversations (above and beyond performance management check-ins).

    1

    Identify

    2

    Initiate

    3

    Deploy

    4

    a) Follow Up
    b) Decide
    Explain to managers the purpose of these discussions is to:
    • Continue to probe for root causes.
    • Reinforce role expectations and performance targets.
    • Follow up on any improvements.
    • Address the performance issue and share relevant resources (e.g. HR or employee assistance program [EAP]).
    Given these conversations will be remote, require managers to:
    • Use video whenever possible to read physical cues and body language.
    • Bookend the conversation. Starting each meeting by setting the context for the discussion and finishing with the employee reiterating the key takeaways back will ensure there are no misunderstandings.
    • Document the conversation and share with HR. This provides evidence of the conversations and helps hold managers accountable.
    What is HR’s role? HR should ensure that the manager has had multiple conversations with the employee before moving to the next step. Furthermore, HR is responsible for ensuring manages are equipped to have the conversations through coaching, role-playing, etc.

    For more information on the content of these conversations or for material to leverage for training purposes, see Manage Poor Performance While Working From Home: Manager Guide.

    McLean & Company Insight

    Managers are there to be coaches, not therapists. Uncovering the root cause of poor performance will allow managers to pinpoint supports needed, either within their expertise (e.g. coaching, training, providing flexible hours) or by directing the employee to proper external resources such as an EAP.

    Help managers use formal performance improvement tools with remote workers

    1

    Identify

    2

    Initiate

    3

    Deploy

    4

    a) Follow Up
    b) Decide
    Deploy: Use performance improvement tools.
    If initial performance conversations were unsuccessful and performance does not improve, refer managers to performance improvement tools:
    • Suggest any other available support and resources they have not yet recommended (e.g. EAP).
    • Explore options for co-creation of a development plan to increase employee buy-in. If the manager has been diligent about clarifying role expectations, invite the employee to put together their own action plan for meeting performance goals. This can then be reviewed and finalized with the manager.
    • Have the manager use a formal PIP for development and to get the employee back on track. Review the development plan or PIP with the manager before they share it with the employee to ensure it is clear and has time bound, realistic goals for improvement.
    Using a PIP solely to avoid legal trouble and terminate employees isn’t true to its intended purpose. This is what progressive discipline is for.In the case of significant behavior problems, like breaking company rules or safety violations, the manager will likely need to move to progressive discipline. HR should advise managers on the appropriate process.

    When does the issue warrant progressive discipline? If the action needs to stop immediately, (e.g. threatening or inappropriate behavior) and/or as outlined in the collective agreement.

    Clarify remote PIP stages and best practices

    1

    Identify

    2

    Initiate

    3

    Deploy

    4

    a) Follow Up
    b) Decide
    Sample Stages:
    1. Written PIP
    • HR reviews and signs off on PIP
    • Manager holds meeting to provide employee with PIP
    • Employee reviews the PIP
    • Manager and employee provide e-signatures
    • Signed PIP is given to HR
    2. Possible Extension
    3. Final Notice
    • Manager provides employee with final notice if there has been no improvement in agreed time frame
    • Copy of signed final notice letter given to HR

    Who is involved?

    The manager runs the meeting with the employee. HR should act as a support by:

    • Ensuring the PIP is clear, aligned with the performance issue, and focused on development, prior to the meeting.
    • Pointing to resources and making themselves available prior to, during, and after the meeting.
      • When should HR be involved? HR should be present in the meeting if the manager has requested it or if the employee has approached HR beforehand with concerns about the manager. Keep in mind that if the employee sees HR has been unexpectedly invited to the video call, it could add extra stress for them.
    • Reviewing documentation and ensuring expectations and the action plan are reasonable and realistic.

    Determine the length of the PIP

    • The length of the initial PIP will often depend on the complexity of the employee’s role and how long it will reasonably take to see improvements. The minimum (before a potential extension) should be 30-60 days.
    • Ensure the action plan takes sustainment into account. Employees must be able to demonstrate improvement and sustain improved performance in order to successfully complete a PIP.

    Timing of delivery

    Help the manager determine when the PIP meeting will occur (what day, time of day). Take into account the schedule of the employee they will be meeting with (e.g. avoid scheduling right before an important client call).

    1

    Identify

    2

    Initiate

    3

    Deploy

    4

    a) Follow Up
    b) Decide

    Follow up: If the process escalated to step 3 and is successful.

    What does success look like? Performance improvement must be sustained after the PIP is completed. It’s not enough to simply meet performance improvement goals and expectations; the employee must continue to perform.

    Have the manager schedule a final PIP review with the employee. Use video, as this enables the employee and manager to read body language and minimize miscommunication/misinterpretation.

    • If performance expectations have been met, instruct managers to document this in the PIP, inform the employee they are off the PIP, and provide it to HR.

    The manager should also continue check-ins with the employee to ensure sustainment and as part of continued performance management.

    • Set a specific timeline, e.g. every two weeks or every month. Choose a cadence that works best for the manager and employee.

    OR

    Decide: Determine action steps if the process is unsuccessful.

    If at the end of step 3 performance has not sufficiently improved, the organization (HR and the manager) should either determine if the employee could/should be temporarily redeployed while the emergency WFH is still in place, if a permanent transfer to a role that is a better fit is an option, or if the employee should be let go.

    See the Complete Manual for COVID-19 Layoffs blueprint for information on layoffs in remote environments.

    Managers, HR, and employees all have a role to play in performance improvement

    Managers
    • Identify the outcomes the organization is looking for and clearly outline and communicate the expectations for the employee’s performance.
    • Diagnose root cause(s) of the performance issue.
    • Support employee through frequent conversations and feedback.
    • Coach for improved performance.
    • Visibly recognize and broadcast employee achievements.
    Employees
    • Have open and honest conversations with their manager, acknowledge their accountability, and be receptive to feedback.
    • Set performance goals to meet expectations of the role.
    • Prepare for frequent check-ins regarding improvement.
    • Seek support from HR as required.
    HR
    • Provide managers with a process, training, and support to improve employee performance.
    • Coach managers to ensure employees have been made aware of their role expectations and current performance and given specific recommendations on how to improve.
    • Reinforce the process for improving employee performance to ensure that adequate coaching conversations have taken place before the formal PIP.
    • Coach employees on how to approach their manager to discuss challenges in meeting expectations.

    HR should conduct checkpoints with both managers and employees in cases where a formal PIP was initiated to ensure the process for performance improvement is being followed and to support both parties in improving performance.

    Email templates

    Use the templates found on the next slides to draft communications to employees who are underperforming while working from home.

    Customize all templates with relevant information and use them as a guide to further tailor your communication to a specific employee.

    Customization Recommendations

    Review all slides and adjust the language or content as needed to suit the needs of the employee, the complexity of their role, and the performance issue.

    • The pencil icon to the left denotes slides requiring customization of the text. Customize text in grey font and be sure to convert all font to black when you are done.

    Included Templates

    1. Performance Discussion Follow-Up
    2. PIP Cover Letter

    This template is not a substitute for legal advice. Ensure you consult with your legal counsel, labor relations representative, and union representative to align with collective agreements and relevant legislation.

    Sample Performance Discussion Follow-Up

    Hello [name],

    Thank you for the commitment and eagerness in our meeting yesterday.

    I wanted to recap the conversation and expectations for the month of [insert month].

    As discussed, you have been advised about your recent [behavior, performance, attendance, policy, etc.] where you have demonstrated [state specific issue with detail of behavior/performance of concern]. As per our conversation, we’ll be working on improvement in this area in order to meet expectations set out for our employees.

    It is expected that employees [state expectations]. Please do not hesitate to reach out to me if there is further clarification needed or you if you have any questions or concerns. The management team and I are committed to helping you achieve these goals.

    We will do a formal check-in on your progress every [insert day] from [insert time] to review your progress. I will also be available for daily check-ins to support you on the right track. Additionally, you can book me in for desk-side coaching outside of my regular desk-side check-ins. If there is anything else I can do to help support you in hitting these goals, please let me know. Other resources we discussed that may be helpful in meeting these objectives are [summarize available support and resources]. By working together through this process, I have no doubt that you can be successful. I am here to provide support and assist you through this.

    If you’re unable to show improvements set out in our discussion by [date], we will proceed to a formal performance measure that will include a performance improvement plan. Please let me know if you have any questions or concerns; I am here to help.

    Please acknowledge this email and let me know if you have any questions.

    Thank you,

    PIP Cover Letter

    Hello [name] ,

    This is to confirm our meeting on [date] in which we discussed your performance to date and areas that need improvement. Please find the attached performance improvement plan, which contains a detailed action plan that we have agreed upon to help you meet role expectations over the next [XX days]. The aim of this plan is to provide you with a detailed outline of our performance expectations and provide you the opportunity to improve your performance, with our support.

    We will check in every [XX days] to review your progress. At the end of the [XX]-day period, we will review your performance against the role expectations set out in this performance improvement plan. If you don’t meet the performance requirements in the time allotted, further action and consequences will follow.

    Should you have any questions about the performance improvement plan or the process outlined in this document, please do not hesitate to discuss them with me.

    [Employee name], it is my personal objective to help you be a fully productive member of our team. By working together through this performance improvement plan, I have no doubt that you can be successful. I am here to provide support and assist you through the process. At this time, I would also like to remind you about the [additional resources available at your organization, for example, employee assistance program or HR].

    Please acknowledge this email and let me know if you have any questions.

    Thank you,

    Prepare and customize manager guide and resources

    Sample of Manage Poor Performance While Working From Home: Manager Guide. Manage Poor Performance While Working From Home: Manager Guide

    This tool for managers provides advice on navigating the process and focuses on the content of remote performance discussions.

    Sample of Set Meaningful Employee Performance Measures. Set Meaningful Employee Performance Measures

    See this blueprint for information on setting holistic measures to inspire employee performance.

    Sample of Manage Poor Performance While Working From Home: Infographic. Manage Poor Performance While Working From Home: Infographic

    This tool illustrates the high-level steps of the performance improvement process.

    Sample of Wellness and Working From Home: Infographic. Wellness and Working From Home: Infographic

    This tool highlights tips to manage physical and mental health while working from home.

    Sample of Build a Better Manager: Team Essentials. Build a Better Manager: Team Essentials

    See this solution set for more information on kick-starting the effectiveness of first-time IT managers with essential management skills.

    Sample of Leverage Agile Goal Setting for Improved Employee Engagement & Performance. Leverage Agile Goal Setting for Improved Employee Engagement & Performance

    See this blueprint for information on dodging the micromanaging foul and scoring with agile short-term goal setting.

    Bibliography

    Arringdale, Chris. “6 Tips For Managers Trying to Overcome Performance Appraisal Anxiety.” TLNT. 18 September 2015. Accessed 2018.

    Borysenko, Karlyn. “What Was Management Thinking? The High Cost of Employee Turnover.” Talent Management and HR. 22 April 2015. Accessed 2018.

    Cook, Ian. “Curbing Employee Turnover Contagion in the Workplace.” Visier. 20 February 2018. Accessed 2018.

    Cornerstone OnDemand. Toxic Employees in the Workplace. Santa Monica, California: Cornerstone OnDemand, 2015. Web.

    Dewar, Carolyn and Reed Doucette. “6 elements to create a high-performing culture.” McKinsey & Company. 9 April 2018. Accessed 2018.

    Eagle Hill. Eagle Hill National Attrition Survey. Washington, D.C.: Eagle Hill, 2015. Web.

    ERC. “Performance Improvement Plan Checklist.” ERC. 21 June 2017. Accessed 2018.

    Foster, James. “The Impact of Managers on Workplace Engagement and Productivity.” Interact. 16 March 2017. Accessed 2018.

    Godwins Solicitors LLP. “Employment Tribunal Statistics for 2015/2016.” Godwins Solicitors LLP. 8 February 2017. Accessed 2018.

    Mankins, Michael. “How to Manage a Team of All-Stars.” Harvard Business Review. 6 June 2017. Accessed 2018.

    Maxfield, David, et al. The Value of Stress-Free Productivity. Provo, Utah: VitalSmarts, 2017. Web.

    Murphy, Mark. “Skip Your Low Performers When Starting Performance Appraisals.” Forbes. 21 January 2015. Accessed 2018.

    Quint. “Transforming into a High Performance Organization.” Quint Wellington Redwood. 16 November 2017. Accessed 2018.

    Ranosa, Rachel. "COVID -19: Canadian Productivity Booms Despite Social Distancing." Human Resources Director, 14 April 2020. Accessed 2020.

    Application Portfolio Management

    • Buy Link or Shortcode: {j2store}28|cart{/j2store}
    • Related Products: {j2store}28|crosssells{/j2store}
    • member rating overall impact: 9.1/10
    • member rating average dollars saved: $81,275
    • member rating average days saved: 20
    • Parent Category Name: Applications
    • Parent Category Link: /applications

    The challenge

    • The chances are that you, too, have too many or far too many applications in your organization. You will not be alone. Almost 60% of companies report the same issue. 
    • That is due to poorly managed portfolios.
    • Your application managers now need to support too many non-critical applications, and they spend insufficient time on the vital applications.
    • You can rarely find the required pieces to rationalize your portfolio in one place. You will need to find the resources and build a team.
    • The lack of standard practices to define the value that each application in a portfolio provides to the company causes misalignments.

    Our advice

    Insight

    • There is no silver bullet solution. Going too rigid in your approach causes delays in value realization through application portfolio management. It may even prevent this altogether. Define flexible inputs to your portfolio and align closely with your business goals.

    Impact and results 

    • Define the outputs of your application rationalization effort, with clear roles and responsibilities.
    • Tailor the application rationalization framework (ARF) to your company's motivations, goals, and limitations.
    • Apply various application assessments to build a clear picture of your portfolio.
    • Build an application portfolio roadmap that shows your target state based on your rationalization decisions.

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Get started

    Our concise executive brief shows you why you should rationalize your application portfolio using a tailored framework for your company. We'll show you our methodology and the ways we can help you in handling this.

    Lay the foundations

    Define why you want to rationalize your application portfolio. Define the end state and scope. Build your action plan.

    • Build an Application Rationalization Framework – Phase 1: Lay Your Foundations (ppt)
    • Application Rationalization Tool (xls)

    Plan the application rationalization framework

    Understand what the core assessments are that you perform in these rationalizations. Define your framework and how rigorous you want to apply the reviews based on your business context.

    • Build an Application Rationalization Framework – Phase 2: Plan Your Application Rationalization Framework (ppt)

    Test and adapt your application rationalization framework (ARF)

    Our tool allows you to test the elements of your ARF. Then do a retrospective and adapt based on your experience and desired outcomes. 

    • Build an Application Rationalization Framework – Phase 3: Test and Adapt Your Application Rationalization Framework (ppt)
    • Application TCO Calculator (xls)
    • Value Calculator (xls)

    Initiate your roadmap

    Review your dispositions to ensure they align with your goals. 

    • Build an Application Rationalization Framework – Phase 4: Initiate Your Roadmap (ppt)
    • Disposition Prioritization Tool (xls)

     

    Enterprise Network Design Considerations

    • Buy Link or Shortcode: {j2store}502|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Network Management
    • Parent Category Link: /network-management

    Security, risk, and trust models play into how networks are designed and deployed. If these models are not considered during network design, band-aids and workarounds will be deployed to achieve the needed goals, potentially bypassing network controls.

    Our Advice

    Critical Insight

    The cloud “gold rush” has made it attractive for many enterprises to migrate services off the traditional network and into the cloud. These services are now outside of the traditional network and associated controls. This shifts the split of east-west vs. north-south traffic patterns, as well as extending the network to encompass services outside of enterprise IT’s locus of control.

    Impact and Result

    Where users access enterprise data or services and from which devices dictate the connectivity needed. With the increasing shift of work that the business is completing remotely, not all devices and data paths will be under the control of IT. This shift does not allow IT to abdicate from the responsibility to provide a secure network.

    Enterprise Network Design Considerations Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Enterprise Network Design Considerations Deck – A brief deck that outlines key trusts and archetypes when considering enterprise network designs.

    This blueprint will help you:

    • Enterprise Network Design Considerations Storyboard

    2. Enterprise Network Roadmap Technology Assessment Tool – Build an infrastructure assessment in an hour.

    Dispense with detailed analysis and customizations to present a quick snapshot of the road ahead.

    • Enterprise Network Roadmap Technology Assessment Tool
    [infographic]

    Further reading

    Enterprise Network Design Considerations

    It is not just about connectivity.

    Executive Summary

    Info-Tech Insight

    Connectivity and security are tightly coupled

    Security, risk, and trust models play into how networks are designed and deployed. If these models are not considered during network design, band-aids and workarounds will be deployed to achieve the needed goals, potentially bypassing network controls.

    Many services are no longer within the network

    The cloud “gold rush” has made it attractive for many enterprises to migrate services off the traditional network and into the cloud. These services are now outside of the traditional network and associated controls. This shifts the split of east-west vs. north-south traffic patterns, as well as extending the network to encompass services outside of enterprise IT’s locus of control.

    Users are demanding an anywhere, any device access model

    Where users access enterprise data or services and from which devices dictate the connectivity needed. With the increasing shift of work that the business is completing remotely, not all devices and data paths will be under the control of IT. This shift does not allow IT to abdicate from the responsibility to provide a secure network.

    Enterprise networks are changing

    The new network reality

    The enterprise network of 2020 and beyond is changing:

    • Services are becoming more distributed.
    • The number of services provided “off network” is growing.
    • Users are more often remote.
    • Security threats are rapidly escalating.

    The above statements are all accurate for enterprise networks, though each potentially to differing levels depending on the business being supported by the network. Depending on how affected the network in question currently is and will be in the near future, there are different common network archetypes that are best able to address these concerns while delivering business value at an appropriate price point.

    High-Level Design Considerations

    1. Understand Business Needs
    2. Understand what the business needs are and where users and resources are located.

    3. Define Your Trust Model
    4. Trust is a spectrum and tied tightly to security.

    5. Align With an Archetype
    6. How will the network be deployed?

    7. Understand Available Tooling
    8. What tools are in the market to help achieve design principles?

    Understand business needs

    Mission

    Never ignore the basics. Start with revisiting the mission and vision of the business to address relevant needs.

    Users

    Identify where users will be accessing services from. Remote vs. “on net” is a design consideration now more than ever.

    Resources

    Identify required resources and their locations, on net vs. cloud.

    Controls

    Identify required controls in order to define control points and solutions.

    Define a trust model

    Trust is a spectrum

    • There is a spectrum of trust, from fully trusted to not trusted at all. Each organization must decide for their network (or each area thereof) the appropriate level of trust to assign.
    • The ease of network design and deployment is directly proportional to the trust spectrum.
    • When resources and users are outside of direct IT control, the level of appropriate trust should be examined closely.

    Implicit

    Trust everything within the network. Security is perimeter based and designed to stop external actors from entering the large trusted zone.

    Controlled

    Multiple zones of trust within the network. Segmentation is a standard practice to separate areas of higher and lower trust.

    Zero

    Verify trust. The network is set up to recognize and support the principle of least privilege where only required access is supported.

    Align with an archetype

    Archetypes are a good guide

    • Using a defined archetype as a guiding principle in network design can help clarify appropriate tools or network structures.
    • Different aspects of a network can have different archetypes where appropriate (e.g. IT vs. OT [operational technology] networks).

    Traditional

    Services are provided from within the traditional network boundaries and security is provided at the network edge.

    Hybrid

    Services are provided both externally and from within the traditional network boundaries, and security is primarily at the network edge.

    Inverted

    Services are provided primarily externally, and security is cloud centric.

    Traditional networks

    Resources within network boundaries

    Moat and castle security perimeter

    Abstract

    A traditional network is one in which there are clear boundaries defined by a security perimeter. Trust can be applied within the network boundaries as appropriate, and traffic is generally routed through internally deployed control points that may be centralized. Traditional networks commonly include large firewalls and other “big iron” security and control devices.

    Network Design Tenets

    • The full network path from resource to user is designed, deployed, and controlled by IT.
    • Users external to the network must first connect to the network to gain access to resources.
    • Security, risk, and trust controls will be implemented by internal enterprise hardware/software devices.

    Control

    In the traditional network, it is assumed that all required control points can be adequately deployed across hardware/software that is “on prem” and under the control of central IT.

    Info-Tech Insight

    With increased cloud services provided to end users, this network is now more commonly used in data centers or OT networks.

    Traditional networks

    The image contains an example of what traditional networks look like, as described in the text below.

    Defining Characteristics

    • Traffic flows in a defined path under the control of IT to and from central IT resources.
    • Due to visibility into, and the control of, the traffic between the end user and resources, IT can relatively simply implement the required security controls on owned hardware.

    Common Components

    • Traditional offices
    • Remote users/road warriors
    • Private data center/colocation space

    Hybrid networks

    Resources internal and external to network

    Network security perimeter combined with cloud protection

    Abstract

    A hybrid network is one that combines elements of a traditional network with cloud resources. As some of these resources are not fully under the control of IT and may be completely “offnet” or loosely coupled to the on-premises network, the security boundaries and control points are less likely to be centralized. Hybrid networks allow the flexibility and speed of cloud deployment without leaving behind traditional network constructs. This generally makes them expensive to secure and maintain.

    Network Design Tenets

    • The network path from resource to user may not be in IT’s locus of control.
    • Users external to the network must first connect to the network to gain access to internal resources but may directly access publicly hosted ones.
    • Security, risk, and trust controls may potentially be implemented by a mixture of internal enterprise hardware/software devices and external control points.

    Control

    The hallmark of a hybrid network is the blending of public and private resources. This blending tends to necessitate both public and private points of control that may not be homogenous.

    Info-Tech Insight

    With multiple control points to address, take care in simplifying designs while addressing all concerns to ease operational load.

    Hybrid networks

    The image contains an example of what hybrid networks look like, as described in the text below.

    Defining Characteristics

    • Traffic flows to central resources across a defined path under the control of IT.
    • Traffic to cloud assets may be partially under the control of IT.
    • For central resources, the traffic to and from the end user can have the required security controls relatively simply implemented on owned hardware.
    • For public cloud assets, IT may or may not have some control over part of the path.

    Common Components

    • Traditional offices
    • Remote users/road warriors
    • Private data center/colocation space
    • Public cloud assets (IaaS/PaaS/SaaS)

    Inverted perimeter

    Resources primarily external to the network

    Security control points are cloud centric

    Abstract

    An inverted perimeter network is one in which security and control points cover the entire workflow, on or off net, from the consumer of services through to the services themselves with zero trust. Since the control plane is designed to encompass the workflow in a secure manner, much of the underlying connectivity can be abstracted. In an extreme version of this deployment, IT would abstract end-user access, and any cloud-based or on-premises resources would be securely published through the control plane with context-aware precision access.

    Network Design Tenets

    • The network path from resource to user is abstracted and controlled by IT through services like secure access service edge (SASE).
    • Users only need internet access and appropriate credentials to gain access to resources.
    • Security, risk, and trust controls will be implemented through external cloud based services.

    Control

    An inverted network abstracts the lower-layer connectivity away and focuses on implementing a cloud-based zero trust control plane.

    Info-Tech Insight

    This model is extremely attractive for organizations that consume primarily cloud services and have a large remote work force.

    Inverted networks

    The image contains an example of what inverted networks look like, as described in the text below.

    Defining Characteristics

    • The end user does not have to be in a defined location.
    • All central resources that are to be accessed are hosted on cloud resources.
    • IT has little to no control of the path between the end user and central resources.

    Common Components

    • Traditional offices
    • Regent offices/shared workspaces
    • Remote users/road warriors
    • Public cloud assets (IaaS/PaaS/SaaS)

    Understand available tooling

    Don’t buy a hammer and go looking for nails

    • A network archetype must be defined in order to understand what tools (hardware or software) are appropriate for consideration in a network build or refresh.
    • Tools are purpose built and generally designed to solve specific problems if implemented and operated correctly. Choose the tools to align with the challenges that you are solving as opposed to choosing tools and then trying to use those purchases to overcome challenges.
    • The purchase of a tool does not allow for abdication of proper design. Tools must be chosen appropriately and integrated properly to orchestrate the best solutions. Purchasing a tool and expecting the tool to solve all your issues rarely succeeds.

    “It is essential to have good tools, but it is also essential that the tools should be used in the right way.” — Wallace D. Wattles

    Software-defined WAN (SD-WAN)

    Simplified branch office connectivity

    Archetype Value: Traditional Networks

    What It Is Not

    SD-WAN is generally not a way to slash spending by lowering WAN circuit costs. Though it is traditionally deployed across lower cost access, to minimize risk and realize the most benefits from the platform many organizations install multiple circuits with greater bandwidths at each endpoint when replacing the more costly traditional circuits. Though this maximizes the value of the technology investment, it will result in the end cost being similar to the traditional cost plus or minus a small percentage.

    What It Is

    SD-WAN is a subset of software-defined networking (SDN) designed specifically to deploy a secure, centrally managed, connectivity agnostic, overlay network connecting multiple office locations. This technology can be used to replace, work in concert with, or augment more traditional costly connectivity such as MPLS or private point to point (PtP) circuits. In addition to the secure overlay, SD-WAN usually also enables policy-based, intelligent controls, based on traffic and circuit intelligence.

    Why Use It

    You have multiple endpoint locations connected by expensive lower bandwidth traditional circuits. Your target is to increase visibility and control while controlling costs if and where possible. Ease of centralized management and the ability to more rapidly turn up new locations are attractive.

    Cloud access security broker (CASB)

    Inline policy enforcement placed between users and cloud services

    Archetype Value: Hybrid Networks

    What It Is Not

    CASBs do not provide network protection; they are designed to provide compliance and enforcement of rules. Though CASBs are designed to give visibility and control into cloud traffic, they have limits to the data that they generally ingest and utilize. A CASB does not gather or report on cloud usage details, licencing information, financial costing, or whether the cloud resource usage is aligned with the deployment purpose.

    What It Is

    A CASB is designed to establish security controls beyond a company’s environment. It is commonly deployed to augment traditional solutions to extend visibility and control into the cloud. To protect assets in the cloud, CASBs are designed to provide central policy control and apply services primarily in the areas of visibility, data security, threat protection, and compliance.

    Why Use It

    You a mixture of on-premises and cloud assets. In moving assets out to the cloud, you have lost the traditional controls that were implemented in the data center. You now need to have visibility and apply controls to the usage of these cloud assets.

    Secure access service edge (SASE)

    Convergence of security and service access in the cloud

    Archetype Value: Inverted Networks

    What It Is Not

    Though the service will consist of many service offerings, SASE is not multiple services strung together. To present the value proposed by this platform, all functionality proposed must be provided by a single platform under a “single pane of glass.” SASE is not a mature and well-established service. The market is still solidifying, and the full-service definition remains somewhat fluid.

    What It Is

    SASE exists at the intersection of network-as-a-service and network-security-as-a-service. It is a superset of many network and security cloud offerings such as CASB, secure web gateway, SD-WAN, and WAN optimization. Any services offered by a SASE provider will be cloud hosted, presented in a single stack, and controlled through a single pane of glass.

    Why Use It

    Your network is inverting, and services are provided primarily as cloud assets. In a full realization of this deployment’s value, you would abstract how and where users gain initial network access yet remain in control of the communications and data flow.

    Activity

    Understand your enterprise network options

    Activity: Network assessment in an hour

    • Learn about the Enterprise Network Roadmap Technology Assessment Tool
    • Complete the Enterprise Network Roadmap Technology Assessment Tool

    This activity involves the following participants:

    • IT strategic direction decision makers.
    • IT managers responsible for network.
    • Organizations evaluating platforms for mission critical applications.

    Outcomes of this step:

    • Completed Enterprise Network Roadmap Technology Assessment Tool

    Info-Tech Insight

    Review your design options with security and compliance in mind. Infrastructure is no longer a standalone entity and now tightly integrates with software-defined networks and security solutions.

    Build an assessment in an hour

    Learn about the Enterprise Network Roadmap Technology Assessment Tool.

    This workbook provides a high-level analysis of a technology’s readiness for adoption based on your organization’s needs.

    • The workbook then places the technology on a graph that measures both the readiness and fit for your organization. In addition, it provides warnings for specific issues and lets you know if you have considerable uncertainty in your answers.
    • At a glance you can now communicate what you are doing to help the company:
      • Grow
      • Save money
      • Reduce risk
    • Regardless of your specific audience, these are important stories to be able to tell.
    The image contains three screenshots from the Enterprise Network Roadmap Technology Assessment Tool.

    Build an assessment in an hour

    Complete the Enterprise Network Roadmap Technology Assessment Tool.

    Dispense with detailed analysis and customizations to present a quick snapshot of the road ahead.

    1. Weightings: Adjust the Weighting tab to meet organizational needs. The provided weightings for the overall solution areas are based on a generic firm; individual firms will have different needs.
    2. Data Entry: For each category, answer the questions for the technology you are considering. When you have completed the questionnaire, go to the next tab for the results.
    3. Results: The Enterprise Network Roadmap Technology Assessment Tool provides a value versus readiness assessment of your chosen technology customized to your organization.

    The image contains three screenshots from the Enterprise Network Roadmap Technology Assessment Tool. It has a screenshot for each step as described in the text above.

    Related Info-Tech Research

    Effectively Acquire Infrastructure Services

    Acquiring a service is like buying an experience. Don’t confuse the simplicity of buying hardware with buying an experience.

    Outsource IT Infrastructure to Improve System Availability, Reliability, and Recovery

    There are very few IT infrastructure components you should be housing internally – outsource everything else.

    Build Your Infrastructure Roadmap

    Move beyond alignment: Put yourself in the driver’s seat for true business value.

    Drive Successful Sourcing Outcomes With a Robust RFP Process

    Leverage your vendor sourcing process to get better results.

    Research Authors

    The image contains a photo of Scott Young.

    Scott Young, Principal Research Advisor, Info-Tech Research Group

    Scott Young is a Director of Infrastructure Research at Info-Tech Research Group. Scott has worked in the technology field for over 17 years, with a strong focus on telecommunications and enterprise infrastructure architecture. He brings extensive practical experience in these areas of specialization, including IP networks, server hardware and OS, storage, and virtualization.

    The image contains a photo of Troy Cheeseman.

    Troy Cheeseman, Practice Lead, Info-Tech Research Group

    Troy has over 24 years of experience and has championed large enterprise-wide technology transformation programs, remote/home office collaboration and remote work strategies, BCP, IT DRP, IT operations and expense management programs, international right placement initiatives, and large technology transformation initiatives (M&A). Additionally, he has deep experience working with IT solution providers and technology (cloud) startups.

    Bibliography

    Ahlgren, Bengt. “Design considerations for a network of information.” ACM Digital Library, 21 Dec. 2008.

    Cox Business. “Digital transformation is here. Is your business ready to upgrade your mobile work equation?” BizJournals, 1 April 2022. Accessed April 2022.

    Elmore, Ed. “Benefits of integrating security and networking with SASE.” Tech Radar, 1 April 2022. Web.

    Greenfield, Dave. “From SD-WAN to SASE: How the WAN Evolution is Progressing.” Cato Networks, 19 May 2020. Web

    Korolov, Maria. “What is SASE? A cloud service that marries SD-WAN with security.” Network World, 7 Sept. 2020. Web.

    Korzeniowski, Paul, “CASB tools evolve to meet broader set of cloud security needs.” TechTarget, 26 July 2019. Accessed March 2022.

    Drive Business Value With Off-the-Shelf AI

    • Buy Link or Shortcode: {j2store}205|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Business Intelligence Strategy
    • Parent Category Link: /business-intelligence-strategy
    • Understanding the impact of the machine learning/AI component that is built into most of the enterprise products and tools and its role in the implementation of the solution.
    • Understanding the most important aspects that the organization needs to consider while planning the implementation of the AI-powered product.

    Our Advice

    Critical Insight

    • Organizations are faced with multiple challenges trying to adopt AI solutions. Challenges include data issues, ethics and compliance considerations, business process challenges, and misaligned leadership goals.
    • When choosing the right product to meet business needs, organizations need to know what questions to ask vendors to ensure they fully understand the implications of buying an AI/ML product.
    • To guarantee the success of your off-the-shelf AI implementation and ensure it delivers value, you must start with a clear definition of the business case and an understanding of your data.

    Impact and Result

    To guarantee success of the off-the-shelf AI implementation and deliver value, in addition to formulating a clear definition of the business case and understanding of data, organizations should also:

    • Know what questions to ask vendors while evaluating AI-powered products.
    • Measure the impact of the project on business and IT processes.

    Drive Business Value With Off-the-Shelf AI Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Drive Business Value With Off-the-Shelf AI Deck – A step-by-step approach that will help guarantee the success of your Off-the-Shelf AI implementation and ensure it delivers business value

    Use this practical and actionable framework that will guide you through the planning of your Off-the-Shelf AI product implementation.

    • Drive Business Value With Off-the-Shelf AI Storyboard

    2. Off-the-Shelf AI Analysis – A tool that will guide the analysis and planning of the implementation

    Use this analysis tool to ensure the success of the implementation.

    • Off-the-Shelf AI Analysis

    Infographic

    Further reading

    Drive Business Value With Off-the-Shelf AI

    A practical guide to ensure return on your Off-the-Shelf AI investment

    Executive Summary

    Your Challenge
    • Understanding the impact of the machine learning/AI component that is built into most of the enterprise products and tools and its role in the implementation of the solution.
    • What are the most important aspects that organizations needs to consider while planning the implementation of the AI-powered product?
    Common Obstacles
    • Organizations are faced with multiple challenges trying to adopt an AI solution. Challenges include data issues, ethics and compliance considerations, business process challenges, and misaligned leadership goals.
    • When choosing the right product to meet business needs, organizations need to know what questions to ask vendors to ensure they fully understand the implications of buying an AI/ML product.
    Info-Tech’s Approach

    Info-Tech’s approach includes a framework that will guide organizations through the process of the Off-the-Shelf AI product selection.

    To guarantee success of the Off-the-Shelf AI implementation and deliver value, organization should start with clear definition of the business case and an understanding of data.

    Other steps include:

    • Knowing what questions to ask vendors to evaluate AI-powered products.
    • Measuring the impact of the project on your business and IT processes.
    • Assessing impact on the organization and ensure team readiness.

    Info-Tech Insight

    To guarantee the success of your Off-the-Shelf AI implementation and ensure it delivers value, you must start with a clear definition of the business case and an understanding of your data.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Getting value out of AI and machine learning investments

    92.1%

    of companies say they are achieving returns on their data and AI investments

    91.7%

    said they were increasing investments in data and AI

    26.0%

    of companies have AI systems in widespread production
    However, CIO Magazine identified nine main hurdles to AI adoption based on the survey results:
    • Data issues
    • Business process challenges
    • Implementation challenges and skill shortages
    • Costs of tools and development
    • Misaligned leadership goals
    • Measuring and proving business value
    • Legal and regulatory risks
    • Cybersecurity
    • Ethics
    • (Source: CIO, 2019)
    “Data and AI initiatives are becoming well established, investments are paying off, and companies are getting more economic value from AI.” (Source: NewVantage, 2022.)

    67% of companies are currently using machine learning, and 97% are using or planning to use it in the next year.” (Source: Deloitte, 2020)

    AI vs. ML

    Machine learning systems learn from experience and without explicit instructions. They learn patterns from data then analyze and make predictions based on past behavior and the patterns learned.

    Artificial intelligence is a combination of technologies and can include machine learning. AI systems perform tasks mimicking human intelligence such as learning from experience and problem solving. Most importantly, AI is making its own decisions without human intervention.

    The AI system can make assumptions, test these assumptions, and learn from the results.

    (Level of decision making required increases from left to right)
    Statistical Reasoning
    Infer relationships between variables

    Statistical models are designed to find relationships between variables and the significance of those relationships.

    Machine Learning:
    Making accurate predictions

    Machine learning is a subset of AI that discovers patterns from data without being explicitly programmed to do so.

    Artificial Intelligence
    Dynamic adaptation to novelty

    AI systems choose the optimal combination of methods to solve a problem. They make assumptions, reassess the model, and reevaluate the data.

    “Machine learning is the study of computer algorithms that improve automatically through experience.” (Tom Mitchell, 1997)

    “At its simplest form, artificial intelligence is a field, which combines computer science and robust datasets, to enable problem-solving.” (IBM, “What is artificial intelligence?”)

    Types of Off-the-Shelf AI products and solutions

    ML/AI-Powered Products Off-the-Shelf Pre-built and Pre-trained AI/ML Models
    • AI/ML capabilities built into the product and might require training as part of the implementation.
    • Off-the-Shelf ML/AI Models, pre-built, pre-trained, and pre-optimized for a particular task. For example, language models or image recognition models that can be used to speed up and simplify ML/AI systems development.
    Examples of OTS tools/products: Examples of OTS models:

    The data inputs for these models are defined, the developer has to conform to the provided schema, and the data outputs are usually fixed due to the particular task the OTS model is built to solve.

    Insight summary

    Overarching insight:

    To guarantee the success of your Off-the-Shelf AI implementation and ensure it delivers value, you must start with a clear definition of the business case and an understanding of your data.

    Business Goals

    Question the value that AI adds to the tool you are evaluating. Don’t go after the tool simply because it has an AI label attached to it. AI/ML capabilities might add little value but increase implementation complexity. Define the problem you are solving and document business requirements for the tool or a model.

    Data

    Know your data. Determine data requirements to:

    • Train the model during the implementation and development.
    • Run the model in production.

    People/Skills

    Define the skills required for the implementation and assemble the team that will support the project from requirements to deployment and support, through its entire lifecycle. Don’t forget about production support and maintenance.

    Choosing an AI-Powered Tool

    No need to reinvent the wheel and build a product you can buy, but be prepared to work around tool limitations, and make sure you understand the data and the model the tool is built on.

    Choosing an AI/ML Model

    Using Off-the-Shelf-AI models enables an agile approach to system development. Faster POC and validation of ideas and approaches, but the model might not be customizable for your requirements.

    Guaranteeing Off-the-Shelf AI Implementation Success

    Info-Tech Insight

    To guarantee the success of your Off-the-Shelf AI implementation and ensure it delivers value, you must start with a clear definition of the business case and an understanding of your data.

    Why do you need AI in your toolset?
    Business Goals

    Clearly defined problem statement and business requirements for the tool or a model will help you select the right solution that will deliver business value even if it does not have all the latest bells and whistles.

    Small chevron pointing right.
    Do you know the data required for implementation?
    Data

    Expected business outcome defines data requirements for implementation. Do you have the right data required to train and run the model?

    Large chevron pointing right.
    Is your organization ready for AI?
    People/Team/ Skills

    New skills and expertise are required through all phases of the implementation: design, build, deployment, support, and maintenance, as well as post-production support, scaling, and adoption.

    Data Architecture/ Infrastructure

    New tool or model will impact your cloud and integration strategy. It will have to integrate with the existing infrastructure, in the cloud or on prem.

    Large chevron pointing right.
    What questions do you need to ask when choosing the solution?
    Product/ Tool or Model Selection

    Do you know what model powers the AI tool? What data was used to train the tool and what data is required to run it? Ask the right questions.

    Small chevron pointing right.
    Are you measuring impact on your processes?
    Business and IT Processes

    Business processes need to be defined or updated to incorporate the output of the tool back into the business processes to deliver value.

    IT governance and support processes need to accommodate the new AI-powered tool.

    Small chevron pointing right.
    Realize and measure business value of your AI investment
    Value

    Do you have a clear understanding of the value that AI will bring to your organization?Optimization?Increased revenue?Operational efficiency?

    Introduction of Off-the-Shelf AI Requires a Strategic Approach

    Business Goals and Value Data People/Team/ Skills Infrastructure Business and IT Processes
    AI/ML–powered tools
    • Define a business problem that can be solved with either an AI-powered tool or an AI/ML pre-built model that will become part of the solution.
    • Define expectations and assumptions around the value that AI can bring.
    • Document business requirements for the tool or model.
    • Define the scope for a prototype or POC.
    • Define data requirements.
    • Define data required for implementation.
    • Determine if the required data can be acquired or captured/generated.
    • Document internal and external sources of data.
    • Validate data quality (define requirements and criteria for data quality).
    • Define where and how the data is stored and will be stored. Does it have to be moved or consolidated?
    • Define all stakeholders involved in the implementation and support.
    • Define skills and expertise required through all phases of the implementation: design, build, deployment, support, and maintenance.
    • Define skills and expertise required to grow AI practice and achieve the next level of adoption, scaling, and development of the tool or model POC.
    • Define infrastructure requirements for either Cloud, Software-as-a-Service, or on-prem deployment of a tool or model.
    • Define how the tool is integrated with existing systems and into existing infrastructure.
    • Determine the cost to deploy and run the tool/model.
    • Define processes that need to be updated to accommodate new functionality.
    • Define how the outcome of the tool or a model (e.g. predictions) are incorporated back into the business processes.
    • Define new business and IT processes that need to be defined around the tool (e.g. chatbot maintenance; analysis of the data generated by the tool).
    Off-the-shelf AI/ML pre-built models
    • Define the business metrics and KPIs to measure success of the implementation against.
    • Determine if there are requirements for a specific data format required for the tool or a model.
    • Determine if there is a need to classify/label the data (supervised learning).
    • Define privacy and security requirements.
    • Define requirements for employee training. This can be vendor training for a tool or platform training in the case of a pre-built model or service.
    • Define if ML/AI expertise is required.
    • Is the organization ready for ML/AI? Conduct an AI literacy survey and understand team’s concerns, fears, and misconceptions and address them.
    • Define requirements for:
      • Data migration.
      • Security.
      • AI/ML pipeline deployment and maintenance.
    • Define requirements for operation and maintenance of the tool or model.
    • Confirm infrastructure readiness.
    • How AI and its output will be used across the organization.

    Define Business Goals and Objectives

    Why do you need AI in your toolset? What value will AI deliver? Have a clear understanding of business benefits and the value AI delivers through the tool.

    • Define a business problem that can be solved with either an AI-powered tool or AI/ML pre-built model.
    • Define expectations and assumptions around the value that AI can bring.
    • Document business requirements for a tool or model.
    • Start with the POC or a prototype to test assumptions, architecture, and components of the solution.
    • Define business metrics and KPIs to measure success of the implementation.

    Info-Tech Insight

    Question the value that AI adds to the tool you are evaluating. Don’t go after the tool simply because it has an AI label attached to it. AI/ML capabilities might add little value but increase implementation complexity. Define the problem you are solving and document business requirements for the tool or a model.

    Venn diagram of 'Applied Artificial Intelligence (AAI)' with a larger circle at the top, 'Machine Learning (ML)', and three smaller ovals intersecting, 'Computer Vision', 'Natural Language Processing (NLP)', and 'Robotic Process Automation (RPA)'.

    AAI solutions and technologies are helping organizations make faster decisions and predict future outcomes such as:

    • Business process automation
    • Intelligent integration
    • Intelligent insights
    • Operational efficiency improvement
    • Increase revenue
    • Improvement of existing products and services
    • Product and process innovation

    1. Use Info-Tech’s Off-the-Shelf AI Analysis Tool to define business drivers and document business requirements

    2-3 hours
    Screenshot of the Off-the-Shelf AI Analysis Tool's Business Drivers tab, a table with columns 'AI/ML Tool or Model', 'Use Case', 'Business problem / goal for AI/ML use case', 'Description', 'Business Owner (Primary Stakeholder)', 'Priority', 'Stakeholder Groups Impacted', 'Requirements Defined? Yes/No', 'Related Data Domains', and 'KPIs'. Use the Business Drivers tab to document:
    • Business objectives of the initiative that might drive the AI/ML use case.
    • The business owner or primary stakeholder who will help to define business value and requirements.
    • All stakeholders who will be involved or impacted.
    • KPIs that will be used to assess the success of the POC.
    • Data required for the implementation.
    • Use the Business Requirements tab to document high-level requirements for a tool or model.
    • These requirements will be used while defining criteria for a tool selection and to validate if the tool or model meets your business goals.
    • You can use either traditional BRD format or a user story to document requirements.
    Screenshot of the Off-the-Shelf AI Analysis Tool's Business Requirements tab, a table with columns 'Requirement ID', 'Requirement Description / user story', 'Requirement Category', 'Stakeholder / User Role', 'Requirement Priority', and 'Complexity (point estimates)'.

    Download the Off-the-Shelf AI Analysis Tool

    1. Define business drivers and document business requirements

    Input

    • Strategic plan of the organization
    • Data strategy that defines target data capabilities required to support enterprise strategic goals
    • Roadmap of business and data initiatives to support target state of data capabilities

    Output

    • Prioritized list of business use cases where an AI-powered tool or AI/ML can deliver business value
    • List of high-level requirements for the selected use case

    Materials

    • Whiteboard/Flip Charts
    • Off-the-Shelf-AI Analysis Tool, “Business Drivers” and “Business Requirements” tabs

    Participants

    • CIO
    • Senior business and IT stakeholders
    • Data owner(s)
    • Data steward(s)
    • Enterprise Architect
    • Data Architect
    • Data scientist/Data analyst

    Understand data required for implementation

    Do you have the right data to implement and run the AI-powered tool or AI/ML model?

    Info-Tech Insight

    Know your data. Determine data requirements to:

    • Train the model during the implementation and development, and
    • Run the model in production
    AvailabilityArrow pointing rightQualityArrow pointing rightPreparationArrow pointing rightBias, Privacy, SecurityArrow pointing rightData Architecture
    • Define what data is required for implementation, e.g. customer data, financial data, product sentiment.
    • If the data is not available, can it be acquired, gathered, or generated?
    • Define the volume of data required for implementation and production.
    • If the model has to be trained, do you have the data required for training (e.g. dictionary of terms)? Can it be created, gathered, or acquired?
    • Document internal and external sources of data.
    • Evaluate data quality for all data sources based on the requirements and criteria defined in the previous step.
    • For datasets with data quality issues, determine if the data issues can be resolved (e.g. missing values are inferred). If not, can this issue be resolved by using other data sources?
    • Engage a Data Governance organization to address any data quality concerns.
    • Determine if there are requirements for a specific data format required for the tool or model.
    • Determine if there is a need to classify/label or tag the data. What are the metadata requirements?
    • Define whether or not the implementation team needs to aggregate or transform the data before it can be used.
    • Define privacy requirements, as these might affect the availability of the data for ML/AI.
    • Define data bias concerns and considerations. Do you have datasheets for datasets that will be used in this project? What datasets cannot be used to prevent bias?
    • What are the security requirements and how will they affect data storage, product selection, and infrastructure requirements for the tool and overall solution?
    • Define where and how the data is currently stored and will be stored.
    • Does it have to be migrated or consolidated? Does it have to be moved to the cloud or between systems?
    • Is a data lake or data warehouse a requirement for this implementation as defined by the solution architecture?

    2. Use Info-Tech’s Off-the-Shelf AI Analysis Tool to document data requirements

    2-3 hours

    Use the Data tab to document the following for each data source or dataset:
    • Data Domain – e.g. Customer data
    • Data Concept – e.g. Customer
    • Data Internally Accessible – Identify datasets that are required for the implementation even if the data might not be available internally. Work on determining if the data ca be acquired externally or collected internally.
    • Source System – define the primary source system for the data, e.g. Salesforce
    • Target System (if applicable) – Define if the data needs to be migrated/transferred. For example, you might use a datalake or data warehouse for the AI/ML solution or migrate data to the cloud.
    • Classification/Taxonomy/Ontology
    • Data Steward
    • Data Owner
    • Data Quality – Data quality indicator
    • Refresh Rate – Frequency of data refresh. Indicate if the data can be accessed in real time or near-real time

    Screenshot of the Off-the-Shelf AI Analysis Tool's Data tab, a spreadsheet table with the columns listed to the left and below.
    • Retention – Retention policy requirements
    • Compliance Requirements – Define if data has to comply with any of the regulatory requirements, e.g. GDPR
    • Privacy, Bias, and Ethics Considerations – Privacy Act, PIPEDA, etc. Identify if the dataset contains sensitive information that should be excluded from the model, such as gender, age, race etc. Indicate fairness metrics, if applicable.

    Download the Off-the-Shelf AI Analysis Tool

    2. Document data requirements

    Input

    • Documented business use cases from Step 1.
    • High-level business requirements from Step 1.
    • Data catalog, data dictionaries, business glossary
    • Data flows and data architecture

    Output

    • High-level data requirements
    • List of data sources and datasets that can be used for the implementation
    • Datasets that need to be collected or acquired externally

    Materials

    • Whiteboard/Flip Charts
    • Off-the-Shelf AI Analysis Tool, “Data” tab

    Participants

    • CIO
    • Business and IT stakeholders
    • Data owner(s)
    • Data steward(s)
    • Enterprise Architect
    • Data Architect
    • Data scientist/Data analyst

    Is Your Organization Ready for AI?

    Assess organizational readiness and define stakeholders impacted by the implementation. Build the team with the right skillset to drive the solution.

    • Implementation of the AI/ML-powered Off-the-Shelf Tool or an AI/ML model will require a team with a combination of skills through all phases of the project, from design of the solution to build, production, deployment, and support.
    • Document the skillsets required and determine the skills gap. Before you start hiring, depending on the role, you might find talent within the organization to join the implementation team with little to no training.
    • AI/ML resources that may be needed on your team driving AI implementation (you might consider bringing part-time resources to fill the gaps or use vendor developers) are:
      • Data Scientist
      • Machine Learning Engineer
      • Data Engineer
      • Data Architect
      • AI/ML Ops engineer
    • Define training requirements. Consider vendor training for a tool or platform.
    • Plan for future scaling and the growing of the solution and AI practice. Assess the need to apply AI in other business areas. Work with the team to analyze use cases and prioritize AI initiatives. As the practice grows, grow your team expertise.
    • Identify the stakeholders who will be affected by the AI implementation.
    • Work with them to understand and address any concerns, fears, or misconceptions around the role of AI and the consequences of bringing AI into the organization.
    • Develop a communication and change management plan to educate everyone within the organization on the application and benefits of using AI and machine learning.

    Info-Tech Insight:

    Define the skills required for the implementation and assemble the team that will support the project through its entire lifecycle. Don’t forget about production, support, and maintenance.

    3. Build your implementation team

    1-2 hours

    Input: Solution conceptual design, Current resource availability

    Output: Roles required for the implementation of the solution, Resources gap analysis, Training and hiring plan

    Materials: Whiteboard/Flip charts, Off-the-Shelf AI Analysis Tool, “People and Team” tab

    Participants: Project lead, HR, Enterprise Architect

    1. Review your solution conceptual design and define implementation team roles.
    2. Document requirements for each role.
    3. Review current org chart and job descriptions and identify skillset gaps. Draft an action plan to fill in the roles.
    4. Use Info-Tech’s Off-the-Shelf AI Analysis Tool's People and Team tab to document team roles for the entire implementation, including design, build/implement, deployment, support and maintenance, and future development.

    Screenshot of the Off-the-Shelf AI Analysis Tool's People and Team tab, a table with columns 'Design', 'Implement', 'Deployment', 'Support and Maintenance', and 'Future Development'.

    Download the Off-the-Shelf AI Analysis Tool

    Cloud, SaaS or On Prem – what are my options and what is the impact?

    Depending on the architecture of the solution, define the impact on the current infrastructure, including system integration, AI/ML pipeline deployment, maintenance, and data storage

    • Data Architecture: use the current data architecture to design the architecture for an AI-powered solution. Assess changes to the data architecture with the introduction of a new tool to make sure it is scalable enough to support the change.
    • Define infrastructure requirements for either Cloud, Software-as-a-Service, or on-prem deployment of a tool or model.
    • Define how the tool will be integrated with existing systems and into existing infrastructure.
    • Define requirements for:
      • Data migration and data storage
      • Security
      • AI/ML pipeline deployment, production monitoring, and maintenance
    • Define requirements for operation and maintenance of the tool or model.
    • Work with your infrastructure architect and vendor to determine the cost of deploying and running the tool/model.
    • Make a decision on the preferred architecture of the system and confirm infrastructure readiness.

    Download the Create an Architecture for AI blueprint

    4. Use Info-Tech’s Off-the-Shelf AI Analysis Tool to document infrastructure decisions

    2-3 hours

    Input: Solution conceptual design

    Output: Infrastructure requirements, Infrastructure readiness assessment

    Materials: Whiteboard/Flip charts, Off-the-Shelf AI Analysis Tool, “Infrastructure” tab

    Participants: Infrastructure Architect, Solution Architect, Enterprise Architect, Data Architect, ML/AI Ops Engineer

    1. Work with Infrastructure, Data, Solution, and Enterprise Architects to define your conceptual solution architecture.
    2. Define integration and storage requirements.
    3. Document security requirements for the solution in general and the data specifically.
    4. Define MLOps requirements and tools required for ML/AI pipeline deployment and production monitoring.
    5. Use Info-Tech’s Off-the-Shelf AI Analysis Tool's Infrastructure tab to document requirements and decisions around Data and Infrastructure Architecture.

    Screenshot of the Off-the-Shelf AI Analysis Tool's Infrastructure tab, a table with columns 'Cloud, SaaS or On-Prem', 'Data Migration Requirements', 'Data Storage Requirements', 'Security Requirements', 'Integrations Required', and 'AI/ML Pipeline Deployment and Maintenance Requirements'.

    Download the Off-the-Shelf AI Analysis Tool

    What questions do you need to ask vendors when choosing the solution?

    Take advantage of Info-Tech’s Rapid Application Selection Framework (RASF) to guide tool selection, but ask vendors the right questions to understand implications of having AI/ML built into the tool or a model

    Data Model Implementation and Integration Deployment Security and Compliance
    • What data (attributes) were used to train the model?
    • Do you have datasheets for the data used?
    • How was data bias mitigated?
    • What are the data labeling/classification requirements for training the model?
    • What data is required for production? E.g. volume; type of data, etc.
    • Were there any open-source libraries used in the model? If yes, how were vulnerabilities and security concerns addressed?
    • What algorithms are implemented in the tool/model?
    • Can model parameters be configured?
    • What is model accuracy?
    • Level of customization required for the implementation to meet our requirements.
    • Does the model require training? If yes, can you provide details? Can you estimate the effort required?
    • Integration capabilities and requirements.
    • Data migration requirements for tool operation and development.
    • Administrator console – is this functionality available?
    • Implementation timeframe.
    • Is the model or tool deployable on premises or in the cloud? Do you support hybrid cloud and multi-cloud deployment?
    • What cloud platforms are your product/model integrated with (AWS, Azure, GCP)?
    • What are the infrastructure requirements?
    • Is the model containerized/ scalable?
    • What product support and product updates are available?
    • Regulatory compliance (GDPR, PIPEDA, HIPAA, PCI DSS, CCPA, SOX, etc.)?
    • How are data security risks addressed?

    Use Info-Tech’s Off-the-Shelf AI Analysis Tool, “Vendor Questionnaire” tab to track vendor responses to these questions.

    Are you measuring impact on your processes?

    Make sure that you understand the impact of the new technology on the existing business and IT processes.

    And make sure your business processes are ready to take advantage of the benefits and new capabilities enabled by AI/ML.

    Process automation, optimization, and improvement enabled by the technology and AI/ML-powered tools allow organizations to reduce manual work, streamline existing business processes, improve customer satisfaction, and get critical insights to assist decision making.

    To take full advantage of the benefits and new capabilities enabled by the technology, make sure that business and IT processes reflect these changes:

    • Processes that need to be updated.
    • How the outcome of the tool or a model (e.g. predictions) is incorporated into the existing business processes and the processes that will monitor the accuracy of the outcome and monitor performance of the tool or model.
    • New business and IT processes that need to be defined for the tool (e.g. chatbot maintenance, analysis of the data generated by the tool, etc.).

    5. Document the Impact on Business and IT Processes

    2-3 hours

    Input: Solution design, Existing business and IT processes

    Output: Documented updates to the existing processes, Documented new business and IT processes

    Materials: Whiteboard/Flip charts, Off-the-Shelf AI Analysis Tool, “Business and IT Processes” tab

    Participants: Project lead, Business stakeholders, Business analyst

    1. Review current business processes affected by the implementation of the AI/ML- powered tool or model. Define the changes that need to be made. The changes might include simplification of the process due to automation of some of the steps. Some processes will need to be redesigned and some processes might become obsolete.
    2. Document high-level steps for any new processes that need to be defined around the AI/ML-powered tool. An example of such a process would be defining new IT and business processes to support a new chatbot.
    3. Use Info-Tech’s Off-the-Shelf AI Analysis Tool's Business and IT Processes tab, to document process changes.

    Screenshot of the Off-the-Shelf AI Analysis Tool's Business and IT Processes tab, a table with columns 'Existing business process affected', 'New business process', 'Stakeholders involved', 'Changes to be made', and 'New Process High-Level Steps'.

    Download the Off-the-Shelf AI Analysis Tool

    AI-powered Tools – Considerations

    PROS:
    • Enhanced functionality, allows the power of AI without specialized skills (e.g., Mathematica – recognizing patterns in data).
    • Might be a cheaper option compared to building a solution in-house (chatbot, for ex.).

    Info-Tech Insight:

    No need to reinvent the wheel and build the product you can buy, but be prepared to work around tool limitations, and make sure you understand the data and the model the tool is built on.

    CONS:
    • Dependency on the service provider.
    • The tool might not meet all the business requirements without customization.
    • Bias can be built into the tool:
      • Work with the vendor to understand what data was used to train the model.
      • From the perspective of ethics and bias, learn what model is implemented in the tool and what data attributes the model uses.

    Pre-built/pre-trained models – what to keep in mind when choosing

    PROS:
    • Lower cost and less time to development compared to creating and training models from scratch (e.g. using image recognition models or pre-trained language models like BERT).
    • If the pre-trained and optimized model perfectly fits your needs, the model accuracy might be high and sufficient for your scenario.
    • Off-the-Shelf AI models are useful for creating prototypes or POCs, for testing a hypothesis, and for validating ideas and requirements.
    • Usage of Off-the-Shelf models shortens the development cycle and reduces investment risks.
    • Language models are particularly useful if you don’t have data to train your own model (a “small data” scenario).
    • Infrastructure and model training cost reduction.
    CONS:
    • Might be a challenge to deploy and maintain the system in production.
    • Lack of flexibility: you might not be able to configure input or output parameters to your requirements. For example, a pre-built sentiment analysis model might return four values (“positive,” “negative,” “neutral,” and “mixed”), but your solution will require only two or three values.
    • Might be a challenge to comply with security and privacy requirements.
    • Compliance with privacy and fairness requirements and considerations: what data was used to pretrain the model?
    • If open-source libraries were used to create the model, how will vulnerabilities, risks, and security concerns be addressed?

    Info-Tech Insight:

    Using Off-the-Shelf AI models enables an agile approach to system development – faster POC and validation of ideas and approaches, but the model might not be customizable for your requirements.

    Metrics

    Metrics and KPIs for this project will depend on the business goals and objectives that you will identify in Step 1 of the tool selection process.

    Metrics might include:

    • Reduction of time spent on a specific business process. If the tool is used to automate certain steps of a business process, this metric will measure how much time was saved, in minutes/hours, compared to the process time before the introduction of the tool.
    • Accuracy of prediction. This metric would measure the accuracy of estimations or predictions compared to the same estimations done before the implementation of the tool. It can be measured by generating the same prediction or estimation using the AI-powered tool or using any methods used before the introduction of the tool and comparing the results.
    • Accuracy of the search results. If the AI-powered tool is a search engine, compare a) how much time it would take a user to find an article or a piece of content they were searching for using new tool vs. previous techniques, b) how many steps it took the user to locate the required article in the search results, and c) the location of the correct piece of content in the search result list (at the top of the search result list or on the tenth page).
    • Time spent on manual tasks and activities. This metric will measure how much time, in minutes/hours, is spent by the employees or users on manual tasks if the tool automates some of these tasks.
    • Reduction of business process steps (if the steps are being automated). To derive this metric, create a map of the business process before the introduction of the AI-powered tool and after, and determine if the tool helped to simplify the process by reducing the number of process steps.

    Bibliography

    Adryan, Boris. “Is it all machine learning?” Badryan, Oct. 20, 2015. Accessed Feb. 2022.

    “AI-Powered Data Management Platform.” Informatica, N.d. Accessed Feb 2022.

    Amazon Rekognition. “Automate your image and video analysis with machine learning.” AWS. N.d. Accessed Feb 2022.

    “Artificial Intelligence (AI).” IBM Cloud Education, 3 June 2020. Accessed Feb 2022.

    “Artificial intelligence (AI) vs machine learning (ML).” Microsoft Azure Documentation. Accessed Feb. 2022.

    “Avante Garde in the Realm of AI” SearchUnify Cognitive Platform. Accessed Feb 2022.

    “Azure Cognitive Services.” Microsoft. N.d. Accessed Feb 2022.

    “Becoming an AI-fueled organization. State of AI in the enterprise, 4th edition,” Deloitte, 2020. Accessed Feb. 2022.

    “Coveo Predictive Search.” Coveo, N.d. Accessed Feb 2022.

    ”Data and AI Leadership. Executive Survey 2022. Executive Summary of Findings.” NewVantage Partners. Accessed Feb 2022.

    “Einstein Discovery in Tableau.” Tableau, N.d. Accessed Feb 2022.

    Korolov, Maria. “9 biggest hurdles to AI adoption.” CIO, Feb 26, 2019. Accessed Feb 2022.

    Meel, Vidushi. “What Is Deep Learning? An Easy to Understand Guide.” visio.ai. Accessed Feb. 2022.

    Mitchell, Tom. “Machine Learning,” McGraw Hill, 1997.

    Stewart, Matthew. “The Actual Difference Between Statistics and Machine Learning.” Towards Data Science, Mar 24, 2019. Accessed Feb 2022.

    “Sentiment analysis with Cognitive Services.” Microsoft Azure Documentation. Accessed February 2022.

    “Three Principles for Designing ML-Powered Products.” Spotify Blog. Oct 2019, Accessed Feb 2022.

    “Video Intelligence API.” Google Cloud Platform. N.d. Accessed Feb 2022

    Drive Technology Adoption

    • Buy Link or Shortcode: {j2store}111|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Strategy and Organizational Design
    • Parent Category Link: /strategy-and-organizational-design

    The project isn’t over if the new product or system isn’t being used. How do you ensure that what you’ve put in place isn’t going to be ignored or only partially adopted? People are more complicated than any new system and managing them through the change needs careful planning.

    Our Advice

    Critical Insight

    Cultivating a herd mentality, where people adopt new technology merely because everyone else is, is an important goal in getting the bulk of users using the new product or system. The herd needs to gather momentum though and this can be done by using the more tech-able and enthused to lead the rest on the journey. Identifying and engaging these key resources early in the process will greatly assist in starting the flow.

    Impact and Result

    While communication is key throughout, involving staff in proof-of-concept activities and contests and using the train-the-trainer techniques and technology champions will all start the momentum toward technology adoption. Group activities will address the bulk of users, but laggards may need special attention.

    Drive Technology Adoption Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Drive Technology Adoption – A brief deck describing how to encourage users to adopt newly implemented technology.

    This document will help you to ensure that newly implemented systems and technologies are correctly adopted by the intended recipients.

    • Drive Technology Adoption Storyboard
    [infographic]

    Further reading

    Drive Technology Adoption

    The project is over. The new technology is implemented. Now how do we make sure it's used?

    Executive Summary

    Your Challenge

    Technology endlessly changes and evolves. Similarly, business directions and requirements change, and these changes need to be supported by technology. Improved functionality and evolvement of systems, along with systems becoming redundant or unsupported, means that maintaining a static environment is virtually impossible.

    Enormous amounts of IT budget are allocated to these changes each year. But once the project is over, how do you manage that change and ensure the systems are being used? Planning your technology adoption is vital.

    Common Obstacles

    The obstacles to technology adoption can be many and various, covering a broad spectrum of areas including:

    • Reluctance of staff to let go of familiar processes and procedures.
    • Perception that any change will add complications but not add value, thereby hampering enthusiasm to adopt.
    • Lack of awareness of the change.
    • General fear of change.
    • Lack of personal confidence.

    Info-Tech’s Approach

    Start by identifying, understanding, categorizing, and defining barriers and put in place a system to:

    • Gain an early understanding of the different types of users and their attitudes to technology and change.
    • Review different adoption techniques and analyze which are most appropriate for your user types.
    • Use a “Follow the Leader” approach, by having technical enthusiasts and champions to show the way.
    • Prevent access to old systems and methods.

    Info-Tech Insight

    For every IT initiative that will be directly used by users, consider the question, “Will the final product be readily accepted by those who are going to use it?” There is no point in implementing a product that no one is prepared to use. Gaining user acceptance is much more than just ticking a box in a project plan once UAT is complete.

    The way change should happen is clear

    Prosci specializes in change. Its ADKAR model outlines what’s required to bring individuals along on the change journey.

    AWARENESS

    • Awareness means more than just knowing there’s a change occurring,
    • it means understanding the need for change.

    DESIRE

    • To achieve desire, there needs to be motivation, whether it be from an
    • organizational perspective or personal.

    KNOWLEDGE

    • Both knowledge on how to train during the transition and knowledge
    • on being effective after the change are required. This can only be done
    • once awareness and desire are achieved.

    ABILITY

    • Ability is not knowledge. Knowing how to do something doesn’t necessarily translate to having the skills to do it.

    REINFORCEMENT

    • Without reinforcement there can be a tendency to revert.

    When things go wrong

    New technology is not being used

    The project is seen as complete. Significant investments have been made, but the technology either isn’t being used or is only partially in use.

    Duplicate systems are now in place

    Even worse. The failure to adopt the new technology by some means that the older systems are still being used. There are now two systems that fail to interact; business processes are being affected and there is widespread confusion.

    Benefits not being realized

    Benefits promised to the business are not being realized. Projected revenue increases, savings, or efficiencies that were forecast are now starting to be seen as under threat.

    There is project blowout

    The project should be over, but the fact that the technology is not being used has created a perception that the implementation is not complete and the project needs to continue.

    Info-Tech Insight

    People are far more complicated than any technology being implemented.

    Consider carefully your approach.

    Why does it happen?

    POOR COMMUNICATION

    There isn’t always adequate communications about what’s changing in the workplace.

    FEAR

    Fear of change is natural and often not rational. Whether the fear is about job loss or not being able to adapt to change; it needs to be managed.

    TRAINING

    Training can be insufficient or ineffective and when this happens people are left feeling like they don’t have the skills to make the change.

    LACK OF EXECUTIVE SUPPORT

    A lack of executive support for change means the change is seen as less important.

    CONFLICTING VIEWS OF CHANGE

    The excitement the project team and business feels about the change is not necessarily shared throughout the business. Some may just see the change as more work, changing something that already works, or a reason to reduce staff levels.

    LACK OF CONFIDENCE

    Whether it’s a lack of confidence generally with technology or concern about a new or changing tool, a lack of confidence is a huge barrier.

    BUDGETARY CONSTRAINTS

    There is a cost with managing people during a change, and budget must be allocated to allow for it.

    Communications

    Info-Tech Insight

    Since Sigmund Freud there has been endless work to understand people’s minds.
    Don’t underestimate the effect that people’s reactions to change can have on your project.

    This is a Kubler-ross change curve graph, plotting the following Strategies: Create Alignment; Maximize Communication; Spark Motivation; Develop Capability; Share Knowledge

    Communication plans are designed to properly manage change. Managing change can be easier when we have the right tools and information to adapt to new circumstances. The Kubler-Ross change curve illustrates the expected steps on the path to acceptance of change. With the proper communications strategy, each can be managed appropriately

    Analyst perspective

    Paul Binns – Principal Research Advisor, Info-Tech

    The rapidly changing technology landscape in our world has always meant that an enthusiasm or willingness to embrace change has been advantageous. Many of us have seen how the older generation has struggled with that change and been left behind.

    In the work environment, the events of the past two years have increased pressure on those slow to adopt as in many cases they couldn't perform their tasks without new tools. Previously, for example, those who may have been reluctant to use digital tools and would instead opt for face-to-face meetings, suddenly found themselves without an option as physical meetings were no longer possible. Similarly, digital collaboration tools that had been present in the market for some time were suddenly more heavily used so everyone could continue to work together in the “online world.”

    At this stage no one is sure what the "new normal" will be in the post-pandemic world, but what has been clearly revealed is that people are prepared to change given the right motivation.

    “Technology adoption is about the psychology of change.”
    Bryan Tutor – Executive Counsellor, Info-Tech

    The Fix

    • Categorize Users
      • Gain a clear understanding of your user types.
    • Identify Adoption Techniques
      • Understand the range of different tools and techniques available.
    • Match Techniques To Categories
      • Determine the most appropriate techniques for your user base.
    • Follow-the-Leader
      • Be aware of the different skills in your environment and use them to your advantage.
    • Refresh, Retrain, Restrain
      • Prevent reversion to old methods or systems.

    Categories

    Client-Driven Insight

    Consider your staff and industry when looking at the Everett Rogers curve. A technology organization may have less laggards than a traditional manufacturing one.

    In Everett Rogers’ book Diffusion of Innovations 5th Edition (Free Press, 2005), Rogers places adopters of innovations into five different categories.

    This is an image of an Innovation Adoption Curve from Everett Rogers' book Diffusion of Innovations 5th Edition

    Category 1: The Innovator – 2.5%

    Innovators are technology enthusiasts. Technology is a central interest of theirs, either at work, at home, or both. They tend to aggressively pursue new products and technologies and are likely to want to be involved in any new technology being implemented as soon as possible, even before the product is ready to be released.

    For people like this the completeness of the new technology or the performance can often be secondary because of their drive to get new technology as soon as possible. They are trailblazers and are not only happy to step out of their comfort zone but also actively seek to do so.

    Although they only make up about 2.5% of the total, their enthusiasm, and hopefully endorsement of new technology, offers reassurance to others.

    Info-Tech Insight

    Innovators can be very useful for testing before implementation but are generally more interested in the technology itself rather than the value the technology will add to the business.

    Category 2: The Early Adopter – 13.5%

    Whereas Innovators tend to be technologists, Early Adopters are visionaries that like to be on board with new technologies very early in the lifecycle. Because they are visionaries, they tend to be looking for more than just improvement – a revolutionary breakthrough. They are prepared to take high risks to try something new and although they are very demanding as far as product features and performance are concerned, they are less price-sensitive than other groups.

    Early Adopters are often motivated by personal success. They are willing to serve as references to other adopter groups. They are influential, seen as trendsetters, and are of utmost importance to win over.

    Info-Tech Insight

    Early adopters are key. Their enthusiasm for technology, personal drive, and influence make them a powerful tool in driving adoption.

    Category 3: The Early Majority – 34%

    This group is comprised of pragmatists. The first two adopter groups belong to early adoption, but for a product to be fully adopted the mainstream needs to be won over, starting with the Early Majority.

    The Early Majority share some of the Early Adopters’ ability to relate to technology. However, they are driven by a strong sense of practicality. They know that new products aren’t always successful. Consequently, they are content to wait and see how others fare with the technology before investing in it themselves. They want to see well-established references before adopting the technology and to be shown there is no risk.

    Because there are so many people in this segment (roughly 34%), winning these people over is essential for the technology to be adopted.

    Category 4: The Late Majority – 34%

    The Late Majority are the conservatives. This group is generally about the same size as the Early Majority. They share all the concerns of the Early Majority; however, they are more resistant to change and are more content with the status quo than eager to progress to new technology. People in the Early Majority group are comfortable with their ability to handle new technology. People in the Late Majority are not.

    As a result, these conservatives prefer to wait until something has become an established standard and take part only at the end of the adoption period. Even then, they want to see lots of support and ensure that there is proof there is no risk in them adopting it.

    Category 5: The Laggard – 16%

    This group is made up of the skeptics and constitutes 16% of the total. These people want nothing to do with new technology and are generally only content with technological change when it is invisible to them. These skeptics have a strong belief that disruptive new technologies rarely deliver the value promised and are almost always worried about unintended consequences.

    Laggards need to be dealt with carefully as their criticism can be damaging and without them it is difficult for a product to become fully adopted. Unfortunately, the effort required for this to happen is often disproportional to the size of the group.

    Info-Tech Insight

    People aren’t born laggards. Technology projects that have failed in the past can alter people’s attitudes, especially if there was a negative impact on their working lives. Use empathy when dealing with people and respect their hesitancy.

    Adoption Techniques

    Different strokes for different folks

    Technology adoption is all about people; and therefore, the techniques required to drive that adoption need to be people oriented.

    The following techniques are carefully selected with the intention of being impactful on all the different categories described previously.

    Technology Adoption: Herd Mentality; Champions; Force; Group Training; One-on-One; Contests; Marketing; Proof of Concept; Train the Trainer

    There are multitudes of different methods to get people to adopt new technology, but which is the most appropriate for your situation? Generally, it’s a combination.

    Technology Adoption: Herd Mentality; Champions; Force; Group Training; One-on-One; Contests; Marketing; Proof of Concept; Train the Trainer

    Train the Trainer

    Use your staff to get your message across.

    Abstract

    This technique involves training key members of staff so they can train others. It is important that those selected are strong communicators, are well respected by others, and have some expertise in technology.

    Advantages

    • Cost effective
    • Efficient dissemination of information
    • Trusted internal staff

    Disadvantages

    • Chance of inconsistent delivery
    • May feel threatened by co-worker

    Best to worst candidates

    • Early Adopter: Influential trendsetters. Others receptive of their lead.
    • Innovator: Comfortable and enthusiastic about new technology, but not necessarily a trainer.
    • Early Majority: Tendency to take others’ lead.
    • Late Majority: Risk averse and tend to follow others, only after success is proven.
    • Laggard: Last to adopt usually. Unsuitable as Trainer.

    Marketing

    Marketing should be continuous throughout the change to encourage familiarity.

    Abstract

    Communication is key as people are comfortable with what is familiar to them. Marketing is an important tool for convincing adopters that the new product is mainstream, widely adopted and successful.

    Advantages

    • Wide communication
    • Makes technology appear commonplace
    • Promotes effectiveness of new technology

    Disadvantages

    • Reliant on staff interest
    • Can be expensive

    Best to worst candidates

    • Early Majority: Pragmatic about change. Marketing is effective encouragement.
    • Early Adopter: Receptive and interested in change. Marketing is supplemental.
    • Innovator: Actively seeks new technology. Does not need extensive encouragement.
    • Late Majority: Requires more personal approach.
    • Laggard: Resistant to most enticements.

    One-on-One

    Tailored for individuals.

    Abstract

    One-on-one training sometimes is the only way to train if you have staff with special needs or who are performing unique tasks.
    It is generally highly effective but inefficient as it only addresses individuals.

    Advantages

    • Tailored to specific need(s)
    • Only relevant information addressed
    • Low stress environment

    Disadvantages

    • Expensive
    • Possibility of inconsistent delivery
    • Personal conflict may render it ineffective

    Best to worst candidates

    • Laggard: Encouragement and cajoling can be used during training.
    • Late Majority: Proof can be given of effectiveness of new product.
    • Early Majority: Effective, but not cost efficient.
    • Early Adopter: Effective, but not cost-efficient.
    • Innovator: Effective, but not cost-efficient.

    Group Training

    Similar roles, attitudes, and abilities.

    Abstract

    Group training is one of the most common methods to start people on their journey toward new technology. Its effectiveness with the two largest groups, Early Majority and Late Majority, make it a primary tool in technology adoption.

    Advantages

    • Cost effective
    • Time effective
    • Good for team building

    Disadvantages

    • Single method may not work for all
    • Difficult to create single learning pace for all

    Best to worst candidates

    • Early Majority: Receptive. The formality of group training will give confidence.
    • Late Majority: Conservative attitude will be receptive to traditional training.
    • Early Adopter: Receptive and attentive. Excited about the change.
    • Innovator: Will tend to want to be ahead or want to move ahead of group.
    • Laggard: Laggards in group training may have a negative impact.

    Force

    The last resort.

    Abstract

    The transition can’t go on forever.

    At some point the new technology needs to be fully adopted and if necessary, force may have to be used.

    Advantages

    • Immediate full transition
    • Fixed delivery timeline

    Disadvantages

    • Alienation of some staff
    • Loss of faith in product if there are issues

    Best to worst candidates

    • Laggard: No choice but to adopt. Forces the issue.
    • Late Majority: Removes issue of reluctance to change.
    • Early Majority: Content, but worried about possible problems.
    • Early Adopter: Feel less personal involvement in change process.
    • Innovator: Feel less personal involvement in change process.

    Contests

    Abstract

    Contests can generate excitement and create an explorative approach to new technology. People should not feel pressured. It should be enjoyable and not compulsory.

    Advantages

    • Rapid improvement of skills
    • Bring excitement to the new technology
    • Good for team building

    Disadvantages

    • Those less competitive or with lower skills may feel alienated
    • May discourage collaboration

    Best to worst candidates

    • Early Adopter: Seeks personal success. Risk taker. Effective.
    • Innovator: Enthusiastic to explore limits of technology.
    • Early Majority: Less enthusiastic. Pragmatic. Less competitive.
    • Late Majority: Conservative. Not enthusiastic about new technology.
    • Laggard: Reluctant to get involved.

    Incentives

    Incentives don’t have to be large.

    Abstract

    For some staff, merely taking management’s lead is not enough. Using “Nudge” techniques to give that extra incentive is quite effective. Incentivizing staff either financially or through rewards, recognition, or promotion is a successful adoption technique for some.

    Advantages

    Encouragement to adopt from receiving tangible benefit

    Draws more attention to the new technology

    Disadvantages

    Additional expense to business or project

    Possible poor precedent for subsequent changes

    Best to worst candidates

    Early Adopter: Desire for personal success makes incentives enticing.

    Early Majority: Prepared to change, but extra incentive will assist.

    Late Majority: Conservative attitude means incentive may need to be larger.

    Innovator: Enthusiasm for new technology means incentive not necessary.

    Laggard: Sceptical about change. Only a large incentive likely to make a difference.

    Champions

    Strong internal advocates for your new technology are very powerful.

    Abstract

    Champions take on new technology and then use their influence to promote it in the organization. Using managers as champions to actively and vigorously promote the change is particularly effective.

    Advantages

    • Infectious enthusiasm encourages those who tend to be reluctant
    • Use of trusted internal staff

    Disadvantages

    • Removes internal staff from regular duties
    • Ineffective if champion not respected

    Best to worst candidates

    • Early Majority: Champions as references of success provide encouragement.
    • Late Majority: Management champions in particular are effective.
    • Laggard: Close contact with champions may be effective.
    • Early Adopter: Receptive of technology, less effective.
    • Innovator: No encouragement or promotion required.

    Herd Mentality

    Follow the crowd.

    Abstract

    Herd behavior is when people discount their own information and follow others. Ideally all adopters would understand the reason and advantages in adopting new technology, but practically, the result is most important.

    Advantages

    • New technology is adopted without question
    • Increase in velocity of adoption

    Disadvantages

    • Staff may not have clear understanding of the reason for change and resent it later
    • Some may adopt the change before they are ready to do so

    Best to worst candidates

    • Early Majority: Follow others’ success.
    • Late Majority: Likely follow an established proven standard.
    • Early Adopter: Less effective as they prefer to set trends rather than follow.
    • Innovator: Seeks new technology rather than following others.
    • Laggard: Suspicious and reluctant to change.

    Proof of Concepts

    Gain early input and encourage buy-in.

    Abstract

    Proof of concept projects give early indications of the viability of a new initiative. Involving the end users in these projects can be beneficial in gaining their support

    Advantages

    Involve adopters early on

    Valuable feedback and indications of future issues

    Disadvantages

    If POC isn’t fully successful, it may leave lingering negativity

    Usually, involvement from small selection of staff

    Best to worst candidates

    • Innovator: Strong interest in getting involved in new products.
    • Early Adopter: Comfortable with new technology and are influencers.
    • Early Majority: Less interest. Prefer others to try first.
    • Late Majority: Conservative attitude makes this an unlikely option.
    • Laggard: Highly unlikely to get involved.

    Match techniques to categories

    What works for who?

    This clustered column chart categorizes techniques by category

    Follow the leader

    Engage your technology enthusiasts early to help refine your product, train other staff, and act as champions. A combination of marketing and group training will develop a herd mentality. Finally, don’t neglect the laggards as they can prevent project completion.

    This is an inverted funnel chart with the output of: Change Destination.  The inputs are: 16% Laggards; 34% Late Majority; 34% Early Majority; 13.3% Early Adopters; 2% Innovators

    Info-Tech Insight

    Although there are different size categories, none can be ignored. Consider your budget when dealing with smaller groups, but also consider their impact.

    Refresh, retrain, restrain

    We don’t want people to revert.

    Don’t assume that because your staff have been trained and have access to the new technology that they will keep using it in the way they were trained. Or that they won’t revert back to their old methods or system.

    Put in place methods to remove completely or remove access to old systems. Schedule refresh training or skill enhancement sessions and stay vigilant.

    Research Authors

    Paul Binns

    Paul Binns

    Principal Research Advisor, Info-Tech Research Group

    With over 30 years in the IT industry, Paul brings to his work his experience as a Strategic Planner, Consultant, Enterprise Architect, IT Business Owner, Technologist, and Manager. Paul has worked with both small and large companies, local and international, and has had senior roles in government and the finance industry.

    Scott Young

    Scott Young

    Principal Research Advisor, Info-Tech Research Group

    Scott Young is a Director of Infrastructure Research at Info-Tech Research Group. Scott has worked in the technology field for over 17 years, with a strong focus on telecommunications and enterprise infrastructure architecture. He brings extensive practical experience in these areas of specialization, including IP networks, server hardware and OS, storage, and virtualization.

    Related Info-Tech Research

    User Group Analysis Workbook

    Use Info-Tech’s workbook to gather information about user groups, business processes, and day-to-day tasks to gain familiarity with your adopters.

    Governance and Management of Enterprise Software Implementation

    Use our research to engage users and receive timely feedback through demonstrations. Our iterative methodology with a task list focused on the business’ must-have functionality allows staff to return to their daily work sooner.

    Quality Management User Satisfaction Survey

    This IT satisfaction survey will assist you with early information to use for categorizing your users.

    Master Organizational Change Management Practices

    Using a soft, empathetic approach to change management is something that all PMOs should understand. Use our research to ensure you have an effective OCM plan that will ensure project success.

    Bibliography

    Beylis, Guillermo. “COVID-19 accelerates technology adoption and deepens inequality among workers in Latin America and the Caribbean.” World Bank Blogs, 4 March 2021. Web.

    Cleland, Kelley. “Successful User Adoption Strategies.” Insight Voices, 25 Apr. 2017. Web.

    Hiatt, Jeff. “The Prosci ADKAR ® Model.” PROSCI, 1994. Web.

    Malik, Priyanka. “The Kübler Ross Change Curve in the Workplace.” whatfix, 24 Feb. 2022. Web.

    Medhaugir, Tore. “6 Ways to Encourage Software Adoption.” XAIT, 9 March 2021. Web.

    Narayanan, Vishy. “What PwC Australia learned about fast tracking tech adoption during COVID-19” PWC, 13 Oct. 2020. Web.

    Sridharan, Mithun. “Crossing the Chasm: Technology Adoption Lifecycle.” Think Insights, 28 Jun 2022. Web.

    Structure the Role of the DBA

    • Buy Link or Shortcode: {j2store}273|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Business Intelligence Strategy
    • Parent Category Link: /business-intelligence-strategy
    • The traditional role of Database Administrators (DBAs) is shifting due to a variety of changes such as cloud databases, increased automation, close relations with development, and the need for more integration with the business at large. All this means that organizations will have to adapt to integrate a new type of DBA into IT.
    • Organizations often have difficulty establishing a refined and effective DBA structure based on repeatable and well-grounded processes.
    • The relationship between DBAs and the rest of IT (especially development) can often be problematic due to a lack of mutual co-operation and clear communication.
    • There is often confusion in organizations as how to approach staffing DBAs.

    Our Advice

    Critical Insight

    • An organization’s relative focus on operations or development is essential in determining many DBA related decisions. This focus can determine what kinds of DBAs to hire, what staffing ratios to use, the viability of outsourcing, and the appropriate reporting structure for DBAs.
    • Utilizing technological strategies such as database automation, effective auditing, and database consolidation to bolster the DBA team helps make efficient use of DBA staff and can turn a reactive environment into a proactive one.
    • Ensuring refined and regularly assessed processes are in place for change and incident management is essential for maintaining effective and structured database administration.

    Impact and Result

    • Right-size, support, and structure your DBA team for increased cost effectiveness and optimal productivity.
    • Develop a superior level of co-operation between DBAs and the rest of IT as well as the business at large.
    • Build an environment in which DBAs will be motivated and flourish.

    Structure the Role of the DBA Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Understand how Database Administrators are evolving

    Develop an effective structure for managing and supporting Database Administrators.

    • Storyboard: Structure the Role of the DBA

    2. Create the right Database Administrator roles to meet organizational needs

    Build a team that is relevant to the focus of the organization.

    • System Database Administrator
    • Application Database Administrator
    [infographic]

    Improve your core processes

    Improve your core processes


    We have over 45 fully detailed
    and interconnected process guides
    for you to improve your operations

    Managing and improving your processes is key to attaining commercial success

    Our practical guides help you to improve your operations

    We have hundreds of practical guides, grouped in many processes in our model. You may not need all of them. I suggest you browse within the belo top-level categories below and choose where to focus your attention. And with Tymans Group's help, you can go one process area at a time.

    If you want help deciding, please use the contact options below or click here.

    Check out our guides

    Our research and guides are priced from €299,00

    • Gert Taeymans Guidance

      Tymans Group Guidance & Consulting

      Tymans Group guidance and (online) consulting using both established and forward-looking research and field experience in our management domains.

      Contact

    • Tymans Group
      & Info-Tech
      Combo

      Get both inputs, all of the Info-tech research (with cashback rebate), and Tymans Group's guidance.

      Contact

    • Info-Tech Research

      Info-Tech offers a vast knowledge body, workshops, and guided implementations. You can buy Info-Tech memberships here at Tymans Group with cashback, reducing your actual outlay.

      Contact

    Register to read more …

    Build a Strategic Infrastructure Roadmap

    • Buy Link or Shortcode: {j2store}332|cart{/j2store}
    • member rating overall impact: 9.5/10 Overall Impact
    • member rating average dollars saved: $36,636 Average $ Saved
    • member rating average days saved: 26 Average Days Saved
    • Parent Category Name: Strategy and Organizational Design
    • Parent Category Link: /strategy-and-organizational-design

    Getting a seat at the table is your first objective in building a strategic roadmap. Knowing what the business wants to do and understanding what it will need in the future is a challenge for most IT departments.

    This could be a challenge such as:

    • Understanding the business vision
    • Clear communications on business planning
    • Insight into what the future state should look like
    • Understanding what the IT team is spending its time on day to day

    Our Advice

    Critical Insight

    • Having a clear vision of what the future state is and knowing that creating an IT Infrastructure roadmap is never finished will give your IT team an understanding of priorities, goals, business vision, and risks associated with not planning.
    • Understand what you are currently paying for and why.

    Impact and Result

    • Understanding of the business priorities, and vision of the future
    • Know what your budget is spent on: running the business, growth, or innovation
    • Increased communication with the right stakeholders
    • Better planning based on analysis of time study, priorities, and business goals

    Build a Strategic Infrastructure Roadmap Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build a Strategic Infrastructure Roadmap Storyboard – Improve and align goals and strategy.

    In this section you will develop a vision and mission statement and set goals that align with the business vision and goals. The outcome will deliver your guiding principles and a list of goals that will determine your initiatives and their priorities.

    • Build Your Infrastructure Roadmap Storyboard
    • Strategic Infrastructure Roadmap Tool

    2. Financial Spend Analysis Template – Envision future and analyze constraints.

    Consider your future state by looking at technology that will help the business in the future. Complete an analysis of your past spending to determine your future spend. Complete a SWOT analysis to determine suitability.

    • Financial Spend Analysis Template

    3. Strategic Roadmap Initiative Template – Align and build the roadmap.

    Develop a risk framework that may slow or hinder your strategic initiatives from progressing and evaluate your technical debt. What is the current state of your infrastructure? Generate and prioritize your initiatives, and set dates for completion.

    • Strategic Roadmap Initiative Template

    4. Infrastructure and Strategy Executive Brief Template – Communicate and improve the process.

    After creating your roadmap, communicate it to your audience. Identify who needs to be informed and create an executive brief with the template download. Finally, create KPIs to measure what success looks like.

    • Infrastructure Strategy and Roadmap Executive Presentation Template
    • Infrastructure Strategy and Roadmap Report Template

    Infographic

    Further reading

    Build a Strategic Infrastructure Roadmap

    Align infrastructure investment to business-driven goals.

    Analysts' Perspectives

    Infrastructure roadmaps are an absolute necessity for all organizations. An organization's size often dictates the degree of complexity of the roadmap, but they all strive to paint the future picture of the organization's IT infrastructure.

    Infrastructure roadmaps typically start with the current state of infrastructure and work on how to improve. That thinking must change! Start with the future vision, an unimpeded vision, as if there were no constraints. Now you can see where you want to be.

    Look at your past to determine how you have been spending your infrastructure budget. If your past shows a trend of increased operational expenditures, that trend will likely continue. The same is true for capital spending and staffing numbers.

    Now that you know where you want to go, and how you ended up where you are, look at the constraints you must deal with and make a plan. It's not as difficult as it may seem, and even the longest journey begins with one step.

    Speaking of that first step, it should be to understand the business goals and align your roadmap with those same goals. Now you have a solid plan to develop a strategic infrastructure roadmap; enjoy the journey!

    There are many reasons why you need to build a strategic IT infrastructure roadmap, but your primary objectives are to set the long-term direction, build a framework for decision making, create a foundation for operational planning, and be able to explain to the business what you are planning. It is a basis for accountability and sets out goals and priorities for the future.

    Other than knowing where you are going there are four key benefits to building the roadmap.

    1. It allows you to be strategic and transformative rather than tactical and reactive.
    2. It gives you the ability to prioritize your tasks and projects in order to get them going.
    3. It gives you the ability to align your projects to business outcomes.
    4. Additionally, you can leverage your roadmap to justify your budget for resources and infrastructure.

    When complete, you will be able to communicate to your fellow IT teams what you are doing and get an understanding of possible business- or IT-related roadblocks, but overall executing on your roadmap will demonstrate to the business your competencies and ability to succeed.

    PJ Ryan

    PJ Ryan
    Research Director
    Infrastructure & Operations Practice
    Info-Tech Research Group

    John Donovan

    John Donovan
    Principal Research Director
    Infrastructure & Operations Practice
    Info-Tech Research Group

    Build a Strategic Infrastructure Roadmap

    Align infrastructure investment to business-driven goals.

    EXECUTIVE BRIEF

    Executive Summary

    Your Challenge

    When it comes to building a strategic roadmap, getting a seat at the table is your first objective. Knowing what the business wants to do and understanding its future needs is a challenge for most IT organizations.

    Challenges such as:

    • Understanding the business vision
    • Clear communications on business planning
    • Insight into what the future state should look like

    Common Obstacles

    Fighting fires, keeping the lights on, patching, and overseeing legacy debt maintenance – these activities prevent your IT team from thinking strategically and looking beyond day-to-day operations. Issues include:

    • Managing time well
    • Building the right teams
    • Setting priorities

    Procrastinating when it comes to thinking about your future state will get you nowhere in a hurry.

    Info-Tech's Approach

    Look into your past IT spend and resources that are being utilized.

    • Analyze all aspects of the operation, and resources required.
    • Be realistic with your timelines.
    • Work from the future state backward.

    Build your roadmap by setting priorities, understanding risk and gaps both in finance and resources. Overall, your roadmap is never done, so don't worry if you get it wrong on the first pass.

    Info-Tech Insight

    Have a clear vision of what the future state is, and know that when creating an IT infrastructure roadmap, it is never done. This will give your IT team an understanding of priorities, goals, business vision, and risks associated with not planning. Understand what you are currently paying for and why.

    Insight Summary

    "Planning is bringing the future into the present so that you can do something about it now."
    Source: Alan Lakein, Libquotes

    Your strategic objectives are key to building a roadmap

    Many organizations' day-to-day IT operations are tactical and reactive. This needs to change; the IT team needs to become strategic and proactive in its planning and execution. Forward thinking bridges the gap from your current state, to what the organization is, to what it wants to achieve. Your strategic objectives need to align to the business vision and goals and keep it running.

    Your future state will determine your roadmap priorities

    Identify what the business needs to meet its goals; this should be reflected in your roadmap priorities. Then identify the tasks and projects that can get you there. Business alignment is key, as these projects require prioritization. Strategic initiatives that align to business outcomes will be your foundation for planning on those priorities. If you do not align your initiatives, you will end up spinning your wheels. A good strategic roadmap will have all the elements of forward thinking and planning to execute with the right resources, right priorities, and right funding to make it happen.

    Understand what you have been paying for the last few years

    Measure the cost of "keeping the lights on" as a baseline for your budget that is earmarked and already spent. Determine if your current spend is holding back innovation due to:

    1. The high cost of maintenance
    2. Resources in operations doing low-value work due to the effort required to do tasks related to break/fix on aging hardware and software

    A successful strategic roadmap will be determined when you have a good handle on your current spending patterns and planning for future needs that include resources, budget, and know-how. Without a plan and roadmap, that plan will not get business buy-in or funding.

    Top challenges reported by Info-Tech members

    Lack of strategic direction

    • Infrastructure leadership must discover the business goals.

    Time seepage

    • Project time is constantly being tracked incorrectly.

    Technical debt

    • Aging equipment is not proactively cycled out with newer enabling technologies.

    Case Study

    The strategic IT roadmap allows Dura to stay at the forefront of automotive manufacturing.

    INDUSTRY: Manufacturing
    SOURCE: Performance Improvement Partners

    Challenge

    Following the acquisition of Dura, MiddleGround aimed to position Dura as a leader in the automotive industry, leveraging the company's established success spanning over a century.

    However, prior limited investments in technology necessitated significant improvements for Dura to optimize its processes and take advantage of digital advancements.

    Solution

    MiddleGround joined forces with PIP to assess technology risks, expenses, and prospects, and develop a practical IT plan with solutions that fit MiddleGround's value-creation timeline.

    By selecting the top 15 most important IT projects, the companies put together a feasible technology roadmap aimed at advancing Dura in the manufacturing sector.

    Results

    Armed with due diligence reports and a well-defined IT plan, MiddleGround and Dura have a strategic approach to maximizing value creation.

    By focusing on key areas such as analysis, applications, infrastructure and the IT organization, Dura is effectively transforming its operations and shaping the future of the automotive manufacturing industry.

    How well do you know your business strategy?

    A mere 25% of managers
    can list three of the company's
    top five priorities.

    Based on a study from MIT Sloan, shared understanding of strategic directives barely exists beyond the top tiers of leadership.

    An image of a bar graph showing the percentage of leaders able to correctly list a majority of their strategic priorities.

    Take your time back

    Unplanned incident response is a leading cause of the infrastructure time crunch, but so too are nonstandard service requests and service requests that should be projects.

    29%

    Less than one-third of all IT projects finish on time.

    200%

    85% of IT projects average cost overruns of 200% and time overruns of 70%.

    70%

    70% of IT workers feel as though they have too much work and not enough time to do it.

    Source: MIT Sloan

    Inventory Assessment

    Lifecycle

    Refresh strategies are still based on truisms (every three years for servers, every seven years for LAN, etc.) more than risk-based approaches.

    Opportunity Cost

    Assets that were suitable to enable business goals need to be re-evaluated as those goals change.

    See Info-Tech's Manage Your Technical Debt blueprint

    an image of info-tech's Manage your technical debt.

    Key IT strategy initiatives can be categorized in three ways

    IT key initiative plan

    Initiatives collectively support the business goals and corporate initiatives, and improve the delivery of IT services.

    1. Business support
      • Support major business initiatives
      • Each corporate initiative is supported by a major IT project and each project has unique IT challenges that require IT support.
    2. IT excellence
      • Reduce risk and improve IT operational excellence
      • These projects will increase IT process maturity and will systematically improve IT.
    3. Innovation
      • Drive technology innovation
      • These projects will improve future innovation capabilities and decrease risk by increasing technology maturity.

    Info-Tech Insight

    A CIO has three roles: enable business productivity, run an effective IT shop, and drive technology innovation. Your key initiative plan must reflect these three mandates and how IT strives to fulfill them.

    IT must accomplish many things

    Manage
    the lifecycle of aging equipment against current capacity and capability demands.

    Curate
    a portfolio of enabling technologies to meet future capacity and capability demands.

    Initiate
    a realistic schedule of initiatives that supports a diverse range of business goals.

    Adapt
    to executive feedback and changing business goals.

    an image of Info-Tech's Build your strategic roadmap

    Primary and secondary infrastructure drivers

    • Primary driver – The infrastructure component that is directly responsible for enabling change in the business metric.
    • Secondary driver – The infrastructure component(s) that primary drivers rely on.

    (Source: BMC)

    Sample primary and secondary drivers

    Business metric Source(s) Primary infrastructure drivers Secondary infrastructure drivers

    Sales revenue

    Online store

    Website/Server (for digital businesses)

    • Network
    • Data center facilities

    # of new customers

    Call center

    Physical plant cabling in the call center

    • PBX/VOIP server
    • Network
    • Data center facilities

    Info-Tech Insight

    You may not be able to directly influence the primary drivers of the business, but your infrastructure can have a major impact as a secondary driver.

    Info-Tech's approach

    1. Align strategy and goals
    • Establish the scope of your IT strategy by defining IT's mission and vision statements and guiding principles.
  • Envision future and analyze constraints
    • Envision and define your future infrastructure and analyze what is holding you back.
  • Align and build the roadmap
    • Establish a risk framework, identify initiatives, and build your strategic infrastructure roadmap.
  • Communicate and improve the process
    • Communicate the results of your hard work to the right people and establish the groundwork for continual improvement of the process.
  • Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Mission and Vision Statement
    Goal Alignment (Slide 28)

    Construct your vision and mission aligned to the business.

    Mission and Vision Statement

    Strategic Infrastructure Roadmap tool

    Build initiatives and prioritize them. Build the roadmap.

    Strategic Infrastructure Roadmap tool

    Infrastructure Domain Study

    What is stealing your time from getting projects done?

    Infrastructure Domain Study

    Initiative Templates Process Maps & Strategy

    Build templates for initiates, build process map, and develop strategies.

    Initiative Templates Process Maps & Strategy

    Key Deliverable

    it infrastructure roadmap template

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Info-Tech's methodology for an infrastructure strategy and roadmap

    1. Align Strategy and Goals

    2. Envision Future and Analyze Constraints

    3. Align and Build the Roadmap

    4. Communicate and Improve the Process

    Phase steps

    1.1 Develop the infrastructure strategy

    1.2 Define the goals

    2.1 Define the future state

    2.2 Analyze constraints

    3.1 Align the roadmap

    3.2 Build the roadmap

    4.1 Identify the audience

    4.2 Improve the process

    Phase Outcomes

    • Vision statement
    • Mission statement
    • Guiding principles
    • List of goals
    • Financial spend analysis
    • Domain time study
    • Prioritized list of roadblocks
    • Future-state vision document
    • IT and business risk frameworks
    • Technical debt assessment
    • New technology analysis
    • Initiative templates
    • Initiative candidates
    • Roadmap visualization
    • Process schedule
    • Communications strategy
    • process map
    • Infrastructure roadmap report

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 0 Phase 1 Phase 2 Phase 3 Phase 4

    Call #1: Scope requirements, objectives, and your specific challenges.

    Call #2: Define mission and vision statements and guiding principles to discuss strategy scope.
    Call #3: Brainstorm goals and definition.

    Call #4: Conduct a spend analysis and a time resource study.
    Call #5: Identify roadblocks.

    Call #6: Develop a risk framework and address technical debt.
    Call #7: Identify new initiatives and SWOT analysis.
    Call #8: Visualize and identify initiatives.
    Call #9: Complete shadow IT and initiative finalization.

    Call #10: Identify your audience and communicate.
    Call #11: Improve the process.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 8 to 12 calls over the course of 4 to 6 months.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Session 0 (Pre-workshop)

    Session 1

    Session 2

    Session 3

    Session 4

    Session 5 (Post-workshop)

    Elicit business context Align Strategy and Goals Envision Future and Analyze Constraints Align and Build the Roadmap Communicate and Improve the Process Wrap-up (offsite)

    0.1 Complete recommended diagnostic programs.
    0.2 Interview key business stakeholders, as needed, to identify business context: business goals, initiatives, and the organization's mission and vision.
    0.3 (Optional) CIO to compile and prioritize IT success stories.

    1.1 Infrastructure strategy.
    1.1.1 Review/validate the business context.
    1.1.2 Construct your mission and vision statements.
    1.1.3 Elicit your guiding principles and finalize IT strategy scope.

    1.2 Business goal alignment
    1.2.1 Intake identification and analysis.
    1.2.2 Survey results analysis.
    1.2.3 Brainstorm goals.
    1.2.4 Perform goal association and analysis.

    2.1 Define the future state.
    2.1.1 Conduct an emerging technology discussion.
    2.1.2 Document desired future state.
    2.1.3 Develop a new technology identification process.
    2.1.4 Compete SWOT analysis.

    2.2 Analyze your constraints
    2.2.1 Perform a historical spend analysis.
    2.2.2 Conduct a time study.
    2.2.3 Identify roadblocks.
    .

    3.1 Align the roadmap
    3.1.1 Develop a risk framework.
    3.1.2 Evaluate technical debt.

    3.2 Build the roadmap.
    3.2.1 Build effective initiative templates.
    3.2.2 Visualize.
    3.2.3 Generate new initiatives.
    3.2.4 Repatriate shadow IT initiatives.
    3.2.5 Finalize initiative candidates.

    4.2 Identify the audience
    4.1.1 Identify required authors and target audiences.
    4.1.2 Plan the process.
    4.1.2 Identify supporters and blockers.

    4.2 Improve the process
    4.2.1 Evaluate the value of each process output.
    4.2.2 Brainstorm improvements.
    4.2.3 Set realistic measures.

    5.1 Complete in-progress deliverables from previous four days.
    5.2 Set up time to review workshop deliverables and discuss next steps.

    1. SWOT analysis of current state
    2. Goals cascade
    3. Persona analysis
    1. Vision statement, mission statement, and guiding principles
    2. List of goals
    1. Spend analysis document
    2. Domain time study
    3. Prioritized list of roadblocks
    4. Future state vision document
    1. IT and business risk frameworks
    2. Technical debt assessment
    3. New technology analysis
    4. Initiative templates
    5. Initiative candidates
    1. Roadmap visualization
    2. Process schedule
    3. Communications strategy
    4. Process map
    1. Strategic Infrastructure Roadmap Report

    Phase 1

    Align Strategy and Goals

    Phase 1

    Phase 2

    Phase 3

    Phase 4

    1.1 Infrastructure strategy

    1.2 Goal alignment

    2.1 Define your future

    2.2 Conduct constraints analysis

    3.1 Drive business alignment

    3.2. Build the roadmap

    4.1 Identify the audience

    4.2 Process improvement

    and measurements

    This phase will walk you through the following activities:

    • How to build IT mission and vision statements
    • How to elicit IT guiding principles
    • How to finalize and communicate your IT strategy scope

    This phase involves the following participants:

    • CIO
    • Senior IT Team

    Step 1.1

    Develop the Infrastructure Strategy

    Activities

    1.1.1 Review/validate the business context

    1.1.2 Construct your mission and vision statements

    1.1.3 Elicit your guiding principles and finalize IT strategy scope

    This step requires the following inputs:

    • Business Mission Statement
    • Business Vision Statement
    • Business Goals

    This step involves the following participants:

    • Roadmap team

    Outcomes of this step

    • IT mission statement
    • IT vision statement
    • Guiding principles

    To complete this phase, you will need:

    Infrastructure Strategy and Roadmap Report Template

    Infrastructure Strategy and Roadmap Report Template

    Use the IT Infrastructure Strategy and Roadmap Report Template to document the results from the following activities:

    • Mission and Vision Statements
    • Business impact
    • Roadmap

    IT must aim to support the organization's mission and vision

    A mission statement

    • Focuses on today and what an organization does to achieve the mission.
    • Drives the company.
    • Answers: What do we do? Who do we serve? How do we service them?

    "A mission statement focuses on the purpose of the brand; the vision statement looks to the fulfillment of that purpose."

    A vision statement

    • Focuses on tomorrow and what an organization ultimately wants to become.
    • Gives the company direction.
    • Answers: What problems are we solving? Who and what are we changing?

    "A vision statement provides a concrete way for stakeholders, especially employees, to understand the meaning and purpose of your business. However, unlike a mission statement – which describes the who, what, and why of your business – a vision statement describes the desired long-term results of your company's efforts."
    Source: Business News Daily, 2020

    Characteristics of mission and vision statements

    A strong mission statement has the following characteristics:

    • Articulates the IT function's purpose and reason for existence.
    • Describes what the IT function does to achieve its vision.
    • Defines the customers of the IT function.
    • Is:
      • Compelling
      • Easy to grasp
      • Sharply focused
      • Concise

    A strong vision statement has the following characteristics:

    • Describes a desired future achievement.
    • Focuses on ends, not means.
    • Communicates promise.
    • Is:
      • Concise; no unnecessary words
      • Compelling
      • Achievable
      • Measurable

    Derive the IT mission and vision statements from the business

    Begin the process by identifying and locating the business mission and vision statements.

    • Corporate websites
    • Business strategy documents
    • Business executives

    Ensure there is alignment between the business and IT statements.

    Note: Mission statements may remain the same unless the IT department's mandate is changing.

    an image showing Business mission, IT mission, Business Vision, and IT Vison.

    1.1.2 Construct mission and vision statements

    1 hour

    Objective: Help teams define their purpose (why they exist) to build a mission statement (if one doesn't already exist).

    Step 1:

    1. Gather the IT strategy creation team and revisit your business context inputs, specifically the corporate mission statement.
    2. Begin by asking the participants:
        1. What is our job as a team?
        2. What's our goal? How do we align IT to our corporate mission?
        3. What benefit are we bringing to the company and the world?
      1. Ask them to share general thoughts in a check-in.

    Step 2:

    1. Share some examples of IT mission statements.
    2. Example: IT provides innovative product solutions and leadership that drives growth and
      success.
    3. Provide each participant with some time to write their own version of an IT mission statement.

    Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.

    Input

    • Business vision statement
    • Business mission statement

    Output

    • IT mission statement
    • IT vision statement

    Materials

    • Sticky notes
    • Markers
    • Whiteboard
    • Paper
    • Collaboration/brain-storming tool (whiteboard, flip chart, digital equivalent)

    Participants

    • CIO
    • Senior IT Team

    1.1.2 Construct mission and vision statements (cont'd)

    1 hour

    Objective: Help teams define their purpose (why they exist) to build a mission statement (if one doesn't already exist).

    Step 3:

    This step involves reviewing individual mission statements, combining them, and building one collective mission statement for the team.

    1. Consider the following approach to build a unified mission statement:

    Use the 20x20 rule for group decision-making. Give the group no more than 20 minutes to craft a collective team purpose with no more than 20 words.

    1. As a facilitator, provide guidelines on how to write for the intended audience. Business stakeholders need business language.
    2. Refer to the corporate mission statement periodically and ensure there is alignment.
    3. Document your final mission statement in your ITRG Infrastructure Strategy and Roadmap Report Template.

    Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.

    Input

    • Business vision statement
    • Business mission statement

    Output

    • IT mission statement
    • IT vision statement

    Materials

    • Sticky notes
    • Markers
    • Whiteboard
    • Paper
    • Collaboration/brain-storming tool (whiteboard, flip chart, digital equivalent)

    Participants

    • CIO
    • Senior IT Team

    1.1.2 Construct mission and vision statements (cont'd)

    1 hour

    Objective: Help teams define their purpose (why they exist) to build a mission statement (if one doesn't already exist).

    Step 4:

    1. Gather the IT strategy creation team and revisit your business context inputs, specifically the corporate vision statement.
    2. Share one or more examples of vision statements.
    3. Provide participants with sticky notes and writing materials and ask them to work individually for this step.
    4. Ask participants to brainstorm:
      1. What is the desired future state of the IT organization?
      2. How should we work to attain the desired state?
      3. How do we want IT to be perceived in the desired state?
    5. Provide participants with guidelines to build descriptive, compelling, and achievable statements regarding their desired future state.
    6. Regroup as a team and review participant answers.

    Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.

    Input

    • Business vision statement
    • Business mission statement

    Output

    • IT mission statement
    • IT vision statement

    Materials

    • Sticky notes
    • Markers
    • Whiteboard
    • Paper
    • Collaboration/brain-storming tool (whiteboard, flip chart, digital equivalent)

    Participants

    • CIO
    • Senior IT Team

    1.1.2 Construct mission and vision statements (cont'd)

    1 hour

    Objective: Help teams define their purpose (why they exist) to build a mission statement (if one doesn't already exist).

    Step 5:

    1. Ask the team to post their notes on the wall.
    2. Have the team group the words that have a similar meaning or feeling behind them; this will create themes.
    3. When the group is done categorizing the statements into themes, ask if there's anything missing. Did they ensure alignment to the corporate vision statement? Are there any elements missing when considering alignment back to the corporate vision statement?

    Step 6:

    1. Consider each category as a component of your vision statement.
    2. Review each category with participants; define what the behavior looks like when it is being met and what it looks like when it isn't.
    3. As a facilitator, provide guidelines on word-smithing and finessing the language.
    4. Refer to the corporate vision statement periodically and ensure there is alignment.
    5. Document your final mission statement in your IT Strategy Presentation Template.

    Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.

    Input

    • Business vision statement
    • Business mission statement

    Output

    • IT mission statement
    • IT vision statement

    Materials

    • Sticky notes
    • Markers
    • Whiteboard
    • Paper
    • Collaboration/brain-storming tool (whiteboard, flip chart, digital equivalent)

    Participants

    • CIO
    • Senior IT Team

    1.1.2 Construct mission and vision statements (cont'd)

    Tips for online facilitation:

    • Pick an online whiteboard tool that allows participants to use a large, zoomable canvas.
    • Set up each topic at a different area of the board; spread them out just like you would do on the walls of a room.
    • Invite participants to zoom in and visit each section and add their ideas as sticky notes once you reach that section of the exercise.
    • If you're not using an online whiteboard, we'd recommend using a collaboration tool such as Google Docs or Teams Whiteboard to collect the information for each step under a separate heading. Invite everyone into the document but be very clear regarding editing rights.
    • Pre-create your screen deck and screen share this with your participants through your videoconferencing software. We'd also recommend sharing this so participants can go through the deck again during the reflection steps.
    • When facilitating group discussion, we'd recommend that participants use non-verbal means to indicate they'd like to speak. You can use tools like Teams' hand-raising tool, a reaction emoji, or have people put their hands up. The facilitator can then invite that person to talk.

    Source: Hyper Island

    Input

    • Business vision statement
    • Business mission statement

    Output

    • IT mission statement
    • IT vision statement

    Materials

    • Sticky notes
    • Markers
    • Whiteboard
    • Paper
    • Collaboration/brainstorming tool (whiteboard, flip chart, digital equivalent)

    Participants

    • CIO
    • Senior IT Team

    IT mission statements demonstrate IT's purpose

    The IT mission statement specifies the function's purpose or reason for being. The mission should guide each day's activities and decisions. The mission statements use simple and concise terminology and speak loudly and clearly, generating enthusiasm for the organization.

    Strong IT mission statements have the following characteristics:

    • Articulate the IT function's purpose and reason for existence
    • Describe what the IT function does to achieve its vision
    • Define the customers of the IT function
    • Are:
      • Compelling
      • Easy to grasp
      • Sharply focused
      • Inspirational
      • Memorable
      • Concise

    Sample IT Mission Statements:

    • To provide infrastructure, support, and innovation in the delivery of secure, enterprise-grade information technology products and services that enable and empower the workforce at [Company Name].
    • To help fulfill organizational goals, the IT department is committed to empowering business stakeholders with technology and services that facilitate effective processes, collaboration, and communication.
    • The mission of the information technology (IT) department is to build a solid, comprehensive technology infrastructure; to maintain an efficient, effective operations environment; and to deliver high-quality, timely services that support the business goals and objectives of ABC Inc.
    • The IT department has operational, strategic, and fiscal responsibility for the innovation, implementation, and advancement of technology at ABC Inc. in three main areas: network administration and end-user support, instructional services, and information systems. The IT department provides leadership in long-range planning, implementation, and maintenance of information technology across the organization.
    • The IT group is customer-centered and driven by its commitment to management and staff. It oversees services in computing, telecommunications, networking, administrative computing, and technology training.

    Sample mission statements (cont'd)

    • To collaborate and empower our stakeholders through an engaged team and operational agility and deliver innovative technology and services.
    • To empower our stakeholders with innovative technology and services, through collaboration and agility.
    • To collaborate and empower our stakeholder, by delivering innovative technology and services, with an engaged team and operational agility.
    • To partner with departments and be technology leaders that will deliver innovative, secure, efficient, and cost-effective services for our citizens.
    • As a client-centric strategic partner, provide excellence in IM and IT services through flexible business solutions for achieving positive user experience and satisfaction.
    • Develop a high-performing global team that will plan and build a scalable, stable operating environment.
    • Through communication and collaboration, empower stakeholders with innovative technology and services.
    • Build a robust portfolio of technology services and solutions, enabling science-lead and business-driven success.
    • Guided by value-driven decision making, high-performing teams and trusted partners deliver and continually improve secure, reliable, scalable, and reusable services that exceed customer expectations.
    • Engage the business to grow capabilities and securely deliver efficient services to our users and clients.
    • Engage the business to securely deliver efficient services and grow capabilities for our users and clients.

    IT vision statements demonstrate what the IT organization aspires to be

    The IT vision statement communicates a desired future state of the IT organization. The statement is expressed in the present tense. It seeks to articulate the desired role of IT and how IT will be perceived.

    Strong IT vision statements have the following characteristics:

    • Describe a desired future
    • Focus on ends, not means
    • Communicate promise
    • Are:
      • Concise; no unnecessary words
      • Compelling
      • Achievable
      • Inspirational
      • Memorable

    Sample IT vision statements:

    • To be a trusted advisor and partner in enabling business innovation and growth through an engaged IT workforce.
    • The IT organization will strive to become a world-class value center that is a catalyst for innovation.
    • IT is a cohesive, proactive, and disciplined team that delivers innovative technology solutions while demonstrating a strong customer-oriented mindset.
    • Develop and maintain IT and an IT support environment that is secure, stable, and reliable within a dynamic environment.

    Sample vision statements (cont'd)

    • Alignment: To ensure that the IT organizational model and all related operational services and duties are properly aligned with all underlying business goals and objectives. Alignment reflects an IT operation "that makes sense," considering the business served, its interests and its operational imperatives.
    • Engagement: To ensure that all IT vision stakeholders are fully engaged in technology-related planning and the operational parameters of the IT service portfolio. IT stakeholders include the IT performing organization (IT Department), company executives and end-users.
    • Best Practices: To ensure that IT operates in a standardized fashion, relying on practical management standards and strategies properly sized to technology needs and organizational capabilities.
    • Commitment to Customer Service: To ensure that IT services are provided in a timely, high-quality manner, designed to fill the operational needs of the front-line end-users, working within the boundaries established by business interests and technology best practices.

    Quoted From ITtoolkit, 2020

    Case Study

    Acme Corp. was able to construct its IT mission and vison statements by aligning to its corporate mission and vision.

    INDUSTRY: Professional Services
    COMPANY: This case study is based on a real company but was anonymized for use in this research.

    Business

    IT

    Mission

    Vision

    Mission

    Vision

    We help IT leaders achieve measurable results by systematically improving core IT processes, governance, and critical technology projects.

    Acme Corp. will grow to become the largest research firm across the industry by providing unprecedented value to our clients.

    IT provides innovative product solutions and leadership that drives growth and success.

    We will relentlessly drive value to our customers through unprecedented innovation.

    IT guiding principles set the boundaries for your strategy

    Strategic guiding principles advise the IT organization on the boundaries of the strategy.

    Guiding principles are a priori decisions that limit the scope of strategic thinking to what is acceptable organizationally, from budgetary, people, and partnership standpoints. Guiding principles can cover other dimensions, as well.

    Organizational stakeholders are more likely to follow IT principles when a rationale is provided.

    After defining the set of IT principles, ensure that they are all expanded upon with a rationale. The rationale ensures principles are more likely to be followed because they communicate why the principles are important and how they are to be used. Develop the rationale for each IT principle your organization has chosen.

    IT guiding principles = IT strategy boundaries

    Consider these four components when brainstorming guiding principles

    Breadth

    of the IT strategy can span across the eight perspectives: people, process, technology, data, process, sourcing, location, and timing.

    Defining which of the eight perspectives is in scope for the IT strategy is crucial to ensuring the IT strategy will be comprehensive, relevant, and actionable.

    Depth

    of coverage refers to the level of detail the IT strategy will go into for each perspective. Info-Tech recommends that depth should go to the initiative level (i.e. individual projects).

    Organizational coverage

    will determine which part of the organization the IT strategy will cover.

    Planning horizon

    of the IT strategy will dictate when the target state should be reached and the length of the roadmap.

    Consider these criteria when brainstorming guiding principle statements

    Approach focused IT principles are focused on the approach, i.e. how the organization is built, transformed, and operated, as opposed to what needs to be built, which is defined by both functional and non-functional requirements.
    Business relevant Create IT principles that are specific to the organization. Tie IT principles to the organization's priorities and strategic aspirations.
    Long lasting Build IT principles that will withstand the test of time.
    Prescriptive Inform and direct decision-making with IT principles that are actionable. Avoid truisms, general statements, and observations.
    Verifiable If compliance can't be verified, the principle is less likely to be followed.
    Easily digestible IT principles must be clearly understood by everyone in IT and by business stakeholders. IT principles aren't a secret manuscript of the IT team. IT principles should be succinct; wordy principles are hard to understand and remember.
    Followed

    Successful IT principles represent a collection of beliefs shared among enterprise stakeholders. IT principles must be continuously reinforced to all stakeholders to achieve and maintain buy-in.

    In organizations where formal policy enforcement works well, IT principles should be enforced through appropriate governance processes.

    Review ten universal IT principles to determine if your organization wishes to adopt them

    IT principle name

    IT principle statement

    1. Enterprise value focus We aim to provide maximum long-term benefits to the enterprise as a whole while optimizing total costs of ownership and risks.
    2. Fit for purpose We maintain capability levels and create solutions that are fit for purpose without over engineering them.
    3. Simplicity We choose the simplest solutions and aim to reduce operational complexity of the enterprise.
    4. Reuse > buy > build We maximize reuse of existing assets. If we can't reuse, we procure externally. As a last resort, we build custom solutions.
    5. Managed data We handle data creation, modification, and use enterprise-wide in compliance with our data governance policy.
    6. Controlled technical diversity We control the variety of technology platforms we use.
    7. Managed security We manage security enterprise-wide in compliance with our security governance policy.
    8. Compliance to laws and regulations We operate in compliance with all applicable laws and regulations.
    9. Innovation We seek innovative ways to use technology for business advantage.
    10. Customer centricity We deliver best experiences to our customers with our services and products.

    1.1.3 Elicit guiding principles

    1 hour

    Objective: Generate ideas for guiding principle statements with silent sticky note writing.

    1. Gather the IT strategy creation team and revisit your mission and vision statements.
    2. Ask the group to brainstorm answers individually, silently writing their ideas on separate sticky notes. Provide the brainstorming criteria from the previous slide to all team members. Allow the team to put items on separate notes that can later be shuffled and sorted as distinct thoughts.
    3. After a set amount of time, ask the members of the group to stick their notes to the whiteboard and quickly present them. Categorize all ideas into four major buckets: breadth, depth, organizational coverage, and planning horizon. Ideally, you want one guiding principle to describe each of the four components.
    4. If there are missing guiding principles in any category or anyone's items inspire others to write more, they can stick those up on the wall too, after everyone has presented.
    5. Discuss and finalize your IT guiding principles.
    6. Document your guiding principles in the IT Strategy Presentation Template in Section 1.

    Source: Hyper Island

    Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.

    Input

    • Four components for eliciting guiding principles
    • Mission and vision statements

    Output

    • IT guiding principles
    • IT strategy scope

    Materials

    • Sticky notes
    • Whiteboard
    • Paper
    • Collaboration/brain-storming tool (whiteboard, flip chart, digital equivalent)

    Participants

    • CIO
    • Senior IT Team

    Guiding principle examples

    • Alignment: Our IT decisions will align with [our organization's] strategic plan.
    • Resources: We will allocate cyber-infrastructure resources based on providing the greatest value and benefit for [the community].
    • User Focus: User needs will be a key component in all IT decisions.
    • Collaboration: We will work within and across organizational structures to meet strategic goals and identify opportunities for innovation and improvement.
    • Transparency: We will be transparent in our decision making and resource use.
    • Innovation: We will value innovative and creative thinking.
    • Data Stewardship: We will provide a secure but accessible data environment.
    • IT Knowledge and Skills: We will value technology skills development for the IT community.
    • Drive reduced costs and improved services
    • Deploy packaged apps – do not develop – retain business process knowledge expertise – reduce apps portfolio
    • Standardize/Consolidate infrastructure with key partners
    • Use what we sell, and help sell
    • Drive high-availability goals: No blunders
    • Ensure hardened security and disaster recovery
    • Broaden skills (hard and soft) across the workforce
    • Improve business alignment and IT governance

    Quoted From: Office of Information Technology, 2014; Future of CIO, 2013

    Case Study

    Acme Corp. elicited guiding principles that set the scope of its IT strategy for FY21.

    INDUSTRY: Professional Services
    COMPANY: Acme Corp.

    The following guiding principles define the values that drive IT's strategy in FY23 and provide the criteria for our 12-month planning horizon.

    • We will focus on big-ticket items during the next 12 months.
    • We will keep the budget within 5%+/- YOY.
    • We will insource over outsource.
    • We will develop a cloud-first technology stack.

    Finalize your IT strategy scope

    Your mission and vision statements and your guiding principles should be the first things you communicate on your IT strategy document.

    Why is this important?

    • Communicating these elements shows how IT supports the corporate direction.
    • The vision and mission statements will clearly articulate IT's aspirations and purpose.
    • The guiding principles will clearly articulate how IT plans to support the business strategically.
    • These elements set expectations with stakeholders for the rest of your strategy.

    Input information into the IT Strategy Presentation Template.

    an image showing the IT Strategy Scope.

    Summary of Accomplishment

    Established the scope of your IT strategy

    • Constructed the IT mission statement to communicate the IT organization's reason for being.
    • Constructed the IT vision statement to communicate the desired future state of the IT organization.
    • Elicited IT's guiding principles to communicate the overall scope and time horizon for the strategy.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Step 1.2

    Business Goal Alignment

    Activities

    1.2.1 Intake identification and analysis

    1.2.2 Survey results analysis

    1.2.3 Goal brainstorming

    1.2.4 Goal association and analysis

    This step requires the following inputs:

    • Last year's accomplished project list
    • Business unit input source list
    • Goal list
    • In-flight initiatives list

    This step involves the following participants:

    • Business leadership
    • Project Management Office
    • Service Desk
    • Business Relationship Management
    • Solution or Enterprise Architecture
    • Roadmap team

    Outcomes of this step

    • Intake analysis
    • Goal list
    • Initiative-to-goal map

    Identify who is expecting what from the infrastructure

    "Typically, IT thinks in an IT first, business second, way: 'I have a list of problems and if I solve them, the business will benefit.' This is the wrong way of thinking. The business needs to be thought of first, then IT."

    – Fred Chagnon, Infrastructure Director,
    Info-Tech Research Group

    Info-Tech Insight

    If you're not soliciting input from or delivering on the needs of the various departments in your company, then who is? Be explicit and track how you communicate with each individual unit within your company.

    Mature project portfolio management and enterprise architecture practices are no substitute for understanding your business clientele.

    It may not be a democracy, but listening to everyone's voice is an essential step toward generating a useful roadmap.

    Building good infrastructure requires an understanding of how it will be used. Explicit consultation with stakeholders maximizes a roadmap's usefulness and holds the enterprise accountable in future roadmap iterations as goals change.

    Who are the customers for infrastructure?

    Internal customer examples:

    • Network Operations manager
    • IT Systems manager
    • Webmaster
    • Security manager

    External customer examples:

    • Director of Sales
    • Operations manager
    • Applications manager
    • Clients
    • Partners and consultants
    • Regulators/government

    1.2.1 Intake identification and analysis

    1 hour

    The humble checklist is the single most effective tool to ensure we don't forget someone or something:

    1. Have everyone write down their top five completed projects from last year – one project per sticky note.
    2. Organize everyone's sticky notes on a whiteboard according to input source – did these projects come from the PMO? Directly from a BRM? Service request? VP or LoB management?
    3. Make a MECE list of these sources on the left-hand side of a whiteboard.
    4. On the right-hand side list all the departments or functional business units within the company.
    5. Draw lines from right to left indicating which business units use which input source to request work.
    6. Optional: Rate the efficacy of each input channel – what is the success rate of projects per channel in terms of time, budget, and functionality?

    Discussion:

    1. How clearly do projects and initiatives arrive at infrastructure to be acted on? Do they follow the predictable formal process with all the needed information or is it more ad hoc?
    2. Can we validate that business units are using the correct input channel to request the appropriate work? Does infrastructure have to spend more time validating the requests of any one channel?
    3. Can we identify business units that are underserved? How about overserved? Infrastructure initiatives tend to be near universal in effect – are we forgetting anyone?
    4. Are all these methods passive (order taking), or is there a process for infrastructure to suggest an initiative or project?

    Input

    • Last year's accomplished project list

    Output

    • Work requested workflow and map

    Materials

    • Sticky notes
    • Whiteboard & markers

    Participants

    • Roadmap team

    Case Study

    Building IT governance and digital infrastructure for tech-enabled student experiences

    INDUSTRY: Education
    COMPANY: Collegis Education

    Challenge

    In 2019, Saint Francis University decided to expand its online program offering to reach students outside of its market.

    It had to first transform its operations to deliver a high-quality, technology-enabled student experience on and off campus. The remote location of the campus posed power outages, Wi-Fi issues, and challenges in attracting and retaining the right staff to help the university achieve its goals.

    It began working with an IT consulting firm to build a long-term strategic roadmap.

    Solution

    The consultant designed a strategic multi-year roadmap for digital transformation that would prioritize developing infrastructure to immediately improve the student experience and ultimately enable the university to scale its online programs. The consultant worked with school leadership to establish a virtual CIO to oversee the IT department's strategy and operations. The virtual CIO quickly became a key advisor to the president and board, identifying gaps between technology initiatives and enrollment and revenue targets. St. Francis staff also transitioned to the consultant's technology team, allowing the university to alleviate its talent acquisition and retention challenges.

    Results

    • $200,000 in funds reallocated to help with upgrades due to streamlined technology infrastructure
    • Updated card access system for campus staff and students
    • Active directory implementation for a secure and strong authentication technology
    • An uninterruptible power supply (UPS) backup is installed to ensure power continues in the event of a power outage
    • Upgrade to a reliable, campus-wide Wi-Fi network
    • Behind-the-scenes upgrades like state-of-the-art data centers to stabilize aging technology for greater reliability

    Track your annual activity by business unit – not by input source

    A simple graph showing the breakdown of projects by business unit is an excellent visualization of who is getting the most from infrastructure services.

    Show everyone in the organization that the best way to get anything done is by availing themselves of the roadmap process.

    An image of two bar graphs, # of initiatives requested
by customer; # of initiatives proposed to customer.

    Enable technology staff to engage in business storytelling by documenting known goals in a framework

    Without a goal framework

    Technology-focused IT staff are notoriously disconnected from the business process and are therefore often unable to explain the outcomes of their projects in terms that are meaningful to the business.

    With a goal framework

    When business, IT, and infrastructure goals are aligned, the business story writes itself as you follow the path of cascading goals upward.

    Info-Tech Best Practice

    So many organizations we speak with don't have goals written down. This rarely means that the goals aren't known, rather that they're not clearly communicated.

    When goals aren't clear, personal agendas can take precedence. This is what often leads to the disconnect between what the business wants and what IT is delivering.

    1.2.2 Survey and results analysis

    1 hour

    Infrastructure succeeds by effectively scaling shared resources for the common good. Sometimes that is a matter of aggregating similarities, sometimes by recognizing where specialization is required.

    1. Have every business unit provide their top three to five current goals or objectives for their department. Emphasize that you are requesting their operational objectives, not just the ones they think IT may be able to help them with.
    2. Put each goal on a sticky note (optional: use a unique sticky note or marker color for each department) and place them on a whiteboard.
    3. Group the sticky notes according to common themes.
    4. Rank each grouping according to number of occurrences.

    Discussion:

    1. This is very democratic. Do certain departments' goals carry more weight more than others?
    2. What is the current business prioritization process? Do the results of our activity match with the current published output of this process?
    3. Consider each business goal in the context of infrastructure activity or technology feature or capability. As infrastructure is a lift function existing only to serve the business, it is important to understand our world in context.

    Examples: The VP of Operations is looking to reduce office rental costs over the next three years. The VP of Sales is focused on increasing the number of face-to-face customer interactions. Both can potentially be served by IT activities and technologies that increase mobility.

    Input

    • Business unit input source list

    Output

    • Prioritized list of business goals

    Materials

    • Sticky notes
    • Whiteboard & markers

    Participants

    • Roadmap team

    1.2.3 Goal brainstorming – Affinity diagramming exercise

    1 hour

    Clarify how well you understand what the business wants.

    1. Ask each participant to consider: "What are the top three priorities of the company [this period]?" They should consider not what they think the priorities should be, but their understanding of what business leadership's priorities actually are.
    2. Have each participant write down their three priorities on sticky notes – one per note.
    3. Select a moderator from the group – not the infrastructure leader or the CIO. The moderator will begin by placing (and explaining) their sticky notes on the whiteboard.
    4. Have each participant place and explain their sticky notes on the whiteboard.
    5. The moderator will assist each participant in grouping sticky notes together based on theme.
    6. Groups that become overly large may be broken into smaller, more precise themes.
    7. Once everyone has placed their sticky notes, and the groups have been arranged and rearranged, you should have a visual representation of infrastructure's understanding of the business' priorities.
    8. Let the infrastructure leader and/or CIO place their sticky notes last.

    Discussion:

    Is there a lot of agreement within the group? What does it mean if there are 10 or 15 groups with equal numbers of sticky notes? What does it mean if there are a few top groups and dozens of small outliers?

    How does the group's understanding compare with that of the Director and/or CIO?

    What mechanisms are in place for the business to communicate their goals to infrastructure? Are they effective? Does the team take the time to reimagine those goals and internalize them?

    What does it mean if infrastructure's understanding differs from the business?

    Input

    • Business unit input source list

    Output

    • Prioritized list of business goals

    Materials

    • Sticky notes
    • Whiteboard & markers

    Participants

    • Roadmap team

    Additional Activity

    Now that infrastructure has a consensus on what it thinks the business' goals are, suggest a meeting with leadership to validate this understanding. Once the first picture is drawn, a 30-minute meeting can help clear up any misconceptions.

    Build your own framework or start with these three root value drivers

    With a framework of cascading goals in place, a roadmap is a Rosetta Stone. Being able to map activities back to governance objectives allows you to demonstrate value regardless of the audience you are addressing.

    An image of the framework for developing a roadmap using three root value drivers.

    (Info-Tech, Build a Business-Aligned IT Strategy 2022)

    1.2.4 Goal association exercise and analysis

    1 hour

    Wherever possible use the language of your customers to avoid confusion, but at least ensure that everyone in infrastructure is using a common language.

    1. Take your business strategy or IT strategy or survey response (Activity 1.2.3) or Info-Tech's fundamental goals list (strategic agility, improved cash flow, innovate product, safety, standardize end-user experience) and write them across the top of a whiteboard.
    2. Have everyone write, on a sticky note, their current in-flight initiatives – one per sticky note.
    3. Have each participant then place each of their sticky notes on the whiteboard and draw a line from the initiative to the goal it supports.
    4. The rest of the group should challenge any relationships that seem unsupported or questionable.

    Discussion:

    1. How many goals are you supporting? Are there too many? Are you doing enough to support the right goals?
    2. Is there a shared understanding of the business goals among the infrastructure staff? Or, do questions about meaning keep coming up?
    3. Do you have initiatives that are difficult to express in terms of business goals? Do you have a lot of them or just a few?

    Input

    • Goal list
    • In-flight initiatives list

    Output

    • Initiatives-to-goals map

    Materials

    • Whiteboard & markers

    Participants

    • Roadmap team

    Summary of Accomplishment

    Review performance from last fiscal year.

    • Analyzed and communicated the benefits and value realized from IT's strategic initiatives in the past fiscal year.
    • Analyzed and prioritized diagnostic data insights to communicate IT success stories.
    • Elicited important retrospective information such as KPIs, financials, etc. to build IT's credibility as a strategic business partner.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Phase 2

    Envision Future and Analyze Constraints

    Phase 1

    Phase 2

    Phase 3

    Phase 4

    1.1 Infrastructure strategy

    1.2 Goal alignment

    2.1 Define your future

    2.2 Conduct constraints analysis

    3.1 Drive business alignment

    3.2. Build the roadmap

    4.1 Identify the audience

    4.2 Process improvement

    and measurements

    This phase will walk you through the following activities:

    • Determine from a greenfield perspective what the future state looks like.
    • Do SWOT analysis on technology you may plan to use in the future.
    • Complete a time study.

    This phase involves the following participants:

    • Roadmap team

    Step 2.1

    Define the future state

    Activities

    2.1.1 Define your future infrastructure vision

    2.1.2 Document desired future state

    2.1.3 Develop a new technology identification process

    2.1.4 Conduct a SWOT analysis

    This step requires the following inputs:

    • Emerging technology interest

    This step involves the following participants:

    • Roadmap team
    • External SMEs

    Outcomes of this step

    • Technology discovery process
    • Technology assessment process
    • Future state vision document

    Future state discussion

    "Very few of us are lucky enough to be one of the first few employees in a new organization. Those of you who get to plan the infrastructure with a blank slate and can focus all of your efforts on doing things right the first time."

    BMC, 2018

    "A company's future state is ultimately defined as the greater vision for the business. It's where you want to be, your long-term goal in terms of the ever-changing state of technology and how that applies to your present-day business."
    "Without a definitive future state, a company will often find themselves lacking direction, making it harder to make pivotal decisions, causing misalignment amongst executives, and ultimately hindering the progression and growth of a company's mission."
    Source: Third Stage Consulting

    "When working with digital technologies, it is imperative to consider how such technologies can enhance the solution. The future state should communicate the vision of how digital technologies will enhance the solutions, deliver value, and enable further development toward even greater value creation."
    Source: F. Milani

    Info-Tech Insight

    Define your infrastructure roadmap as if you had a blank slate – no constraints, no technical debt, and no financial limitations. Imagine your future infrastructure and let that vision drive your roadmap.

    Expertise is not innate; it requires effort and research

    Evaluating new enterprise technology is a process of defining it, analyzing it, and sourcing it.

    • Understand what a technology is in order to have a common frame of reference for discussion. Just as important, understand what it is not.
    • Conduct an internal and external analysis of the technology including an adoption case study.
    • Provide an overview of the vendor landscape, identifying the leading players in the market and how they differentiate their offerings.

    This is not intended to be a thesis grade research project, nor an onerous duty. Most infrastructure practitioners came to the field because of an innate excitement about technology! Harness that excitement and give them four to eight hours to indulge themselves.

    An output of approximately four slides per technology candidate should be sufficient to decided if moving to PoC or pilot is warranted.

    Including this material in the roadmap helps you control the technology conversation with your audience.

    Info-Tech Best Practices

    Don't start from scratch. Recall the original sources from your technology watchlist. Leverage vendors and analyst firms (such as Info-Tech) to give the broad context, letting you focus instead on the specifics relevant to your business.

    Channel emerging technologies to ensure the rising tide floats all boats rather than capsizing your business

    Adopting the wrong new technology can be even more dangerous than failing to adopt any new technology.

    Implementing every new promising technology would cost prodigious amounts of money and time. Know the costs before choosing what to invest in.

    The risk of a new technology failing is acceptable. The risk of that failure disrupting adjacent core functions is unacceptable. Vet potential technologies to ensure they can be safely integrated.

    Best practices for new technologies are nonexistent, standards are in flux, and use cases are fuzzy. Be aware of the unforeseen that will negatively affect your chances of a successful implementation.

    "Like early pioneers crossing the American plains, first movers have to create their own wagon trails, but later movers can follow in the ruts."
    Harper Business, 2014

    Info-Tech Insight

    The right technology for someone else can easily be the wrong technology for your business.

    Even with a mature Enterprise Architecture practice, wrong technology bets can happen. Minimize the chance of this occurrence by making selection an infrastructure-wide activity. Leverage the practical knowledge of the day-to-day operators.

    First Mover

    47% failure rate

    Fast Follower

    8% failure rate

    2.1.1 Create your future infrastructure vision

    1 hour

    Objective: Help teams define their future infrastructure state (assuming zero constraints or limitations).

    1. Ask each participant to ponder the question: "How would the infrastructure look if there were no limitations?" They should consider all aspects of their infrastructure but keep in mind the infrastructure vision and mission statements from phase one, as well as the business goals.
    2. Have each participant write down their ideas on sticky notes – one per note.
    3. Select a moderator and a scribe from the group – not the infrastructure leader or the CIO. The moderator will begin by placing (and explaining) their sticky notes on the whiteboard. The scribe will summarize the results in short statements at the end.
    4. Have each participant place and explain their sticky notes on the whiteboard.
    5. The moderator will assist each participant in grouping sticky notes together based on theme.
    6. Once everyone has placed their sticky notes and groups have been arranged and rearranged, you should have a visual representation of infrastructure's understanding of the business' priorities.
    7. Let the infrastructure leader and/or CIO place their sticky notes last.

    Discussion:

    1. Assume a blank slate as a starting point. No technical debt or financial constraints; nothing holding you back.
    2. Can SaaS, PaaS, or other cloud-based offerings play a role in this future utopia?
    3. Do vendors play a larger or smaller role in your future infrastructure vision?

    Download the IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.

    Input

    • Thoughts and ideas about how the future infrastructure should look.

    Output

    • Future state vision

    Materials

    • Sticky notes
    • Whiteboard & markers

    Participants

    • Roadmap team

    2.1.1 Document your future state vision (cont'd)

    Objective: Help teams define their future infrastructure state (assuming zero constraints or limitations).

    1 hour

    Steps:

    1. The scribe will take the groups of suggestions and summarize them in a statement or two, briefly describing the infrastructure in that group.
    2. The statements should be recorded on Tab 2 of the Infrastructure Strategy and Roadmap Tool.

    Discussion:

    • Should the points be listed in any specific order?
    • Include all suggestions in the summary. Remember this is a blank slate with no constraints, and no idea is higher or lower in weight at this stage.
    Infrastructure Future State Vision
    Item Focus Area Future Vision
    1 Email Residing on Microsoft 365
    2 Servers Hosted in cloud - nothing on prem.
    3 Endpoints virtual desktops on Microsoft Azure
    4 Endpoint hardware Chromebooks
    5 Network internet only
    6 Backups cloud based but stored in multiple cloud services
    7

    Download Info-Tech's Infrastructure Strategy and Roadmap Tool and document your future state vision in the Infrastructure Future State tab.

    Input

    • Thoughts and ideas about how the future infrastructure should look.

    Output

    • Future state vision

    Materials

    • Sticky notes
    • Whiteboard & markers

    Participants

    • Roadmap team

    2.1.2 Identification and association exercise

    1 hour

    Formalize what is likely an ad hoc process.

    1. Brainstorm with the group a list of external sources they are currently using to stay abreast of the market.
    2. Organize this list on the left-hand side of a whiteboard, in vendor and vendor-neutral groups.
      1. For each item in the list ask a series of questions:
      2. Is this a push or pull source?
      3. Is this source suited to individual or group consumption?
      4. What is the frequency of this source?
    3. What is the cost of this source to the company?
    4. On the right-hand side of the whiteboard brainstorm a list of internal mechanisms for sharing new technology information. Ask about the audience, distribution mode, and frequency for each of those mechanisms.
    5. Map which of the external sources make it over to internal distribution.

    Discussion:

    1. Are we getting the most value out of our high-cost conferences? Does that information make it from the attendees to the rest of the team?
    2. Do we share information only within our domains? Or across the whole infrastructure practice?
    3. Do we have sufficient diversity of sources? Are we in danger of believing one vendor's particular market interpretation?
    4. How do we select new technologies to explore further? Make it fun – upvotes, for example.

    Input

    • Team knowledge
    • Conference notes
    • Expense reports

    Output

    • Internal socialization process
    • Tech briefings & repository

    Materials

    • Whiteboard & markers

    Participants

    • Roadmap team

    Info-Tech Best Practices

    It is impractical for everyone to present their tech briefing at the monthly meeting. But you want to avoid a one-to-many exercise. Keep the presenter a secret until called on. Those who do not present live can still contribute their material to the technology watchlist database.

    Analyze new technologies for your future state

    Four to eight hours of research per technology can uncover a wealth of relevant information and prepare the infrastructure team for a robust discussion. Key research elements include:

    • Précis: A single page or slide that describes the technology, outlines some of the vendors, and explores the value proposition.
    • SWOT Analysis:
      • Strengths and weaknesses: What does the technology inherently do well (e.g. lots of features) and what does it do poorly (e.g. steep learning curve)?
      • Opportunities and threats: What capabilities can the technology enable (e.g. build PCs faster, remote sensing)? Why would we not want to exploit this technology (e.g. market volatility, M&As)

    a series of four screenshots from the IT Infrastructure Strategy and Roadmap Report Template

    Download the IT Infrastructure Strategy and Roadmap Report Template slides 21, 22, 23 for sample output.

    Position infrastructure as the go-to source for information about new technology

    One way or another, tech always seems to finds its way into infrastructure's lap. Better to stay in front and act as stewards rather than cleanup crew.

    Beware airline magazine syndrome!

    Symptoms

    Pathology
    • Leadership speaking in tech buzzwords
    • Urgent meetings to discuss vaguely defined topics
    • Fervent exclamations of "I don't care how – just get it done!"
    • Management showing up on at your doorstep needing help with their new toy

    Outbreaks tend to occur in close proximity to

    • Industry trade shows
    • Excessive executive travel
    • Vendor BRM luncheons or retreats with leadership
    • Executive golf outings with old college roommates

    Effective treatment options

    1. Targeted regular communication with a technology portfolio analysis customized to the specific goals of the business.
    2. Ongoing PoC and piloting efforts with detailed results reporting.

    While no permanent cure exists, regular treatment makes this chronic syndrome manageable.

    Keep your roadmap horizon in mind

    Technology doesn't have to be bleeding edge. New-to-you can have plenty of value.

    You want to present a curated landscape of technologies, demonstrating that you are actively maintaining expertise in your chosen field.

    Most enterprise IT shops buy rather than develop their technology, which means they want to focus effort on what is market available. The outcome is that infrastructure sponsors and delivers new technologies whose capabilities and features will help the business achieve its goals on this roadmap.

    If you want to think more like a business disruptor or innovator, we suggest working through the blueprint Exploit Disruptive Infrastructure Technology.
    Explore technology five to ten years into the future!

    a quadrant analysis comparing innovation and transformation, as well as two images from Exploit Disruptive Infrastructure Technology.

    Info-Tech Insight

    The ROI of any individual effort is difficult to justify – in aggregate, however, the enterprise always wins!
    Money spent on Google Glass in 2013 seemed like vanity. Certainly, this wasn't enterprise-ready technology. But those early experiences positioned some visionary firms to quickly take advantage of augmented reality in 2018. Creative research tends to pay off in unexpected and unpredictable ways.
    .

    2.1.3 Working session, presentation, and feedback

    1 hour

    Complete a SWOT analysis with future state technology.

    The best research hasn't been done in isolation since the days of da Vinci.

    1. Divide the participants into small groups of at least four people.
    2. Further split those groups into two teams – the red team and the white team.
    3. Assign a technology candidate from the last exercise to each group. Ideally the group should have some initial familiarity with the technology and/or space.
    4. The red team from each group will focus on the weaknesses and threats of the technology. The white team will focus on the strengths and opportunities of the technology.
    5. Set a timer and spend the next 30-40 minutes completing the SWOT analysis.
    6. Have each group present their analysis to the larger team. Encourage conversation and debate. Capture and refine the understanding of the analysis.
    7. Reset with the next technology candidate. Have the participants switch teams within their groups.
    8. Continue until you've exhausted your technology candidates.

    Discussion:

    1. Does working in a group make for better research? Why?
    2. Do you need specific expertise in order to evaluate a technology? Is an outsider (non-expert) view sometimes valuable?
    3. Is it easier to think of the positive or the negative qualities of a technology? What about the internal or external implications?

    Input

    • Technology candidates

    Output

    • Technology analysis including SWOT

    Materials

    • Projector
    • Templates
    • Laptops & internet

    Participants

    • Roadmap team

    Step 2.2

    Constraints analysis

    Activities

    2.2.1 Historical spend analysis

    2.2.2 Conduct a time study

    2.2.3 Identify roadblocks

    This step requires the following inputs:

    • Historical spend and staff numbers
    • Organizational design identification and thought experiment
    • Time study
    • Roadblock brainstorming session
    • Prioritization exercise

    This step involves the following participants:

    • Financial leader
    • HR Leader
    • Roadmap team

    Outcomes of this step

    • OpEx, CapEx, and staffing trends
    • Domain time study
    • Prioritized roadblock list

    2.2.1 Historical spend analysis

    "A Budget is telling your money where to go, instead of wondering where it went."
    -David Ramsay

    "Don't tell me where your priorities are. Show me where you spend your money and I'll tell you what they are"
    -James Frick, Due.com

    Annual IT budgeting aligns with business goals
    a circle showing 68%, broken down into 50% and 18%

    50% of businesses surveyed see that improvements are necessary for IT budgets to align to business goals, while 18% feel they require significant improvements to align to business goals
    Source: ITRG Diagnostics 2022

    Challenges in IT spend visibility

    68%

    Visibility of all spend data for on-prem, SaaS and cloud environments
    Source: Flexera

    The challenges that keep IT leaders up at night

    47%

    Lack of visibility in resource usage and cost
    Source: BMC, 2021

    2.2.1 Build a picture of your financial spending and staffing trends

    Follow the steps below to generate a visualization so you can start the conversation:

    1 hour

    1. Open the Info-Tech Infrastructure Roadmap Financial Spend Analysis Tool.
    2. The Instructions tab will provide guidance, or you can follow the instructions below.
    3. Insert values into the appropriate uncolored blocks in the first 4 rows of the Spend Record Entry tab to reflect the amount spent on IT OpEx, IT CapEx, or staff numbers for the present year (budgeted) as well as the previous five years.
    4. Data input populates cells in subsequent rows to quickly reveal spending ratios.

    an image of the timeline table from the Infrastructure Roadmap Financial Analysis Tool

    Download the Infrastructure Roadmap Financial Analysis Tool
    ( additional Deep Dive available if required)

    Input

    • Historical spend and staff numbers

    Output

    • OpEx, CapEx, and staffing trends for your organization

    Materials

    • Info-Tech's Infrastructure Roadmap Financial Spend Analysis Tool

    Participants

    • Infrastructure leader
    • Financial leader
    • HR leader

    2.2.1 Build a picture of your financial spending and staffing trends (cont'd)

    Continue with the steps below to generate a visualization so you can start the conversation.

    1 hour

    1. Select tab 3 (Results) to reveal a graphical analysis of your data.
    2. Trends are shown in graphs for OpEx, CapEx, and staffing levels as well as comparative graphs to show broader trends between multiple spend and staffing areas.
    3. Some observations worth noting may include the following:
      • Is OpEx spending increasing over time or decreasing?
      • Is CapEx increasing or decreasing?
      • Are OpEx and CapEx moving in the same directions?
      • Are IT staff to total staff ratios increasing or decreasing?
      • Trends will continue in the same direction unless changes are made.

    Download the Infrastructure Roadmap Financial Analysis Tool
    ( additional Deep Dive available if required)

    Input

    • Historical spend and staff numbers

    Output

    • OpEx, CapEx, and staffing trends for your organization

    Materials

    • Info-Tech's Infrastructure Roadmap Financial Spend Analysis Tool

    Participants

    • Infrastructure leader
    • Financial leader
    • HR leader

    Consider perceptions held by the enterprise when dividing infrastructure into domains

    2.2.2 Conduct a time study

    Internal divisions that seem important to infrastructure may have little or even negative value when it comes to users accessing their services.

    Domains are the logical divisions of work within an infrastructure practice. Historically, the organization was based around physical assets: servers, storage, networking, and end-user devices. Staff had skills they applied according to specific best practices using physical objects that provided functionality (computing power, persistence, connectivity, and interface).

    Modern enterprises may find it more effective to divide according to activity (analytics, programming, operations, and security) or function (customer relations, learning platform, content management, and core IT). As a rule, look to your organizational chart; managers responsible for buying, building, deploying, or supporting technologies should each be responsible for their own domain.

    Regardless of structure, poor organization leads to silos of marginally interoperable efforts working against each other, without focus on a common goal. Clearly defined domains ensure responsibility and allow for rapid, accurate, and confident decision making.

    • Server
    • Network
    • Storage
    • End User
    • DevOps
    • Analytics
    • Core IT
    • Security

    Info-Tech Insight

    The medium is the message. Do stakeholders talk about switches or storage or services? Organizing infrastructure to match its external perception can increase communication effectiveness and improve alignment.

    Case Study

    IT infrastructure that makes employees happier

    INDUSTRY: Services
    SOURCE: Network Doctor

    Challenge

    Atlas Electric's IT infrastructure was very old and urgently needed to be refreshed. Its existing server hardware was about nine years old and was becoming unstable. The server was running Windows 2008 R2 server operating systems that was no longer supported by Microsoft; security updates and patches were no longer available. They also experienced slowdowns on many older PCs.

    Recommendations for an upgrade were not approved due to budgetary constraints. Recommendations for upgrading to virtual servers were approved following a harmful phishing attack.

    Solution

    The following improvements to their infrastructure were implemented.

    • Installing a new physical host server running VMWare ESXi virtualization software and hosting four virtual servers.
    • Migration of data and applications to new virtual servers.
    • Upgrading networking equipment and deploying new relays, switches, battery backups, and network management.
    • New server racks to host new hardware.

    Results

    Virtualization, consolidating servers, and desktops have made assets more flexible and simpler to manage.

    Improved levels of efficiency, reliability, and productivity.

    Enhanced security level.

    An upgraded backup and disaster recovery system has improved risk management.

    Optimize where you spend your time by doing a time study

    Infrastructure activity is limited generally by only two variables: money and time. Money is in the hands of the CFO, which leaves us a single variable to optimize.

    Not all time is spent equally, nor is it equally valuable. Analysis lets us communicate with others and gives us a shared framework to decide where our priorities lie.

    There are lots of frameworks to help categorize our activities. Stephen Covey (Seven Habits of Highly Effective People) describes a four-quadrant system along the axes of importance and urgency. Gene Kim, through his character Erik in The Phoenix Project,speaks instead of business projects, internal IT projects, changes, and unplanned work.

    We propose a similar four-category system.

    Project Maintenance

    Administrative

    Reactive

    Planned activity spent pursuing a business objective

    Planned activity spent on the upkeep of existing IT systems

    Planned activity required as a condition of employment

    Unplanned activity requiring immediate response

    This is why we are valuable to our company

    We have it in our power to work to reduce these three in order to maximize our time available for projects

    Survey and analysis

    Perform a quick time study.

    Verifiable data sources are always preferred but large groups can hold each other's inherent biases in check to get a reasonable estimate.

    1 hour

    1. Organize the participants into the domain groups established earlier.
    2. On an index card have each participant independently write down the percentage of time they think their entire domain (not themselves personally) spends during the average month, quarter, or year on:
      1. Admin
      2. Reactive work
      3. Maintenance
    3. Draw a matrix on the whiteboard; collect the index cards and transcribe the results from participants into the matrix.
    4. Add up the three reported time estimates and subtract from 100 – the result is the percentage of time available for/spent on project work.

    Discussion

    1. Certain domains should have higher percentages of reactive work (think Service Desk and Network Operations Center) – can we shift work around to optimize resources?
    2. Why is reactive work the least desirable type? Could we reduce our reactive work by increasing our maintenance work?
    3. From a planning perspective, what are the implications of only having x% of time available for project work?
    4. Does it feel like backing into the project work from adding the other three together provides a reasonable assessment?

    Input

    • Domain groups

    Output

    • Time study

    Materials

    • Whiteboard & markers
    • Index cards

    Participants

    • Roadmap team

    Quickly and easily evaluate all your infrastructure

    Strategic Infrastructure Roadmap Tool, Tab 2, Capacity Analysis

    In order to quickly and easily build some visualizations for the eventual final report, Info-Tech has developed the Strategic Infrastructure Roadmap Tool.

    • Up to five infrastructure domains are supported.
      • For practices that cannot be reasonably collapsed into five domains, multiple copies of the tool can be used and manually stitched together.
    • The tool can be used in either an absolute (total number) or relative mode (percentage of available).
    • By design we specifically don't ask for a project work figure but rather calculate it based on other values.
    • For everything but miscellaneous duties, hard data sources can (and where appropriate should) be leveraged.
      • Reactive work – service desk tool
      • Project work – project management tool
      • Maintenance work – logs or ITSM tool
    • Individual domains' values are calculated, as well as the overall breakdown for the infrastructure practice.
    • Even these rough estimates will be useful during the planning steps throughout the rest of the roadmap process.

    an image of the source capacity analysis page from tab 2 of the Strategic Infrastructure Roadmap Tool

    Please note that this tool requires Microsoft's Power Pivot add-in to be installed if you are using Excel 2010 or 2013. The scatter plot labels on tabs 5 and 8 may not function correctly in Excel 2010.

    Build your roadmap from both the top and the bottom for best results

    Strong IT strategy favors top-down: activities enabling clearly dictated goals. The bottom-up approach aggregates ongoing activities into goals.

    Systematic approach

    External stakeholders prioritize a list of goals requiring IT initiatives to achieve.

    Roadblocks:

    • Multitudes of goals easily overwhelm scant IT resources.
    • Unglamorous yet vital maintenance activities get overlooked.
    • Goals are set without awareness of IT capacity or capabilities.

    Organic approach

    Practitioners aggregate initiatives into logical groups and seek to align them to one or more business goals.

    Roadblocks:

    • Pet initiatives can be perpetuated based on cult of personality rather than alignment to business goals.
    • Funding requests can fall flat when competing against other business units for executive support.

    A successful roadmap respects both approaches.

    an image of two arrows, intersecting with the words Infrastructure Roadmap with the top arrow labeled Systematic, and the bottom arrow being labeled Organic.

    Info-Tech Insight

    Perfection is anathema to practicality. Draw the first picture and not only expect but welcome conflicting feedback! Socialize it and drive the conversation forward to a consensus.

    2.2.3 Brainstorming – Affinity diagramming

    Identify the systemic roadblocks to executing infrastructure projects

    1 hour

    Affinity diagramming is a form of structured brainstorming that works well with larger groups and provokes discussion.

    1. Have each participant write down their top five impediments to executing their projects from last year – one roadblock per sticky note.
    2. Once everyone has written their top five, select a moderator from the group. The moderator will begin by placing (and explaining) their five sticky notes on the whiteboard.
    3. Have each participant then place and explain their sticky notes on the whiteboard.
    4. The moderator will assist participants in grouping sticky notes together based on theme.
    5. Groups that have become overly large may be broken into smaller, more precise themes.
    6. Once everyone has placed their sticky notes, you should be able to visually identify the greatest or most common roadblocks the group perceives.

    Discussion

    Categorize each roadblock identified as either internal or external to infrastructure's control.

    Attempt to understand the root cause of each roadblock. What would you need to ask for in order to remove the roadblock?

    Additional Research

    Also called the KJ Method (after its inventor, Jiro Kawakita, a 1960s Japanese anthropologist), this activity helps organize large amounts of data into groupings based on natural relationships while reducing many social biases.

    Input

    • Last years initiatives and their roadblocks

    Output

    • List of refined Roadblocks

    Materials

    • Sticky notes
    • Whiteboard & markers

    Participants

    • Roadmap team

    2.2.4 Prioritization exercise – Card sorting

    Choose your priorities wisely.

    Which roadblocks do you need to work on? How do you establish a group sense of these priorities? This exercise helps establish priorities while reducing individual bias.

    1 hour

    1. Distribute index cards that have been prepopulated with the roadblocks identified in the previous activity – one full set of cards to each participant.
    2. Have each participant sort their set-in order of perceived priority, highest on top.
    3. Where n=number of cards in the stack, take the n-3 lowest priority cards and put a tick mark in the upper-right-hand corner. Pass these cards to the person on the left, who should incorporate them into their pile (if you start with eight cards you're ticking and passing five cards). Variation: On the first pass, allow everyone to take the most important and least important cards, write "0th" and "NIL" on them, respectively, and set them aside.
    4. Repeat steps 2 and 3 for a total of n times. Treat duplicates as a single card in your hand.
    5. After the final pass, ask each participant to write the priority in the upper-left-hand corner of their top three cards.
    6. Collect all the cards, group by roadblock, count the number of ticks, and take note of the final priority.

    Discussion

    Total the number of passes (ticks) for each roadblock. A large number indicates a notionally low priority. No passes indicates a high priority.

    Are the internal or external roadblocks of highest priority? Were there similarities among participants' 0th and NILs compared to each other or to the final results?

    Input

    • Roadblock list

    Output

    • Prioritized roadblocks

    Materials

    • Index cards

    Participants

    • Roadmap team

    Summary of Accomplishment

    Review performance from last fiscal year

    • Analyzed and communicated the benefits and value realized from IT's strategic initiatives in the past fiscal year.
    • Analyzed and prioritized diagnostic data insights to communicate IT success stories.
    • Elicited important retrospective information such as KPIs, financials, etc. to build IT's credibility as a strategic business partner.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Phase 3

    Align and Build the Roadmap

    Phase 1

    Phase 2

    Phase 3

    Phase 4

    1.1 Infrastructure strategy

    1.2 Goal alignment

    2.1 Define your future

    2.2 Conduct constraints analysis

    3.1 Drive business alignment

    3.2. Build the roadmap

    4.1 Identify the audience

    4.2 Process improvement

    and measurements

    This phase will walk you through the following activities:

    • Elicit business context from the CIO & IT team
    • Identify key initiatives that support the business
    • Identify key initiatives that enable IT excellence
    • Identify initiatives that drive technology innovation
    • Build initiative profiles
    • Construct your strategy roadmap

    This phase involves the following participants:

    • Roadmap Team

    Step 3.1

    Drive business alignment

    Activities

    3.1.1 Develop a risk framework

    3.1.2 Evaluate technical debt

    This step requires the following inputs:

    • Intake identification and analysis
    • Survey results analysis
    • Goal brainstorming
    • Goal association and analysis

    This step involves the following participants:

    • Business leadership
    • Project Management Office
    • Service Desk
    • Business Relationship Management
    • Solution or Enterprise Architecture
    • Roadmap team

    Outcomes of this step

    • Intake analysis
    • Goal list
    • Initiative-to-goal map

    Speak for those with no voice – regularly review your existing portfolio of IT assets and services

    A chain is only as strong as its weakest link; while you'll receive no accolades for keeping the lights on, you'll certainly hear about it if you don't!

    Time has been a traditional method for assessing the fitness of infrastructure assets – servers are replaced every five years, core switches every seven, laptops and desktops every three. While quick, this framework of assessment is overly simplistic for most modern organizations.

    Building one that is instead based on the likelihood of asset failure plotted against the business impact of that failure is not overly burdensome and yields more practical results. Infrastructure focuses on its strength (assessing IT risk) and validates an understanding with the business regarding the criticality of the service(s) enabled by any given asset.

    Rather than fight on every asset individually, agree on a framework with the business that enables data-driven decision making.

    IT Risk Factors
    Age, Reliability, Serviceability, Conformity, Skill Set

    Business Risk Factors
    Suitability, Capacity, Safety, Criticality

    Info-Tech Insight

    Infrastructure in a cloud-enabled world: As infrastructure operations evolve it is important to keep current with the definition of an asset. Software platforms such as hypervisors and server OS are just as much an asset under the care and control of infrastructure as are cloud services, managed services from third-party providers, and traditional racks and switches.

    3.1.1 Develop a risk framework – Classification exercise

    While it's not necessary for each infrastructure domain to view IT risk identically, any differences should be intensely scrutinized.

    1 hour

    1. Divide the whiteboard along the axes of IT Risk and
      Business Risk (criticality) into quadrants:
      1. High IT Risk & High Biz Risk (upper right)
      2. Low IT Risk & Low Biz Risk (bottom left)
      3. Low IT Risk & High Biz Risk (bottom right)
      4. High IT Risk & Low Biz Risk (upper left)
    2. Have each participant write the names of two or three infrastructure assets or services they are responsible or accountable for – one name per sticky note.
    3. Have each participant come one-at-a-time and place their sticky notes in one quadrant.
    4. As each additional sticky note is placed, verify with the group that the relative positioning of the others is still accurate.

    Discussion:

    1. Most assets should end up in the lower-right quadrant, indicating that IT has lowered the risk of failure commensurate to the business consequences of a failure. What does this imply about assets in the other three quadrants?
    2. Infrastructure is foundational; do we properly document and communicate all dependencies for business-critical services?
    3. What actions can infrastructure take to adjust the risk profile of any given asset?

    Input

    • List of infrastructure assets

    Output

    • Notional risk analysis

    Materials

    • Whiteboard & markers
    • Sticky notes

    Participants

    • Roadmap team

    3.1.2 Brainstorming and prioritization exercise

    Identify the key elements that make up risk in order to refine your framework.

    A shared notional understanding is good, but in order to bring the business onside a documented defensible framework is better.

    1 hour

    1. Brainstorm (possibly using the affinity diagramming technique) the component elements of IT risk.
    2. Ensure you have a non-overlapping set of risk elements. Ensure that all the participants are comfortable with the definitions of each element. Write them on a whiteboard.
    3. Give each participant an equal number (three to five) of voting dots.
    4. As a group have the participants go the whiteboard and use their dots to cast their votes for what they consider to be the most important risk element(s). Participants are free to place any number of their dots on a single element.
    5. Based on the votes cast select a reasonable number of elements with which to proceed.
    6. For each element selected, brainstorm up to six tiers of the risk scale. You can use numbers or words, whichever is most compelling.
      • E.g. Reliability: no failures, >1 incident per year, >1 incident per quarter, >1 incident per month, frequent issues, unreliable.
    7. Repeat the above except with the components of business risk. Alternately, rely on existing business risk documentation, possibly from a disaster recovery or business continuity plan.

    Discussion
    How difficult was it to agree on the definitions of the IT risk elements? What about selecting the scale? What was the voting distribution like? Were there tiers of popular elements or did most of the dots end up on a limited number of elements? What are the implications of having more elements in the analysis?

    Input

    • Notional risk analysis

    Output

    • Risk elements
    • Scale dimensions

    Materials

    • Whiteboard & markers
    • Voting dots

    Participants

    • Roadmap team

    3.1.3 Forced ranking exercise

    Alternate: Identify the key elements that make up risk in order to refine your framework

    A shared notional understanding is good, but in order to bring the business onside a documented defensible framework is better.

    1 hour

    1. Brainstorm (possibly using the affinity diagramming technique) the component elements of IT risk.
    2. Ensure you have a non-overlapping set of risk elements. Ensure that all the participants are comfortable with the definitions of each element. Write them on a whiteboard.
    3. Distribute index cards (one per participant) with the risk elements written down one side.
    4. Ask the participants to rank the elements in order of importance, with 1 being the most important.
    5. Collect the cards and write the ranking results on the whiteboard.
    6. Look for elements with high variability. Also look for the distribution of 1, 2, and 3 ranks.
    7. Based on the results select a reasonable number of elements with which to proceed.
    8. Follow the rest of the procedure from the previous activity.

    Discussion:

    What was the total number of elements required in order to contain the full set of every participant's first-, second-, and third-ranked risks? Does this seem a reasonable number?

    Why did some elements contain both the lowest and highest rankings? Was one (or more) participant thinking consistently different from the rest of the group? Are they seeing something the rest of the group is overlooking?

    This technique automatically puts the focus on a smaller number of elements – is this effective? Or is it overly simplistic and reductionist?

    Input

    • Notional risk analysis

    Output

    • Risk elements

    Materials

    • Whiteboard & markers
    • Index cards

    Participants

    • Roadmap team

    3.1.4 Consensus weighting

    Use your previous notional assessment to inform your risk weightings:

    1 hour

    1. Distribute index cards that have been prepopulated with the risk elements from the previous activity.
    2. Have the participants independently assign a weighting to each element. The assigned weights must add up to 100.
    3. Collect the cards and transcribe the results into a matrix on the whiteboard.
    4. Look for elements with high variability in the responses.
    5. Discuss and come to a consensus figure for each element's weighting.
    6. Select a variety of assets and services from the notional assessment exercise. Ensure that you have representation from all four quadrants.
    7. Using your newly defined risk elements and associated scales, evaluate as a group the values you'd suggest for each asset. Aim for a plurality of opinion rather than full consensus.
    8. Use Info-Tech's Strategic Infrastructure Roadmap Tool to document the elements, weightings, scales, and asset analysis.
    9. Compare the output generated by the tool (Tab 4) with the initial notional assessment.

    Discussion:

    How much framework is too much? Complexity and granularity do not guarantee accuracy. What is the right balance between effort and result?

    Does your granular assessment match your notional assessment? Why or why not? Do you need to go back and change weightings? Or reduce complexity?

    Is this a more reasonable and valuable way of periodically evaluating your infrastructure?

    Input

    • Notional risk analysis

    Output

    • Weighted risk framework

    Materials

    • Whiteboard & markers
    • Index cards
    • Strategic Infrastructure Roadmap Tool

    Participants

    • Roadmap team

    3.1.5 Platform assessment set-up

    Hard work up front allows for year-over-year comparisons

    The value of a risk framework is that once the heavy lifting work of building it is done, the analysis and assessment can proceed very quickly. Once built, the framework can be tweaked as necessary, rather than recreated every year.

    • Open Info-Tech's Strategic Infrastructure Roadmap Tool, Tab 3.
    • Up to eight elements each of IT and business risk can be captured.
      • IT risk elements of end-of-life and dependencies are mandatory and do not count against the eight customizable elements.
    • Every element can have up to six scale descriptors. Populate them from left to right in increasing magnitude of risk.
      • Scale descriptors must be input as string values and not numeric.
    • Each element's scale can be customized from linear to a risk-adverse or risk-seeking curve. We recommend linear.

    an image of the Platform Assessment Setup Page from Info-Tech's Strategic Infrastructure Roadmap Tool,

    IT platform assessment

    Quickly and easily evaluate all your infrastructure.

    Once configured, individual domain teams can spend surprisingly little time answering reasonably simple questions to assess their assets. The common framework lets results be compared between teams and produces a valuable visualization to communication with the business.

    • Open the Strategic Infrastructure Roadmap Tool, Tab 4.
    • The tool has been tested successfully with up to 2,000 asset items. Don't necessarily list every asset; rather, think of the logical groups of assets you'd cycle in or out of your environment.
    • Each asset must be associated with one and only one infrastructure domain and have a defined End of Service Life date.
    • With extreme numbers of assets an additional filter can be useful – the Grouping field allows you to set any number of additional tags to make sorting and filtering easier.
    • Drop-down menus for each risk element are prepopulated with the scale descriptors from Tab 3. Unused elements are greyed out.
    • Each asset can be deemed dependent on up to four additional assets or services. Use this to highlight obscure or undervalued relationships between assets. It is generally not useful to be reminded that everything relies on Cat 6 cabling.

    A series of screenshots from the IT Platform Assessment.

    Prioritized upgrades

    Validate and tweak your framework with the business

    Once the grunt work of inputting all the assets and the associated risk data has been completed, you can tweak the risk profile and sort the data to whatever the business may require.

    • Open Info-Tech's Strategic Infrastructure Roadmap Tool, Tab 5.
    • IT platforms in the upper-right quadrant have an abundance of IT risk and are critical to the business.
    • The visualization can be sorted by selecting the slicers on the left. Sort by:
      • Infrastructure domain
      • Customized grouping tag
      • Top overall risk platforms
    • With extreme numbers of assets an additional filter can be useful. The Grouping field allows you to set any number of additional tags to make sorting and filtering easier.
    • Risk weightings can be individually adjusted to reflect changing business priorities or shared infrastructure understanding of predictive power.
      • In order to make year-over-year comparisons valuable it is recommended that changing IT risk elements should be avoided unless absolutely necessary.

    An image of a scatter plot graph titled Prioritized Upgrades.

    Step 3.2

    Build the roadmap

    Activities

    3.2.1 Build templates and visualize

    3.2.2 Generate new initiatives

    3.2.3 Repatriate shadow IT initiatives

    3.2.4 Finalize initiative candidates

    This step requires the following inputs:

    • Develop an initiative template
    • Restate the existing initiatives with the template
    • Visualize the existing initiatives
    • Brainstorm new initiatives
    • Initiative ranking
    • Solicit, evaluate, and refine shadow IT initiatives
    • Resource estimation

    This step involves the following participants:

    • Roadmap team

    Outcomes of this step

    • Initiative communication template
    • Roadmap visualization diagram

    Tell them what they really need to know

    Templates transform many disparate sources of data into easy-to-produce, easy-to-consume, business-ready documents.

    Develop a high-level document that travels with the initiative from inception through executive inquiry and project management, and finally to execution. Understand an initiative's key elements that both IT and the business need defined and that are relatively static over its lifecycle.

    Initiatives are the waypoints along a roadmap leading to the eventual destination, each bringing you one step closer. Like steps, initiatives need to be discrete: able to be conceptualized and discussed as a single largely independent item. Each initiative must have two characteristics:

    • Specific outcome: Describe an explicit change in the people, processes, or technology of the enterprise.
    • Target end date: When the described outcome will be in effect.

    "Learn a new skill"– not an effective initiative statement.

    "Be proficient in the new skill by the end of the year" – better.

    "Use the new skill to complete a project and present it at a conference by Dec 15" – best!

    Info-Tech Insight

    Bundle your initiatives for clarity and manageability.
    Ruthlessly evaluate if an initiative should stand alone or can be rolled up with another. Fewer initiatives increases focus and alignment, allowing for better communication.

    3.2.1 Develop impactful templates to sell your initiative upstream

    Step 1: Open Info-Tech's Strategic Roadmap Initiative Template. Determine and describe the goals that the initiative is enabling or supporting.
    Step 2: State the current pain points from the end-user or business perspective. Do not list IT-specific pain points here, such as management complexity.
    Step 3: List both the tangible (quantitative) and ancillary (qualitative) benefits of executing the project. These can be pain relievers derived from the pain points, or any IT-specific benefit not captured in Step 1.
    Step 4: List any enabled capability that will come as an output of the project. Avoid technical capabilities like "Application-aware network monitoring." Instead, shoot for business outcomes like "Ability to filter network traffic based on application type."

    An image of the Move to Office 365, with the numbers 1-4 superimposed over the image.  These correspond to steps 1-4 above.

    Info-Tech Insight

    Sell the project to the mailroom clerk! You need to be able to explain the outcome of the project in terms that non-IT workers can appreciate. This is done by walking as far up the goals cascade as you have defined, which gets to the underlying business outcome that the initiative supports.

    Develop impactful templates to sell your initiative upstream (cont'd)

    Strategic Roadmap Initiative Template, p. 2

    Step 5: State the risks to the business for not executing the project (and avoid restating the pain points).
    Step 6: List any known or anticipated roadblocks that may come before, during, or after executing the project. Consider all aspects of people, process, and technology.
    Step 7: List any measurable objectives that can be used to gauge the success of the projects. Avoid technical metrics like "number of IOPS." Instead think of business metrics such as "increased orders per hour."
    Step 8: The abstract is a short 50-word project description. Best to leave it as the final step after all the other aspects of the project (risks and rewards) have been fully fleshed out. The abstract acts as an executive summary – written last, read first.

    An image of the Move to Office 365, with the numbers 5-8 superimposed over the image.  These correspond to steps 5-8 above.

    Info-Tech Insight

    Every piece of information that is not directly relevant to the interests of the audience is a distraction from the value proposition.

    Working session, presentation, and feedback

    Rewrite your in-flight initiatives to ensure you're capturing all the required information:

    1 hour

    1. Have each participant select an initiative they are responsible or accountable for.
    2. Introduce the template and discuss any immediate questions they might have.
    3. Take 15-20 minutes and have each participant attempt to fill out the template for their initiative.
    4. Have each participant present their initiative to the group.
    5. The group should imagine themselves business leaders and push back with questions or clarification when IT jargon is used.
    6. Look to IT leadership in the room for cues as to what hot button items they've encountered from the business executives.
    7. Debate the merits of each section in the template. Adjust and customize as appropriate.

    Discussion:
    Did everyone use the goal framework adopted earlier? Why not?
    Are there recurring topics or issues that business leaders always seem concerned about?
    Of all the information available, what consistently seems to be the talking points when discussing an initiative?

    Input

    • In-flight initiatives

    Output

    • Completed initiatives templates

    Materials

    • Templates
    • Laptops & internet

    Participants

    • Roadmap team

    3.2.2 Visual representations are more compelling than text alone

    Being able to quickly sort and filter data allows you to customize the visualization and focus on what matters to your audience. Any data that is not immediately relevant to them risks becoming a distraction.

    1. Open the Strategic Infrastructure Roadmap Tool, Tabs 6 and 7.
    2. Up to ten goals can be supported. Input the goals into column F of the tool. Be explicit but brief.
    3. Initiatives and Obstacles can be independently defined, and the tool supports up to five subdivisions of each. Initiative by origin source makes for an interesting analysis but initially we recommend simplicity.
    4. Every Initiative and Obstacle must be given a unique name in column H. Context-sensitive drop-downs let you define the subtype and responsible infrastructure domain.
    5. Three pieces of data are captured for each initiative: Business Impact is the qualitative value to the business; Risk is the qualitative likelihood of failure – entirely or partially (e.g. significantly over budget or delayed); and Effort is a relative measure of magnitude ($ or time). Only the value for Effort must be specified.
    6. Every initiative can claim to support one or many goals by placing an "x" in the appropriate column(s).
    7. On Tab 7 you must select the initiative end date (go-live date). You can also document start date, owner, and manager if required. Remember, though, that the tool does not replace proper project management tools.

    A series of screenshots of tables, labeled A-F

    Decoding your visualization

    Strategic Infrastructure Roadmap Tool, Tab 8, "Roadmap"

    Visuals aren't always as clear as we assume them to be.

    An example of a roadmap visualization found in the Strategic Infrastructure Roadmap Tool

    If you could suggest one thing, what would it be?

    The roadmap is likely the best and most direct way to showcase our ideas to business leadership – take advantage of it.

    We've spent an awful lot of time setting the stage, deciding on frameworks so we agree on what is important. We know how to have an effective conversation – now what do we want to say?

    an image of a roadmap, including inputs passing through infrastructure & Operations; to the Move to Office 365 images found earlier in this blueprint.

    Creative thinking, presentation, and feedback

    Since we're so smart – how could we do it better?

    1 hour

    1. Introduce the Roadmap Initiative Template and discuss any immediate questions the participants might have.
    2. Take 15-20 minutes and have each participant attempt to fill out the template for their initiative candidate.
    3. Have each author present their initiative to the group.
    4. The group should imagine themselves business leaders and push back with questions or clarification when IT jargon is used.
    5. Look to IT leadership in the room for cues as to what hot button items they've encountered from the business executives
    6. Debate the merits of each section in the template. Adjust and customize as appropriate.

    Discussion:
    Did everyone use the goal framework adopted earlier? Why not?
    Do we think we can find business buy-in or sponsorship? Why or why not?
    Are our initiatives at odds with or complementary to the ones proposed through the normal channels?

    Input

    • Everything we know

    Output

    • Initiative candidates

    Materials

    • Info-Tech's Infrastructure Roadmap Initiatives Template
    • Laptops & internet

    Participants

    • Roadmap team

    Forced Ranking Exercise

    Showcase only your best and brightest ideas:

    1 hour

    1. Write the initiative titles from the previous exercise across the top of a whiteboard.
    2. Distribute index cards (one per participant) with the initiative titles written down one side.
    3. Ask each participant to rank the initiatives in order of importance, with 1 being the most important.
    4. Collect the cards and write the ranking results on the whiteboard.
    5. Look at the results with an eye toward high variability. Also look for the distribution of 1, 2, and 3 ranks.
    6. Based on the results, select (through democratic vote or authoritarian fiat – Director or CIO) a reasonable number of initiatives.
    7. Refine the selected initiative templates for inclusion in the roadmap.

    Discussion:
    Do participants tend to think their idea is the best and rank it accordingly?
    If so, then is it better to look at the second, third, and fourth rankings for consensus instead?
    What is a reasonable number of initiatives to suggest? How do we limit ourselves?

    Input

    • Infrastructure initiative candidates

    Output

    • Infrastructure initiatives

    Materials

    • Index cards

    Participants

    • Roadmap team

    Who else might be using technology to solve business problems?

    Shadow IT operates outside of the governance and control structure of Enterprise IT and so is, by definition, a problem. an opportunity!

    Except for that one thing they do wrong, that one small technicality, they may well do everything else right.

    Consider:

    1. Shadow IT evolves to solve a problem or enable an activity for a specific group of users.
    2. This infers that because stakeholders spend their own resources resolving a problem or enabling an action, it is a priority.
    3. The technology choices they've made have been based solely on functionality for value, unrestrained by any legacy of previous decisions.
    4. Staffing demands and procedural issues must be modest or nonexistent.
    5. The users must be engaged, receptive to change, and tolerant of stutter steps toward a goal.

    In short, shadow IT can provide fully vetted infrastructure initiatives that with a little effort can be turned into easy wins on the roadmap.

    Info-Tech Insight

    Shadow IT can include business-ready initiatives, needing only minor tweaking to align with infrastructure's best practices.

    3.2.3 Survey and hack-a-thon

    Negotiate amnesty with shadow IT by evaluating their "hacks" for inclusion on the roadmap.

    1 hour

    1. Put out an open call for submissions across the enterprise. Ask "How do you think technology could help you solve one of your pain points?" Be specific.
    2. Gather the responses into a presentable format and assemble the roadmap team.
    3. Use voting dots (three per person) to filter out a shortlist.
    4. Invite the original author to come in and work with a roadmap team member to complete the template.
    5. Reassemble the roadmap team and use the forced ranking exercise to select initiatives to move forward.

    Discussion:
    Did you learn anything from working directly with in-the-trenches staff? Can those learnings be used elsewhere in infrastructure? Or in larger IT?

    Input

    • End-user ideas

    Output

    • Roadmap initiatives

    Materials

    • Whiteboard & markers
    • Voting dots
    • Index cards
    • Templates

    Participants

    • Enthusiastic end users
    • Roadmap team
    • Infrastructure leader

    3.2.4 Consensus estimation

    Exploit the wisdom of groups to develop reasonable estimates.

    1 hour

    Also called scrum poker (in Agile software circles), this method reduces anchoring bias by requiring all participants to formulate and submit their estimates independently and simultaneously.

    Equipment: A typical scrum deck shows the Fibonacci sequence of numbers, or similar progression, with the added values of ∞ (project too big and needs to be subdivided), and a coffee cup (need a break). Use of the (mostly) Fibonacci sequence helps capture the notional uncertainty in estimating larger values.

    1. The infrastructure leader, who will not play, moderates the activity. A "currency" of estimation is selected. This could be person, days, or weeks, or a dollar value in the thousands or tens of thousands – whatever the group feels they can speak to authoritatively.
    2. The author of each initiative gives a short overview, and the participants are given the chance to ask questions and clarify assumptions and risks.
    3. Participants lay a card representing their estimate face down on the table. Estimates are revealed simultaneously.
    4. Participants with the highest and lowest estimates are given a soapbox to offer justification. The author is expected to provide clarifications. The moderator drives the conversation.
    5. The process is repeated until consensus is reached (decided by the moderator).
    6. To structure discussion, the moderator can impose time limits between rounds.

    Discussion:

    How often was the story unclear? How often did participants have to ask for additional information to make their estimate? How many rounds were required to reach consensus?
    Does number of person, days, or weeks, make more sense than dollars? Should we estimate both independently?
    Source: Scrum Poker

    Input

    • Initiative candidates from previous activity

    Output

    • Resourcing estimates

    Materials

    • Scrum poker deck

    Participants

    • Roadmap team

    Hard work up front allows for year-over-year comparisons

    Open the Strategic Infrastructure Roadmap Tool, Tab 6, "Initiatives & Goals" and Tab 7, "Timeline"

    Add your ideas to the visualization.

    • An initiative subtype can be useful here to differentiate infrastructure-sponsored initiatives from traditional ones.
    • Goal alignment is as important as always – ideally you want your sponsored initiatives to fill gaps or support the highest-priority business goals.
    • The longer-term roadmap is an excellent parking lot for ideas, especially ones the business didn't even know they wanted. Make sure to pull those ideas forward, though, as you repeat the process periodically.

    An image containing three screenshots of timeline tables from the Strategic Infrastructure Roadmap Tool

    Pulling it all together – the published report

    We started with eight simple questions. Logically, the answers suggest sections for a published report. Developing those answers in didactic method is effective and popular among technologists as answers build upon each other. Business leaders and journalists, however, know never to bury the lead.

    Report Section Title Roadmap Activity or Step
    Sunshine diagram Visualization
    Priorities Understand business goals
    Who we help Evaluate intake process
    How we can help Create initiatives
    What we're working on Review initiatives
    How you can help us Assess roadblocks
    What is new Assess new technology
    How we spend our day Conduct a time study
    What we have Assess IT platform
    We can do better! Identify process optimizations

    Summary of Accomplishment

    Review performance from last fiscal year

    • Analyzed and communicated the benefits and value realized from IT's strategic initiatives in the past fiscal year.
    • Analyzed and prioritized diagnostic data insights to communicate IT success stories.
    • Elicited important retrospective information such as KPIs, financials, etc. to build IT's credibility as a strategic business partner.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Phase 4

    Communicate and Improve the Process

    Phase 1

    Phase 2

    Phase 3

    Phase 4

    1.1 Infrastructure strategy

    1.2 Goal alignment

    2.1 Define your future

    2.2 Conduct constraints analysis

    3.1 Drive business alignment

    3.2. Build the roadmap

    4.1 Identify the audience

    4.2 Process improvement

    and measurements

    This phase will walk you through the following activities:

    • Identify authors and target audiences
    • Understand the planning process
    • Identify if the process outputs have value
    • Set up realistic KPIs

    This phase involves the following participants:

    • CIO
    • Roadmap team

    Step 4.1

    Identify the audience

    Activities

    4.1.1 Identify required authors and target audiences

    4.1.2 Planning the process

    4.1.3 Identifying supporters and blockers

    This step requires the following inputs:

    • Identify required authors and target audiences
    • Plan the process
    • Identify supporters and blockers

    This step involves the following participants:

    • CIO
    • Roadmap team

    Outcomes of this step

    • Process schedule
    • Communication strategy

    Again! Again!

    And you thought we were done. The roadmap is a process. Set a schedule and pattern to the individual steps.

    Publishing an infrastructure roadmap once a year as a lead into budget discussion is common practice. But this is just the last in a long series of steps and activities. Balance the effort of each activity against its results to decide on a frequency. Ensure that the frequency is sufficient to allow you to act on the results if required. Work backwards from publication to develop the schedule.

    an image of a circle of questions around the Infrastructure roadmap.

    A lot of work has gone into creating this final document. Does a single audience make sense? Who else may be interested in your promises to the business? Look back at the people you've asked for input. They probably want to know what this has all been about. Publish your roadmap broadly to ensure greater participation in subsequent years.

    4.1.1 Identify required authors and target audiences

    1 hour

    Identification and association

    Who needs to hear (and more importantly believe) your message? Who do you need to hear from? Build a communications plan to get the most from your roadmap effort.

    1. Write your eight roadmap section titles in the middle of a whiteboard.
    2. Make a list of everyone who answered your questions during the creation of this roadmap. Write these names on a single color of sticky notes and place them on the left side.
    3. Make a list of everyone who would be (or should be) interested in what you have to say. Write these names on a different single color of sticky notes and place them on the right side.
    4. Draw lines between the stickies and the relevant section of the roadmap. Solid lines indicate a must have communication while dashed lines indicate a nice-to-have communication.
    5. Come to a consensus.

    Discussion:

    How many people appear in both lists? What are the implications of that?

    Input

    • Roadmap sections

    Output

    • Roadmap audience and contributors list

    Materials

    • Whiteboard & markers
    • Sticky notes

    Participants

    • Roadmap team

    4.1.2 Planning the process and scheduling

    The right conversation at the right time

    Due Date (t) Freq Mode Participants Infrastructure Owner
    Update & Publish

    Start of Budget Planning

    Once

    Report

    IT Steering Committee

    Infrastructure Leader or CIO

    Evaluate Intakes

    (t) - 2 months

    (t) - 8 months

    Biannually

    Review

    PMO

    Service Desk

    Domain Heads

    Assess Roadblocks

    (t) - 2 months

    (t) - 5 months

    (t) - 8 months

    (t) - 11 months

    Quarterly

    Brainstorming & Consensus

    Domain Heads

    Infrastructure Leader

    Time Study

    (t) - 1 month

    (t) - 4 months

    (t) - 7 months

    (t) - 10 months

    Quarterly

    Assessment

    Domain Staff

    Domain Heads

    Inventory Assessment

    (t) - 2 months

    Annually

    Assessment

    Domain Staff

    Domain Heads

    Business Goals

    (t) - 1 month

    Annually

    Survey

    Line of Business Managers

    Infrastructure Leader or CIO

    New Technology Assessment

    monthly

    (t) - 2 months

    Monthly/Annually

    Process

    Domain Staff

    Infrastructure Leader

    Initiative Review

    (t) - 1 month

    (t) - 4 months

    (t) - 7 months

    (t) - 10 months

    Quarterly

    Review

    PMO

    Domain Heads

    Infrastructure Leader

    Initiative Creation

    (t) - 1 month

    Annually

    Brainstorming & Consensus

    Roadmap Team

    Infrastructure Leader

    The roadmap report is just a point-in-time snapshot, but to be most valuable it needs to come at the end of a full process cycle. Know your due date, work backwards, and assign responsibility.

    Discussion:

    1. Do each of the steps make sense? Is the outcome clear and does it flow naturally to where it will be useful?
    2. Is the effort required for each step commensurate with its value? Are we doing to much for not enough return?
    3. Are we acting on the information we're gathering? Is it informing or changing decisions throughout the year or period?

    Input

    • Roadmap sections

    Output

    • Roadmap process milestones

    Materials

    • Whiteboard & markers
    • Template

    Participants

    • Roadmap team

    Tailor your messaging to secure stakeholders' involvement and support

    If your stakeholders aren't on board, you're in serious trouble.

    Certain stakeholders will not only be highly involved and accountable in the process but may also be responsible for approving the roadmap and budget, so it's essential that you get their buy-in upfront.

    an image of a quadrant analysis, comparing levels of influence and support.

    an image of a quadrant analysis, comparing levels of influence and support.

    4.1.3 Identifying supporters and blockers

    Classification and Strategy

    1 hour

    You may want to restrict participation to senior members of the roadmap team only.

    This activity requires a considerable degree of candor in order to be effective. It is effectively a political conversation and as such can be sensitive.

    Steps:

    1. Review your sticky notes from the earlier activity (list of input and output names).
    2. Place each name in the corresponding quadrant of a 2x2 matrix like the one on the right.
    3. Come to a consensus on the placement of each sticky note.

    Input

    • Roadmap audience and contributors list

    Output

    • Communications strategy & plan

    Materials

    • Whiteboard & markers
    • Sticky notes

    Participants

    • Senior roadmap team

    Step 4.2

    Process improvement

    Activities

    4.2.1 Evaluating the value of each process output

    4.2.2 Brainstorming improvements

    4.2.3 Setting realistic measures

    This step requires the following inputs:

    • Evaluating the efficacy of each process output
    • Brainstorming improvements
    • Setting realistic measures

    This step involves the following participants:

    • Roadmap team

    Outcomes of this step

    • Process map
    • Process improvement plan

    Continual improvement

    Not just for the DevOps hipsters!

    You started with a desire – greater satisfaction with infrastructure from the business. All of the inputs, processes, and outputs exist only, and are designed solely, to serve the attainment of that outcome.

    The process outlined is not dogma; no element is sacrosanct. Ruthlessly evaluate the effectiveness of your efforts so you can do better next time.

    You would do no less after a server migration, network upgrade, or EUC rollout.

    Consider these four factors to help make your infrastructure roadmap effort more successful.

    Leadership
    If infrastructure leaders aren't committed, then this will quickly become an exercise of box-checking rather than candid communication.

    Data
    Quantitative or qualitative – always try to go where the data leads. Reduce unconscious bias and be surprised by the insight uncovered.

    Metrics
    Measurement allows management but if you measure the wrong thing you can game the system, cheating yourself out of the ultimate prize.

    Focus
    Less is sometimes more.

    4.2.1 Evaluating the value of each process output

    Understanding why and how individual steps are effective (or not) is how we improve the outcome of any process.

    1 hour

    1. List each of the nine roadmap steps on the left-hand side of a whiteboard.
    2. Ask the participants "Why was this step included? Did it accomplish its objective?" Consider using a reduced scale affinity diagramming exercise for this step.
    3. Consider the priority characteristics of each step; try to be as universal as possible (every characteristic will ideally apply to each step).
    4. Include two columns at the far right: "Improvement" and "Expected Change."
    5. Populate the table. If this is your first time, brainstorm reasonable objectives for your left-hand columns. Otherwise, document the reality of last year and focus on brainstorming the right-hand columns.
    6. Optional: Conduct a thought experiment and brainstorm tension metrics to establish whether the process is driving the outcomes we desire.
    7. Optional: Consider Info-Tech's assertion about the four things a roadmap can do. Brainstorm KPIs that you can measure yearly. What else would you want the roadmap to be able to do?

    Discussion:

    Did the group agree on the intended outcome of each step? Did the group think the step was effective? Was the outcome clear and did it flow naturally to where it was useful?
    Is the effort required for each step commensurate with its value? Are we doing too much for not enough return?
    Are we acting on the information we're gathering? Is it informing or changing decisions throughout the year or period?

    Input

    • Roadmap process steps

    Output

    • Process map
    • Improvement targets & metrics

    Materials

    • Whiteboard & markers
    • Sticky notes
    • Process Map Template (see next slide)

    Participants

    • Roadmap team

    Process map template

    Replace the included example text with your inputs.

    Freq.MethodMeasuresSuccess criteria

    Areas for improvement

    Expected change

    Evaluate intakesBiannuallyPMO Intake & Service RequestsProjects or Initiatives% of departments engaged

    Actively reach out to underrepresented depts.

    +10% engagement

    Assess roadblocksQuarterlyIT All-Staff MeetingRoadblocks% of identified that have been resolved

    Define expected outcomes of removing roadblock

    Measurable improvements

    Time studyQuarterly IT All-Staff MeetingTimeConfidence value of data

    Real data sources (time sheets, tools, etc.)

    85% of sources defensible

    Legacy asset assessmentAnnuallyDomain effortAsset Inventory Completeness of Inventory
    • Compare against Asset Management database
    • Track business activity by enabling asset(s)
    • > 95% accuracy/
      completeness
    • Easier business risk framework conversations
    Understand business goalsAnnuallyRoadmap MeetingGoal listGoal specificity

    Survey or interview leadership directly

    66% directly attributable participation

    New technology assessmentMonthly/AnnuallyTeam/Roadmap MeetingTechnologies Reviewed IT staff participation/# SWOTs

    Increase participation from junior members

    50% presentations from junior members

    Initiative review

    Quarterly

    IT All-Staff Meeting

    • Status Review
    • Template usage
    • Action taken upon review
    • Template uptake
    • Identify predictive factors
    • Improve template
    • 25% of yellow lights to green
    • -50% requests for additional info

    Initiative creation

    Annually Roadmap MeetingInitiatives# of initiatives proposedBusiness uptake+25% sponsorship in 6 months (biz)

    Update and publish

    AnnuallyPDF reportRoadmap Final ReportLeadership engagement Improve audience reach+15% of LoB managers have read the report

    Establish baseline metrics

    Baseline metrics will improve through:

    1. Increased communication. More information being shared to more people who need it.
    2. Better planning. More accurate information being shared.
    3. Reduced lead times. Less due diligence or discovery work required as part of project implementations.
    4. Faster delivery times. Less less-valuable work, freeing up more time to project work.
    Metric description Current metric Future goal
    # of critical incidents resulting from equipment failure per month
    # of service provisioning delays due to resource (non-labor) shortages
    # of projects that involve standing up untested (no prior infrastructure PoC) technologies
    # of PoCs conducted each year
    # of initiatives proposed by infrastructure
    # of initiatives proposed that find business sponsorship in >1yr
    % of long-term projects reviewed as per goal framework
    # of initiatives proposed that are the only ones supporting a business goal
    # of technologies deployed being used by more than the original business sponsor
    # of PMO delays due to resource contention

    Insight Summary

    Insight 1

    Draw the first picture.

    Highly engaged and effective team members are proactive rather than reactive. Instead of waiting for clear inputs from the higher ups, take what you do know, make some educated guesses about the rest, and present that to leadership. Where thinking diverges will be crystal clear and the necessary adjustments will be obvious.

    Insight 2

    Infrastructure must position itself as the broker for new technologies.

    No man is an island; no technology is a silo. Infrastructure's must ensure that everyone in the company benefits from what can be shared, ensure those benefits are delivered securely and reliably, and prevent the uninitiated from making costly technological mistakes. It is easier to lead from the front, so infrastructure must stay on top of available technology.

    Insight 3

    The roadmap is a process that is business driven and not a document.

    In an ever-changing world the process of change itself changes. We know the value of any specific roadmap output diminishes quickly over time, but don't forget to challenge the process itself from time to time. Striving for perfection is a fool's game; embrace constant updates and incremental improvement.

    Insight 4

    Focus on the framework, not the output.

    There usually is no one right answer. Instead make sure both the business and infrastructure are considering common relevant elements and are working from a shared set of priorities. Data then, rather than hierarchical positioning or a d20 Charisma roll, becomes the most compelling factor in making a decision. But since your audience is in hierarchical ascendency over you, make the effort to become familiar with their language.

    4.2.3 Track metrics throughout the project to keep stakeholders informed

    An effective strategic infrastructure roadmap should help to:

    1. Initiate a schedule of infrastructure projects to achieve business goals.
    2. Adapt to feedback from executives on changing business priorities.
    3. Curate a portfolio of enabling technologies that align to the business whether growing or stabilizing.
    4. Manage the lifecycle of aging equipment in order to meet capacity demands.
    Metric description

    Metric goal

    Checkpoint 1

    Checkpoint 2

    Checkpoint 3

    # of critical incidents resulting from equipment failure per month >1
    # of service provisioning delays due to resource (non-labor) shortages >5
    # of projects that involve standing up untested (no prior infrastructure PoC) technologies >10%
    # of PoCs conducted each year 4
    # of initiatives proposed by infrastructure 4
    # of initiatives proposed that find business sponsorship in >1 year 1
    # of initiatives proposed that are the only ones supporting a business goal 1
    % of long-term projects reviewed as per goal framework 100%

    Summary of Accomplishment

    Review performance from last fiscal year

    • Analyzed and communicated the benefits and value realized from IT's strategic initiatives in the past fiscal year.
    • Analyzed and prioritized diagnostic data insights to communicate IT success stories.
    • Elicited important retrospective information such as KPIs, financials, etc. to build IT's credibility as a strategic business partner.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Related Info-Tech Research

    Build a Business-Aligned IT Strategy
    Success depends on IT initiatives clearly aligned to business goals, IT excellence, and driving technology innovation.

    Document your Cloud Strategy
    A cloud strategy might seem like a big project, but it's just a series of smaller conversations. The methodology presented here is designed to facilitate those conversations using a curated list of topics, prompts, participant lists, and sample outcomes. We have divided the strategy into four key areas.

    Develop an IT Asset Management Strategy
    ITAM is a foundational IT service that provides accurate, accessible, actionable data on IT assets. But there's no value in data for data's sake. Enable collaboration between IT asset managers, business leaders, and IT leaders to develop an ITAM strategy that maximizes the value they can deliver as service provider.

    Infrastructure & Operations Research Center
    Practical insights, tools, and methodologies to systematically improve IT Infrastructure & Operations.

    Summary of Accomplishment

    Knowledge gained

    • Deeper understanding of business goals and priorities
    • Key data the business requires for any given initiative
    • Quantification of risk
    • Leading criteria for successful technology adoption

    Processes optimized

    • Infrastructure roadmap
    • Initiative creation, estimation, evaluation, and prioritization
    • Inventory assessment for legacy infrastructure debt
    • Technology adoption

    Deliverables completed

    • Domain time study
    • Initiative intake analysis
    • Prioritized roadblock list
    • Goal listing
    • IT and business risk frameworks
    • Infrastructure inventory assessment
    • New technology analyzes
    • Initiative templates
    • Initiative candidates
    • Roadmap visualization
    • Process schedule
    • Communications strategy
    • Process map
    • Roadmap report

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Bibliography

    "10 Essential KPIs for the IT Strategic Planning Process." Apptio Inc, Dec. 2021. Accessed Nov. 2022.
    Amos, Justin. "8 areas your 2022 IT Infrastructure roadmap should cover." Soma, 24 Jan 2022 Accessed Nov. 2022
    Ahmed, Anam. "Importance of Mission Vision in Organizational Strategy." Chron, 14 March 2019. Accessed 10 May 2021. ."
    Barker, Joel A. "Joel A Barker Quote about Vision." Joel A Barker.com. Accessed 10 Nov 2022
    Bhagwat, Swapnil ."Top IT Infrastructure Management Strategies For 2023 , Atlas Systems, 23 Oct 2022. Accessed Nov. 2022.
    Blank, Steve. "You're Better Off Being A Fast Follower Than An Originator." Business Insider. 5 Oct. 2010. Web.
    Bridges, Jennifer . "IT Risk Management Strategies and Best Practices." Project Manager, 6 Dec 2019. Accessed Nov. 2022.
    "Building a Technology Roadmap That Stabilizes and Transforms." Collegis Education. Accessed Dec 2022.
    Collins, Gavin. "WHY AN IT INFRASTRUCTURE ROAD MAP?." Fifth Step, Date unknown. Accessed Nov. 2022.
    "Define the Business Context Needed to Complete Strategic IT Initiatives: 2018 Blueprint - ResearchAndMarkets.com." Business Wire, 1 Feb. 2018. Accessed 9 June 2021.
    De Vos, Colton. “Well-Developed IT Strategic Plan Example." Resolute Tech Solutions, 6 Jan 2020. Accessed Nov. 2022.
    Gray, Dave. "Post-Up." Gamestorming, 15 Oct. 2010. Accessed 10 Nov 2022
    Helm, Clay. "Majority of Surveyed Companies are Not Prepared for IT Needs of the Future." IBM Study, 4 Jan 2021. Accessed Nov. 2022.
    Hertvik, Joe. "8 Components of A Great IT Strategy, BMC Blogs, 29 May. 2020. Accessed Nov. 2022.
    ISACA, "Effective governance at your Fingertips". COBIT Framework, Accessed Dec 2022
    "IT Guiding Principles." Office of Information Technology, NC State University, 2014-2020. Accessed 9 Nov 2022.
    ""IT Infrastructure That Makes Employees Happier." Network Doctor, 2021. Accessed Dec 2022
    "IT Road mapping Helps Dura Remain at the Forefront of Auto Manufacturing." Performance Improvement Partners, ND. Accessed Dec 2022.
    ITtoolkit.com. "The IT Vision: A Strategic Path to Lasting IT Business Alignment." ITtoolkit Magazine, 2020. Accessed 9 June 2021.
    Kark, Khalid. "Survey: CIOs Are CEOs' Top Strategic Partner." CIO Journal, The Wall Street Journal, 22 May 2020. Accessed 11 May 2021.
    Kimberling, Eric. "What is "Future State" and Why is it Important?" Third Stage Consulting, 11 June 2021. Accessed Nov. 2022.
    Kishore. "The True Cost of Keeping the Lights On." Optanix, 1 Feb. 2017. Accessed Nov. 2022.
    Lakein, Alan. Libquotes.
    Mindsight. "THE ULTIMATE GUIDE TO CREATING A TECHNOLOGY ROADMAP" Mind sight, 12 Dec 2021. Accessed Nov. 2022.
    Milani, F. (2019). Future State Analysis. In: Digital Business Analysis. Springer, Cham. https://doi.org/10.1007/978-3-030-05719-0_13
    Newberry, Dennis. "Meeting the Challenges of Optimizing IT Cost and Capacity Management." BMC, 2021, Accessed 12 Nov 2022.
    Peek, Sean. "What Is a Vision Statement?" Business News Daily, 7 May 2020. Accessed 10 Nov 2022.
    Ramos, Diana. "Infrastructure Management 101: A Beginner's Guide to IT Infrastructure Management." Smartsheet.com. 30 Nov 2021. Accessed 09 Dec 2022.
    Ramsey, Dave. "Dave Rant: How to Finally Take Control of Your Money." Ramseysolutions. 26 Aug 2021. Accessed 10 Nov 2022.
    Richards-Gustafson, Flora. "5 Core Operational Strategies." Chron, 8 Mar 2019. Accessed 9 June 2021.
    Richardson, Nigel. "What are the differences between current and future state maps?." Nexus, 18 Oct 2022. Accessed Nov. 2022.
    Roush, Joe. "IT Infrastructure Planning: How To Get Started." BMC. 05 January, 2018. Accessed 24 Jan 2023.
    Shields, Corey. "A Complete Guide to IT Infrastructure Management." Ntiva, 15 Sept. 2020. Accessed 28 Nov. 2022.
    Snow, Shane. "Smartcuts: How Hackers, Innovators, and Icons Accelerate Success." Harper Business, 2014.
    Strohlein, Marc. "The CIO's Guide to Aligning IT Strategy with the Business." IDC, 2019. Accessed Nov 2022.
    Sull, Sull, and Yoder. "No One Knows Your Strategy — Not Even Your Top Leaders." MIT Sloan. 12 Feb 2018. Accessed 26 Jan 2023.
    "Team Purpose & Culture." Hyper Island. Accessed 10 Nov. 2022
    "Tech Spend Pulse, 2022." Flexera, Jan 2022, Accessed 15 Nov 2022
    "Tech Spend Pulse." Flexera, Dec. 2022. Accessed Nov. 2022.
    "The Definitive Guide to Developing an IT Strategy and Roadmap" CIO Pages.com , 5 Aug 13 2022. Accessed 30 Nov. 2022.
    Wei, Jessica. "Don't Tell Me Where Your Priorities Are – James W. Frick." Due.com, 21 Mar 2022. Accessed 23 Nov 2022.
    Zhu, Pearl. "How to Set Guiding Principles for an IT Organization." Future of CIO, 1 July 2013. Accessed 9 June 2021.

    Implement an IT Chargeback System

    • Buy Link or Shortcode: {j2store}71|cart{/j2store}
    • member rating overall impact: 8.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Cost & Budget Management
    • Parent Category Link: /cost-and-budget-management
    • Business units voraciously consume IT services and don’t understand the actual costs of IT. This is due to lack of IT cost transparency and business stakeholder accountability for consumption of IT services.
    • Business units perceive IT costs as uncompetitive, resulting in shadow IT and a negative perception of IT.
    • Business executives have decided to implement an IT chargeback program and IT must ensure the program succeeds.

    Our Advice

    Critical Insight

    Price IT services so that business consumers find them meaningful, measurable, and manageable:

    • The business must understand what they are being charged for. If they can’t understand the value, you’ve chosen the wrong basis for charge.
    • Business units must be able to control and track their consumption levels, or they will feel powerless to control costs and you’ll never attain real buy-in.

    Impact and Result

    • Explain IT costs in ways that matter to the business. Instead of focusing on what IT pays for, discuss the value that IT brings to the business by defining IT services and how they serve business users.
    • Develop a chargeback model that brings transparency to the flow of IT costs through to business value. Demonstrate how a good chargeback model can bring about fair “pay-for-value” and “pay-for-what-you-use” pricing.
    • Communicate IT chargeback openly and manage change effectively. Business owners will want to know how their profit and loss statements will be affected by the new pricing model.

    Implement an IT Chargeback System Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should implement an IT chargeback program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Launch

    Make the case for IT chargeback, then assess the financial maturity of the organization and identify a pathway to success. Create a chargeback governance model.

    • Implement IT Chargeback – Phase 1: Launch
    • IT Chargeback Kick-Off Presentation

    2. Define

    Develop a chargeback model, including identifying user-facing IT services, allocating IT costs to services, and setting up the chargeback program.

    • Implement IT Chargeback – Phase 2: Define
    • IT Chargeback Program Development & Management Tool

    3. Implement

    Communicate the rollout of the IT chargeback model and establish a process for recovering IT services costs from business units.

    • Implement IT Chargeback – Phase 3: Implement
    • IT Chargeback Communication Plan
    • IT Chargeback Rollout Presentation
    • IT Chargeback Financial Presentation

    4. Revise

    Gather and analyze feedback from business owners, making necessary modifications to the chargeback model and communicating the implications.

    • Implement IT Chargeback – Phase 4: Revise
    • IT Chargeback Change Communication Template
    [infographic]

    Workshop: Implement an IT Chargeback System

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Kick-Off IT Chargeback

    The Purpose

    Make the case for IT chargeback.

    Identify the current and target state of chargeback maturity.

    Establish a chargeback governance model.

    Key Benefits Achieved

    Investigated the benefits and challenges of implementing IT chargeback.

    Understanding of the reasons why traditional chargeback approaches fail.

    Identified the specific pathway to chargeback success.

    Activities

    1.1 Investigate the benefits and challenges of implementing IT chargeback

    1.2 Educate business owners and executives on IT chargeback

    1.3 Identify the current and target state of chargeback maturity

    1.4 Establish chargeback governance

    Outputs

    Defined IT chargeback mandate

    IT chargeback kick-off presentation

    Chargeback maturity assessment

    IT chargeback governance model

    2 Develop the Chargeback Model

    The Purpose

    Develop a chargeback model.

    Identify the customers and user-facing services.

    Allocate IT costs.

    Determine chargeable service units.

    Key Benefits Achieved

    Identified IT customers.

    Identified user-facing services and generated descriptions for them.

    Allocated IT costs to IT services.

    Identified meaningful, measurable, and manageable chargeback service units.

    Activities

    2.1 Identify user-facing services and generate descriptions

    2.2 Allocate costs to user-facing services

    2.3 Determine chargeable service units and pricing

    2.4 Track consumption

    2.5 Determine service charges

    Outputs

    High-level service catalog

    Chargeback model

    3 Communicate IT Chargeback

    The Purpose

    Communicate the implementation of IT chargeback.

    Establish a process for recovering the costs of IT services from business units.

    Share the financial results of the charge cycle with business owners.

    Key Benefits Achieved

    Managed the transition to charging and recovering the costs of IT services from business units.

    Communicated the implementation of IT chargeback and shared the financial results with business owners.

    Activities

    3.1 Create a communication plan

    3.2 Deliver a chargeback rollout presentation

    3.3 Establish a process for recovering IT costs from business units

    3.4 Share the financial results from the charge cycle with business owners

    Outputs

    IT chargeback communication plan

    IT chargeback rollout presentation

    IT service cost recovery process

    IT chargeback financial presentation

    4 Review the Chargeback Model

    The Purpose

    Gather and analyze feedback from business owners on the chargeback model.

    Make necessary modifications to the chargeback model and communicate implications.

    Key Benefits Achieved

    Gathered business stakeholder feedback on the chargeback model.

    Made necessary modifications to the chargeback model to increase satisfaction and accuracy.

    Managed changes by communicating the implications to business owners in a structured manner.

    Activities

    4.1 Address stakeholder pain points and highly disputed costs

    4.2 Update the chargeback model

    4.3 Communicate the chargeback model changes and implications to business units

    Outputs

    Revised chargeback model with business feedback, change log, and modifications

    Chargeback change communication

    Define Your Virtual and Hybrid Event Requirements

    • Buy Link or Shortcode: {j2store}64|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: End-User Computing Applications
    • Parent Category Link: /end-user-computing-applications

    Your organization is considering holding an event online, or has been, but:

    • The organization (both on the business and IT sides) may not have extensive experience hosting events online.
    • It is not immediately clear how your formerly in-person event’s activities translate to a virtual environment.
    • Like the work-from-home transformation, bringing events online instantly expands IT’s role and responsibilities.

    Our Advice

    Critical Insight

    If you don't begin with strategy, you will fit your event to technology, instead of the other way around.

    Impact and Result

    To determine your requirements:

    • Determine the scope of the event.
    • Narrow down your list of technical requirements.
    • Use Info-Tech’s Rapid Application Selection Framework to select the right software solution.

    Define Your Virtual and Hybrid Event Requirements Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define Your Virtual and Hybrid Event Requirements Storyboard – Use this storyboard to work through key decision points involved in creating digital events.

    This deck walks you through key decision points in creating virtual or hybrid events. Then, begin the process of selecting the right software by putting together the first draft of your requirements for a virtual event software solution.

    • Define Your Virtual and Hybrid Event Requirements Storyboard

    2. Virtual Events Requirements Tool – Use this tool to begin selecting your requirements for a digital event solution.

    The business should review the list of features and select which ones are mandatory and which are nice to have or optional. Add any features not included.

    • Virtual/Hybrid Event Software Feature Analysis Tool
    [infographic]

    Further reading

    Define Your Virtual and Hybrid Event Requirements

    Accelerate your event scoping and software selection process.

    Analyst Perspective

    When events go virtual, IT needs to cover its bases.

    The COVID-19 pandemic imposed a dramatic digital transformation on the events industry. Though event ticket and registration software, mobile event apps, and onsite audio/visual technology were already important pieces of live events, the total transformation of events into online experiences presented major challenges to organizations whose regular business operations involve at least one annual mid-sized to large event (association meetings, conferences, trade shows, and more).

    Many organizations worked to shift to online, or virtual events, in order to maintain business continuity. As time went on, and public gatherings began to restart, a shift to “hybrid” events began to emerge—events that accommodate both in-person and virtual attendance. Regardless of event type, this pivot to using virtual event software, or digital event technology, brings events more closely into IT’s areas of responsibility. If you don't begin with strategy, you risk fitting your event to technology, instead of the other way around.

    If virtual and hybrid events are becoming standard forms of delivering content in your organization, use Info-Tech’s material to help define the scope of the event and your requirements, and to support your software selection process.

    Photo of Emily Sugerman
    Emily Sugerman
    Research Analyst, Infrastructure & Operations
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    The organization (both on the business and IT sides) may not have extensive experience hosting events online.

    It is not immediately clear how a formerly in-person event’s activities translate to a virtual environment.

    Like the work-from-home transformation, bringing events online expands IT’s role and responsibilities.

    Common Obstacles

    It is not clear what technological capabilities are needed for the event, which capabilities you already own, and what you may need to purchase.

    Though virtual events remove some barriers to attendance (distance, travel), it introduces new complications and considerations for planners.

    Hybrid events introduce another level of complexity.

    Info-Tech’s Approach

    In order to determine your requirements:

    Determine the scope of the event.

    Narrow down your list of technical requirements.

    Use Info-Tech’s Rapid Application Selection Framework to select the right software solution.

    Info-Tech Insight

    If you don't begin with strategy, you will fit your event to technology, instead of the other way around.

    Your challenge

    The solution you have been using for online events does not meet your needs.

    Though you do have some tools that support large meetings, it is not clear if you require a larger and more comprehensive virtual event solution. There is a need to determine what type of technology you might need to purchase versus leveraging what you already have.

    It is difficult to quickly and practically identify core event requirements and how they translate into technical capabilities.

    Maintaining or improving audience engagement is a perpetual challenge for virtual events.

    38%
    of event professionals consider virtual event technology “a tool for reaching a wider audience as part of a hybrid strategy.”

    21%
    consider it “a necessary platform for virtual events, which remain my go-to event strategy.”

    40%
    prioritize “mid-budget all-in-one event tech solution that will prevent remote attendees from feeling like second-class participants.”

    Source: Virtual Event Tech Guide, 2022

    Common obstacles

    These barriers make this challenge difficult to address for many organizations.

    Events with networking objectives are not always well served by webinars, which are traditionally more limited in their interactive elements.

    Events that include the conducting of organizational/association business (like voting) may have bylaws that make selecting a virtual solution more challenging.

    Maintaining attendee engagement is more challenging in a virtual environment.

    Prior to the pandemic, your organization may not have been as experienced in putting on fully virtual events, putting more responsibility in your corner as IT. Navigating virtual events can also require technological competencies that your attendee userbase may not universally possess.

    Technological limitations and barriers to access can exclude potential attendees just as much as bringing events online can open up attendance to new audiences.

    Opportunity: Virtual events can significantly increase an event’s reach

    Events held virtually during the pandemic noted significant increases in attendees.

    “We had 19,000 registrations from all over the world, almost 50 times the number of people we had expected to host in Amsterdam. . . . Most of this year’s [2020] attendees would not have been able to participate in a physical GrafanaCon in Amsterdam. That was a huge win.” – Raj Dutt, Grafana Labs CEO[5]

    Event In-person Online 2022
    Microsoft Build 2019: 6,000 attendees 2020: 230,000+ registrants[1] The 2022 conference was also held virtually[3]
    Stanford Institute for Human-Centered Artificial Intelligence A few hundred attendees expected for the original (cancelled) 2020 in-person conference 2020: 30,000 attendees attended the “COVID-19 and AI” virtual conference[2] The 2022 Spring Conference was a hybrid event[4]

    [1] Kelly, 2020; [2] Price, 2020; [3] Stanford Digital Economy Lab, 2022; [4] Warren, 2022; [5] Fast Company, 2020

    Info-Tech’s methodology for defining virtual/hybrid event requirements

    A diagram that shows defining event scope, creating list of requirements, and selecting software.

    Event planning phases

    Apply project management principles to your virtual/hybrid event planning process.

    Online event planning should follow the same established principles as in-person event planning.
    Align the event’s concept and objectives with organizational goals.

    A diagram of event planning phases
    Source: Adapted from Event Management Body of Knowledge, CC BY 4.0

    Gather inputs to the planning processes

    Acquire as much of this information as possible before you being the planning process.

    Budget: Determine your organization’s budget for this event to help decide the scope of the event and the purchasing decisions you make as you plan.

    Internal human resources: Identify who in your organization is usually involved in the organization of this event and if they are available to organize this one.

    List of communication and collaboration tools: Acquire the list of the existing communication and collaboration tools you are currently licensed for. Ensure you know the following information about each tool:

    • Type of license
    • License limitations (maximum number of users)
    • Internal or external-facing tool (or capable of both)
    • Level of internal training and competency on the tool

    Decision point: Relate event goals to organizational goals

    What is driving the event?

    Your organization may hold a variety of in-person events that you now wish, for various reasons, to hold fully or partially online. Each event likely has a slightly different set of goals.

    Before getting into the details of how to transition your event online, return to the business/organizational goals the event is serving.

    Ensure each event (and each component of each event) maps back to an organizational goal.

    If a component of the event does not align to an organizational goal, assess whether it should remain as part of the event.

    Common organizational goals

    • Increase revenue
    • Increase productivity
    • Attract and retain talent
    • Improve change management
    • Carry out organizational mission
    • Identify new markets
    • Increase market share
    • Improve customer service
    • Launch new product/service

    Common event goals

    • Education/training
    • Knowledge transfer
    • Decision making
    • Professional development
    • Sales/lead generation
    • Fundraising
    • Entertainment
    • Morale boosting
    • Recognition of achievement

    Decision point: Identify your organization’s digital event vision

    What do you want the outcome of this event to be?

    Attendee goals: Who are your attendees? Why do they attend this event? What attendee needs does your event serve? What is your event’s value proposition? Are they intrinsically or extrinsically motivated to attend?

    Event goals: From the organizer perspective, why do you usually hold this event? Who are your stakeholders?

    Organizational goals: How do the event goals map to your organizational goals? Is there a clear understanding of what the event’s larger strategic purpose is.

    Common attendee goals

    Education: our attendees need to learn something new that they cannot learn on their own.
    Networking: our attendees need to meet people and make new professional connections.
    Professional development: our attendees have certain obligations to keep credentials updated or to present their work publicly to advance their careers.
    Entertainment: our attendees need to have fun.
    Commerce: our attendees need to buy and sell things.

    Decision point: Level of external event production

    Will you be completely self-managed, reliant on external event production services, or somewhere in the middle?

    You can review this after working through the other decision points and the scope becomes clearer.

    A diagram that shows Level of external event production, comparing Completely self-managed vs Fully externally-managed.

    Decision point: Assign event planning roles

    Who will be involved in planning the event? Fill/combine these roles as needed.

    Planning roles Description
    Project manager Shepherd event planning until completion while ensuring project remains on schedule and on budget.
    Event manager Correspond with presenters during leadup to event, communicate how to use online event tools/platform, perform tests with presenters/exhibitors, coordinate digital event staff/volunteers.
    Program planner Select the topics, speakers, activity types, content, streams.
    Designer and copywriter Design the event graphics; compose copy for event website.
    Digital event technologist Determine event technology requirements; determine how event technology fits together; prepare RFP, if necessary, for new hardware/software.
    Platform administrator Set up registration system/integrate registrations into platform(s) of choice; upload video files and collateral; add livestream links; add/delete staff roles and set controls and permissions; collect statistics and recordings after event.
    Commercial partner liaison Recruit sponsors and exhibitors (offer sponsorship packages); facilitate agreement/contract between commercial partners and organization; train commercial partners on how to use event technology; retrieve lead data.
    Marketing/social media Plan and execute promotional campaigns (email, social media) in the lead up to, and during, the event. Post-event, send follow-up communications, recording files, and surveys.

    Decision point: Assign event production roles

    Who will be involved in running the event?

    Event production roles Description
    Hosts/MCs Address attendees at beginning and end of event, and in-between sessions
    Provide continuity throughout event
    Introduce sessions
    Producers Prepare presenters for performance
    Begin and end sessions
    Use controls to share screens, switch between feeds
    Send backchannel messages to presenters (e.g., "Up next," "Look into webcam")
    Moderators Admit attendees from waiting room
    Moderate incoming questions from attendees
    Manage slides
    Pass questions to host/panelists to answer
    Moderate chat
    IT support Manage event technology stack
    Respond to attendee technical issues
    Troubleshoot network connectivity problems
    Ensure audio and video operational
    Start and stop session recording
    Save session recordings and files (chat, Q&As)

    Decision point: Map attendee goals to event goals to organizational goals

    Input: List of attendee benefits, List of event goals, List of organizational goals
    Output: Ranked list of event goals as they relate to attendee needs and organizational goals
    Materials: Whiteboard/flip charts
    Participants: Planning team

    1. Define attendee benefits:
      1. List the attendee benefits derived from your event (as many as possible).
      2. Rank attendee benefits from most to least important.
    2. Define event goals:
      1. List your event goals (as many as possible).
      2. Draw a connecting line to your ranked list of attendee benefits.
      3. Identify if any event goals exist with no clear relationship to attendee benefits. Discuss whether this event goal needs to be re-envisioned. If it connects to no discernible attendee benefits, consider removing it. Otherwise, figure out what attendee benefits the event goal provides.
    3. Define organizational goals:
      1. Acquire a list of your organization’s main strategic goals.
      2. Draw a connecting line from each event goal to the organizational goal it supports.
      3. If most of your event goals do not immediately seem to support an organizational goal, discuss why this is. Try to find the connection. If you cannot, discuss whether the event should proceed or be rethought.

    Decision point: Break down your event into its constituent components

    Identify your event archetype

    Decompose the event into its component parts

    Identify technical requirements that help meet event goals

    Benefits:

    • Clarify how formerly in-person events map to virtual archetypes.
    • Ensure your virtual event planning is anchored to organizational goals from the outset.
    • Streamline your virtual event tech stack planning later.

    Decision point: Determine your event archetype

    Analyze your event’s:

    • Main goals.
    • The components and activities that support those goals.
    • How these components and activities fall into people- vs. content-centric activities, and real-time vs. asynchronous activities.
    1. Conference
    2. Trade show
    3. Annual general meeting
    4. Department meeting
    5. Town hall
    6. Workshop

    A diagram that shows people- vs. content-centric activities, and real-time vs. asynchronous activities

    Info-Tech Insight

    Begin the digital event planning process by understanding how your event’s content is typically consumed. This will help you make decisions later about how best to deliver the content virtually.

    Conference

    Goals: Education/knowledge transfer; professional advancement; networking.

    Major content

    • Call for proposals/circulation of abstracts
    • Keynotes or plenary address: key talk addressed to large audience
    • Panel sessions: multiple panelists deliver address on common theme
    • Poster sessions: staffed/unstaffed booths demonstrate visualization of major research on a poster
    • Association meetings (see also AGM archetype): professional associations hold AGM as one part of a larger conference agenda

    Community

    • Formal networking (happy hours, social outings)
    • Informal networking (hallway track, peer introductions)
    • Business card exchange
    • Pre- and post-event correspondence

    Commercial Partners

    • Booth reps: Publishing or industry representatives exhibit products/discuss collaboration

    A quadrants matrix of conference

    Trade show

    Objectives: Information transfer; sales; lead generation.

    Major content

    • Live booth reps answer questions
    • Product information displayed
    • Promotional/information material distributed
    • Product demonstrations at booths or onstage
    • Product samples distributed to attendees

    Community interactions

    • Statements of intent to buy
    • Lead generation (badge scanning) of booth visitors
    • Business card exchange
    • Pre- and post-event correspondence

    A quadrants matrix of Trade show

    Annual general meeting

    Objectives: Transparently update members; establish governance and alignment.

    Meeting events

    • Updates provided to members on organization’s activities/finances
    • Decisions made regarding organization’s direction
    • Governance over organization established (elections)
    • Speakers addressing large audience from stage
    • In-camera sessions
    • Translation of proceedings
    • Real-time weighted voting
    • Minutes taken during meeting

    Administration

    • Notice given of meeting within mandated time period
    • Agenda circulated prior to meeting
    • Distribution of proxy material
    • Minutes distributed

    A quadrants matrix of Annual general meeting

    Department meeting

    Objectives: Information transfer of company agenda/initiatives; group decision making.

    Major content

    • Agenda circulated prior to meeting
    • Updates provided from senior management/leadership to employees on organization’s initiatives and direction
    • Employee questions and feedback addressed
    • Group decision making
    • Minutes taken during meeting
    • Minutes or follow-up circulated

    A quadrants matrix of department meeting

    Town hall meeting

    Objectives: Update public; answer questions; solicit feedback.

    Major content

    • Public notice of meeting announced
    • Agenda circulated prior to meeting
    • Speakers addressing large audience from stage
    • Presentation of information pertinent to public interest
    • Audience members line up to ask questions/provide feedback
    • Translation of proceedings
    • Recording of meeting archived

    A quadrants matrix of Town hall meeting

    Workshop

    Objectives: Make progress on objective; achieve consensus; knowledge transfer.

    Major content

    • Scheduling of workshop
    • Agenda circulated prior to meeting
    • Facilitator leads group activities
    • Participants develop alignment on project
    • Progress achieved on workshop project
    • Feedback on workshop shared with facilitator

    A quadrants matrix of Workshop

    Decision point: Analyze your event’s purpose and value

    Use the event archetypes to help you identify your event’s core components and value proposition.

    1. Attendee types: Who typically attends your event? Exclusively internal participants? External participants? A mix of the two?
    2. Communication: How do participants usually communicate with each other during this event? How do they communicate with the event organizers? Include both formal types of communication (listening to panel sessions) and informal (serendipitous conversations in the hallway).
    3. Connection: What types of connections do your attendees need to experience? (networking with peers; interactions with booth reps; consensus building with colleagues).
    4. Exchange of material: What kind of material is usually exchanged at this event and between whom? (Pamphlets, brochures, business cards, booth swag).
    5. Engagement: How do you usually retain attendees' attention and make sure they remain engaged throughout the event?
    6. Length: How long does the event typically last?
    7. Location and setup: Where does the event usually take place and who is involved in its setup?
    8. Success metrics: How do you usually measure your event's success?

    Info-Tech Insight

    Avoid trying to exactly reproduce the formerly in-person event online. Instead, identify the value proposition of each event component, then determine what its virtual expression could be.

    Example: Trade show

    Goals: Information transfer; sales; lead generation.

    1. Identify event component(s)
    2. Document its face-to-face expression(s)
    3. Identify the expression’s value proposition
    4. Translate the value proposition to a virtual component that facilitates overall event goal

    Event component

    Face-to-face expression

    Value proposition of component

    Virtual expression

    Attendee types Paying attendees Revenue for event organizer; sales and lead generation for booth rep Access to virtual event space
    Attendee types Booth rep Revenue for event organizer; information source for paying attendees Access to virtual event space
    Communication/connection Conversation between booth rep and attendee Lead generation for booth rep; information to inform decision making for attendee Ability to enter open video breakout session staffed by booth reps OR

    Ability to schedule meeting times with booth rep

    Multiple booth reps on hand to monitor different elements of the booth (one person to facilitate the discussion over video, another to monitor chat and Q&A)
    Communication/connection Serendipitous conversation between attendees Increased attendee contacts; fun Multiple attendees can attend the booth’s breakout session simultaneously and participate in web conferencing, meeting chat, or submit questions to Q&A
    Communication/connection Badges scanned at booth/email sign-up sheets filled out at table Lead generation for exhibitors List of visitors to booth shared with exhibitor (if consent given by attendees)

    Ability for attendees to request to be contacted for more information
    Exchange of material Catering (complimentary coffee, pastries) Obviate the need for attendees to leave the event for refreshments N/A: not included in virtual event
    Exchange of material Pamphlets, product literature, swag Portable information for attendee decision making Downloadable files (pdf)
    Location Responsibility of both the organizers (tables, chairs, venue) and booth reps (posters, handouts) Booth reps need a dedicated space where they can be easily found by attendees and advertise themselves Booth reps need access to virtual platform to upload files, images, provide booth description
    Engagement Attendees able to visit all booths by strolling through space Event organizers have a captive audience who is present in the immediacy of the event site Attendees motivated to stay in the event space and attend booths through gamification strategies (points awarded for number of booths visited or appointments booked)
    Length of event 2 full days Attendees travel to event site and spend the entire 2 days at the event, allowing them to be immersed in the event and absorb as much information in as little time as possible Exhibitors’ visiting hours will be scheduled so they work for both attendees attending in Eastern Standard Time and Pacific Time
    Metrics for success -Positive word of mouth
    -Number of registrations
    These metrics can be used to advertise to future exhibitors and attendees Number of virtual booths visited

    Number of file downloads

    Survey sent to attendees after event (favorite booths, preferred way to interact with exhibitors, suggestions for improvement, most valuable part of experience)

    Plan your metrics

    Use the analytics and reporting features available in your event technology toolset to capture the data you want to measure. Decide how each metric will impact your planning process for the next event.

    Examples of metrics:

    • Number of overall participants/registrants: Did you have more or fewer registrants/attendees than previous iterations of the event? What is the difference between number of registrants and number of real attendees?
    • Locations of participants: Where are people participating from? How many are attending for the first time? Are there new audiences you can pursue next time?
    • Most/least popular sessions: How long did people stay in the sessions and the event overall?
    • Most/least popular breakout rooms and discussion boards: Which topics should be repeated/skipped next time?
    • Social media mentions: Which topics received the most engagement on social media?
    • Surveys: What do participants report enjoying most? Least?
    • Technical failures: Can your software report on failures? Identify what technical problems arose and prepare a plan to mitigate them next time.

    Ensure the data you capture feeds into better planning for the next event

    Determine compliance requirements

    A greater event reach also means new data privacy considerations, depending on the location of your guests.

    General Data Protection Regulation (GDPR)

    Concerns over the collection of personal electronic data may not have previously been a part of your event planning considerations. However, now that your event is online, it’s wise to explore which data protection regulations apply to you. Remember, even if your organization is not located in the EU, if any of your attendees are European data subjects you may still be required to comply with GDPR, which involves the notification of data collected, allowing for opt-out options and the right to have data purged. The data must be collected for a specific purpose; if that purpose is expired, it can no longer be retained. You also have an obligation to report any breaches.

    Accessibility requirements

    What kind of accessibility laws are you subject to (AODA, WCAG2)? Regardless of compliance requirements, it is a good idea to ensure the online event follows accessibility best practices.

    Decision point: Set event policies

    What event policies need to be documented?
    How will you communicate them to attendees?

    Code of conduct

    One trend in the large event and conference space in recent years has been the development of codes of conduct that attendees are required to abide by to continue participating in the event.
    Now that your event is online, consider whether your code of conduct requires updating. Are there new types of appropriate/inappropriate online behavior that you need to define for your attendees?

    Harassment reporting

    If your organization has an event harassment reporting process, determine how this process will transfer over to the digital event.
    Ensure the reporting process has an owner and a clear methodology to follow to deal with complaints, as well as a digital reporting channel (a dedicated email or form) that is only accessed by approved staff to protect sensitive information.

    Develop a risk management plan

    Plan for how you will mitigate technical risks during your virtual event
    Provide presenters with a process to follow if technical problems arise.

    • Presenter’s internet connection cuts out
    • Attendees cannot log in to event platform
    • Attendees cannot hear/see video feed
    • What process will be followed when technical problems occur: ticketing system; chatbot; generic email accessible by all IT support assigned

    Testing/Rehearsal

    Test audio hardware: Ensure speakers use headphones/earbuds and mics (they do not have to be fancy/expensive). Relying on the computer/laptop mic can lead to more ambient noise and potential feedback problems.

    Check lighting: Avoid backlighting. Reposition speakers so they are not behind windows. Ask them to open/close shades. Add lamps as needed.

    Prevent interruptions: Before the event, ask panelists to turn phone and computer notifications to silent. Put a sign on the door saying Do not Disturb.

    Control audience view of screenshare: If your presenters will be sharing their screens, teach them how this works on the platform they are using. Advise them to exit out of any other application that is not part of their presentation, so they do not share the wrong screen unintentionally. Advise them to remove anything from the desktop that they do not want the audience to see, in case their desktop becomes visible at any point.

    Control audience view of physical environment: Before the event, advise participants to turn their cameras on and examine their backgrounds. Remove anything the audience should not be able to see.

    Test network connectivity: Send the presenters a link to a speed test and check their internet speed.

    Emergency contact: Exchange cell phone numbers for emergency backchannel conversations if problems arise on the day of the event.

    Set expectations: Presenting to an online audience feels very different to a live crowd. Prepare presenters for a lack of applause and lack of ability to see their audience, and that this does not mean the presentation was unsuccessful.

    Identify requirements

    To determine what kind of technical requirements you need to build the virtual expression of your event, consult the Virtual Event Platform Requirements Tool.

    1. If you have determined that the requirements you wish to use for the event exceed the capabilities of your existing communication and collaboration toolset, identify whether these gaps tip the scale toward purchasing a new tool. Use the requirement gaps to make the business case for purchasing a new tool.
    2. Use the Virtual Event Platform Requirements Tool to create a list of requirements.
    3. Consult the Software Reviews category for Virtual Event Platform Data Quadrant and Emotional Footprint reports.
    4. Assemble your documentation for approvals and the Rapid Application Selection Process.

    A photo of Detailed Feature Analysis Worksheet.

    Download the Virtual/Hybrid Event Software Feature Analysis Tool

    Rapid Application Selection Framework and Contract Review

    A photo of Rapid Application Selection Framework
    Launch Info-Tech’s Rapid Application Selection Framework.

    Using the requirements you’ve just gathered as a base, use Info-Tech’s complete framework to improve the efficiency and effectiveness of software selection.

    Once you’ve selected a vendor(s), review the contract. Does it define an exit strategy? Does it define when your data will be deleted? Does it set service-level agreements that you find acceptable? Leverage Info-Tech’s contract review service once you have selected the virtual event solution and have received a contract from the vendor.

    Further research

    Photo of Run Better Meetings
    Run Better Meetings

    Bibliography

    Dutt, Raj. “7 Lessons from This Company’s First-Ever Virtual Conference.” Fast Company, 29 Jul 2020. Web.

    Kelly, Samantha Murphy. “Microsoft Build Proves Splashy Tech Events Can Thrive Online.” CNN, 21 May 2020. Web.

    “Phases.” Event Management Body of Knowledge (EMBOK), n.d. Web.

    Price, Michael. “As COVID-19 Forces Conferences Online, Scientists Discover Upsides of Virtual Format.” Science, 28 Apr 2020. Web.

    “Stanford HAI Spring Conference - Key Advances in Artificial Intelligence.” Stanford Digital Economy Lab, 2022. Web.

    “Virtual Event Tech Guide 2022.” Skift Meetings, April 2022. Web.

    Warren, Tom. “Microsoft Build 2022 Will Take Place May 24th–26th.” The Verge, 30 March 2022. Web.

    Contributors

    6 anonymous contributors

    Ransomware Cyber Attack. The real Disaster Recovery Scenario

    Cyber-ransomware criminals need to make sure that you cannot simply recover your encrypted data via your backups. They must make it look like paying is your only option. And if you do not have a strategy that takes this into account, unfortunately, you may be up the creek without a paddle. because how do they make their case? Bylooking for ways to infect your backups, way before you find out you have been compromised. 

    That means your standard disaster recovery scenarios provide insufficient protection against this type of event. You need to think beyond DRP and give consideration to what John Beattie and Michael Shandrowski call "Cyber Incident Recovery Risk management" (CIR-RM).  

    incident, incident management, cybersecurity, cyber, disaster recovery, drp, business continuity, bcm, recovery

    Register to read more …